This is an automated email from the ASF dual-hosted git repository.
rmannibucau pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/openwebbeans.git
The following commit(s) were added to refs/heads/master by this push:
new 2f54115 [OWB-1377][OWB-1375] enable to configure reserved packages
for proxies + handle org.apache.webbeans.custom.signed. as
org.apache.webbeans.custom.
2f54115 is described below
commit 2f54115c404e40aefd390168f511511649423cc1
Author: Romain Manni-Bucau <[email protected]>
AuthorDate: Mon Mar 15 17:25:17 2021 +0100
[OWB-1377][OWB-1375] enable to configure reserved packages for proxies +
handle org.apache.webbeans.custom.signed. as org.apache.webbeans.custom.
---
.../webbeans/config/OpenWebBeansConfiguration.java | 42 ++++++++++++++++++++++
.../signed/CustomSignedProxyPackageMarker.java | 23 ++++++++++++
.../webbeans/proxy/AbstractProxyFactory.java | 10 ++++--
.../java/org/apache/webbeans/proxy/Unsafe.java | 7 ++--
.../META-INF/openwebbeans/openwebbeans.properties | 6 ++++
5 files changed, 83 insertions(+), 5 deletions(-)
diff --git
a/webbeans-impl/src/main/java/org/apache/webbeans/config/OpenWebBeansConfiguration.java
b/webbeans-impl/src/main/java/org/apache/webbeans/config/OpenWebBeansConfiguration.java
index 3810268..1a5a6d5 100644
---
a/webbeans-impl/src/main/java/org/apache/webbeans/config/OpenWebBeansConfiguration.java
+++
b/webbeans-impl/src/main/java/org/apache/webbeans/config/OpenWebBeansConfiguration.java
@@ -31,10 +31,14 @@ import java.util.Map;
import java.util.Properties;
import java.util.Set;
import java.util.logging.Level;
+import java.util.stream.Stream;
import org.apache.webbeans.exception.WebBeansConfigurationException;
import org.apache.webbeans.logger.WebBeansLoggerFacade;
+import static java.util.Arrays.asList;
+import static java.util.stream.Collectors.toList;
+
/**
* Defines configuration for OpenWebBeans.
*
@@ -244,6 +248,15 @@ public class OpenWebBeansConfiguration
*/
private Map<String, Set<String>> configuredLists = new HashMap<>();
+ /**
+ * List of packages which can't be used to generate a proxy.
+ *
+ * Important: changing this default has runtime impacts on proxies name.
+ * It is recommended to not tune it until really needed.
+ * Also ensure it is consistent between generation and runtime
if you use stable proxy names.
+ */
+ private volatile List<String> proxyReservedPackages;
+
/**
* you can configure this externally as well.
@@ -556,4 +569,33 @@ public class OpenWebBeansConfiguration
return Boolean.parseBoolean(getProperty(
"org.apache.webbeans.spi.deployer.skipNoClassDefFoundTriggers"));
}
+
+ public List<String> getProxyReservedPackages()
+ {
+ if (proxyReservedPackages == null)
+ {
+ synchronized (this)
+ {
+ if (proxyReservedPackages == null)
+ {
+ final String conf =
getProperty("org.apache.webbeans.generator.proxyReservedPackages");
+ if (conf == null)
+ {
+ proxyReservedPackages = asList("java.", "javax.",
"sun.misc.");
+ }
+ else
+ {
+ proxyReservedPackages = Stream.concat(
+ Stream.of("java.", "javax.", "sun.misc."),
+ Stream.of(conf.split(","))
+ .map(String::trim)
+ .filter(it -> !it.isEmpty()))
+ .distinct()
+ .collect(toList());
+ }
+ }
+ }
+ }
+ return proxyReservedPackages;
+ }
}
diff --git
a/webbeans-impl/src/main/java/org/apache/webbeans/custom/signed/CustomSignedProxyPackageMarker.java
b/webbeans-impl/src/main/java/org/apache/webbeans/custom/signed/CustomSignedProxyPackageMarker.java
new file mode 100644
index 0000000..70ce1eb
--- /dev/null
+++
b/webbeans-impl/src/main/java/org/apache/webbeans/custom/signed/CustomSignedProxyPackageMarker.java
@@ -0,0 +1,23 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+package org.apache.webbeans.custom.signed;
+
+public interface CustomSignedProxyPackageMarker
+{
+}
diff --git
a/webbeans-impl/src/main/java/org/apache/webbeans/proxy/AbstractProxyFactory.java
b/webbeans-impl/src/main/java/org/apache/webbeans/proxy/AbstractProxyFactory.java
index 47c67aa..9cc9d52 100644
---
a/webbeans-impl/src/main/java/org/apache/webbeans/proxy/AbstractProxyFactory.java
+++
b/webbeans-impl/src/main/java/org/apache/webbeans/proxy/AbstractProxyFactory.java
@@ -266,12 +266,14 @@ public abstract class AbstractProxyFactory
{
// avoid java.lang.SecurityException: class's signer information
// does not match signer information of other classes in the same
package
- return "org.apache.webbeans.custom.signed." + classToProxy.getName();
+ return "org.apache.webbeans.custom.signed." +
+ classToProxy.getSimpleName() +
+ Math.abs(classToProxy.hashCode()); // to include somehow the
package too even if unlikely
}
protected String fixPreservedPackages(final String proxyClassName)
{
- return Stream.of("java.", "javax.", "jakarta.", "sun.misc.")
+ return
webBeansContext.getOpenWebBeansConfiguration().getProxyReservedPackages().stream()
.filter(proxyClassName::startsWith)
.findFirst() // can only be one, you can't start with 2 of them
.map(it -> fixPreservedPackage(proxyClassName, it))
@@ -289,7 +291,9 @@ public abstract class AbstractProxyFactory
if (className.startsWith(forbiddenPackagePrefix))
{
- fixedClassName = "org.apache.webbeans.custom." +
className.substring(className.lastIndexOf('.') + 1);
+ fixedClassName = "org.apache.webbeans.custom." +
+ className.substring(className.lastIndexOf('.') + 1) +
+ Math.abs(className.hashCode()); // to include somehow the
package too even if unlikely
}
return fixedClassName;
diff --git a/webbeans-impl/src/main/java/org/apache/webbeans/proxy/Unsafe.java
b/webbeans-impl/src/main/java/org/apache/webbeans/proxy/Unsafe.java
index f0b49c3..850b523 100644
--- a/webbeans-impl/src/main/java/org/apache/webbeans/proxy/Unsafe.java
+++ b/webbeans-impl/src/main/java/org/apache/webbeans/proxy/Unsafe.java
@@ -31,6 +31,7 @@ import java.util.stream.IntStream;
import java.util.stream.Stream;
import org.apache.webbeans.custom.CustomProxyPackageMarker;
+import org.apache.webbeans.custom.signed.CustomSignedProxyPackageMarker;
import org.apache.webbeans.exception.ProxyGenerationException;
import org.apache.webbeans.logger.WebBeansLoggerFacade;
@@ -222,8 +223,10 @@ public class Unsafe
final MethodHandles.Lookup lookupInstance =
MethodHandles.Lookup.class.cast(
privateLookup.invoke(
null,
-
proxyName.startsWith("org.apache.webbeans.custom.") ?
- CustomProxyPackageMarker.class : parent,
+
proxyName.startsWith("org.apache.webbeans.custom.signed.") ?
+ CustomSignedProxyPackageMarker.class :
+
proxyName.startsWith("org.apache.webbeans.custom.") ?
+ CustomProxyPackageMarker.class :
parent,
lookup));
return (Class<T>) defineClass.invoke(lookupInstance,
proxyBytes);
}
diff --git
a/webbeans-impl/src/main/resources/META-INF/openwebbeans/openwebbeans.properties
b/webbeans-impl/src/main/resources/META-INF/openwebbeans/openwebbeans.properties
index be7125f..bb4aa65 100644
---
a/webbeans-impl/src/main/resources/META-INF/openwebbeans/openwebbeans.properties
+++
b/webbeans-impl/src/main/resources/META-INF/openwebbeans/openwebbeans.properties
@@ -86,6 +86,12 @@
org.apache.webbeans.spi.LoaderService=org.apache.webbeans.service.DefaultLoaderS
#################################### SEVERAL CONFIGURATION PARAMETERS
##########################
################################################################################################
+#################################### Proxy forbidden packages
##################################
+# which packages are forbidden for proxies, note that the defaults are always
enforced
+# so you don't need to add them when you append custom packages
+# org.apache.webbeans.generator.proxyReservedPackages = java,javax,sun.misc
+################################################################################################
+
#################################### Use Embedded OpenEJB Discovery
############################
#If it is true, it checks every bean class whether or not represent EJB Bean
org.apache.webbeans.spi.deployer.useEjbMetaDataDiscoveryService=false
