• file
• revisions
• annotate
• diff
• comparison
• raw

src/share/jaxws_classes/com/sun/xml/internal/bind/v2/util/XmlFactory.java@b99d7e355d4b (annotated)

src/share/jaxws_classes/com/sun/xml/internal/bind/v2/util/XmlFactory.java

Fri, 23 Aug 2013 09:57:21 +0100

author

mkos

date

Fri, 23 Aug 2013 09:57:21 +0100

changeset 397

b99d7e355d4b

parent 368

0989ad8c0860

child 408

b0610cd08440

permissions

-rw-r--r--

8022885: Update JAX-WS RI integration to 2.2.9-b14140
8013016: Rebase 8009009 against the latest jdk8/jaxws
Reviewed-by: alanb, chegar

alanb@368	1	/*
mkos@397	2	* Copyright (c) 2013, Oracle and/or its affiliates. All rights reserved.
alanb@368	3	* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
alanb@368	4	*
alanb@368	5	* This code is free software; you can redistribute it and/or modify it
alanb@368	6	* under the terms of the GNU General Public License version 2 only, as
alanb@368	7	* published by the Free Software Foundation. Oracle designates this
alanb@368	8	* particular file as subject to the "Classpath" exception as provided
alanb@368	9	* by Oracle in the LICENSE file that accompanied this code.
alanb@368	10	*
alanb@368	11	* This code is distributed in the hope that it will be useful, but WITHOUT
alanb@368	12	* ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
alanb@368	13	* FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
alanb@368	14	* version 2 for more details (a copy is included in the LICENSE file that
alanb@368	15	* accompanied this code).
alanb@368	16	*
alanb@368	17	* You should have received a copy of the GNU General Public License version
alanb@368	18	* 2 along with this work; if not, write to the Free Software Foundation,
alanb@368	19	* Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
alanb@368	20	*
alanb@368	21	* Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
alanb@368	22	* or visit www.oracle.com if you need additional information or have any
alanb@368	23	* questions.
alanb@368	24	*/
alanb@368	25
alanb@368	26	package com.sun.xml.internal.bind.v2.util;
alanb@368	27
alanb@368	28	import com.sun.xml.internal.bind.Util;
alanb@368	29	import com.sun.xml.internal.bind.v2.Messages;
alanb@368	30	import java.util.logging.Level;
alanb@368	31	import java.util.logging.Logger;
alanb@368	32	import javax.xml.XMLConstants;
alanb@368	33	import javax.xml.parsers.DocumentBuilderFactory;
alanb@368	34	import javax.xml.parsers.ParserConfigurationException;
alanb@368	35	import javax.xml.parsers.SAXParserFactory;
alanb@368	36	import javax.xml.transform.TransformerConfigurationException;
alanb@368	37	import javax.xml.transform.TransformerFactory;
alanb@368	38	import javax.xml.validation.SchemaFactory;
alanb@368	39	import javax.xml.xpath.XPathFactory;
alanb@368	40	import javax.xml.xpath.XPathFactoryConfigurationException;
mkos@397	41
mkos@397	42	import org.xml.sax.SAXException;
alanb@368	43	import org.xml.sax.SAXNotRecognizedException;
alanb@368	44	import org.xml.sax.SAXNotSupportedException;
alanb@368	45
alanb@368	46	/**
alanb@368	47	* Provides helper methods for creating properly configured XML parser
alanb@368	48	* factory instances with namespace support turned on and configured for
alanb@368	49	* security.
alanb@368	50	* @author snajper
alanb@368	51	*/
alanb@368	52	public class XmlFactory {
alanb@368	53
mkos@397	54	// not in older JDK, so must be duplicated here, otherwise javax.xml.XMLConstants should be used
mkos@397	55	public static final String ACCESS_EXTERNAL_SCHEMA = "http://javax.xml.XMLConstants/property/accessExternalSchema";
mkos@397	56
alanb@368	57	private static final Logger LOGGER = Logger.getLogger(XmlFactory.class.getName());
alanb@368	58
alanb@368	59	/**
alanb@368	60	* If true XML security features when parsing XML documents will be disabled.
alanb@368	61	* The default value is false.
alanb@368	62	*
alanb@368	63	* Boolean
alanb@368	64	* @since 2.2.6
alanb@368	65	*/
alanb@368	66	private static final String DISABLE_XML_SECURITY = "com.sun.xml.internal.bind.disableXmlSecurity";
alanb@368	67
alanb@368	68	public static final boolean DISABLE_SECURE_PROCESSING =
alanb@368	69	Boolean.parseBoolean(Util.getSystemProperty(DISABLE_XML_SECURITY));
alanb@368	70
alanb@368	71	private static boolean xmlFeatureValue(boolean runtimeSetting) {
alanb@368	72	return !(DISABLE_SECURE_PROCESSING || runtimeSetting);
alanb@368	73	}
alanb@368	74
alanb@368	75	/**
alanb@368	76	* Returns properly configured (e.g. security features) schema factory
alanb@368	77	* - namespaceAware == true
alanb@368	78	* - securityProcessing == is set based on security processing property, default is true
alanb@368	79	*/
alanb@368	80	public static SchemaFactory createSchemaFactory(final String language, boolean disableSecureProcessing) throws IllegalStateException {
alanb@368	81	try {
alanb@368	82	SchemaFactory factory = SchemaFactory.newInstance(language);
alanb@368	83	if (LOGGER.isLoggable(Level.FINE)) {
alanb@368	84	LOGGER.log(Level.FINE, "SchemaFactory instance: {0}", factory);
alanb@368	85	}
alanb@368	86	factory.setFeature(XMLConstants.FEATURE_SECURE_PROCESSING, xmlFeatureValue(disableSecureProcessing));
alanb@368	87	return factory;
alanb@368	88	} catch (SAXNotRecognizedException ex) {
alanb@368	89	LOGGER.log(Level.SEVERE, null, ex);
alanb@368	90	throw new IllegalStateException(ex);
alanb@368	91	} catch (SAXNotSupportedException ex) {
alanb@368	92	LOGGER.log(Level.SEVERE, null, ex);
alanb@368	93	throw new IllegalStateException(ex);
alanb@368	94	} catch (AbstractMethodError er) {
alanb@368	95	LOGGER.log(Level.SEVERE, null, er);
alanb@368	96	throw new IllegalStateException(Messages.INVALID_JAXP_IMPLEMENTATION.format(), er);
alanb@368	97	}
alanb@368	98	}
alanb@368	99
alanb@368	100	/**
alanb@368	101	* Returns properly configured (e.g. security features) parser factory
alanb@368	102	* - namespaceAware == true
alanb@368	103	* - securityProcessing == is set based on security processing property, default is true
alanb@368	104	*/
alanb@368	105	public static SAXParserFactory createParserFactory(boolean disableSecureProcessing) throws IllegalStateException {
alanb@368	106	try {
alanb@368	107	SAXParserFactory factory = SAXParserFactory.newInstance();
alanb@368	108	if (LOGGER.isLoggable(Level.FINE)) {
alanb@368	109	LOGGER.log(Level.FINE, "SAXParserFactory instance: {0}", factory);
alanb@368	110	}
alanb@368	111	factory.setNamespaceAware(true);
alanb@368	112	factory.setFeature(XMLConstants.FEATURE_SECURE_PROCESSING, xmlFeatureValue(disableSecureProcessing));
alanb@368	113	return factory;
alanb@368	114	} catch (ParserConfigurationException ex) {
alanb@368	115	LOGGER.log(Level.SEVERE, null, ex);
alanb@368	116	throw new IllegalStateException( ex);
alanb@368	117	} catch (SAXNotRecognizedException ex) {
alanb@368	118	LOGGER.log(Level.SEVERE, null, ex);
alanb@368	119	throw new IllegalStateException( ex);
alanb@368	120	} catch (SAXNotSupportedException ex) {
alanb@368	121	LOGGER.log(Level.SEVERE, null, ex);
alanb@368	122	throw new IllegalStateException( ex);
alanb@368	123	} catch (AbstractMethodError er) {
alanb@368	124	LOGGER.log(Level.SEVERE, null, er);
alanb@368	125	throw new IllegalStateException(Messages.INVALID_JAXP_IMPLEMENTATION.format(), er);
alanb@368	126	}
alanb@368	127	}
alanb@368	128
alanb@368	129	/**
alanb@368	130	* Returns properly configured (e.g. security features) factory
alanb@368	131	* - securityProcessing == is set based on security processing property, default is true
alanb@368	132	*/
alanb@368	133	public static XPathFactory createXPathFactory(boolean disableSecureProcessing) throws IllegalStateException {
alanb@368	134	try {
alanb@368	135	XPathFactory factory = XPathFactory.newInstance();
alanb@368	136	if (LOGGER.isLoggable(Level.FINE)) {
alanb@368	137	LOGGER.log(Level.FINE, "XPathFactory instance: {0}", factory);
alanb@368	138	}
alanb@368	139	factory.setFeature(XMLConstants.FEATURE_SECURE_PROCESSING, xmlFeatureValue(disableSecureProcessing));
alanb@368	140	return factory;
alanb@368	141	} catch (XPathFactoryConfigurationException ex) {
alanb@368	142	LOGGER.log(Level.SEVERE, null, ex);
alanb@368	143	throw new IllegalStateException( ex);
alanb@368	144	} catch (AbstractMethodError er) {
alanb@368	145	LOGGER.log(Level.SEVERE, null, er);
alanb@368	146	throw new IllegalStateException(Messages.INVALID_JAXP_IMPLEMENTATION.format(), er);
alanb@368	147	}
alanb@368	148	}
alanb@368	149
alanb@368	150	/**
alanb@368	151	* Returns properly configured (e.g. security features) factory
alanb@368	152	* - securityProcessing == is set based on security processing property, default is true
alanb@368	153	*/
alanb@368	154	public static TransformerFactory createTransformerFactory(boolean disableSecureProcessing) throws IllegalStateException {
alanb@368	155	try {
alanb@368	156	TransformerFactory factory = TransformerFactory.newInstance();
alanb@368	157	if (LOGGER.isLoggable(Level.FINE)) {
alanb@368	158	LOGGER.log(Level.FINE, "TransformerFactory instance: {0}", factory);
alanb@368	159	}
alanb@368	160	factory.setFeature(XMLConstants.FEATURE_SECURE_PROCESSING, xmlFeatureValue(disableSecureProcessing));
alanb@368	161	return factory;
alanb@368	162	} catch (TransformerConfigurationException ex) {
alanb@368	163	LOGGER.log(Level.SEVERE, null, ex);
alanb@368	164	throw new IllegalStateException( ex);
alanb@368	165	} catch (AbstractMethodError er) {
alanb@368	166	LOGGER.log(Level.SEVERE, null, er);
alanb@368	167	throw new IllegalStateException(Messages.INVALID_JAXP_IMPLEMENTATION.format(), er);
alanb@368	168	}
alanb@368	169	}
alanb@368	170
alanb@368	171	/**
alanb@368	172	* Returns properly configured (e.g. security features) factory
alanb@368	173	* - namespaceAware == true
alanb@368	174	* - securityProcessing == is set based on security processing property, default is true
alanb@368	175	*/
alanb@368	176	public static DocumentBuilderFactory createDocumentBuilderFactory(boolean disableSecureProcessing) throws IllegalStateException {
alanb@368	177	try {
alanb@368	178	DocumentBuilderFactory factory = DocumentBuilderFactory.newInstance();
alanb@368	179	if (LOGGER.isLoggable(Level.FINE)) {
alanb@368	180	LOGGER.log(Level.FINE, "DocumentBuilderFactory instance: {0}", factory);
alanb@368	181	}
alanb@368	182	factory.setNamespaceAware(true);
alanb@368	183	factory.setFeature(XMLConstants.FEATURE_SECURE_PROCESSING, xmlFeatureValue(disableSecureProcessing));
alanb@368	184	return factory;
alanb@368	185	} catch (ParserConfigurationException ex) {
alanb@368	186	LOGGER.log(Level.SEVERE, null, ex);
alanb@368	187	throw new IllegalStateException( ex);
alanb@368	188	} catch (AbstractMethodError er) {
alanb@368	189	LOGGER.log(Level.SEVERE, null, er);
alanb@368	190	throw new IllegalStateException(Messages.INVALID_JAXP_IMPLEMENTATION.format(), er);
alanb@368	191	}
alanb@368	192	}
alanb@368	193
mkos@397	194	public static SchemaFactory allowFileAccess(SchemaFactory sf, boolean disableSecureProcessing) {
mkos@397	195
mkos@397	196	// if feature secure processing enabled, nothing to do, file is allowed,
mkos@397	197	// or user is able to control access by standard JAXP mechanisms
mkos@397	198	if (disableSecureProcessing) {
mkos@397	199	return sf;
mkos@397	200	}
mkos@397	201
mkos@397	202	try {
mkos@397	203	sf.setProperty(ACCESS_EXTERNAL_SCHEMA, "file");
mkos@397	204	LOGGER.log(Level.FINE, Messages.JAXP_SUPPORTED_PROPERTY.format(ACCESS_EXTERNAL_SCHEMA));
mkos@397	205	} catch (SAXException ignored) {
mkos@397	206	// nothing to do; support depends on version JDK or SAX implementation
mkos@397	207	LOGGER.log(Level.CONFIG, Messages.JAXP_UNSUPPORTED_PROPERTY.format(ACCESS_EXTERNAL_SCHEMA), ignored);
mkos@397	208	}
mkos@397	209	return sf;
mkos@397	210	}
mkos@397	211
alanb@368	212	}