Fri, 23 Aug 2013 09:57:21 +0100
8022885: Update JAX-WS RI integration to 2.2.9-b14140
8013016: Rebase 8009009 against the latest jdk8/jaxws
Reviewed-by: alanb, chegar
alanb@368 | 1 | /* |
mkos@397 | 2 | * Copyright (c) 2013, Oracle and/or its affiliates. All rights reserved. |
alanb@368 | 3 | * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. |
alanb@368 | 4 | * |
alanb@368 | 5 | * This code is free software; you can redistribute it and/or modify it |
alanb@368 | 6 | * under the terms of the GNU General Public License version 2 only, as |
alanb@368 | 7 | * published by the Free Software Foundation. Oracle designates this |
alanb@368 | 8 | * particular file as subject to the "Classpath" exception as provided |
alanb@368 | 9 | * by Oracle in the LICENSE file that accompanied this code. |
alanb@368 | 10 | * |
alanb@368 | 11 | * This code is distributed in the hope that it will be useful, but WITHOUT |
alanb@368 | 12 | * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or |
alanb@368 | 13 | * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License |
alanb@368 | 14 | * version 2 for more details (a copy is included in the LICENSE file that |
alanb@368 | 15 | * accompanied this code). |
alanb@368 | 16 | * |
alanb@368 | 17 | * You should have received a copy of the GNU General Public License version |
alanb@368 | 18 | * 2 along with this work; if not, write to the Free Software Foundation, |
alanb@368 | 19 | * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. |
alanb@368 | 20 | * |
alanb@368 | 21 | * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA |
alanb@368 | 22 | * or visit www.oracle.com if you need additional information or have any |
alanb@368 | 23 | * questions. |
alanb@368 | 24 | */ |
alanb@368 | 25 | |
alanb@368 | 26 | package com.sun.xml.internal.bind.v2.util; |
alanb@368 | 27 | |
alanb@368 | 28 | import com.sun.xml.internal.bind.Util; |
alanb@368 | 29 | import com.sun.xml.internal.bind.v2.Messages; |
alanb@368 | 30 | import java.util.logging.Level; |
alanb@368 | 31 | import java.util.logging.Logger; |
alanb@368 | 32 | import javax.xml.XMLConstants; |
alanb@368 | 33 | import javax.xml.parsers.DocumentBuilderFactory; |
alanb@368 | 34 | import javax.xml.parsers.ParserConfigurationException; |
alanb@368 | 35 | import javax.xml.parsers.SAXParserFactory; |
alanb@368 | 36 | import javax.xml.transform.TransformerConfigurationException; |
alanb@368 | 37 | import javax.xml.transform.TransformerFactory; |
alanb@368 | 38 | import javax.xml.validation.SchemaFactory; |
alanb@368 | 39 | import javax.xml.xpath.XPathFactory; |
alanb@368 | 40 | import javax.xml.xpath.XPathFactoryConfigurationException; |
mkos@397 | 41 | |
mkos@397 | 42 | import org.xml.sax.SAXException; |
alanb@368 | 43 | import org.xml.sax.SAXNotRecognizedException; |
alanb@368 | 44 | import org.xml.sax.SAXNotSupportedException; |
alanb@368 | 45 | |
alanb@368 | 46 | /** |
alanb@368 | 47 | * Provides helper methods for creating properly configured XML parser |
alanb@368 | 48 | * factory instances with namespace support turned on and configured for |
alanb@368 | 49 | * security. |
alanb@368 | 50 | * @author snajper |
alanb@368 | 51 | */ |
alanb@368 | 52 | public class XmlFactory { |
alanb@368 | 53 | |
mkos@397 | 54 | // not in older JDK, so must be duplicated here, otherwise javax.xml.XMLConstants should be used |
mkos@397 | 55 | public static final String ACCESS_EXTERNAL_SCHEMA = "http://javax.xml.XMLConstants/property/accessExternalSchema"; |
mkos@397 | 56 | |
alanb@368 | 57 | private static final Logger LOGGER = Logger.getLogger(XmlFactory.class.getName()); |
alanb@368 | 58 | |
alanb@368 | 59 | /** |
alanb@368 | 60 | * If true XML security features when parsing XML documents will be disabled. |
alanb@368 | 61 | * The default value is false. |
alanb@368 | 62 | * |
alanb@368 | 63 | * Boolean |
alanb@368 | 64 | * @since 2.2.6 |
alanb@368 | 65 | */ |
alanb@368 | 66 | private static final String DISABLE_XML_SECURITY = "com.sun.xml.internal.bind.disableXmlSecurity"; |
alanb@368 | 67 | |
alanb@368 | 68 | public static final boolean DISABLE_SECURE_PROCESSING = |
alanb@368 | 69 | Boolean.parseBoolean(Util.getSystemProperty(DISABLE_XML_SECURITY)); |
alanb@368 | 70 | |
alanb@368 | 71 | private static boolean xmlFeatureValue(boolean runtimeSetting) { |
alanb@368 | 72 | return !(DISABLE_SECURE_PROCESSING || runtimeSetting); |
alanb@368 | 73 | } |
alanb@368 | 74 | |
alanb@368 | 75 | /** |
alanb@368 | 76 | * Returns properly configured (e.g. security features) schema factory |
alanb@368 | 77 | * - namespaceAware == true |
alanb@368 | 78 | * - securityProcessing == is set based on security processing property, default is true |
alanb@368 | 79 | */ |
alanb@368 | 80 | public static SchemaFactory createSchemaFactory(final String language, boolean disableSecureProcessing) throws IllegalStateException { |
alanb@368 | 81 | try { |
alanb@368 | 82 | SchemaFactory factory = SchemaFactory.newInstance(language); |
alanb@368 | 83 | if (LOGGER.isLoggable(Level.FINE)) { |
alanb@368 | 84 | LOGGER.log(Level.FINE, "SchemaFactory instance: {0}", factory); |
alanb@368 | 85 | } |
alanb@368 | 86 | factory.setFeature(XMLConstants.FEATURE_SECURE_PROCESSING, xmlFeatureValue(disableSecureProcessing)); |
alanb@368 | 87 | return factory; |
alanb@368 | 88 | } catch (SAXNotRecognizedException ex) { |
alanb@368 | 89 | LOGGER.log(Level.SEVERE, null, ex); |
alanb@368 | 90 | throw new IllegalStateException(ex); |
alanb@368 | 91 | } catch (SAXNotSupportedException ex) { |
alanb@368 | 92 | LOGGER.log(Level.SEVERE, null, ex); |
alanb@368 | 93 | throw new IllegalStateException(ex); |
alanb@368 | 94 | } catch (AbstractMethodError er) { |
alanb@368 | 95 | LOGGER.log(Level.SEVERE, null, er); |
alanb@368 | 96 | throw new IllegalStateException(Messages.INVALID_JAXP_IMPLEMENTATION.format(), er); |
alanb@368 | 97 | } |
alanb@368 | 98 | } |
alanb@368 | 99 | |
alanb@368 | 100 | /** |
alanb@368 | 101 | * Returns properly configured (e.g. security features) parser factory |
alanb@368 | 102 | * - namespaceAware == true |
alanb@368 | 103 | * - securityProcessing == is set based on security processing property, default is true |
alanb@368 | 104 | */ |
alanb@368 | 105 | public static SAXParserFactory createParserFactory(boolean disableSecureProcessing) throws IllegalStateException { |
alanb@368 | 106 | try { |
alanb@368 | 107 | SAXParserFactory factory = SAXParserFactory.newInstance(); |
alanb@368 | 108 | if (LOGGER.isLoggable(Level.FINE)) { |
alanb@368 | 109 | LOGGER.log(Level.FINE, "SAXParserFactory instance: {0}", factory); |
alanb@368 | 110 | } |
alanb@368 | 111 | factory.setNamespaceAware(true); |
alanb@368 | 112 | factory.setFeature(XMLConstants.FEATURE_SECURE_PROCESSING, xmlFeatureValue(disableSecureProcessing)); |
alanb@368 | 113 | return factory; |
alanb@368 | 114 | } catch (ParserConfigurationException ex) { |
alanb@368 | 115 | LOGGER.log(Level.SEVERE, null, ex); |
alanb@368 | 116 | throw new IllegalStateException( ex); |
alanb@368 | 117 | } catch (SAXNotRecognizedException ex) { |
alanb@368 | 118 | LOGGER.log(Level.SEVERE, null, ex); |
alanb@368 | 119 | throw new IllegalStateException( ex); |
alanb@368 | 120 | } catch (SAXNotSupportedException ex) { |
alanb@368 | 121 | LOGGER.log(Level.SEVERE, null, ex); |
alanb@368 | 122 | throw new IllegalStateException( ex); |
alanb@368 | 123 | } catch (AbstractMethodError er) { |
alanb@368 | 124 | LOGGER.log(Level.SEVERE, null, er); |
alanb@368 | 125 | throw new IllegalStateException(Messages.INVALID_JAXP_IMPLEMENTATION.format(), er); |
alanb@368 | 126 | } |
alanb@368 | 127 | } |
alanb@368 | 128 | |
alanb@368 | 129 | /** |
alanb@368 | 130 | * Returns properly configured (e.g. security features) factory |
alanb@368 | 131 | * - securityProcessing == is set based on security processing property, default is true |
alanb@368 | 132 | */ |
alanb@368 | 133 | public static XPathFactory createXPathFactory(boolean disableSecureProcessing) throws IllegalStateException { |
alanb@368 | 134 | try { |
alanb@368 | 135 | XPathFactory factory = XPathFactory.newInstance(); |
alanb@368 | 136 | if (LOGGER.isLoggable(Level.FINE)) { |
alanb@368 | 137 | LOGGER.log(Level.FINE, "XPathFactory instance: {0}", factory); |
alanb@368 | 138 | } |
alanb@368 | 139 | factory.setFeature(XMLConstants.FEATURE_SECURE_PROCESSING, xmlFeatureValue(disableSecureProcessing)); |
alanb@368 | 140 | return factory; |
alanb@368 | 141 | } catch (XPathFactoryConfigurationException ex) { |
alanb@368 | 142 | LOGGER.log(Level.SEVERE, null, ex); |
alanb@368 | 143 | throw new IllegalStateException( ex); |
alanb@368 | 144 | } catch (AbstractMethodError er) { |
alanb@368 | 145 | LOGGER.log(Level.SEVERE, null, er); |
alanb@368 | 146 | throw new IllegalStateException(Messages.INVALID_JAXP_IMPLEMENTATION.format(), er); |
alanb@368 | 147 | } |
alanb@368 | 148 | } |
alanb@368 | 149 | |
alanb@368 | 150 | /** |
alanb@368 | 151 | * Returns properly configured (e.g. security features) factory |
alanb@368 | 152 | * - securityProcessing == is set based on security processing property, default is true |
alanb@368 | 153 | */ |
alanb@368 | 154 | public static TransformerFactory createTransformerFactory(boolean disableSecureProcessing) throws IllegalStateException { |
alanb@368 | 155 | try { |
alanb@368 | 156 | TransformerFactory factory = TransformerFactory.newInstance(); |
alanb@368 | 157 | if (LOGGER.isLoggable(Level.FINE)) { |
alanb@368 | 158 | LOGGER.log(Level.FINE, "TransformerFactory instance: {0}", factory); |
alanb@368 | 159 | } |
alanb@368 | 160 | factory.setFeature(XMLConstants.FEATURE_SECURE_PROCESSING, xmlFeatureValue(disableSecureProcessing)); |
alanb@368 | 161 | return factory; |
alanb@368 | 162 | } catch (TransformerConfigurationException ex) { |
alanb@368 | 163 | LOGGER.log(Level.SEVERE, null, ex); |
alanb@368 | 164 | throw new IllegalStateException( ex); |
alanb@368 | 165 | } catch (AbstractMethodError er) { |
alanb@368 | 166 | LOGGER.log(Level.SEVERE, null, er); |
alanb@368 | 167 | throw new IllegalStateException(Messages.INVALID_JAXP_IMPLEMENTATION.format(), er); |
alanb@368 | 168 | } |
alanb@368 | 169 | } |
alanb@368 | 170 | |
alanb@368 | 171 | /** |
alanb@368 | 172 | * Returns properly configured (e.g. security features) factory |
alanb@368 | 173 | * - namespaceAware == true |
alanb@368 | 174 | * - securityProcessing == is set based on security processing property, default is true |
alanb@368 | 175 | */ |
alanb@368 | 176 | public static DocumentBuilderFactory createDocumentBuilderFactory(boolean disableSecureProcessing) throws IllegalStateException { |
alanb@368 | 177 | try { |
alanb@368 | 178 | DocumentBuilderFactory factory = DocumentBuilderFactory.newInstance(); |
alanb@368 | 179 | if (LOGGER.isLoggable(Level.FINE)) { |
alanb@368 | 180 | LOGGER.log(Level.FINE, "DocumentBuilderFactory instance: {0}", factory); |
alanb@368 | 181 | } |
alanb@368 | 182 | factory.setNamespaceAware(true); |
alanb@368 | 183 | factory.setFeature(XMLConstants.FEATURE_SECURE_PROCESSING, xmlFeatureValue(disableSecureProcessing)); |
alanb@368 | 184 | return factory; |
alanb@368 | 185 | } catch (ParserConfigurationException ex) { |
alanb@368 | 186 | LOGGER.log(Level.SEVERE, null, ex); |
alanb@368 | 187 | throw new IllegalStateException( ex); |
alanb@368 | 188 | } catch (AbstractMethodError er) { |
alanb@368 | 189 | LOGGER.log(Level.SEVERE, null, er); |
alanb@368 | 190 | throw new IllegalStateException(Messages.INVALID_JAXP_IMPLEMENTATION.format(), er); |
alanb@368 | 191 | } |
alanb@368 | 192 | } |
alanb@368 | 193 | |
mkos@397 | 194 | public static SchemaFactory allowFileAccess(SchemaFactory sf, boolean disableSecureProcessing) { |
mkos@397 | 195 | |
mkos@397 | 196 | // if feature secure processing enabled, nothing to do, file is allowed, |
mkos@397 | 197 | // or user is able to control access by standard JAXP mechanisms |
mkos@397 | 198 | if (disableSecureProcessing) { |
mkos@397 | 199 | return sf; |
mkos@397 | 200 | } |
mkos@397 | 201 | |
mkos@397 | 202 | try { |
mkos@397 | 203 | sf.setProperty(ACCESS_EXTERNAL_SCHEMA, "file"); |
mkos@397 | 204 | LOGGER.log(Level.FINE, Messages.JAXP_SUPPORTED_PROPERTY.format(ACCESS_EXTERNAL_SCHEMA)); |
mkos@397 | 205 | } catch (SAXException ignored) { |
mkos@397 | 206 | // nothing to do; support depends on version JDK or SAX implementation |
mkos@397 | 207 | LOGGER.log(Level.CONFIG, Messages.JAXP_UNSUPPORTED_PROPERTY.format(ACCESS_EXTERNAL_SCHEMA), ignored); |
mkos@397 | 208 | } |
mkos@397 | 209 | return sf; |
mkos@397 | 210 | } |
mkos@397 | 211 | |
alanb@368 | 212 | } |