1 17 18 19 package org.apache.catalina.core; 20 21 22 import java.io.IOException ; 23 import java.io.InputStream ; 24 import java.io.Serializable ; 25 import java.lang.reflect.InvocationTargetException ; 26 import java.util.ArrayList ; 27 import java.util.Enumeration ; 28 import java.util.Map ; 29 import java.util.Properties ; 30 31 import javax.naming.NamingException ; 32 import javax.servlet.Filter ; 33 import javax.servlet.FilterConfig ; 34 import javax.servlet.ServletContext ; 35 import javax.servlet.ServletException ; 36 37 import org.apache.AnnotationProcessor; 38 import org.apache.catalina.Context; 39 import org.apache.catalina.deploy.FilterDef; 40 import org.apache.catalina.security.SecurityUtil; 41 import org.apache.catalina.util.Enumerator; 42 import org.apache.catalina.util.StringManager; 43 import org.apache.tomcat.util.log.SystemLogHandler; 44 45 46 54 55 final class ApplicationFilterConfig implements FilterConfig , Serializable { 56 57 58 protected static StringManager sm = 59 StringManager.getManager(Constants.Package); 60 61 63 64 83 public ApplicationFilterConfig(Context context, FilterDef filterDef) 84 throws ClassCastException , ClassNotFoundException , 85 IllegalAccessException , InstantiationException , 86 ServletException , InvocationTargetException , NamingException { 87 88 super(); 89 90 if (restrictedFilters == null) { 91 restrictedFilters = new Properties (); 92 try { 93 InputStream is = 94 this.getClass().getClassLoader().getResourceAsStream 95 ("org/apache/catalina/core/RestrictedFilters.properties"); 96 if (is != null) { 97 restrictedFilters.load(is); 98 } else { 99 context.getLogger().error(sm.getString("applicationFilterConfig.restrictedFiltersResources")); 100 } 101 } catch (IOException e) { 102 context.getLogger().error(sm.getString("applicationFilterConfig.restrictedServletsResources"), e); 103 } 104 } 105 106 this.context = context; 107 setFilterDef(filterDef); 108 109 } 110 111 112 114 115 118 private Context context = null; 119 120 121 124 private transient Filter filter = null; 125 126 127 130 private FilterDef filterDef = null; 131 132 133 136 protected static Properties restrictedFilters = null; 137 138 139 141 142 145 public String getFilterName() { 146 147 return (filterDef.getFilterName()); 148 149 } 150 151 152 159 public String getInitParameter(String name) { 160 161 Map map = filterDef.getParameterMap(); 162 if (map == null) 163 return (null); 164 else 165 return ((String ) map.get(name)); 166 167 } 168 169 170 174 public Enumeration getInitParameterNames() { 175 176 Map map = filterDef.getParameterMap(); 177 if (map == null) 178 return (new Enumerator(new ArrayList ())); 179 else 180 return (new Enumerator(map.keySet())); 181 182 } 183 184 185 188 public ServletContext getServletContext() { 189 190 return (this.context.getServletContext()); 191 192 } 193 194 195 198 public String toString() { 199 200 StringBuffer sb = new StringBuffer ("ApplicationFilterConfig["); 201 sb.append("name="); 202 sb.append(filterDef.getFilterName()); 203 sb.append(", filterClass="); 204 sb.append(filterDef.getFilterClass()); 205 sb.append("]"); 206 return (sb.toString()); 207 208 } 209 210 211 213 214 228 Filter getFilter() throws ClassCastException , ClassNotFoundException , 229 IllegalAccessException , InstantiationException , ServletException , 230 InvocationTargetException , NamingException { 231 232 if (this.filter != null) 234 return (this.filter); 235 236 String filterClass = filterDef.getFilterClass(); 238 ClassLoader classLoader = null; 239 if (filterClass.startsWith("org.apache.catalina.")) 240 classLoader = this.getClass().getClassLoader(); 241 else 242 classLoader = context.getLoader().getClassLoader(); 243 244 ClassLoader oldCtxClassLoader = 245 Thread.currentThread().getContextClassLoader(); 246 247 Class clazz = classLoader.loadClass(filterClass); 249 if (!isFilterAllowed(clazz)) { 250 throw new SecurityException 251 (sm.getString("applicationFilterConfig.privilegedFilter", 252 filterClass)); 253 } 254 this.filter = (Filter ) clazz.newInstance(); 255 if (!context.getIgnoreAnnotations()) { 256 if (context instanceof StandardContext) { 257 AnnotationProcessor processor = ((StandardContext)context).getAnnotationProcessor(); 258 processor.processAnnotations(this.filter); 259 processor.postConstruct(this.filter); 260 } 261 } 262 if (context instanceof StandardContext && 263 ((StandardContext) context).getSwallowOutput()) { 264 try { 265 SystemLogHandler.startCapture(); 266 filter.init(this); 267 } finally { 268 String log = SystemLogHandler.stopCapture(); 269 if (log != null && log.length() > 0) { 270 getServletContext().log(log); 271 } 272 } 273 } else { 274 filter.init(this); 275 } 276 return (this.filter); 277 278 279 } 280 281 282 285 FilterDef getFilterDef() { 286 287 return (this.filterDef); 288 289 } 290 291 292 295 protected boolean isFilterAllowed(Class filterClass) { 296 297 if (context.getPrivileged()) { 299 return true; 300 } 301 302 Class clazz = filterClass; 303 while (clazz != null && !clazz.getName().equals("javax.servlet.Filter")) { 304 if ("restricted".equals(restrictedFilters.getProperty(clazz.getName()))) { 305 return (false); 306 } 307 clazz = clazz.getSuperclass(); 308 } 309 310 return (true); 311 312 } 313 314 315 319 void release() { 320 321 if (this.filter != null) 322 { 323 if (System.getSecurityManager() != null) { 324 try { 325 SecurityUtil.doAsPrivilege("destroy", filter); 326 } catch(java.lang.Exception ex){ 327 context.getLogger().error("ApplicationFilterConfig.doAsPrivilege", ex); 328 } 329 SecurityUtil.remove(filter); 330 } else { 331 filter.destroy(); 332 } 333 if (!context.getIgnoreAnnotations()) { 334 try { 335 ((StandardContext)context).getAnnotationProcessor().preDestroy(this.filter); 336 } catch (Exception e) { 337 context.getLogger().error("ApplicationFilterConfig.preDestroy", e); 338 } 339 } 340 } 341 this.filter = null; 342 343 } 344 345 346 363 void setFilterDef(FilterDef filterDef) 364 throws ClassCastException , ClassNotFoundException , 365 IllegalAccessException , InstantiationException , 366 ServletException , InvocationTargetException , NamingException { 367 368 this.filterDef = filterDef; 369 if (filterDef == null) { 370 371 if (this.filter != null){ 373 if( System.getSecurityManager() != null) { 374 try{ 375 SecurityUtil.doAsPrivilege("destroy", filter); 376 } catch(java.lang.Exception ex){ 377 context.getLogger().error("ApplicationFilterConfig.doAsPrivilege", ex); 378 } 379 SecurityUtil.remove(filter); 380 } else { 381 filter.destroy(); 382 } 383 if (!context.getIgnoreAnnotations()) { 384 try { 385 ((StandardContext)context).getAnnotationProcessor().preDestroy(this.filter); 386 } catch (Exception e) { 387 context.getLogger().error("ApplicationFilterConfig.preDestroy", e); 388 } 389 } 390 } 391 this.filter = null; 392 393 } else { 394 395 Filter filter = getFilter(); 397 398 } 399 400 } 401 402 403 405 406 } 407 | Popular Tags |