Prepare for removing the SecurityManager

Signed-off-by: jansupol <jan.supol@oracle.com>

connectors/jdk-connector/src/main/java/org/glassfish/jersey/jdk/connector/internal/TransportFilter.java

@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 2015, 2019 Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 2015, 2023 Oracle and/or its affiliates. All rights reserved.
  *
  * This program and the accompanying materials are made available under the
  * terms of the Eclipse Public License v. 2.0, which is available at
@@ -16,6 +16,8 @@
 
 package org.glassfish.jersey.jdk.connector.internal;
 
+import org.glassfish.jersey.internal.deprecated.ACDeprecator;
+
 import java.io.IOException;
 import java.net.SocketAddress;
 import java.nio.ByteBuffer;
@@ -24,7 +26,6 @@
 import java.nio.channels.AsynchronousCloseException;
 import java.nio.channels.AsynchronousSocketChannel;
 import java.nio.channels.CompletionHandler;
-import java.security.AccessController;
 import java.security.PrivilegedAction;
 import java.util.Queue;
 import java.util.concurrent.ExecutorService;
@@ -316,7 +317,7 @@ public Thread newThread(Runnable r) {
             thread.setDaemon(threadPoolConfig.isDaemon());
 
             try {
-                AccessController.doPrivileged(new PrivilegedAction<Void>() {
+                ACDeprecator.doPrivileged(new PrivilegedAction<Void>() {
                     @Override
                     public Void run() {
                         if (threadPoolConfig.getInitialClassLoader() == null) {

containers/jdk-http/src/test/java/org/glassfish/jersey/jdkhttp/AbstractJdkHttpServerTester.java

@@ -17,7 +17,6 @@
 package org.glassfish.jersey.jdkhttp;
 
 import java.net.URI;
-import java.security.AccessController;
 import java.util.logging.Level;
 import java.util.logging.Logger;
 
@@ -51,8 +50,7 @@ protected final int getPort() {
         if (server != null) {
             return server.getAddress().getPort();
         }
-        final String value =
-                AccessController.doPrivileged(PropertiesHelper.getSystemProperty("jersey.config.test.container.port"));
+        final String value = PropertiesHelper.getSystemPropertyNPA("jersey.config.test.container.port");
         if (value != null) {
 
             try {

containers/jersey-servlet-core/src/main/java/org/glassfish/jersey/servlet/WebComponent.java

@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 2012, 2022 Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 2012, 2023 Oracle and/or its affiliates. All rights reserved.
  *
  * This program and the accompanying materials are made available under the
  * terms of the Eclipse Public License v. 2.0, which is available at
@@ -19,7 +19,6 @@
 import java.io.IOException;
 import java.lang.reflect.Type;
 import java.net.URI;
-import java.security.AccessController;
 import java.security.Principal;
 import java.security.PrivilegedActionException;
 import java.util.ArrayList;
@@ -506,9 +505,8 @@ private static ResourceConfig createResourceConfig(final WebConfig config) throw
         }
 
         try {
-            final Class<? extends javax.ws.rs.core.Application> jaxrsApplicationClass = AccessController.doPrivileged(
-                    ReflectionHelper.<javax.ws.rs.core.Application>classForNameWithExceptionPEA(jaxrsApplicationClassName)
-            );
+            final Class<? extends javax.ws.rs.core.Application> jaxrsApplicationClass =
+                    ReflectionHelper.<javax.ws.rs.core.Application>classForNameWithException(jaxrsApplicationClassName);
 
             if (javax.ws.rs.core.Application.class.isAssignableFrom(jaxrsApplicationClass)) {
                 return ResourceConfig.forApplicationClass(jaxrsApplicationClass)

containers/jetty-http/src/test/java/org/glassfish/jersey/jetty/AbstractJettyServerTester.java

@@ -17,7 +17,6 @@
 package org.glassfish.jersey.jetty;
 
 import java.net.URI;
-import java.security.AccessController;
 import java.util.logging.Level;
 import java.util.logging.Logger;
 
@@ -51,8 +50,7 @@ public abstract class AbstractJettyServerTester {
      * @return The HTTP port of the URI
      */
     protected final int getPort() {
-        final String value = AccessController
-                .doPrivileged(PropertiesHelper.getSystemProperty("jersey.config.test.container.port"));
+        final String value = PropertiesHelper.getSystemPropertyNPA("jersey.config.test.container.port");
         if (value != null) {
 
             try {

containers/jetty-http2/src/test/java/org/glassfish/jersey/jetty/http2/AbstractJettyServerTester.java

@@ -17,7 +17,6 @@
 package org.glassfish.jersey.jetty.http2;
 
 import java.net.URI;
-import java.security.AccessController;
 import java.util.logging.Level;
 import java.util.logging.Logger;
 
@@ -51,8 +50,7 @@ public abstract class AbstractJettyServerTester {
      * @return The HTTP port of the URI
      */
     protected final int getPort() {
-        final String value = AccessController
-                .doPrivileged(PropertiesHelper.getSystemProperty("jersey.config.test.container.port"));
+        final String value = PropertiesHelper.getSystemPropertyNPA("jersey.config.test.container.port");
         if (value != null) {
 
             try {

containers/simple-http/src/test/java/org/glassfish/jersey/simple/AbstractSimpleServerTester.java

@@ -17,7 +17,6 @@
 package org.glassfish.jersey.simple;
 
 import java.net.URI;
-import java.security.AccessController;
 import java.util.logging.Level;
 import java.util.logging.Logger;
 
@@ -50,8 +49,7 @@ public abstract class AbstractSimpleServerTester {
      * @return The HTTP port of the URI
      */
     protected final int getPort() {
-        final String value = AccessController
-                .doPrivileged(PropertiesHelper.getSystemProperty("jersey.config.test.container.port"));
+        final String value = PropertiesHelper.getSystemPropertyNPA("jersey.config.test.container.port");
         if (value != null) {
 
             try {

core-client/src/main/java/org/glassfish/jersey/client/ClientExecutorProvidersConfigurator.java

@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 2017, 2021 Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 2017, 2023 Oracle and/or its affiliates. All rights reserved.
  *
  * This program and the accompanying materials are made available under the
  * terms of the Eclipse Public License v. 2.0, which is available at
@@ -17,7 +17,6 @@
 package org.glassfish.jersey.client;
 
 import java.lang.reflect.Method;
-import java.security.AccessController;
 import java.util.Map;
 import java.util.concurrent.ExecutorService;
 import java.util.concurrent.ScheduledExecutorService;
@@ -141,8 +140,7 @@ private static ExecutorService lookupManagedExecutorService() {
         // Get the default ManagedExecutorService, if available
         try {
             // Android and some other environments don't have InitialContext class available.
-            final Class<?> aClass =
-                    AccessController.doPrivileged(ReflectionHelper.classForNamePA("javax.naming.InitialContext"));
+            final Class<?> aClass = ReflectionHelper.classForName("javax.naming.InitialContext");
 
             final Object initialContext = aClass.newInstance();
 
@@ -163,8 +161,7 @@ private static ExecutorService lookupManagedExecutorService() {
     private ScheduledExecutorService lookupManagedScheduledExecutorService() {
         try {
             // Android and some other environments don't have InitialContext class available.
-            final Class<?> aClass =
-                    AccessController.doPrivileged(ReflectionHelper.classForNamePA("javax.naming.InitialContext"));
+            final Class<?> aClass = ReflectionHelper.classForName("javax.naming.InitialContext");
             final Object initialContext = aClass.newInstance();
 
             final Method lookupMethod = aClass.getMethod("lookup", String.class);

core-client/src/main/java/org/glassfish/jersey/client/JerseyClientBuilder.java

@@ -16,7 +16,6 @@
 
 package org.glassfish.jersey.client;
 
-import java.security.AccessController;
 import java.security.KeyStore;
 import java.util.Collections;
 import java.util.LinkedList;
@@ -174,8 +173,7 @@ private void setConnectorFromProperties() {
         final Object connectorClass = config.getProperty(ClientProperties.CONNECTOR_PROVIDER);
         if (connectorClass != null) {
             if (String.class.isInstance(connectorClass)) {
-                Class<? extends ConnectorProvider> clazz
-                        = AccessController.doPrivileged(ReflectionHelper.classForNamePA((String) connectorClass));
+                Class<? extends ConnectorProvider> clazz = ReflectionHelper.classForName((String) connectorClass);
                 final ConnectorProvider connectorProvider = new NonInjectionManager().justCreate(clazz);
                 config.connectorProvider(connectorProvider);
             } else {

core-client/src/main/java/org/glassfish/jersey/client/internal/HttpUrlConnector.java

@@ -28,7 +28,6 @@
 import java.net.URI;
 import java.net.URISyntaxException;
 import java.net.UnknownHostException;
-import java.security.AccessController;
 import java.security.PrivilegedActionException;
 import java.security.PrivilegedExceptionAction;
 import java.util.HashSet;
@@ -64,6 +63,7 @@
 import org.glassfish.jersey.client.innate.http.SSLParamConfigurator;
 import org.glassfish.jersey.client.spi.AsyncConnectorCallback;
 import org.glassfish.jersey.client.spi.Connector;
+import org.glassfish.jersey.internal.deprecated.ACDeprecator;
 import org.glassfish.jersey.internal.util.PropertiesHelper;
 import org.glassfish.jersey.internal.util.collection.LazyValue;
 import org.glassfish.jersey.internal.util.collection.UnsafeValue;
@@ -145,9 +145,9 @@ public HttpUrlConnector(
         // check if sun.net.http.allowRestrictedHeaders system property has been set and log the result
         // the property is being cached in the HttpURLConnection, so this is only informative - there might
         // already be some connection(s), that existed before the property was set/changed.
-        isRestrictedHeaderPropertySet = Boolean.valueOf(AccessController.doPrivileged(
-                PropertiesHelper.getSystemProperty(ALLOW_RESTRICTED_HEADERS_SYSTEM_PROPERTY, "false")
-        ));
+        isRestrictedHeaderPropertySet = Boolean.valueOf(
+                PropertiesHelper.getSystemPropertyNPA(ALLOW_RESTRICTED_HEADERS_SYSTEM_PROPERTY, "false")
+        );
 
         LOGGER.config(isRestrictedHeaderPropertySet
                         ? LocalizationMessages.RESTRICTED_HEADER_PROPERTY_SETTING_TRUE(ALLOW_RESTRICTED_HEADERS_SYSTEM_PROPERTY)
@@ -522,7 +522,7 @@ private static void setRequestMethodViaJreBugWorkaround(final HttpURLConnection
             httpURLConnection.setRequestMethod(method); // Check whether we are running on a buggy JRE
         } catch (final ProtocolException pe) {
             try {
-                AccessController
+                ACDeprecator
                         .doPrivileged(new PrivilegedExceptionAction<Object>() {
                             @Override
                             public Object run() throws NoSuchFieldException,
@@ -600,7 +600,7 @@ private IOException handleException(ClientRequest request, IOException ex, HttpU
 
     @Override
     public String getName() {
-        return "HttpUrlConnection " + AccessController.doPrivileged(PropertiesHelper.getSystemProperty("java.version"));
+        return "HttpUrlConnection " + PropertiesHelper.getSystemPropertyNPA("java.version");
     }
 
     private static class SniSSLSocketFactory extends SSLSocketFactory {

core-common/src/main/java/org/glassfish/jersey/SslConfigurator.java

@@ -22,7 +22,6 @@
 import java.io.IOException;
 import java.io.InputStream;
 import java.nio.file.Files;
-import java.security.AccessController;
 import java.security.KeyManagementException;
 import java.security.KeyStore;
 import java.security.KeyStoreException;
@@ -664,8 +663,8 @@ public SSLContext createSSLContext() {
         if (_keyStore != null) {
             String kmfAlgorithm = keyManagerFactoryAlgorithm;
             if (kmfAlgorithm == null) {
-                kmfAlgorithm = AccessController.doPrivileged(PropertiesHelper.getSystemProperty(
-                        KEY_MANAGER_FACTORY_ALGORITHM, KeyManagerFactory.getDefaultAlgorithm()));
+                kmfAlgorithm = PropertiesHelper.getSystemPropertyNPA(
+                        KEY_MANAGER_FACTORY_ALGORITHM, KeyManagerFactory.getDefaultAlgorithm());
             }
             try {
                 if (keyManagerFactoryProvider != null) {
@@ -739,8 +738,8 @@ public SSLContext createSSLContext() {
         if (_trustStore != null) {
             String tmfAlgorithm = trustManagerFactoryAlgorithm;
             if (tmfAlgorithm == null) {
-                tmfAlgorithm = AccessController.doPrivileged(PropertiesHelper.getSystemProperty(
-                        TRUST_MANAGER_FACTORY_ALGORITHM, TrustManagerFactory.getDefaultAlgorithm()));
+                tmfAlgorithm = PropertiesHelper.getSystemPropertyNPA(
+                        TRUST_MANAGER_FACTORY_ALGORITHM, TrustManagerFactory.getDefaultAlgorithm());
             }
 
             try {
@@ -825,37 +824,31 @@ public SslConfigurator retrieve(Properties props) {
      * @return updated SSL configurator instance.
      */
     public SslConfigurator retrieve() {
-        trustStoreProvider = AccessController.doPrivileged(
-                PropertiesHelper.getSystemProperty(TRUST_STORE_PROVIDER));
-        keyStoreProvider = AccessController.doPrivileged(
-                PropertiesHelper.getSystemProperty(KEY_STORE_PROVIDER));
+        trustStoreProvider = PropertiesHelper.getSystemPropertyNPA(TRUST_STORE_PROVIDER);
+        keyStoreProvider = PropertiesHelper.getSystemPropertyNPA(KEY_STORE_PROVIDER);
 
-        trustManagerFactoryProvider = AccessController.doPrivileged(
-                PropertiesHelper.getSystemProperty(TRUST_MANAGER_FACTORY_PROVIDER));
-        keyManagerFactoryProvider = AccessController.doPrivileged(
-                PropertiesHelper.getSystemProperty(KEY_MANAGER_FACTORY_PROVIDER));
+        trustManagerFactoryProvider = PropertiesHelper.getSystemPropertyNPA(TRUST_MANAGER_FACTORY_PROVIDER);
+        keyManagerFactoryProvider = PropertiesHelper.getSystemPropertyNPA(KEY_MANAGER_FACTORY_PROVIDER);
 
-        trustStoreType = AccessController.doPrivileged(PropertiesHelper.getSystemProperty(TRUST_STORE_TYPE));
-        keyStoreType = AccessController.doPrivileged(PropertiesHelper.getSystemProperty(KEY_STORE_TYPE));
+        trustStoreType = PropertiesHelper.getSystemPropertyNPA(TRUST_STORE_TYPE);
+        keyStoreType = PropertiesHelper.getSystemPropertyNPA(KEY_STORE_TYPE);
 
-        final String trustStorePassword = AccessController.doPrivileged(
-                PropertiesHelper.getSystemProperty(TRUST_STORE_PASSWORD));
+        final String trustStorePassword = PropertiesHelper.getSystemPropertyNPA(TRUST_STORE_PASSWORD);
         if (trustStorePassword != null) {
             trustStorePass = trustStorePassword.toCharArray();
         } else {
             trustStorePass = null;
         }
 
-        final String keyStorePassword = AccessController.doPrivileged(
-                PropertiesHelper.getSystemProperty(KEY_STORE_PASSWORD));
+        final String keyStorePassword = PropertiesHelper.getSystemPropertyNPA(KEY_STORE_PASSWORD);
         if (keyStorePassword != null) {
             keyStorePass = keyStorePassword.toCharArray();
         } else {
             keyStorePass = null;
         }
 
-        trustStoreFile = AccessController.doPrivileged(PropertiesHelper.getSystemProperty(TRUST_STORE_FILE));
-        keyStoreFile = AccessController.doPrivileged(PropertiesHelper.getSystemProperty(KEY_STORE_FILE));
+        trustStoreFile = PropertiesHelper.getSystemPropertyNPA(TRUST_STORE_FILE);
+        keyStoreFile = PropertiesHelper.getSystemPropertyNPA(KEY_STORE_FILE);
 
         trustStoreBytes = null;
         keyStoreBytes = null;

core-common/src/main/java/org/glassfish/jersey/internal/OsgiRegistry.java

@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 2012, 2022 Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 2012, 2023 Oracle and/or its affiliates. All rights reserved.
  *
  * This program and the accompanying materials are made available under the
  * terms of the Eclipse Public License v. 2.0, which is available at
@@ -21,7 +21,6 @@
 import java.io.InputStream;
 import java.io.InputStreamReader;
 import java.net.URL;
-import java.security.AccessController;
 import java.security.PrivilegedAction;
 import java.security.PrivilegedActionException;
 import java.security.PrivilegedExceptionAction;
@@ -46,6 +45,7 @@
 
 import javax.ws.rs.ProcessingException;
 
+import org.glassfish.jersey.internal.deprecated.ACDeprecator;
 import org.glassfish.jersey.internal.util.ReflectionHelper;
 
 import org.osgi.framework.Bundle;
@@ -92,8 +92,7 @@ public final class OsgiRegistry implements SynchronousBundleListener {
      */
     public static synchronized OsgiRegistry getInstance() {
         if (instance == null) {
-            final ClassLoader classLoader = AccessController
-                    .doPrivileged(ReflectionHelper.getClassLoaderPA(ReflectionHelper.class));
+            final ClassLoader classLoader = ReflectionHelper.getClassLoader(ReflectionHelper.class);
             if (classLoader instanceof BundleReference) {
                 final BundleContext context = FrameworkUtil.getBundle(OsgiRegistry.class).getBundleContext();
                 if (context != null) { // context could be still null if the current bundle has not been started
@@ -581,7 +580,7 @@ private List<Class<?>> locateAllProviders(final Class<?> serviceClass) {
 
     private static Class<?> loadClass(final Bundle bundle, final String className) throws ClassNotFoundException {
         try {
-            return AccessController.doPrivileged(new PrivilegedExceptionAction<Class<?>>() {
+            return ACDeprecator.doPrivileged(new PrivilegedExceptionAction<Class<?>>() {
                 @Override
                 public Class<?> run() throws ClassNotFoundException {
                     return bundle.loadClass(className);
@@ -603,7 +602,7 @@ private static Enumeration<URL> findEntries(final Bundle bundle,
                                                 final String path,
                                                 final String fileNamePattern,
                                                 final boolean recursive) {
-        return AccessController.doPrivileged(new PrivilegedAction<Enumeration<URL>>() {
+        return ACDeprecator.doPrivileged(new PrivilegedAction<Enumeration<URL>>() {
             @SuppressWarnings("unchecked")
             @Override
             public Enumeration<URL> run() {