View Javadoc

1   package org.apache.velocity.util.introspection;
2   
3   /*
4    * Licensed to the Apache Software Foundation (ASF) under one
5    * or more contributor license agreements.  See the NOTICE file
6    * distributed with this work for additional information
7    * regarding copyright ownership.  The ASF licenses this file
8    * to you under the Apache License, Version 2.0 (the
9    * "License"); you may not use this file except in compliance
10   * with the License.  You may obtain a copy of the License at
11   *
12   *   http://www.apache.org/licenses/LICENSE-2.0
13   *
14   * Unless required by applicable law or agreed to in writing,
15   * software distributed under the License is distributed on an
16   * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
17   * KIND, either express or implied.  See the License for the
18   * specific language governing permissions and limitations
19   * under the License.    
20   */
21  
22  import java.util.Iterator;
23  
24  import org.apache.velocity.runtime.RuntimeConstants;
25  import org.apache.velocity.runtime.RuntimeServices;
26  import org.apache.velocity.util.RuntimeServicesAware;
27  
28  /**
29   * Use a custom introspector that prevents classloader related method 
30   * calls.  Use this introspector for situations in which template 
31   * writers are numerous or untrusted.  Specifically, this introspector 
32   * prevents creation of arbitrary objects or reflection on objects.
33   * 
34   * <p>To use this introspector, set the following property:
35   * <pre>
36   * runtime.introspector.uberspect = org.apache.velocity.util.introspection.SecureUberspector
37   * </pre>
38   * 
39   * @author <a href="mailto:wglass@forio.com">Will Glass-Husain</a>
40   * @version $Id: SecureUberspector.java 470261 2006-11-02 07:32:37Z wglass $
41   */
42  public class SecureUberspector extends UberspectImpl implements RuntimeServicesAware
43  {
44      RuntimeServices runtimeServices;
45      
46      public SecureUberspector()
47      {
48          super();
49      }
50  
51      /**
52       *  init - generates the Introspector. As the setup code
53       *  makes sure that the log gets set before this is called,
54       *  we can initialize the Introspector using the log object.
55       */
56      public void init()
57      {
58          String [] badPackages = runtimeServices.getConfiguration()
59                          .getStringArray(RuntimeConstants.INTROSPECTOR_RESTRICT_PACKAGES);
60  
61          String [] badClasses = runtimeServices.getConfiguration()
62                          .getStringArray(RuntimeConstants.INTROSPECTOR_RESTRICT_CLASSES);
63          
64          introspector = new SecureIntrospectorImpl(badClasses, badPackages, log);
65      }
66      
67      /**
68       * Get an iterator from the given object.  Since the superclass method
69       * this secure version checks for execute permission.
70       * 
71       * @param obj object to iterate over
72       * @param i line, column, template info
73       * @return Iterator for object
74       * @throws Exception
75       */
76      public Iterator getIterator(Object obj, Info i)
77      throws Exception
78      {
79          if ((obj != null) && 
80                  !((SecureIntrospectorControl) introspector)
81                  .checkObjectExecutePermission(obj.getClass(),null))
82          {
83              log.warn ("Cannot retrieve iterator from object of class " + 
84                      obj.getClass().getName() +
85                      " due to security restrictions.");
86              return null;
87  
88          }
89          else
90          {
91              return super.getIterator(obj,i);
92          }
93      }
94  
95      /**
96       * Store the RuntimeServices before the object is initialized..
97       * @param rs RuntimeServices object for initialization
98       */
99      public void setRuntimeServices(RuntimeServices rs)
100     {
101         this.runtimeServices = rs;
102     }
103     
104     
105 }