[106578] Improve handling of security VM arguments. Moves management of security args to TomcatServerBehaviour.
diff --git a/plugins/org.eclipse.jst.server.tomcat.core/tomcatcore/org/eclipse/jst/server/tomcat/core/internal/ITomcatVersionHandler.java b/plugins/org.eclipse.jst.server.tomcat.core/tomcatcore/org/eclipse/jst/server/tomcat/core/internal/ITomcatVersionHandler.java
index a19083e..3121294 100644
--- a/plugins/org.eclipse.jst.server.tomcat.core/tomcatcore/org/eclipse/jst/server/tomcat/core/internal/ITomcatVersionHandler.java
+++ b/plugins/org.eclipse.jst.server.tomcat.core/tomcatcore/org/eclipse/jst/server/tomcat/core/internal/ITomcatVersionHandler.java
@@ -35,8 +35,10 @@
*/
public String[] getRuntimeProgramArguments(IPath configPath, boolean debug, boolean starting);
- public String[] getRuntimeVMArguments(IPath installPath, IPath configPath, boolean isTestEnv, boolean isSecure);
+ public String[] getRuntimeVMArguments(IPath installPath, IPath configPath, boolean isTestEnv);
+ public String getRuntimePolicyFile(IPath configPath);
+
/**
* Returns true if the given project is supported by this
* server, and false otherwise.
diff --git a/plugins/org.eclipse.jst.server.tomcat.core/tomcatcore/org/eclipse/jst/server/tomcat/core/internal/Tomcat32Handler.java b/plugins/org.eclipse.jst.server.tomcat.core/tomcatcore/org/eclipse/jst/server/tomcat/core/internal/Tomcat32Handler.java
index 9084acb..5c138df 100644
--- a/plugins/org.eclipse.jst.server.tomcat.core/tomcatcore/org/eclipse/jst/server/tomcat/core/internal/Tomcat32Handler.java
+++ b/plugins/org.eclipse.jst.server.tomcat.core/tomcatcore/org/eclipse/jst/server/tomcat/core/internal/Tomcat32Handler.java
@@ -77,22 +77,19 @@
/**
* @see ITomcatVersionHandler#getRuntimeVMArguments(IPath, IPath, boolean, boolean)
*/
- public String[] getRuntimeVMArguments(IPath installPath, IPath configPath, boolean isTestEnv, boolean isSecure) {
+ public String[] getRuntimeVMArguments(IPath installPath, IPath configPath, boolean isTestEnv) {
List list = new ArrayList();
list.add("-Dtomcat.home=\"" + installPath.toOSString() + "\"");
- // run in secure mode
- if (isSecure) {
- list.add("-Djava.security.manager");
- IPath dir = configPath.append("conf").append("tomcat.policy");
- list.add("-Djava.security.policy=\"" + dir.toOSString() + "\"");
- }
-
String[] s = new String[list.size()];
list.toArray(s);
return s;
}
-
+
+ public String getRuntimePolicyFile(IPath configPath) {
+ return configPath.append("conf").append("tomcat.policy").toOSString();
+ }
+
/**
* @see ITomcatVersionHandler#canAddModule(IWebModule)
*/
diff --git a/plugins/org.eclipse.jst.server.tomcat.core/tomcatcore/org/eclipse/jst/server/tomcat/core/internal/Tomcat40Handler.java b/plugins/org.eclipse.jst.server.tomcat.core/tomcatcore/org/eclipse/jst/server/tomcat/core/internal/Tomcat40Handler.java
index d15e1b0..0012725 100644
--- a/plugins/org.eclipse.jst.server.tomcat.core/tomcatcore/org/eclipse/jst/server/tomcat/core/internal/Tomcat40Handler.java
+++ b/plugins/org.eclipse.jst.server.tomcat.core/tomcatcore/org/eclipse/jst/server/tomcat/core/internal/Tomcat40Handler.java
@@ -79,7 +79,7 @@
/**
* @see ITomcatVersionHandler#getRuntimeVMArguments(IPath, IPath, boolean, boolean)
*/
- public String[] getRuntimeVMArguments(IPath installPath, IPath configPath, boolean isTestEnv, boolean isSecure) {
+ public String[] getRuntimeVMArguments(IPath installPath, IPath configPath, boolean isTestEnv) {
List list = new ArrayList();
if (isTestEnv)
list.add("-Dcatalina.base=\"" + configPath.toOSString() + "\"");
@@ -90,18 +90,15 @@
installPath.append("common").append("lib").toOSString();
list.add("-Djava.endorsed.dirs=\"" + endorsed + "\"");
- // run in secure mode
- if (isSecure) {
- list.add("-Djava.security.manager");
- IPath dir = configPath.append("conf").append("catalina.policy");
- list.add("-Djava.security.policy=\"" + dir.toOSString() + "\"");
- }
-
String[] s = new String[list.size()];
list.toArray(s);
return s;
}
-
+
+ public String getRuntimePolicyFile(IPath configPath) {
+ return configPath.append("conf").append("catalina.policy").toOSString();
+ }
+
/**
* @see ITomcatVersionHandler#canAddModule(IWebModule)
*/
diff --git a/plugins/org.eclipse.jst.server.tomcat.core/tomcatcore/org/eclipse/jst/server/tomcat/core/internal/Tomcat41Handler.java b/plugins/org.eclipse.jst.server.tomcat.core/tomcatcore/org/eclipse/jst/server/tomcat/core/internal/Tomcat41Handler.java
index 8d262c1..d087dc8 100644
--- a/plugins/org.eclipse.jst.server.tomcat.core/tomcatcore/org/eclipse/jst/server/tomcat/core/internal/Tomcat41Handler.java
+++ b/plugins/org.eclipse.jst.server.tomcat.core/tomcatcore/org/eclipse/jst/server/tomcat/core/internal/Tomcat41Handler.java
@@ -79,7 +79,7 @@
/**
* @see ITomcatVersionHandler#getRuntimeVMArguments(IPath, IPath, boolean, boolean)
*/
- public String[] getRuntimeVMArguments(IPath installPath, IPath configPath, boolean isTestEnv, boolean isSecure) {
+ public String[] getRuntimeVMArguments(IPath installPath, IPath configPath, boolean isTestEnv) {
List list = new ArrayList();
if (isTestEnv)
list.add("-Dcatalina.base=\"" + configPath.toOSString() + "\"");
@@ -88,18 +88,15 @@
list.add("-Dcatalina.home=\"" + installPath.toOSString() + "\"");
list.add("-Djava.endorsed.dirs=\"" + installPath.append("common").append("endorsed").toOSString() + "\"");
- // run in secure mode
- if (isSecure) {
- list.add("-Djava.security.manager");
- IPath dir = configPath.append("conf").append("catalina.policy");
- list.add("-Djava.security.policy=\"" + dir.toOSString() + "\"");
- }
-
String[] s = new String[list.size()];
list.toArray(s);
return s;
}
-
+
+ public String getRuntimePolicyFile(IPath configPath) {
+ return configPath.append("conf").append("catalina.policy").toOSString();
+ }
+
/**
* @see ITomcatVersionHandler#canAddModule(IWebModule)
*/
diff --git a/plugins/org.eclipse.jst.server.tomcat.core/tomcatcore/org/eclipse/jst/server/tomcat/core/internal/Tomcat50Handler.java b/plugins/org.eclipse.jst.server.tomcat.core/tomcatcore/org/eclipse/jst/server/tomcat/core/internal/Tomcat50Handler.java
index ab030d2..864afd5 100644
--- a/plugins/org.eclipse.jst.server.tomcat.core/tomcatcore/org/eclipse/jst/server/tomcat/core/internal/Tomcat50Handler.java
+++ b/plugins/org.eclipse.jst.server.tomcat.core/tomcatcore/org/eclipse/jst/server/tomcat/core/internal/Tomcat50Handler.java
@@ -79,7 +79,7 @@
/**
* @see ITomcatVersionHandler#getRuntimeVMArguments(IPath, IPath, boolean, boolean)
*/
- public String[] getRuntimeVMArguments(IPath installPath, IPath configPath, boolean isTestEnv, boolean isSecure) {
+ public String[] getRuntimeVMArguments(IPath installPath, IPath configPath, boolean isTestEnv) {
List list = new ArrayList();
if (isTestEnv)
list.add("-Dcatalina.base=\"" + configPath.toOSString() + "\"");
@@ -88,18 +88,15 @@
list.add("-Dcatalina.home=\"" + installPath.toOSString() + "\"");
list.add("-Djava.endorsed.dirs=\"" + installPath.append("common").append("endorsed").toOSString() + "\"");
- // run in secure mode
- if (isSecure) {
- list.add("-Djava.security.manager");
- IPath dir = configPath.append("conf").append("catalina.policy");
- list.add("-Djava.security.policy=\"" + dir.toOSString() + "\"");
- }
-
String[] s = new String[list.size()];
list.toArray(s);
return s;
}
-
+
+ public String getRuntimePolicyFile(IPath configPath) {
+ return configPath.append("conf").append("catalina.policy").toOSString();
+ }
+
/**
* @see ITomcatVersionHandler#canAddModule(IWebModule)
*/
diff --git a/plugins/org.eclipse.jst.server.tomcat.core/tomcatcore/org/eclipse/jst/server/tomcat/core/internal/TomcatServerBehaviour.java b/plugins/org.eclipse.jst.server.tomcat.core/tomcatcore/org/eclipse/jst/server/tomcat/core/internal/TomcatServerBehaviour.java
index 5cd813b..d91e50c 100644
--- a/plugins/org.eclipse.jst.server.tomcat.core/tomcatcore/org/eclipse/jst/server/tomcat/core/internal/TomcatServerBehaviour.java
+++ b/plugins/org.eclipse.jst.server.tomcat.core/tomcatcore/org/eclipse/jst/server/tomcat/core/internal/TomcatServerBehaviour.java
@@ -121,7 +121,16 @@
else
configPath = installPath;
return getTomcatVersionHandler().getRuntimeVMArguments(installPath, configPath,
- getTomcatServer().isTestEnvironment(), getTomcatServer().isSecure());
+ getTomcatServer().isTestEnvironment());
+ }
+
+ protected String getRuntimePolicyFile() {
+ IPath configPath;
+ if (getTomcatServer().isTestEnvironment())
+ configPath = getTempDirectory();
+ else
+ configPath = getServer().getRuntime().getLocation();
+ return getTomcatVersionHandler().getRuntimePolicyFile(configPath);
}
protected static String renderCommandLine(String[] commandLine, String separator) {
@@ -530,25 +539,56 @@
workingCopy.setAttribute(IJavaLaunchConfigurationConstants.ATTR_PROGRAM_ARGUMENTS, mergeArguments(existingProgArgs, getRuntimeProgramArguments(true)));
String existingVMArgs = workingCopy.getAttribute(IJavaLaunchConfigurationConstants.ATTR_VM_ARGUMENTS, (String)null);
- if (existingVMArgs != null && !getTomcatServer().isSecure()) {
- // remove -Djava.security.manager and -Djava.security.policy="x x"
- int index = existingVMArgs.indexOf("-Djava.security.manager");
- if (index >= 0) {
- if (index > 0 && existingVMArgs.charAt(index - 1) == ' ')
- index --;
- int index2 = existingVMArgs.indexOf(" ", index + 2);
- existingVMArgs = existingVMArgs.substring(0, index) + existingVMArgs.substring(index2);
+ String[] parsedVMArgs = null;
+ if (null != existingVMArgs) {
+ parsedVMArgs = DebugPlugin.parseArguments(existingVMArgs);
+ }
+ String [] configVMArgs = getRuntimeVMArguments();
+ if (getTomcatServer().isSecure()) {
+ boolean addSecurityArgs = true;
+ if (null != parsedVMArgs) {
+ for (int i = 0; i < parsedVMArgs.length; i++) {
+ if (parsedVMArgs[i].startsWith("wtp.configured.security")) {
+ addSecurityArgs = false;
+ break;
+ }
+ }
}
- index = existingVMArgs.indexOf("-Djava.security.policy=");
- if (index >= 0) {
- if (index > 0 && existingVMArgs.charAt(index - 1) == ' ')
- index --;
- int index2 = existingVMArgs.indexOf("\"", index);
- index2 = existingVMArgs.indexOf("\"", index2 + 1);
- existingVMArgs = existingVMArgs.substring(0, index) + existingVMArgs.substring(index2+1);
+ if (addSecurityArgs) {
+ String [] newVMArgs = new String [configVMArgs.length + 3];
+ System.arraycopy(configVMArgs, 0, newVMArgs, 0, configVMArgs.length);
+ newVMArgs[configVMArgs.length] = "-Djava.security.manager";
+ newVMArgs[configVMArgs.length + 1] = "-Djava.security.policy=\""
+ + getRuntimePolicyFile() +"\"";
+ newVMArgs[configVMArgs.length + 2] = "-Dwtp.configured.security=true";
+ configVMArgs = newVMArgs;
}
}
- workingCopy.setAttribute(IJavaLaunchConfigurationConstants.ATTR_VM_ARGUMENTS, mergeArguments(existingVMArgs, getRuntimeVMArguments()));
+ else if (null != parsedVMArgs){
+ boolean removeSecurityArgs = false;
+ for (int i = 0; i < parsedVMArgs.length; i++) {
+ if (parsedVMArgs[i].startsWith("-Dwtp.configured.security")) {
+ removeSecurityArgs = true;
+ break;
+ }
+ }
+ if (removeSecurityArgs) {
+ StringBuffer filteredVMArgs = new StringBuffer();
+ for (int i = 0; i < parsedVMArgs.length; i++) {
+ String arg = parsedVMArgs[i];
+ if (!arg.startsWith("-Djava.security.manager")
+ && !arg.startsWith("-Djava.security.policy=")
+ && !arg.startsWith("-Dwtp.configured.security=")) {
+ if (filteredVMArgs.length() > 0) {
+ filteredVMArgs.append(' ');
+ }
+ filteredVMArgs.append(arg);
+ }
+ }
+ existingVMArgs = filteredVMArgs.toString();
+ }
+ }
+ workingCopy.setAttribute(IJavaLaunchConfigurationConstants.ATTR_VM_ARGUMENTS, mergeArguments(existingVMArgs, configVMArgs));
ITomcatRuntime runtime = getTomcatRuntime();
IVMInstall vmInstall = runtime.getVMInstall();