From 4fce969662079523d5be4b9022b3b21ad37b39c8 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?David=20Mat=C4=9Bj=C4=8Dek?= Date: Mon, 29 Jan 2024 20:14:01 +0100 Subject: [PATCH 01/10] Updated Maven MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: David Matějček --- Jenkinsfile | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/Jenkinsfile b/Jenkinsfile index 3b20dd0752e..1e1039660c1 100644 --- a/Jenkinsfile +++ b/Jenkinsfile @@ -93,7 +93,7 @@ kind: Pod spec: containers: - name: maven - image: maven:3.9.4-eclipse-temurin-17 + image: maven:3.9.6-eclipse-temurin-17 command: - cat tty: true @@ -228,7 +228,7 @@ spec: } tools { jdk 'temurin-jdk17-latest' - maven 'apache-maven-3.9.5' + maven 'apache-maven-3.9.6' } steps { script { From 4aa5683f1510f239d621b8463dbe7a375b1e1948 Mon Sep 17 00:00:00 2001 From: "R.M.Morrien" Date: Mon, 11 Mar 2024 12:26:00 +0100 Subject: [PATCH 02/10] Fixes issue #24849 make relevant methods synchronized in LocalTxConnectionEventListener and protect associatedHandles from external clear calls. Fixes issue #24849 make relevant methods synchronized in LocalTxConnectionEventListener and protect associatedHandles from external clear calls. --- .../resource/ConnectorXAResource.java | 41 +++++---- .../enterprise/resource/ResourceHandle.java | 2 +- .../LocalTxConnectionEventListener.java | 83 +++++++++++++----- .../LocalTxConnectionEventListenerTest.java | 87 +++++++++++++++++++ 4 files changed, 169 insertions(+), 44 deletions(-) create mode 100644 appserver/connectors/connectors-runtime/src/test/java/com/sun/enterprise/resource/listener/LocalTxConnectionEventListenerTest.java diff --git a/appserver/connectors/connectors-runtime/src/main/java/com/sun/enterprise/resource/ConnectorXAResource.java b/appserver/connectors/connectors-runtime/src/main/java/com/sun/enterprise/resource/ConnectorXAResource.java index d821fbc7230..33f03c76093 100644 --- a/appserver/connectors/connectors-runtime/src/main/java/com/sun/enterprise/resource/ConnectorXAResource.java +++ b/appserver/connectors/connectors-runtime/src/main/java/com/sun/enterprise/resource/ConnectorXAResource.java @@ -1,5 +1,5 @@ /* - * Copyright (c) 2021, 2022 Contributors to the Eclipse Foundation + * Copyright (c) 2021, 2024 Contributors to the Eclipse Foundation * Copyright (c) 1997, 2020 Oracle and/or its affiliates. All rights reserved. * * This program and the accompanying materials are made available under the @@ -21,7 +21,7 @@ import static java.util.logging.Level.SEVERE; import java.util.Map; -import java.util.Set; +import java.util.Map.Entry; import java.util.logging.Logger; import javax.transaction.xa.XAException; @@ -46,8 +46,12 @@ */ public class ConnectorXAResource implements XAResource { - static Logger _logger = LogDomains.getLogger(ConnectorXAResource.class, LogDomains.RSR_LOGGER); + private static Logger _logger = LogDomains.getLogger(ConnectorXAResource.class, LogDomains.RSR_LOGGER); + /** + * userHandle meaning: an object representing the "connection handle for the underlying physical connection". In some + * code also named connectionHandle. + */ private Object userHandle; private ResourceSpec spec; private ClientSecurityInfo info; @@ -120,7 +124,9 @@ public void end(Xid xid, int flags) throws XAException { if (handle != null) { // not needed, just to be sure. ManagedConnection associatedConnection = (ManagedConnection) handle.getResource(); associatedConnection.associateConnection(userHandle); - _logger.log(FINE, "connection_sharing_reset_association", userHandle); + if (_logger.isLoggable(FINE)) { + _logger.log(FINE, "connection_sharing_reset_association", userHandle); + } } } } catch (Exception e) { @@ -227,25 +233,18 @@ private JavaEETransaction getCurrentTransaction() throws SystemException { private void resetAssociation() throws XAException { try { ResourceHandle handle = getResourceHandle(); - - LocalTxConnectionEventListener listerner = (LocalTxConnectionEventListener) handle.getListener(); - // Get all associated Handles and reset their ManagedConnection association. - Map associatedHandles = listerner.getAssociatedHandles(); - if (associatedHandles != null) { - Set userHandles = associatedHandles.entrySet(); - for (Map.Entry userHandleEntry : userHandles) { - ResourceHandle associatedHandle = (ResourceHandle) userHandleEntry.getValue(); - ManagedConnection associatedConnection = (ManagedConnection) associatedHandle.getResource(); - associatedConnection.associateConnection(userHandleEntry.getKey()); - if (_logger.isLoggable(FINE)) { - _logger.log(FINE, "connection_sharing_reset_association", userHandleEntry.getKey()); - } + LocalTxConnectionEventListener listener = (LocalTxConnectionEventListener) handle.getListener(); + + // Clear the associations and Map all associated handles back to their actual Managed Connection. + Map associatedHandles = listener.getAssociatedHandlesAndClearMap(); + for (Entry userHandleEntry : associatedHandles.entrySet()) { + ResourceHandle associatedHandle = (ResourceHandle) userHandleEntry.getValue(); + ManagedConnection associatedConnection = (ManagedConnection) associatedHandle.getResource(); + associatedConnection.associateConnection(userHandleEntry.getKey()); + if (_logger.isLoggable(FINE)) { + _logger.log(FINE, "connection_sharing_reset_association", userHandleEntry.getKey()); } - - // All associated handles are mapped back to their actual Managed Connection. Clear the associations. - associatedHandles.clear(); } - } catch (Exception ex) { handleResourceException(ex); } diff --git a/appserver/connectors/connectors-runtime/src/main/java/com/sun/enterprise/resource/ResourceHandle.java b/appserver/connectors/connectors-runtime/src/main/java/com/sun/enterprise/resource/ResourceHandle.java index fa3baea5d15..98e02488ed9 100644 --- a/appserver/connectors/connectors-runtime/src/main/java/com/sun/enterprise/resource/ResourceHandle.java +++ b/appserver/connectors/connectors-runtime/src/main/java/com/sun/enterprise/resource/ResourceHandle.java @@ -52,7 +52,7 @@ public class ResourceHandle implements com.sun.appserv.connectors.internal.api.R private final long id; private final ClientSecurityInfo info; - private final Object resource; // represents MC + private final Object resource; // represents ManagedConnection private ResourceSpec spec; private XAResource xaRes; private Object userConnection; // represents connection-handle to user diff --git a/appserver/connectors/connectors-runtime/src/main/java/com/sun/enterprise/resource/listener/LocalTxConnectionEventListener.java b/appserver/connectors/connectors-runtime/src/main/java/com/sun/enterprise/resource/listener/LocalTxConnectionEventListener.java index a726b58c7ba..1b7185484bc 100644 --- a/appserver/connectors/connectors-runtime/src/main/java/com/sun/enterprise/resource/listener/LocalTxConnectionEventListener.java +++ b/appserver/connectors/connectors-runtime/src/main/java/com/sun/enterprise/resource/listener/LocalTxConnectionEventListener.java @@ -1,5 +1,5 @@ /* - * Copyright (c) 2022 Contributors to the Eclipse Foundation + * Copyright (c) 2022, 2024 Contributors to the Eclipse Foundation * Copyright (c) 1997, 2020 Oracle and/or its affiliates. All rights reserved. * * This program and the accompanying materials are made available under the @@ -32,37 +32,51 @@ */ public class LocalTxConnectionEventListener extends ConnectionEventListener { - private PoolManager poolManager; + /** + * A shortcut to the singleton PoolManager instance. Field could also be removed. + */ + private final PoolManager poolManager = ConnectorRuntime.getRuntime().getPoolManager(); - // connectionHandle -> ResourceHandle - // Whenever a connection is associated with a ManagedConnection, - // that connection and the resourcehandle associated with its - // original ManagedConnection will be put in this table. - private IdentityHashMap associatedHandles; + /** + * Map to store the relation: "userHandle/connectionHandle -> ResourceHandle" using reference-equality. Whenever a + * connection is associated with a ManagedConnection, that connection and the resourceHandle associated with its + * original ManagedConnection will be put in this table. + *

+ * userHandle meaning: an object representing the "connection handle for the underlying physical connection". In some + * code also named connectionHandle. + *

+ * All code altering associatedHandles must be synchronized. + */ + private final IdentityHashMap associatedHandles = new IdentityHashMap<>(10); - private ResourceHandle resource; + /** + * The original resource for which this listener is created. + */ + private final ResourceHandle resource; public LocalTxConnectionEventListener(ResourceHandle resource) { this.resource = resource; - this.associatedHandles = new IdentityHashMap(10); - this.poolManager = ConnectorRuntime.getRuntime().getPoolManager(); } @Override - public void connectionClosed(ConnectionEvent evt) { + public synchronized void connectionClosed(ConnectionEvent evt) { Object connectionHandle = evt.getConnectionHandle(); ResourceHandle handle = resource; if (associatedHandles.containsKey(connectionHandle)) { - handle = (ResourceHandle) associatedHandles.get(connectionHandle); + handle = associatedHandles.get(connectionHandle); } + // ManagedConnection instance is still valid and put back in the pool: do not remove the event listener. poolManager.resourceClosed(handle); } @Override - public void connectionErrorOccurred(ConnectionEvent evt) { + public synchronized void connectionErrorOccurred(ConnectionEvent evt) { resource.setConnectionErrorOccurred(); + + // ManagedConnection instance is now invalid and unusable. Remove this event listener. ManagedConnection mc = (ManagedConnection) evt.getSource(); mc.removeConnectionEventListener(this); + poolManager.resourceErrorOccurred(resource); } @@ -72,12 +86,15 @@ public void connectionErrorOccurred(ConnectionEvent evt) { * @param evt ConnectionEvent */ @Override - public void badConnectionClosed(ConnectionEvent evt) { + public synchronized void badConnectionClosed(ConnectionEvent evt) { Object connectionHandle = evt.getConnectionHandle(); ResourceHandle handle = resource; if (associatedHandles.containsKey(connectionHandle)) { - handle = (ResourceHandle) associatedHandles.get(connectionHandle); + handle = associatedHandles.get(connectionHandle); } + + // TODO: Explain why event listener needs to be removed. + // There is no documentation mentioning: ManagedConnection instance is now invalid and unusable. ManagedConnection mc = (ManagedConnection) evt.getSource(); mc.removeConnectionEventListener(this); @@ -99,16 +116,38 @@ public void localTransactionRolledback(ConnectionEvent evt) { // no-op } - public void associateHandle(Object c, ResourceHandle h) { - associatedHandles.put(c, h); + /** + * Associate the given userHandle to the resourceHandle. + * + * @param userHandle the userHandle object to be associated with the new handle + * @param resourceHandle the original Handle + */ + public synchronized void associateHandle(Object userHandle, ResourceHandle resourceHandle) { + associatedHandles.put(userHandle, resourceHandle); } - public ResourceHandle removeAssociation(Object c) { - return (ResourceHandle) associatedHandles.remove(c); + /** + * Removes the Map entory for the given userHandle key. + * + * @param userHandle The userHandle key to be removed from the map. + * @return the associated ResourceHandle that is removed from the map or null if no association was found. A null return + * can also indicate that the map previously associated null with userHandle. + */ + public synchronized ResourceHandle removeAssociation(Object userHandle) { + return associatedHandles.remove(userHandle); } - public Map getAssociatedHandles() { - return associatedHandles; - } + /** + * Returns a clone of the whole associatedHandles map and clears the map in the listener. + * @return The clone of the associatedHandles map. + */ + public synchronized Map getAssociatedHandlesAndClearMap() { + // Clone the associatedHandles, because we will clear the list in this method + IdentityHashMap result = (IdentityHashMap) associatedHandles.clone(); + // Clear the associatedHandles + associatedHandles.clear(); + + return result; + } } diff --git a/appserver/connectors/connectors-runtime/src/test/java/com/sun/enterprise/resource/listener/LocalTxConnectionEventListenerTest.java b/appserver/connectors/connectors-runtime/src/test/java/com/sun/enterprise/resource/listener/LocalTxConnectionEventListenerTest.java new file mode 100644 index 00000000000..ee02d2a19af --- /dev/null +++ b/appserver/connectors/connectors-runtime/src/test/java/com/sun/enterprise/resource/listener/LocalTxConnectionEventListenerTest.java @@ -0,0 +1,87 @@ +/* + * Copyright (c) 2024 Contributors to the Eclipse Foundation + * + * This program and the accompanying materials are made available under the + * terms of the Eclipse Public License v. 2.0, which is available at + * http://www.eclipse.org/legal/epl-2.0. + * + * This Source Code may also be made available under the following Secondary + * Licenses when the conditions for such availability set forth in the + * Eclipse Public License v. 2.0 are satisfied: GNU General Public License, + * version 2 with the GNU Classpath Exception, which is available at + * https://www.gnu.org/software/classpath/license.html. + * + * SPDX-License-Identifier: EPL-2.0 OR GPL-2.0 WITH Classpath-exception-2.0 + */ + +package com.sun.enterprise.resource.listener; + +import static org.easymock.EasyMock.createNiceMock; +import static org.easymock.EasyMock.replay; +import static org.junit.jupiter.api.Assertions.assertEquals; +import static org.junit.jupiter.api.Assertions.assertNull; + +import java.util.Map; + +import org.glassfish.api.naming.SimpleJndiName; +import org.junit.jupiter.api.BeforeEach; +import org.junit.jupiter.api.Test; + +import com.sun.appserv.connectors.internal.api.PoolingException; +import com.sun.enterprise.connectors.ConnectorRuntime; +import com.sun.enterprise.resource.ResourceHandle; +import com.sun.enterprise.resource.ResourceSpec; + +import jakarta.resource.ResourceException; +import jakarta.resource.spi.ManagedConnection; + +public class LocalTxConnectionEventListenerTest { + + @BeforeEach + public void setup() throws PoolingException, ResourceException { + // Make sure ConnectorRuntime singleton is initialized + new ConnectorRuntime(); + } + + @Test + public void associateHandleTest() throws ResourceException { + ResourceHandle mainResourceHandle = createResourceHandle(1); + LocalTxConnectionEventListener localTxConnectionEventListener = new LocalTxConnectionEventListener(mainResourceHandle); + + // Associate a new handle association + ResourceHandle associatedResourceHandle = createResourceHandle(2); + final Object userHandle = new Object(); + localTxConnectionEventListener.associateHandle(userHandle, associatedResourceHandle); + + // Remove the new handle association + ResourceHandle removeAssociation = localTxConnectionEventListener.removeAssociation(userHandle); + assertEquals(associatedResourceHandle, removeAssociation); + + // Check the remove did work in the previous call + removeAssociation = localTxConnectionEventListener.removeAssociation(userHandle); + assertNull(removeAssociation); + } + + @Test + public void getAssociatedHandlesAndClearMapTest() throws ResourceException { + ResourceHandle mainResourceHandle = createResourceHandle(1); + LocalTxConnectionEventListener localTxConnectionEventListener = new LocalTxConnectionEventListener(mainResourceHandle); + + localTxConnectionEventListener.associateHandle(new Object(), createResourceHandle(2)); + localTxConnectionEventListener.associateHandle(new Object(), createResourceHandle(3)); + + // Check the clone works + Map associatedHandlesAndClearMap = localTxConnectionEventListener.getAssociatedHandlesAndClearMap(); + assertEquals(2, associatedHandlesAndClearMap.size()); + + // Check the clear did work in the previous call + associatedHandlesAndClearMap = localTxConnectionEventListener.getAssociatedHandlesAndClearMap(); + assertEquals(0, associatedHandlesAndClearMap.size()); + } + + private ResourceHandle createResourceHandle(int i) throws ResourceException { + ManagedConnection managedConnection = createNiceMock(ManagedConnection.class); + replay(); + return new ResourceHandle(managedConnection, new ResourceSpec(new SimpleJndiName("testResource" + i), 0), null, null); + } +} From db6268a88839389e845532f7980b55f94a311465 Mon Sep 17 00:00:00 2001 From: "R.M.Morrien" Date: Mon, 11 Mar 2024 15:58:51 +0100 Subject: [PATCH 03/10] Fixes issue #24849 make relevant methods synchronized in LocalTxConnectionEventListener and protect associatedHandles from external clear calls. Process review comment and fix typo. --- .../com/sun/enterprise/resource/ConnectorXAResource.java | 8 ++------ .../resource/listener/LocalTxConnectionEventListener.java | 2 +- 2 files changed, 3 insertions(+), 7 deletions(-) diff --git a/appserver/connectors/connectors-runtime/src/main/java/com/sun/enterprise/resource/ConnectorXAResource.java b/appserver/connectors/connectors-runtime/src/main/java/com/sun/enterprise/resource/ConnectorXAResource.java index 33f03c76093..b172bec0c6d 100644 --- a/appserver/connectors/connectors-runtime/src/main/java/com/sun/enterprise/resource/ConnectorXAResource.java +++ b/appserver/connectors/connectors-runtime/src/main/java/com/sun/enterprise/resource/ConnectorXAResource.java @@ -124,9 +124,7 @@ public void end(Xid xid, int flags) throws XAException { if (handle != null) { // not needed, just to be sure. ManagedConnection associatedConnection = (ManagedConnection) handle.getResource(); associatedConnection.associateConnection(userHandle); - if (_logger.isLoggable(FINE)) { - _logger.log(FINE, "connection_sharing_reset_association", userHandle); - } + _logger.log(FINE, "connection_sharing_reset_association", userHandle); } } } catch (Exception e) { @@ -241,9 +239,7 @@ private void resetAssociation() throws XAException { ResourceHandle associatedHandle = (ResourceHandle) userHandleEntry.getValue(); ManagedConnection associatedConnection = (ManagedConnection) associatedHandle.getResource(); associatedConnection.associateConnection(userHandleEntry.getKey()); - if (_logger.isLoggable(FINE)) { - _logger.log(FINE, "connection_sharing_reset_association", userHandleEntry.getKey()); - } + _logger.log(FINE, "connection_sharing_reset_association", userHandleEntry.getKey()); } } catch (Exception ex) { handleResourceException(ex); diff --git a/appserver/connectors/connectors-runtime/src/main/java/com/sun/enterprise/resource/listener/LocalTxConnectionEventListener.java b/appserver/connectors/connectors-runtime/src/main/java/com/sun/enterprise/resource/listener/LocalTxConnectionEventListener.java index 1b7185484bc..b9d09e3aaf9 100644 --- a/appserver/connectors/connectors-runtime/src/main/java/com/sun/enterprise/resource/listener/LocalTxConnectionEventListener.java +++ b/appserver/connectors/connectors-runtime/src/main/java/com/sun/enterprise/resource/listener/LocalTxConnectionEventListener.java @@ -127,7 +127,7 @@ public synchronized void associateHandle(Object userHandle, ResourceHandle resou } /** - * Removes the Map entory for the given userHandle key. + * Removes the Map entry for the given userHandle key. * * @param userHandle The userHandle key to be removed from the map. * @return the associated ResourceHandle that is removed from the map or null if no association was found. A null return From 71d422e5e12754d0074a8657026615487606efba Mon Sep 17 00:00:00 2001 From: "R.M.Morrien" Date: Tue, 12 Mar 2024 16:26:24 +0100 Subject: [PATCH 04/10] Fixes issue #24849 make relevant methods synchronized in LocalTxConnectionEventListener and protect associatedHandles from external clear calls. Process review comment: use getOrDefault. --- .../listener/LocalTxConnectionEventListener.java | 10 ++-------- 1 file changed, 2 insertions(+), 8 deletions(-) diff --git a/appserver/connectors/connectors-runtime/src/main/java/com/sun/enterprise/resource/listener/LocalTxConnectionEventListener.java b/appserver/connectors/connectors-runtime/src/main/java/com/sun/enterprise/resource/listener/LocalTxConnectionEventListener.java index b9d09e3aaf9..e75398fd062 100644 --- a/appserver/connectors/connectors-runtime/src/main/java/com/sun/enterprise/resource/listener/LocalTxConnectionEventListener.java +++ b/appserver/connectors/connectors-runtime/src/main/java/com/sun/enterprise/resource/listener/LocalTxConnectionEventListener.java @@ -61,10 +61,7 @@ public LocalTxConnectionEventListener(ResourceHandle resource) { @Override public synchronized void connectionClosed(ConnectionEvent evt) { Object connectionHandle = evt.getConnectionHandle(); - ResourceHandle handle = resource; - if (associatedHandles.containsKey(connectionHandle)) { - handle = associatedHandles.get(connectionHandle); - } + ResourceHandle handle = associatedHandles.getOrDefault(connectionHandle, resource); // ManagedConnection instance is still valid and put back in the pool: do not remove the event listener. poolManager.resourceClosed(handle); } @@ -88,10 +85,7 @@ public synchronized void connectionErrorOccurred(ConnectionEvent evt) { @Override public synchronized void badConnectionClosed(ConnectionEvent evt) { Object connectionHandle = evt.getConnectionHandle(); - ResourceHandle handle = resource; - if (associatedHandles.containsKey(connectionHandle)) { - handle = associatedHandles.get(connectionHandle); - } + ResourceHandle handle = associatedHandles.getOrDefault(connectionHandle, resource); // TODO: Explain why event listener needs to be removed. // There is no documentation mentioning: ManagedConnection instance is now invalid and unusable. From 5d4a240db621c7f3696e41b357a8f176bd62fffa Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?David=20Mat=C4=9Bj=C4=8Dek?= Date: Tue, 12 Mar 2024 17:06:02 +0100 Subject: [PATCH 05/10] The secureResponse can return just SEND_* states (based on javadoc) MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: David Matějček --- .../com/sun/web/security/RealmAdapter.java | 23 ++++++++++--------- .../jmac/https/HttpsTestAuthModule.java | 2 +- 2 files changed, 13 insertions(+), 12 deletions(-) diff --git a/appserver/security/webintegration/src/main/java/com/sun/web/security/RealmAdapter.java b/appserver/security/webintegration/src/main/java/com/sun/web/security/RealmAdapter.java index 466c59c343a..534ee766406 100644 --- a/appserver/security/webintegration/src/main/java/com/sun/web/security/RealmAdapter.java +++ b/appserver/security/webintegration/src/main/java/com/sun/web/security/RealmAdapter.java @@ -42,13 +42,8 @@ import com.sun.enterprise.security.ee.web.integration.WebSecurityManager; import com.sun.enterprise.security.ee.web.integration.WebSecurityManagerFactory; import com.sun.enterprise.security.integration.RealmInitializer; -import org.glassfish.epicyro.config.helper.Caller; -import org.glassfish.epicyro.config.helper.CallerPrincipal; -import org.glassfish.epicyro.config.helper.HttpServletConstants; -import org.glassfish.epicyro.config.helper.PriviledgedAccessController; -import org.glassfish.epicyro.services.BaseAuthenticationService; -import org.glassfish.epicyro.services.DefaultAuthenticationService; import com.sun.enterprise.util.net.NetUtils; + import jakarta.inject.Inject; import jakarta.inject.Named; import jakarta.inject.Provider; @@ -105,6 +100,12 @@ import org.apache.catalina.realm.RealmBase; import org.glassfish.api.admin.ServerEnvironment; import org.glassfish.api.invocation.ComponentInvocation; +import org.glassfish.epicyro.config.helper.Caller; +import org.glassfish.epicyro.config.helper.CallerPrincipal; +import org.glassfish.epicyro.config.helper.HttpServletConstants; +import org.glassfish.epicyro.config.helper.PriviledgedAccessController; +import org.glassfish.epicyro.services.BaseAuthenticationService; +import org.glassfish.epicyro.services.DefaultAuthenticationService; import org.glassfish.grizzly.config.dom.NetworkConfig; import org.glassfish.grizzly.config.dom.NetworkListener; import org.glassfish.grizzly.config.dom.NetworkListeners; @@ -124,6 +125,10 @@ import static com.sun.enterprise.util.Utility.isAnyNull; import static com.sun.enterprise.util.Utility.isEmpty; import static com.sun.web.security.WebSecurityResourceBundle.BUNDLE_NAME; +import static com.sun.web.security.WebSecurityResourceBundle.MSG_FORBIDDEN; +import static com.sun.web.security.WebSecurityResourceBundle.MSG_INVALID_REQUEST; +import static com.sun.web.security.WebSecurityResourceBundle.MSG_MISSING_HOST_HEADER; +import static com.sun.web.security.WebSecurityResourceBundle.MSG_NO_WEB_SECURITY_MGR; import static jakarta.servlet.http.HttpServletResponse.SC_BAD_REQUEST; import static jakarta.servlet.http.HttpServletResponse.SC_FORBIDDEN; import static jakarta.servlet.http.HttpServletResponse.SC_INTERNAL_SERVER_ERROR; @@ -144,10 +149,6 @@ import static org.apache.catalina.Globals.WRAPPED_RESPONSE; import static org.glassfish.epicyro.config.helper.HttpServletConstants.POLICY_CONTEXT; import static org.glassfish.epicyro.config.helper.HttpServletConstants.REGISTER_SESSION; -import static com.sun.web.security.WebSecurityResourceBundle.MSG_FORBIDDEN; -import static com.sun.web.security.WebSecurityResourceBundle.MSG_INVALID_REQUEST; -import static com.sun.web.security.WebSecurityResourceBundle.MSG_MISSING_HOST_HEADER; -import static com.sun.web.security.WebSecurityResourceBundle.MSG_NO_WEB_SECURITY_MGR; /** * This is the realm adapter used to authenticate users and authorize access to web resources. The authenticate method @@ -657,7 +658,7 @@ public boolean invokePostAuthenticateDelegate(HttpRequest request, HttpResponse try { context.fireContainerEvent(BEFORE_POST_AUTHENTICATION, null); AuthStatus authStatus = serverAuthContext.secureResponse(messageInfo, null); // null serviceSubject - result = AuthStatus.SUCCESS.equals(authStatus); + result = AuthStatus.SEND_SUCCESS.equals(authStatus); } finally { context.fireContainerEvent(AFTER_POST_AUTHENTICATION, null); } diff --git a/appserver/tests/application/src/main/java/org/glassfish/main/test/app/security/jmac/https/HttpsTestAuthModule.java b/appserver/tests/application/src/main/java/org/glassfish/main/test/app/security/jmac/https/HttpsTestAuthModule.java index 3abfea64168..174633577da 100644 --- a/appserver/tests/application/src/main/java/org/glassfish/main/test/app/security/jmac/https/HttpsTestAuthModule.java +++ b/appserver/tests/application/src/main/java/org/glassfish/main/test/app/security/jmac/https/HttpsTestAuthModule.java @@ -99,7 +99,7 @@ public AuthStatus validateRequest(final MessageInfo messageInfo, final Subject c @Override public AuthStatus secureResponse(final MessageInfo messageInfo, final Subject serviceSubject) throws AuthException { - return AuthStatus.SUCCESS; + return AuthStatus.SEND_SUCCESS; } From 0817d5c49f2f821b60fe5d45119e57277f0e2b74 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?David=20Mat=C4=9Bj=C4=8Dek?= Date: Tue, 12 Mar 2024 23:57:15 +0100 Subject: [PATCH 06/10] Fixed report directories for standalone TCKs MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: David Matějček --- appserver/tests/tck/pages/pom.xml | 60 ++++++++++---------- appserver/tests/tck/pages_tags/pom.xml | 74 ++++++++++++------------ appserver/tests/tck/servlet/pom.xml | 78 +++++++++++++------------- 3 files changed, 106 insertions(+), 106 deletions(-) diff --git a/appserver/tests/tck/pages/pom.xml b/appserver/tests/tck/pages/pom.xml index 910664100e6..629d2a78068 100644 --- a/appserver/tests/tck/pages/pom.xml +++ b/appserver/tests/tck/pages/pom.xml @@ -34,16 +34,16 @@ ${project.build.directory}/apache-ant-${ant.version} https://archive.apache.org/dist/ant/binaries/apache-ant-${ant.version}-bin.zip - + ${project.build.directory}/pages-tck - ${tck.home}/src/com/sun/ts/tests - + ${tck.home}/src/com/sun/ts/tests + ${project.build.directory}/glassfish7 ${project.version} ${glassfish.home}/glassfish/bin/asadmin - + org/glassfish/**\:com/sun/enterprise/** - + 14848 11527 18080 @@ -155,7 +155,7 @@ - + @@ -163,33 +163,33 @@ match="@{key}=.*" replace="@{key}=@{value}" /> - + - + - + - + - + - + - - + + @@ -205,7 +205,7 @@ - + @@ -227,15 +227,15 @@ - - - + + + ]]> ]]> - + ]]> @@ -263,22 +263,22 @@ - + - - Deploying from ${test.dir} - - - - + + Deploying from ${test.dir} + + + + - + - - - + + + diff --git a/appserver/tests/tck/pages_tags/pom.xml b/appserver/tests/tck/pages_tags/pom.xml index ec2635ff4b6..a1ae526da39 100644 --- a/appserver/tests/tck/pages_tags/pom.xml +++ b/appserver/tests/tck/pages_tags/pom.xml @@ -34,16 +34,16 @@ ${project.build.directory}/apache-ant-${ant.version} https://archive.apache.org/dist/ant/binaries/apache-ant-${ant.version}-bin.zip - + ${project.build.directory}/tags-tck - ${tck.home}/src/com/sun/ts/tests - + ${tck.home}/src/com/sun/ts/tests + ${project.build.directory}/glassfish7 ${project.version} ${glassfish.home}/glassfish/bin/asadmin - + org/glassfish/**\:com/sun/enterprise/** - + 14848 11527 18080 @@ -155,7 +155,7 @@ - + @@ -163,31 +163,31 @@ match="@{key}=.*" replace="@{key}=@{value}" /> - + - + - + - - - - + + + + - + - + @@ -195,8 +195,8 @@ - - + + @@ -215,25 +215,25 @@ - + - + - + - + @@ -255,15 +255,15 @@ - - - + + + ]]> ]]> - + ]]> @@ -291,26 +291,26 @@ - + - + - - Deploying from ${test.dir} - - - - + + Deploying from ${test.dir} + + + + - + - - - + + + diff --git a/appserver/tests/tck/servlet/pom.xml b/appserver/tests/tck/servlet/pom.xml index 8b577aa6be2..53adb663855 100644 --- a/appserver/tests/tck/servlet/pom.xml +++ b/appserver/tests/tck/servlet/pom.xml @@ -34,16 +34,16 @@ ${project.build.directory}/apache-ant-${ant.version} https://archive.apache.org/dist/ant/binaries/apache-ant-${ant.version}-bin.zip - + ${project.build.directory}/servlet-tck - ${tck.home}/src/com/sun/ts/tests - + ${tck.home}/src/com/sun/ts/tests + ${project.build.directory}/glassfish7 ${project.version} ${glassfish.home}/glassfish/bin/asadmin - + org/glassfish/**\:com/sun/enterprise/** - + 14848 11527 18080 @@ -155,34 +155,34 @@ - + - + - + - + - + - + - + - + @@ -214,19 +214,19 @@ - - - + + + - ]]> - - ]]> + ]]> + + ]]> - + - ]]> - - ]]> + ]]> + + ]]> @@ -244,7 +244,7 @@ - + @@ -252,27 +252,27 @@ - - - + + + - + - - Deploying from ${test.dir} - - - - + + Deploying from ${test.dir} + + + + - + - - - + + + From 3739cc1d6d5fe0ea2155e9e895af1168d796bf88 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?David=20Mat=C4=9Bj=C4=8Dek?= Date: Wed, 13 Mar 2024 22:05:36 +0100 Subject: [PATCH 07/10] Fixed NPE in SSHLauncher MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: David Matějček --- .../java/org/glassfish/cluster/ssh/launcher/SSHLauncher.java | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/nucleus/cluster/ssh/src/main/java/org/glassfish/cluster/ssh/launcher/SSHLauncher.java b/nucleus/cluster/ssh/src/main/java/org/glassfish/cluster/ssh/launcher/SSHLauncher.java index 6f16daffa14..e966bd905e9 100644 --- a/nucleus/cluster/ssh/src/main/java/org/glassfish/cluster/ssh/launcher/SSHLauncher.java +++ b/nucleus/cluster/ssh/src/main/java/org/glassfish/cluster/ssh/launcher/SSHLauncher.java @@ -1,5 +1,5 @@ /* - * Copyright (c) 2022, 2023 Contributors to the Eclipse Foundation + * Copyright (c) 2022, 2024 Contributors to the Eclipse Foundation * Copyright (c) 1997, 2018 Oracle and/or its affiliates. All rights reserved. * * This program and the accompanying materials are made available under the @@ -142,7 +142,7 @@ public void init(Node node, Logger logger) { String userName = null; if (sshAuth != null) { userName = sshAuth.getUserName(); - this.keyFile = new File(sshAuth.getKeyfile()); + this.keyFile = sshAuth.getKeyfile() == null ? null : new File(sshAuth.getKeyfile()); this.rawPassword = sshAuth.getPassword(); this.rawKeyPassPhrase = sshAuth.getKeyPassphrase(); } From 76174ff5ee379d6a53bb9aef189460aad9237c3b Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Alexander=20Pin=C4=8Duk?= Date: Thu, 14 Mar 2024 00:14:56 +0300 Subject: [PATCH 08/10] Make RestrictTo annotation repeatable MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: Alexander Pinčuk --- .../main/java/org/glassfish/api/event/RestrictTo.java | 9 +++++++++ 1 file changed, 9 insertions(+) diff --git a/nucleus/common/glassfish-api/src/main/java/org/glassfish/api/event/RestrictTo.java b/nucleus/common/glassfish-api/src/main/java/org/glassfish/api/event/RestrictTo.java index 7e871020d35..6c63a1bd337 100644 --- a/nucleus/common/glassfish-api/src/main/java/org/glassfish/api/event/RestrictTo.java +++ b/nucleus/common/glassfish-api/src/main/java/org/glassfish/api/event/RestrictTo.java @@ -18,6 +18,7 @@ package org.glassfish.api.event; import java.lang.annotation.ElementType; +import java.lang.annotation.Repeatable; import java.lang.annotation.Retention; import java.lang.annotation.RetentionPolicy; import java.lang.annotation.Target; @@ -35,7 +36,15 @@ */ @Target(ElementType.PARAMETER) @Retention(RetentionPolicy.RUNTIME) +@Repeatable(RestrictTo.List.class) public @interface RestrictTo { String value(); + + @Target(ElementType.PARAMETER) + @Retention(RetentionPolicy.RUNTIME) + @interface List { + + RestrictTo[] value(); + } } From 9da4571b766ec1516659231ea049e0cebbb74226 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Alexander=20Pin=C4=8Duk?= Date: Thu, 14 Mar 2024 22:38:23 +0300 Subject: [PATCH 09/10] Change events delivery MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: Alexander Pinčuk --- .../org/glassfish/kernel/event/EventsImpl.java | 16 ++++++++++++---- 1 file changed, 12 insertions(+), 4 deletions(-) diff --git a/nucleus/core/kernel/src/main/java/org/glassfish/kernel/event/EventsImpl.java b/nucleus/core/kernel/src/main/java/org/glassfish/kernel/event/EventsImpl.java index b8989fd0963..f90874ac3f7 100644 --- a/nucleus/core/kernel/src/main/java/org/glassfish/kernel/event/EventsImpl.java +++ b/nucleus/core/kernel/src/main/java/org/glassfish/kernel/event/EventsImpl.java @@ -86,10 +86,18 @@ public void send(final Event event, boolean asynchronously) { continue; } - RestrictTo restrictTo = eventMethod.getParameters()[0].getAnnotation(RestrictTo.class); - if (restrictTo != null) { - EventTypes interested = EventTypes.create(restrictTo.value()); - if (!event.is(interested)) { + RestrictTo[] restrictTo = eventMethod.getParameters()[0].getAnnotationsByType(RestrictTo.class); + if (restrictTo.length > 0) { + boolean isInterested = false; + for (RestrictTo restrict : restrictTo) { + EventTypes interestedEvent = EventTypes.create(restrict.value()); + if (event.is(interestedEvent)) { + isInterested = true; + break; + } + } + + if (!isInterested) { continue; } } From 38ed41ec11e2aa5b42f82f69fc08fee959c70540 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Alexander=20Pin=C4=8Duk?= Date: Thu, 14 Mar 2024 23:00:23 +0300 Subject: [PATCH 10/10] Add more tests MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: Alexander Pinčuk --- .../kernel/deployment/EventFilteringTest.java | 83 +++++++++++++++++++ 1 file changed, 83 insertions(+) diff --git a/nucleus/core/kernel/src/test/java/org/glassfish/tests/kernel/deployment/EventFilteringTest.java b/nucleus/core/kernel/src/test/java/org/glassfish/tests/kernel/deployment/EventFilteringTest.java index 4beb96d3f61..b3588551fc4 100644 --- a/nucleus/core/kernel/src/test/java/org/glassfish/tests/kernel/deployment/EventFilteringTest.java +++ b/nucleus/core/kernel/src/test/java/org/glassfish/tests/kernel/deployment/EventFilteringTest.java @@ -34,10 +34,14 @@ import static org.glassfish.api.event.EventTypes.PREPARE_SHUTDOWN; import static org.glassfish.api.event.EventTypes.PREPARE_SHUTDOWN_NAME; import static org.glassfish.api.event.EventTypes.SERVER_READY; +import static org.glassfish.api.event.EventTypes.SERVER_READY_NAME; import static org.glassfish.api.event.EventTypes.SERVER_SHUTDOWN; +import static org.glassfish.api.event.EventTypes.SERVER_SHUTDOWN_NAME; import static org.glassfish.api.event.EventTypes.SERVER_STARTUP; +import static org.glassfish.api.event.EventTypes.SERVER_STARTUP_NAME; import static org.hamcrest.MatcherAssert.assertThat; import static org.hamcrest.Matchers.contains; +import static org.hamcrest.Matchers.empty; import static org.hamcrest.Matchers.hasSize; import static org.junit.jupiter.api.Assertions.assertAll; import static org.junit.jupiter.api.Assertions.assertSame; @@ -77,6 +81,85 @@ public void event(@RestrictTo(PREPARE_SHUTDOWN_NAME) Event event) { events.unregister(listener); } + @Test + public void repeatableRestrictedEventListenerTest() { + Events events = serviceLocator.getService(Events.class); + + List> eventTypes = new ArrayList<>(); + + // Do not replace with lambda because annotations will be lost + EventListener listener = new EventListener() { + + @Override + public void event(@RestrictTo(SERVER_STARTUP_NAME) @RestrictTo(SERVER_SHUTDOWN_NAME) Event event) { + eventTypes.add(event.type()); + } + }; + + events.register(listener); + + events.send(new Event<>(SERVER_STARTUP), false); + events.send(new Event<>(SERVER_READY), false); + events.send(new Event<>(PREPARE_SHUTDOWN), false); + events.send(new Event<>(SERVER_SHUTDOWN), false); + + assertAll( + () -> assertThat(eventTypes, hasSize(2)), + () -> assertThat(eventTypes, contains(SERVER_STARTUP, SERVER_SHUTDOWN)) + ); + + events.unregister(listener); + } + + @Test + public void nonMatchingEventListenerTest() { + Events events = serviceLocator.getService(Events.class); + + List> eventTypes = new ArrayList<>(); + + // Do not replace with lambda because annotation will be lost + EventListener listener = new EventListener() { + + @Override + public void event(@RestrictTo(SERVER_STARTUP_NAME) Event event) { + eventTypes.add(event.type()); + } + }; + + events.register(listener); + + events.send(new Event<>(SERVER_SHUTDOWN), false); + + assertThat(eventTypes, empty()); + + events.unregister(listener); + } + + @Test + public void nonMatchingRepeatableEventListenerTest() { + Events events = serviceLocator.getService(Events.class); + + List> eventTypes = new ArrayList<>(); + + // Do not replace with lambda because annotations will be lost + EventListener listener = new EventListener() { + + @Override + public void event(@RestrictTo(SERVER_READY_NAME) @RestrictTo(PREPARE_SHUTDOWN_NAME) Event event) { + eventTypes.add(event.type()); + } + }; + + events.register(listener); + + events.send(new Event<>(SERVER_STARTUP), false); + events.send(new Event<>(SERVER_SHUTDOWN), false); + + assertThat(eventTypes, empty()); + + events.unregister(listener); + } + @Test public void unrestrictedEventListenerTest() { Events events = serviceLocator.getService(Events.class);