Add commons-collections dep due to exclusion Use ObjectInputStreamFiltered Overrides and finals Close streams 101 Fix LocalMBeanServer recursion Check for null.
Project: http://git-wip-us.apache.org/repos/asf/tomee/repo Commit: http://git-wip-us.apache.org/repos/asf/tomee/commit/db5bf163 Tree: http://git-wip-us.apache.org/repos/asf/tomee/tree/db5bf163 Diff: http://git-wip-us.apache.org/repos/asf/tomee/diff/db5bf163 Branch: refs/heads/tomee-1.7.3-prepare Commit: db5bf163145583339f76acc0f1c7a18b6b30e468 Parents: 8d0f5b8 Author: AndyGee <andy...@gmx.de> Authored: Thu Dec 3 04:25:56 2015 +0100 Committer: AndyGee <andy...@gmx.de> Committed: Thu Dec 3 04:25:56 2015 +0100 ---------------------------------------------------------------------- container/openejb-core/pom.xml | 4 ++ .../openejb/config/rules/CheckClassLoading.java | 4 +- .../openejb/core/ObjectInputStreamFiltered.java | 39 ++++++++++++++++++ .../openejb/core/ivm/EjbObjectInputStream.java | 1 + .../openejb/core/managed/SimplePassivater.java | 17 ++++++-- .../core/rmi/BlacklistClassResolver.java | 13 ++++-- .../openejb/core/timer/EjbTimerServiceImpl.java | 2 +- .../apache/openejb/core/timer/TimerData.java | 26 ++++++++---- .../log/commonslogging/OpenEJBCommonsLog.java | 2 +- .../openejb/monitoring/LocalMBeanServer.java | 2 +- .../java/org/apache/openejb/spi/Serializer.java | 39 +++++++++++++----- .../apache/openejb/util/PojoSerialization.java | 31 ++++++++++----- .../openejb/server/httpd/HttpResponseImpl.java | 42 +++++++++++++++----- .../openejb/tck/cdi/embedded/BeansImpl.java | 16 ++++---- .../tck/cdi/tomee/embedded/BeansImpl.java | 16 ++++---- .../org/apache/tomee/common/EjbFactory.java | 5 ++- 16 files changed, 193 insertions(+), 66 deletions(-) ---------------------------------------------------------------------- http://git-wip-us.apache.org/repos/asf/tomee/blob/db5bf163/container/openejb-core/pom.xml ---------------------------------------------------------------------- diff --git a/container/openejb-core/pom.xml b/container/openejb-core/pom.xml index 805b509..f0e435e 100644 --- a/container/openejb-core/pom.xml +++ b/container/openejb-core/pom.xml @@ -492,6 +492,10 @@ <groupId>commons-cli</groupId> <artifactId>commons-cli</artifactId> </dependency> + <dependency> + <groupId>commons-collections</groupId> + <artifactId>commons-collections</artifactId> + </dependency> <!-- ActiveMQ --> <dependency> http://git-wip-us.apache.org/repos/asf/tomee/blob/db5bf163/container/openejb-core/src/main/java/org/apache/openejb/config/rules/CheckClassLoading.java ---------------------------------------------------------------------- diff --git a/container/openejb-core/src/main/java/org/apache/openejb/config/rules/CheckClassLoading.java b/container/openejb-core/src/main/java/org/apache/openejb/config/rules/CheckClassLoading.java index 173810c..bb17b3e 100644 --- a/container/openejb-core/src/main/java/org/apache/openejb/config/rules/CheckClassLoading.java +++ b/container/openejb-core/src/main/java/org/apache/openejb/config/rules/CheckClassLoading.java @@ -190,8 +190,8 @@ public class CheckClassLoading extends ValidationBase { public static class DiffItem { private Collection<String> files = new ArrayList<String>(); - private String file1; - private String file2; + private final String file1; + private final String file2; public DiffItem(final Collection<String> files, final String file1, final String file2) { this.files = files; http://git-wip-us.apache.org/repos/asf/tomee/blob/db5bf163/container/openejb-core/src/main/java/org/apache/openejb/core/ObjectInputStreamFiltered.java ---------------------------------------------------------------------- diff --git a/container/openejb-core/src/main/java/org/apache/openejb/core/ObjectInputStreamFiltered.java b/container/openejb-core/src/main/java/org/apache/openejb/core/ObjectInputStreamFiltered.java new file mode 100644 index 0000000..8af39a6 --- /dev/null +++ b/container/openejb-core/src/main/java/org/apache/openejb/core/ObjectInputStreamFiltered.java @@ -0,0 +1,39 @@ +/* + * Licensed to the Apache Software Foundation (ASF) under one or more + * contributor license agreements. See the NOTICE file distributed with + * this work for additional information regarding copyright ownership. + * The ASF licenses this file to You under the Apache License, Version 2.0 + * (the "License"); you may not use this file except in compliance with + * the License. You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ +package org.apache.openejb.core; + +import org.apache.openejb.core.rmi.BlacklistClassResolver; + +import java.io.IOException; +import java.io.InputStream; +import java.io.ObjectInputStream; +import java.io.ObjectStreamClass; + +/** + * Ensures blacklisted classes cannot be loaded + */ +public class ObjectInputStreamFiltered extends ObjectInputStream { + + public ObjectInputStreamFiltered(final InputStream in) throws IOException { + super(in); + } + + @Override + protected Class resolveClass(final ObjectStreamClass classDesc) throws IOException, ClassNotFoundException { + return super.resolveClass(BlacklistClassResolver.DEFAULT.check(classDesc)); + } +} http://git-wip-us.apache.org/repos/asf/tomee/blob/db5bf163/container/openejb-core/src/main/java/org/apache/openejb/core/ivm/EjbObjectInputStream.java ---------------------------------------------------------------------- diff --git a/container/openejb-core/src/main/java/org/apache/openejb/core/ivm/EjbObjectInputStream.java b/container/openejb-core/src/main/java/org/apache/openejb/core/ivm/EjbObjectInputStream.java index 9324984..c9ed234 100644 --- a/container/openejb-core/src/main/java/org/apache/openejb/core/ivm/EjbObjectInputStream.java +++ b/container/openejb-core/src/main/java/org/apache/openejb/core/ivm/EjbObjectInputStream.java @@ -70,6 +70,7 @@ public class EjbObjectInputStream extends ObjectInputStream { } } + @Override protected Class resolveProxyClass(final String[] interfaces) throws IOException, ClassNotFoundException { final Class[] cinterfaces = new Class[interfaces.length]; for (int i = 0; i < interfaces.length; i++) { http://git-wip-us.apache.org/repos/asf/tomee/blob/db5bf163/container/openejb-core/src/main/java/org/apache/openejb/core/managed/SimplePassivater.java ---------------------------------------------------------------------- diff --git a/container/openejb-core/src/main/java/org/apache/openejb/core/managed/SimplePassivater.java b/container/openejb-core/src/main/java/org/apache/openejb/core/managed/SimplePassivater.java index b0947ee..fd99411 100644 --- a/container/openejb-core/src/main/java/org/apache/openejb/core/managed/SimplePassivater.java +++ b/container/openejb-core/src/main/java/org/apache/openejb/core/managed/SimplePassivater.java @@ -14,11 +14,11 @@ * See the License for the specific language governing permissions and * limitations under the License. */ - package org.apache.openejb.core.managed; import org.apache.openejb.SystemException; import org.apache.openejb.core.EnvProps; +import org.apache.openejb.core.ObjectInputStreamFiltered; import org.apache.openejb.loader.IO; import org.apache.openejb.loader.SystemInstance; import org.apache.openejb.util.LogCategory; @@ -107,9 +107,18 @@ public class SimplePassivater implements PassivationStrategy { if (sessionFile.exists()) { logger.info("Activating from file " + sessionFile); - final ObjectInputStream ois = new ObjectInputStream(IO.read(sessionFile)); - final Object state = ois.readObject(); - ois.close(); + Object state = null; + ObjectInputStream ois = null; + + try { + ois = new ObjectInputStreamFiltered(IO.read(sessionFile)); + state = ois.readObject(); + } finally { + if (ois != null) { + ois.close(); + } + } + if (!sessionFile.delete()) { sessionFile.deleteOnExit(); } http://git-wip-us.apache.org/repos/asf/tomee/blob/db5bf163/container/openejb-core/src/main/java/org/apache/openejb/core/rmi/BlacklistClassResolver.java ---------------------------------------------------------------------- diff --git a/container/openejb-core/src/main/java/org/apache/openejb/core/rmi/BlacklistClassResolver.java b/container/openejb-core/src/main/java/org/apache/openejb/core/rmi/BlacklistClassResolver.java index ffefc3a..890537b 100644 --- a/container/openejb-core/src/main/java/org/apache/openejb/core/rmi/BlacklistClassResolver.java +++ b/container/openejb-core/src/main/java/org/apache/openejb/core/rmi/BlacklistClassResolver.java @@ -16,13 +16,15 @@ */ package org.apache.openejb.core.rmi; +import java.io.ObjectStreamClass; + public class BlacklistClassResolver { private static final String[] WHITELIST = toArray(System.getProperty("tomee.serialization.class.whitelist")); private static final String[] BLACKLIST = toArray(System.getProperty("tomee.serialization.class.blacklist")); public static final BlacklistClassResolver DEFAULT = new BlacklistClassResolver( - new String[] { "org.codehaus.groovy.runtime.", "org.apache.commons.collections.functors.", "org.apache.xalan" }, - null); + new String[]{"org.codehaus.groovy.runtime.", "org.apache.commons.collections.functors.", "org.apache.xalan"}, + null); private final String[] blacklist; private final String[] whitelist; @@ -36,6 +38,11 @@ public class BlacklistClassResolver { return !contains(whitelist, name) && contains(blacklist, name); } + public final ObjectStreamClass check(final ObjectStreamClass classDesc) { + check(classDesc.getName()); + return classDesc; + } + public final String check(final String name) { if (isBlacklisted(name)) { throw new SecurityException(name + " is not whitelisted as deserialisable, prevented before loading."); @@ -47,7 +54,7 @@ public class BlacklistClassResolver { return property == null ? null : property.split(" *, *"); } - private static boolean contains(final String[] list, String name) { + private static boolean contains(final String[] list, final String name) { if (list != null) { for (final String white : list) { if (name.startsWith(white)) { http://git-wip-us.apache.org/repos/asf/tomee/blob/db5bf163/container/openejb-core/src/main/java/org/apache/openejb/core/timer/EjbTimerServiceImpl.java ---------------------------------------------------------------------- diff --git a/container/openejb-core/src/main/java/org/apache/openejb/core/timer/EjbTimerServiceImpl.java b/container/openejb-core/src/main/java/org/apache/openejb/core/timer/EjbTimerServiceImpl.java index f3886b5..6216914 100644 --- a/container/openejb-core/src/main/java/org/apache/openejb/core/timer/EjbTimerServiceImpl.java +++ b/container/openejb-core/src/main/java/org/apache/openejb/core/timer/EjbTimerServiceImpl.java @@ -251,7 +251,7 @@ public class EjbTimerServiceImpl implements EjbTimerService, Serializable { if (driverDelegate != null && StdJDBCDelegate.class.getName().equals(driverDelegate)) { properties.put("org.apache.openejb.quartz.jobStore.driverDelegateClass", PatchedStdJDBCDelegate.class.getName()); } else if (driverDelegate != null) { - log.info("You use " + driverDelegate + " driver delegate with quartz, ensure it doesn't use ObjectInputStream otherwise your custom TimerData can induce some issues"); + log.info("Using '" + driverDelegate + "' driver delegate with quartz so ensure it does not use ObjectInputStream, else your custom TimerData may encounter issues"); } // adding our custom persister http://git-wip-us.apache.org/repos/asf/tomee/blob/db5bf163/container/openejb-core/src/main/java/org/apache/openejb/core/timer/TimerData.java ---------------------------------------------------------------------- diff --git a/container/openejb-core/src/main/java/org/apache/openejb/core/timer/TimerData.java b/container/openejb-core/src/main/java/org/apache/openejb/core/timer/TimerData.java index feb06ce..18e2e7f 100644 --- a/container/openejb-core/src/main/java/org/apache/openejb/core/timer/TimerData.java +++ b/container/openejb-core/src/main/java/org/apache/openejb/core/timer/TimerData.java @@ -154,23 +154,32 @@ public abstract class TimerData implements Serializable { throw new IOException(e); } - final String mtd = in.readUTF(); - final BeanContext beanContext = SystemInstance.get().getComponent(ContainerSystem.class).getBeanContext(deploymentId); scheduler = timerService.getScheduler(); - for (final Iterator<Map.Entry<Method, MethodContext>> it = beanContext.iteratorMethodContext(); it.hasNext(); ) { - final MethodContext methodContext = it.next().getValue(); + + final String mtd = in.readUTF(); + final ContainerSystem component = SystemInstance.get().getComponent(ContainerSystem.class); + + if (component != null) { + final BeanContext beanContext = component.getBeanContext(deploymentId); + + for (final Iterator<Map.Entry<Method, MethodContext>> it = beanContext.iteratorMethodContext(); it.hasNext(); ) { + final MethodContext methodContext = it.next().getValue(); /* this doesn't work in all cases if (methodContext.getSchedules().isEmpty()) { continue; } */ - final Method method = methodContext.getBeanMethod(); - if (method != null && method.getName().equals(mtd)) { // maybe we should check parameters too - setTimeoutMethod(method); - break; + final Method method = methodContext.getBeanMethod(); + if (method != null && method.getName().equals(mtd)) { // maybe we should check parameters too + setTimeoutMethod(method); + break; + } } + } else { + log.warning("ContainerSystem component is not available"); } + } public void stop() { @@ -213,6 +222,7 @@ public abstract class TimerData implements Serializable { return timer; } + @SuppressWarnings("unused") public boolean isNewTimer() { return newTimer; } http://git-wip-us.apache.org/repos/asf/tomee/blob/db5bf163/container/openejb-core/src/main/java/org/apache/openejb/log/commonslogging/OpenEJBCommonsLog.java ---------------------------------------------------------------------- diff --git a/container/openejb-core/src/main/java/org/apache/openejb/log/commonslogging/OpenEJBCommonsLog.java b/container/openejb-core/src/main/java/org/apache/openejb/log/commonslogging/OpenEJBCommonsLog.java index f5bb494..d577e5e 100644 --- a/container/openejb-core/src/main/java/org/apache/openejb/log/commonslogging/OpenEJBCommonsLog.java +++ b/container/openejb-core/src/main/java/org/apache/openejb/log/commonslogging/OpenEJBCommonsLog.java @@ -28,7 +28,7 @@ import java.io.Serializable; public class OpenEJBCommonsLog implements Log, Serializable { private transient Logger logger; - private String category; + private final String category; public OpenEJBCommonsLog(final String category) { this.category = category; http://git-wip-us.apache.org/repos/asf/tomee/blob/db5bf163/container/openejb-core/src/main/java/org/apache/openejb/monitoring/LocalMBeanServer.java ---------------------------------------------------------------------- diff --git a/container/openejb-core/src/main/java/org/apache/openejb/monitoring/LocalMBeanServer.java b/container/openejb-core/src/main/java/org/apache/openejb/monitoring/LocalMBeanServer.java index 51d0d94..a52cbbc 100644 --- a/container/openejb-core/src/main/java/org/apache/openejb/monitoring/LocalMBeanServer.java +++ b/container/openejb-core/src/main/java/org/apache/openejb/monitoring/LocalMBeanServer.java @@ -184,7 +184,7 @@ public final class LocalMBeanServer implements MBeanServer { @Override public Set<ObjectInstance> queryMBeans(final ObjectName name, final QueryExp query) { - return queryMBeans(name, query); + return s().queryMBeans(name, query); } @Override http://git-wip-us.apache.org/repos/asf/tomee/blob/db5bf163/container/openejb-core/src/main/java/org/apache/openejb/spi/Serializer.java ---------------------------------------------------------------------- diff --git a/container/openejb-core/src/main/java/org/apache/openejb/spi/Serializer.java b/container/openejb-core/src/main/java/org/apache/openejb/spi/Serializer.java index 4e412bb..d176387 100644 --- a/container/openejb-core/src/main/java/org/apache/openejb/spi/Serializer.java +++ b/container/openejb-core/src/main/java/org/apache/openejb/spi/Serializer.java @@ -14,9 +14,10 @@ * See the License for the specific language governing permissions and * limitations under the License. */ - package org.apache.openejb.spi; +import org.apache.openejb.core.ObjectInputStreamFiltered; + import java.io.ByteArrayInputStream; import java.io.ByteArrayOutputStream; import java.io.IOException; @@ -26,18 +27,36 @@ import java.io.ObjectOutputStream; public class Serializer { public static Object deserialize(final byte[] bytes) - throws IOException, ClassNotFoundException { - final ByteArrayInputStream bais = new ByteArrayInputStream(bytes); - final ObjectInputStream ois = new ObjectInputStream(bais); - return ois.readObject(); + throws IOException, ClassNotFoundException { + + ObjectInputStream ois = null; + + try { + final ByteArrayInputStream bais = new ByteArrayInputStream(bytes); + ois = new ObjectInputStreamFiltered(bais); + return ois.readObject(); + } finally { + if (ois != null) { + ois.close(); + } + } } public static byte[] serialize(final Object object) throws IOException { - final ByteArrayOutputStream baos = new ByteArrayOutputStream(); - final ObjectOutputStream oos = new ObjectOutputStream(baos); - oos.writeObject(object); - oos.flush(); - return baos.toByteArray(); + + ObjectOutputStream oos = null; + + try { + final ByteArrayOutputStream baos = new ByteArrayOutputStream(); + oos = new ObjectOutputStream(baos); + oos.writeObject(object); + oos.flush(); + return baos.toByteArray(); + } finally { + if (oos != null) { + oos.close(); + } + } } } http://git-wip-us.apache.org/repos/asf/tomee/blob/db5bf163/container/openejb-core/src/main/java/org/apache/openejb/util/PojoSerialization.java ---------------------------------------------------------------------- diff --git a/container/openejb-core/src/main/java/org/apache/openejb/util/PojoSerialization.java b/container/openejb-core/src/main/java/org/apache/openejb/util/PojoSerialization.java index ed6bc11..58ff547 100644 --- a/container/openejb-core/src/main/java/org/apache/openejb/util/PojoSerialization.java +++ b/container/openejb-core/src/main/java/org/apache/openejb/util/PojoSerialization.java @@ -57,6 +57,7 @@ public class PojoSerialization implements Serializable { final Class<?> unsafeClass; try { unsafeClass = AccessController.doPrivileged(new PrivilegedAction<Class<?>>() { + @Override public Class<?> run() { try { return Thread.currentThread().getContextClassLoader().loadClass("sun.misc.Unsafe"); @@ -74,6 +75,7 @@ public class PojoSerialization implements Serializable { } unsafe = AccessController.doPrivileged(new PrivilegedAction<Object>() { + @Override public Object run() { try { final Field field = unsafeClass.getDeclaredField("theUnsafe"); @@ -85,6 +87,7 @@ public class PojoSerialization implements Serializable { } }); allocateInstance = AccessController.doPrivileged(new PrivilegedAction<Method>() { + @Override public Method run() { try { final Method mtd = unsafeClass.getDeclaredMethod("allocateInstance", Class.class); @@ -96,6 +99,7 @@ public class PojoSerialization implements Serializable { } }); objectFieldOffset = AccessController.doPrivileged(new PrivilegedAction<Method>() { + @Override public Method run() { try { final Method mtd = unsafeClass.getDeclaredMethod("objectFieldOffset", Field.class); @@ -107,6 +111,7 @@ public class PojoSerialization implements Serializable { } }); putInt = AccessController.doPrivileged(new PrivilegedAction<Method>() { + @Override public Method run() { try { final Method mtd = unsafeClass.getDeclaredMethod("putInt", Object.class, long.class, int.class); @@ -118,6 +123,7 @@ public class PojoSerialization implements Serializable { } }); putLong = AccessController.doPrivileged(new PrivilegedAction<Method>() { + @Override public Method run() { try { final Method mtd = unsafeClass.getDeclaredMethod("putLong", Object.class, long.class, long.class); @@ -129,6 +135,7 @@ public class PojoSerialization implements Serializable { } }); putShort = AccessController.doPrivileged(new PrivilegedAction<Method>() { + @Override public Method run() { try { final Method mtd = unsafeClass.getDeclaredMethod("putShort", Object.class, long.class, short.class); @@ -140,6 +147,7 @@ public class PojoSerialization implements Serializable { } }); putChar = AccessController.doPrivileged(new PrivilegedAction<Method>() { + @Override public Method run() { try { final Method mtd = unsafeClass.getDeclaredMethod("putChar", Object.class, long.class, char.class); @@ -151,6 +159,7 @@ public class PojoSerialization implements Serializable { } }); putByte = AccessController.doPrivileged(new PrivilegedAction<Method>() { + @Override public Method run() { try { final Method mtd = unsafeClass.getDeclaredMethod("putByte", Object.class, long.class, byte.class); @@ -162,6 +171,7 @@ public class PojoSerialization implements Serializable { } }); putFloat = AccessController.doPrivileged(new PrivilegedAction<Method>() { + @Override public Method run() { try { final Method mtd = unsafeClass.getDeclaredMethod("putFloat", Object.class, long.class, float.class); @@ -173,6 +183,7 @@ public class PojoSerialization implements Serializable { } }); putDouble = AccessController.doPrivileged(new PrivilegedAction<Method>() { + @Override public Method run() { try { final Method mtd = unsafeClass.getDeclaredMethod("putDouble", Object.class, long.class, double.class); @@ -184,6 +195,7 @@ public class PojoSerialization implements Serializable { } }); putBoolean = AccessController.doPrivileged(new PrivilegedAction<Method>() { + @Override public Method run() { try { final Method mtd = unsafeClass.getDeclaredMethod("putBoolean", Object.class, long.class, boolean.class); @@ -195,6 +207,7 @@ public class PojoSerialization implements Serializable { } }); putObject = AccessController.doPrivileged(new PrivilegedAction<Method>() { + @Override public Method run() { try { final Method mtd = unsafeClass.getDeclaredMethod("putObject", Object.class, long.class, Object.class); @@ -250,7 +263,7 @@ public class PojoSerialization implements Serializable { case FIELD: { final String fieldName = in.readUTF(); final Object value = in.readObject(); - Field field = null; + final Field field; try { field = clazz.getDeclaredField(fieldName); } catch (final NoSuchFieldException e) { @@ -314,21 +327,21 @@ public class PojoSerialization implements Serializable { try { if (type.isPrimitive()) { if (type.equals(Integer.TYPE)) { - putInt.invoke(unsafe, object, offset, ((Integer) value).intValue()); + putInt.invoke(unsafe, object, offset, value); } else if (type.equals(Long.TYPE)) { - putLong.invoke(unsafe, object, offset, ((Long) value).longValue()); + putLong.invoke(unsafe, object, offset, value); } else if (type.equals(Short.TYPE)) { - putShort.invoke(unsafe, object, offset, ((Short) value).shortValue()); + putShort.invoke(unsafe, object, offset, value); } else if (type.equals(Character.TYPE)) { - putChar.invoke(unsafe, object, offset, ((Character) value).charValue()); + putChar.invoke(unsafe, object, offset, value); } else if (type.equals(Byte.TYPE)) { - putByte.invoke(unsafe, object, offset, ((Byte) value).byteValue()); + putByte.invoke(unsafe, object, offset, value); } else if (type.equals(Float.TYPE)) { - putFloat.invoke(unsafe, object, offset, ((Float) value).floatValue()); + putFloat.invoke(unsafe, object, offset, value); } else if (type.equals(Double.TYPE)) { - putDouble.invoke(unsafe, object, offset, ((Double) value).doubleValue()); + putDouble.invoke(unsafe, object, offset, value); } else if (type.equals(Boolean.TYPE)) { - putBoolean.invoke(unsafe, object, offset, ((Boolean) value).booleanValue()); + putBoolean.invoke(unsafe, object, offset, value); } else { throw new IllegalStateException("Unknown primitive type: " + type.getName()); } http://git-wip-us.apache.org/repos/asf/tomee/blob/db5bf163/server/openejb-http/src/main/java/org/apache/openejb/server/httpd/HttpResponseImpl.java ---------------------------------------------------------------------- diff --git a/server/openejb-http/src/main/java/org/apache/openejb/server/httpd/HttpResponseImpl.java b/server/openejb-http/src/main/java/org/apache/openejb/server/httpd/HttpResponseImpl.java index c075062..5efc218 100644 --- a/server/openejb-http/src/main/java/org/apache/openejb/server/httpd/HttpResponseImpl.java +++ b/server/openejb-http/src/main/java/org/apache/openejb/server/httpd/HttpResponseImpl.java @@ -5,9 +5,9 @@ * The ASF licenses this file to You under the Apache License, Version 2.0 * (the "License"); you may not use this file except in compliance with * the License. You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * + * <p/> + * http://www.apache.org/licenses/LICENSE-2.0 + * <p/> * Unless required by applicable law or agreed to in writing, software * distributed under the License is distributed on an "AS IS" BASIS, * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. @@ -31,8 +31,8 @@ import java.io.PrintWriter; import java.io.UnsupportedEncodingException; import java.net.URLConnection; import java.net.URLEncoder; -import java.util.Arrays; import java.util.Collection; +import java.util.Collections; import java.util.HashMap; import java.util.Locale; import java.util.Map; @@ -105,6 +105,7 @@ public class HttpResponseImpl implements HttpResponse { * @param name the name of the header * @param value the value of the header */ + @Override public void setHeader(final String name, final String value) { headers.put(name, value); } @@ -180,6 +181,7 @@ public class HttpResponseImpl implements HttpResponse { * @param name The name of the header * @return the value of the header */ + @Override public String getHeader(final String name) { return headers.get(name); } @@ -191,7 +193,7 @@ public class HttpResponseImpl implements HttpResponse { @Override public Collection<String> getHeaders(final String s) { - return Arrays.asList(headers.get(s)); + return Collections.singletonList(headers.get(s)); } @Override @@ -225,6 +227,7 @@ public class HttpResponseImpl implements HttpResponse { * * @return the OutputStream to send data to the browser */ + @Override public ServletOutputStream getOutputStream() { return sosi; } @@ -239,6 +242,7 @@ public class HttpResponseImpl implements HttpResponse { return commited; } + @Override public void flushBuffer() throws IOException { // there is really no way to flush } @@ -287,6 +291,7 @@ public class HttpResponseImpl implements HttpResponse { * * @param type the type to be sent to the browser (i.e. "text/html") */ + @Override public void setContentType(final String type) { setHeader("Content-Type", type); } @@ -301,6 +306,7 @@ public class HttpResponseImpl implements HttpResponse { * * @return the content type (i.e. "text/html") */ + @Override public String getContentType() { return getHeader("Content-Type"); } @@ -322,6 +328,7 @@ public class HttpResponseImpl implements HttpResponse { /** * resets the data to be sent to the browser */ + @Override public void reset() { initBody(); } @@ -555,6 +562,7 @@ public class HttpResponseImpl implements HttpResponse { * @param message the error message to be sent * @return the HttpResponseImpl that this error belongs to */ + @SuppressWarnings("unused") protected static HttpResponseImpl createError(final String message) { return createError(message, null); } @@ -568,11 +576,11 @@ public class HttpResponseImpl implements HttpResponse { */ protected static HttpResponseImpl createError(String message, final Throwable t) { final HttpResponseImpl res = new HttpResponseImpl(500, "Internal Server Error", "text/html"); - PrintWriter body = null; + final PrintWriter body; try { body = res.getWriter(); } catch (final IOException e) { // impossible normally - // no-op + return res; } body.println("<html>"); @@ -590,14 +598,17 @@ public class HttpResponseImpl implements HttpResponse { } if (t != null) { + + PrintWriter writer = null; + try { body.println("<br><br>"); body.println("Stack Trace:<br>"); final ByteArrayOutputStream baos = new ByteArrayOutputStream(); - final PrintWriter writer = new PrintWriter(baos); + writer = new PrintWriter(baos); t.printStackTrace(writer); writer.flush(); - writer.close(); + message = new String(baos.toByteArray()); final StringTokenizer msg = new StringTokenizer(message, "\n\r"); @@ -606,6 +617,11 @@ public class HttpResponseImpl implements HttpResponse { body.println("<br>"); } } catch (final Exception e) { + //no-op + } finally { + if (writer != null) { + writer.close(); + } } } @@ -621,13 +637,16 @@ public class HttpResponseImpl implements HttpResponse { * @param ip the ip that is forbidden * @return the HttpResponseImpl that this error belongs to */ + @SuppressWarnings("unused") protected static HttpResponseImpl createForbidden(final String ip) { + final HttpResponseImpl res = new HttpResponseImpl(403, "Forbidden", "text/html"); - PrintWriter body = null; + final PrintWriter body; + try { body = res.getWriter(); } catch (final IOException e) { // normally impossible - // no-op + return res; } body.println("<html>"); @@ -702,6 +721,7 @@ public class HttpResponseImpl implements HttpResponse { this.content = content; } + @Override public void setStatusMessage(final String responseString) { this.setResponseString(responseString); } http://git-wip-us.apache.org/repos/asf/tomee/blob/db5bf163/tck/cdi-embedded/src/test/java/org/apache/openejb/tck/cdi/embedded/BeansImpl.java ---------------------------------------------------------------------- diff --git a/tck/cdi-embedded/src/test/java/org/apache/openejb/tck/cdi/embedded/BeansImpl.java b/tck/cdi-embedded/src/test/java/org/apache/openejb/tck/cdi/embedded/BeansImpl.java index 0119ff1..6f927b3 100644 --- a/tck/cdi-embedded/src/test/java/org/apache/openejb/tck/cdi/embedded/BeansImpl.java +++ b/tck/cdi-embedded/src/test/java/org/apache/openejb/tck/cdi/embedded/BeansImpl.java @@ -16,6 +16,7 @@ */ package org.apache.openejb.tck.cdi.embedded; +import org.apache.openejb.core.ObjectInputStreamFiltered; import org.apache.openejb.core.ivm.IntraVmCopyMonitor; import org.apache.openejb.core.ivm.IntraVmProxy; @@ -30,17 +31,18 @@ import java.io.ObjectOutputStream; */ public class BeansImpl implements org.jboss.jsr299.tck.spi.Beans { - public boolean isProxy(Object instance) { + @Override + public boolean isProxy(final Object instance) { System.out.println("isProxy: " + instance); return instance instanceof IntraVmProxy || instance.getClass().getName().contains("$Owb"); } @Override - public byte[] serialize(Object instance) throws IOException { + public byte[] serialize(final Object instance) throws IOException { IntraVmCopyMonitor.prePassivationOperation(); try { - ByteArrayOutputStream baos = new ByteArrayOutputStream(); - ObjectOutputStream os = new ObjectOutputStream(baos); + final ByteArrayOutputStream baos = new ByteArrayOutputStream(); + final ObjectOutputStream os = new ObjectOutputStream(baos); os.writeObject(instance); os.flush(); return baos.toByteArray(); @@ -50,9 +52,9 @@ public class BeansImpl implements org.jboss.jsr299.tck.spi.Beans { } @Override - public Object deserialize(byte[] bytes) throws IOException, ClassNotFoundException { - ByteArrayInputStream bais = new ByteArrayInputStream(bytes); - ObjectInputStream is = new ObjectInputStream(bais); + public Object deserialize(final byte[] bytes) throws IOException, ClassNotFoundException { + final ByteArrayInputStream bais = new ByteArrayInputStream(bytes); + final ObjectInputStream is = new ObjectInputStreamFiltered(bais); return is.readObject(); } } http://git-wip-us.apache.org/repos/asf/tomee/blob/db5bf163/tck/cdi-tomee-embedded/src/main/java/org/apache/openejb/tck/cdi/tomee/embedded/BeansImpl.java ---------------------------------------------------------------------- diff --git a/tck/cdi-tomee-embedded/src/main/java/org/apache/openejb/tck/cdi/tomee/embedded/BeansImpl.java b/tck/cdi-tomee-embedded/src/main/java/org/apache/openejb/tck/cdi/tomee/embedded/BeansImpl.java index a3d4a66..1962088 100644 --- a/tck/cdi-tomee-embedded/src/main/java/org/apache/openejb/tck/cdi/tomee/embedded/BeansImpl.java +++ b/tck/cdi-tomee-embedded/src/main/java/org/apache/openejb/tck/cdi/tomee/embedded/BeansImpl.java @@ -16,6 +16,7 @@ */ package org.apache.openejb.tck.cdi.tomee.embedded; +import org.apache.openejb.core.ObjectInputStreamFiltered; import org.apache.openejb.core.ivm.IntraVmCopyMonitor; import org.apache.openejb.core.ivm.IntraVmProxy; @@ -30,17 +31,18 @@ import java.io.ObjectOutputStream; */ public class BeansImpl implements org.jboss.jsr299.tck.spi.Beans { - public boolean isProxy(Object instance) { + @Override + public boolean isProxy(final Object instance) { System.out.println("isProxy: " + instance); return instance instanceof IntraVmProxy || instance.getClass().getName().contains("$Owb"); } @Override - public byte[] serialize(Object instance) throws IOException { + public byte[] serialize(final Object instance) throws IOException { IntraVmCopyMonitor.prePassivationOperation(); try { - ByteArrayOutputStream baos = new ByteArrayOutputStream(); - ObjectOutputStream os = new ObjectOutputStream(baos); + final ByteArrayOutputStream baos = new ByteArrayOutputStream(); + final ObjectOutputStream os = new ObjectOutputStream(baos); os.writeObject(instance); os.flush(); return baos.toByteArray(); @@ -50,9 +52,9 @@ public class BeansImpl implements org.jboss.jsr299.tck.spi.Beans { } @Override - public Object deserialize(byte[] bytes) throws IOException, ClassNotFoundException { - ByteArrayInputStream bais = new ByteArrayInputStream(bytes); - ObjectInputStream is = new ObjectInputStream(bais); + public Object deserialize(final byte[] bytes) throws IOException, ClassNotFoundException { + final ByteArrayInputStream bais = new ByteArrayInputStream(bytes); + final ObjectInputStream is = new ObjectInputStreamFiltered(bais); return is.readObject(); } } http://git-wip-us.apache.org/repos/asf/tomee/blob/db5bf163/tomee/tomee-common/src/main/java/org/apache/tomee/common/EjbFactory.java ---------------------------------------------------------------------- diff --git a/tomee/tomee-common/src/main/java/org/apache/tomee/common/EjbFactory.java b/tomee/tomee-common/src/main/java/org/apache/tomee/common/EjbFactory.java index 7b08e6d..ae0be94 100644 --- a/tomee/tomee-common/src/main/java/org/apache/tomee/common/EjbFactory.java +++ b/tomee/tomee-common/src/main/java/org/apache/tomee/common/EjbFactory.java @@ -34,6 +34,7 @@ import java.io.ObjectOutputStream; import java.util.Hashtable; public class EjbFactory extends AbstractObjectFactory { + @Override public Object getObjectInstance(final Object object, final Name name, final Context context, final Hashtable environment) throws Exception { // ignore non ejb-refs if (!(object instanceof EjbRef)) { @@ -52,6 +53,7 @@ public class EjbFactory extends AbstractObjectFactory { return value; } + @Override protected String buildJndiName(final Reference reference) throws NamingException { final String jndiName;// get and verify deploymentId final String deploymentId = NamingUtil.getProperty(reference, NamingUtil.DEPLOYMENT_ID); @@ -91,8 +93,7 @@ public class EjbFactory extends AbstractObjectFactory { final ByteArrayInputStream bais = new ByteArrayInputStream(baos.toByteArray()); final ObjectInputStream in = new EjbObjectInputStream(bais); - final Object copy = in.readObject(); - return copy; + return in.readObject(); } finally { IntraVmCopyMonitor.postCrossClassLoaderOperation(); }