changeset 7124:3b44abd19845

8031395: Enhance LDAP processing Reviewed-by: weijun, coffeys
author robm
date Mon, 27 Jan 2014 13:42:59 +0000
parents c40e21f7dff8
children c26df3aa662c
files src/share/classes/com/sun/jndi/ldap/LdapBindingEnumeration.java src/share/classes/com/sun/jndi/ldap/LdapSearchEnumeration.java
diffstat 2 files changed, 36 insertions(+), 7 deletions(-) [+]
line wrap: on
line diff
--- a/src/share/classes/com/sun/jndi/ldap/LdapBindingEnumeration.java	Fri Jan 24 10:34:31 2014 -0800
+++ b/src/share/classes/com/sun/jndi/ldap/LdapBindingEnumeration.java	Mon Jan 27 13:42:59 2014 +0000
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 1999, 2003, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 1999, 2014, Oracle and/or its affiliates. All rights reserved.
  * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
  *
  * This code is free software; you can redistribute it and/or modify it
@@ -25,6 +25,10 @@
 
 package com.sun.jndi.ldap;
 
+import java.security.AccessControlContext;
+import java.security.AccessController;
+import java.security.PrivilegedActionException;
+import java.security.PrivilegedExceptionAction;
 import java.util.Vector;
 import javax.naming.*;
 import javax.naming.directory.*;
@@ -34,6 +38,8 @@
 
 final class LdapBindingEnumeration extends LdapNamingEnumeration {
 
+    private final AccessControlContext acc = AccessController.getContext();
+
     LdapBindingEnumeration(LdapCtx homeCtx, LdapResult answer, Name remain,
         Continuation cont) throws NamingException
     {
@@ -41,7 +47,7 @@
     }
 
     protected NameClassPair
-      createItem(String dn, Attributes attrs, Vector respCtls)
+      createItem(String dn, final Attributes attrs, Vector respCtls)
         throws NamingException {
 
         Object obj = null;
@@ -49,7 +55,16 @@
 
         if (attrs.get(Obj.JAVA_ATTRIBUTES[Obj.CLASSNAME]) != null) {
             // serialized object or object reference
-            obj = Obj.decodeObject(attrs);
+            try {
+                obj = AccessController.doPrivileged(new PrivilegedExceptionAction<Object>() {
+                    @Override
+                    public Object run() throws NamingException {
+                        return Obj.decodeObject(attrs);
+                    }
+                }, acc);
+            } catch (PrivilegedActionException e) {
+                throw (NamingException)e.getException();
+            }
         }
         if (obj == null) {
             // DirContext object
--- a/src/share/classes/com/sun/jndi/ldap/LdapSearchEnumeration.java	Fri Jan 24 10:34:31 2014 -0800
+++ b/src/share/classes/com/sun/jndi/ldap/LdapSearchEnumeration.java	Mon Jan 27 13:42:59 2014 +0000
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 1999, 2003, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 1999, 2014, Oracle and/or its affiliates. All rights reserved.
  * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
  *
  * This code is free software; you can redistribute it and/or modify it
@@ -25,6 +25,10 @@
 
 package com.sun.jndi.ldap;
 
+import java.security.AccessControlContext;
+import java.security.AccessController;
+import java.security.PrivilegedActionException;
+import java.security.PrivilegedExceptionAction;
 import java.util.Vector;
 import javax.naming.*;
 import javax.naming.directory.*;
@@ -39,6 +43,8 @@
     private Name startName;             // prefix of names of search results
     private LdapCtx.SearchArgs searchArgs = null;
 
+    private final AccessControlContext acc = AccessController.getContext();
+
     LdapSearchEnumeration(LdapCtx homeCtx, LdapResult search_results,
         String starter, LdapCtx.SearchArgs args, Continuation cont)
         throws NamingException {
@@ -53,7 +59,7 @@
     }
 
     protected NameClassPair
-    createItem(String dn, Attributes attrs, Vector respCtls)
+    createItem(String dn, final Attributes attrs, Vector respCtls)
         throws NamingException {
 
         Object obj = null;
@@ -110,8 +116,16 @@
             if (attrs.get(Obj.JAVA_ATTRIBUTES[Obj.CLASSNAME]) != null) {
                 // Entry contains Java-object attributes (ser/ref object)
                 // serialized object or object reference
-                obj = Obj.decodeObject(attrs);
-
+                try {
+                    obj = AccessController.doPrivileged(new PrivilegedExceptionAction<Object>() {
+                        @Override
+                        public Object run() throws NamingException {
+                            return Obj.decodeObject(attrs);
+                        }
+                    }, acc);
+                } catch (PrivilegedActionException e) {
+                    throw (NamingException)e.getException();
+                }
             }
             if (obj == null) {
                 obj = new LdapCtx(homeCtx, dn);