View Javadoc

1   package org.apache.velocity.util.introspection;
2   
3   /*
4    * Licensed to the Apache Software Foundation (ASF) under one
5    * or more contributor license agreements.  See the NOTICE file
6    * distributed with this work for additional information
7    * regarding copyright ownership.  The ASF licenses this file
8    * to you under the Apache License, Version 2.0 (the
9    * "License"); you may not use this file except in compliance
10   * with the License.  You may obtain a copy of the License at
11   *
12   *   http://www.apache.org/licenses/LICENSE-2.0
13   *
14   * Unless required by applicable law or agreed to in writing,
15   * software distributed under the License is distributed on an
16   * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
17   * KIND, either express or implied.  See the License for the
18   * specific language governing permissions and limitations
19   * under the License.    
20   */
21  
22  import java.util.Iterator;
23  
24  import org.apache.velocity.runtime.RuntimeConstants;
25  import org.apache.velocity.runtime.RuntimeServices;
26  import org.apache.velocity.util.RuntimeServicesAware;
27  
28  /**
29   * Use a custom introspector that prevents classloader related method 
30   * calls.  Use this introspector for situations in which template 
31   * writers are numerous or untrusted.  Specifically, this introspector 
32   * prevents creation of arbitrary objects or reflection on objects.
33   * 
34   * <p>To use this introspector, set the following property:
35   * <pre>
36   * runtime.introspector.uberspect = org.apache.velocity.util.introspection.SecureUberspector
37   * </pre>
38   * 
39   * @author <a href="mailto:wglass@forio.com">Will Glass-Husain</a>
40   * @version $Id: SecureUberspector.java 718443 2008-11-18 00:01:56Z nbubna $
41   * @since 1.5
42   */
43  public class SecureUberspector extends UberspectImpl implements RuntimeServicesAware
44  {
45      RuntimeServices runtimeServices;
46      
47      public SecureUberspector()
48      {
49          super();
50      }
51  
52      /**
53       *  init - generates the Introspector. As the setup code
54       *  makes sure that the log gets set before this is called,
55       *  we can initialize the Introspector using the log object.
56       */
57      public void init()
58      {
59          String [] badPackages = runtimeServices.getConfiguration()
60                          .getStringArray(RuntimeConstants.INTROSPECTOR_RESTRICT_PACKAGES);
61  
62          String [] badClasses = runtimeServices.getConfiguration()
63                          .getStringArray(RuntimeConstants.INTROSPECTOR_RESTRICT_CLASSES);
64          
65          introspector = new SecureIntrospectorImpl(badClasses, badPackages, log);
66      }
67      
68      /**
69       * Get an iterator from the given object.  Since the superclass method
70       * this secure version checks for execute permission.
71       * 
72       * @param obj object to iterate over
73       * @param i line, column, template info
74       * @return Iterator for object
75       * @throws Exception
76       */
77      public Iterator getIterator(Object obj, Info i)
78          throws Exception
79      {
80          if (obj != null)
81          {
82              SecureIntrospectorControl sic = (SecureIntrospectorControl)introspector;
83              if (sic.checkObjectExecutePermission(obj.getClass(), null))
84              {
85                  return super.getIterator(obj, i);
86              }
87              else
88              {
89                  log.warn("Cannot retrieve iterator from " + obj.getClass() +
90                           " due to security restrictions.");
91              }
92          }
93          return null;
94      }
95  
96      /**
97       * Store the RuntimeServices before the object is initialized..
98       * @param rs RuntimeServices object for initialization
99       */
100     public void setRuntimeServices(RuntimeServices rs)
101     {
102         this.runtimeServices = rs;
103     }
104     
105     
106 }