Remove support for Security Manager
diff --git a/jaxrs-api/src/main/java/jakarta/ws/rs/client/ClientBuilder.java b/jaxrs-api/src/main/java/jakarta/ws/rs/client/ClientBuilder.java index a1c466f..d1d3a0b 100644 --- a/jaxrs-api/src/main/java/jakarta/ws/rs/client/ClientBuilder.java +++ b/jaxrs-api/src/main/java/jakarta/ws/rs/client/ClientBuilder.java
@@ -1,5 +1,5 @@ /* - * Copyright (c) 2011, 2019 Oracle and/or its affiliates. All rights reserved. + * Copyright (c) 2011 Oracle and/or its affiliates. All rights reserved. * * This program and the accompanying materials are made available under the * terms of the Eclipse Public License v. 2.0, which is available at @@ -19,9 +19,7 @@ import javax.net.ssl.HostnameVerifier; import javax.net.ssl.SSLContext; import java.net.URL; -import java.security.AccessController; import java.security.KeyStore; -import java.security.PrivilegedAction; import java.util.concurrent.ExecutorService; import java.util.concurrent.ScheduledExecutorService; import java.util.concurrent.TimeUnit; @@ -61,14 +59,17 @@ try { Object delegate = FactoryFinder.find(JAXRS_DEFAULT_CLIENT_BUILDER_PROPERTY, ClientBuilder.class); if (!(delegate instanceof ClientBuilder)) { - final CreateErrorMessageAction action = new CreateErrorMessageAction(delegate); - final String errorMessage; - if (System.getSecurityManager() == null) { - errorMessage = action.run(); - } else { - errorMessage = AccessController.doPrivileged(action); + Class<?> pClass = ClientBuilder.class; + String classnameAsResource = pClass.getName().replace('.', '/') + ".class"; + ClassLoader loader = pClass.getClassLoader(); + if (loader == null) { + loader = ClassLoader.getSystemClassLoader(); } - throw new LinkageError(errorMessage); + URL targetTypeURL = loader.getResource(classnameAsResource); + final String errorMessage = "ClassCastException: attempting to cast" + + delegate.getClass().getClassLoader().getResource(classnameAsResource) + + " to " + targetTypeURL; + throw new LinkageError(errorMessage); } return (ClientBuilder) delegate; } catch (Exception ex) { @@ -271,26 +272,4 @@ * @return a new client instance. */ public abstract Client build(); - - private static final class CreateErrorMessageAction implements PrivilegedAction<String> { - private final Object delegate; - - private CreateErrorMessageAction(final Object delegate) { - this.delegate = delegate; - } - - @Override - public String run() { - Class<?> pClass = ClientBuilder.class; - String classnameAsResource = pClass.getName().replace('.', '/') + ".class"; - ClassLoader loader = pClass.getClassLoader(); - if (loader == null) { - loader = ClassLoader.getSystemClassLoader(); - } - URL targetTypeURL = loader.getResource(classnameAsResource); - return "ClassCastException: attempting to cast" - + delegate.getClass().getClassLoader().getResource(classnameAsResource) - + " to " + targetTypeURL; - } - } }
diff --git a/jaxrs-api/src/main/java/jakarta/ws/rs/client/FactoryFinder.java b/jaxrs-api/src/main/java/jakarta/ws/rs/client/FactoryFinder.java index d6545ff..fe9c1c0 100644 --- a/jaxrs-api/src/main/java/jakarta/ws/rs/client/FactoryFinder.java +++ b/jaxrs-api/src/main/java/jakarta/ws/rs/client/FactoryFinder.java
@@ -20,8 +20,6 @@ import java.io.InputStream; import java.nio.file.Files; import java.nio.file.Path; -import java.security.AccessController; -import java.security.PrivilegedAction; import java.util.Properties; import java.util.ServiceLoader; import java.util.logging.Level; @@ -44,23 +42,7 @@ } static ClassLoader getContextClassLoader() { - // For performance reasons, check if a security manager is installed. If not there is no need to use a - // privileged action. - if (System.getSecurityManager() == null) { - return Thread.currentThread().getContextClassLoader(); - } - return AccessController.doPrivileged((PrivilegedAction<ClassLoader>) () -> { - ClassLoader cl = null; - try { - cl = Thread.currentThread().getContextClassLoader(); - } catch (SecurityException ex) { - LOGGER.log( - Level.WARNING, - "Unable to get context classloader instance.", - ex); - } - return cl; - }); + return Thread.currentThread().getContextClassLoader(); } /** @@ -165,24 +147,18 @@ } private static ClassLoader getClassLoader() { - if (System.getSecurityManager() == null) { - return FactoryFinder.class.getClassLoader(); - } - return AccessController.doPrivileged((PrivilegedAction<ClassLoader>) FactoryFinder.class::getClassLoader); + return FactoryFinder.class.getClassLoader(); } private static <T> T findFirstService(final String factoryId, final ClassLoader cl, final Class<T> service) { - final PrivilegedAction<T> action = () -> { - try { - return ServiceLoader.load(service, cl).findFirst().orElse(null); - } catch (Exception e) { - LOGGER.log(Level.FINER, "Failed to load service " + factoryId + ".", e); + try { + final ServiceLoader<T> loader = ServiceLoader.load(service, cl); + if (loader.iterator().hasNext()) { + return loader.iterator().next(); } - return null; - }; - if (System.getSecurityManager() == null) { - return action.run(); + } catch (Exception e) { + LOGGER.log(Level.FINER, "Failed to load service " + factoryId + ".", e); } - return AccessController.doPrivileged(action); + return null; } }
diff --git a/jaxrs-api/src/main/java/jakarta/ws/rs/ext/FactoryFinder.java b/jaxrs-api/src/main/java/jakarta/ws/rs/ext/FactoryFinder.java index b3081bd..6884229 100644 --- a/jaxrs-api/src/main/java/jakarta/ws/rs/ext/FactoryFinder.java +++ b/jaxrs-api/src/main/java/jakarta/ws/rs/ext/FactoryFinder.java
@@ -20,8 +20,6 @@ import java.io.InputStream; import java.nio.file.Files; import java.nio.file.Path; -import java.security.AccessController; -import java.security.PrivilegedAction; import java.util.Properties; import java.util.ServiceLoader; import java.util.logging.Level; @@ -44,23 +42,7 @@ } private static ClassLoader getContextClassLoader() { - // For performance reasons, check if a security manager is installed. If not there is no need to use a - // privileged action. - if (System.getSecurityManager() == null) { - return Thread.currentThread().getContextClassLoader(); - } - return AccessController.doPrivileged((PrivilegedAction<ClassLoader>) () -> { - ClassLoader cl = null; - try { - cl = Thread.currentThread().getContextClassLoader(); - } catch (SecurityException ex) { - LOGGER.log( - Level.WARNING, - "Unable to get context classloader instance.", - ex); - } - return cl; - }); + return Thread.currentThread().getContextClassLoader(); } /** @@ -165,24 +147,18 @@ } private static ClassLoader getClassLoader() { - if (System.getSecurityManager() == null) { - return FactoryFinder.class.getClassLoader(); - } - return AccessController.doPrivileged((PrivilegedAction<ClassLoader>) FactoryFinder.class::getClassLoader); + return FactoryFinder.class.getClassLoader(); } private static <T> T findFirstService(final String factoryId, final ClassLoader cl, final Class<T> service) { - final PrivilegedAction<T> action = () -> { - try { - return ServiceLoader.load(service, cl).findFirst().orElse(null); - } catch (Exception e) { - LOGGER.log(Level.FINER, "Failed to load service " + factoryId + ".", e); + try { + final ServiceLoader<T> loader = ServiceLoader.load(service, cl); + if (loader.iterator().hasNext()) { + return loader.iterator().next(); } - return null; - }; - if (System.getSecurityManager() == null) { - return action.run(); + } catch (Exception e) { + LOGGER.log(Level.FINER, "Failed to load service " + factoryId + ".", e); } - return AccessController.doPrivileged(action); + return null; } }
diff --git a/jaxrs-api/src/main/java/jakarta/ws/rs/ext/RuntimeDelegate.java b/jaxrs-api/src/main/java/jakarta/ws/rs/ext/RuntimeDelegate.java index 3dc71b8..5444851 100644 --- a/jaxrs-api/src/main/java/jakarta/ws/rs/ext/RuntimeDelegate.java +++ b/jaxrs-api/src/main/java/jakarta/ws/rs/ext/RuntimeDelegate.java
@@ -16,7 +16,6 @@ package jakarta.ws.rs.ext; -import java.lang.reflect.ReflectPermission; import java.net.URL; import java.util.concurrent.CompletionStage; import java.util.concurrent.locks.Lock; @@ -48,7 +47,6 @@ */ public static final String JAXRS_RUNTIME_DELEGATE_PROPERTY = "jakarta.ws.rs.ext.RuntimeDelegate"; private static final Lock RD_LOCK = new ReentrantLock(); - private static ReflectPermission suppressAccessChecksPermission = new ReflectPermission("suppressAccessChecks"); private static volatile RuntimeDelegate cachedDelegate; /** @@ -129,14 +127,8 @@ * {@link #getInstance} then an implementation will be sought as described in {@link #getInstance}. * * @param rd the runtime delegate instance - * @throws SecurityException if there is a security manager and the permission ReflectPermission("suppressAccessChecks") - * has not been granted. */ public static void setInstance(final RuntimeDelegate rd) { - SecurityManager security = System.getSecurityManager(); - if (security != null) { - security.checkPermission(suppressAccessChecksPermission); - } RD_LOCK.lock(); try { RuntimeDelegate.cachedDelegate = rd;
diff --git a/jaxrs-api/src/main/java/jakarta/ws/rs/sse/FactoryFinder.java b/jaxrs-api/src/main/java/jakarta/ws/rs/sse/FactoryFinder.java index 8622d63..e8b2075 100644 --- a/jaxrs-api/src/main/java/jakarta/ws/rs/sse/FactoryFinder.java +++ b/jaxrs-api/src/main/java/jakarta/ws/rs/sse/FactoryFinder.java
@@ -20,8 +20,6 @@ import java.io.InputStream; import java.nio.file.Files; import java.nio.file.Path; -import java.security.AccessController; -import java.security.PrivilegedAction; import java.util.Properties; import java.util.ServiceLoader; import java.util.logging.Level; @@ -44,23 +42,7 @@ } private static ClassLoader getContextClassLoader() { - // For performance reasons, check if a security manager is installed. If not there is no need to use a - // privileged action. - if (System.getSecurityManager() == null) { - return Thread.currentThread().getContextClassLoader(); - } - return AccessController.doPrivileged((PrivilegedAction<ClassLoader>) () -> { - ClassLoader cl = null; - try { - cl = Thread.currentThread().getContextClassLoader(); - } catch (SecurityException ex) { - LOGGER.log( - Level.WARNING, - "Unable to get context classloader instance.", - ex); - } - return cl; - }); + return Thread.currentThread().getContextClassLoader(); } /** @@ -165,24 +147,18 @@ } private static ClassLoader getClassLoader() { - if (System.getSecurityManager() == null) { - return FactoryFinder.class.getClassLoader(); - } - return AccessController.doPrivileged((PrivilegedAction<ClassLoader>) FactoryFinder.class::getClassLoader); + return FactoryFinder.class.getClassLoader(); } private static <T> T findFirstService(final String factoryId, final ClassLoader cl, final Class<T> service) { - final PrivilegedAction<T> action = () -> { - try { - return ServiceLoader.load(service, cl).findFirst().orElse(null); - } catch (Exception e) { - LOGGER.log(Level.FINER, "Failed to load service " + factoryId + ".", e); + try { + final ServiceLoader<T> loader = ServiceLoader.load(service, cl); + if (loader.iterator().hasNext()) { + return loader.iterator().next(); } - return null; - }; - if (System.getSecurityManager() == null) { - return action.run(); + } catch (Exception e) { + LOGGER.log(Level.FINER, "Failed to load service " + factoryId + ".", e); } - return AccessController.doPrivileged(action); + return null; } }
diff --git a/jaxrs-tck/src/main/resources/ee/jakarta/tck/ws/rs/signaturetest/jakarta.ws.rs.sig_4.0.0 b/jaxrs-tck/src/main/resources/ee/jakarta/tck/ws/rs/signaturetest/jakarta.ws.rs.sig_4.0.0 index 02caa62..6c7dc72 100644 --- a/jaxrs-tck/src/main/resources/ee/jakarta/tck/ws/rs/signaturetest/jakarta.ws.rs.sig_4.0.0 +++ b/jaxrs-tck/src/main/resources/ee/jakarta/tck/ws/rs/signaturetest/jakarta.ws.rs.sig_4.0.0
@@ -504,7 +504,6 @@ meth public static jakarta.ws.rs.client.Client newClient(jakarta.ws.rs.core.Configuration) meth public static jakarta.ws.rs.client.ClientBuilder newBuilder() supr java.lang.Object -hcls CreateErrorMessageAction CLSS public abstract interface jakarta.ws.rs.client.ClientRequestContext meth public abstract boolean containsHeaderString(java.lang.String,java.lang.String,java.util.function.Predicate<java.lang.String>) @@ -1718,7 +1717,7 @@ meth public static jakarta.ws.rs.ext.RuntimeDelegate getInstance() meth public static void setInstance(jakarta.ws.rs.ext.RuntimeDelegate) supr java.lang.Object -hfds RD_LOCK,cachedDelegate,suppressAccessChecksPermission +hfds RD_LOCK,cachedDelegate CLSS public abstract interface static jakarta.ws.rs.ext.RuntimeDelegate$HeaderDelegate<%0 extends java.lang.Object> outer jakarta.ws.rs.ext.RuntimeDelegate