Bug#500441: Eclipselink core has System.getProperty() calls potentially
outside doPriv()
Signed-off-by: Will Dazey <dazeydev.3@gmail.com>
Reviewed-by: Joe Grassel <fyrewyld@gmail.com>
diff --git a/foundation/org.eclipse.persistence.core/src/org/eclipse/persistence/dynamic/DynamicClassLoader.java b/foundation/org.eclipse.persistence.core/src/org/eclipse/persistence/dynamic/DynamicClassLoader.java
index 9e850aa..585fc65 100644
--- a/foundation/org.eclipse.persistence.core/src/org/eclipse/persistence/dynamic/DynamicClassLoader.java
+++ b/foundation/org.eclipse.persistence.core/src/org/eclipse/persistence/dynamic/DynamicClassLoader.java
@@ -17,8 +17,6 @@
******************************************************************************/
package org.eclipse.persistence.dynamic;
-import java.security.AccessController;
-import java.security.PrivilegedAction;
//javase imports
import java.util.ArrayList;
import java.util.HashMap;
@@ -214,14 +212,7 @@ protected Class<?> findClass(String className) throws ClassNotFoundException {
try {
byte[] bytes = writer.writeClass(this, className);
if (bytes != null) {
- String outputPath = PrivilegedAccessHelper.shouldUsePrivilegedAccess() ?
- AccessController.doPrivileged(new PrivilegedAction<String>() {
- @Override
- public String run() {
- return System.getProperty(SystemProperties.WEAVING_OUTPUT_PATH, "");
- }
- })
- : System.getProperty(SystemProperties.WEAVING_OUTPUT_PATH, "");
+ String outputPath = PrivilegedAccessHelper.getSystemProperty(SystemProperties.WEAVING_OUTPUT_PATH, "");
if (!outputPath.equals("")) {
Helper.outputClassFile(className, bytes, outputPath);
diff --git a/foundation/org.eclipse.persistence.core/src/org/eclipse/persistence/exceptions/EclipseLinkException.java b/foundation/org.eclipse.persistence.core/src/org/eclipse/persistence/exceptions/EclipseLinkException.java
index f2f3ba4..906cb36 100644
--- a/foundation/org.eclipse.persistence.core/src/org/eclipse/persistence/exceptions/EclipseLinkException.java
+++ b/foundation/org.eclipse.persistence.core/src/org/eclipse/persistence/exceptions/EclipseLinkException.java
@@ -17,8 +17,6 @@
import java.io.PrintStream;
import java.io.PrintWriter;
import java.io.StringWriter;
-import java.security.AccessController;
-import java.security.PrivilegedAction;
import org.eclipse.persistence.exceptions.i18n.ExceptionMessageGenerator;
import org.eclipse.persistence.internal.security.PrivilegedAccessHelper;
@@ -34,22 +32,10 @@ public abstract class EclipseLinkException extends RuntimeException {
protected static Boolean shouldPrintInternalException = null;
protected String indentationString;
protected int errorCode;
- protected static final String CR;
+ protected static final String CR = PrivilegedAccessHelper.getSystemProperty("line.separator");
//Bug#3559280 Added to avoid logging an exception twice
protected boolean hasBeenLogged;
- static {
- // bug 2756643
- CR = PrivilegedAccessHelper.shouldUsePrivilegedAccess() ?
- AccessController.doPrivileged(new PrivilegedAction<String>() {
- @Override
- public String run() {
- return System.getProperty("line.separator");
- }
- })
- : System.getProperty("line.separator");
- }
-
/**
* INTERNAL:
* Return a new exception.
diff --git a/foundation/org.eclipse.persistence.core/src/org/eclipse/persistence/exceptions/i18n/ExceptionMessageGenerator.java b/foundation/org.eclipse.persistence.core/src/org/eclipse/persistence/exceptions/i18n/ExceptionMessageGenerator.java
index ac4b747..a0ab7c3 100644
--- a/foundation/org.eclipse.persistence.core/src/org/eclipse/persistence/exceptions/i18n/ExceptionMessageGenerator.java
+++ b/foundation/org.eclipse.persistence.core/src/org/eclipse/persistence/exceptions/i18n/ExceptionMessageGenerator.java
@@ -14,8 +14,6 @@
******************************************************************************/
package org.eclipse.persistence.exceptions.i18n;
-import java.security.AccessController;
-import java.security.PrivilegedAction;
import java.text.MessageFormat;
import java.util.Locale;
import java.util.ResourceBundle;
@@ -33,18 +31,7 @@
* @author: Rick Barkhouse
*/
public class ExceptionMessageGenerator {
- private final static String CR;
-
- static {
- CR = PrivilegedAccessHelper.shouldUsePrivilegedAccess() ?
- AccessController.doPrivileged(new PrivilegedAction<String>() {
- @Override
- public String run() {
- return System.getProperty("line.separator");
- }
- })
- : System.getProperty("line.separator");
- }
+ private final static String CR = PrivilegedAccessHelper.getSystemProperty("line.separator");
/**
* Return the loader for loading the resource bundles.
diff --git a/foundation/org.eclipse.persistence.core/src/org/eclipse/persistence/internal/core/helper/CoreHelper.java b/foundation/org.eclipse.persistence.core/src/org/eclipse/persistence/internal/core/helper/CoreHelper.java
index aa5c5b5..b29ed6e 100644
--- a/foundation/org.eclipse.persistence.core/src/org/eclipse/persistence/internal/core/helper/CoreHelper.java
+++ b/foundation/org.eclipse.persistence.core/src/org/eclipse/persistence/internal/core/helper/CoreHelper.java
@@ -14,27 +14,12 @@
******************************************************************************/
package org.eclipse.persistence.internal.core.helper;
-import java.security.AccessController;
-import java.security.PrivilegedAction;
-
import org.eclipse.persistence.internal.security.PrivilegedAccessHelper;
public class CoreHelper {
/** Store CR string, for some reason \n is not platform independent. */
- protected final static String CR;
-
- static {
- // bug 2756643
- CR = PrivilegedAccessHelper.shouldUsePrivilegedAccess() ?
- AccessController.doPrivileged(new PrivilegedAction<String>() {
- @Override
- public String run() {
- return System.getProperty("line.separator");
- }
- })
- : System.getProperty("line.separator");
- }
+ protected static String CR = null;
/**
* Return a string containing the platform-appropriate
@@ -42,6 +27,9 @@ public String run() {
*/
public static String cr() {
// bug 2756643
+ if (CR == null) {
+ CR = PrivilegedAccessHelper.getSystemProperty("line.separator");
+ }
return CR;
}
diff --git a/foundation/org.eclipse.persistence.core/src/org/eclipse/persistence/internal/helper/ConcurrencyManager.java b/foundation/org.eclipse.persistence.core/src/org/eclipse/persistence/internal/helper/ConcurrencyManager.java
index a30cc91..18805b9 100644
--- a/foundation/org.eclipse.persistence.core/src/org/eclipse/persistence/internal/helper/ConcurrencyManager.java
+++ b/foundation/org.eclipse.persistence.core/src/org/eclipse/persistence/internal/helper/ConcurrencyManager.java
@@ -42,7 +42,7 @@ public class ConcurrencyManager implements Serializable {
public static final Map<Thread, DeferredLockManager> deferredLockManagers = initializeDeferredLockManagers();
- protected static boolean shouldTrackStack = getPropertyRecordStackOnLock() != null;
+ protected static boolean shouldTrackStack = PrivilegedAccessHelper.getSystemProperty(SystemProperties.RECORD_STACK_ON_LOCK) != null;
protected int numberOfReaders;
protected int depth;
diff --git a/foundation/org.eclipse.persistence.core/src/org/eclipse/persistence/internal/helper/Helper.java b/foundation/org.eclipse.persistence.core/src/org/eclipse/persistence/internal/helper/Helper.java
index 3d79ce4..b91e54e 100644
--- a/foundation/org.eclipse.persistence.core/src/org/eclipse/persistence/internal/helper/Helper.java
+++ b/foundation/org.eclipse.persistence.core/src/org/eclipse/persistence/internal/helper/Helper.java
@@ -36,7 +36,6 @@
import java.net.URI;
import java.net.URISyntaxException;
import java.security.AccessController;
-import java.security.PrivilegedAction;
import java.security.PrivilegedActionException;
import java.sql.Timestamp;
import java.util.ArrayList;
@@ -94,7 +93,7 @@ public class Helper extends CoreHelper implements Serializable {
// Changed static initialization to lazy initialization for bug 2756643
/** Store CR string, for some reason \n is not platform independent. */
- protected final static String CR;
+ protected static String CR;
/** formatting strings for indenting */
public static final String SPACE = " ";
@@ -142,18 +141,6 @@ public class Helper extends CoreHelper implements Serializable {
private static String defaultStartDatabaseDelimiter = null;
private static String defaultEndDatabaseDelimiter = null;
- static {
- // bug 2756643
- CR = PrivilegedAccessHelper.shouldUsePrivilegedAccess() ?
- AccessController.doPrivileged(new PrivilegedAction<String>() {
- @Override
- public String run() {
- return System.getProperty("line.separator");
- }
- })
- : System.getProperty("line.separator");
- }
-
/**
* Return if JDBC date access should be optimized.
*/
@@ -816,6 +803,9 @@ public static Vector copyVector(List originalVector, int startIndex, int stopInd
* characters for carriage return.
*/
public static String cr() {
+ if (CR == null) {
+ CR = PrivilegedAccessHelper.getSystemProperty("line.separator");
+ }
return CR;
}
@@ -825,14 +815,7 @@ public static String cr() {
public static String currentWorkingDirectory() {
// bug 2756643
if (CURRENT_WORKING_DIRECTORY == null) {
- CURRENT_WORKING_DIRECTORY = PrivilegedAccessHelper.shouldUsePrivilegedAccess() ?
- AccessController.doPrivileged(new PrivilegedAction<String>() {
- @Override
- public String run() {
- return System.getProperty("user.dir");
- }
- })
- : System.getProperty("user.dir");
+ CURRENT_WORKING_DIRECTORY = PrivilegedAccessHelper.getSystemProperty("user.dir");
}
return CURRENT_WORKING_DIRECTORY;
}
@@ -843,14 +826,7 @@ public String run() {
public static String tempDirectory() {
// Bug 2756643
if (TEMP_DIRECTORY == null) {
- TEMP_DIRECTORY = PrivilegedAccessHelper.shouldUsePrivilegedAccess() ?
- AccessController.doPrivileged(new PrivilegedAction<String>() {
- @Override
- public String run() {
- return System.getProperty("java.io.tmpdir");
- }
- })
- : System.getProperty("java.io.tmpdir");
+ TEMP_DIRECTORY = PrivilegedAccessHelper.getSystemProperty("java.io.tmpdir");
}
return TEMP_DIRECTORY;
}
@@ -983,14 +959,7 @@ public static String extractJarNameFromURL(java.net.URL url) {
public static String fileSeparator() {
//Bug 2756643
if (FILE_SEPARATOR == null) {
- FILE_SEPARATOR = PrivilegedAccessHelper.shouldUsePrivilegedAccess() ?
- AccessController.doPrivileged(new PrivilegedAction<String>() {
- @Override
- public String run() {
- return System.getProperty("file.separator");
- }
- })
- : System.getProperty("file.separator");
+ FILE_SEPARATOR = PrivilegedAccessHelper.getSystemProperty("file.separator");
}
return FILE_SEPARATOR;
}
@@ -1260,16 +1229,7 @@ public static void outputClassFile(String className, byte[] classBytes,
"weaver_not_overwriting", file);
}
} else {
- String weavingShouldOverwriteProp = PrivilegedAccessHelper.shouldUsePrivilegedAccess() ?
- AccessController.doPrivileged(new PrivilegedAction<String>() {
- @Override
- public String run() {
- return System.getProperty(SystemProperties.WEAVING_SHOULD_OVERWRITE, "false");
- }
- })
- : System.getProperty(SystemProperties.WEAVING_SHOULD_OVERWRITE, "false");
-
- if (!weavingShouldOverwriteProp.equalsIgnoreCase("true")) {
+ if (!PrivilegedAccessHelper.getSystemProperty(SystemProperties.WEAVING_SHOULD_OVERWRITE, "false").equalsIgnoreCase("true")) {
AbstractSessionLog.getLog().log(SessionLog.WARNING,
SessionLog.WEAVER, "weaver_not_overwriting",
className);
@@ -1296,14 +1256,7 @@ public String run() {
public static String pathSeparator() {
// Bug 2756643
if (PATH_SEPARATOR == null) {
- PATH_SEPARATOR = PrivilegedAccessHelper.shouldUsePrivilegedAccess() ?
- AccessController.doPrivileged(new PrivilegedAction<String>() {
- @Override
- public String run() {
- return System.getProperty("path.separator");
- }
- })
- : System.getProperty("path.separator");
+ PATH_SEPARATOR = PrivilegedAccessHelper.getSystemProperty("path.separator");
}
return PATH_SEPARATOR;
}
diff --git a/foundation/org.eclipse.persistence.core/src/org/eclipse/persistence/internal/helper/JavaVersion.java b/foundation/org.eclipse.persistence.core/src/org/eclipse/persistence/internal/helper/JavaVersion.java
index 0b7f903..cdb0bd6 100644
--- a/foundation/org.eclipse.persistence.core/src/org/eclipse/persistence/internal/helper/JavaVersion.java
+++ b/foundation/org.eclipse.persistence.core/src/org/eclipse/persistence/internal/helper/JavaVersion.java
@@ -12,12 +12,10 @@
******************************************************************************/
package org.eclipse.persistence.internal.helper;
-import java.security.AccessController;
import java.util.regex.Matcher;
import java.util.regex.Pattern;
import org.eclipse.persistence.internal.security.PrivilegedAccessHelper;
-import org.eclipse.persistence.internal.security.PrivilegedGetSystemProperty;
/**
* Java version storage class. Used for version numbers retrieved from
@@ -54,10 +52,7 @@ public final class JavaVersion {
* @return Java specification version {@see String} from JDK system property.
*/
public static String vmVersionString() {
- if (PrivilegedAccessHelper.shouldUsePrivilegedAccess()) {
- return AccessController.doPrivileged(new PrivilegedGetSystemProperty(VM_VERSION_PROPERTY));
- }
- return System.getProperty(VM_VERSION_PROPERTY);
+ return PrivilegedAccessHelper.getSystemProperty(VM_VERSION_PROPERTY);
}
/**
diff --git a/foundation/org.eclipse.persistence.core/src/org/eclipse/persistence/internal/oxm/Constants.java b/foundation/org.eclipse.persistence.core/src/org/eclipse/persistence/internal/oxm/Constants.java
index 0475340..4ab467f 100644
--- a/foundation/org.eclipse.persistence.core/src/org/eclipse/persistence/internal/oxm/Constants.java
+++ b/foundation/org.eclipse.persistence.core/src/org/eclipse/persistence/internal/oxm/Constants.java
@@ -15,8 +15,6 @@
package org.eclipse.persistence.internal.oxm;
import java.nio.charset.Charset;
-import java.security.AccessController;
-import java.security.PrivilegedAction;
import javax.xml.namespace.QName;
@@ -30,7 +28,7 @@ public class Constants {
public static final String BOOLEAN_STRING_TRUE = "true";
public static final String CDATA = "CDATA";
public static final char COLON = ':';
- private static final String CR;
+ private static String CR;
public static final String DEFAULT_XML_ENCODING = "UTF-8";
public static final Charset DEFAULT_CHARSET = Charset.forName(DEFAULT_XML_ENCODING);
public static final char DOT = '.';
@@ -153,18 +151,6 @@ public class Constants {
public static final QName SWA_REF_QNAME = new QName(REF_URL, SWA_REF);
public static final QName EXPECTED_CONTENT_TYPES_QNAME = new QName(XML_MIME_URL, EXPECTED_CONTENT_TYPES);
- static {
- // bug 2756643
- CR = PrivilegedAccessHelper.shouldUsePrivilegedAccess() ?
- AccessController.doPrivileged(new PrivilegedAction<String>() {
- @Override
- public String run() {
- return System.getProperty("line.separator");
- }
- })
- : System.getProperty("line.separator");
- }
-
public static final MediaType APPLICATION_JSON = new MediaType() {
@Override
@@ -198,6 +184,9 @@ public boolean isApplicationXML() {
* characters for carriage return.
*/
public static String cr() {
+ if (CR == null) {
+ CR = PrivilegedAccessHelper.getSystemProperty("line.separator");
+ }
return CR;
}
diff --git a/foundation/org.eclipse.persistence.core/src/org/eclipse/persistence/internal/security/PrivilegedAccessHelper.java b/foundation/org.eclipse.persistence.core/src/org/eclipse/persistence/internal/security/PrivilegedAccessHelper.java
index 746e4f8..5b7f6ac 100644
--- a/foundation/org.eclipse.persistence.core/src/org/eclipse/persistence/internal/security/PrivilegedAccessHelper.java
+++ b/foundation/org.eclipse.persistence.core/src/org/eclipse/persistence/internal/security/PrivilegedAccessHelper.java
@@ -26,12 +26,19 @@
import java.lang.reflect.Method;
import java.security.AccessController;
import java.security.PrivilegedActionException;
+import java.util.Arrays;
+import java.util.Collections;
import java.util.HashMap;
+import java.util.HashSet;
import java.util.Map;
+import java.util.Set;
import org.eclipse.persistence.config.PersistenceUnitProperties;
+import org.eclipse.persistence.config.SystemProperties;
import org.eclipse.persistence.internal.helper.Helper;
import org.eclipse.persistence.internal.localization.ExceptionLocalization;
+import org.eclipse.persistence.platform.server.ServerPlatformBase;
+import org.eclipse.persistence.platform.xml.XMLPlatformFactory;
/**
* INTERNAL:
@@ -51,6 +58,20 @@ public class PrivilegedAccessHelper {
private static boolean shouldCheckPrivilegedAccess = true;
private static boolean shouldUsePrivilegedAccess = false;
+ private final static String[] legalProperties = { "file.separator", "java.io.tmpdir", "java.version", "line.separator", "path.separator", "user.dir",
+ "org.eclipse.persistence.fetchgroupmonitor", "org.eclipse.persistence.querymonitor", "SAP_J2EE_Engine_Version",
+ PersistenceUnitProperties.ECLIPSELINK_PERSISTENCE_XML, PersistenceUnitProperties.JAVASE_DB_INTERACTION,
+ PersistenceUnitProperties.LOGGING_FILE, PersistenceUnitProperties.LOGGING_LEVEL,
+ SystemProperties.ARCHIVE_FACTORY, SystemProperties.DO_NOT_PROCESS_XTOMANY_FOR_QBE, SystemProperties.RECORD_STACK_ON_LOCK,
+ SystemProperties.WEAVING_OUTPUT_PATH, SystemProperties.WEAVING_SHOULD_OVERWRITE, SystemProperties.WEAVING_REFLECTIVE_INTROSPECTION,
+ SystemProperties.DO_NOT_PROCESS_XTOMANY_FOR_QBE,
+ ServerPlatformBase.JMX_REGISTER_RUN_MBEAN_PROPERTY, ServerPlatformBase.JMX_REGISTER_DEV_MBEAN_PROPERTY,
+ XMLPlatformFactory.XML_PLATFORM_PROPERTY};
+ private final static Set<String> legalPropertiesSet = Collections.unmodifiableSet(new HashSet(Arrays.asList(legalProperties)));
+
+ private final static String[] exemptedProperties = { "line.separator" };
+ private final static Set<String> exemptedPropertiesSet = Collections.unmodifiableSet(new HashSet(Arrays.asList(exemptedProperties)));
+
private static Map<String, Class> primitiveClasses;
static {
@@ -360,10 +381,21 @@ public static Class getFieldType(final Field field) {
* or {@code false} otherwise.
*/
private static boolean isIllegalProperty(final String key) {
- return key == null || !(key.startsWith("eclipselink.") || "line.separator".equals(key)
+ return key == null || !(legalPropertiesSet.contains(key) || key.startsWith("eclipselink.")
|| key.startsWith("javax.persistence.") || key.startsWith("org.eclipse.persistence.")
- || key.startsWith("persistence.") || key.startsWith("javax.xml.")
- || PersistenceUnitProperties.JAVASE_DB_INTERACTION.equals(key));
+ || key.startsWith("persistence.") || key.startsWith("javax.xml."));
+ }
+
+ /**
+ * Vet certain System properties as "safe" enough to override defaultUseDoPrivilegedValue setting. Reserved
+ * for properties that must be read before the application server runtime environment is known. Consider
+ * security implications very carefully before adding new system property names to this list.
+ * @param key The name of the {@link System} property.
+ * @return Value of {@code true} if {@code getSystemProperty} is allowed defaultUseDoPrivilegedValue override
+ * or {@code false} otherwise.
+ */
+ private static boolean isExemptedProperty(final String key) {
+ return key != null && exemptedPropertiesSet.contains(key);
}
/**
@@ -379,7 +411,7 @@ public static final String getSystemProperty(final String key) {
throw new IllegalArgumentException(
ExceptionLocalization.buildMessage("unexpect_argument", new Object[] {key}));
}
- if (shouldUsePrivilegedAccess()) {
+ if (isExemptedProperty(key) || shouldUsePrivilegedAccess()) {
return AccessController.doPrivileged(new PrivilegedGetSystemProperty(key));
} else {
return System.getProperty(key);
@@ -400,7 +432,7 @@ public static final String getSystemProperty(final String key, final String def)
throw new IllegalArgumentException(
ExceptionLocalization.buildMessage("unexpect_argument", new Object[] {key}));
}
- if (shouldUsePrivilegedAccess()) {
+ if (isExemptedProperty(key) || shouldUsePrivilegedAccess()) {
return AccessController.doPrivileged(new PrivilegedGetSystemProperty(key, def));
} else {
return System.getProperty(key, def);
diff --git a/foundation/org.eclipse.persistence.core/src/org/eclipse/persistence/internal/sessions/PropertiesHandler.java b/foundation/org.eclipse.persistence.core/src/org/eclipse/persistence/internal/sessions/PropertiesHandler.java
index 9717a45..bb8a64a 100644
--- a/foundation/org.eclipse.persistence.core/src/org/eclipse/persistence/internal/sessions/PropertiesHandler.java
+++ b/foundation/org.eclipse.persistence.core/src/org/eclipse/persistence/internal/sessions/PropertiesHandler.java
@@ -48,6 +48,7 @@
import org.eclipse.persistence.descriptors.DescriptorQueryManager;
import org.eclipse.persistence.internal.localization.ExceptionLocalization;
import org.eclipse.persistence.internal.security.PrivilegedAccessHelper;
+import org.eclipse.persistence.internal.security.PrivilegedGetSystemProperty;
import org.eclipse.persistence.logging.SessionLog;
import org.eclipse.persistence.queries.ObjectLevelReadQuery;
@@ -242,14 +243,11 @@ protected static abstract class Prop {
static String getPropertyValueFromMap(String name, Map m, boolean useSystemAsDefault) {
String value = (String)m.get(name);
if (value == null && useSystemAsDefault) {
- value = PrivilegedAccessHelper.shouldUsePrivilegedAccess() ?
- AccessController.doPrivileged(new PrivilegedAction<String>() {
- @Override
- public String run() {
- return System.getProperty(name);
- }
- })
- : System.getProperty(name);
+ if (PrivilegedAccessHelper.shouldUsePrivilegedAccess()) {
+ value = AccessController.doPrivileged(new PrivilegedGetSystemProperty(name));
+ } else {
+ value = System.getProperty(name);
+ }
}
return value;
diff --git a/foundation/org.eclipse.persistence.core/src/org/eclipse/persistence/logging/AbstractSessionLog.java b/foundation/org.eclipse.persistence.core/src/org/eclipse/persistence/logging/AbstractSessionLog.java
index 781b044..49ee0e0 100644
--- a/foundation/org.eclipse.persistence.core/src/org/eclipse/persistence/logging/AbstractSessionLog.java
+++ b/foundation/org.eclipse.persistence.core/src/org/eclipse/persistence/logging/AbstractSessionLog.java
@@ -18,7 +18,6 @@
import java.io.PrintWriter;
import java.io.StringWriter;
import java.io.Writer;
-import java.security.AccessController;
import java.text.DateFormat;
import java.util.Date;
@@ -28,7 +27,6 @@
import org.eclipse.persistence.internal.helper.ConversionManager;
import org.eclipse.persistence.internal.localization.LoggingLocalization;
import org.eclipse.persistence.internal.security.PrivilegedAccessHelper;
-import org.eclipse.persistence.internal.security.PrivilegedGetSystemProperty;
import org.eclipse.persistence.sessions.Session;
/**
@@ -164,10 +162,7 @@ public abstract class AbstractSessionLog implements SessionLog, java.lang.Clonea
* @return The system default log level property value or {@code null} if no such property is set.
*/
private static String getDefaultLoggingLevelProperty() {
- return PrivilegedAccessHelper.shouldUsePrivilegedAccess()
- ? AccessController.doPrivileged(
- new PrivilegedGetSystemProperty(PersistenceUnitProperties.LOGGING_LEVEL))
- : System.getProperty(PersistenceUnitProperties.LOGGING_LEVEL);
+ return PrivilegedAccessHelper.getSystemProperty(PersistenceUnitProperties.LOGGING_LEVEL);
}
/**
diff --git a/foundation/org.eclipse.persistence.core/src/org/eclipse/persistence/mappings/CollectionMapping.java b/foundation/org.eclipse.persistence.core/src/org/eclipse/persistence/mappings/CollectionMapping.java
index 35b1431..d31458a 100644
--- a/foundation/org.eclipse.persistence.core/src/org/eclipse/persistence/mappings/CollectionMapping.java
+++ b/foundation/org.eclipse.persistence.core/src/org/eclipse/persistence/mappings/CollectionMapping.java
@@ -27,8 +27,6 @@
package org.eclipse.persistence.mappings;
import java.beans.PropertyChangeListener;
-import java.security.AccessController;
-import java.security.PrivilegedAction;
import java.util.*;
import org.eclipse.persistence.annotations.OrderCorrectionType;
@@ -337,14 +335,7 @@ public Object buildElementClone(Object element, Object parent, CacheKey parentCa
* ObjectBuilder.
*/
public Expression buildExpression(Object queryObject, QueryByExamplePolicy policy, Expression expressionBuilder, Map processedObjects, AbstractSession session) {
- String bypassProperty = PrivilegedAccessHelper.shouldUsePrivilegedAccess() ?
- AccessController.doPrivileged(new PrivilegedAction<String>() {
- @Override
- public String run() {
- return System.getProperty(SystemProperties.DO_NOT_PROCESS_XTOMANY_FOR_QBE);
- }
- })
- : System.getProperty(SystemProperties.DO_NOT_PROCESS_XTOMANY_FOR_QBE);
+ String bypassProperty = PrivilegedAccessHelper.getSystemProperty(SystemProperties.DO_NOT_PROCESS_XTOMANY_FOR_QBE);
if (this.getContainerPolicy().isMapPolicy() || (bypassProperty != null && bypassProperty.toLowerCase().equals("true")) ){
// not supported
return super.buildExpression(queryObject, policy, expressionBuilder, processedObjects, session);
diff --git a/foundation/org.eclipse.persistence.core/src/org/eclipse/persistence/platform/server/ServerPlatformBase.java b/foundation/org.eclipse.persistence.core/src/org/eclipse/persistence/platform/server/ServerPlatformBase.java
index bc3df78..f024837 100644
--- a/foundation/org.eclipse.persistence.core/src/org/eclipse/persistence/platform/server/ServerPlatformBase.java
+++ b/foundation/org.eclipse.persistence.core/src/org/eclipse/persistence/platform/server/ServerPlatformBase.java
@@ -22,7 +22,6 @@
package org.eclipse.persistence.platform.server;
import java.security.AccessController;
-import java.security.PrivilegedAction;
import java.security.PrivilegedActionException;
import java.sql.SQLException;
import java.util.concurrent.ExecutorService;
@@ -154,14 +153,7 @@ public ServerPlatformBase(DatabaseSession newDatabaseSession) {
this.databaseSession = newDatabaseSession;
this.setIsCMP(false);
// Enable users to disable or enable (default) MBean registration
- String shouldRegisterRuntimeBeanProperty = PrivilegedAccessHelper.shouldUsePrivilegedAccess() ?
- AccessController.doPrivileged(new PrivilegedAction<String>() {
- @Override
- public String run() {
- return System.getProperty(JMX_REGISTER_RUN_MBEAN_PROPERTY);
- }
- })
- : System.getProperty(JMX_REGISTER_RUN_MBEAN_PROPERTY);
+ String shouldRegisterRuntimeBeanProperty = PrivilegedAccessHelper.getSystemProperty(JMX_REGISTER_RUN_MBEAN_PROPERTY);
if(null != shouldRegisterRuntimeBeanProperty) {
if(shouldRegisterRuntimeBeanProperty.toLowerCase().indexOf("false") > -1) {
shouldRegisterRuntimeBean = false;
@@ -170,14 +162,7 @@ public String run() {
shouldRegisterRuntimeBean = true;
}
}
- String shouldRegisterDevelopmentBeanProperty = PrivilegedAccessHelper.shouldUsePrivilegedAccess() ?
- AccessController.doPrivileged(new PrivilegedAction<String>() {
- @Override
- public String run() {
- return System.getProperty(JMX_REGISTER_DEV_MBEAN_PROPERTY);
- }
- })
- : System.getProperty(JMX_REGISTER_DEV_MBEAN_PROPERTY);
+ String shouldRegisterDevelopmentBeanProperty = PrivilegedAccessHelper.getSystemProperty(JMX_REGISTER_DEV_MBEAN_PROPERTY);
if(null != shouldRegisterDevelopmentBeanProperty) {
if(shouldRegisterDevelopmentBeanProperty.toLowerCase().indexOf("false") > -1) {
shouldRegisterDevelopmentBean = false;
diff --git a/foundation/org.eclipse.persistence.core/src/org/eclipse/persistence/platform/server/sap/SAPNetWeaver_7_1_Platform.java b/foundation/org.eclipse.persistence.core/src/org/eclipse/persistence/platform/server/sap/SAPNetWeaver_7_1_Platform.java
index f49c959..e4a8b56 100644
--- a/foundation/org.eclipse.persistence.core/src/org/eclipse/persistence/platform/server/sap/SAPNetWeaver_7_1_Platform.java
+++ b/foundation/org.eclipse.persistence.core/src/org/eclipse/persistence/platform/server/sap/SAPNetWeaver_7_1_Platform.java
@@ -14,9 +14,6 @@
******************************************************************************/
package org.eclipse.persistence.platform.server.sap;
-import java.security.AccessController;
-import java.security.PrivilegedAction;
-
import javax.persistence.spi.PersistenceUnitInfo;
import org.eclipse.persistence.internal.helper.JPAClassLoaderHolder;
@@ -58,14 +55,7 @@ public Class getExternalTransactionControllerClass() {
@Override
public String getServerNameAndVersion() {
- String version = PrivilegedAccessHelper.shouldUsePrivilegedAccess() ?
- AccessController.doPrivileged(new PrivilegedAction<String>() {
- @Override
- public String run() {
- return System.getProperty("SAP_J2EE_Engine_Version");
- }
- })
- : System.getProperty("SAP_J2EE_Engine_Version");
+ String version = PrivilegedAccessHelper.getSystemProperty("SAP_J2EE_Engine_Version");
if (version != null) {
return version;
}
diff --git a/foundation/org.eclipse.persistence.core/src/org/eclipse/persistence/platform/xml/XMLPlatformFactory.java b/foundation/org.eclipse.persistence.core/src/org/eclipse/persistence/platform/xml/XMLPlatformFactory.java
index 6eb3d3f..6a9d433 100644
--- a/foundation/org.eclipse.persistence.core/src/org/eclipse/persistence/platform/xml/XMLPlatformFactory.java
+++ b/foundation/org.eclipse.persistence.core/src/org/eclipse/persistence/platform/xml/XMLPlatformFactory.java
@@ -15,7 +15,6 @@
package org.eclipse.persistence.platform.xml;
import java.security.AccessController;
-import java.security.PrivilegedAction;
import java.security.PrivilegedActionException;
import org.eclipse.persistence.internal.security.PrivilegedAccessHelper;
@@ -57,14 +56,7 @@ public Class getXMLPlatformClass() throws XMLPlatformException {
return xmlPlatformClass;
}
- String newXMLPlatformClassName = PrivilegedAccessHelper.shouldUsePrivilegedAccess() ?
- AccessController.doPrivileged(new PrivilegedAction<String>() {
- @Override
- public String run() {
- return System.getProperty(XML_PLATFORM_PROPERTY);
- }
- })
- : System.getProperty(XML_PLATFORM_PROPERTY);
+ String newXMLPlatformClassName = PrivilegedAccessHelper.getSystemProperty(XML_PLATFORM_PROPERTY);
if (null == newXMLPlatformClassName) {
newXMLPlatformClassName = JAXP_PLATFORM_CLASS_NAME;
}
diff --git a/foundation/org.eclipse.persistence.core/src/org/eclipse/persistence/tools/profiler/FetchGroupMonitor.java b/foundation/org.eclipse.persistence.core/src/org/eclipse/persistence/tools/profiler/FetchGroupMonitor.java
index 0c7d1cc..cb1f232 100644
--- a/foundation/org.eclipse.persistence.core/src/org/eclipse/persistence/tools/profiler/FetchGroupMonitor.java
+++ b/foundation/org.eclipse.persistence.core/src/org/eclipse/persistence/tools/profiler/FetchGroupMonitor.java
@@ -14,8 +14,6 @@
******************************************************************************/
package org.eclipse.persistence.tools.profiler;
-import java.security.AccessController;
-import java.security.PrivilegedAction;
import java.util.*;
import org.eclipse.persistence.internal.security.PrivilegedAccessHelper;
@@ -38,14 +36,7 @@ public class FetchGroupMonitor {
public static boolean shouldMonitor() {
if (shouldMonitor == null) {
shouldMonitor = Boolean.FALSE;
- String property = PrivilegedAccessHelper.shouldUsePrivilegedAccess() ?
- AccessController.doPrivileged(new PrivilegedAction<String>() {
- @Override
- public String run() {
- return System.getProperty("org.eclipse.persistence.fetchgroupmonitor");
- }
- })
- : System.getProperty("org.eclipse.persistence.fetchgroupmonitor");
+ String property = PrivilegedAccessHelper.getSystemProperty("org.eclipse.persistence.fetchgroupmonitor");
if ((property != null) && (property.toUpperCase().equals("TRUE"))) {
shouldMonitor = Boolean.TRUE;
}
diff --git a/foundation/org.eclipse.persistence.core/src/org/eclipse/persistence/tools/profiler/QueryMonitor.java b/foundation/org.eclipse.persistence.core/src/org/eclipse/persistence/tools/profiler/QueryMonitor.java
index d197db1..23339a4 100644
--- a/foundation/org.eclipse.persistence.core/src/org/eclipse/persistence/tools/profiler/QueryMonitor.java
+++ b/foundation/org.eclipse.persistence.core/src/org/eclipse/persistence/tools/profiler/QueryMonitor.java
@@ -15,8 +15,6 @@
package org.eclipse.persistence.tools.profiler;
import java.io.StringWriter;
-import java.security.AccessController;
-import java.security.PrivilegedAction;
import java.util.*;
import java.util.concurrent.ConcurrentHashMap;
@@ -44,15 +42,7 @@ public class QueryMonitor {
public static boolean shouldMonitor() {
if (shouldMonitor == null) {
shouldMonitor = Boolean.FALSE;
- String property = PrivilegedAccessHelper.shouldUsePrivilegedAccess() ?
- AccessController.doPrivileged(new PrivilegedAction<String>() {
- @Override
- public String run() {
- return System.getProperty("org.eclipse.persistence.querymonitor");
- }
- })
- : System.getProperty("org.eclipse.persistence.querymonitor");
-
+ String property = PrivilegedAccessHelper.getSystemProperty("org.eclipse.persistence.querymonitor");
if ((property != null) && (property.toUpperCase().equals("TRUE"))) {
shouldMonitor = Boolean.TRUE;
}
diff --git a/jpa/org.eclipse.persistence.jpa/src/org/eclipse/persistence/internal/jpa/deployment/JPAInitializer.java b/jpa/org.eclipse.persistence.jpa/src/org/eclipse/persistence/internal/jpa/deployment/JPAInitializer.java
index 1ed3ef3..ebb8f49 100644
--- a/jpa/org.eclipse.persistence.jpa/src/org/eclipse/persistence/internal/jpa/deployment/JPAInitializer.java
+++ b/jpa/org.eclipse.persistence.jpa/src/org/eclipse/persistence/internal/jpa/deployment/JPAInitializer.java
@@ -18,8 +18,6 @@
import java.io.FileWriter;
import java.io.IOException;
-import java.security.AccessController;
-import java.security.PrivilegedAction;
import java.util.Collection;
import java.util.Collections;
import java.util.HashMap;
@@ -71,14 +69,7 @@ public abstract class JPAInitializer {
* Initialize the logging file if it is specified by the system property.
*/
public static void initializeTopLinkLoggingFile() {
- String loggingFile = PrivilegedAccessHelper.shouldUsePrivilegedAccess() ?
- AccessController.doPrivileged(new PrivilegedAction<String>() {
- @Override
- public String run() {
- return System.getProperty(PersistenceUnitProperties.LOGGING_FILE);
- }
- })
- : System.getProperty(PersistenceUnitProperties.LOGGING_FILE);
+ String loggingFile = PrivilegedAccessHelper.getSystemProperty(PersistenceUnitProperties.LOGGING_FILE);
try {
if (loggingFile != null) {
AbstractSessionLog.getLog().setWriter(new FileWriter(loggingFile));
diff --git a/jpa/org.eclipse.persistence.jpa/src/org/eclipse/persistence/internal/jpa/deployment/PersistenceUnitProcessor.java b/jpa/org.eclipse.persistence.jpa/src/org/eclipse/persistence/internal/jpa/deployment/PersistenceUnitProcessor.java
index a8a9118..789c1bf 100644
--- a/jpa/org.eclipse.persistence.jpa/src/org/eclipse/persistence/internal/jpa/deployment/PersistenceUnitProcessor.java
+++ b/jpa/org.eclipse.persistence.jpa/src/org/eclipse/persistence/internal/jpa/deployment/PersistenceUnitProcessor.java
@@ -34,7 +34,6 @@
import java.net.URL;
import java.net.URLDecoder;
import java.security.AccessController;
-import java.security.PrivilegedAction;
import java.security.PrivilegedActionException;
import java.util.ArrayList;
import java.util.Collection;
@@ -297,14 +296,7 @@ public static Set<Archive> findPersistenceArchives(){
public static Set<Archive> findPersistenceArchives(ClassLoader loader){
// allow alternate persistence location to be specified via system property. This will allow persistence units
// with alternate persistence xml locations to be weaved
- String descriptorLocation = PrivilegedAccessHelper.shouldUsePrivilegedAccess() ?
- AccessController.doPrivileged(new PrivilegedAction<String>() {
- @Override
- public String run() {
- return System.getProperty(PersistenceUnitProperties.ECLIPSELINK_PERSISTENCE_XML, PersistenceUnitProperties.ECLIPSELINK_PERSISTENCE_XML_DEFAULT);
- }
- })
- : System.getProperty(PersistenceUnitProperties.ECLIPSELINK_PERSISTENCE_XML, PersistenceUnitProperties.ECLIPSELINK_PERSISTENCE_XML_DEFAULT);
+ String descriptorLocation = PrivilegedAccessHelper.getSystemProperty(PersistenceUnitProperties.ECLIPSELINK_PERSISTENCE_XML, PersistenceUnitProperties.ECLIPSELINK_PERSISTENCE_XML_DEFAULT);
return findPersistenceArchives(loader, descriptorLocation);
}
@@ -404,14 +396,7 @@ public static Set<Archive> findPersistenceArchives(ClassLoader loader, String de
public static Set<SEPersistenceUnitInfo> getPersistenceUnits(ClassLoader loader, Map m, List<URL> jarFileUrls) {
String descriptorPath = (String) m.get(PersistenceUnitProperties.ECLIPSELINK_PERSISTENCE_XML);
if(descriptorPath == null) {
- descriptorPath = PrivilegedAccessHelper.shouldUsePrivilegedAccess() ?
- AccessController.doPrivileged(new PrivilegedAction<String>() {
- @Override
- public String run() {
- return System.getProperty(PersistenceUnitProperties.ECLIPSELINK_PERSISTENCE_XML, PersistenceUnitProperties.ECLIPSELINK_PERSISTENCE_XML_DEFAULT);
- }
- })
- : System.getProperty(PersistenceUnitProperties.ECLIPSELINK_PERSISTENCE_XML, PersistenceUnitProperties.ECLIPSELINK_PERSISTENCE_XML_DEFAULT);
+ descriptorPath = PrivilegedAccessHelper.getSystemProperty(PersistenceUnitProperties.ECLIPSELINK_PERSISTENCE_XML, PersistenceUnitProperties.ECLIPSELINK_PERSISTENCE_XML_DEFAULT);
}
Set<Archive> archives = findPersistenceArchives(loader, descriptorPath, jarFileUrls);
Set<SEPersistenceUnitInfo> puInfos = new HashSet();
@@ -434,14 +419,7 @@ public static ArchiveFactory getArchiveFactory(ClassLoader loader){
}
ArchiveFactory factory = null;
- String factoryClassName = PrivilegedAccessHelper.shouldUsePrivilegedAccess() ?
- AccessController.doPrivileged(new PrivilegedAction<String>() {
- @Override
- public String run() {
- return System.getProperty(SystemProperties.ARCHIVE_FACTORY, null);
- }
- })
- : System.getProperty(SystemProperties.ARCHIVE_FACTORY, null);
+ String factoryClassName = PrivilegedAccessHelper.getSystemProperty(SystemProperties.ARCHIVE_FACTORY, null);
if (factoryClassName == null) {
return new ArchiveFactoryImpl();
diff --git a/jpa/org.eclipse.persistence.jpa/src/org/eclipse/persistence/jpa/metadata/FileBasedProjectCache.java b/jpa/org.eclipse.persistence.jpa/src/org/eclipse/persistence/jpa/metadata/FileBasedProjectCache.java
index c215da9..7345741 100644
--- a/jpa/org.eclipse.persistence.jpa/src/org/eclipse/persistence/jpa/metadata/FileBasedProjectCache.java
+++ b/jpa/org.eclipse.persistence.jpa/src/org/eclipse/persistence/jpa/metadata/FileBasedProjectCache.java
@@ -18,11 +18,11 @@
import java.io.FileOutputStream;
import java.io.ObjectOutputStream;
import java.security.AccessController;
-import java.security.PrivilegedAction;
import java.util.Map;
import org.eclipse.persistence.config.PersistenceUnitProperties;
import org.eclipse.persistence.internal.security.PrivilegedAccessHelper;
+import org.eclipse.persistence.internal.security.PrivilegedGetSystemProperty;
import org.eclipse.persistence.logging.SessionLog;
import org.eclipse.persistence.sessions.Project;
@@ -109,14 +109,11 @@ public Object getConfigPropertyLogDebug(final String propertyName, Map propertie
value = properties.get(propertyName);
}
if (value == null) {
- value = PrivilegedAccessHelper.shouldUsePrivilegedAccess() ?
- AccessController.doPrivileged(new PrivilegedAction<String>() {
- @Override
- public String run() {
- return System.getProperty(propertyName);
- }
- })
- : System.getProperty(propertyName);
+ if (PrivilegedAccessHelper.shouldUsePrivilegedAccess()) {
+ value = AccessController.doPrivileged(new PrivilegedGetSystemProperty(propertyName));
+ } else {
+ value = System.getProperty(propertyName);
+ }
}
if ((value != null) && (log != null)) {
log.log(SessionLog.FINEST, SessionLog.PROPERTIES, "property_value_specified", new Object[]{propertyName, value});
diff --git a/jpa/org.eclipse.persistence.jpa/src/org/eclipse/persistence/jpa/metadata/XMLMetadataSource.java b/jpa/org.eclipse.persistence.jpa/src/org/eclipse/persistence/jpa/metadata/XMLMetadataSource.java
index 344ca49..858010c 100644
--- a/jpa/org.eclipse.persistence.jpa/src/org/eclipse/persistence/jpa/metadata/XMLMetadataSource.java
+++ b/jpa/org.eclipse.persistence.jpa/src/org/eclipse/persistence/jpa/metadata/XMLMetadataSource.java
@@ -21,7 +21,6 @@
import java.io.Reader;
import java.net.URL;
import java.security.AccessController;
-import java.security.PrivilegedAction;
import java.util.Enumeration;
import java.util.HashMap;
import java.util.Map;
@@ -29,6 +28,7 @@
import org.eclipse.persistence.internal.jpa.metadata.xml.XMLEntityMappingsReader;
import org.eclipse.persistence.internal.security.PrivilegedAccessHelper;
+import org.eclipse.persistence.internal.security.PrivilegedGetSystemProperty;
import org.eclipse.persistence.internal.jpa.metadata.xml.XMLEntityMappings;
import org.eclipse.persistence.config.PersistenceUnitProperties;
@@ -211,14 +211,11 @@ public Object getConfigPropertyLogDebug(final String propertyName, Map propertie
value = properties.get(propertyName);
}
if (value == null) {
- value = PrivilegedAccessHelper.shouldUsePrivilegedAccess() ?
- AccessController.doPrivileged(new PrivilegedAction<String>() {
- @Override
- public String run() {
- return System.getProperty(propertyName);
- }
- })
- : System.getProperty(propertyName);
+ if (PrivilegedAccessHelper.shouldUsePrivilegedAccess()) {
+ value = AccessController.doPrivileged(new PrivilegedGetSystemProperty(propertyName));
+ } else {
+ value = System.getProperty(propertyName);
+ }
}
if ((value != null) && (log != null)) {
log.log(SessionLog.FINEST, SessionLog.PROPERTIES, "property_value_specified", new Object[]{propertyName, value});
