Fri, 24 Oct 2014 15:02:28 +0200
8054367: More references for endpoints
Summary: fix also reviewed by Iaroslav.Savytskyi@oracle.com, Alexander.Fomin@oracle.com
Reviewed-by: mullan, skoivu
alanb@368 | 1 | /* |
mkos@721 | 2 | * Copyright (c) 2013, 2014, Oracle and/or its affiliates. All rights reserved. |
alanb@368 | 3 | * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. |
alanb@368 | 4 | * |
alanb@368 | 5 | * This code is free software; you can redistribute it and/or modify it |
alanb@368 | 6 | * under the terms of the GNU General Public License version 2 only, as |
alanb@368 | 7 | * published by the Free Software Foundation. Oracle designates this |
alanb@368 | 8 | * particular file as subject to the "Classpath" exception as provided |
alanb@368 | 9 | * by Oracle in the LICENSE file that accompanied this code. |
alanb@368 | 10 | * |
alanb@368 | 11 | * This code is distributed in the hope that it will be useful, but WITHOUT |
alanb@368 | 12 | * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or |
alanb@368 | 13 | * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License |
alanb@368 | 14 | * version 2 for more details (a copy is included in the LICENSE file that |
alanb@368 | 15 | * accompanied this code). |
alanb@368 | 16 | * |
alanb@368 | 17 | * You should have received a copy of the GNU General Public License version |
alanb@368 | 18 | * 2 along with this work; if not, write to the Free Software Foundation, |
alanb@368 | 19 | * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. |
alanb@368 | 20 | * |
alanb@368 | 21 | * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA |
alanb@368 | 22 | * or visit www.oracle.com if you need additional information or have any |
alanb@368 | 23 | * questions. |
alanb@368 | 24 | */ |
alanb@368 | 25 | |
alanb@368 | 26 | package com.sun.xml.internal.bind.v2.util; |
alanb@368 | 27 | |
alanb@368 | 28 | import com.sun.xml.internal.bind.v2.Messages; |
mkos@721 | 29 | |
mkos@721 | 30 | import java.security.AccessController; |
mkos@721 | 31 | import java.security.PrivilegedAction; |
alanb@368 | 32 | import java.util.logging.Level; |
alanb@368 | 33 | import java.util.logging.Logger; |
alanb@368 | 34 | import javax.xml.XMLConstants; |
alanb@368 | 35 | import javax.xml.parsers.DocumentBuilderFactory; |
alanb@368 | 36 | import javax.xml.parsers.ParserConfigurationException; |
alanb@368 | 37 | import javax.xml.parsers.SAXParserFactory; |
alanb@368 | 38 | import javax.xml.transform.TransformerConfigurationException; |
alanb@368 | 39 | import javax.xml.transform.TransformerFactory; |
alanb@368 | 40 | import javax.xml.validation.SchemaFactory; |
alanb@368 | 41 | import javax.xml.xpath.XPathFactory; |
alanb@368 | 42 | import javax.xml.xpath.XPathFactoryConfigurationException; |
mkos@397 | 43 | |
mkos@397 | 44 | import org.xml.sax.SAXException; |
alanb@368 | 45 | import org.xml.sax.SAXNotRecognizedException; |
alanb@368 | 46 | import org.xml.sax.SAXNotSupportedException; |
alanb@368 | 47 | |
alanb@368 | 48 | /** |
alanb@368 | 49 | * Provides helper methods for creating properly configured XML parser |
alanb@368 | 50 | * factory instances with namespace support turned on and configured for |
alanb@368 | 51 | * security. |
alanb@368 | 52 | * @author snajper |
alanb@368 | 53 | */ |
alanb@368 | 54 | public class XmlFactory { |
alanb@368 | 55 | |
mkos@397 | 56 | // not in older JDK, so must be duplicated here, otherwise javax.xml.XMLConstants should be used |
mkos@397 | 57 | public static final String ACCESS_EXTERNAL_SCHEMA = "http://javax.xml.XMLConstants/property/accessExternalSchema"; |
mkos@408 | 58 | public static final String ACCESS_EXTERNAL_DTD = "http://javax.xml.XMLConstants/property/accessExternalDTD"; |
mkos@397 | 59 | |
alanb@368 | 60 | private static final Logger LOGGER = Logger.getLogger(XmlFactory.class.getName()); |
alanb@368 | 61 | |
alanb@368 | 62 | /** |
alanb@368 | 63 | * If true XML security features when parsing XML documents will be disabled. |
alanb@368 | 64 | * The default value is false. |
alanb@368 | 65 | * |
alanb@368 | 66 | * Boolean |
alanb@368 | 67 | * @since 2.2.6 |
alanb@368 | 68 | */ |
alanb@368 | 69 | private static final String DISABLE_XML_SECURITY = "com.sun.xml.internal.bind.disableXmlSecurity"; |
alanb@368 | 70 | |
mkos@721 | 71 | private static final boolean XML_SECURITY_DISABLED = AccessController.doPrivileged( |
mkos@721 | 72 | new PrivilegedAction<Boolean>() { |
mkos@721 | 73 | @Override |
mkos@721 | 74 | public Boolean run() { |
mkos@721 | 75 | return Boolean.getBoolean(DISABLE_XML_SECURITY); |
mkos@721 | 76 | } |
mkos@721 | 77 | } |
mkos@721 | 78 | ); |
alanb@368 | 79 | |
mkos@408 | 80 | private static boolean isXMLSecurityDisabled(boolean runtimeSetting) { |
mkos@408 | 81 | return XML_SECURITY_DISABLED || runtimeSetting; |
alanb@368 | 82 | } |
alanb@368 | 83 | |
alanb@368 | 84 | /** |
alanb@368 | 85 | * Returns properly configured (e.g. security features) schema factory |
alanb@368 | 86 | * - namespaceAware == true |
alanb@368 | 87 | * - securityProcessing == is set based on security processing property, default is true |
alanb@368 | 88 | */ |
alanb@368 | 89 | public static SchemaFactory createSchemaFactory(final String language, boolean disableSecureProcessing) throws IllegalStateException { |
alanb@368 | 90 | try { |
alanb@368 | 91 | SchemaFactory factory = SchemaFactory.newInstance(language); |
alanb@368 | 92 | if (LOGGER.isLoggable(Level.FINE)) { |
alanb@368 | 93 | LOGGER.log(Level.FINE, "SchemaFactory instance: {0}", factory); |
alanb@368 | 94 | } |
mkos@408 | 95 | factory.setFeature(XMLConstants.FEATURE_SECURE_PROCESSING, !isXMLSecurityDisabled(disableSecureProcessing)); |
alanb@368 | 96 | return factory; |
alanb@368 | 97 | } catch (SAXNotRecognizedException ex) { |
alanb@368 | 98 | LOGGER.log(Level.SEVERE, null, ex); |
alanb@368 | 99 | throw new IllegalStateException(ex); |
alanb@368 | 100 | } catch (SAXNotSupportedException ex) { |
alanb@368 | 101 | LOGGER.log(Level.SEVERE, null, ex); |
alanb@368 | 102 | throw new IllegalStateException(ex); |
alanb@368 | 103 | } catch (AbstractMethodError er) { |
alanb@368 | 104 | LOGGER.log(Level.SEVERE, null, er); |
alanb@368 | 105 | throw new IllegalStateException(Messages.INVALID_JAXP_IMPLEMENTATION.format(), er); |
alanb@368 | 106 | } |
alanb@368 | 107 | } |
alanb@368 | 108 | |
alanb@368 | 109 | /** |
alanb@368 | 110 | * Returns properly configured (e.g. security features) parser factory |
alanb@368 | 111 | * - namespaceAware == true |
alanb@368 | 112 | * - securityProcessing == is set based on security processing property, default is true |
alanb@368 | 113 | */ |
alanb@368 | 114 | public static SAXParserFactory createParserFactory(boolean disableSecureProcessing) throws IllegalStateException { |
alanb@368 | 115 | try { |
alanb@368 | 116 | SAXParserFactory factory = SAXParserFactory.newInstance(); |
alanb@368 | 117 | if (LOGGER.isLoggable(Level.FINE)) { |
alanb@368 | 118 | LOGGER.log(Level.FINE, "SAXParserFactory instance: {0}", factory); |
alanb@368 | 119 | } |
alanb@368 | 120 | factory.setNamespaceAware(true); |
mkos@408 | 121 | factory.setFeature(XMLConstants.FEATURE_SECURE_PROCESSING, !isXMLSecurityDisabled(disableSecureProcessing)); |
alanb@368 | 122 | return factory; |
alanb@368 | 123 | } catch (ParserConfigurationException ex) { |
alanb@368 | 124 | LOGGER.log(Level.SEVERE, null, ex); |
alanb@368 | 125 | throw new IllegalStateException( ex); |
alanb@368 | 126 | } catch (SAXNotRecognizedException ex) { |
alanb@368 | 127 | LOGGER.log(Level.SEVERE, null, ex); |
alanb@368 | 128 | throw new IllegalStateException( ex); |
alanb@368 | 129 | } catch (SAXNotSupportedException ex) { |
alanb@368 | 130 | LOGGER.log(Level.SEVERE, null, ex); |
alanb@368 | 131 | throw new IllegalStateException( ex); |
alanb@368 | 132 | } catch (AbstractMethodError er) { |
alanb@368 | 133 | LOGGER.log(Level.SEVERE, null, er); |
alanb@368 | 134 | throw new IllegalStateException(Messages.INVALID_JAXP_IMPLEMENTATION.format(), er); |
alanb@368 | 135 | } |
alanb@368 | 136 | } |
alanb@368 | 137 | |
alanb@368 | 138 | /** |
alanb@368 | 139 | * Returns properly configured (e.g. security features) factory |
alanb@368 | 140 | * - securityProcessing == is set based on security processing property, default is true |
alanb@368 | 141 | */ |
alanb@368 | 142 | public static XPathFactory createXPathFactory(boolean disableSecureProcessing) throws IllegalStateException { |
alanb@368 | 143 | try { |
alanb@368 | 144 | XPathFactory factory = XPathFactory.newInstance(); |
alanb@368 | 145 | if (LOGGER.isLoggable(Level.FINE)) { |
alanb@368 | 146 | LOGGER.log(Level.FINE, "XPathFactory instance: {0}", factory); |
alanb@368 | 147 | } |
mkos@408 | 148 | factory.setFeature(XMLConstants.FEATURE_SECURE_PROCESSING, !isXMLSecurityDisabled(disableSecureProcessing)); |
alanb@368 | 149 | return factory; |
alanb@368 | 150 | } catch (XPathFactoryConfigurationException ex) { |
alanb@368 | 151 | LOGGER.log(Level.SEVERE, null, ex); |
alanb@368 | 152 | throw new IllegalStateException( ex); |
alanb@368 | 153 | } catch (AbstractMethodError er) { |
alanb@368 | 154 | LOGGER.log(Level.SEVERE, null, er); |
alanb@368 | 155 | throw new IllegalStateException(Messages.INVALID_JAXP_IMPLEMENTATION.format(), er); |
alanb@368 | 156 | } |
alanb@368 | 157 | } |
alanb@368 | 158 | |
alanb@368 | 159 | /** |
alanb@368 | 160 | * Returns properly configured (e.g. security features) factory |
alanb@368 | 161 | * - securityProcessing == is set based on security processing property, default is true |
alanb@368 | 162 | */ |
alanb@368 | 163 | public static TransformerFactory createTransformerFactory(boolean disableSecureProcessing) throws IllegalStateException { |
alanb@368 | 164 | try { |
alanb@368 | 165 | TransformerFactory factory = TransformerFactory.newInstance(); |
alanb@368 | 166 | if (LOGGER.isLoggable(Level.FINE)) { |
alanb@368 | 167 | LOGGER.log(Level.FINE, "TransformerFactory instance: {0}", factory); |
alanb@368 | 168 | } |
mkos@408 | 169 | factory.setFeature(XMLConstants.FEATURE_SECURE_PROCESSING, !isXMLSecurityDisabled(disableSecureProcessing)); |
alanb@368 | 170 | return factory; |
alanb@368 | 171 | } catch (TransformerConfigurationException ex) { |
alanb@368 | 172 | LOGGER.log(Level.SEVERE, null, ex); |
alanb@368 | 173 | throw new IllegalStateException( ex); |
alanb@368 | 174 | } catch (AbstractMethodError er) { |
alanb@368 | 175 | LOGGER.log(Level.SEVERE, null, er); |
alanb@368 | 176 | throw new IllegalStateException(Messages.INVALID_JAXP_IMPLEMENTATION.format(), er); |
alanb@368 | 177 | } |
alanb@368 | 178 | } |
alanb@368 | 179 | |
alanb@368 | 180 | /** |
alanb@368 | 181 | * Returns properly configured (e.g. security features) factory |
alanb@368 | 182 | * - namespaceAware == true |
alanb@368 | 183 | * - securityProcessing == is set based on security processing property, default is true |
alanb@368 | 184 | */ |
alanb@368 | 185 | public static DocumentBuilderFactory createDocumentBuilderFactory(boolean disableSecureProcessing) throws IllegalStateException { |
alanb@368 | 186 | try { |
alanb@368 | 187 | DocumentBuilderFactory factory = DocumentBuilderFactory.newInstance(); |
alanb@368 | 188 | if (LOGGER.isLoggable(Level.FINE)) { |
alanb@368 | 189 | LOGGER.log(Level.FINE, "DocumentBuilderFactory instance: {0}", factory); |
alanb@368 | 190 | } |
alanb@368 | 191 | factory.setNamespaceAware(true); |
mkos@408 | 192 | factory.setFeature(XMLConstants.FEATURE_SECURE_PROCESSING, !isXMLSecurityDisabled(disableSecureProcessing)); |
alanb@368 | 193 | return factory; |
alanb@368 | 194 | } catch (ParserConfigurationException ex) { |
alanb@368 | 195 | LOGGER.log(Level.SEVERE, null, ex); |
alanb@368 | 196 | throw new IllegalStateException( ex); |
alanb@368 | 197 | } catch (AbstractMethodError er) { |
alanb@368 | 198 | LOGGER.log(Level.SEVERE, null, er); |
alanb@368 | 199 | throw new IllegalStateException(Messages.INVALID_JAXP_IMPLEMENTATION.format(), er); |
alanb@368 | 200 | } |
alanb@368 | 201 | } |
alanb@368 | 202 | |
mkos@408 | 203 | public static SchemaFactory allowExternalAccess(SchemaFactory sf, String value, boolean disableSecureProcessing) { |
mkos@397 | 204 | |
mkos@408 | 205 | // if xml security (feature secure processing) disabled, nothing to do, no restrictions applied |
mkos@408 | 206 | if (isXMLSecurityDisabled(disableSecureProcessing)) { |
mkos@408 | 207 | if (LOGGER.isLoggable(Level.FINE)) { |
mkos@408 | 208 | LOGGER.log(Level.FINE, Messages.JAXP_XML_SECURITY_DISABLED.format()); |
mkos@408 | 209 | } |
mkos@408 | 210 | return sf; |
mkos@408 | 211 | } |
mkos@408 | 212 | |
mkos@408 | 213 | if (System.getProperty("javax.xml.accessExternalSchema") != null) { |
mkos@408 | 214 | if (LOGGER.isLoggable(Level.FINE)) { |
mkos@408 | 215 | LOGGER.log(Level.FINE, Messages.JAXP_EXTERNAL_ACCESS_CONFIGURED.format()); |
mkos@408 | 216 | } |
mkos@397 | 217 | return sf; |
mkos@397 | 218 | } |
mkos@397 | 219 | |
mkos@397 | 220 | try { |
mkos@408 | 221 | sf.setProperty(ACCESS_EXTERNAL_SCHEMA, value); |
mkos@408 | 222 | if (LOGGER.isLoggable(Level.FINE)) { |
mkos@408 | 223 | LOGGER.log(Level.FINE, Messages.JAXP_SUPPORTED_PROPERTY.format(ACCESS_EXTERNAL_SCHEMA)); |
mkos@408 | 224 | } |
mkos@397 | 225 | } catch (SAXException ignored) { |
mkos@397 | 226 | // nothing to do; support depends on version JDK or SAX implementation |
mkos@408 | 227 | if (LOGGER.isLoggable(Level.CONFIG)) { |
mkos@408 | 228 | LOGGER.log(Level.CONFIG, Messages.JAXP_UNSUPPORTED_PROPERTY.format(ACCESS_EXTERNAL_SCHEMA), ignored); |
mkos@408 | 229 | } |
mkos@408 | 230 | } |
mkos@408 | 231 | return sf; |
mkos@408 | 232 | } |
mkos@408 | 233 | |
mkos@408 | 234 | public static SchemaFactory allowExternalDTDAccess(SchemaFactory sf, String value, boolean disableSecureProcessing) { |
mkos@408 | 235 | |
mkos@408 | 236 | // if xml security (feature secure processing) disabled, nothing to do, no restrictions applied |
mkos@408 | 237 | if (isXMLSecurityDisabled(disableSecureProcessing)) { |
mkos@408 | 238 | if (LOGGER.isLoggable(Level.FINE)) { |
mkos@408 | 239 | LOGGER.log(Level.FINE, Messages.JAXP_XML_SECURITY_DISABLED.format()); |
mkos@408 | 240 | } |
mkos@408 | 241 | return sf; |
mkos@408 | 242 | } |
mkos@408 | 243 | |
mkos@408 | 244 | if (System.getProperty("javax.xml.accessExternalDTD") != null) { |
mkos@408 | 245 | if (LOGGER.isLoggable(Level.FINE)) { |
mkos@408 | 246 | LOGGER.log(Level.FINE, Messages.JAXP_EXTERNAL_ACCESS_CONFIGURED.format()); |
mkos@408 | 247 | } |
mkos@408 | 248 | return sf; |
mkos@408 | 249 | } |
mkos@408 | 250 | |
mkos@408 | 251 | try { |
mkos@408 | 252 | sf.setProperty(ACCESS_EXTERNAL_DTD, value); |
mkos@408 | 253 | if (LOGGER.isLoggable(Level.FINE)) { |
mkos@408 | 254 | LOGGER.log(Level.FINE, Messages.JAXP_SUPPORTED_PROPERTY.format(ACCESS_EXTERNAL_DTD)); |
mkos@408 | 255 | } |
mkos@408 | 256 | } catch (SAXException ignored) { |
mkos@408 | 257 | // nothing to do; support depends on version JDK or SAX implementation |
mkos@408 | 258 | if (LOGGER.isLoggable(Level.CONFIG)) { |
mkos@408 | 259 | LOGGER.log(Level.CONFIG, Messages.JAXP_UNSUPPORTED_PROPERTY.format(ACCESS_EXTERNAL_DTD), ignored); |
mkos@408 | 260 | } |
mkos@397 | 261 | } |
mkos@397 | 262 | return sf; |
mkos@397 | 263 | } |
mkos@397 | 264 | |
alanb@368 | 265 | } |