< prev index next >

src/java.xml/share/classes/com/sun/org/apache/xerces/internal/utils/XMLSecurityManager.java

Print this page




  10  *
  11  * This code is distributed in the hope that it will be useful, but WITHOUT
  12  * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
  13  * FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
  14  * version 2 for more details (a copy is included in the LICENSE file that
  15  * accompanied this code).
  16  *
  17  * You should have received a copy of the GNU General Public License version
  18  * 2 along with this work; if not, write to the Free Software Foundation,
  19  * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
  20  *
  21  * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
  22  * or visit www.oracle.com if you need additional information or have any
  23  * questions.
  24  */
  25 
  26 package com.sun.org.apache.xerces.internal.utils;
  27 
  28 import com.sun.org.apache.xerces.internal.impl.Constants;
  29 import com.sun.org.apache.xerces.internal.util.SecurityManager;


  30 
  31 /**
  32  * This class manages standard and implementation-specific limitations.
  33  *
  34  */
  35 public final class XMLSecurityManager {
  36 
  37     /**
  38      * States of the settings of a property, in the order: default value, value
  39      * set by FEATURE_SECURE_PROCESSING, jaxp.properties file, jaxp system
  40      * properties, and jaxp api properties
  41      */
  42     public static enum State {
  43         //this order reflects the overriding order
  44 
  45         DEFAULT("default"), FSP("FEATURE_SECURE_PROCESSING"),
  46         JAXPDOTPROPERTIES("jaxp.properties"), SYSTEMPROPERTY("system property"),
  47         APIPROPERTY("property");
  48 
  49         final String literal;


 477         return printEntityCountInfo.equals(Constants.JDK_YES);
 478     }
 479 
 480     /**
 481      * Read from system properties, or those in jaxp.properties
 482      */
 483     private void readSystemProperties() {
 484 
 485         for (Limit limit : Limit.values()) {
 486             if (!getSystemProperty(limit, limit.systemProperty())) {
 487                 //if system property is not found, try the older form if any
 488                 for (NameMap nameMap : NameMap.values()) {
 489                     String oldName = nameMap.getOldName(limit.systemProperty());
 490                     if (oldName != null) {
 491                         getSystemProperty(limit, oldName);
 492                     }
 493                 }
 494             }
 495         }
 496 

















 497     }
 498 
 499     /**
 500      * Read from system properties, or those in jaxp.properties
 501      *
 502      * @param property the type of the property
 503      * @param sysPropertyName the name of system property
 504      */
 505     private boolean getSystemProperty(Limit limit, String sysPropertyName) {
 506         try {
 507             String value = SecuritySupport.getSystemProperty(sysPropertyName);
 508             if (value != null && !value.equals("")) {
 509                 values[limit.ordinal()] = Integer.parseInt(value);
 510                 states[limit.ordinal()] = State.SYSTEMPROPERTY;
 511                 return true;
 512             }
 513 
 514             value = SecuritySupport.readJAXPProperty(sysPropertyName);
 515             if (value != null && !value.equals("")) {
 516                 values[limit.ordinal()] = Integer.parseInt(value);




  10  *
  11  * This code is distributed in the hope that it will be useful, but WITHOUT
  12  * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
  13  * FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
  14  * version 2 for more details (a copy is included in the LICENSE file that
  15  * accompanied this code).
  16  *
  17  * You should have received a copy of the GNU General Public License version
  18  * 2 along with this work; if not, write to the Free Software Foundation,
  19  * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
  20  *
  21  * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
  22  * or visit www.oracle.com if you need additional information or have any
  23  * questions.
  24  */
  25 
  26 package com.sun.org.apache.xerces.internal.utils;
  27 
  28 import com.sun.org.apache.xerces.internal.impl.Constants;
  29 import com.sun.org.apache.xerces.internal.util.SecurityManager;
  30 import java.util.concurrent.CopyOnWriteArrayList;
  31 import org.xml.sax.SAXException;
  32 
  33 /**
  34  * This class manages standard and implementation-specific limitations.
  35  *
  36  */
  37 public final class XMLSecurityManager {
  38 
  39     /**
  40      * States of the settings of a property, in the order: default value, value
  41      * set by FEATURE_SECURE_PROCESSING, jaxp.properties file, jaxp system
  42      * properties, and jaxp api properties
  43      */
  44     public static enum State {
  45         //this order reflects the overriding order
  46 
  47         DEFAULT("default"), FSP("FEATURE_SECURE_PROCESSING"),
  48         JAXPDOTPROPERTIES("jaxp.properties"), SYSTEMPROPERTY("system property"),
  49         APIPROPERTY("property");
  50 
  51         final String literal;


 479         return printEntityCountInfo.equals(Constants.JDK_YES);
 480     }
 481 
 482     /**
 483      * Read from system properties, or those in jaxp.properties
 484      */
 485     private void readSystemProperties() {
 486 
 487         for (Limit limit : Limit.values()) {
 488             if (!getSystemProperty(limit, limit.systemProperty())) {
 489                 //if system property is not found, try the older form if any
 490                 for (NameMap nameMap : NameMap.values()) {
 491                     String oldName = nameMap.getOldName(limit.systemProperty());
 492                     if (oldName != null) {
 493                         getSystemProperty(limit, oldName);
 494                     }
 495                 }
 496             }
 497         }
 498 
 499     }
 500 
 501     // Array list to store printed warnings for each SAX parser used
 502     private static final CopyOnWriteArrayList<String> printedWarnings = new CopyOnWriteArrayList<>();
 503 
 504     /**
 505      * Prints out warnings if a parser does not support the specified feature/property.
 506      *
 507      * @param parserClassName the name of the parser class
 508      * @param propertyName the property name
 509      * @param exception the exception thrown by the parser
 510      */
 511     public static void printWarning(String parserClassName, String propertyName, SAXException exception) {
 512         String key = parserClassName+":"+propertyName;
 513         if (printedWarnings.addIfAbsent(key)) {
 514             System.err.println( "Warning: "+parserClassName+": "+exception.getMessage());
 515         }
 516     }
 517 
 518     /**
 519      * Read from system properties, or those in jaxp.properties
 520      *
 521      * @param property the type of the property
 522      * @param sysPropertyName the name of system property
 523      */
 524     private boolean getSystemProperty(Limit limit, String sysPropertyName) {
 525         try {
 526             String value = SecuritySupport.getSystemProperty(sysPropertyName);
 527             if (value != null && !value.equals("")) {
 528                 values[limit.ordinal()] = Integer.parseInt(value);
 529                 states[limit.ordinal()] = State.SYSTEMPROPERTY;
 530                 return true;
 531             }
 532 
 533             value = SecuritySupport.readJAXPProperty(sysPropertyName);
 534             if (value != null && !value.equals("")) {
 535                 values[limit.ordinal()] = Integer.parseInt(value);


< prev index next >