1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19 package org.apache.struts2.jasper.security;
20
21 import com.opensymphony.xwork2.util.logging.Logger;
22 import com.opensymphony.xwork2.util.logging.LoggerFactory;
23
24 /***
25 * Static class used to preload java classes when using the
26 * Java SecurityManager so that the defineClassInPackage
27 * RuntimePermission does not trigger an AccessControlException.
28 *
29 * @author Jean-Francois Arcand
30 */
31
32 public final class SecurityClassLoad {
33
34 private static Logger log = LoggerFactory.getLogger(SecurityClassLoad.class);
35
36 public static void securityClassLoad(ClassLoader loader) {
37
38 if (System.getSecurityManager() == null) {
39 return;
40 }
41
42 String basePackage = "org.apache.struts2.jasper.";
43 try {
44 loader.loadClass(basePackage +
45 "runtime.JspFactoryImpl$PrivilegedGetPageContext");
46 loader.loadClass(basePackage +
47 "runtime.JspFactoryImpl$PrivilegedReleasePageContext");
48
49 loader.loadClass(basePackage +
50 "runtime.JspRuntimeLibrary");
51 loader.loadClass(basePackage +
52 "runtime.JspRuntimeLibrary$PrivilegedIntrospectHelper");
53
54 loader.loadClass(basePackage +
55 "runtime.ServletResponseWrapperInclude");
56 loader.loadClass(basePackage +
57 "runtime.TagHandlerPool");
58 loader.loadClass(basePackage +
59 "runtime.JspFragmentHelper");
60
61 loader.loadClass(basePackage +
62 "runtime.ProtectedFunctionMapper");
63 loader.loadClass(basePackage +
64 "runtime.ProtectedFunctionMapper$1");
65 loader.loadClass(basePackage +
66 "runtime.ProtectedFunctionMapper$2");
67 loader.loadClass(basePackage +
68 "runtime.ProtectedFunctionMapper$3");
69 loader.loadClass(basePackage +
70 "runtime.ProtectedFunctionMapper$4");
71
72 loader.loadClass(basePackage +
73 "runtime.PageContextImpl");
74 loader.loadClass(basePackage +
75 "runtime.PageContextImpl$1");
76 loader.loadClass(basePackage +
77 "runtime.PageContextImpl$2");
78 loader.loadClass(basePackage +
79 "runtime.PageContextImpl$3");
80 loader.loadClass(basePackage +
81 "runtime.PageContextImpl$4");
82 loader.loadClass(basePackage +
83 "runtime.PageContextImpl$5");
84 loader.loadClass(basePackage +
85 "runtime.PageContextImpl$6");
86 loader.loadClass(basePackage +
87 "runtime.PageContextImpl$7");
88 loader.loadClass(basePackage +
89 "runtime.PageContextImpl$8");
90 loader.loadClass(basePackage +
91 "runtime.PageContextImpl$9");
92 loader.loadClass(basePackage +
93 "runtime.PageContextImpl$10");
94 loader.loadClass(basePackage +
95 "runtime.PageContextImpl$11");
96 loader.loadClass(basePackage +
97 "runtime.PageContextImpl$12");
98 loader.loadClass(basePackage +
99 "runtime.PageContextImpl$13");
100
101 loader.loadClass(basePackage +
102 "runtime.JspContextWrapper");
103
104 loader.loadClass(basePackage +
105 "servlet.JspServletWrapper");
106
107 loader.loadClass(basePackage +
108 "runtime.JspWriterImpl$1");
109 } catch (ClassNotFoundException ex) {
110 log.error("SecurityClassLoad", ex);
111 }
112 }
113 }