Bug 36455727 - [36455326->24.09] include xsd processing silently fails with JDK22 with -Djdk.xml.jdkcatalog.resolve=strict

Remote remote.distribution on coherence-ce/main success, changes 108051, job.9.20240329183048.7048

[git-p4: depot-paths = "//dev/coherence-ce/main/": change = 108084]

Author: jfialli

prj/coherence-core/src/main/java/com/tangosol/run/xml/SaxParser.java

@@ -1,8 +1,8 @@
 /*
- * Copyright (c) 2000, 2020, Oracle and/or its affiliates.
+ * Copyright (c) 2000, 2024, Oracle and/or its affiliates.
  *
  * Licensed under the Universal Permissive License v 1.0 as shown at
- * http://oss.oracle.com/licenses/upl.
+ * https://oss.oracle.com/licenses/upl.
  */
 package com.tangosol.run.xml;
 
@@ -23,6 +23,8 @@
 import java.net.URLConnection;
 
 import java.util.ArrayList;
+import java.util.Collections;
+import java.util.Iterator;
 import java.util.List;
 
 import  java.util.concurrent.atomic.AtomicBoolean;
@@ -38,6 +40,9 @@
 import javax.xml.validation.SchemaFactory;
 import javax.xml.validation.Validator;
 
+import org.w3c.dom.ls.LSInput;
+import org.w3c.dom.ls.LSResourceResolver;
+
 import org.xml.sax.AttributeList;
 import org.xml.sax.DocumentHandler;
 import org.xml.sax.ErrorHandler;
@@ -270,8 +275,17 @@ public void validateXsd(String sXml, XmlDocument xml)
                 return;
                 }
 
-            SchemaFactory schemaFactory = SchemaFactory
+            ResourceResolver resolver      = null;
+            SchemaFactory    schemaFactory = SchemaFactory
                     .newInstance(XMLConstants.W3C_XML_SCHEMA_NS_URI);
+
+            if (s_fJdk22 && "strict".equalsIgnoreCase(System.getProperty("javax.xml.catalog.resolve")))
+                {
+                // specifying a custom resolver is a workaround for issue reported in OWLS-116652
+                resolver = new ResourceResolver(this.getClass());
+                schemaFactory.setResourceResolver(resolver);
+                }
+
             Schema            schema    = schemaFactory.newSchema(resolveSchemaSources(listSchemaURIs));
             Source            source    = new StreamSource(new StringReader(sXml));
             Validator         validator = schema.newValidator();
@@ -301,6 +315,11 @@ public void validateXsd(String sXml, XmlDocument xml)
             validator.setErrorHandler(handler);
             validator.validate(source);
 
+            if (resolver != null)
+                {
+                resolver.closeStreams();
+                }
+
             // optimize error handling to report all errors
             // prior to failing; this is easier for user that
             // has multiple problems to config files.
@@ -746,10 +765,200 @@ public void fatalError(SAXParseException exception)
         private XmlElement m_current;
         }
 
+    // ----- inner class: Input ---------------------------------------------
+
+    /**
+     * An LSInput implementation that is used when Java 22+ strict XML catalog resolve is enabled.
+     * This class is required to work around the issue that is described in OWLS-116652
+     *
+     * @since 24.03
+     */
+    public static class Input
+            implements LSInput
+        {
+        // ----- constructors -----------------------------------------------
+
+        public Input(InputStream is, String publicId, String systemId)
+            {
+            this.is       = is;
+            this.publicId = publicId;
+            this.systemId = systemId;
+            }
+
+        // ----- LSInput interface ------------------------------------------
+
+        @Override
+        public Reader getCharacterStream()
+            {
+            return null;
+            }
+
+        @Override
+        public void setCharacterStream(Reader characterStream)
+            {
+            }
+
+        @Override
+        public InputStream getByteStream()
+            {
+            return this.is;
+            }
+
+        @Override
+        public void setByteStream(InputStream byteStream)
+            {
+            }
+
+        @Override
+        public String getStringData()
+            {
+            return null;
+            }
+
+        @Override
+        public void setStringData(String stringData)
+            {
+            }
+
+        @Override
+        public String getSystemId()
+            {
+            return this.systemId;
+            }
+
+        @Override
+        public void setSystemId(String systemId)
+            {
+            }
+
+        @Override
+        public String getPublicId()
+            {
+            return this.publicId;
+            }
+
+        @Override
+        public void setPublicId(String publicId)
+            {
+            }
+        @Override
+        public String getBaseURI()
+            {
+            return null;
+            }
+
+        @Override
+        public void setBaseURI(String baseURI)
+            {
+            }
+
+        @Override
+        public String getEncoding()
+            {
+            return null;
+            }
+
+        @Override
+        public void setEncoding(String encoding)
+            {
+            }
+
+        @Override
+        public boolean getCertifiedText()
+            {
+            return false;
+            }
+
+        @Override
+        public void setCertifiedText(boolean certifiedText)
+            {
+            }
+
+        // ----- data members -----------------------------------------------
+
+        private InputStream is;
+
+        private String publicId;
+
+        private String systemId;
+        }
+
+    // ----- inner class: ResourceResolver ----------------------------------
+
+    /**
+     * An ResourceResolver implementation that is used when Java 22+ strict XML catalog resolve is enabled.
+     * This class is required to work around the issue that is described in OWLS-116652
+     *
+     * @since 24.03
+     */
+    public static class ResourceResolver
+            implements LSResourceResolver
+        {
+        // ----- constructors -----------------------------------------------
+
+        ResourceResolver(Class<?> clazz)
+            {
+            this.clazz = clazz;
+            }
+
+        // ----- LSResourceResolver interface -------------------------------
+
+        @Override
+        public LSInput resolveResource(String type, String namespaceURI, String publicId, String systemId, String baseURI)
+            {
+            InputStream is = this.clazz.getResourceAsStream("/" + systemId);
+
+            if (is == null)
+                {
+                Logger.warn("SaxParser.ResourceResolver.resolveResource: failed to resolve \"/" + systemId + " resolution: " + baseURI + "/" + systemId);
+                return null;
+                }
+            else
+                {
+                this.streamsToClose.add(is);
+                return new Input(is, publicId, systemId);
+                }
+            }
+
+        /**
+         * Close all streams created by this resolver.
+         */
+        void closeStreams()
+            {
+            Iterator iter = this.streamsToClose.iterator();
+
+            while (iter.hasNext())
+                {
+                InputStream is = (InputStream) iter.next();
+                if (is != null)
+                    {
+                    try
+                        {
+                        is.close();
+                        }
+                    catch (IOException e)
+                        {
+                        }
+                    }
+                }
+            }
+
+        // ----- data members -----------------------------------------------
+
+        private List<InputStream> streamsToClose = Collections.synchronizedList(new ArrayList());
+
+        private Class<?> clazz;
+        }
+
     // ----- constants ------------------------------------------------------
 
     /**
      * Record if resolved SaxParser supports JAXP 1.5 {@link XMLConstants#ACCESS_EXTERNAL_DTD} and {@link XMLConstants#ACCESS_EXTERNAL_SCHEMA} properties. Only report warning once if does not.
      */
     private static final AtomicBoolean ATTEMPT_RESTRICT_EXTERNAL = new AtomicBoolean(true);
+
+    /**
+     * True iff if jvm runtime is JDK 22 or higher.
+     */
+    private static boolean s_fJdk22 = Runtime.version().feature() > 21;
     }

prj/coherence-testing-support/src/main/java/com/oracle/coherence/testing/bedrock/IllegalaccessProfile.java

@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 2000, 2023, Oracle and/or its affiliates.
+ * Copyright (c) 2000, 2024, Oracle and/or its affiliates.
  *
  * Licensed under the Universal Permissive License v 1.0 as shown at
  * https://oss.oracle.com/licenses/upl.
@@ -54,15 +54,20 @@ public void onLaunching(
         if (jdk.getVersion() > 8)
             {
             // options introduced in jdk 9
-            Freeforms jvmOptions = JvmOptions.include(
-                        "--add-opens=java.base/java.lang=ALL-UNNAMED");
+            Freeforms jvmOptions = JvmOptions.include();
 
             // Support was removed in JDK 17 so avoid warning message by not including in JDK 17 and greater
             if (jdk.getVersion() <= 16)
                 {
                 jvmOptions = jvmOptions.with(new Freeform("--illegal-access=" + m_sValue));
                 }
 
+            if (jdk.getVersion() >= 22 && m_sValue.equals("strict"))
+                {
+                jvmOptions = JvmOptions.include("-Djavax.xml.catalog.resolve=strict",
+                                                "-Djdk.xml.jdkcatalog.resolve=strict");
+                }
+
             Freeforms freeforms = optionsByType.get(Freeforms.class);
             for (Freeform freeform : freeforms)
                 {

prj/pom.xml

@@ -992,6 +992,43 @@
       </build>
     </profile>
 
+    <profile>
+      <id>test-catalog-resolve-strict</id>
+      <properties>
+        <!-- added properties *.resolve=strict to match jdk24 default -->
+        <surefire.argLine>-Djavax.xml.catalog.resolve=strict -Djdk.xml.jdkcatalog.resolve=strict ${default.surefire.argLine}</surefire.argLine>
+        <failsafe.argLine>-Djavax.xml.catalog.resolve=strict -Djdk.xml.jdkcatalog.resolve=strict ${default.failsafe.argLine}</failsafe.argLine>
+      </properties>
+      <build>
+        <pluginManagement>
+          <plugins>
+            <plugin>
+              <groupId>org.apache.maven.plugins</groupId>
+              <artifactId>maven-surefire-plugin</artifactId>
+              <version>${maven.surefire.plugin.version}</version>
+              <configuration>
+                <systemPropertyVariables>
+                  <bedrock.profile.illegalaccess>strict</bedrock.profile.illegalaccess>
+                  <bedrock.profile.illegalaccess.classname>com.oracle.coherence.testing.bedrock.IllegalaccessProfile</bedrock.profile.illegalaccess.classname>
+                </systemPropertyVariables>
+              </configuration>
+            </plugin>
+            <plugin>
+              <groupId>org.apache.maven.plugins</groupId>
+              <artifactId>maven-failsafe-plugin</artifactId>
+              <version>${maven.failsafe.plugin.version}</version>
+              <configuration>
+                <systemPropertyVariables>
+                  <bedrock.profile.illegalaccess>strict</bedrock.profile.illegalaccess>
+                  <bedrock.profile.illegalaccess.classname>com.oracle.coherence.testing.bedrock.IllegalaccessProfile</bedrock.profile.illegalaccess.classname>
+                </systemPropertyVariables>
+              </configuration>
+            </plugin>
+          </plugins>
+        </pluginManagement>
+      </build>
+    </profile>
+
     <profile>
       <id>dependency-check</id>
       <build>

prj/test/functional/xsd/pom.xml

@@ -1,6 +1,6 @@
 <?xml version="1.0" encoding="UTF-8"?>
 <!--
-  Copyright (c) 2000, 2022, Oracle and/or its affiliates.
+  Copyright (c) 2000, 2024, Oracle and/or its affiliates.
 
   Licensed under the Universal Permissive License v 1.0 as shown at
   https://oss.oracle.com/licenses/upl.
@@ -59,6 +59,11 @@
       <version>${project.version}</version>
     </dependency>
 
+<dependency>
+      <groupId>${coherence.group.id}</groupId>
+      <artifactId>coherence-concurrent</artifactId>
+      <version>${project.version}</version>
+    </dependency>
     <!-- https://mvnrepository.com/artifact/xerces/xercesImpl -->
     <dependency>
       <groupId>xerces</groupId>

prj/test/functional/xsd/src/main/java/xsd/XsdValidationTests.java

@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 2000, 2022, Oracle and/or its affiliates.
+ * Copyright (c) 2000, 2024, Oracle and/or its affiliates.
  *
  * Licensed under the Universal Permissive License v 1.0 as shown at
  * https://oss.oracle.com/licenses/upl.
@@ -106,6 +106,10 @@ public void testDefaultFiles()
         XmlValidator.validate("../../../coherence-core/src/main/resources/com/oracle/coherence/defaults/tangosol-coherence-override-eval.xml");
         XmlValidator.validate("../../../coherence-core/src/main/resources/com/oracle/coherence/defaults/tangosol-coherence-override-prod.xml");
         XmlValidator.validate("../../../coherence-core/src/main/resources/tangosol-coherence.xml");
+        XmlValidator.validate("../../../coherence-core/src/main/resources/com/oracle/coherence/defaults/grpc-proxy-cache-config.xml");
+
+        XmlValidator.validate("../../../coherence-concurrent/src/main/resources/coherence-concurrent-config.xml");
+        XmlValidator.validate("../../../coherence-concurrent/src/main/resources/coherence-concurrent-client-config.xml");
         }
 
    /**