Hi Felix,
This sounds like an optimized solution to solve the problem :).
A possible alternative might be, to exchange the writer on the first
AccessControlException, this would prevent doPriviledged blocks
when no principal-based authorization is done, I must admit that
I have no idea on the performance implications on entering a
privileged section.
Cheers,
Reto
Felix Meschberger said the following on 01/27/2009 09:42 PM:
> Hi Reto,
>
> I am somewhat reluctant to have each logging call to this privileged
> stuff. How about the following solution:
>
> The SlingLoggerWriter.createWriter method is responsible to create the
> actual writer. If the system has a SecurityManager, a PrivilegedWriter
> is wrapped around the underlying OutputStreamWriter(FileOutputStream),
> which does the privileged stuff. If the system has no SecurityManager,
> no such PrivilegedWriter is added.
>
> In addition, as you note, the SlingLoggerWriter.checkRotate must be
> enhanced to check the SecurityManager before rotating the file(s).
>
> WDYT ?
>
> Regards
> Felix
>
>
> Reto Bachmann-Gmür schrieb:
>
>> Hello
>>
>> We're using the Sling - OSGi LogService Implementation partially in code
>> running as a subject. The problem is that for this to work we have to
>> assign read and write right on the log-file to all users. Otherwise we
>> get an exception like the following:
>>
>> 27.01.2009 18:09:08.491 *INFO* [btpool3-0 - /kl]
>> org.trialox.platform.security.auth.AuthenticatingFilter
>> SecurityException: {} java.security.AccessControlException: access
>> denied (java.io.FilePermission
>> /home/reto/trialox-workspace/default/org.trialox.cms.launchpad/target/sling/logs/error.log
>> read)
>> at
>> java.security.AccessControlContext.checkPermission(AccessControlContext.java:323)
>> at
>> java.security.AccessController.checkPermission(AccessController.java:546)
>> at java.lang.SecurityManager.checkPermission(SecurityManager.java:532)
>> at java.lang.SecurityManager.checkRead(SecurityManager.java:871)
>> at java.io.File.length(File.java:846)
>> at
>> org.apache.sling.commons.log.slf4j.SlingLoggerWriter.checkRotate(SlingLoggerWriter.java:308)
>>
>>
>> I was wondering if it wouldn't be reasonable to have the logger do the
>> file access in a AccessController.doPrivileged section, so that the
>> respective permissions only have to be granted to the codebase and not
>> to the useres as well.
>>
>> Cheers,
>> Reto
>>
>>
>
>
