[logging-log4j2] branch log4j-2.12 updated: Disable JNDI by default

rgoers Mon, 13 Dec 2021 21:00:26 -0800

This is an automated email from the ASF dual-hosted git repository.

rgoers pushed a commit to branch log4j-2.12
in repository https://gitbox.apache.org/repos/asf/logging-log4j2.git



The following commit(s) were added to refs/heads/log4j-2.12 by this push:
     new f819c83  Disable JNDI by default
f819c83 is described below

commit f819c83804152cb6ed94cb408302e36b21b65053
Author: Ralph Goers <[email protected]>
AuthorDate: Mon Dec 13 22:00:02 2021 -0700

    Disable JNDI by default
---
 .../log4j/core/appender/mom/JmsManager.java        | 13 +++++---
 .../apache/logging/log4j/core/net/JndiManager.java | 36 ++++++++++++++++++----
 .../log4j/core/selector/JndiContextSelector.java   |  6 ++++
 .../log4j/core/appender/mom/JmsAppenderTest.java   |  6 ++++
 4 files changed, 51 insertions(+), 10 deletions(-)

diff --git 
a/log4j-core/src/main/java/org/apache/logging/log4j/core/appender/mom/JmsManager.java
 
b/log4j-core/src/main/java/org/apache/logging/log4j/core/appender/mom/JmsManager.java
index ad57358..c9f105b 100644
--- 
a/log4j-core/src/main/java/org/apache/logging/log4j/core/appender/mom/JmsManager.java
+++ 
b/log4j-core/src/main/java/org/apache/logging/log4j/core/appender/mom/JmsManager.java
@@ -125,10 +125,15 @@ public class JmsManager extends AbstractManager {
 
         @Override
         public JmsManager createManager(final String name, final 
JmsManagerConfiguration data) {
-            try {
-                return new JmsManager(name, data);
-            } catch (final Exception e) {
-                logger().error("Error creating JmsManager using 
JmsManagerConfiguration [{}]", data, e);
+            if (JndiManager.isJndiEnabled()) {
+                try {
+                    return new JmsManager(name, data);
+                } catch (final Exception e) {
+                    logger().error("Error creating JmsManager using 
JmsManagerConfiguration [{}]", data, e);
+                    return null;
+                }
+            } else {
+                logger().error("Jndi has not been enabled. The 
log4j2.enableJndi property must be set to true");
                 return null;
             }
         }
diff --git 
a/log4j-core/src/main/java/org/apache/logging/log4j/core/net/JndiManager.java 
b/log4j-core/src/main/java/org/apache/logging/log4j/core/net/JndiManager.java
index 2670857..06e2793 100644
--- 
a/log4j-core/src/main/java/org/apache/logging/log4j/core/net/JndiManager.java
+++ 
b/log4j-core/src/main/java/org/apache/logging/log4j/core/net/JndiManager.java
@@ -17,6 +17,8 @@
 
 package org.apache.logging.log4j.core.net;
 
+import java.net.URI;
+import java.net.URISyntaxException;
 import java.util.Properties;
 import java.util.concurrent.TimeUnit;
 
@@ -27,6 +29,7 @@ import javax.naming.NamingException;
 import org.apache.logging.log4j.core.appender.AbstractManager;
 import org.apache.logging.log4j.core.appender.ManagerFactory;
 import org.apache.logging.log4j.core.util.JndiCloser;
+import org.apache.logging.log4j.util.PropertiesUtil;
 
 /**
  * Manages a JNDI {@link javax.naming.Context}.
@@ -39,6 +42,10 @@ public class JndiManager extends AbstractManager {
 
     private final Context context;
 
+    public static boolean isJndiEnabled() {
+        return 
PropertiesUtil.getProperties().getBooleanProperty("log4j2.enableJndi", false);
+    }
+
     private JndiManager(final String name, final Context context) {
         super(null, name);
         this.context = context;
@@ -169,20 +176,37 @@ public class JndiManager extends AbstractManager {
      */
     @SuppressWarnings("unchecked")
     public <T> T lookup(final String name) throws NamingException {
-        return (T) this.context.lookup(name);
+        if (context == null) {
+            return null;
+        }
+        try {
+            URI uri = new URI(name);
+            if (uri.getScheme() == null || uri.getScheme().equals("java")) {
+                return (T) this.context.lookup(name);
+            }
+            LOGGER.warn("Unsupported JNDI URI - {}", name);
+        } catch (URISyntaxException ex) {
+            LOGGER.warn("Invalid  JNDI URI - {}", name);
+        }
+        return null;
     }
 
     private static class JndiManagerFactory implements 
ManagerFactory<JndiManager, Properties> {
 
         @Override
         public JndiManager createManager(final String name, final Properties 
data) {
-            try {
-                return new JndiManager(name, new InitialContext(data));
-            } catch (final NamingException e) {
-                LOGGER.error("Error creating JNDI InitialContext.", e);
-                return null;
+            if (isJndiEnabled()) {
+                try {
+                    return new JndiManager(name, new InitialContext(data));
+                } catch (final NamingException e) {
+                    LOGGER.error("Error creating JNDI InitialContext.", e);
+                    return null;
+                }
+            } else {
+                return new JndiManager(name, null);
             }
         }
+
     }
 
     @Override
diff --git 
a/log4j-core/src/main/java/org/apache/logging/log4j/core/selector/JndiContextSelector.java
 
b/log4j-core/src/main/java/org/apache/logging/log4j/core/selector/JndiContextSelector.java
index b054e9a..81ec3f3 100644
--- 
a/log4j-core/src/main/java/org/apache/logging/log4j/core/selector/JndiContextSelector.java
+++ 
b/log4j-core/src/main/java/org/apache/logging/log4j/core/selector/JndiContextSelector.java
@@ -92,6 +92,12 @@ public class JndiContextSelector implements 
NamedContextSelector {
 
     private static final StatusLogger LOGGER = StatusLogger.getLogger();
 
+    public JndiContextSelector() {
+        if (!JndiManager.isJndiEnabled()) {
+            throw new IllegalStateException("JNDI must be enabled by setting 
log4j2.enableJndi=true");
+        }
+    }
+
     @Override
     public LoggerContext getContext(final String fqcn, final ClassLoader 
loader, final boolean currentContext) {
         return getContext(fqcn, loader, currentContext, null);
diff --git 
a/log4j-core/src/test/java/org/apache/logging/log4j/core/appender/mom/JmsAppenderTest.java
 
b/log4j-core/src/test/java/org/apache/logging/log4j/core/appender/mom/JmsAppenderTest.java
index 9216ef8..daf2d0e 100644
--- 
a/log4j-core/src/test/java/org/apache/logging/log4j/core/appender/mom/JmsAppenderTest.java
+++ 
b/log4j-core/src/test/java/org/apache/logging/log4j/core/appender/mom/JmsAppenderTest.java
@@ -49,6 +49,7 @@ import org.apache.logging.log4j.message.Message;
 import org.apache.logging.log4j.message.SimpleMessage;
 import org.apache.logging.log4j.message.StringMapMessage;
 import org.junit.Before;
+import org.junit.BeforeClass;
 import org.junit.Rule;
 import org.junit.Test;
 import org.junit.experimental.categories.Category;
@@ -83,6 +84,11 @@ public class JmsAppenderTest {
     @Rule
     public RuleChain rules = RuleChain.outerRule(jndiRule).around(ctx);
 
+    @BeforeClass
+    public static void beforeClass() throws Exception {
+        System.setProperty("log4j2.enableJndi", "true");
+    }
+
     public JmsAppenderTest() throws Exception {
         // this needs to set up before LoggerContextRule
         given(connectionFactory.createConnection()).willReturn(connection);

[logging-log4j2] branch log4j-2.12 updated: Disable JNDI by default

Reply via email to