Examples of com.sun.org.apache.xerces.internal.util.SecurityManager

• com.sun.org.apache.xerces.internal.util.SecurityManager
  e.org/xml/properties/security-manager) whose value will be an instance of this class. If no value has been set for the property, the component should proceed in the "usual" (spec-compliant) manner. If a value has been set, then it must be the case that the component in question needs to know what method of this class to query. This class will provide defaults for all known security issues, but will also provide setters so that those values can be tailored by applications that care. @author Neil Graham, IBM @version $Id: SecurityManager.java,v 1.2 2005/08/16 22:49:14 jeffsuttor Exp $

                // TODO: Add localized error message.
                throw new NullPointerException();
            }
            if (name.equals(XMLConstants.FEATURE_SECURE_PROCESSING)) {
                try {
                    setProperty(SECURITY_MANAGER, value ? new SecurityManager() : null);
                }
                catch (SAXNotRecognizedException exc) {
                    // If the property is not supported
                    // re-throw the exception if the value is true.
                    if (value) {

            fEntityResolver = null;
        }

        // Get security manager.
        try {
            SecurityManager value =
                (SecurityManager)componentManager.getProperty(
                    SECURITY_MANAGER);

            if (value != null) {
                fSecurityManager = value;
                if (fChildConfig != null) {
                    fChildConfig.setProperty(SECURITY_MANAGER, value);
                }
            }
        }
        catch (XMLConfigurationException e) {
            fSecurityManager = null;
        }

        // Get buffer size.
        try {
            Integer value =
                (Integer)componentManager.getProperty(
                    BUFFER_SIZE);

            if (value != null && value.intValue() > 0) {
                fBufferSize = value.intValue();
                if (fChildConfig != null) {
                    fChildConfig.setProperty(BUFFER_SIZE, value);
                }
            }
            else {

                    spf.setNamespaceAware(true);
                    try {
                        reader = spf.newSAXParser().getXMLReader();
                        // If this is a Xerces SAX parser, set the security manager if there is one
                        if (reader instanceof com.sun.org.apache.xerces.internal.parsers.SAXParser) {
                           SecurityManager securityManager = (SecurityManager) fComponentManager.getProperty(SECURITY_MANAGER);
                           if (securityManager != null) {
                               try {
                                   reader.setProperty(SECURITY_MANAGER, securityManager);
                               }
                               // Ignore the exception if the security manager cannot be set.

        fXMLSchemaLoader.setProperty(XMLGRAMMAR_POOL, fXMLGrammarPoolWrapper);
        fXMLSchemaLoader.setEntityResolver(fDOMEntityResolverWrapper);
        fXMLSchemaLoader.setErrorHandler(fErrorHandlerWrapper);

        // Enable secure processing feature by default
        fSecurityManager = new SecurityManager();
        fXMLSchemaLoader.setProperty(SECURITY_MANAGER, fSecurityManager);
    }

            if (System.getSecurityManager() != null && (!value)) {
                throw new SAXNotSupportedException(
                        SAXMessageFormatter.formatMessage(null,
                        "jaxp-secureprocessing-feature", null));
            }
            fSecurityManager = value ? new SecurityManager() : null;
            fXMLSchemaLoader.setProperty(SECURITY_MANAGER, fSecurityManager);
            return;
        }
        try {
            fXMLSchemaLoader.setFeature(name, value);

            domParser.setFeature(XINCLUDE_FEATURE, true);
        }

        // If the secure processing feature is on set a security manager.
        if (secureProcessing) {
            domParser.setProperty(SECURITY_MANAGER, new SecurityManager());
        }

        this.grammar = dbf.getSchema();
        if (grammar != null) {
            XMLParserConfiguration config = domParser.getXMLParserConfiguration();

        fComponents.put(ENTITY_RESOLVER, null);
        fComponents.put(ERROR_HANDLER, null);

        if (System.getSecurityManager() != null) {
            _isSecureMode = true;
            setProperty(SECURITY_MANAGER, new SecurityManager());
        } else {
            fComponents.put(SECURITY_MANAGER, null);
        }
        fComponents.put(SYMBOL_TABLE, new SymbolTable());

        // setup grammar pool
        fComponents.put(XMLGRAMMAR_POOL, grammarContainer.getGrammarPool());
        fUseGrammarPoolOnly = grammarContainer.isFullyComposed();

        // add schema message formatter to error reporter
        fErrorReporter.putMessageFormatter(XSMessageFormatter.SCHEMA_DOMAIN, new XSMessageFormatter());

        // add all recognized features and properties and apply their defaults
        addRecognizedParamsAndSetDefaults(fEntityManager, grammarContainer);
        addRecognizedParamsAndSetDefaults(fErrorReporter, grammarContainer);
        addRecognizedParamsAndSetDefaults(fSchemaValidator, grammarContainer);

        // if the secure processing feature is set to true, add a security manager to the configuration
        Boolean secureProcessing = grammarContainer.getFeature(XMLConstants.FEATURE_SECURE_PROCESSING);
        if (Boolean.TRUE.equals(secureProcessing)) {
            fInitSecurityManager = new SecurityManager();
        }
        else {
            fInitSecurityManager = null;
        }
        fComponents.put(SECURITY_MANAGER, fInitSecurityManager);

        }
        if (XMLConstants.FEATURE_SECURE_PROCESSING.equals(featureId)) {
            if (_isSecureMode && !value) {
                throw new XMLConfigurationException(XMLConfigurationException.NOT_ALLOWED, XMLConstants.FEATURE_SECURE_PROCESSING);
            }
            setProperty(SECURITY_MANAGER, value ? new SecurityManager() : null);
            return;
        }
        fConfigUpdated = true;
        fEntityManager.setFeature(featureId, value);
        fErrorReporter.setFeature(featureId, value);

        fXMLSchemaLoader.setProperty(XMLGRAMMAR_POOL, fXMLGrammarPoolWrapper);
        fXMLSchemaLoader.setEntityResolver(fDOMEntityResolverWrapper);
        fXMLSchemaLoader.setErrorHandler(fErrorHandlerWrapper);

        // Enable secure processing feature by default
        fSecurityManager = new SecurityManager();
        fXMLSchemaLoader.setProperty(SECURITY_MANAGER, fSecurityManager);
    }

            if (System.getSecurityManager() != null && (!value)) {
                throw new SAXNotSupportedException(
                        SAXMessageFormatter.formatMessage(null,
                        "jaxp-secureprocessing-feature", null));
            }
            fSecurityManager = value ? new SecurityManager() : null;
            fXMLSchemaLoader.setProperty(SECURITY_MANAGER, fSecurityManager);
            return;
        }
        try {
            fXMLSchemaLoader.setFeature(name, value);