From 087cf0d79b3939fc0cebfd93ccb450c717f7b9d3 Mon Sep 17 00:00:00 2001 From: "David M. Lloyd" Date: Wed, 27 Mar 2013 23:29:47 -0500 Subject: [PATCH] Add Wildfly security manager implementation --- .../appclient/deployment/SecurityActions.java | 4 +- .../as/appclient/service/SecurityActions.java | 4 +- .../appclient/subsystem/SecurityActions.java | 12 +- .../arquillian/service/ArquillianService.java | 4 +- .../jboss/as/security-util/main/module.xml | 1 + .../org/jboss/as/cli/SecurityActions.java | 4 +- .../jboss/as/cli/gui/JConsoleCLIPlugin.java | 2 +- .../as/cli/handlers/SecurityActions.java | 6 +- .../cli/handlers/module/SecurityActions.java | 4 +- .../as/cli/impl/CLIModelControllerClient.java | 2 +- .../jboss/as/cli/impl/SecurityActions.java | 10 +- .../as/clustering/SimpleMarshalledValue.java | 4 +- .../KeyAffinityServiceFactoryService.java | 2 +- ...tractResourceAdapterDeploymentService.java | 4 +- .../deployment/SecurityActions.java | 4 +- .../workmanager/WorkManagerService.java | 2 +- .../AbstractDataSourceService.java | 6 +- .../as/connector/util/SecurityActions.java | 6 +- controller-client/pom.xml | 4 +- .../client/impl/ClientConfigurationImpl.java | 4 +- .../jboss/as/controller/SecurityActions.java | 6 +- .../controller/extension/SecurityActions.java | 4 +- .../interfaces/OverallInterfaceCriteria.java | 2 +- .../interfaces/SecurityActions.java | 2 +- .../operations/common/SecurityActions.java | 4 +- .../operations/global/SecurityActions.java | 4 +- .../controller/parsing/SecurityActions.java | 4 +- .../persistence/ConfigurationFile.java | 2 +- ...trollerOperationHandlerFactoryService.java | 2 +- .../as/controller/remote/SecurityActions.java | 2 +- .../scanner/DeploymentScannerAdd.java | 2 +- .../domain/http/server/SecurityActions.java | 2 +- .../as/ee/beanvalidation/SecurityActions.java | 4 +- .../as/ee/component/SecurityActions.java | 4 +- .../component/deployers/SecurityActions.java | 4 +- .../ManagedBeanAnnotationProcessor.java | 2 + .../component/EJBComponentDescription.java | 3 + .../messagedriven/MessageDrivenComponent.java | 2 +- .../messagedriven/SecurityActions.java | 4 +- .../component/stateful/SecurityActions.java | 6 +- .../jboss/as/ejb3/iiop/SecurityActions.java | 4 +- .../as/ejb3/iiop/stub/SecurityActions.java | 4 +- .../MessageEndpointInvocationHandler.java | 2 +- .../jboss/as/ejb3/remote/SecurityActions.java | 6 +- .../protocol/versionone/SecurityActions.java | 4 +- .../as/ejb3/subsystem/SecurityActions.java | 6 +- .../jboss/as/embedded/SecurityActions.java | 14 +- .../embedded/ejb3/ClassPathEjbJarScanner.java | 2 +- .../ejb3/JBossStandaloneEJBContainer.java | 2 +- .../JBossStandaloneEJBContainerProvider.java | 2 +- .../DomainModelControllerService.java | 2 +- .../controller/HostControllerService.java | 2 +- .../ProcessControllerConnectionService.java | 2 +- .../RemoteDomainConnectionService.java | 2 +- .../as/host/controller/SecurityActions.java | 10 +- ...mainControllerOperationHandlerService.java | 2 +- .../host/controller/mgmt/SecurityActions.java | 10 +- ...rToHostOperationHandlerFactoryService.java | 2 +- .../operations/HttpManagementAddHandler.java | 2 +- .../operations/SecurityActions.java | 6 +- .../org/jboss/as/jacorb/SecurityActions.java | 2 +- .../rmi/marshal/strategy/StubStrategy.java | 2 +- .../as/jacorb/service/SecurityActions.java | 10 +- .../as/jaxrs/deployment/SecurityActions.java | 4 +- .../org/jboss/as/jdr/JdrReportService.java | 2 +- .../org/jboss/as/jmx/SecurityActions.java | 2 +- .../jboss/as/jmx/model/SecurityActions.java | 2 +- .../persistenceprovider/SecurityActions.java | 4 +- .../as/jpa/validator/SecurityActions.java | 4 +- .../jsr77/managedobject/SecurityActions.java | 2 +- .../as/jsr77/subsystem/SecurityActions.java | 2 +- .../org/jboss/as/logging/SecurityActions.java | 8 +- .../jboss/as/messaging/SecurityActions.java | 6 +- .../as/messaging/jms/SecurityActions.java | 6 +- .../naming/InitialContextFactoryBuilder.java | 2 +- .../as/naming/NamingEventCoordinator.java | 2 +- .../org/jboss/as/naming/SecurityActions.java | 8 +- .../as/naming/context/SecurityActions.java | 4 +- .../as/naming/subsystem/SecurityActions.java | 4 +- .../org/jboss/as/network/NetworkUtils.java | 2 +- .../as/osgi/launcher/SecurityActions.java | 14 +- .../jboss/as/osgi/parser/SecurityActions.java | 6 +- .../as/osgi/service/SecurityActions.java | 2 +- .../as/platform/mbean/SecurityActions.java | 10 +- .../as/pojo/service/SecurityActions.java | 4 +- .../main/java/org/jboss/as/process/Main.java | 2 +- .../org/jboss/as/process/SecurityActions.java | 10 +- .../jboss/as/remoting/SecurityActions.java | 4 +- .../org/jboss/as/service/SecurityActions.java | 2 +- security-util/pom.xml | 7 +- .../manager/AccessCheckingInterceptor.java | 68 ++++ .../AddGlobalSecurityProviderAction.java | 2 +- .../manager}/AddShutdownHookAction.java | 2 +- .../ClearContextClassLoaderAction.java | 2 +- .../manager}/ClearPropertyAction.java | 2 +- .../manager}/CreateTempFileAction.java | 2 +- .../security/manager}/CreateThreadAction.java | 2 +- .../GetAccessControlContextAction.java | 2 +- .../GetAccessibleDeclaredFieldAction.java | 59 ++++ .../security/manager}/GetBooleanAction.java | 2 +- .../manager}/GetClassLoaderAction.java | 2 +- .../manager}/GetContextClassLoaderAction.java | 2 +- .../manager}/GetEnvironmentAction.java | 2 +- .../manager}/GetModuleClassLoaderAction.java | 2 +- .../manager}/GetSystemPropertiesAction.java | 2 +- .../ReadEnvironmentPropertyAction.java | 2 +- .../security/manager}/ReadPropertyAction.java | 2 +- .../manager}/ReplacePropertyAction.java | 2 +- .../manager}/SetContextClassLoaderAction.java | 2 +- .../SetContextClassLoaderFromClassAction.java | 2 +- .../manager}/SetSystemPropertiesAction.java | 2 +- .../security/manager}/SubjectUtils.java | 2 +- .../manager/WildFlySecurityManager.java | 298 ++++++++++++++++++ .../manager}/WritePropertyAction.java | 2 +- .../manager}/WritePropertyIfAbsentAction.java | 2 +- .../manager}/WriteSecurityPropertyAction.java | 2 +- .../manager/_private/SecurityMessages.java | 53 ++++ .../jboss/as/security/SecurityActions.java | 6 +- .../as/security/context/SecurityActions.java | 2 +- .../as/security/plugins/SecurityActions.java | 4 +- .../as/security/service/SecurityActions.java | 8 +- .../main/java/org/jboss/as/server/Main.java | 2 +- .../org/jboss/as/server/SecurityActions.java | 12 +- .../org/jboss/as/server/ServerService.java | 2 +- .../controller/resources/SecurityActions.java | 2 +- .../deployment/DeploymentMountProvider.java | 2 +- .../deployment/reflect/SecurityActions.java | 4 +- .../HostControllerConnectionService.java | 2 +- .../operations/HttpManagementAddHandler.java | 3 +- .../as/server/operations/SecurityActions.java | 8 +- .../services/net/NetworkInterfaceService.java | 2 +- .../util/DomainControllerClientConfig.java | 3 +- .../as/threads/ThreadFactoryService.java | 2 +- .../session/DistributableSessionManager.java | 2 +- .../as/web/deployment/SecurityActions.java | 4 +- .../session/DistributableSessionManager.java | 2 +- .../deployers/SecurityActions.java | 4 +- .../parser/WSDeploymentAspectParser.java | 4 +- .../webservices/publish/SecurityActions.java | 4 +- .../webserviceref/SecurityActions.java | 4 +- .../org/jboss/as/weld/SecurityActions.java | 4 +- .../processors/SecurityActions.java | 4 +- .../jboss/as/weld/ejb/SecurityActions.java | 4 +- .../as/weld/injection/SecurityActions.java | 4 +- .../ModuleGroupSingletonProvider.java | 2 +- .../AbstractResourceInjectionServices.java | 2 +- .../org/jboss/as/xts/SecurityActions.java | 2 +- 147 files changed, 750 insertions(+), 263 deletions(-) create mode 100644 security-util/src/main/java/org/wildfly/security/manager/AccessCheckingInterceptor.java rename security-util/src/main/java/org/{jboss/as/util/security => wildfly/security/manager}/AddGlobalSecurityProviderAction.java (97%) rename security-util/src/main/java/org/{jboss/as/util/security => wildfly/security/manager}/AddShutdownHookAction.java (97%) rename security-util/src/main/java/org/{jboss/as/util/security => wildfly/security/manager}/ClearContextClassLoaderAction.java (98%) rename security-util/src/main/java/org/{jboss/as/util/security => wildfly/security/manager}/ClearPropertyAction.java (97%) rename security-util/src/main/java/org/{jboss/as/util/security => wildfly/security/manager}/CreateTempFileAction.java (98%) rename security-util/src/main/java/org/{jboss/as/util/security => wildfly/security/manager}/CreateThreadAction.java (98%) rename security-util/src/main/java/org/{jboss/as/util/security => wildfly/security/manager}/GetAccessControlContextAction.java (97%) create mode 100644 security-util/src/main/java/org/wildfly/security/manager/GetAccessibleDeclaredFieldAction.java rename security-util/src/main/java/org/{jboss/as/util/security => wildfly/security/manager}/GetBooleanAction.java (97%) rename security-util/src/main/java/org/{jboss/as/util/security => wildfly/security/manager}/GetClassLoaderAction.java (97%) rename security-util/src/main/java/org/{jboss/as/util/security => wildfly/security/manager}/GetContextClassLoaderAction.java (97%) rename security-util/src/main/java/org/{jboss/as/util/security => wildfly/security/manager}/GetEnvironmentAction.java (97%) rename security-util/src/main/java/org/{jboss/as/util/security => wildfly/security/manager}/GetModuleClassLoaderAction.java (97%) rename security-util/src/main/java/org/{jboss/as/util/security => wildfly/security/manager}/GetSystemPropertiesAction.java (97%) rename security-util/src/main/java/org/{jboss/as/util/security => wildfly/security/manager}/ReadEnvironmentPropertyAction.java (98%) rename security-util/src/main/java/org/{jboss/as/util/security => wildfly/security/manager}/ReadPropertyAction.java (98%) rename security-util/src/main/java/org/{jboss/as/util/security => wildfly/security/manager}/ReplacePropertyAction.java (98%) rename security-util/src/main/java/org/{jboss/as/util/security => wildfly/security/manager}/SetContextClassLoaderAction.java (97%) rename security-util/src/main/java/org/{jboss/as/util/security => wildfly/security/manager}/SetContextClassLoaderFromClassAction.java (97%) rename security-util/src/main/java/org/{jboss/as/util/security => wildfly/security/manager}/SetSystemPropertiesAction.java (97%) rename security-util/src/main/java/org/{jboss/as/util/security => wildfly/security/manager}/SubjectUtils.java (98%) create mode 100644 security-util/src/main/java/org/wildfly/security/manager/WildFlySecurityManager.java rename security-util/src/main/java/org/{jboss/as/util/security => wildfly/security/manager}/WritePropertyAction.java (97%) rename security-util/src/main/java/org/{jboss/as/util/security => wildfly/security/manager}/WritePropertyIfAbsentAction.java (98%) rename security-util/src/main/java/org/{jboss/as/util/security => wildfly/security/manager}/WriteSecurityPropertyAction.java (97%) create mode 100644 security-util/src/main/java/org/wildfly/security/manager/_private/SecurityMessages.java diff --git a/appclient/src/main/java/org/jboss/as/appclient/deployment/SecurityActions.java b/appclient/src/main/java/org/jboss/as/appclient/deployment/SecurityActions.java index 2c64b011ea58..70bcda90fa9e 100644 --- a/appclient/src/main/java/org/jboss/as/appclient/deployment/SecurityActions.java +++ b/appclient/src/main/java/org/jboss/as/appclient/deployment/SecurityActions.java @@ -22,8 +22,8 @@ package org.jboss.as.appclient.deployment; -import org.jboss.as.util.security.GetContextClassLoaderAction; -import org.jboss.as.util.security.SetContextClassLoaderAction; +import org.wildfly.security.manager.GetContextClassLoaderAction; +import org.wildfly.security.manager.SetContextClassLoaderAction; import static java.lang.System.getSecurityManager; import static java.lang.Thread.currentThread; diff --git a/appclient/src/main/java/org/jboss/as/appclient/service/SecurityActions.java b/appclient/src/main/java/org/jboss/as/appclient/service/SecurityActions.java index 5b0530455313..9a547625068c 100644 --- a/appclient/src/main/java/org/jboss/as/appclient/service/SecurityActions.java +++ b/appclient/src/main/java/org/jboss/as/appclient/service/SecurityActions.java @@ -22,8 +22,8 @@ package org.jboss.as.appclient.service; -import org.jboss.as.util.security.GetContextClassLoaderAction; -import org.jboss.as.util.security.SetContextClassLoaderAction; +import org.wildfly.security.manager.GetContextClassLoaderAction; +import org.wildfly.security.manager.SetContextClassLoaderAction; import static java.lang.System.getSecurityManager; import static java.lang.Thread.currentThread; diff --git a/appclient/src/main/java/org/jboss/as/appclient/subsystem/SecurityActions.java b/appclient/src/main/java/org/jboss/as/appclient/subsystem/SecurityActions.java index 9b1685355b3a..91d73d9b988a 100644 --- a/appclient/src/main/java/org/jboss/as/appclient/subsystem/SecurityActions.java +++ b/appclient/src/main/java/org/jboss/as/appclient/subsystem/SecurityActions.java @@ -26,12 +26,12 @@ import java.security.Security; import java.util.Map; import java.util.Properties; -import org.jboss.as.util.security.AddGlobalSecurityProviderAction; -import org.jboss.as.util.security.ClearPropertyAction; -import org.jboss.as.util.security.GetEnvironmentAction; -import org.jboss.as.util.security.GetSystemPropertiesAction; -import org.jboss.as.util.security.ReadPropertyAction; -import org.jboss.as.util.security.WritePropertyAction; +import org.wildfly.security.manager.AddGlobalSecurityProviderAction; +import org.wildfly.security.manager.ClearPropertyAction; +import org.wildfly.security.manager.GetEnvironmentAction; +import org.wildfly.security.manager.GetSystemPropertiesAction; +import org.wildfly.security.manager.ReadPropertyAction; +import org.wildfly.security.manager.WritePropertyAction; import static java.lang.System.clearProperty; import static java.lang.System.getProperties; diff --git a/arquillian/protocol-jmx/src/main/java/org/jboss/as/arquillian/service/ArquillianService.java b/arquillian/protocol-jmx/src/main/java/org/jboss/as/arquillian/service/ArquillianService.java index b7a64a86cde0..b4857340d80c 100644 --- a/arquillian/protocol-jmx/src/main/java/org/jboss/as/arquillian/service/ArquillianService.java +++ b/arquillian/protocol-jmx/src/main/java/org/jboss/as/arquillian/service/ArquillianService.java @@ -37,8 +37,8 @@ import org.jboss.as.server.deployment.DeploymentUnit; import org.jboss.as.server.deployment.Phase; import org.jboss.as.server.deployment.SetupAction; -import org.jboss.as.util.security.GetContextClassLoaderAction; -import org.jboss.as.util.security.SetContextClassLoaderAction; +import org.wildfly.security.manager.GetContextClassLoaderAction; +import org.wildfly.security.manager.SetContextClassLoaderAction; import org.jboss.logging.Logger; import org.jboss.modules.Module; import org.jboss.msc.service.AbstractServiceListener; diff --git a/build/src/main/resources/modules/system/layers/base/org/jboss/as/security-util/main/module.xml b/build/src/main/resources/modules/system/layers/base/org/jboss/as/security-util/main/module.xml index 25ee23bacd6e..0c65bcb00e9d 100644 --- a/build/src/main/resources/modules/system/layers/base/org/jboss/as/security-util/main/module.xml +++ b/build/src/main/resources/modules/system/layers/base/org/jboss/as/security-util/main/module.xml @@ -32,6 +32,7 @@ + diff --git a/cli/src/main/java/org/jboss/as/cli/SecurityActions.java b/cli/src/main/java/org/jboss/as/cli/SecurityActions.java index 32c2aa3bb48b..5b99ac2e8c29 100644 --- a/cli/src/main/java/org/jboss/as/cli/SecurityActions.java +++ b/cli/src/main/java/org/jboss/as/cli/SecurityActions.java @@ -21,8 +21,8 @@ */ package org.jboss.as.cli; -import org.jboss.as.util.security.GetContextClassLoaderAction; -import org.jboss.as.util.security.ReadPropertyAction; +import org.wildfly.security.manager.GetContextClassLoaderAction; +import org.wildfly.security.manager.ReadPropertyAction; import static java.lang.System.getProperty; import static java.lang.System.getSecurityManager; diff --git a/cli/src/main/java/org/jboss/as/cli/gui/JConsoleCLIPlugin.java b/cli/src/main/java/org/jboss/as/cli/gui/JConsoleCLIPlugin.java index 1ea4762155c4..d222c6abddd1 100644 --- a/cli/src/main/java/org/jboss/as/cli/gui/JConsoleCLIPlugin.java +++ b/cli/src/main/java/org/jboss/as/cli/gui/JConsoleCLIPlugin.java @@ -42,7 +42,7 @@ import org.jboss.as.cli.CommandContextFactory; import org.jboss.as.controller.client.ModelControllerClient; import org.jboss.as.controller.client.impl.ExistingChannelModelControllerClient; -import org.jboss.as.util.security.GetAccessControlContextAction; +import org.wildfly.security.manager.GetAccessControlContextAction; import org.jboss.dmr.ModelNode; import org.jboss.remoting3.Channel; import org.jboss.remoting3.Connection; diff --git a/cli/src/main/java/org/jboss/as/cli/handlers/SecurityActions.java b/cli/src/main/java/org/jboss/as/cli/handlers/SecurityActions.java index 3cdbad8de66a..7a2ddfd00b22 100644 --- a/cli/src/main/java/org/jboss/as/cli/handlers/SecurityActions.java +++ b/cli/src/main/java/org/jboss/as/cli/handlers/SecurityActions.java @@ -21,9 +21,9 @@ */ package org.jboss.as.cli.handlers; -import org.jboss.as.util.security.GetClassLoaderAction; -import org.jboss.as.util.security.ReadEnvironmentPropertyAction; -import org.jboss.as.util.security.ReadPropertyAction; +import org.wildfly.security.manager.GetClassLoaderAction; +import org.wildfly.security.manager.ReadEnvironmentPropertyAction; +import org.wildfly.security.manager.ReadPropertyAction; import static java.lang.System.getProperty; import static java.lang.System.getSecurityManager; diff --git a/cli/src/main/java/org/jboss/as/cli/handlers/module/SecurityActions.java b/cli/src/main/java/org/jboss/as/cli/handlers/module/SecurityActions.java index 7afb6663960f..0d6119900e0c 100644 --- a/cli/src/main/java/org/jboss/as/cli/handlers/module/SecurityActions.java +++ b/cli/src/main/java/org/jboss/as/cli/handlers/module/SecurityActions.java @@ -21,8 +21,8 @@ */ package org.jboss.as.cli.handlers.module; -import org.jboss.as.util.security.ReadEnvironmentPropertyAction; -import org.jboss.as.util.security.ReadPropertyAction; +import org.wildfly.security.manager.ReadEnvironmentPropertyAction; +import org.wildfly.security.manager.ReadPropertyAction; import static java.lang.System.getProperty; import static java.lang.System.getSecurityManager; diff --git a/cli/src/main/java/org/jboss/as/cli/impl/CLIModelControllerClient.java b/cli/src/main/java/org/jboss/as/cli/impl/CLIModelControllerClient.java index 88573ff81afd..d75e4692c5fb 100644 --- a/cli/src/main/java/org/jboss/as/cli/impl/CLIModelControllerClient.java +++ b/cli/src/main/java/org/jboss/as/cli/impl/CLIModelControllerClient.java @@ -42,7 +42,7 @@ import org.jboss.as.protocol.mgmt.ManagementChannelAssociation; import org.jboss.as.protocol.mgmt.ManagementChannelHandler; import org.jboss.as.protocol.mgmt.ManagementClientChannelStrategy; -import org.jboss.as.util.security.GetAccessControlContextAction; +import org.wildfly.security.manager.GetAccessControlContextAction; import org.jboss.dmr.ModelNode; import org.jboss.remoting3.Channel; import org.jboss.remoting3.CloseHandler; diff --git a/cli/src/main/java/org/jboss/as/cli/impl/SecurityActions.java b/cli/src/main/java/org/jboss/as/cli/impl/SecurityActions.java index 8cd0941ba4ab..16452552e4e1 100644 --- a/cli/src/main/java/org/jboss/as/cli/impl/SecurityActions.java +++ b/cli/src/main/java/org/jboss/as/cli/impl/SecurityActions.java @@ -21,11 +21,11 @@ */ package org.jboss.as.cli.impl; -import org.jboss.as.util.security.AddShutdownHookAction; -import org.jboss.as.util.security.GetClassLoaderAction; -import org.jboss.as.util.security.ReadEnvironmentPropertyAction; -import org.jboss.as.util.security.ReadPropertyAction; -import org.jboss.as.util.security.WritePropertyAction; +import org.wildfly.security.manager.AddShutdownHookAction; +import org.wildfly.security.manager.GetClassLoaderAction; +import org.wildfly.security.manager.ReadEnvironmentPropertyAction; +import org.wildfly.security.manager.ReadPropertyAction; +import org.wildfly.security.manager.WritePropertyAction; import static java.lang.Runtime.getRuntime; import static java.lang.System.getProperty; diff --git a/clustering/api/src/main/java/org/jboss/as/clustering/SimpleMarshalledValue.java b/clustering/api/src/main/java/org/jboss/as/clustering/SimpleMarshalledValue.java index 6aa7a0b8793c..53a144aa6973 100644 --- a/clustering/api/src/main/java/org/jboss/as/clustering/SimpleMarshalledValue.java +++ b/clustering/api/src/main/java/org/jboss/as/clustering/SimpleMarshalledValue.java @@ -30,8 +30,8 @@ import java.io.ObjectOutput; import java.util.Arrays; -import org.jboss.as.util.security.GetContextClassLoaderAction; -import org.jboss.as.util.security.SetContextClassLoaderAction; +import org.wildfly.security.manager.GetContextClassLoaderAction; +import org.wildfly.security.manager.SetContextClassLoaderAction; import org.jboss.marshalling.Marshaller; import org.jboss.marshalling.Marshalling; import org.jboss.marshalling.SimpleDataInput; diff --git a/clustering/infinispan/src/main/java/org/jboss/as/clustering/infinispan/affinity/KeyAffinityServiceFactoryService.java b/clustering/infinispan/src/main/java/org/jboss/as/clustering/infinispan/affinity/KeyAffinityServiceFactoryService.java index af897386bce2..c435da16c3fc 100644 --- a/clustering/infinispan/src/main/java/org/jboss/as/clustering/infinispan/affinity/KeyAffinityServiceFactoryService.java +++ b/clustering/infinispan/src/main/java/org/jboss/as/clustering/infinispan/affinity/KeyAffinityServiceFactoryService.java @@ -32,7 +32,7 @@ import org.infinispan.affinity.KeyAffinityServiceImpl; import org.infinispan.affinity.KeyGenerator; import org.infinispan.remoting.transport.Address; -import org.jboss.as.util.security.GetAccessControlContextAction; +import org.wildfly.security.manager.GetAccessControlContextAction; import org.jboss.msc.service.Service; import org.jboss.msc.service.ServiceName; import org.jboss.msc.service.StartContext; diff --git a/connector/src/main/java/org/jboss/as/connector/services/resourceadapters/deployment/AbstractResourceAdapterDeploymentService.java b/connector/src/main/java/org/jboss/as/connector/services/resourceadapters/deployment/AbstractResourceAdapterDeploymentService.java index 6f9ace289249..3c07c97d9d51 100644 --- a/connector/src/main/java/org/jboss/as/connector/services/resourceadapters/deployment/AbstractResourceAdapterDeploymentService.java +++ b/connector/src/main/java/org/jboss/as/connector/services/resourceadapters/deployment/AbstractResourceAdapterDeploymentService.java @@ -51,8 +51,8 @@ import org.jboss.as.naming.ServiceBasedNamingStore; import org.jboss.as.naming.deployment.ContextNames; import org.jboss.as.naming.service.BinderService; -import org.jboss.as.util.security.ClearContextClassLoaderAction; -import org.jboss.as.util.security.SetContextClassLoaderFromClassAction; +import org.wildfly.security.manager.ClearContextClassLoaderAction; +import org.wildfly.security.manager.SetContextClassLoaderFromClassAction; import org.jboss.jca.common.api.metadata.ironjacamar.IronJacamar; import org.jboss.jca.common.api.metadata.ra.ConfigProperty; import org.jboss.jca.common.api.metadata.ra.Connector; diff --git a/connector/src/main/java/org/jboss/as/connector/services/resourceadapters/deployment/SecurityActions.java b/connector/src/main/java/org/jboss/as/connector/services/resourceadapters/deployment/SecurityActions.java index e418c1ce722b..1906daae2feb 100644 --- a/connector/src/main/java/org/jboss/as/connector/services/resourceadapters/deployment/SecurityActions.java +++ b/connector/src/main/java/org/jboss/as/connector/services/resourceadapters/deployment/SecurityActions.java @@ -22,8 +22,8 @@ package org.jboss.as.connector.services.resourceadapters.deployment; -import org.jboss.as.util.security.GetContextClassLoaderAction; -import org.jboss.as.util.security.SetContextClassLoaderAction; +import org.wildfly.security.manager.GetContextClassLoaderAction; +import org.wildfly.security.manager.SetContextClassLoaderAction; import static java.lang.System.getSecurityManager; import static java.lang.Thread.currentThread; diff --git a/connector/src/main/java/org/jboss/as/connector/services/workmanager/WorkManagerService.java b/connector/src/main/java/org/jboss/as/connector/services/workmanager/WorkManagerService.java index f3cb6d21587e..384979e89708 100644 --- a/connector/src/main/java/org/jboss/as/connector/services/workmanager/WorkManagerService.java +++ b/connector/src/main/java/org/jboss/as/connector/services/workmanager/WorkManagerService.java @@ -30,7 +30,7 @@ import java.util.concurrent.Executor; import org.jboss.as.connector.util.ConnectorServices; -import org.jboss.as.util.security.ReadPropertyAction; +import org.wildfly.security.manager.ReadPropertyAction; import org.jboss.jca.core.api.workmanager.WorkManager; import org.jboss.jca.core.security.DefaultCallback; import org.jboss.jca.core.spi.security.Callback; diff --git a/connector/src/main/java/org/jboss/as/connector/subsystems/datasources/AbstractDataSourceService.java b/connector/src/main/java/org/jboss/as/connector/subsystems/datasources/AbstractDataSourceService.java index 6f10c4f08028..8428b7c5f8ce 100644 --- a/connector/src/main/java/org/jboss/as/connector/subsystems/datasources/AbstractDataSourceService.java +++ b/connector/src/main/java/org/jboss/as/connector/subsystems/datasources/AbstractDataSourceService.java @@ -42,9 +42,9 @@ import org.jboss.as.connector.services.driver.InstalledDriver; import org.jboss.as.connector.services.driver.registry.DriverRegistry; import org.jboss.as.connector.util.Injection; -import org.jboss.as.util.security.ClearContextClassLoaderAction; -import org.jboss.as.util.security.GetClassLoaderAction; -import org.jboss.as.util.security.SetContextClassLoaderFromClassAction; +import org.wildfly.security.manager.ClearContextClassLoaderAction; +import org.wildfly.security.manager.GetClassLoaderAction; +import org.wildfly.security.manager.SetContextClassLoaderFromClassAction; import org.jboss.jca.adapters.jdbc.BaseWrapperManagedConnectionFactory; import org.jboss.jca.adapters.jdbc.local.LocalManagedConnectionFactory; import org.jboss.jca.adapters.jdbc.spi.ClassLoaderPlugin; diff --git a/connector/src/main/java/org/jboss/as/connector/util/SecurityActions.java b/connector/src/main/java/org/jboss/as/connector/util/SecurityActions.java index 9c01d0e6234d..9dda6dba49f2 100644 --- a/connector/src/main/java/org/jboss/as/connector/util/SecurityActions.java +++ b/connector/src/main/java/org/jboss/as/connector/util/SecurityActions.java @@ -20,9 +20,9 @@ package org.jboss.as.connector.util; -import org.jboss.as.util.security.GetContextClassLoaderAction; -import org.jboss.as.util.security.ReadPropertyAction; -import org.jboss.as.util.security.SetContextClassLoaderAction; +import org.wildfly.security.manager.GetContextClassLoaderAction; +import org.wildfly.security.manager.ReadPropertyAction; +import org.wildfly.security.manager.SetContextClassLoaderAction; import static java.lang.System.getProperty; import static java.lang.System.getSecurityManager; diff --git a/controller-client/pom.xml b/controller-client/pom.xml index a1c08d85ee33..708ea1eb67ac 100644 --- a/controller-client/pom.xml +++ b/controller-client/pom.xml @@ -58,8 +58,8 @@ wildfly-protocol - org.jboss.as - jboss-as-security-util + org.wildfly + wildfly-security-util org.jboss diff --git a/controller-client/src/main/java/org/jboss/as/controller/client/impl/ClientConfigurationImpl.java b/controller-client/src/main/java/org/jboss/as/controller/client/impl/ClientConfigurationImpl.java index 68d6e8263bef..1d46b921ffa7 100644 --- a/controller-client/src/main/java/org/jboss/as/controller/client/impl/ClientConfigurationImpl.java +++ b/controller-client/src/main/java/org/jboss/as/controller/client/impl/ClientConfigurationImpl.java @@ -23,8 +23,8 @@ package org.jboss.as.controller.client.impl; import org.jboss.as.controller.client.ModelControllerClientConfiguration; -import org.jboss.as.util.security.GetAccessControlContextAction; -import org.jboss.as.util.security.ReadPropertyAction; +import org.wildfly.security.manager.GetAccessControlContextAction; +import org.wildfly.security.manager.ReadPropertyAction; import org.jboss.threads.JBossThreadFactory; import javax.net.ssl.SSLContext; diff --git a/controller/src/main/java/org/jboss/as/controller/SecurityActions.java b/controller/src/main/java/org/jboss/as/controller/SecurityActions.java index e5cbe8ca8dc7..7afc1e80e4ba 100644 --- a/controller/src/main/java/org/jboss/as/controller/SecurityActions.java +++ b/controller/src/main/java/org/jboss/as/controller/SecurityActions.java @@ -22,9 +22,9 @@ package org.jboss.as.controller; -import org.jboss.as.util.security.ReadPropertyAction; -import org.jboss.as.util.security.SetContextClassLoaderAction; -import org.jboss.as.util.security.SetContextClassLoaderFromClassAction; +import org.wildfly.security.manager.ReadPropertyAction; +import org.wildfly.security.manager.SetContextClassLoaderAction; +import org.wildfly.security.manager.SetContextClassLoaderFromClassAction; import static java.lang.System.getProperty; import static java.lang.System.getSecurityManager; diff --git a/controller/src/main/java/org/jboss/as/controller/extension/SecurityActions.java b/controller/src/main/java/org/jboss/as/controller/extension/SecurityActions.java index 18a3209439b4..70f6af23ac90 100644 --- a/controller/src/main/java/org/jboss/as/controller/extension/SecurityActions.java +++ b/controller/src/main/java/org/jboss/as/controller/extension/SecurityActions.java @@ -22,8 +22,8 @@ package org.jboss.as.controller.extension; -import org.jboss.as.util.security.SetContextClassLoaderAction; -import org.jboss.as.util.security.SetContextClassLoaderFromClassAction; +import org.wildfly.security.manager.SetContextClassLoaderAction; +import org.wildfly.security.manager.SetContextClassLoaderFromClassAction; import static java.lang.System.getSecurityManager; import static java.lang.Thread.currentThread; diff --git a/controller/src/main/java/org/jboss/as/controller/interfaces/OverallInterfaceCriteria.java b/controller/src/main/java/org/jboss/as/controller/interfaces/OverallInterfaceCriteria.java index 347127ec8a7f..188c92df2e3a 100644 --- a/controller/src/main/java/org/jboss/as/controller/interfaces/OverallInterfaceCriteria.java +++ b/controller/src/main/java/org/jboss/as/controller/interfaces/OverallInterfaceCriteria.java @@ -35,7 +35,7 @@ import java.util.Set; import org.jboss.as.controller.ControllerLogger; -import org.jboss.as.util.security.ReadPropertyAction; +import org.wildfly.security.manager.ReadPropertyAction; import static java.lang.System.getProperty; import static java.lang.System.getSecurityManager; diff --git a/controller/src/main/java/org/jboss/as/controller/interfaces/SecurityActions.java b/controller/src/main/java/org/jboss/as/controller/interfaces/SecurityActions.java index e6bea4dc73de..efc3d187f308 100644 --- a/controller/src/main/java/org/jboss/as/controller/interfaces/SecurityActions.java +++ b/controller/src/main/java/org/jboss/as/controller/interfaces/SecurityActions.java @@ -25,7 +25,7 @@ import static java.lang.System.getSecurityManager; import static java.security.AccessController.doPrivileged; -import org.jboss.as.util.security.GetBooleanAction; +import org.wildfly.security.manager.GetBooleanAction; /** * Security actions to perform possibly privileged operations. No methods in diff --git a/controller/src/main/java/org/jboss/as/controller/operations/common/SecurityActions.java b/controller/src/main/java/org/jboss/as/controller/operations/common/SecurityActions.java index 0b0ddfdd737a..3edc4c263fcb 100644 --- a/controller/src/main/java/org/jboss/as/controller/operations/common/SecurityActions.java +++ b/controller/src/main/java/org/jboss/as/controller/operations/common/SecurityActions.java @@ -22,8 +22,8 @@ package org.jboss.as.controller.operations.common; -import org.jboss.as.util.security.SetContextClassLoaderAction; -import org.jboss.as.util.security.SetContextClassLoaderFromClassAction; +import org.wildfly.security.manager.SetContextClassLoaderAction; +import org.wildfly.security.manager.SetContextClassLoaderFromClassAction; import static java.lang.System.getSecurityManager; import static java.lang.Thread.currentThread; diff --git a/controller/src/main/java/org/jboss/as/controller/operations/global/SecurityActions.java b/controller/src/main/java/org/jboss/as/controller/operations/global/SecurityActions.java index dfbc111fd9ab..b04bf56c6df7 100644 --- a/controller/src/main/java/org/jboss/as/controller/operations/global/SecurityActions.java +++ b/controller/src/main/java/org/jboss/as/controller/operations/global/SecurityActions.java @@ -22,8 +22,8 @@ package org.jboss.as.controller.operations.global; -import org.jboss.as.util.security.SetContextClassLoaderAction; -import org.jboss.as.util.security.SetContextClassLoaderFromClassAction; +import org.wildfly.security.manager.SetContextClassLoaderAction; +import org.wildfly.security.manager.SetContextClassLoaderFromClassAction; import static java.lang.System.getSecurityManager; import static java.lang.Thread.currentThread; diff --git a/controller/src/main/java/org/jboss/as/controller/parsing/SecurityActions.java b/controller/src/main/java/org/jboss/as/controller/parsing/SecurityActions.java index 7fd7d0bf9972..10de6529db67 100644 --- a/controller/src/main/java/org/jboss/as/controller/parsing/SecurityActions.java +++ b/controller/src/main/java/org/jboss/as/controller/parsing/SecurityActions.java @@ -22,8 +22,8 @@ package org.jboss.as.controller.parsing; -import org.jboss.as.util.security.SetContextClassLoaderAction; -import org.jboss.as.util.security.SetContextClassLoaderFromClassAction; +import org.wildfly.security.manager.SetContextClassLoaderAction; +import org.wildfly.security.manager.SetContextClassLoaderFromClassAction; import static java.lang.System.getSecurityManager; import static java.lang.Thread.currentThread; diff --git a/controller/src/main/java/org/jboss/as/controller/persistence/ConfigurationFile.java b/controller/src/main/java/org/jboss/as/controller/persistence/ConfigurationFile.java index a04cc669e056..7c2def105456 100644 --- a/controller/src/main/java/org/jboss/as/controller/persistence/ConfigurationFile.java +++ b/controller/src/main/java/org/jboss/as/controller/persistence/ConfigurationFile.java @@ -37,7 +37,7 @@ import java.util.regex.Pattern; import org.jboss.as.controller.persistence.ConfigurationPersister.SnapshotInfo; -import org.jboss.as.util.security.ReadPropertyAction; +import org.wildfly.security.manager.ReadPropertyAction; /** * Encapsulates the configuration file and manages its history diff --git a/controller/src/main/java/org/jboss/as/controller/remote/AbstractModelControllerOperationHandlerFactoryService.java b/controller/src/main/java/org/jboss/as/controller/remote/AbstractModelControllerOperationHandlerFactoryService.java index a938fb4e242d..d2d9f3cc2825 100644 --- a/controller/src/main/java/org/jboss/as/controller/remote/AbstractModelControllerOperationHandlerFactoryService.java +++ b/controller/src/main/java/org/jboss/as/controller/remote/AbstractModelControllerOperationHandlerFactoryService.java @@ -30,7 +30,7 @@ import org.jboss.as.controller.ModelController; import org.jboss.as.protocol.mgmt.support.ManagementChannelInitialization; -import org.jboss.as.util.security.GetAccessControlContextAction; +import org.wildfly.security.manager.GetAccessControlContextAction; import org.jboss.msc.service.Service; import org.jboss.msc.service.ServiceName; import org.jboss.msc.service.StartContext; diff --git a/controller/src/main/java/org/jboss/as/controller/remote/SecurityActions.java b/controller/src/main/java/org/jboss/as/controller/remote/SecurityActions.java index 65d774cbfdfc..d860a601590f 100644 --- a/controller/src/main/java/org/jboss/as/controller/remote/SecurityActions.java +++ b/controller/src/main/java/org/jboss/as/controller/remote/SecurityActions.java @@ -27,7 +27,7 @@ import javax.security.auth.Subject; import org.jboss.as.controller.security.SecurityContext; -import org.jboss.as.util.security.ReadPropertyAction; +import org.wildfly.security.manager.ReadPropertyAction; import static java.lang.System.getProperty; import static java.lang.System.getSecurityManager; diff --git a/deployment-scanner/src/main/java/org/jboss/as/server/deployment/scanner/DeploymentScannerAdd.java b/deployment-scanner/src/main/java/org/jboss/as/server/deployment/scanner/DeploymentScannerAdd.java index 244f4bab6ccc..3f05eee519cc 100644 --- a/deployment-scanner/src/main/java/org/jboss/as/server/deployment/scanner/DeploymentScannerAdd.java +++ b/deployment-scanner/src/main/java/org/jboss/as/server/deployment/scanner/DeploymentScannerAdd.java @@ -46,7 +46,7 @@ import org.jboss.as.controller.SimpleAttributeDefinition; import org.jboss.as.controller.registry.Resource; import org.jboss.as.controller.services.path.PathManager; -import org.jboss.as.util.security.GetAccessControlContextAction; +import org.wildfly.security.manager.GetAccessControlContextAction; import org.jboss.dmr.ModelNode; import org.jboss.msc.service.ServiceController; import org.jboss.msc.service.ServiceTarget; diff --git a/domain-http/interface/src/main/java/org/jboss/as/domain/http/server/SecurityActions.java b/domain-http/interface/src/main/java/org/jboss/as/domain/http/server/SecurityActions.java index 29424bbb085a..5a7c1d800640 100644 --- a/domain-http/interface/src/main/java/org/jboss/as/domain/http/server/SecurityActions.java +++ b/domain-http/interface/src/main/java/org/jboss/as/domain/http/server/SecurityActions.java @@ -22,7 +22,7 @@ package org.jboss.as.domain.http.server; -import org.jboss.as.util.security.ReadPropertyAction; +import org.wildfly.security.manager.ReadPropertyAction; import static java.lang.System.getSecurityManager; import static java.security.AccessController.doPrivileged; diff --git a/ee/src/main/java/org/jboss/as/ee/beanvalidation/SecurityActions.java b/ee/src/main/java/org/jboss/as/ee/beanvalidation/SecurityActions.java index 9304664f3b5d..71bdd4fdeeb2 100644 --- a/ee/src/main/java/org/jboss/as/ee/beanvalidation/SecurityActions.java +++ b/ee/src/main/java/org/jboss/as/ee/beanvalidation/SecurityActions.java @@ -22,8 +22,8 @@ package org.jboss.as.ee.beanvalidation; -import org.jboss.as.util.security.GetContextClassLoaderAction; -import org.jboss.as.util.security.SetContextClassLoaderAction; +import org.wildfly.security.manager.GetContextClassLoaderAction; +import org.wildfly.security.manager.SetContextClassLoaderAction; import static java.lang.System.getSecurityManager; import static java.lang.Thread.currentThread; diff --git a/ee/src/main/java/org/jboss/as/ee/component/SecurityActions.java b/ee/src/main/java/org/jboss/as/ee/component/SecurityActions.java index 320db30f5f6c..ec473d4a60a9 100644 --- a/ee/src/main/java/org/jboss/as/ee/component/SecurityActions.java +++ b/ee/src/main/java/org/jboss/as/ee/component/SecurityActions.java @@ -22,8 +22,8 @@ package org.jboss.as.ee.component; -import org.jboss.as.util.security.GetContextClassLoaderAction; -import org.jboss.as.util.security.SetContextClassLoaderAction; +import org.wildfly.security.manager.GetContextClassLoaderAction; +import org.wildfly.security.manager.SetContextClassLoaderAction; import static java.lang.System.getSecurityManager; import static java.lang.Thread.currentThread; diff --git a/ee/src/main/java/org/jboss/as/ee/component/deployers/SecurityActions.java b/ee/src/main/java/org/jboss/as/ee/component/deployers/SecurityActions.java index e5fbf03d15f0..7daf1838d99d 100644 --- a/ee/src/main/java/org/jboss/as/ee/component/deployers/SecurityActions.java +++ b/ee/src/main/java/org/jboss/as/ee/component/deployers/SecurityActions.java @@ -23,8 +23,8 @@ package org.jboss.as.ee.component.deployers; -import org.jboss.as.util.security.GetContextClassLoaderAction; -import org.jboss.as.util.security.SetContextClassLoaderAction; +import org.wildfly.security.manager.GetContextClassLoaderAction; +import org.wildfly.security.manager.SetContextClassLoaderAction; import static java.lang.System.getSecurityManager; import static java.lang.Thread.currentThread; diff --git a/ee/src/main/java/org/jboss/as/ee/managedbean/processors/ManagedBeanAnnotationProcessor.java b/ee/src/main/java/org/jboss/as/ee/managedbean/processors/ManagedBeanAnnotationProcessor.java index 2130ab70f3e2..e6b1e62ba4cd 100644 --- a/ee/src/main/java/org/jboss/as/ee/managedbean/processors/ManagedBeanAnnotationProcessor.java +++ b/ee/src/main/java/org/jboss/as/ee/managedbean/processors/ManagedBeanAnnotationProcessor.java @@ -46,6 +46,7 @@ import org.jboss.as.server.deployment.DeploymentUnitProcessingException; import org.jboss.as.server.deployment.DeploymentUnitProcessor; import org.jboss.as.server.deployment.annotation.CompositeIndex; +import org.wildfly.security.manager.AccessCheckingInterceptor; import org.jboss.invocation.ContextClassLoaderInterceptor; import org.jboss.invocation.ImmediateInterceptorFactory; import org.jboss.invocation.PrivilegedInterceptor; @@ -118,6 +119,7 @@ public void configure(final DeploymentPhaseContext context, final ComponentConfi configuration.addClientPreDestroyInterceptor(new ManagedBeanDestroyInterceptorFactory(contextKey), InterceptorOrder.ClientPreDestroy.INSTANCE_DESTROY); final ClassLoader classLoader = componentConfiguration.getModuleClassLoader(); configuration.addViewInterceptor(PrivilegedInterceptor.getFactory(), InterceptorOrder.View.PRIVILEGED_INTERCEPTOR); + configuration.addViewInterceptor(AccessCheckingInterceptor.getFactory(), InterceptorOrder.View.PRIVILEGED_INTERCEPTOR); configuration.addViewInterceptor(new ImmediateInterceptorFactory(new ContextClassLoaderInterceptor(classLoader)), InterceptorOrder.View.TCCL_INTERCEPTOR); } }); diff --git a/ejb3/src/main/java/org/jboss/as/ejb3/component/EJBComponentDescription.java b/ejb3/src/main/java/org/jboss/as/ejb3/component/EJBComponentDescription.java index 2a6dc1cdc174..5799a41ca2eb 100644 --- a/ejb3/src/main/java/org/jboss/as/ejb3/component/EJBComponentDescription.java +++ b/ejb3/src/main/java/org/jboss/as/ejb3/component/EJBComponentDescription.java @@ -70,6 +70,7 @@ import org.jboss.as.server.deployment.DeploymentUnitProcessingException; import org.jboss.as.server.deployment.SetupAction; import org.jboss.as.txn.service.TxnServices; +import org.wildfly.security.manager.AccessCheckingInterceptor; import org.jboss.invocation.ContextClassLoaderInterceptor; import org.jboss.invocation.ImmediateInterceptorFactory; import org.jboss.invocation.Interceptor; @@ -310,6 +311,7 @@ public void configure(final DeploymentPhaseContext context, final ComponentDescr configuration.addTimeoutViewInterceptor(shutDownInterceptorFactory, InterceptorOrder.View.SHUTDOWN_INTERCEPTOR); final ClassLoader classLoader = configuration.getModuleClassLoader(); configuration.addTimeoutViewInterceptor(PrivilegedInterceptor.getFactory(), InterceptorOrder.View.PRIVILEGED_INTERCEPTOR); + configuration.addTimeoutViewInterceptor(AccessCheckingInterceptor.getFactory(), InterceptorOrder.View.PRIVILEGED_INTERCEPTOR); configuration.addTimeoutViewInterceptor(new ImmediateInterceptorFactory(new ContextClassLoaderInterceptor(classLoader)), InterceptorOrder.View.TCCL_INTERCEPTOR); configuration.addTimeoutViewInterceptor(configuration.getNamespaceContextInterceptorFactory(), InterceptorOrder.View.JNDI_NAMESPACE_INTERCEPTOR); configuration.addTimeoutViewInterceptor(CurrentInvocationContextInterceptor.FACTORY, InterceptorOrder.View.INVOCATION_CONTEXT_INTERCEPTOR); @@ -404,6 +406,7 @@ public void configure(DeploymentPhaseContext context, ComponentConfiguration com viewConfiguration.addViewInterceptor(LoggingInterceptor.FACTORY, InterceptorOrder.View.EJB_EXCEPTION_LOGGING_INTERCEPTOR); final ClassLoader classLoader = componentConfiguration.getModuleClassLoader(); viewConfiguration.addViewInterceptor(PrivilegedInterceptor.getFactory(), InterceptorOrder.View.PRIVILEGED_INTERCEPTOR); + viewConfiguration.addViewInterceptor(AccessCheckingInterceptor.getFactory(), InterceptorOrder.View.PRIVILEGED_INTERCEPTOR); viewConfiguration.addViewInterceptor(new ImmediateInterceptorFactory(new ContextClassLoaderInterceptor(classLoader)), InterceptorOrder.View.TCCL_INTERCEPTOR); //If this is the EJB 2.x local or home view add the exception transformer interceptor diff --git a/ejb3/src/main/java/org/jboss/as/ejb3/component/messagedriven/MessageDrivenComponent.java b/ejb3/src/main/java/org/jboss/as/ejb3/component/messagedriven/MessageDrivenComponent.java index b619632c209d..5fe46198aa7e 100644 --- a/ejb3/src/main/java/org/jboss/as/ejb3/component/messagedriven/MessageDrivenComponent.java +++ b/ejb3/src/main/java/org/jboss/as/ejb3/component/messagedriven/MessageDrivenComponent.java @@ -42,7 +42,7 @@ import org.jboss.as.ejb3.pool.Pool; import org.jboss.as.ejb3.pool.StatelessObjectFactory; import org.jboss.as.naming.ManagedReference; -import org.jboss.as.util.security.GetClassLoaderAction; +import org.wildfly.security.manager.GetClassLoaderAction; import org.jboss.invocation.Interceptor; import org.jboss.invocation.InterceptorFactoryContext; import org.jboss.jca.core.spi.rar.Endpoint; diff --git a/ejb3/src/main/java/org/jboss/as/ejb3/component/messagedriven/SecurityActions.java b/ejb3/src/main/java/org/jboss/as/ejb3/component/messagedriven/SecurityActions.java index 295b70d9416a..659f41c959f7 100644 --- a/ejb3/src/main/java/org/jboss/as/ejb3/component/messagedriven/SecurityActions.java +++ b/ejb3/src/main/java/org/jboss/as/ejb3/component/messagedriven/SecurityActions.java @@ -22,8 +22,8 @@ package org.jboss.as.ejb3.component.messagedriven; -import org.jboss.as.util.security.GetContextClassLoaderAction; -import org.jboss.as.util.security.SetContextClassLoaderAction; +import org.wildfly.security.manager.GetContextClassLoaderAction; +import org.wildfly.security.manager.SetContextClassLoaderAction; import static java.lang.System.getSecurityManager; import static java.lang.Thread.currentThread; diff --git a/ejb3/src/main/java/org/jboss/as/ejb3/component/stateful/SecurityActions.java b/ejb3/src/main/java/org/jboss/as/ejb3/component/stateful/SecurityActions.java index 2735a8ab3928..866a718d28f4 100644 --- a/ejb3/src/main/java/org/jboss/as/ejb3/component/stateful/SecurityActions.java +++ b/ejb3/src/main/java/org/jboss/as/ejb3/component/stateful/SecurityActions.java @@ -22,9 +22,9 @@ package org.jboss.as.ejb3.component.stateful; -import org.jboss.as.util.security.GetContextClassLoaderAction; -import org.jboss.as.util.security.ReadPropertyAction; -import org.jboss.as.util.security.SetContextClassLoaderAction; +import org.wildfly.security.manager.GetContextClassLoaderAction; +import org.wildfly.security.manager.ReadPropertyAction; +import org.wildfly.security.manager.SetContextClassLoaderAction; import static java.lang.System.getProperty; import static java.lang.System.getSecurityManager; diff --git a/ejb3/src/main/java/org/jboss/as/ejb3/iiop/SecurityActions.java b/ejb3/src/main/java/org/jboss/as/ejb3/iiop/SecurityActions.java index eefc97121eb4..0d07ef41e6e7 100644 --- a/ejb3/src/main/java/org/jboss/as/ejb3/iiop/SecurityActions.java +++ b/ejb3/src/main/java/org/jboss/as/ejb3/iiop/SecurityActions.java @@ -22,8 +22,8 @@ package org.jboss.as.ejb3.iiop; -import org.jboss.as.util.security.GetContextClassLoaderAction; -import org.jboss.as.util.security.SetContextClassLoaderAction; +import org.wildfly.security.manager.GetContextClassLoaderAction; +import org.wildfly.security.manager.SetContextClassLoaderAction; import static java.lang.System.getSecurityManager; import static java.lang.Thread.currentThread; diff --git a/ejb3/src/main/java/org/jboss/as/ejb3/iiop/stub/SecurityActions.java b/ejb3/src/main/java/org/jboss/as/ejb3/iiop/stub/SecurityActions.java index 2506d8fccb52..33e3a9bee4f8 100644 --- a/ejb3/src/main/java/org/jboss/as/ejb3/iiop/stub/SecurityActions.java +++ b/ejb3/src/main/java/org/jboss/as/ejb3/iiop/stub/SecurityActions.java @@ -22,8 +22,8 @@ package org.jboss.as.ejb3.iiop.stub; -import org.jboss.as.util.security.GetContextClassLoaderAction; -import org.jboss.as.util.security.SetContextClassLoaderAction; +import org.wildfly.security.manager.GetContextClassLoaderAction; +import org.wildfly.security.manager.SetContextClassLoaderAction; import static java.lang.System.getSecurityManager; import static java.lang.Thread.currentThread; diff --git a/ejb3/src/main/java/org/jboss/as/ejb3/inflow/MessageEndpointInvocationHandler.java b/ejb3/src/main/java/org/jboss/as/ejb3/inflow/MessageEndpointInvocationHandler.java index 466ff55f8ba1..655354f1b96a 100644 --- a/ejb3/src/main/java/org/jboss/as/ejb3/inflow/MessageEndpointInvocationHandler.java +++ b/ejb3/src/main/java/org/jboss/as/ejb3/inflow/MessageEndpointInvocationHandler.java @@ -37,7 +37,7 @@ import java.lang.reflect.InvocationTargetException; import java.lang.reflect.Method; import java.util.concurrent.atomic.AtomicBoolean; -import org.jboss.as.util.security.SetContextClassLoaderAction; +import org.wildfly.security.manager.SetContextClassLoaderAction; import static java.lang.System.getSecurityManager; import static java.security.AccessController.doPrivileged; diff --git a/ejb3/src/main/java/org/jboss/as/ejb3/remote/SecurityActions.java b/ejb3/src/main/java/org/jboss/as/ejb3/remote/SecurityActions.java index 1c899c846d0e..ccd3deab9eac 100644 --- a/ejb3/src/main/java/org/jboss/as/ejb3/remote/SecurityActions.java +++ b/ejb3/src/main/java/org/jboss/as/ejb3/remote/SecurityActions.java @@ -22,9 +22,9 @@ package org.jboss.as.ejb3.remote; -import org.jboss.as.util.security.GetContextClassLoaderAction; -import org.jboss.as.util.security.ReadPropertyAction; -import org.jboss.as.util.security.SetContextClassLoaderAction; +import org.wildfly.security.manager.GetContextClassLoaderAction; +import org.wildfly.security.manager.ReadPropertyAction; +import org.wildfly.security.manager.SetContextClassLoaderAction; import static java.lang.System.getProperty; import static java.lang.System.getSecurityManager; diff --git a/ejb3/src/main/java/org/jboss/as/ejb3/remote/protocol/versionone/SecurityActions.java b/ejb3/src/main/java/org/jboss/as/ejb3/remote/protocol/versionone/SecurityActions.java index 7f9a3e7811b6..edd0ce35012c 100644 --- a/ejb3/src/main/java/org/jboss/as/ejb3/remote/protocol/versionone/SecurityActions.java +++ b/ejb3/src/main/java/org/jboss/as/ejb3/remote/protocol/versionone/SecurityActions.java @@ -25,8 +25,8 @@ import java.security.PrivilegedAction; import org.jboss.as.security.remoting.RemotingContext; -import org.jboss.as.util.security.GetContextClassLoaderAction; -import org.jboss.as.util.security.SetContextClassLoaderAction; +import org.wildfly.security.manager.GetContextClassLoaderAction; +import org.wildfly.security.manager.SetContextClassLoaderAction; import org.jboss.remoting3.Connection; import static java.lang.System.getSecurityManager; diff --git a/ejb3/src/main/java/org/jboss/as/ejb3/subsystem/SecurityActions.java b/ejb3/src/main/java/org/jboss/as/ejb3/subsystem/SecurityActions.java index 10c3bad7453f..0e3bf5779fe6 100644 --- a/ejb3/src/main/java/org/jboss/as/ejb3/subsystem/SecurityActions.java +++ b/ejb3/src/main/java/org/jboss/as/ejb3/subsystem/SecurityActions.java @@ -22,9 +22,9 @@ package org.jboss.as.ejb3.subsystem; -import org.jboss.as.util.security.GetContextClassLoaderAction; -import org.jboss.as.util.security.ReadPropertyAction; -import org.jboss.as.util.security.SetContextClassLoaderAction; +import org.wildfly.security.manager.GetContextClassLoaderAction; +import org.wildfly.security.manager.ReadPropertyAction; +import org.wildfly.security.manager.SetContextClassLoaderAction; import static java.lang.System.getProperty; import static java.lang.System.getSecurityManager; diff --git a/embedded/src/main/java/org/jboss/as/embedded/SecurityActions.java b/embedded/src/main/java/org/jboss/as/embedded/SecurityActions.java index 68cef454f0d4..fd3cd3cc9ced 100644 --- a/embedded/src/main/java/org/jboss/as/embedded/SecurityActions.java +++ b/embedded/src/main/java/org/jboss/as/embedded/SecurityActions.java @@ -24,13 +24,13 @@ import java.util.Map; import java.util.Properties; -import org.jboss.as.util.security.ClearPropertyAction; -import org.jboss.as.util.security.GetContextClassLoaderAction; -import org.jboss.as.util.security.GetEnvironmentAction; -import org.jboss.as.util.security.GetSystemPropertiesAction; -import org.jboss.as.util.security.ReadPropertyAction; -import org.jboss.as.util.security.SetContextClassLoaderAction; -import org.jboss.as.util.security.WritePropertyAction; +import org.wildfly.security.manager.ClearPropertyAction; +import org.wildfly.security.manager.GetContextClassLoaderAction; +import org.wildfly.security.manager.GetEnvironmentAction; +import org.wildfly.security.manager.GetSystemPropertiesAction; +import org.wildfly.security.manager.ReadPropertyAction; +import org.wildfly.security.manager.SetContextClassLoaderAction; +import org.wildfly.security.manager.WritePropertyAction; import static java.lang.System.clearProperty; import static java.lang.System.getProperties; diff --git a/embedded/src/main/java/org/jboss/as/embedded/ejb3/ClassPathEjbJarScanner.java b/embedded/src/main/java/org/jboss/as/embedded/ejb3/ClassPathEjbJarScanner.java index 73d053ed0026..dc8c34fa6b90 100644 --- a/embedded/src/main/java/org/jboss/as/embedded/ejb3/ClassPathEjbJarScanner.java +++ b/embedded/src/main/java/org/jboss/as/embedded/ejb3/ClassPathEjbJarScanner.java @@ -21,7 +21,7 @@ */ package org.jboss.as.embedded.ejb3; -import org.jboss.as.util.security.ReadPropertyAction; +import org.wildfly.security.manager.ReadPropertyAction; import org.jboss.jandex.AnnotationInstance; import org.jboss.jandex.DotName; import org.jboss.jandex.Index; diff --git a/embedded/src/main/java/org/jboss/as/embedded/ejb3/JBossStandaloneEJBContainer.java b/embedded/src/main/java/org/jboss/as/embedded/ejb3/JBossStandaloneEJBContainer.java index 6d6fee3dbc03..f13ad8115fc3 100644 --- a/embedded/src/main/java/org/jboss/as/embedded/ejb3/JBossStandaloneEJBContainer.java +++ b/embedded/src/main/java/org/jboss/as/embedded/ejb3/JBossStandaloneEJBContainer.java @@ -41,7 +41,7 @@ import java.util.concurrent.ExecutionException; import java.util.zip.ZipEntry; import java.util.zip.ZipOutputStream; -import org.jboss.as.util.security.ReadPropertyAction; +import org.wildfly.security.manager.ReadPropertyAction; /** * @author Carlo de Wolf diff --git a/embedded/src/main/java/org/jboss/as/embedded/ejb3/JBossStandaloneEJBContainerProvider.java b/embedded/src/main/java/org/jboss/as/embedded/ejb3/JBossStandaloneEJBContainerProvider.java index ab3a62496865..f7851e3a864c 100644 --- a/embedded/src/main/java/org/jboss/as/embedded/ejb3/JBossStandaloneEJBContainerProvider.java +++ b/embedded/src/main/java/org/jboss/as/embedded/ejb3/JBossStandaloneEJBContainerProvider.java @@ -42,7 +42,7 @@ import org.jboss.as.embedded.EmbeddedServerFactory; import org.jboss.as.embedded.StandaloneServer; -import org.jboss.as.util.security.WritePropertyAction; +import org.wildfly.security.manager.WritePropertyAction; import org.jboss.dmr.ModelNode; import org.jboss.modules.Module; diff --git a/host-controller/src/main/java/org/jboss/as/host/controller/DomainModelControllerService.java b/host-controller/src/main/java/org/jboss/as/host/controller/DomainModelControllerService.java index 8e0b17906837..53a995655c7f 100644 --- a/host-controller/src/main/java/org/jboss/as/host/controller/DomainModelControllerService.java +++ b/host-controller/src/main/java/org/jboss/as/host/controller/DomainModelControllerService.java @@ -118,7 +118,7 @@ import org.jboss.as.server.controller.resources.VersionModelInitializer; import org.jboss.as.server.mgmt._UndertowHttpManagementService; import org.jboss.as.server.services.security.AbstractVaultReader; -import org.jboss.as.util.security.GetAccessControlContextAction; +import org.wildfly.security.manager.GetAccessControlContextAction; import org.jboss.dmr.ModelNode; import org.jboss.msc.service.Service; import org.jboss.msc.service.ServiceBuilder; diff --git a/host-controller/src/main/java/org/jboss/as/host/controller/HostControllerService.java b/host-controller/src/main/java/org/jboss/as/host/controller/HostControllerService.java index a7553e89a755..3b4d52d2693d 100644 --- a/host-controller/src/main/java/org/jboss/as/host/controller/HostControllerService.java +++ b/host-controller/src/main/java/org/jboss/as/host/controller/HostControllerService.java @@ -42,7 +42,7 @@ import org.jboss.as.remoting.management.ManagementRemotingServices; import org.jboss.as.server.BootstrapListener; import org.jboss.as.server.FutureServiceContainer; -import org.jboss.as.util.security.GetAccessControlContextAction; +import org.wildfly.security.manager.GetAccessControlContextAction; import org.jboss.modules.Module; import org.jboss.msc.service.Service; import org.jboss.msc.service.ServiceContainer; diff --git a/host-controller/src/main/java/org/jboss/as/host/controller/ProcessControllerConnectionService.java b/host-controller/src/main/java/org/jboss/as/host/controller/ProcessControllerConnectionService.java index 532e10ce6099..aef16016ab53 100644 --- a/host-controller/src/main/java/org/jboss/as/host/controller/ProcessControllerConnectionService.java +++ b/host-controller/src/main/java/org/jboss/as/host/controller/ProcessControllerConnectionService.java @@ -39,7 +39,7 @@ import org.jboss.as.process.ProcessMessageHandler; import org.jboss.as.process.protocol.ProtocolClient; import org.jboss.as.protocol.StreamUtils; -import org.jboss.as.util.security.GetAccessControlContextAction; +import org.wildfly.security.manager.GetAccessControlContextAction; import org.jboss.msc.service.Service; import org.jboss.msc.service.ServiceName; import org.jboss.msc.service.StartContext; diff --git a/host-controller/src/main/java/org/jboss/as/host/controller/RemoteDomainConnectionService.java b/host-controller/src/main/java/org/jboss/as/host/controller/RemoteDomainConnectionService.java index c0df92815eb9..f145002a6891 100644 --- a/host-controller/src/main/java/org/jboss/as/host/controller/RemoteDomainConnectionService.java +++ b/host-controller/src/main/java/org/jboss/as/host/controller/RemoteDomainConnectionService.java @@ -101,7 +101,7 @@ import org.jboss.as.repository.HostFileRepository; import org.jboss.as.repository.RemoteFileRequestAndHandler.CannotCreateLocalDirectoryException; import org.jboss.as.repository.RemoteFileRequestAndHandler.DidNotReadEntireFileException; -import org.jboss.as.util.security.GetAccessControlContextAction; +import org.wildfly.security.manager.GetAccessControlContextAction; import org.jboss.as.version.ProductConfig; import org.jboss.dmr.ModelNode; import org.jboss.msc.service.Service; diff --git a/host-controller/src/main/java/org/jboss/as/host/controller/SecurityActions.java b/host-controller/src/main/java/org/jboss/as/host/controller/SecurityActions.java index c7120d0ed6ec..6ed886d0b581 100644 --- a/host-controller/src/main/java/org/jboss/as/host/controller/SecurityActions.java +++ b/host-controller/src/main/java/org/jboss/as/host/controller/SecurityActions.java @@ -24,11 +24,11 @@ import java.util.Map; import java.util.Properties; -import org.jboss.as.util.security.ClearPropertyAction; -import org.jboss.as.util.security.GetEnvironmentAction; -import org.jboss.as.util.security.GetSystemPropertiesAction; -import org.jboss.as.util.security.ReadPropertyAction; -import org.jboss.as.util.security.WritePropertyAction; +import org.wildfly.security.manager.ClearPropertyAction; +import org.wildfly.security.manager.GetEnvironmentAction; +import org.wildfly.security.manager.GetSystemPropertiesAction; +import org.wildfly.security.manager.ReadPropertyAction; +import org.wildfly.security.manager.WritePropertyAction; import static java.lang.System.clearProperty; import static java.lang.System.getProperties; diff --git a/host-controller/src/main/java/org/jboss/as/host/controller/mgmt/MasterDomainControllerOperationHandlerService.java b/host-controller/src/main/java/org/jboss/as/host/controller/mgmt/MasterDomainControllerOperationHandlerService.java index 0834c0528529..96ecb46af0c0 100644 --- a/host-controller/src/main/java/org/jboss/as/host/controller/mgmt/MasterDomainControllerOperationHandlerService.java +++ b/host-controller/src/main/java/org/jboss/as/host/controller/mgmt/MasterDomainControllerOperationHandlerService.java @@ -54,7 +54,7 @@ import org.jboss.as.protocol.mgmt.ManagementClientChannelStrategy; import org.jboss.as.protocol.mgmt.ManagementPongRequestHandler; import org.jboss.as.protocol.mgmt.ManagementRequestContext; -import org.jboss.as.util.security.GetAccessControlContextAction; +import org.wildfly.security.manager.GetAccessControlContextAction; import org.jboss.dmr.ModelNode; import org.jboss.msc.service.ServiceName; import org.jboss.msc.service.StartContext; diff --git a/host-controller/src/main/java/org/jboss/as/host/controller/mgmt/SecurityActions.java b/host-controller/src/main/java/org/jboss/as/host/controller/mgmt/SecurityActions.java index c24e3555c3dd..138e671f91f9 100644 --- a/host-controller/src/main/java/org/jboss/as/host/controller/mgmt/SecurityActions.java +++ b/host-controller/src/main/java/org/jboss/as/host/controller/mgmt/SecurityActions.java @@ -24,11 +24,11 @@ import java.util.Map; import java.util.Properties; -import org.jboss.as.util.security.ClearPropertyAction; -import org.jboss.as.util.security.GetEnvironmentAction; -import org.jboss.as.util.security.GetSystemPropertiesAction; -import org.jboss.as.util.security.ReadPropertyAction; -import org.jboss.as.util.security.WritePropertyAction; +import org.wildfly.security.manager.ClearPropertyAction; +import org.wildfly.security.manager.GetEnvironmentAction; +import org.wildfly.security.manager.GetSystemPropertiesAction; +import org.wildfly.security.manager.ReadPropertyAction; +import org.wildfly.security.manager.WritePropertyAction; import static java.lang.System.clearProperty; import static java.lang.System.getProperties; diff --git a/host-controller/src/main/java/org/jboss/as/host/controller/mgmt/ServerToHostOperationHandlerFactoryService.java b/host-controller/src/main/java/org/jboss/as/host/controller/mgmt/ServerToHostOperationHandlerFactoryService.java index 64ee8b8d0820..6ba030c8c07f 100644 --- a/host-controller/src/main/java/org/jboss/as/host/controller/mgmt/ServerToHostOperationHandlerFactoryService.java +++ b/host-controller/src/main/java/org/jboss/as/host/controller/mgmt/ServerToHostOperationHandlerFactoryService.java @@ -32,7 +32,7 @@ import org.jboss.as.protocol.mgmt.ManagementChannelHandler; import org.jboss.as.protocol.mgmt.ManagementPongRequestHandler; import org.jboss.as.protocol.mgmt.support.ManagementChannelInitialization; -import org.jboss.as.util.security.GetAccessControlContextAction; +import org.wildfly.security.manager.GetAccessControlContextAction; import org.jboss.msc.service.Service; import org.jboss.msc.service.ServiceName; import org.jboss.msc.service.ServiceTarget; diff --git a/host-controller/src/main/java/org/jboss/as/host/controller/operations/HttpManagementAddHandler.java b/host-controller/src/main/java/org/jboss/as/host/controller/operations/HttpManagementAddHandler.java index 4b0233c9c7e7..d37a734abcd8 100644 --- a/host-controller/src/main/java/org/jboss/as/host/controller/operations/HttpManagementAddHandler.java +++ b/host-controller/src/main/java/org/jboss/as/host/controller/operations/HttpManagementAddHandler.java @@ -47,7 +47,7 @@ import org.jboss.as.network.NetworkInterfaceBinding; import org.jboss.as.server.mgmt._UndertowHttpManagementService; import org.jboss.as.server.services.net.NetworkInterfaceService; -import org.jboss.as.util.security.GetAccessControlContextAction; +import org.wildfly.security.manager.GetAccessControlContextAction; import org.jboss.dmr.ModelNode; import org.jboss.msc.service.ServiceBuilder; import org.jboss.msc.service.ServiceController; diff --git a/host-controller/src/main/java/org/jboss/as/host/controller/operations/SecurityActions.java b/host-controller/src/main/java/org/jboss/as/host/controller/operations/SecurityActions.java index 2b09f477a6a5..a1b169f6ddf7 100644 --- a/host-controller/src/main/java/org/jboss/as/host/controller/operations/SecurityActions.java +++ b/host-controller/src/main/java/org/jboss/as/host/controller/operations/SecurityActions.java @@ -22,9 +22,9 @@ package org.jboss.as.host.controller.operations; -import org.jboss.as.util.security.ReadPropertyAction; -import org.jboss.as.util.security.SetContextClassLoaderAction; -import org.jboss.as.util.security.SetContextClassLoaderFromClassAction; +import org.wildfly.security.manager.ReadPropertyAction; +import org.wildfly.security.manager.SetContextClassLoaderAction; +import org.wildfly.security.manager.SetContextClassLoaderFromClassAction; import static java.lang.System.getProperty; import static java.lang.System.getSecurityManager; diff --git a/jacorb/src/main/java/org/jboss/as/jacorb/SecurityActions.java b/jacorb/src/main/java/org/jboss/as/jacorb/SecurityActions.java index a5c0f680346b..8125984c5876 100644 --- a/jacorb/src/main/java/org/jboss/as/jacorb/SecurityActions.java +++ b/jacorb/src/main/java/org/jboss/as/jacorb/SecurityActions.java @@ -22,7 +22,7 @@ package org.jboss.as.jacorb; -import org.jboss.as.util.security.WritePropertyAction; +import org.wildfly.security.manager.WritePropertyAction; import static java.lang.System.getSecurityManager; import static java.lang.System.setProperty; diff --git a/jacorb/src/main/java/org/jboss/as/jacorb/rmi/marshal/strategy/StubStrategy.java b/jacorb/src/main/java/org/jboss/as/jacorb/rmi/marshal/strategy/StubStrategy.java index 16d64014eca2..7d7c87b1fbb2 100644 --- a/jacorb/src/main/java/org/jboss/as/jacorb/rmi/marshal/strategy/StubStrategy.java +++ b/jacorb/src/main/java/org/jboss/as/jacorb/rmi/marshal/strategy/StubStrategy.java @@ -33,7 +33,7 @@ import javax.rmi.PortableRemoteObject; import org.jboss.as.jacorb.JacORBMessages; -import org.jboss.as.util.security.GetContextClassLoaderAction; +import org.wildfly.security.manager.GetContextClassLoaderAction; import org.jboss.com.sun.corba.se.impl.javax.rmi.RemoteObjectSubstitutionManager; import org.omg.CORBA.UserException; import org.omg.CORBA.portable.IDLEntity; diff --git a/jacorb/src/main/java/org/jboss/as/jacorb/service/SecurityActions.java b/jacorb/src/main/java/org/jboss/as/jacorb/service/SecurityActions.java index 9cb5624c2187..f1a9f9ec4449 100644 --- a/jacorb/src/main/java/org/jboss/as/jacorb/service/SecurityActions.java +++ b/jacorb/src/main/java/org/jboss/as/jacorb/service/SecurityActions.java @@ -22,11 +22,11 @@ package org.jboss.as.jacorb.service; -import org.jboss.as.util.security.CreateThreadAction; -import org.jboss.as.util.security.GetClassLoaderAction; -import org.jboss.as.util.security.GetContextClassLoaderAction; -import org.jboss.as.util.security.SetContextClassLoaderAction; -import org.jboss.as.util.security.WritePropertyAction; +import org.wildfly.security.manager.CreateThreadAction; +import org.wildfly.security.manager.GetClassLoaderAction; +import org.wildfly.security.manager.GetContextClassLoaderAction; +import org.wildfly.security.manager.SetContextClassLoaderAction; +import org.wildfly.security.manager.WritePropertyAction; import static java.lang.System.getSecurityManager; import static java.lang.System.setProperty; diff --git a/jaxrs/src/main/java/org/jboss/as/jaxrs/deployment/SecurityActions.java b/jaxrs/src/main/java/org/jboss/as/jaxrs/deployment/SecurityActions.java index d6e100177ca8..e3f9ce986a4f 100644 --- a/jaxrs/src/main/java/org/jboss/as/jaxrs/deployment/SecurityActions.java +++ b/jaxrs/src/main/java/org/jboss/as/jaxrs/deployment/SecurityActions.java @@ -22,8 +22,8 @@ package org.jboss.as.jaxrs.deployment; -import org.jboss.as.util.security.GetContextClassLoaderAction; -import org.jboss.as.util.security.SetContextClassLoaderAction; +import org.wildfly.security.manager.GetContextClassLoaderAction; +import org.wildfly.security.manager.SetContextClassLoaderAction; import static java.lang.System.getSecurityManager; import static java.lang.Thread.currentThread; diff --git a/jdr/jboss-as-jdr/src/main/java/org/jboss/as/jdr/JdrReportService.java b/jdr/jboss-as-jdr/src/main/java/org/jboss/as/jdr/JdrReportService.java index d14af0282da2..99da2345fa36 100644 --- a/jdr/jboss-as-jdr/src/main/java/org/jboss/as/jdr/JdrReportService.java +++ b/jdr/jboss-as-jdr/src/main/java/org/jboss/as/jdr/JdrReportService.java @@ -29,7 +29,7 @@ import org.jboss.as.server.ServerEnvironment; import org.jboss.as.server.ServerEnvironmentService; import org.jboss.as.server.Services; -import org.jboss.as.util.security.GetAccessControlContextAction; +import org.wildfly.security.manager.GetAccessControlContextAction; import org.jboss.msc.service.Service; import org.jboss.msc.service.ServiceController; import org.jboss.msc.service.ServiceName; diff --git a/jmx/src/main/java/org/jboss/as/jmx/SecurityActions.java b/jmx/src/main/java/org/jboss/as/jmx/SecurityActions.java index c1ea46c02cd5..23ff188be20b 100644 --- a/jmx/src/main/java/org/jboss/as/jmx/SecurityActions.java +++ b/jmx/src/main/java/org/jboss/as/jmx/SecurityActions.java @@ -21,7 +21,7 @@ */ package org.jboss.as.jmx; -import org.jboss.as.util.security.SetContextClassLoaderAction; +import org.wildfly.security.manager.SetContextClassLoaderAction; import static java.lang.System.getSecurityManager; import static java.lang.Thread.currentThread; diff --git a/jmx/src/main/java/org/jboss/as/jmx/model/SecurityActions.java b/jmx/src/main/java/org/jboss/as/jmx/model/SecurityActions.java index 06690855d5e6..c6f8ec3b9560 100644 --- a/jmx/src/main/java/org/jboss/as/jmx/model/SecurityActions.java +++ b/jmx/src/main/java/org/jboss/as/jmx/model/SecurityActions.java @@ -21,7 +21,7 @@ */ package org.jboss.as.jmx.model; -import org.jboss.as.util.security.GetClassLoaderAction; +import org.wildfly.security.manager.GetClassLoaderAction; import static java.lang.System.getSecurityManager; import static java.security.AccessController.doPrivileged; diff --git a/jpa/core/src/main/java/org/jboss/as/jpa/persistenceprovider/SecurityActions.java b/jpa/core/src/main/java/org/jboss/as/jpa/persistenceprovider/SecurityActions.java index 1f2a7bc232a9..0e1cfa8c26ae 100644 --- a/jpa/core/src/main/java/org/jboss/as/jpa/persistenceprovider/SecurityActions.java +++ b/jpa/core/src/main/java/org/jboss/as/jpa/persistenceprovider/SecurityActions.java @@ -22,8 +22,8 @@ package org.jboss.as.jpa.persistenceprovider; -import org.jboss.as.util.security.GetContextClassLoaderAction; -import org.jboss.as.util.security.SetContextClassLoaderAction; +import org.wildfly.security.manager.GetContextClassLoaderAction; +import org.wildfly.security.manager.SetContextClassLoaderAction; import static java.lang.System.getSecurityManager; import static java.lang.Thread.currentThread; diff --git a/jpa/core/src/main/java/org/jboss/as/jpa/validator/SecurityActions.java b/jpa/core/src/main/java/org/jboss/as/jpa/validator/SecurityActions.java index 21c207603b5d..e0e8d09d381e 100644 --- a/jpa/core/src/main/java/org/jboss/as/jpa/validator/SecurityActions.java +++ b/jpa/core/src/main/java/org/jboss/as/jpa/validator/SecurityActions.java @@ -22,8 +22,8 @@ package org.jboss.as.jpa.validator; -import org.jboss.as.util.security.GetContextClassLoaderAction; -import org.jboss.as.util.security.SetContextClassLoaderAction; +import org.wildfly.security.manager.GetContextClassLoaderAction; +import org.wildfly.security.manager.SetContextClassLoaderAction; import static java.lang.System.getSecurityManager; import static java.lang.Thread.currentThread; diff --git a/jsr77/src/main/java/org/jboss/as/jsr77/managedobject/SecurityActions.java b/jsr77/src/main/java/org/jboss/as/jsr77/managedobject/SecurityActions.java index 2b05d6c4fc4e..89cc1463120b 100644 --- a/jsr77/src/main/java/org/jboss/as/jsr77/managedobject/SecurityActions.java +++ b/jsr77/src/main/java/org/jboss/as/jsr77/managedobject/SecurityActions.java @@ -21,7 +21,7 @@ */ package org.jboss.as.jsr77.managedobject; -import org.jboss.as.util.security.ReadPropertyAction; +import org.wildfly.security.manager.ReadPropertyAction; import static java.lang.System.getProperty; import static java.lang.System.getSecurityManager; diff --git a/jsr77/src/main/java/org/jboss/as/jsr77/subsystem/SecurityActions.java b/jsr77/src/main/java/org/jboss/as/jsr77/subsystem/SecurityActions.java index fa7dd4d11c94..a740b30008fc 100644 --- a/jsr77/src/main/java/org/jboss/as/jsr77/subsystem/SecurityActions.java +++ b/jsr77/src/main/java/org/jboss/as/jsr77/subsystem/SecurityActions.java @@ -21,7 +21,7 @@ */ package org.jboss.as.jsr77.subsystem; -import org.jboss.as.util.security.GetClassLoaderAction; +import org.wildfly.security.manager.GetClassLoaderAction; import static java.lang.System.getSecurityManager; import static java.security.AccessController.doPrivileged; diff --git a/logging/src/main/java/org/jboss/as/logging/SecurityActions.java b/logging/src/main/java/org/jboss/as/logging/SecurityActions.java index bf7b04f67520..0050ee334660 100644 --- a/logging/src/main/java/org/jboss/as/logging/SecurityActions.java +++ b/logging/src/main/java/org/jboss/as/logging/SecurityActions.java @@ -22,10 +22,10 @@ package org.jboss.as.logging; -import org.jboss.as.util.security.GetContextClassLoaderAction; -import org.jboss.as.util.security.ReadPropertyAction; -import org.jboss.as.util.security.SetContextClassLoaderAction; -import org.jboss.as.util.security.SetContextClassLoaderFromClassAction; +import org.wildfly.security.manager.GetContextClassLoaderAction; +import org.wildfly.security.manager.ReadPropertyAction; +import org.wildfly.security.manager.SetContextClassLoaderAction; +import org.wildfly.security.manager.SetContextClassLoaderFromClassAction; import static java.lang.System.getProperty; import static java.lang.System.getSecurityManager; diff --git a/messaging/src/main/java/org/jboss/as/messaging/SecurityActions.java b/messaging/src/main/java/org/jboss/as/messaging/SecurityActions.java index c4caf6ae56de..4d0baf376e91 100644 --- a/messaging/src/main/java/org/jboss/as/messaging/SecurityActions.java +++ b/messaging/src/main/java/org/jboss/as/messaging/SecurityActions.java @@ -22,9 +22,9 @@ * 02110-1301 USA, or see the FSF site: http://www.fsf.org. */ -import org.jboss.as.util.security.GetContextClassLoaderAction; -import org.jboss.as.util.security.SetContextClassLoaderAction; -import org.jboss.as.util.security.WritePropertyAction; +import org.wildfly.security.manager.GetContextClassLoaderAction; +import org.wildfly.security.manager.SetContextClassLoaderAction; +import org.wildfly.security.manager.WritePropertyAction; import static java.lang.System.getSecurityManager; import static java.lang.System.setProperty; diff --git a/messaging/src/main/java/org/jboss/as/messaging/jms/SecurityActions.java b/messaging/src/main/java/org/jboss/as/messaging/jms/SecurityActions.java index fa7ae133735c..95beb2035242 100644 --- a/messaging/src/main/java/org/jboss/as/messaging/jms/SecurityActions.java +++ b/messaging/src/main/java/org/jboss/as/messaging/jms/SecurityActions.java @@ -22,9 +22,9 @@ * 02110-1301 USA, or see the FSF site: http://www.fsf.org. */ -import org.jboss.as.util.security.GetContextClassLoaderAction; -import org.jboss.as.util.security.SetContextClassLoaderAction; -import org.jboss.as.util.security.SetContextClassLoaderFromClassAction; +import org.wildfly.security.manager.GetContextClassLoaderAction; +import org.wildfly.security.manager.SetContextClassLoaderAction; +import org.wildfly.security.manager.SetContextClassLoaderFromClassAction; import static java.lang.System.getSecurityManager; import static java.lang.Thread.currentThread; diff --git a/naming/src/main/java/org/jboss/as/naming/InitialContextFactoryBuilder.java b/naming/src/main/java/org/jboss/as/naming/InitialContextFactoryBuilder.java index 59d952679bc1..0828133c57c2 100644 --- a/naming/src/main/java/org/jboss/as/naming/InitialContextFactoryBuilder.java +++ b/naming/src/main/java/org/jboss/as/naming/InitialContextFactoryBuilder.java @@ -28,7 +28,7 @@ import static org.jboss.as.naming.NamingMessages.MESSAGES; import java.util.Hashtable; -import org.jboss.as.util.security.GetContextClassLoaderAction; +import org.wildfly.security.manager.GetContextClassLoaderAction; import javax.naming.Context; import javax.naming.NamingException; diff --git a/naming/src/main/java/org/jboss/as/naming/NamingEventCoordinator.java b/naming/src/main/java/org/jboss/as/naming/NamingEventCoordinator.java index 35012e7a046a..1cb1d8fce541 100644 --- a/naming/src/main/java/org/jboss/as/naming/NamingEventCoordinator.java +++ b/naming/src/main/java/org/jboss/as/naming/NamingEventCoordinator.java @@ -41,7 +41,7 @@ import java.util.concurrent.CopyOnWriteArrayList; import java.util.concurrent.Executor; import java.util.concurrent.Executors; -import org.jboss.as.util.security.GetAccessControlContextAction; +import org.wildfly.security.manager.GetAccessControlContextAction; import org.jboss.threads.JBossThreadFactory; import static java.security.AccessController.doPrivileged; diff --git a/naming/src/main/java/org/jboss/as/naming/SecurityActions.java b/naming/src/main/java/org/jboss/as/naming/SecurityActions.java index 81eb657cf319..2a819b2c6935 100644 --- a/naming/src/main/java/org/jboss/as/naming/SecurityActions.java +++ b/naming/src/main/java/org/jboss/as/naming/SecurityActions.java @@ -22,10 +22,10 @@ package org.jboss.as.naming; -import org.jboss.as.util.security.GetContextClassLoaderAction; -import org.jboss.as.util.security.ReadPropertyAction; -import org.jboss.as.util.security.SetContextClassLoaderAction; -import org.jboss.as.util.security.WritePropertyAction; +import org.wildfly.security.manager.GetContextClassLoaderAction; +import org.wildfly.security.manager.ReadPropertyAction; +import org.wildfly.security.manager.SetContextClassLoaderAction; +import org.wildfly.security.manager.WritePropertyAction; import static java.lang.System.getProperty; import static java.lang.System.getSecurityManager; diff --git a/naming/src/main/java/org/jboss/as/naming/context/SecurityActions.java b/naming/src/main/java/org/jboss/as/naming/context/SecurityActions.java index f68698b6f425..b97212d18955 100644 --- a/naming/src/main/java/org/jboss/as/naming/context/SecurityActions.java +++ b/naming/src/main/java/org/jboss/as/naming/context/SecurityActions.java @@ -22,8 +22,8 @@ package org.jboss.as.naming.context; -import org.jboss.as.util.security.GetContextClassLoaderAction; -import org.jboss.as.util.security.SetContextClassLoaderAction; +import org.wildfly.security.manager.GetContextClassLoaderAction; +import org.wildfly.security.manager.SetContextClassLoaderAction; import static java.lang.System.getSecurityManager; import static java.lang.Thread.currentThread; diff --git a/naming/src/main/java/org/jboss/as/naming/subsystem/SecurityActions.java b/naming/src/main/java/org/jboss/as/naming/subsystem/SecurityActions.java index 58be89afc994..cf9eee15054a 100644 --- a/naming/src/main/java/org/jboss/as/naming/subsystem/SecurityActions.java +++ b/naming/src/main/java/org/jboss/as/naming/subsystem/SecurityActions.java @@ -22,8 +22,8 @@ package org.jboss.as.naming.subsystem; -import org.jboss.as.util.security.GetContextClassLoaderAction; -import org.jboss.as.util.security.SetContextClassLoaderAction; +import org.wildfly.security.manager.GetContextClassLoaderAction; +import org.wildfly.security.manager.SetContextClassLoaderAction; import static java.lang.System.getSecurityManager; import static java.lang.Thread.currentThread; diff --git a/network/src/main/java/org/jboss/as/network/NetworkUtils.java b/network/src/main/java/org/jboss/as/network/NetworkUtils.java index 1cca235ae502..83af07d3a604 100644 --- a/network/src/main/java/org/jboss/as/network/NetworkUtils.java +++ b/network/src/main/java/org/jboss/as/network/NetworkUtils.java @@ -29,7 +29,7 @@ import java.security.AccessController; import java.util.Arrays; import java.util.Locale; -import org.jboss.as.util.security.ReadPropertyAction; +import org.wildfly.security.manager.ReadPropertyAction; /** * Utility methods related to networking. diff --git a/osgi/launcher/src/main/java/org/jboss/as/osgi/launcher/SecurityActions.java b/osgi/launcher/src/main/java/org/jboss/as/osgi/launcher/SecurityActions.java index 1ad47f043193..69be2343e6d8 100644 --- a/osgi/launcher/src/main/java/org/jboss/as/osgi/launcher/SecurityActions.java +++ b/osgi/launcher/src/main/java/org/jboss/as/osgi/launcher/SecurityActions.java @@ -21,13 +21,13 @@ import java.security.PrivilegedExceptionAction; import java.util.Map; import java.util.Properties; -import org.jboss.as.util.security.ClearPropertyAction; -import org.jboss.as.util.security.GetContextClassLoaderAction; -import org.jboss.as.util.security.GetEnvironmentAction; -import org.jboss.as.util.security.GetSystemPropertiesAction; -import org.jboss.as.util.security.ReadPropertyAction; -import org.jboss.as.util.security.SetContextClassLoaderAction; -import org.jboss.as.util.security.WritePropertyAction; +import org.wildfly.security.manager.ClearPropertyAction; +import org.wildfly.security.manager.GetContextClassLoaderAction; +import org.wildfly.security.manager.GetEnvironmentAction; +import org.wildfly.security.manager.GetSystemPropertiesAction; +import org.wildfly.security.manager.ReadPropertyAction; +import org.wildfly.security.manager.SetContextClassLoaderAction; +import org.wildfly.security.manager.WritePropertyAction; import static java.lang.System.clearProperty; import static java.lang.System.getProperties; diff --git a/osgi/service/src/main/java/org/jboss/as/osgi/parser/SecurityActions.java b/osgi/service/src/main/java/org/jboss/as/osgi/parser/SecurityActions.java index af2fa487a1cc..6439d9478420 100644 --- a/osgi/service/src/main/java/org/jboss/as/osgi/parser/SecurityActions.java +++ b/osgi/service/src/main/java/org/jboss/as/osgi/parser/SecurityActions.java @@ -22,9 +22,9 @@ package org.jboss.as.osgi.parser; -import org.jboss.as.util.security.GetClassLoaderAction; -import org.jboss.as.util.security.ReadPropertyAction; -import org.jboss.as.util.security.WritePropertyAction; +import org.wildfly.security.manager.GetClassLoaderAction; +import org.wildfly.security.manager.ReadPropertyAction; +import org.wildfly.security.manager.WritePropertyAction; import static java.lang.System.getProperty; import static java.lang.System.getSecurityManager; diff --git a/osgi/service/src/main/java/org/jboss/as/osgi/service/SecurityActions.java b/osgi/service/src/main/java/org/jboss/as/osgi/service/SecurityActions.java index 3a4b70c94698..a894ed044b69 100644 --- a/osgi/service/src/main/java/org/jboss/as/osgi/service/SecurityActions.java +++ b/osgi/service/src/main/java/org/jboss/as/osgi/service/SecurityActions.java @@ -22,7 +22,7 @@ package org.jboss.as.osgi.service; -import org.jboss.as.util.security.ReadPropertyAction; +import org.wildfly.security.manager.ReadPropertyAction; import static java.lang.System.getProperty; import static java.lang.System.getSecurityManager; diff --git a/platform-mbean/src/main/java/org/jboss/as/platform/mbean/SecurityActions.java b/platform-mbean/src/main/java/org/jboss/as/platform/mbean/SecurityActions.java index 67d3453a8b1a..1187a458db30 100644 --- a/platform-mbean/src/main/java/org/jboss/as/platform/mbean/SecurityActions.java +++ b/platform-mbean/src/main/java/org/jboss/as/platform/mbean/SecurityActions.java @@ -24,11 +24,11 @@ import java.util.Map; import java.util.Properties; -import org.jboss.as.util.security.ClearPropertyAction; -import org.jboss.as.util.security.GetEnvironmentAction; -import org.jboss.as.util.security.GetSystemPropertiesAction; -import org.jboss.as.util.security.ReadPropertyAction; -import org.jboss.as.util.security.WritePropertyAction; +import org.wildfly.security.manager.ClearPropertyAction; +import org.wildfly.security.manager.GetEnvironmentAction; +import org.wildfly.security.manager.GetSystemPropertiesAction; +import org.wildfly.security.manager.ReadPropertyAction; +import org.wildfly.security.manager.WritePropertyAction; import static java.lang.System.clearProperty; import static java.lang.System.getProperties; diff --git a/pojo/src/main/java/org/jboss/as/pojo/service/SecurityActions.java b/pojo/src/main/java/org/jboss/as/pojo/service/SecurityActions.java index 4748f885a585..3cbd00693405 100644 --- a/pojo/src/main/java/org/jboss/as/pojo/service/SecurityActions.java +++ b/pojo/src/main/java/org/jboss/as/pojo/service/SecurityActions.java @@ -22,8 +22,8 @@ package org.jboss.as.pojo.service; -import org.jboss.as.util.security.GetContextClassLoaderAction; -import org.jboss.as.util.security.SetContextClassLoaderAction; +import org.wildfly.security.manager.GetContextClassLoaderAction; +import org.wildfly.security.manager.SetContextClassLoaderAction; import static java.lang.System.getSecurityManager; import static java.lang.Thread.currentThread; diff --git a/process-controller/src/main/java/org/jboss/as/process/Main.java b/process-controller/src/main/java/org/jboss/as/process/Main.java index 529539726811..0f0c036f2d46 100644 --- a/process-controller/src/main/java/org/jboss/as/process/Main.java +++ b/process-controller/src/main/java/org/jboss/as/process/Main.java @@ -41,7 +41,7 @@ import javax.net.ServerSocketFactory; import org.jboss.as.process.protocol.ProtocolServer; -import org.jboss.as.util.security.GetAccessControlContextAction; +import org.wildfly.security.manager.GetAccessControlContextAction; import org.jboss.as.version.ProductConfig; import org.jboss.as.version.Version; import org.jboss.logging.MDC; diff --git a/process-controller/src/main/java/org/jboss/as/process/SecurityActions.java b/process-controller/src/main/java/org/jboss/as/process/SecurityActions.java index daac4e09233e..6cc789e8b1c9 100644 --- a/process-controller/src/main/java/org/jboss/as/process/SecurityActions.java +++ b/process-controller/src/main/java/org/jboss/as/process/SecurityActions.java @@ -24,11 +24,11 @@ import java.util.Map; import java.util.Properties; -import org.jboss.as.util.security.ClearPropertyAction; -import org.jboss.as.util.security.GetEnvironmentAction; -import org.jboss.as.util.security.GetSystemPropertiesAction; -import org.jboss.as.util.security.ReadPropertyAction; -import org.jboss.as.util.security.WritePropertyAction; +import org.wildfly.security.manager.ClearPropertyAction; +import org.wildfly.security.manager.GetEnvironmentAction; +import org.wildfly.security.manager.GetSystemPropertiesAction; +import org.wildfly.security.manager.ReadPropertyAction; +import org.wildfly.security.manager.WritePropertyAction; import static java.lang.System.clearProperty; import static java.lang.System.getProperties; diff --git a/remoting/src/main/java/org/jboss/as/remoting/SecurityActions.java b/remoting/src/main/java/org/jboss/as/remoting/SecurityActions.java index 2b4fe0aaf312..663d15957886 100644 --- a/remoting/src/main/java/org/jboss/as/remoting/SecurityActions.java +++ b/remoting/src/main/java/org/jboss/as/remoting/SecurityActions.java @@ -21,8 +21,8 @@ */ package org.jboss.as.remoting; -import org.jboss.as.util.security.GetClassLoaderAction; -import org.jboss.as.util.security.ReadPropertyAction; +import org.wildfly.security.manager.GetClassLoaderAction; +import org.wildfly.security.manager.ReadPropertyAction; import static java.lang.System.getProperty; import static java.lang.System.getSecurityManager; diff --git a/sar/src/main/java/org/jboss/as/service/SecurityActions.java b/sar/src/main/java/org/jboss/as/service/SecurityActions.java index bea1cfb4b489..f0c545fce58d 100644 --- a/sar/src/main/java/org/jboss/as/service/SecurityActions.java +++ b/sar/src/main/java/org/jboss/as/service/SecurityActions.java @@ -21,7 +21,7 @@ */ package org.jboss.as.service; -import org.jboss.as.util.security.SetContextClassLoaderAction; +import org.wildfly.security.manager.SetContextClassLoaderAction; import static java.lang.System.getSecurityManager; import static java.lang.Thread.currentThread; diff --git a/security-util/pom.xml b/security-util/pom.xml index 99eda9f48d88..1b2dd043c7aa 100644 --- a/security-util/pom.xml +++ b/security-util/pom.xml @@ -32,7 +32,6 @@ 8.0.0.Alpha1-SNAPSHOT - org.wildfly wildfly-security-util WildFly: Shared Security Utilities @@ -72,6 +71,12 @@ test + + org.jboss.invocation + jboss-invocation + provided + + org.jboss.logging jboss-logging diff --git a/security-util/src/main/java/org/wildfly/security/manager/AccessCheckingInterceptor.java b/security-util/src/main/java/org/wildfly/security/manager/AccessCheckingInterceptor.java new file mode 100644 index 000000000000..18fc21f6c998 --- /dev/null +++ b/security-util/src/main/java/org/wildfly/security/manager/AccessCheckingInterceptor.java @@ -0,0 +1,68 @@ +/* + * JBoss, Home of Professional Open Source. + * Copyright 2013, Red Hat, Inc., and individual contributors + * as indicated by the @author tags. See the copyright.txt file in the + * distribution for a full listing of individual contributors. + * + * This is free software; you can redistribute it and/or modify it + * under the terms of the GNU Lesser General Public License as + * published by the Free Software Foundation; either version 2.1 of + * the License, or (at your option) any later version. + * + * This software is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + * Lesser General Public License for more details. + * + * You should have received a copy of the GNU Lesser General Public + * License along with this software; if not, write to the Free + * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA + * 02110-1301 USA, or see the FSF site: http://www.fsf.org. + */ + +package org.wildfly.security.manager; + +import java.security.PrivilegedActionException; +import org.jboss.invocation.ImmediateInterceptorFactory; +import org.jboss.invocation.Interceptor; +import org.jboss.invocation.InterceptorContext; +import org.jboss.invocation.InterceptorFactory; + +/** + * An interceptor which enables access checking for the duration of the invocation. + * + * @author David M. Lloyd + */ +public final class AccessCheckingInterceptor implements Interceptor { + private static final AccessCheckingInterceptor INSTANCE = new AccessCheckingInterceptor(); + private static final InterceptorFactory FACTORY = new ImmediateInterceptorFactory(INSTANCE); + + private AccessCheckingInterceptor() { + } + + /** + * Get the singleton instance. + * + * @return the singleton instance + */ + public static AccessCheckingInterceptor getInstance() { + return INSTANCE; + } + + /** + * Get the singleton factory instance. + * + * @return the singleton factory instance + */ + public static InterceptorFactory getFactory() { + return FACTORY; + } + + public Object processInvocation(final InterceptorContext context) throws Exception { + try { + return WildFlySecurityManager.doChecked(context); + } catch (PrivilegedActionException e) { + throw e.getException(); + } + } +} diff --git a/security-util/src/main/java/org/jboss/as/util/security/AddGlobalSecurityProviderAction.java b/security-util/src/main/java/org/wildfly/security/manager/AddGlobalSecurityProviderAction.java similarity index 97% rename from security-util/src/main/java/org/jboss/as/util/security/AddGlobalSecurityProviderAction.java rename to security-util/src/main/java/org/wildfly/security/manager/AddGlobalSecurityProviderAction.java index ae3e4d596c00..12813fc57e37 100644 --- a/security-util/src/main/java/org/jboss/as/util/security/AddGlobalSecurityProviderAction.java +++ b/security-util/src/main/java/org/wildfly/security/manager/AddGlobalSecurityProviderAction.java @@ -20,7 +20,7 @@ * 02110-1301 USA, or see the FSF site: http://www.fsf.org. */ -package org.jboss.as.util.security; +package org.wildfly.security.manager; import java.security.PrivilegedAction; import java.security.Provider; diff --git a/security-util/src/main/java/org/jboss/as/util/security/AddShutdownHookAction.java b/security-util/src/main/java/org/wildfly/security/manager/AddShutdownHookAction.java similarity index 97% rename from security-util/src/main/java/org/jboss/as/util/security/AddShutdownHookAction.java rename to security-util/src/main/java/org/wildfly/security/manager/AddShutdownHookAction.java index 66a0b055e92a..5a6cb25c6478 100644 --- a/security-util/src/main/java/org/jboss/as/util/security/AddShutdownHookAction.java +++ b/security-util/src/main/java/org/wildfly/security/manager/AddShutdownHookAction.java @@ -20,7 +20,7 @@ * 02110-1301 USA, or see the FSF site: http://www.fsf.org. */ -package org.jboss.as.util.security; +package org.wildfly.security.manager; import java.security.PrivilegedAction; diff --git a/security-util/src/main/java/org/jboss/as/util/security/ClearContextClassLoaderAction.java b/security-util/src/main/java/org/wildfly/security/manager/ClearContextClassLoaderAction.java similarity index 98% rename from security-util/src/main/java/org/jboss/as/util/security/ClearContextClassLoaderAction.java rename to security-util/src/main/java/org/wildfly/security/manager/ClearContextClassLoaderAction.java index 59e13c9450e6..03afdacc40f9 100644 --- a/security-util/src/main/java/org/jboss/as/util/security/ClearContextClassLoaderAction.java +++ b/security-util/src/main/java/org/wildfly/security/manager/ClearContextClassLoaderAction.java @@ -20,7 +20,7 @@ * 02110-1301 USA, or see the FSF site: http://www.fsf.org. */ -package org.jboss.as.util.security; +package org.wildfly.security.manager; import java.security.PrivilegedAction; diff --git a/security-util/src/main/java/org/jboss/as/util/security/ClearPropertyAction.java b/security-util/src/main/java/org/wildfly/security/manager/ClearPropertyAction.java similarity index 97% rename from security-util/src/main/java/org/jboss/as/util/security/ClearPropertyAction.java rename to security-util/src/main/java/org/wildfly/security/manager/ClearPropertyAction.java index d511591e8a68..19b929db5924 100644 --- a/security-util/src/main/java/org/jboss/as/util/security/ClearPropertyAction.java +++ b/security-util/src/main/java/org/wildfly/security/manager/ClearPropertyAction.java @@ -20,7 +20,7 @@ * 02110-1301 USA, or see the FSF site: http://www.fsf.org. */ -package org.jboss.as.util.security; +package org.wildfly.security.manager; import java.security.PrivilegedAction; diff --git a/security-util/src/main/java/org/jboss/as/util/security/CreateTempFileAction.java b/security-util/src/main/java/org/wildfly/security/manager/CreateTempFileAction.java similarity index 98% rename from security-util/src/main/java/org/jboss/as/util/security/CreateTempFileAction.java rename to security-util/src/main/java/org/wildfly/security/manager/CreateTempFileAction.java index 5db970fdcc30..ca90190c91b3 100644 --- a/security-util/src/main/java/org/jboss/as/util/security/CreateTempFileAction.java +++ b/security-util/src/main/java/org/wildfly/security/manager/CreateTempFileAction.java @@ -20,7 +20,7 @@ * 02110-1301 USA, or see the FSF site: http://www.fsf.org. */ -package org.jboss.as.util.security; +package org.wildfly.security.manager; import java.io.File; import java.io.IOException; diff --git a/security-util/src/main/java/org/jboss/as/util/security/CreateThreadAction.java b/security-util/src/main/java/org/wildfly/security/manager/CreateThreadAction.java similarity index 98% rename from security-util/src/main/java/org/jboss/as/util/security/CreateThreadAction.java rename to security-util/src/main/java/org/wildfly/security/manager/CreateThreadAction.java index 80e89ce70af9..e798f0c54729 100644 --- a/security-util/src/main/java/org/jboss/as/util/security/CreateThreadAction.java +++ b/security-util/src/main/java/org/wildfly/security/manager/CreateThreadAction.java @@ -20,7 +20,7 @@ * 02110-1301 USA, or see the FSF site: http://www.fsf.org. */ -package org.jboss.as.util.security; +package org.wildfly.security.manager; import java.security.PrivilegedAction; diff --git a/security-util/src/main/java/org/jboss/as/util/security/GetAccessControlContextAction.java b/security-util/src/main/java/org/wildfly/security/manager/GetAccessControlContextAction.java similarity index 97% rename from security-util/src/main/java/org/jboss/as/util/security/GetAccessControlContextAction.java rename to security-util/src/main/java/org/wildfly/security/manager/GetAccessControlContextAction.java index d2e808d2853d..155a04a75aa9 100644 --- a/security-util/src/main/java/org/jboss/as/util/security/GetAccessControlContextAction.java +++ b/security-util/src/main/java/org/wildfly/security/manager/GetAccessControlContextAction.java @@ -20,7 +20,7 @@ * 02110-1301 USA, or see the FSF site: http://www.fsf.org. */ -package org.jboss.as.util.security; +package org.wildfly.security.manager; import java.security.AccessControlContext; import java.security.AccessController; diff --git a/security-util/src/main/java/org/wildfly/security/manager/GetAccessibleDeclaredFieldAction.java b/security-util/src/main/java/org/wildfly/security/manager/GetAccessibleDeclaredFieldAction.java new file mode 100644 index 000000000000..c208ba355310 --- /dev/null +++ b/security-util/src/main/java/org/wildfly/security/manager/GetAccessibleDeclaredFieldAction.java @@ -0,0 +1,59 @@ +/* + * JBoss, Home of Professional Open Source. + * Copyright 2013, Red Hat, Inc., and individual contributors + * as indicated by the @author tags. See the copyright.txt file in the + * distribution for a full listing of individual contributors. + * + * This is free software; you can redistribute it and/or modify it + * under the terms of the GNU Lesser General Public License as + * published by the Free Software Foundation; either version 2.1 of + * the License, or (at your option) any later version. + * + * This software is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + * Lesser General Public License for more details. + * + * You should have received a copy of the GNU Lesser General Public + * License along with this software; if not, write to the Free + * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA + * 02110-1301 USA, or see the FSF site: http://www.fsf.org. + */ + +package org.wildfly.security.manager; + +import java.lang.reflect.Field; +import java.security.PrivilegedAction; + +/** + * A privileged action which gets and returns a non-public field from a class. + * + * @author David M. Lloyd + */ +// note: don't make this public. people should generally use the reflection index for this kind of thing. +final class GetAccessibleDeclaredFieldAction implements PrivilegedAction { + private final Class clazz; + private final String fieldName; + + /** + * Construct a new instance. + * + * @param clazz the class to search + * @param fieldName the field name to search for + */ + public GetAccessibleDeclaredFieldAction(final Class clazz, final String fieldName) { + this.clazz = clazz; + this.fieldName = fieldName; + } + + public Field run() { + final Field field; + try { + field = clazz.getDeclaredField(fieldName); + } catch (NoSuchFieldException e) { + throw new NoSuchFieldError(e.getMessage()); + } + field.setAccessible(true); + return field; + } +} diff --git a/security-util/src/main/java/org/jboss/as/util/security/GetBooleanAction.java b/security-util/src/main/java/org/wildfly/security/manager/GetBooleanAction.java similarity index 97% rename from security-util/src/main/java/org/jboss/as/util/security/GetBooleanAction.java rename to security-util/src/main/java/org/wildfly/security/manager/GetBooleanAction.java index b125ecaf197a..d0689cc2cf76 100644 --- a/security-util/src/main/java/org/jboss/as/util/security/GetBooleanAction.java +++ b/security-util/src/main/java/org/wildfly/security/manager/GetBooleanAction.java @@ -20,7 +20,7 @@ * 02110-1301 USA, or see the FSF site: http://www.fsf.org. */ -package org.jboss.as.util.security; +package org.wildfly.security.manager; import java.security.PrivilegedAction; diff --git a/security-util/src/main/java/org/jboss/as/util/security/GetClassLoaderAction.java b/security-util/src/main/java/org/wildfly/security/manager/GetClassLoaderAction.java similarity index 97% rename from security-util/src/main/java/org/jboss/as/util/security/GetClassLoaderAction.java rename to security-util/src/main/java/org/wildfly/security/manager/GetClassLoaderAction.java index bc9b810733d7..dcfcd9e3e3fe 100644 --- a/security-util/src/main/java/org/jboss/as/util/security/GetClassLoaderAction.java +++ b/security-util/src/main/java/org/wildfly/security/manager/GetClassLoaderAction.java @@ -20,7 +20,7 @@ * 02110-1301 USA, or see the FSF site: http://www.fsf.org. */ -package org.jboss.as.util.security; +package org.wildfly.security.manager; import java.security.PrivilegedAction; diff --git a/security-util/src/main/java/org/jboss/as/util/security/GetContextClassLoaderAction.java b/security-util/src/main/java/org/wildfly/security/manager/GetContextClassLoaderAction.java similarity index 97% rename from security-util/src/main/java/org/jboss/as/util/security/GetContextClassLoaderAction.java rename to security-util/src/main/java/org/wildfly/security/manager/GetContextClassLoaderAction.java index ef3d597a71c1..9f57ccf532fe 100644 --- a/security-util/src/main/java/org/jboss/as/util/security/GetContextClassLoaderAction.java +++ b/security-util/src/main/java/org/wildfly/security/manager/GetContextClassLoaderAction.java @@ -20,7 +20,7 @@ * 02110-1301 USA, or see the FSF site: http://www.fsf.org. */ -package org.jboss.as.util.security; +package org.wildfly.security.manager; import java.security.PrivilegedAction; diff --git a/security-util/src/main/java/org/jboss/as/util/security/GetEnvironmentAction.java b/security-util/src/main/java/org/wildfly/security/manager/GetEnvironmentAction.java similarity index 97% rename from security-util/src/main/java/org/jboss/as/util/security/GetEnvironmentAction.java rename to security-util/src/main/java/org/wildfly/security/manager/GetEnvironmentAction.java index 563b60765806..ff667c10d20f 100644 --- a/security-util/src/main/java/org/jboss/as/util/security/GetEnvironmentAction.java +++ b/security-util/src/main/java/org/wildfly/security/manager/GetEnvironmentAction.java @@ -20,7 +20,7 @@ * 02110-1301 USA, or see the FSF site: http://www.fsf.org. */ -package org.jboss.as.util.security; +package org.wildfly.security.manager; import java.security.PrivilegedAction; import java.util.Map; diff --git a/security-util/src/main/java/org/jboss/as/util/security/GetModuleClassLoaderAction.java b/security-util/src/main/java/org/wildfly/security/manager/GetModuleClassLoaderAction.java similarity index 97% rename from security-util/src/main/java/org/jboss/as/util/security/GetModuleClassLoaderAction.java rename to security-util/src/main/java/org/wildfly/security/manager/GetModuleClassLoaderAction.java index f7f4620d2c96..82065a947495 100644 --- a/security-util/src/main/java/org/jboss/as/util/security/GetModuleClassLoaderAction.java +++ b/security-util/src/main/java/org/wildfly/security/manager/GetModuleClassLoaderAction.java @@ -20,7 +20,7 @@ * 02110-1301 USA, or see the FSF site: http://www.fsf.org. */ -package org.jboss.as.util.security; +package org.wildfly.security.manager; import java.security.PrivilegedAction; import org.jboss.modules.Module; diff --git a/security-util/src/main/java/org/jboss/as/util/security/GetSystemPropertiesAction.java b/security-util/src/main/java/org/wildfly/security/manager/GetSystemPropertiesAction.java similarity index 97% rename from security-util/src/main/java/org/jboss/as/util/security/GetSystemPropertiesAction.java rename to security-util/src/main/java/org/wildfly/security/manager/GetSystemPropertiesAction.java index e5b165747660..6d7777df5c6c 100644 --- a/security-util/src/main/java/org/jboss/as/util/security/GetSystemPropertiesAction.java +++ b/security-util/src/main/java/org/wildfly/security/manager/GetSystemPropertiesAction.java @@ -20,7 +20,7 @@ * 02110-1301 USA, or see the FSF site: http://www.fsf.org. */ -package org.jboss.as.util.security; +package org.wildfly.security.manager; import java.security.PrivilegedAction; import java.util.Properties; diff --git a/security-util/src/main/java/org/jboss/as/util/security/ReadEnvironmentPropertyAction.java b/security-util/src/main/java/org/wildfly/security/manager/ReadEnvironmentPropertyAction.java similarity index 98% rename from security-util/src/main/java/org/jboss/as/util/security/ReadEnvironmentPropertyAction.java rename to security-util/src/main/java/org/wildfly/security/manager/ReadEnvironmentPropertyAction.java index 33372980f25a..20fbc526651f 100644 --- a/security-util/src/main/java/org/jboss/as/util/security/ReadEnvironmentPropertyAction.java +++ b/security-util/src/main/java/org/wildfly/security/manager/ReadEnvironmentPropertyAction.java @@ -20,7 +20,7 @@ * 02110-1301 USA, or see the FSF site: http://www.fsf.org. */ -package org.jboss.as.util.security; +package org.wildfly.security.manager; import java.security.PrivilegedAction; diff --git a/security-util/src/main/java/org/jboss/as/util/security/ReadPropertyAction.java b/security-util/src/main/java/org/wildfly/security/manager/ReadPropertyAction.java similarity index 98% rename from security-util/src/main/java/org/jboss/as/util/security/ReadPropertyAction.java rename to security-util/src/main/java/org/wildfly/security/manager/ReadPropertyAction.java index 823db0067eeb..9c531e0ada57 100644 --- a/security-util/src/main/java/org/jboss/as/util/security/ReadPropertyAction.java +++ b/security-util/src/main/java/org/wildfly/security/manager/ReadPropertyAction.java @@ -20,7 +20,7 @@ * 02110-1301 USA, or see the FSF site: http://www.fsf.org. */ -package org.jboss.as.util.security; +package org.wildfly.security.manager; import java.security.PrivilegedAction; diff --git a/security-util/src/main/java/org/jboss/as/util/security/ReplacePropertyAction.java b/security-util/src/main/java/org/wildfly/security/manager/ReplacePropertyAction.java similarity index 98% rename from security-util/src/main/java/org/jboss/as/util/security/ReplacePropertyAction.java rename to security-util/src/main/java/org/wildfly/security/manager/ReplacePropertyAction.java index 8ceb7c14c812..ad2499caa030 100644 --- a/security-util/src/main/java/org/jboss/as/util/security/ReplacePropertyAction.java +++ b/security-util/src/main/java/org/wildfly/security/manager/ReplacePropertyAction.java @@ -20,7 +20,7 @@ * 02110-1301 USA, or see the FSF site: http://www.fsf.org. */ -package org.jboss.as.util.security; +package org.wildfly.security.manager; import java.security.PrivilegedAction; import java.util.Properties; diff --git a/security-util/src/main/java/org/jboss/as/util/security/SetContextClassLoaderAction.java b/security-util/src/main/java/org/wildfly/security/manager/SetContextClassLoaderAction.java similarity index 97% rename from security-util/src/main/java/org/jboss/as/util/security/SetContextClassLoaderAction.java rename to security-util/src/main/java/org/wildfly/security/manager/SetContextClassLoaderAction.java index 9ab29be4f54c..75aa114ce556 100644 --- a/security-util/src/main/java/org/jboss/as/util/security/SetContextClassLoaderAction.java +++ b/security-util/src/main/java/org/wildfly/security/manager/SetContextClassLoaderAction.java @@ -20,7 +20,7 @@ * 02110-1301 USA, or see the FSF site: http://www.fsf.org. */ -package org.jboss.as.util.security; +package org.wildfly.security.manager; import java.security.PrivilegedAction; diff --git a/security-util/src/main/java/org/jboss/as/util/security/SetContextClassLoaderFromClassAction.java b/security-util/src/main/java/org/wildfly/security/manager/SetContextClassLoaderFromClassAction.java similarity index 97% rename from security-util/src/main/java/org/jboss/as/util/security/SetContextClassLoaderFromClassAction.java rename to security-util/src/main/java/org/wildfly/security/manager/SetContextClassLoaderFromClassAction.java index f8d30a2c2808..4ef6f5e496c5 100644 --- a/security-util/src/main/java/org/jboss/as/util/security/SetContextClassLoaderFromClassAction.java +++ b/security-util/src/main/java/org/wildfly/security/manager/SetContextClassLoaderFromClassAction.java @@ -20,7 +20,7 @@ * 02110-1301 USA, or see the FSF site: http://www.fsf.org. */ -package org.jboss.as.util.security; +package org.wildfly.security.manager; import java.security.PrivilegedAction; diff --git a/security-util/src/main/java/org/jboss/as/util/security/SetSystemPropertiesAction.java b/security-util/src/main/java/org/wildfly/security/manager/SetSystemPropertiesAction.java similarity index 97% rename from security-util/src/main/java/org/jboss/as/util/security/SetSystemPropertiesAction.java rename to security-util/src/main/java/org/wildfly/security/manager/SetSystemPropertiesAction.java index e3d425dbf151..0b7181c4fc8b 100644 --- a/security-util/src/main/java/org/jboss/as/util/security/SetSystemPropertiesAction.java +++ b/security-util/src/main/java/org/wildfly/security/manager/SetSystemPropertiesAction.java @@ -20,7 +20,7 @@ * 02110-1301 USA, or see the FSF site: http://www.fsf.org. */ -package org.jboss.as.util.security; +package org.wildfly.security.manager; import java.security.PrivilegedAction; import java.util.Properties; diff --git a/security-util/src/main/java/org/jboss/as/util/security/SubjectUtils.java b/security-util/src/main/java/org/wildfly/security/manager/SubjectUtils.java similarity index 98% rename from security-util/src/main/java/org/jboss/as/util/security/SubjectUtils.java rename to security-util/src/main/java/org/wildfly/security/manager/SubjectUtils.java index 0dad81fa11c9..72e793fc4841 100644 --- a/security-util/src/main/java/org/jboss/as/util/security/SubjectUtils.java +++ b/security-util/src/main/java/org/wildfly/security/manager/SubjectUtils.java @@ -20,7 +20,7 @@ * 02110-1301 USA, or see the FSF site: http://www.fsf.org. */ -package org.jboss.as.util.security; +package org.wildfly.security.manager; import java.security.AccessController; import java.security.Principal; diff --git a/security-util/src/main/java/org/wildfly/security/manager/WildFlySecurityManager.java b/security-util/src/main/java/org/wildfly/security/manager/WildFlySecurityManager.java new file mode 100644 index 000000000000..790e3ac3f5e5 --- /dev/null +++ b/security-util/src/main/java/org/wildfly/security/manager/WildFlySecurityManager.java @@ -0,0 +1,298 @@ +/* + * JBoss, Home of Professional Open Source. + * Copyright 2013, Red Hat, Inc., and individual contributors + * as indicated by the @author tags. See the copyright.txt file in the + * distribution for a full listing of individual contributors. + * + * This is free software; you can redistribute it and/or modify it + * under the terms of the GNU Lesser General Public License as + * published by the Free Software Foundation; either version 2.1 of + * the License, or (at your option) any later version. + * + * This software is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + * Lesser General Public License for more details. + * + * You should have received a copy of the GNU Lesser General Public + * License along with this software; if not, write to the Free + * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA + * 02110-1301 USA, or see the FSF site: http://www.fsf.org. + */ + +package org.wildfly.security.manager; + +import java.lang.reflect.Field; +import java.security.AccessControlContext; +import java.security.AccessController; +import java.security.CodeSource; +import java.security.Permission; +import java.security.Principal; +import java.security.PrivilegedAction; +import java.security.PrivilegedActionException; +import java.security.PrivilegedExceptionAction; +import java.security.ProtectionDomain; +import java.util.Arrays; +import org.wildfly.security.manager._private.SecurityMessages; +import sun.reflect.Reflection; + +import static java.lang.Boolean.FALSE; +import static java.lang.Boolean.TRUE; +import static org.wildfly.security.manager._private.SecurityMessages.access; + +/** + * The security manager. This security manager implementation can be switched on and off on a per-thread basis, + * and additionally logs access violations in a way that should be substantially clearer than most JDK implementations. + * + * @author David M. Lloyd + */ +public final class WildFlySecurityManager extends SecurityManager { + + private static final Permission SECURITY_MANAGER_PERMISSION = new RuntimePermission("setSecurityManager"); + private static final Permission UNCHECKED_PERMISSION = new RuntimePermission("doUnchecked"); + + private static final InheritableThreadLocal CHECKING = new InheritableThreadLocal<>(); + private static final ThreadLocal ENTERED = new ThreadLocal(); + + private static final Field PD_STACK; + + static { + PD_STACK = AccessController.doPrivileged(new GetAccessibleDeclaredFieldAction(AccessControlContext.class, "context")); + } + + /** + * Determine whether the security manager is currently checking permissions. + * + * @return {@code true} if the security manager is currently checking permissions + */ + public static boolean isChecking() { + final SecurityManager sm = System.getSecurityManager(); + return sm instanceof WildFlySecurityManager ? CHECKING.get() == TRUE : sm != null; + } + + /** + * Perform a permission check. + * + * @param perm the permission to check + * @throws SecurityException if the check fails + */ + public void checkPermission(final Permission perm) throws SecurityException { + checkPermission(perm, AccessController.getContext()); + } + + /** + * Perform a permission check. + * + * @param perm the permission to check + * @param context the security context to use for the check (must be an {@link AccessControlContext} instance) + * @throws SecurityException if the check fails + */ + public void checkPermission(final Permission perm, final Object context) throws SecurityException { + if (context instanceof AccessControlContext) { + checkPermission(perm, (AccessControlContext) context); + } else { + throw new SecurityException("Unknown security context type"); + } + } + + /** + * Find the protection domain in the given list which denies a permission, or {@code null} if the permission + * check would pass. + * + * @param permission the permission to test + * @param domains the protection domains to try + * @return the first denying protection domain, or {@code null} if there is none + */ + public static ProtectionDomain findAccessDenial(final Permission permission, final ProtectionDomain... domains) { + if (domains != null) for (ProtectionDomain domain : domains) { + if (! domain.implies(permission)) { + return domain; + } + } + return null; + } + + /** + * Try a permission check. Any violations will be logged to the {@code org.wildfly.security.access} category + * at a {@code DEBUG} level. + * + * @param permission the permission to check + * @param domains the protection domains to try + * @return {@code true} if the access check succeeded, {@code false} otherwise + */ + public static boolean tryCheckPermission(final Permission permission, final ProtectionDomain... domains) { + final ProtectionDomain protectionDomain = findAccessDenial(permission, domains); + if (protectionDomain != null) { + if (ENTERED.get() != TRUE) { + ENTERED.set(TRUE); + try { + final CodeSource codeSource = protectionDomain.getCodeSource(); + final ClassLoader classLoader = protectionDomain.getClassLoader(); + final Principal[] principals = protectionDomain.getPrincipals(); + if (principals == null || principals.length == 0) { + access.accessCheckFailed(permission, codeSource, classLoader); + } else { + access.accessCheckFailed(permission, codeSource, classLoader, Arrays.toString(principals)); + } + } finally { + ENTERED.set(FALSE); + } + } + return false; + } + return true; + } + + /** + * Perform a permission check. + * + * @param perm the permission to check + * @param context the security context to use for the check + * @throws SecurityException if the check fails + */ + public void checkPermission(final Permission perm, final AccessControlContext context) throws SecurityException { + if (perm.implies(SECURITY_MANAGER_PERMISSION)) { + throw new SecurityException("Security manager may not be changed"); + } + if (CHECKING.get() == TRUE) { + if (ENTERED.get() == TRUE) { + return; + } + ENTERED.set(TRUE); + try { + final ProtectionDomain[] stack; + try { + stack = (ProtectionDomain[]) PD_STACK.get(context); + } catch (IllegalAccessException e) { + // should be impossible + throw new IllegalAccessError(e.getMessage()); + } + if (stack != null && ! tryCheckPermission(perm, stack)) { + throw access.accessControlException(perm, perm); + } + } finally { + ENTERED.set(FALSE); + } + } + } + + /** + * Perform an action with permission checking enabled. If permission checking is already enabled, the action is + * simply run. + * + * @param action the action to perform + * @param the action return type + * @return the return value of the action + */ + public static T doChecked(PrivilegedAction action) { + final ThreadLocal checking = WildFlySecurityManager.CHECKING; + if (checking.get() == TRUE) { + return action.run(); + } + checking.set(TRUE); + try { + return action.run(); + } finally { + checking.set(FALSE); + } + } + + /** + * Perform an action with permission checking enabled. If permission checking is already enabled, the action is + * simply run. + * + * @param action the action to perform + * @param the action return type + * @return the return value of the action + * @throws PrivilegedActionException if the action threw an exception + */ + public static T doChecked(PrivilegedExceptionAction action) throws PrivilegedActionException { + final ThreadLocal checking = WildFlySecurityManager.CHECKING; + if (checking.get() == TRUE) { + try { + return action.run(); + } catch (RuntimeException e) { + throw e; + } catch (Exception e) { + throw new PrivilegedActionException(e); + } + } + checking.set(TRUE); + try { + return action.run(); + } catch (RuntimeException e) { + throw e; + } catch (Exception e) { + throw new PrivilegedActionException(e); + } finally { + checking.set(FALSE); + } + } + + /** + * Perform an action with permission checking disabled. If permission checking is already disabled, the action is + * simply run. The immediate caller must have the {@code doUnchecked} runtime permission. + * + * @param action the action to perform + * @param the action return type + * @return the return value of the action + */ + public static T doUnchecked(PrivilegedAction action) { + final ThreadLocal checking = WildFlySecurityManager.CHECKING; + if (checking.get() != TRUE) { + return action.run(); + } + final SecurityManager sm = System.getSecurityManager(); + if (sm != null) { + assert Reflection.getCallerClass(0) == Reflection.class; + assert Reflection.getCallerClass(1) == WildFlySecurityManager.class; + if (! Reflection.getCallerClass(2).getProtectionDomain().implies(UNCHECKED_PERMISSION)) { + throw SecurityMessages.access.accessControlException(UNCHECKED_PERMISSION, UNCHECKED_PERMISSION); + } + } + checking.set(FALSE); + try { + return action.run(); + } finally { + checking.set(TRUE); + } + } + + /** + * Perform an action with permission checking disabled. If permission checking is already disabled, the action is + * simply run. The caller must have the {@code doUnchecked} runtime permission. + * + * @param action the action to perform + * @param the action return type + * @return the return value of the action + * @throws PrivilegedActionException if the action threw an exception + */ + public static T doUnchecked(PrivilegedExceptionAction action) throws PrivilegedActionException { + final ThreadLocal checking = WildFlySecurityManager.CHECKING; + if (checking.get() != TRUE) { + try { + return action.run(); + } catch (Exception e) { + throw new PrivilegedActionException(e); + } + } + final SecurityManager sm = System.getSecurityManager(); + if (sm != null) { + assert Reflection.getCallerClass(0) == Reflection.class; + assert Reflection.getCallerClass(1) == WildFlySecurityManager.class; + if (! Reflection.getCallerClass(2).getProtectionDomain().implies(UNCHECKED_PERMISSION)) { + throw SecurityMessages.access.accessControlException(UNCHECKED_PERMISSION, UNCHECKED_PERMISSION); + } + } + checking.set(FALSE); + try { + try { + return action.run(); + } catch (Exception e) { + throw new PrivilegedActionException(e); + } + } finally { + checking.set(TRUE); + } + } +} diff --git a/security-util/src/main/java/org/jboss/as/util/security/WritePropertyAction.java b/security-util/src/main/java/org/wildfly/security/manager/WritePropertyAction.java similarity index 97% rename from security-util/src/main/java/org/jboss/as/util/security/WritePropertyAction.java rename to security-util/src/main/java/org/wildfly/security/manager/WritePropertyAction.java index cc35b998019e..edd0b59445a0 100644 --- a/security-util/src/main/java/org/jboss/as/util/security/WritePropertyAction.java +++ b/security-util/src/main/java/org/wildfly/security/manager/WritePropertyAction.java @@ -20,7 +20,7 @@ * 02110-1301 USA, or see the FSF site: http://www.fsf.org. */ -package org.jboss.as.util.security; +package org.wildfly.security.manager; import java.security.PrivilegedAction; diff --git a/security-util/src/main/java/org/jboss/as/util/security/WritePropertyIfAbsentAction.java b/security-util/src/main/java/org/wildfly/security/manager/WritePropertyIfAbsentAction.java similarity index 98% rename from security-util/src/main/java/org/jboss/as/util/security/WritePropertyIfAbsentAction.java rename to security-util/src/main/java/org/wildfly/security/manager/WritePropertyIfAbsentAction.java index 0025fa7b1223..4fde19f685d0 100644 --- a/security-util/src/main/java/org/jboss/as/util/security/WritePropertyIfAbsentAction.java +++ b/security-util/src/main/java/org/wildfly/security/manager/WritePropertyIfAbsentAction.java @@ -20,7 +20,7 @@ * 02110-1301 USA, or see the FSF site: http://www.fsf.org. */ -package org.jboss.as.util.security; +package org.wildfly.security.manager; import java.security.PrivilegedAction; import java.util.Properties; diff --git a/security-util/src/main/java/org/jboss/as/util/security/WriteSecurityPropertyAction.java b/security-util/src/main/java/org/wildfly/security/manager/WriteSecurityPropertyAction.java similarity index 97% rename from security-util/src/main/java/org/jboss/as/util/security/WriteSecurityPropertyAction.java rename to security-util/src/main/java/org/wildfly/security/manager/WriteSecurityPropertyAction.java index 3f35ebbd6cf1..1f0fa572fa6d 100644 --- a/security-util/src/main/java/org/jboss/as/util/security/WriteSecurityPropertyAction.java +++ b/security-util/src/main/java/org/wildfly/security/manager/WriteSecurityPropertyAction.java @@ -20,7 +20,7 @@ * 02110-1301 USA, or see the FSF site: http://www.fsf.org. */ -package org.jboss.as.util.security; +package org.wildfly.security.manager; import java.security.PrivilegedAction; import java.security.Security; diff --git a/security-util/src/main/java/org/wildfly/security/manager/_private/SecurityMessages.java b/security-util/src/main/java/org/wildfly/security/manager/_private/SecurityMessages.java new file mode 100644 index 000000000000..83182472a432 --- /dev/null +++ b/security-util/src/main/java/org/wildfly/security/manager/_private/SecurityMessages.java @@ -0,0 +1,53 @@ +/* + * JBoss, Home of Professional Open Source. + * Copyright 2013, Red Hat, Inc., and individual contributors + * as indicated by the @author tags. See the copyright.txt file in the + * distribution for a full listing of individual contributors. + * + * This is free software; you can redistribute it and/or modify it + * under the terms of the GNU Lesser General Public License as + * published by the Free Software Foundation; either version 2.1 of + * the License, or (at your option) any later version. + * + * This software is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + * Lesser General Public License for more details. + * + * You should have received a copy of the GNU Lesser General Public + * License along with this software; if not, write to the Free + * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA + * 02110-1301 USA, or see the FSF site: http://www.fsf.org. + */ + +package org.wildfly.security.manager._private; + +import java.security.AccessControlException; +import java.security.CodeSource; +import java.security.Permission; +import org.jboss.logging.Logger; +import org.jboss.logging.annotations.LogMessage; +import org.jboss.logging.annotations.Message; +import org.jboss.logging.annotations.MessageLogger; +import org.jboss.logging.annotations.Param; + +import static org.jboss.logging.Logger.Level.DEBUG; + +/** + * @author David M. Lloyd + */ +@MessageLogger(projectCode = "WFSEC") +public interface SecurityMessages { + SecurityMessages access = Logger.getMessageLogger(SecurityMessages.class, "org.wildfly.security.access"); + + @LogMessage(level = DEBUG) + @Message(value = "Permission check failed (permission \"%s\" in code source \"%s\" of \"%s\", principals \"%s\")") + void accessCheckFailed(Permission permission, CodeSource codeSource, ClassLoader classLoader, String principals); + + @LogMessage(level = DEBUG) + @Message(value = "Permission check failed (permission \"%s\" in code source \"%s\" of \"%s\")") + void accessCheckFailed(Permission permission, CodeSource codeSource, ClassLoader classLoader); + + @Message(id = 1, value = "Permission check failed for %s") + AccessControlException accessControlException(@Param Permission permission, Permission permission_); +} diff --git a/security/src/main/java/org/jboss/as/security/SecurityActions.java b/security/src/main/java/org/jboss/as/security/SecurityActions.java index cdaa416d3a47..d9968109d8f3 100644 --- a/security/src/main/java/org/jboss/as/security/SecurityActions.java +++ b/security/src/main/java/org/jboss/as/security/SecurityActions.java @@ -22,9 +22,9 @@ * 02110-1301 USA, or see the FSF site: http://www.fsf.org. */ -import org.jboss.as.util.security.GetContextClassLoaderAction; -import org.jboss.as.util.security.SetContextClassLoaderAction; -import org.jboss.as.util.security.WritePropertyAction; +import org.wildfly.security.manager.GetContextClassLoaderAction; +import org.wildfly.security.manager.SetContextClassLoaderAction; +import org.wildfly.security.manager.WritePropertyAction; import static java.lang.System.getSecurityManager; import static java.lang.System.setProperty; diff --git a/security/src/main/java/org/jboss/as/security/context/SecurityActions.java b/security/src/main/java/org/jboss/as/security/context/SecurityActions.java index 468cc1b4cb04..c1b45778d8c9 100644 --- a/security/src/main/java/org/jboss/as/security/context/SecurityActions.java +++ b/security/src/main/java/org/jboss/as/security/context/SecurityActions.java @@ -22,7 +22,7 @@ package org.jboss.as.security.context; -import org.jboss.as.util.security.GetClassLoaderAction; +import org.wildfly.security.manager.GetClassLoaderAction; import org.jboss.modules.ModuleClassLoader; import org.jboss.modules.ModuleLoadException; diff --git a/security/src/main/java/org/jboss/as/security/plugins/SecurityActions.java b/security/src/main/java/org/jboss/as/security/plugins/SecurityActions.java index 97c1d91f5d39..be660d84f118 100644 --- a/security/src/main/java/org/jboss/as/security/plugins/SecurityActions.java +++ b/security/src/main/java/org/jboss/as/security/plugins/SecurityActions.java @@ -25,8 +25,8 @@ import java.security.Principal; import java.security.PrivilegedAction; -import org.jboss.as.util.security.GetContextClassLoaderAction; -import org.jboss.as.util.security.GetModuleClassLoaderAction; +import org.wildfly.security.manager.GetContextClassLoaderAction; +import org.wildfly.security.manager.GetModuleClassLoaderAction; import org.jboss.modules.Module; import org.jboss.modules.ModuleClassLoader; import org.jboss.modules.ModuleIdentifier; diff --git a/security/src/main/java/org/jboss/as/security/service/SecurityActions.java b/security/src/main/java/org/jboss/as/security/service/SecurityActions.java index 0a1e79b00a36..f9a81cbd9bc9 100644 --- a/security/src/main/java/org/jboss/as/security/service/SecurityActions.java +++ b/security/src/main/java/org/jboss/as/security/service/SecurityActions.java @@ -29,10 +29,10 @@ import org.jboss.as.security.SecurityMessages; import org.jboss.as.security.remoting.RemotingContext; -import org.jboss.as.util.security.GetContextClassLoaderAction; -import org.jboss.as.util.security.GetModuleClassLoaderAction; -import org.jboss.as.util.security.ReadPropertyAction; -import org.jboss.as.util.security.WriteSecurityPropertyAction; +import org.wildfly.security.manager.GetContextClassLoaderAction; +import org.wildfly.security.manager.GetModuleClassLoaderAction; +import org.wildfly.security.manager.ReadPropertyAction; +import org.wildfly.security.manager.WriteSecurityPropertyAction; import org.jboss.modules.Module; import org.jboss.modules.ModuleClassLoader; import org.jboss.modules.ModuleIdentifier; diff --git a/server/src/main/java/org/jboss/as/server/Main.java b/server/src/main/java/org/jboss/as/server/Main.java index 6ff57501b163..fa320f71a2f7 100644 --- a/server/src/main/java/org/jboss/as/server/Main.java +++ b/server/src/main/java/org/jboss/as/server/Main.java @@ -34,6 +34,7 @@ import org.jboss.as.controller.RunningMode; import org.jboss.as.process.CommandLineConstants; import org.jboss.as.process.ExitCodes; +import org.wildfly.security.manager.WildFlySecurityManager; import org.jboss.as.version.ProductConfig; import org.jboss.modules.Module; import org.jboss.modules.ModuleIdentifier; @@ -66,7 +67,6 @@ private Main() { * @param args the command-line arguments */ public static void main(String[] args) { - try { if (java.util.logging.LogManager.getLogManager().getClass().getName().equals("org.jboss.logmanager.LogManager")) { // Make sure our original stdio is properly captured. diff --git a/server/src/main/java/org/jboss/as/server/SecurityActions.java b/server/src/main/java/org/jboss/as/server/SecurityActions.java index b1218a939695..994a62106734 100644 --- a/server/src/main/java/org/jboss/as/server/SecurityActions.java +++ b/server/src/main/java/org/jboss/as/server/SecurityActions.java @@ -25,12 +25,12 @@ import java.security.Security; import java.util.Map; import java.util.Properties; -import org.jboss.as.util.security.ClearPropertyAction; -import org.jboss.as.util.security.GetEnvironmentAction; -import org.jboss.as.util.security.GetSystemPropertiesAction; -import org.jboss.as.util.security.ReadPropertyAction; -import org.jboss.as.util.security.WritePropertyAction; -import org.jboss.as.util.security.WriteSecurityPropertyAction; +import org.wildfly.security.manager.ClearPropertyAction; +import org.wildfly.security.manager.GetEnvironmentAction; +import org.wildfly.security.manager.GetSystemPropertiesAction; +import org.wildfly.security.manager.ReadPropertyAction; +import org.wildfly.security.manager.WritePropertyAction; +import org.wildfly.security.manager.WriteSecurityPropertyAction; import static java.lang.System.clearProperty; import static java.lang.System.getProperties; diff --git a/server/src/main/java/org/jboss/as/server/ServerService.java b/server/src/main/java/org/jboss/as/server/ServerService.java index 4e9fb166b949..fed4ee451127 100644 --- a/server/src/main/java/org/jboss/as/server/ServerService.java +++ b/server/src/main/java/org/jboss/as/server/ServerService.java @@ -100,7 +100,7 @@ import org.jboss.as.server.moduleservice.ExternalModuleService; import org.jboss.as.server.moduleservice.ServiceModuleLoader; import org.jboss.as.server.services.security.AbstractVaultReader; -import org.jboss.as.util.security.GetAccessControlContextAction; +import org.wildfly.security.manager.GetAccessControlContextAction; import org.jboss.dmr.ModelNode; import org.jboss.msc.service.Service; import org.jboss.msc.service.ServiceBuilder; diff --git a/server/src/main/java/org/jboss/as/server/controller/resources/SecurityActions.java b/server/src/main/java/org/jboss/as/server/controller/resources/SecurityActions.java index 59d14b1fedc0..e4d0005062e0 100644 --- a/server/src/main/java/org/jboss/as/server/controller/resources/SecurityActions.java +++ b/server/src/main/java/org/jboss/as/server/controller/resources/SecurityActions.java @@ -21,7 +21,7 @@ */ package org.jboss.as.server.controller.resources; -import org.jboss.as.util.security.GetClassLoaderAction; +import org.wildfly.security.manager.GetClassLoaderAction; import static java.lang.System.getSecurityManager; import static java.security.AccessController.doPrivileged; diff --git a/server/src/main/java/org/jboss/as/server/deployment/DeploymentMountProvider.java b/server/src/main/java/org/jboss/as/server/deployment/DeploymentMountProvider.java index 171e0a37fd79..b975ccf8d53a 100644 --- a/server/src/main/java/org/jboss/as/server/deployment/DeploymentMountProvider.java +++ b/server/src/main/java/org/jboss/as/server/deployment/DeploymentMountProvider.java @@ -29,7 +29,7 @@ import org.jboss.as.server.ServerLogger; import org.jboss.as.server.ServerMessages; -import org.jboss.as.util.security.GetAccessControlContextAction; +import org.wildfly.security.manager.GetAccessControlContextAction; import org.jboss.msc.service.Service; import org.jboss.msc.service.ServiceName; import org.jboss.msc.service.ServiceTarget; diff --git a/server/src/main/java/org/jboss/as/server/deployment/reflect/SecurityActions.java b/server/src/main/java/org/jboss/as/server/deployment/reflect/SecurityActions.java index 183e851d2226..5c9c705b238d 100644 --- a/server/src/main/java/org/jboss/as/server/deployment/reflect/SecurityActions.java +++ b/server/src/main/java/org/jboss/as/server/deployment/reflect/SecurityActions.java @@ -22,8 +22,8 @@ package org.jboss.as.server.deployment.reflect; -import org.jboss.as.util.security.GetContextClassLoaderAction; -import org.jboss.as.util.security.SetContextClassLoaderAction; +import org.wildfly.security.manager.GetContextClassLoaderAction; +import org.wildfly.security.manager.SetContextClassLoaderAction; import static java.lang.System.getSecurityManager; import static java.lang.Thread.currentThread; diff --git a/server/src/main/java/org/jboss/as/server/mgmt/domain/HostControllerConnectionService.java b/server/src/main/java/org/jboss/as/server/mgmt/domain/HostControllerConnectionService.java index 279ef482b394..331cfe98da33 100644 --- a/server/src/main/java/org/jboss/as/server/mgmt/domain/HostControllerConnectionService.java +++ b/server/src/main/java/org/jboss/as/server/mgmt/domain/HostControllerConnectionService.java @@ -28,7 +28,7 @@ import org.jboss.as.protocol.ProtocolConnectionConfiguration; import org.jboss.as.protocol.StreamUtils; import org.jboss.as.server.ServerMessages; -import org.jboss.as.util.security.GetAccessControlContextAction; +import org.wildfly.security.manager.GetAccessControlContextAction; import org.jboss.msc.service.Service; import org.jboss.msc.service.ServiceName; import org.jboss.msc.service.StartContext; diff --git a/server/src/main/java/org/jboss/as/server/operations/HttpManagementAddHandler.java b/server/src/main/java/org/jboss/as/server/operations/HttpManagementAddHandler.java index d1dbc02afc89..bbe4068357b2 100644 --- a/server/src/main/java/org/jboss/as/server/operations/HttpManagementAddHandler.java +++ b/server/src/main/java/org/jboss/as/server/operations/HttpManagementAddHandler.java @@ -30,7 +30,6 @@ import static org.jboss.as.server.mgmt.HttpManagementResourceDefinition.SECURITY_REALM; import static org.jboss.as.server.mgmt.HttpManagementResourceDefinition.SOCKET_BINDING; -import java.security.AccessController; import java.util.Arrays; import java.util.List; import java.util.concurrent.Executors; @@ -59,7 +58,7 @@ import org.jboss.as.server.mgmt._UndertowHttpManagementService; import org.jboss.as.server.mgmt.domain.HttpManagement; import org.jboss.as.server.services.net.NetworkInterfaceService; -import org.jboss.as.util.security.GetAccessControlContextAction; +import org.wildfly.security.manager.GetAccessControlContextAction; import org.jboss.dmr.ModelNode; import org.jboss.msc.service.ServiceBuilder; import org.jboss.msc.service.ServiceController; diff --git a/server/src/main/java/org/jboss/as/server/operations/SecurityActions.java b/server/src/main/java/org/jboss/as/server/operations/SecurityActions.java index 29fc19292f05..aeb663e6f075 100644 --- a/server/src/main/java/org/jboss/as/server/operations/SecurityActions.java +++ b/server/src/main/java/org/jboss/as/server/operations/SecurityActions.java @@ -21,10 +21,10 @@ */ package org.jboss.as.server.operations; -import org.jboss.as.util.security.ClearPropertyAction; -import org.jboss.as.util.security.GetClassLoaderAction; -import org.jboss.as.util.security.ReadPropertyAction; -import org.jboss.as.util.security.WritePropertyAction; +import org.wildfly.security.manager.ClearPropertyAction; +import org.wildfly.security.manager.GetClassLoaderAction; +import org.wildfly.security.manager.ReadPropertyAction; +import org.wildfly.security.manager.WritePropertyAction; import static java.lang.System.clearProperty; import static java.lang.System.getProperty; diff --git a/server/src/main/java/org/jboss/as/server/services/net/NetworkInterfaceService.java b/server/src/main/java/org/jboss/as/server/services/net/NetworkInterfaceService.java index a59f75a3deba..a9706e432200 100644 --- a/server/src/main/java/org/jboss/as/server/services/net/NetworkInterfaceService.java +++ b/server/src/main/java/org/jboss/as/server/services/net/NetworkInterfaceService.java @@ -40,7 +40,7 @@ import org.jboss.as.network.NetworkInterfaceBinding; import org.jboss.as.server.ServerLogger; import org.jboss.as.server.ServerMessages; -import org.jboss.as.util.security.ReadPropertyAction; +import org.wildfly.security.manager.ReadPropertyAction; import org.jboss.msc.service.Service; import org.jboss.msc.service.ServiceName; import org.jboss.msc.service.StartContext; diff --git a/testsuite/shared/src/main/java/org/jboss/as/test/integration/domain/management/util/DomainControllerClientConfig.java b/testsuite/shared/src/main/java/org/jboss/as/test/integration/domain/management/util/DomainControllerClientConfig.java index 37e185617a24..700a46720440 100644 --- a/testsuite/shared/src/main/java/org/jboss/as/test/integration/domain/management/util/DomainControllerClientConfig.java +++ b/testsuite/shared/src/main/java/org/jboss/as/test/integration/domain/management/util/DomainControllerClientConfig.java @@ -23,7 +23,7 @@ package org.jboss.as.test.integration.domain.management.util; import org.jboss.as.protocol.ProtocolChannelClient; -import org.jboss.as.util.security.GetAccessControlContextAction; +import org.wildfly.security.manager.GetAccessControlContextAction; import org.jboss.remoting3.Endpoint; import org.jboss.remoting3.Remoting; import org.jboss.remoting3.remote.RemoteConnectionProviderFactory; @@ -34,7 +34,6 @@ import java.io.Closeable; import java.io.IOException; import java.net.URI; -import java.security.AccessController; import java.util.concurrent.ExecutorService; import java.util.concurrent.LinkedBlockingQueue; import java.util.concurrent.ThreadFactory; diff --git a/threads/src/main/java/org/jboss/as/threads/ThreadFactoryService.java b/threads/src/main/java/org/jboss/as/threads/ThreadFactoryService.java index 8ad18674ae78..9a93098ee862 100644 --- a/threads/src/main/java/org/jboss/as/threads/ThreadFactoryService.java +++ b/threads/src/main/java/org/jboss/as/threads/ThreadFactoryService.java @@ -23,7 +23,7 @@ package org.jboss.as.threads; import java.util.concurrent.ThreadFactory; -import org.jboss.as.util.security.GetAccessControlContextAction; +import org.wildfly.security.manager.GetAccessControlContextAction; import org.jboss.msc.service.Service; import org.jboss.msc.service.StartContext; import org.jboss.msc.service.StartException; diff --git a/undertow/src/main/java/org/wildfly/extension/undertow/session/DistributableSessionManager.java b/undertow/src/main/java/org/wildfly/extension/undertow/session/DistributableSessionManager.java index 391d0aaeef90..ca272564fb1c 100644 --- a/undertow/src/main/java/org/wildfly/extension/undertow/session/DistributableSessionManager.java +++ b/undertow/src/main/java/org/wildfly/extension/undertow/session/DistributableSessionManager.java @@ -66,7 +66,7 @@ import org.wildfly.extension.undertow.session.notification.ClusteredSessionNotificationCause; import org.wildfly.extension.undertow.session.notification.ClusteredSessionNotificationPolicy; import org.wildfly.extension.undertow.session.notification.IgnoreUndeployLegacyClusteredSessionNotificationPolicy; -import org.jboss.as.util.security.ReadPropertyAction; +import org.wildfly.security.manager.ReadPropertyAction; import org.jboss.logging.Logger; import org.jboss.marshalling.ClassResolver; import org.jboss.metadata.web.jboss.JBossWebMetaData; diff --git a/web/src/main/java/org/jboss/as/web/deployment/SecurityActions.java b/web/src/main/java/org/jboss/as/web/deployment/SecurityActions.java index ca41e4b75909..e825bc6a5261 100644 --- a/web/src/main/java/org/jboss/as/web/deployment/SecurityActions.java +++ b/web/src/main/java/org/jboss/as/web/deployment/SecurityActions.java @@ -22,8 +22,8 @@ package org.jboss.as.web.deployment; -import org.jboss.as.util.security.ReadPropertyAction; -import org.jboss.as.util.security.WritePropertyAction; +import org.wildfly.security.manager.ReadPropertyAction; +import org.wildfly.security.manager.WritePropertyAction; import static java.lang.System.getProperty; import static java.lang.System.getSecurityManager; diff --git a/web/src/main/java/org/jboss/as/web/session/DistributableSessionManager.java b/web/src/main/java/org/jboss/as/web/session/DistributableSessionManager.java index 6579500bacd6..0d0ca7d968bf 100644 --- a/web/src/main/java/org/jboss/as/web/session/DistributableSessionManager.java +++ b/web/src/main/java/org/jboss/as/web/session/DistributableSessionManager.java @@ -63,7 +63,7 @@ import org.jboss.as.clustering.web.OutgoingAttributeGranularitySessionData; import org.jboss.as.clustering.web.OutgoingDistributableSessionData; import org.jboss.as.clustering.web.OutgoingSessionGranularitySessionData; -import org.jboss.as.util.security.ReadPropertyAction; +import org.wildfly.security.manager.ReadPropertyAction; import org.jboss.as.web.WebLogger; import org.jboss.as.web.session.notification.ClusteredSessionNotificationCapability; import org.jboss.as.web.session.notification.ClusteredSessionNotificationCause; diff --git a/webservices/server-integration/src/main/java/org/jboss/as/webservices/deployers/SecurityActions.java b/webservices/server-integration/src/main/java/org/jboss/as/webservices/deployers/SecurityActions.java index 83d3bc8802af..a5191cd01ce1 100644 --- a/webservices/server-integration/src/main/java/org/jboss/as/webservices/deployers/SecurityActions.java +++ b/webservices/server-integration/src/main/java/org/jboss/as/webservices/deployers/SecurityActions.java @@ -21,8 +21,8 @@ */ package org.jboss.as.webservices.deployers; -import org.jboss.as.util.security.GetContextClassLoaderAction; -import org.jboss.as.util.security.SetContextClassLoaderAction; +import org.wildfly.security.manager.GetContextClassLoaderAction; +import org.wildfly.security.manager.SetContextClassLoaderAction; import static java.lang.System.getSecurityManager; import static java.lang.Thread.currentThread; diff --git a/webservices/server-integration/src/main/java/org/jboss/as/webservices/parser/WSDeploymentAspectParser.java b/webservices/server-integration/src/main/java/org/jboss/as/webservices/parser/WSDeploymentAspectParser.java index e7cef02bd665..01190ff0c632 100644 --- a/webservices/server-integration/src/main/java/org/jboss/as/webservices/parser/WSDeploymentAspectParser.java +++ b/webservices/server-integration/src/main/java/org/jboss/as/webservices/parser/WSDeploymentAspectParser.java @@ -40,8 +40,8 @@ import javax.xml.stream.XMLStreamReader; import javax.xml.ws.WebServiceException; -import org.jboss.as.util.security.GetContextClassLoaderAction; -import org.jboss.as.util.security.SetContextClassLoaderAction; +import org.wildfly.security.manager.GetContextClassLoaderAction; +import org.wildfly.security.manager.SetContextClassLoaderAction; import org.jboss.ws.common.JavaUtils; import org.jboss.wsf.spi.deployment.DeploymentAspect; import org.jboss.wsf.spi.util.StAXUtils; diff --git a/webservices/server-integration/src/main/java/org/jboss/as/webservices/publish/SecurityActions.java b/webservices/server-integration/src/main/java/org/jboss/as/webservices/publish/SecurityActions.java index ecc131e7c65d..2046e69952a8 100644 --- a/webservices/server-integration/src/main/java/org/jboss/as/webservices/publish/SecurityActions.java +++ b/webservices/server-integration/src/main/java/org/jboss/as/webservices/publish/SecurityActions.java @@ -21,8 +21,8 @@ */ package org.jboss.as.webservices.publish; -import org.jboss.as.util.security.GetContextClassLoaderAction; -import org.jboss.as.util.security.SetContextClassLoaderAction; +import org.wildfly.security.manager.GetContextClassLoaderAction; +import org.wildfly.security.manager.SetContextClassLoaderAction; import static java.lang.System.getSecurityManager; import static java.lang.Thread.currentThread; diff --git a/webservices/server-integration/src/main/java/org/jboss/as/webservices/webserviceref/SecurityActions.java b/webservices/server-integration/src/main/java/org/jboss/as/webservices/webserviceref/SecurityActions.java index 160ac565cb41..7c7f7aa75b49 100644 --- a/webservices/server-integration/src/main/java/org/jboss/as/webservices/webserviceref/SecurityActions.java +++ b/webservices/server-integration/src/main/java/org/jboss/as/webservices/webserviceref/SecurityActions.java @@ -22,8 +22,8 @@ package org.jboss.as.webservices.webserviceref; -import org.jboss.as.util.security.GetContextClassLoaderAction; -import org.jboss.as.util.security.SetContextClassLoaderAction; +import org.wildfly.security.manager.GetContextClassLoaderAction; +import org.wildfly.security.manager.SetContextClassLoaderAction; import static java.lang.System.getSecurityManager; import static java.lang.Thread.currentThread; diff --git a/weld/src/main/java/org/jboss/as/weld/SecurityActions.java b/weld/src/main/java/org/jboss/as/weld/SecurityActions.java index c8a5d0513077..e77dad3ddfc4 100644 --- a/weld/src/main/java/org/jboss/as/weld/SecurityActions.java +++ b/weld/src/main/java/org/jboss/as/weld/SecurityActions.java @@ -22,8 +22,8 @@ package org.jboss.as.weld; -import org.jboss.as.util.security.GetContextClassLoaderAction; -import org.jboss.as.util.security.SetContextClassLoaderAction; +import org.wildfly.security.manager.GetContextClassLoaderAction; +import org.wildfly.security.manager.SetContextClassLoaderAction; import static java.lang.System.getSecurityManager; import static java.lang.Thread.currentThread; diff --git a/weld/src/main/java/org/jboss/as/weld/deployment/processors/SecurityActions.java b/weld/src/main/java/org/jboss/as/weld/deployment/processors/SecurityActions.java index 9ade0767014b..a23c3125f247 100644 --- a/weld/src/main/java/org/jboss/as/weld/deployment/processors/SecurityActions.java +++ b/weld/src/main/java/org/jboss/as/weld/deployment/processors/SecurityActions.java @@ -22,8 +22,8 @@ package org.jboss.as.weld.deployment.processors; -import org.jboss.as.util.security.GetContextClassLoaderAction; -import org.jboss.as.util.security.SetContextClassLoaderAction; +import org.wildfly.security.manager.GetContextClassLoaderAction; +import org.wildfly.security.manager.SetContextClassLoaderAction; import static java.lang.System.getSecurityManager; import static java.lang.Thread.currentThread; diff --git a/weld/src/main/java/org/jboss/as/weld/ejb/SecurityActions.java b/weld/src/main/java/org/jboss/as/weld/ejb/SecurityActions.java index 3b31ba23e506..cf7250d51dc6 100644 --- a/weld/src/main/java/org/jboss/as/weld/ejb/SecurityActions.java +++ b/weld/src/main/java/org/jboss/as/weld/ejb/SecurityActions.java @@ -22,8 +22,8 @@ package org.jboss.as.weld.ejb; -import org.jboss.as.util.security.GetContextClassLoaderAction; -import org.jboss.as.util.security.SetContextClassLoaderAction; +import org.wildfly.security.manager.GetContextClassLoaderAction; +import org.wildfly.security.manager.SetContextClassLoaderAction; import static java.lang.System.getSecurityManager; import static java.lang.Thread.currentThread; diff --git a/weld/src/main/java/org/jboss/as/weld/injection/SecurityActions.java b/weld/src/main/java/org/jboss/as/weld/injection/SecurityActions.java index bf0471515e89..2e37a4b33f02 100644 --- a/weld/src/main/java/org/jboss/as/weld/injection/SecurityActions.java +++ b/weld/src/main/java/org/jboss/as/weld/injection/SecurityActions.java @@ -24,8 +24,8 @@ import java.lang.reflect.AccessibleObject; import java.security.PrivilegedAction; -import org.jboss.as.util.security.GetContextClassLoaderAction; -import org.jboss.as.util.security.SetContextClassLoaderAction; +import org.wildfly.security.manager.GetContextClassLoaderAction; +import org.wildfly.security.manager.SetContextClassLoaderAction; import static java.lang.System.getSecurityManager; import static java.lang.Thread.currentThread; diff --git a/weld/src/main/java/org/jboss/as/weld/services/ModuleGroupSingletonProvider.java b/weld/src/main/java/org/jboss/as/weld/services/ModuleGroupSingletonProvider.java index 24bcc9b1d604..7affd423daab 100644 --- a/weld/src/main/java/org/jboss/as/weld/services/ModuleGroupSingletonProvider.java +++ b/weld/src/main/java/org/jboss/as/weld/services/ModuleGroupSingletonProvider.java @@ -27,7 +27,7 @@ import java.util.Set; import java.util.concurrent.ConcurrentHashMap; -import org.jboss.as.util.security.GetContextClassLoaderAction; +import org.wildfly.security.manager.GetContextClassLoaderAction; import org.jboss.as.weld.WeldMessages; import org.jboss.modules.ModuleClassLoader; import org.jboss.weld.bootstrap.api.Singleton; diff --git a/weld/src/main/java/org/jboss/as/weld/services/bootstrap/AbstractResourceInjectionServices.java b/weld/src/main/java/org/jboss/as/weld/services/bootstrap/AbstractResourceInjectionServices.java index a3e99578d33e..0b906477f238 100644 --- a/weld/src/main/java/org/jboss/as/weld/services/bootstrap/AbstractResourceInjectionServices.java +++ b/weld/src/main/java/org/jboss/as/weld/services/bootstrap/AbstractResourceInjectionServices.java @@ -28,7 +28,7 @@ import org.jboss.as.naming.ManagedReference; import org.jboss.as.naming.ManagedReferenceFactory; import org.jboss.as.naming.deployment.ContextNames; -import org.jboss.as.util.security.GetContextClassLoaderAction; +import org.wildfly.security.manager.GetContextClassLoaderAction; import org.jboss.msc.service.ServiceController; import org.jboss.msc.service.ServiceRegistry; import org.jboss.weld.exceptions.DefinitionException; diff --git a/xts/src/main/java/org/jboss/as/xts/SecurityActions.java b/xts/src/main/java/org/jboss/as/xts/SecurityActions.java index 162af4a75c19..0d87c80f8b56 100644 --- a/xts/src/main/java/org/jboss/as/xts/SecurityActions.java +++ b/xts/src/main/java/org/jboss/as/xts/SecurityActions.java @@ -21,7 +21,7 @@ */ package org.jboss.as.xts; -import org.jboss.as.util.security.SetContextClassLoaderAction; +import org.wildfly.security.manager.SetContextClassLoaderAction; import static java.lang.System.getSecurityManager; import static java.lang.Thread.currentThread;