diff --git a/httpclient5/src/main/java/org/apache/hc/client5/http/impl/async/HttpAsyncClientBuilder.java b/httpclient5/src/main/java/org/apache/hc/client5/http/impl/async/HttpAsyncClientBuilder.java index 0a7e02d4..099e2c47 100644 --- a/httpclient5/src/main/java/org/apache/hc/client5/http/impl/async/HttpAsyncClientBuilder.java +++ b/httpclient5/src/main/java/org/apache/hc/client5/http/impl/async/HttpAsyncClientBuilder.java @@ -30,6 +30,8 @@ import java.io.Closeable; import java.io.IOException; import java.net.ProxySelector; +import java.security.AccessController; +import java.security.PrivilegedAction; import java.util.ArrayList; import java.util.Collection; import java.util.LinkedList; @@ -749,7 +751,12 @@ public CloseableHttpAsyncClient build() { String userAgentCopy = this.userAgent; if (userAgentCopy == null) { if (systemProperties) { - userAgentCopy = System.getProperty("http.agent"); + userAgentCopy = AccessController.doPrivileged(new PrivilegedAction() { + @Override + public String run() { + return System.getProperty("http.agent"); + } + }); } if (userAgentCopy == null) { userAgentCopy = VersionInfo.getSoftwareInfo("Apache-HttpAsyncClient", @@ -831,8 +838,14 @@ public CloseableHttpAsyncClient build() { if (proxy != null) { routePlannerCopy = new DefaultProxyRoutePlanner(proxy, schemePortResolverCopy); } else if (systemProperties) { + final ProxySelector defaultProxySelector = AccessController.doPrivileged(new PrivilegedAction() { + @Override + public ProxySelector run() { + return ProxySelector.getDefault(); + } + }); routePlannerCopy = new SystemDefaultRoutePlanner( - schemePortResolverCopy, ProxySelector.getDefault()); + schemePortResolverCopy, defaultProxySelector); } else { routePlannerCopy = new DefaultRoutePlanner(schemePortResolverCopy); } @@ -874,7 +887,12 @@ public void close() throws IOException { ConnectionReuseStrategy reuseStrategyCopy = this.reuseStrategy; if (reuseStrategyCopy == null) { if (systemProperties) { - final String s = System.getProperty("http.keepAlive", "true"); + final String s = AccessController.doPrivileged(new PrivilegedAction() { + @Override + public String run() { + return System.getProperty("http.keepAlive", "true"); + } + }); if ("true".equalsIgnoreCase(s)) { reuseStrategyCopy = DefaultConnectionReuseStrategy.INSTANCE; } else { diff --git a/httpclient5/src/main/java/org/apache/hc/client5/http/impl/nio/PoolingAsyncClientConnectionManagerBuilder.java b/httpclient5/src/main/java/org/apache/hc/client5/http/impl/nio/PoolingAsyncClientConnectionManagerBuilder.java index cce713d6..2af512ce 100644 --- a/httpclient5/src/main/java/org/apache/hc/client5/http/impl/nio/PoolingAsyncClientConnectionManagerBuilder.java +++ b/httpclient5/src/main/java/org/apache/hc/client5/http/impl/nio/PoolingAsyncClientConnectionManagerBuilder.java @@ -37,6 +37,9 @@ import org.apache.hc.core5.pool.ConnPoolPolicy; import org.apache.hc.core5.util.TimeValue; +import java.security.AccessController; +import java.security.PrivilegedAction; + /** * Builder for {@link PoolingAsyncClientConnectionManager} instances. *

@@ -176,10 +179,7 @@ public PoolingAsyncClientConnectionManager build() { @SuppressWarnings("resource") final PoolingAsyncClientConnectionManager poolingmgr = new PoolingAsyncClientConnectionManager( RegistryBuilder.create() - .register("https", tlsStrategy != null ? tlsStrategy : - (systemProperties ? - H2TlsStrategy.getSystemDefault() : - H2TlsStrategy.getDefault())) + .register("https", getTlsStrategy()) .build(), schemePortResolver, dnsResolver, @@ -196,4 +196,18 @@ public PoolingAsyncClientConnectionManager build() { return poolingmgr; } + private TlsStrategy getTlsStrategy() { + if (tlsStrategy != null) { + return tlsStrategy; + } else if (systemProperties) { + return AccessController.doPrivileged(new PrivilegedAction() { + @Override + public TlsStrategy run() { + return H2TlsStrategy.getSystemDefault(); + } + }); + } else { + return H2TlsStrategy.getDefault(); + } + } }