Examples with Policy java.security.Policy used on opensource projects

Search in sources :

Example 1 with Policy

use of java.security.Policy in project elasticsearch by elastic.

the class BootstrapForTesting method getPluginPermissions.

/**
     * we don't know which codesources belong to which plugin, so just remove the permission from key codebases
     * like core, test-framework, etc. this way tests fail if accesscontroller blocks are missing.
     */
@SuppressForbidden(reason = "accesses fully qualified URLs to configure security")
static Map<String, Policy> getPluginPermissions() throws Exception {
    List<URL> pluginPolicies = Collections.list(BootstrapForTesting.class.getClassLoader().getResources(PluginInfo.ES_PLUGIN_POLICY));
    if (pluginPolicies.isEmpty()) {
        return Collections.emptyMap();
    }
    // compute classpath minus obvious places, all other jars will get the permission.
    Set<URL> codebases = new HashSet<>(Arrays.asList(parseClassPathWithSymlinks()));
    Set<URL> excluded = new HashSet<>(Arrays.asList(// es core
    Bootstrap.class.getProtectionDomain().getCodeSource().getLocation(), // es test framework
    BootstrapForTesting.class.getProtectionDomain().getCodeSource().getLocation(), // lucene test framework
    LuceneTestCase.class.getProtectionDomain().getCodeSource().getLocation(), // randomized runner
    RandomizedRunner.class.getProtectionDomain().getCodeSource().getLocation(), // junit library
    Assert.class.getProtectionDomain().getCodeSource().getLocation()));
    codebases.removeAll(excluded);
    // parse each policy file, with codebase substitution from the classpath
    final List<Policy> policies = new ArrayList<>();
    for (URL policyFile : pluginPolicies) {
        policies.add(Security.readPolicy(policyFile, codebases.toArray(new URL[codebases.size()])));
    }
    // consult each policy file for those codebases
    Map<String, Policy> map = new HashMap<>();
    for (URL url : codebases) {
        map.put(url.getFile(), new Policy() {

            @Override
            public boolean implies(ProtectionDomain domain, Permission permission) {
                // implements union
                for (Policy p : policies) {
                    if (p.implies(domain, permission)) {
                        return true;
                    }
                }
                return false;
            }
        });
    }
    return Collections.unmodifiableMap(map);
}
Also used : Policy(java.security.Policy) ProtectionDomain(java.security.ProtectionDomain) HashMap(java.util.HashMap) ArrayList(java.util.ArrayList) URL(java.net.URL) FilePermission(java.io.FilePermission) SocketPermission(java.net.SocketPermission) Permission(java.security.Permission) HashSet(java.util.HashSet) SuppressForbidden(org.elasticsearch.common.SuppressForbidden)

Example 2 with Policy

use of java.security.Policy in project voltdb by VoltDB.

the class JSR166TestCase method runWithSecurityManagerWithPermissions.

/**
     * Runs Runnable r with a security policy that permits precisely
     * the specified permissions.  If there is no current security
     * manager, a temporary one is set for the duration of the
     * Runnable.  We require that any security manager permit
     * getPolicy/setPolicy.
     */
public void runWithSecurityManagerWithPermissions(Runnable r, Permission... permissions) {
    SecurityManager sm = System.getSecurityManager();
    if (sm == null) {
        Policy savedPolicy = Policy.getPolicy();
        try {
            Policy.setPolicy(permissivePolicy());
            System.setSecurityManager(new SecurityManager());
            runWithSecurityManagerWithPermissions(r, permissions);
        } finally {
            System.setSecurityManager(null);
            Policy.setPolicy(savedPolicy);
        }
    } else {
        Policy savedPolicy = Policy.getPolicy();
        AdjustablePolicy policy = new AdjustablePolicy(permissions);
        Policy.setPolicy(policy);
        try {
            r.run();
        } finally {
            policy.addPermission(new SecurityPermission("setPolicy"));
            Policy.setPolicy(savedPolicy);
        }
    }
}
Also used : Policy(java.security.Policy) SecurityPermission(java.security.SecurityPermission)

Example 3 with Policy

use of java.security.Policy in project joda-time by JodaOrg.

the class TestDateTimeZone method testZoneInfoProviderResourceLoading.

public void testZoneInfoProviderResourceLoading() {
    final Set<String> ids = new HashSet<String>(DateTimeZone.getAvailableIDs());
    ids.remove(DateTimeZone.getDefault().getID());
    final String id = ids.toArray(new String[ids.size()])[new Random().nextInt(ids.size())];
    try {
        Policy.setPolicy(new Policy() {

            @Override
            public PermissionCollection getPermissions(CodeSource codesource) {
                Permissions p = new Permissions();
                // enable everything
                p.add(new AllPermission());
                return p;
            }

            @Override
            public void refresh() {
            }

            @Override
            public boolean implies(ProtectionDomain domain, Permission permission) {
                return !(permission instanceof FilePermission) && !permission.getName().contains(id);
            }
        });
        System.setSecurityManager(new SecurityManager());
        // will throw IllegalArgumentException if the resource can
        // not be loaded
        final DateTimeZone zone = DateTimeZone.forID(id);
        assertNotNull(zone);
    } finally {
        System.setSecurityManager(null);
        Policy.setPolicy(ALLOW);
    }
}
Also used : Policy(java.security.Policy) PermissionCollection(java.security.PermissionCollection) ProtectionDomain(java.security.ProtectionDomain) CodeSource(java.security.CodeSource) FilePermission(java.io.FilePermission) Random(java.util.Random) Permissions(java.security.Permissions) AllPermission(java.security.AllPermission) FilePermission(java.io.FilePermission) Permission(java.security.Permission) AllPermission(java.security.AllPermission) HashSet(java.util.HashSet)

Example 4 with Policy

use of java.security.Policy in project jdk8u_jdk by JetBrains.

the class XPathExFuncTest method testEnableExtFunc.

/**
     * Security is enabled, use new feature: enableExtensionFunctions
     */
public void testEnableExtFunc() {
    Policy p = new SimplePolicy(new AllPermission());
    Policy.setPolicy(p);
    System.setSecurityManager(new SecurityManager());
    try {
        evaluate(true);
        System.out.println("testEnableExt: OK");
    } catch (XPathFactoryConfigurationException e) {
        fail(e.getMessage());
    } catch (XPathExpressionException e) {
        fail(e.getMessage());
    } finally {
        System.setSecurityManager(null);
    }
}
Also used : Policy(java.security.Policy) XPathExpressionException(javax.xml.xpath.XPathExpressionException) AllPermission(java.security.AllPermission) XPathFactoryConfigurationException(javax.xml.xpath.XPathFactoryConfigurationException)

Example 5 with Policy

use of java.security.Policy in project jdk8u_jdk by JetBrains.

the class XSLTExFuncTest method testTemplatesEnableExtFunc.

/**
     * use Templates template = factory.newTemplates(new StreamSource( new
     * FileInputStream(xslFilename))); // Use the template to create a
     * transformer Transformer xformer = template.newTransformer();
     *
     * @param factory
     * @return
     */
/**
     * Security is enabled, use new feature: enableExtensionFunctions Use the
     * template to create a transformer
     */
public void testTemplatesEnableExtFunc() {
    Policy p = new SimplePolicy(new AllPermission());
    Policy.setPolicy(p);
    System.setSecurityManager(new SecurityManager());
    TransformerFactory factory = TransformerFactory.newInstance();
    /**
         * Use of the extension function 'http://exslt.org/strings:tokenize' is
         * not allowed when the secure processing feature is set to true.
         * Attempt to use the new property to enable extension function
         */
    boolean isExtensionSupported = enableExtensionFunction(factory);
    try {
        SAXSource xslSource = new SAXSource(new InputSource(xslFile));
        xslSource.setSystemId(xslFileId);
        Templates template = factory.newTemplates(xslSource);
        Transformer transformer = template.newTransformer();
        StringWriter stringResult = new StringWriter();
        Result result = new StreamResult(stringResult);
        transformer.transform(new SAXSource(new InputSource(xmlFile)), result);
        System.out.println("testTemplatesEnableExtFunc: OK");
    } catch (TransformerConfigurationException e) {
        fail(e.getMessage());
    } catch (TransformerException e) {
        fail(e.getMessage());
    } finally {
        System.setSecurityManager(null);
    }
}
Also used : Policy(java.security.Policy) InputSource(org.xml.sax.InputSource) StreamResult(javax.xml.transform.stream.StreamResult) StreamResult(javax.xml.transform.stream.StreamResult) SAXSource(javax.xml.transform.sax.SAXSource) StringWriter(java.io.StringWriter) AllPermission(java.security.AllPermission)

Aggregations

Policy (java.security.Policy)55 ProtectionDomain (java.security.ProtectionDomain)18 CodeSource (java.security.CodeSource)16 PermissionCollection (java.security.PermissionCollection)15 Permission (java.security.Permission)13 URL (java.net.URL)10 FilePermission (java.io.FilePermission)8 AllPermission (java.security.AllPermission)8 Permissions (java.security.Permissions)8 File (java.io.File)6 SecurityPermission (java.security.SecurityPermission)6 AccessControlException (java.security.AccessControlException)4 Certificate (java.security.cert.Certificate)4 ArrayList (java.util.ArrayList)4 IOException (java.io.IOException)3 SocketPermission (java.net.SocketPermission)3 Path (java.nio.file.Path)3 PrintWriter (java.io.PrintWriter)2 MalformedURLException (java.net.MalformedURLException)2 URI (java.net.URI)2
About Me
UseOf

Java Tutorials :

Simple Java RabbitMQ Example with Spring
Simple Springboot JPA Eclipeslink Example
Simple SpringBoot JPA Hibernate Example
Jackson JSON @JsonIgnore and @JsonIgnoreProperties Examples
Java Infinite recursion (StackOverflowError) Jackson solutions
Simple Java Jackson Serialize Objects to JSON and convert them back To Object
ElasticSearch 5 - Upload files using Java API in binary field Example
Java JAXB marshall unmarshall Examples from String and Stream
Java 8 forEach List and Map examples
ElasticSearch 5 Java API SearchRequestBuilder examples
Java ElasticSearch 5 examples with node index and mapping - running local
Convert String to int or Integer Java 8
Java 9 in action - JShell - Ubuntu
Java - removing invalid characters from a file name
Hello world!? or Hello Tutorial