From 9617ac0bcc68ed2252d60094b26faa84e1d02ba7 Mon Sep 17 00:00:00 2001 From: fsgonz Date: Thu, 26 Dec 2024 12:09:36 -0300 Subject: [PATCH] Test removal AccessController --- .../runtime/core/api/util/ClassUtils.java | 103 ++++++++---------- .../mule/runtime/core/api/util/IOUtils.java | 4 +- .../util/concurrent/NamedThreadFactory.java | 13 +-- .../internal/DefaultMuleManifest.java | 7 +- .../api/MuleContainerBootstrapUtils.java | 17 ++- .../service/internal/util/ClassUtils.java | 53 ++++----- 6 files changed, 76 insertions(+), 121 deletions(-) diff --git a/core/src/main/java/org/mule/runtime/core/api/util/ClassUtils.java b/core/src/main/java/org/mule/runtime/core/api/util/ClassUtils.java index d6995204536b..53c6a374303a 100644 --- a/core/src/main/java/org/mule/runtime/core/api/util/ClassUtils.java +++ b/core/src/main/java/org/mule/runtime/core/api/util/ClassUtils.java @@ -40,7 +40,6 @@ import java.lang.reflect.Proxy; import java.net.MalformedURLException; import java.net.URL; -import java.security.AccessController; import java.security.CodeSource; import java.security.PrivilegedAction; import java.util.Collections; @@ -124,18 +123,15 @@ public static boolean isConcrete(Class clazz) { * @return A URL pointing to the resource to load or null if the resource is not found */ public static URL getResource(final String resourceName, final Class callingClass) { - URL url = AccessController.doPrivileged((PrivilegedAction) () -> { - final ClassLoader cl = Thread.currentThread().getContextClassLoader(); - return cl != null ? cl.getResource(resourceName) : null; - }); + ClassLoader cl = Thread.currentThread().getContextClassLoader(); + URL url = cl != null ? cl.getResource(resourceName) : null; if (url == null) { - url = AccessController - .doPrivileged((PrivilegedAction) () -> ClassUtils.class.getClassLoader().getResource(resourceName)); + url = ClassUtils.class.getClassLoader().getResource(resourceName); } if (url == null) { - url = AccessController.doPrivileged((PrivilegedAction) () -> callingClass.getClassLoader().getResource(resourceName)); + url = callingClass.getClassLoader().getResource(resourceName); } return url; @@ -150,8 +146,7 @@ public static URL getResource(final String resourceName, final Class callingC * @return the {@link URL} pointing to the resource. */ public static URL getResourceOrFail(final String resourceName, ClassLoader classLoader, boolean tryAbsolutePath) { - URL url = AccessController - .doPrivileged((PrivilegedAction) () -> classLoader != null ? classLoader.getResource(resourceName) : null); + URL url = classLoader != null ? classLoader.getResource(resourceName) : null; if (url != null) { return url; } @@ -219,33 +214,28 @@ public static Enumeration getResources(final String resourceName, final Cla checkArgument(!isEmpty(resourceName), "ResourceName cannot be empty"); checkArgument(fallbackClassLoader != null, "FallbackClassLoader cannot be null"); - Enumeration enumeration = AccessController.doPrivileged((PrivilegedAction>) () -> { + Enumeration enumeration = null; + try { + final ClassLoader cl = Thread.currentThread().getContextClassLoader(); + enumeration = cl != null ? cl.getResources(resourceName) : null; + } catch (IOException e) { + // Nothing to do. + } + + if (enumeration == null) { try { - final ClassLoader cl = Thread.currentThread().getContextClassLoader(); - return cl != null ? cl.getResources(resourceName) : null; + enumeration = ClassUtils.class.getClassLoader().getResources(resourceName); } catch (IOException e) { - return null; + // Nothing to do. } - }); - - if (enumeration == null) { - enumeration = AccessController.doPrivileged((PrivilegedAction>) () -> { - try { - return ClassUtils.class.getClassLoader().getResources(resourceName); - } catch (IOException e) { - return null; - } - }); } if (enumeration == null) { - enumeration = AccessController.doPrivileged((PrivilegedAction>) () -> { - try { - return fallbackClassLoader.getResources(resourceName); - } catch (IOException e) { - return null; - } - }); + try { + enumeration = fallbackClassLoader.getResources(resourceName); + } catch (IOException e) { + // Nothing to do. + } } return enumeration; @@ -297,44 +287,37 @@ public static T loadClass(final String className, final Class< } } - Class clazz = AccessController.doPrivileged((PrivilegedAction>) () -> { - try { - final ClassLoader cl = Thread.currentThread().getContextClassLoader(); - return cl != null ? cl.loadClass(className) : null; + Class clazz = null; + try { + final ClassLoader cl = Thread.currentThread().getContextClassLoader(); + clazz = cl != null ? cl.loadClass(className) : null; - } catch (ClassNotFoundException e) { - return null; - } - }); + } catch (ClassNotFoundException e) { + return null; + } if (clazz == null) { - clazz = AccessController.doPrivileged((PrivilegedAction>) () -> { - try { - return Class.forName(className); - } catch (ClassNotFoundException e) { - return null; - } - }); + try { + clazz = Class.forName(className); + } catch (ClassNotFoundException e) { + // Nothing to do. + } } if (clazz == null) { - clazz = AccessController.doPrivileged((PrivilegedAction>) () -> { - try { - return ClassUtils.class.getClassLoader().loadClass(className); - } catch (ClassNotFoundException e) { - return null; - } - }); + try { + clazz = ClassUtils.class.getClassLoader().loadClass(className); + } catch (ClassNotFoundException e) { + return null; + } } if (clazz == null) { - clazz = AccessController.doPrivileged((PrivilegedAction>) () -> { - try { - return callingClass.getClassLoader().loadClass(className); - } catch (ClassNotFoundException e) { - return null; - } - }); + try { + clazz = callingClass.getClassLoader().loadClass(className); + } catch (ClassNotFoundException e) { + return null; + } } if (clazz == null) { diff --git a/core/src/main/java/org/mule/runtime/core/api/util/IOUtils.java b/core/src/main/java/org/mule/runtime/core/api/util/IOUtils.java index 670324fb403d..0de4e5a98685 100644 --- a/core/src/main/java/org/mule/runtime/core/api/util/IOUtils.java +++ b/core/src/main/java/org/mule/runtime/core/api/util/IOUtils.java @@ -26,8 +26,6 @@ import java.net.MalformedURLException; import java.net.URL; import java.nio.charset.Charset; -import java.security.AccessController; -import java.security.PrivilegedAction; import org.slf4j.Logger; @@ -136,7 +134,7 @@ public static URL getResourceAsUrl(final String resourceName, final Class callin // Try to load the resource from the classpath. if (url == null) { try { - url = (URL) AccessController.doPrivileged((PrivilegedAction) () -> ClassUtils.getResource(resourceName, callingClass)); + url = ClassUtils.getResource(resourceName, callingClass); if (url == null) { logger.debug("Unable to load resource " + resourceName + " from the classpath"); } diff --git a/core/src/main/java/org/mule/runtime/core/api/util/concurrent/NamedThreadFactory.java b/core/src/main/java/org/mule/runtime/core/api/util/concurrent/NamedThreadFactory.java index cb63c7abb421..59b41d158fb5 100644 --- a/core/src/main/java/org/mule/runtime/core/api/util/concurrent/NamedThreadFactory.java +++ b/core/src/main/java/org/mule/runtime/core/api/util/concurrent/NamedThreadFactory.java @@ -7,21 +7,15 @@ package org.mule.runtime.core.api.util.concurrent; import static java.lang.String.format; -import static java.security.AccessController.doPrivileged; -import static java.security.AccessController.getContext; import static org.mule.runtime.core.api.util.ClassUtils.withContextClassLoader; import org.mule.runtime.core.api.util.StringUtils; -import java.security.AccessControlContext; -import java.security.PrivilegedAction; import java.util.concurrent.atomic.AtomicLong; import java.util.function.Supplier; public class NamedThreadFactory implements java.util.concurrent.ThreadFactory { - private static final AccessControlContext ACCESS_CONTROL_CTX = getContext(); - private final String name; private final AtomicLong counter; private final ClassLoader contextClassLoader; @@ -60,12 +54,7 @@ public Thread newThread(Runnable runnable) { }; if (contextClassLoader != null) { - return withContextClassLoader(this.getClass().getClassLoader(), () -> { - // Avoid the created thread to inherit the security context of the caller thread's stack. - // If the thread creation is triggered by a deployable artifact classloader, a reference to it would be kept by the - // created thread without this doProvileged call. - return doPrivileged((PrivilegedAction) () -> tf.get(), ACCESS_CONTROL_CTX); - }); + return withContextClassLoader(this.getClass().getClassLoader(), tf::get); } else { return tf.get(); } diff --git a/manifest/src/main/java/org/mule/runtime/manifest/internal/DefaultMuleManifest.java b/manifest/src/main/java/org/mule/runtime/manifest/internal/DefaultMuleManifest.java index ebd39f58849a..7201f2ec39e3 100644 --- a/manifest/src/main/java/org/mule/runtime/manifest/internal/DefaultMuleManifest.java +++ b/manifest/src/main/java/org/mule/runtime/manifest/internal/DefaultMuleManifest.java @@ -14,8 +14,6 @@ import java.io.InputStream; import java.net.URL; import java.net.URLConnection; -import java.security.AccessController; -import java.security.PrivilegedAction; import java.util.Enumeration; import java.util.Properties; import java.util.SortedMap; @@ -154,7 +152,7 @@ public synchronized Manifest getManifest() { try { // We want to load the MANIFEST.MF from the mule-core jar. Sine we // don't know the version we're using we have to search for the jar on the classpath - URL url = AccessController.doPrivileged(new UrlPrivilegedAction()); + URL url = new UrlPrivilegedAction().run(); if (url != null) { URLConnection urlConnection = url.openConnection(); @@ -179,12 +177,11 @@ private static String getManifestProperty(String name) { return get().getManifest().getMainAttributes().getValue(new Attributes.Name(name)); } - static class UrlPrivilegedAction implements PrivilegedAction { + static class UrlPrivilegedAction { private static final Pattern EMBEDDED_JAR_PATTERN = compile("mule[^-]*-[^-]*-embedded"); private static final String MANIFEST_PATH = "META-INF/MANIFEST.MF"; - @Override public URL run() { URL result = null; try { diff --git a/modules/boot-api/src/main/java/org/mule/runtime/module/reboot/api/MuleContainerBootstrapUtils.java b/modules/boot-api/src/main/java/org/mule/runtime/module/reboot/api/MuleContainerBootstrapUtils.java index 98062261597a..27089d4314b7 100755 --- a/modules/boot-api/src/main/java/org/mule/runtime/module/reboot/api/MuleContainerBootstrapUtils.java +++ b/modules/boot-api/src/main/java/org/mule/runtime/module/reboot/api/MuleContainerBootstrapUtils.java @@ -12,8 +12,6 @@ import java.io.File; import java.io.IOException; import java.net.URL; -import java.security.AccessController; -import java.security.PrivilegedAction; /** * @deprecated use org.mule.runtime.core.internal.util.MuleContainerUtils instead. @@ -121,19 +119,18 @@ public static File getMuleConfDir() { * @see org.mule.runtime.core.api.util.ClassUtils#getResource */ public static URL getResource(final String resourceName, final Class callingClass) { - URL url = AccessController.doPrivileged((PrivilegedAction) () -> { - final ClassLoader cl = Thread.currentThread().getContextClassLoader(); - return cl != null ? cl.getResource(resourceName) : null; - }); + URL url = null; + final ClassLoader cl = Thread.currentThread().getContextClassLoader(); + url = cl != null ? cl.getResource(resourceName) : null; + if (url == null) { - url = AccessController - .doPrivileged((PrivilegedAction) () -> MuleContainerBootstrapUtils.class.getClassLoader() - .getResource(resourceName)); + url = MuleContainerBootstrapUtils.class.getClassLoader() + .getResource(resourceName); } if (url == null) { - url = AccessController.doPrivileged((PrivilegedAction) () -> callingClass.getClassLoader().getResource(resourceName)); + url = callingClass.getClassLoader().getResource(resourceName); } return url; diff --git a/modules/service/src/main/java/org/mule/runtime/module/service/internal/util/ClassUtils.java b/modules/service/src/main/java/org/mule/runtime/module/service/internal/util/ClassUtils.java index 5f5d8294987e..8168b06e8e97 100644 --- a/modules/service/src/main/java/org/mule/runtime/module/service/internal/util/ClassUtils.java +++ b/modules/service/src/main/java/org/mule/runtime/module/service/internal/util/ClassUtils.java @@ -11,8 +11,6 @@ import java.lang.reflect.Constructor; import java.lang.reflect.InvocationTargetException; -import java.security.AccessController; -import java.security.PrivilegedAction; import java.util.HashMap; import java.util.HashSet; import java.util.Map; @@ -95,44 +93,37 @@ public static T loadClass(final String className, final Class< } } - Class clazz = AccessController.doPrivileged((PrivilegedAction>) () -> { - try { - final ClassLoader cl = Thread.currentThread().getContextClassLoader(); - return cl != null ? cl.loadClass(className) : null; + Class clazz = null; - } catch (ClassNotFoundException e) { - return null; - } - }); + try { + final ClassLoader cl = Thread.currentThread().getContextClassLoader(); + clazz = cl != null ? cl.loadClass(className) : null; + } catch (ClassNotFoundException e) { + // Nothing to do. + } if (clazz == null) { - clazz = AccessController.doPrivileged((PrivilegedAction>) () -> { - try { - return Class.forName(className); - } catch (ClassNotFoundException e) { - return null; - } - }); + try { + clazz = Class.forName(className); + } catch (ClassNotFoundException e) { + // Nothing to do. + } } if (clazz == null) { - clazz = AccessController.doPrivileged((PrivilegedAction>) () -> { - try { - return ClassUtils.class.getClassLoader().loadClass(className); - } catch (ClassNotFoundException e) { - return null; - } - }); + try { + clazz = ClassUtils.class.getClassLoader().loadClass(className); + } catch (ClassNotFoundException e) { + return null; + } } if (clazz == null) { - clazz = AccessController.doPrivileged((PrivilegedAction>) () -> { - try { - return callingClass.getClassLoader().loadClass(className); - } catch (ClassNotFoundException e) { - return null; - } - }); + try { + clazz = callingClass.getClassLoader().loadClass(className); + } catch (ClassNotFoundException e) { + // Nothing to do. + } } if (clazz == null) {