1 /* 2 * Licensed to the Apache Software Foundation (ASF) under one 3 * or more contributor license agreements. See the NOTICE file 4 * distributed with this work for additional information 5 * regarding copyright ownership. The ASF licenses this file 6 * to you under the Apache License, Version 2.0 (the "License"); 7 * you may not use this file except in compliance with the License. 8 * You may obtain a copy of the License at 9 * 10 * http://www.apache.org/licenses/LICENSE-2.0 11 * 12 * Unless required by applicable law or agreed to in writing, software 13 * distributed under the License is distributed on an "AS IS" BASIS, 14 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 15 * See the License for the specific language governing permissions and 16 * limitations under the License. 17 */ 18 /* 19 * $Id: SecuritySupport.java 468654 2006-10-28 07:09:23Z minchau $ 20 */ 21 22 package org.apache.xml.serializer; 23 24 import java.io.File; 25 import java.io.FileInputStream; 26 import java.io.FileNotFoundException; 27 import java.io.InputStream; 28 29 /** 30 * This class is duplicated for each Xalan-Java subpackage so keep it in sync. 31 * It is package private and therefore is not exposed as part of the Xalan-Java 32 * API. 33 * 34 * Base class with security related methods that work on JDK 1.1. 35 */ 36 class SecuritySupport { 37 38 /* 39 * Make this of type Object so that the verifier won't try to 40 * prove its type, thus possibly trying to load the SecuritySupport12 41 * class. 42 */ 43 private static final Object securitySupport; 44 45 static { 46 SecuritySupport ss = null; 47 try { 48 Class c = Class.forName("java.security.AccessController"); 49 // if that worked, we're on 1.2. 50 /* 51 // don't reference the class explicitly so it doesn't 52 // get dragged in accidentally. 53 c = Class.forName("javax.mail.SecuritySupport12"); 54 Constructor cons = c.getConstructor(new Class[] { }); 55 ss = (SecuritySupport)cons.newInstance(new Object[] { }); 56 */ 57 /* 58 * Unfortunately, we can't load the class using reflection 59 * because the class is package private. And the class has 60 * to be package private so the APIs aren't exposed to other 61 * code that could use them to circumvent security. Thus, 62 * we accept the risk that the direct reference might fail 63 * on some JDK 1.1 JVMs, even though we would never execute 64 * this code in such a case. Sigh... 65 */ 66 ss = new SecuritySupport12(); 67 } catch (Exception ex) { 68 // ignore it 69 } finally { 70 if (ss == null) 71 ss = new SecuritySupport(); 72 securitySupport = ss; 73 } 74 } 75 76 /** 77 * Return an appropriate instance of this class, depending on whether 78 * we're on a JDK 1.1 or J2SE 1.2 (or later) system. 79 */ 80 static SecuritySupport getInstance() { 81 return (SecuritySupport)securitySupport; 82 } 83 84 ClassLoader getContextClassLoader() { 85 return null; 86 } 87 88 ClassLoader getSystemClassLoader() { 89 return null; 90 } 91 92 ClassLoader getParentClassLoader(ClassLoader cl) { 93 return null; 94 } 95 96 String getSystemProperty(String propName) { 97 return System.getProperty(propName); 98 } 99 100 FileInputStream getFileInputStream(File file) 101 throws FileNotFoundException 102 { 103 return new FileInputStream(file); 104 } 105 106 InputStream getResourceAsStream(ClassLoader cl, String name) { 107 InputStream ris; 108 if (cl == null) { 109 ris = ClassLoader.getSystemResourceAsStream(name); 110 } else { 111 ris = cl.getResourceAsStream(name); 112 } 113 return ris; 114 } 115 116 boolean getFileExists(File f) { 117 return f.exists(); 118 } 119 120 long getLastModified(File f) { 121 return f.lastModified(); 122 } 123 } 124
