View Javadoc

1   package org.apache.velocity.util.introspection;
2   
3   /*
4    * Licensed to the Apache Software Foundation (ASF) under one
5    * or more contributor license agreements.  See the NOTICE file
6    * distributed with this work for additional information
7    * regarding copyright ownership.  The ASF licenses this file
8    * to you under the Apache License, Version 2.0 (the
9    * "License"); you may not use this file except in compliance
10   * with the License.  You may obtain a copy of the License at
11   *
12   *   http://www.apache.org/licenses/LICENSE-2.0
13   *
14   * Unless required by applicable law or agreed to in writing,
15   * software distributed under the License is distributed on an
16   * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
17   * KIND, either express or implied.  See the License for the
18   * specific language governing permissions and limitations
19   * under the License.    
20   */
21  
22  import java.util.Iterator;
23  
24  import org.apache.velocity.runtime.RuntimeConstants;
25  import org.apache.velocity.runtime.RuntimeServices;
26  import org.apache.velocity.util.RuntimeServicesAware;
27  
28  /**
29   * Use a custom introspector that prevents classloader related method 
30   * calls.  Use this introspector for situations in which template 
31   * writers are numerous or untrusted.  Specifically, this introspector 
32   * prevents creation of arbitrary objects or reflection on objects.
33   * 
34   * <p>To use this introspector, set the following property:
35   * <pre>
36   * runtime.introspector.uberspect = org.apache.velocity.util.introspection.SecureUberspector
37   * </pre>
38   * 
39   * @author <a href="mailto:wglass@forio.com">Will Glass-Husain</a>
40   * @version $Id: SecureUberspector.java 774412 2009-05-13 15:54:07Z nbubna $
41   * @since 1.5
42   */
43  public class SecureUberspector extends UberspectImpl implements RuntimeServicesAware
44  {
45      RuntimeServices runtimeServices;
46      
47      public SecureUberspector()
48      {
49          super();
50      }
51  
52      /**
53       *  init - generates the Introspector. As the setup code
54       *  makes sure that the log gets set before this is called,
55       *  we can initialize the Introspector using the log object.
56       */
57      public void init()
58      {
59          String [] badPackages = runtimeServices.getConfiguration()
60                          .getStringArray(RuntimeConstants.INTROSPECTOR_RESTRICT_PACKAGES);
61  
62          String [] badClasses = runtimeServices.getConfiguration()
63                          .getStringArray(RuntimeConstants.INTROSPECTOR_RESTRICT_CLASSES);
64          
65          introspector = new SecureIntrospectorImpl(badClasses, badPackages, log);
66      }
67      
68      /**
69       * Get an iterator from the given object.  Since the superclass method
70       * this secure version checks for execute permission.
71       * 
72       * @param obj object to iterate over
73       * @param i line, column, template info
74       * @return Iterator for object
75       */
76      public Iterator getIterator(Object obj, Info i) throws Exception
77      {
78          if (obj != null)
79          {
80              SecureIntrospectorControl sic = (SecureIntrospectorControl)introspector;
81              if (sic.checkObjectExecutePermission(obj.getClass(), null))
82              {
83                  return super.getIterator(obj, i);
84              }
85              else
86              {
87                  log.warn("Cannot retrieve iterator from " + obj.getClass() +
88                           " due to security restrictions.");
89              }
90          }
91          return null;
92      }
93  
94      /**
95       * Store the RuntimeServices before the object is initialized..
96       * @param rs RuntimeServices object for initialization
97       */
98      public void setRuntimeServices(RuntimeServices rs)
99      {
100         this.runtimeServices = rs;
101     }
102     
103     
104 }