[Carbon-commits] [Carbon] svn commit r116140 - in branches/carbon/3.2.0/core/org.wso2.carbon.bootstrap/3.2.3: . src/main/java/org/wso2/carbon/bootstrap

pradeeban at wso2.com pradeeban at wso2.com
Fri Nov 25 01:18:38 EST 2011 

Author: pradeeban
Date: Thu Nov 24 22:18:38 2011
New Revision: 116140
URL: http://wso2.org/svn/browse/wso2?view=rev&revision=116140

Log:
Fixing CARBON-11626.


Modified:
   branches/carbon/3.2.0/core/org.wso2.carbon.bootstrap/3.2.3/pom.xml
   branches/carbon/3.2.0/core/org.wso2.carbon.bootstrap/3.2.3/src/main/java/org/wso2/carbon/bootstrap/CarbonSecurityManager.java

Modified: branches/carbon/3.2.0/core/org.wso2.carbon.bootstrap/3.2.3/pom.xml
URL: http://wso2.org/svn/browse/wso2/branches/carbon/3.2.0/core/org.wso2.carbon.bootstrap/3.2.3/pom.xml?rev=116140&r1=116139&r2=116140&view=diff
==============================================================================
--- branches/carbon/3.2.0/core/org.wso2.carbon.bootstrap/3.2.3/pom.xml	(original)
+++ branches/carbon/3.2.0/core/org.wso2.carbon.bootstrap/3.2.3/pom.xml	Thu Nov 24 22:18:38 2011
@@ -26,7 +26,7 @@
         <relativePath>../../pom.xml</relativePath>
     </parent>
 
-    <version>3.2.2</version>
+    <version>3.2.3</version>
     <modelVersion>4.0.0</modelVersion>
     <artifactId>org.wso2.carbon.bootstrap</artifactId>
     <packaging>jar</packaging>

Modified: branches/carbon/3.2.0/core/org.wso2.carbon.bootstrap/3.2.3/src/main/java/org/wso2/carbon/bootstrap/CarbonSecurityManager.java
URL: http://wso2.org/svn/browse/wso2/branches/carbon/3.2.0/core/org.wso2.carbon.bootstrap/3.2.3/src/main/java/org/wso2/carbon/bootstrap/CarbonSecurityManager.java?rev=116140&r1=116139&r2=116140&view=diff
==============================================================================
--- branches/carbon/3.2.0/core/org.wso2.carbon.bootstrap/3.2.3/src/main/java/org/wso2/carbon/bootstrap/CarbonSecurityManager.java	(original)
+++ branches/carbon/3.2.0/core/org.wso2.carbon.bootstrap/3.2.3/src/main/java/org/wso2/carbon/bootstrap/CarbonSecurityManager.java	Thu Nov 24 22:18:38 2011
@@ -76,6 +76,32 @@
         super.checkPropertyAccess(key);
     }
 
+    public void checkPackageAccess(String pkg) {
+        super.checkPackageAccess(pkg);
+        if (isLog4jLoadedByAWebapp(pkg)) {
+            throw new AccessControlException("Web Application is trying to load log4j which " +
+                    "is not allowed..");
+        }
+    }
+ 
+    private boolean isLog4jLoadedByAWebapp(String pkg) {
+        boolean log4jLoaded = false;
+
+        if (pkg.startsWith("org.apache.log4j")) {
+            StackTraceElement[] stackTraceElements = Thread.currentThread().getStackTrace();
+            boolean isCatalina = false;
 
+            for (StackTraceElement stackTraceElement : stackTraceElements) {
+                String caller = stackTraceElement.getClassName();
+                if (caller.contains("org.apache.catalina.core")) {
+                    isCatalina = true;
+                }
+            }
+            if (isCatalina) {
+                log4jLoaded = true;
+            }
+        }
+        return log4jLoaded;
+    }
 
 }

More information about the Carbon-commits mailing list