Search in sources :

Example 36 with FilePermission

use of java.io.FilePermission in project spring-boot by spring-projects.

the class JarFileTests method createEntryUrl.

@Test
public void createEntryUrl() throws Exception {
    URL url = new URL(this.jarFile.getUrl(), "1.dat");
    assertThat(url.toString()).isEqualTo("jar:" + this.rootJarFile.toURI() + "!/1.dat");
    JarURLConnection jarURLConnection = (JarURLConnection) url.openConnection();
    assertThat(jarURLConnection.getJarFile()).isSameAs(this.jarFile);
    assertThat(jarURLConnection.getJarEntry()).isSameAs(this.jarFile.getJarEntry("1.dat"));
    assertThat(jarURLConnection.getContentLength()).isEqualTo(1);
    assertThat(jarURLConnection.getContent()).isInstanceOf(InputStream.class);
    assertThat(jarURLConnection.getContentType()).isEqualTo("content/unknown");
    assertThat(jarURLConnection.getPermission()).isInstanceOf(FilePermission.class);
    FilePermission permission = (FilePermission) jarURLConnection.getPermission();
    assertThat(permission.getActions()).isEqualTo("read");
    assertThat(permission.getName()).isEqualTo(this.rootJarFile.getPath());
}
Also used : FilePermission(java.io.FilePermission) URL(java.net.URL) Test(org.junit.Test)

Example 37 with FilePermission

use of java.io.FilePermission in project spring-boot by spring-projects.

the class JarFileTests method getNestedJarFile.

@Test
public void getNestedJarFile() throws Exception {
    JarFile nestedJarFile = this.jarFile.getNestedJarFile(this.jarFile.getEntry("nested.jar"));
    Enumeration<java.util.jar.JarEntry> entries = nestedJarFile.entries();
    assertThat(entries.nextElement().getName()).isEqualTo("META-INF/");
    assertThat(entries.nextElement().getName()).isEqualTo("META-INF/MANIFEST.MF");
    assertThat(entries.nextElement().getName()).isEqualTo("3.dat");
    assertThat(entries.nextElement().getName()).isEqualTo("4.dat");
    assertThat(entries.nextElement().getName()).isEqualTo("ä.dat");
    assertThat(entries.hasMoreElements()).isFalse();
    InputStream inputStream = nestedJarFile.getInputStream(nestedJarFile.getEntry("3.dat"));
    assertThat(inputStream.read()).isEqualTo(3);
    assertThat(inputStream.read()).isEqualTo(-1);
    URL url = nestedJarFile.getUrl();
    assertThat(url.toString()).isEqualTo("jar:" + this.rootJarFile.toURI() + "!/nested.jar!/");
    JarURLConnection conn = (JarURLConnection) url.openConnection();
    assertThat(conn.getJarFile()).isSameAs(nestedJarFile);
    assertThat(conn.getJarFileURL().toString()).isEqualTo("jar:" + this.rootJarFile.toURI() + "!/nested.jar");
    assertThat(conn.getInputStream()).isNotNull();
    JarInputStream jarInputStream = new JarInputStream(conn.getInputStream());
    assertThat(jarInputStream.getNextJarEntry().getName()).isEqualTo("3.dat");
    assertThat(jarInputStream.getNextJarEntry().getName()).isEqualTo("4.dat");
    assertThat(jarInputStream.getNextJarEntry().getName()).isEqualTo("ä.dat");
    jarInputStream.close();
    assertThat(conn.getPermission()).isInstanceOf(FilePermission.class);
    FilePermission permission = (FilePermission) conn.getPermission();
    assertThat(permission.getActions()).isEqualTo("read");
    assertThat(permission.getName()).isEqualTo(this.rootJarFile.getPath());
}
Also used : JarInputStream(java.util.jar.JarInputStream) JarInputStream(java.util.jar.JarInputStream) FileInputStream(java.io.FileInputStream) InputStream(java.io.InputStream) JarEntry(java.util.jar.JarEntry) FilePermission(java.io.FilePermission) URL(java.net.URL) Test(org.junit.Test)

Example 38 with FilePermission

use of java.io.FilePermission in project lwjgl by LWJGL.

the class AppletLoader method updateClassPath.

/**
	 * Edits the ClassPath at runtime to include the jars
	 * that have just been downloaded and then adds the
	 * lwjgl natives folder property.
	 *
	 * @param path location where applet is stored
	 * @throws Exception if it fails to add classpath
	 */
protected void updateClassPath(final String path) throws Exception {
    setState(STATE_UPDATING_CLASSPATH);
    percentage = 95;
    URL[] urls = new URL[urlList.length];
    for (int i = 0; i < urlList.length; i++) {
        String file = new File(path, getJarName(urlList[i])).toURI().toString();
        // fix JVM bug where ! is not escaped
        file = file.replace("!", "%21");
        urls[i] = new URL(file);
    }
    // get AppletLoader certificates
    final Certificate[] certs = getCurrentCertificates();
    // detect if we are running on a mac and save result as boolean
    String osName = System.getProperty("os.name");
    final boolean isMacOS = (osName.startsWith("Mac") || osName.startsWith("Darwin"));
    // add downloaded jars to the classpath with required permissions
    classLoader = new URLClassLoader(urls) {

        protected PermissionCollection getPermissions(CodeSource codesource) {
            PermissionCollection perms = null;
            try {
                // no permissions
                perms = new Permissions();
                // if certificates match the AppletLoader certificates then we should be all set
                if (certificatesMatch(certs, codesource.getCertificates())) {
                    perms.add(new AllPermission());
                    return perms;
                }
                String host = getCodeBase().getHost();
                if (host != null && (host.length() > 0)) {
                    // add permission for downloaded jars to access host they were from
                    perms.add(new SocketPermission(host, "connect,accept"));
                } else if ("file".equals(codesource.getLocation().getProtocol())) {
                    // if running locally add file permission
                    String path = codesource.getLocation().getFile().replace('/', File.separatorChar);
                    perms.add(new FilePermission(path, "read"));
                }
            } catch (Exception e) {
                e.printStackTrace();
            }
            return perms;
        }

        // allow non lwjgl native to be found from cache directory
        protected String findLibrary(String libname) {
            String libPath = path + "natives" + File.separator + LWJGLUtil.mapLibraryName(libname);
            if (new File(libPath).exists()) {
                return libPath;
            }
            return super.findLibrary(libname);
        }
    };
    debug_sleep(2000);
    // unload natives loaded by a previous instance of this lwjgl applet
    unloadNatives(path);
    // add natives files path to native class path
    System.setProperty("org.lwjgl.librarypath", path + "natives");
    // Make sure jinput knows about the new path too
    System.setProperty("net.java.games.input.librarypath", path + "natives");
    // set the library path, useful for non lwjgl natives
    System.setProperty("java.library.path", path + "natives");
    // mark natives as loaded
    natives_loaded = true;
}
Also used : PermissionCollection(java.security.PermissionCollection) SocketPermission(java.net.SocketPermission) CodeSource(java.security.CodeSource) FilePermission(java.io.FilePermission) URL(java.net.URL) AccessControlException(java.security.AccessControlException) IOException(java.io.IOException) URLClassLoader(java.net.URLClassLoader) Permissions(java.security.Permissions) AllPermission(java.security.AllPermission) JarFile(java.util.jar.JarFile) ZipFile(java.util.zip.ZipFile) File(java.io.File) Certificate(java.security.cert.Certificate)

Example 39 with FilePermission

use of java.io.FilePermission in project wildfly by wildfly.

the class EEDefaultPermissionsProcessor method deploy.

public void deploy(final DeploymentPhaseContext phaseContext) throws DeploymentUnitProcessingException {
    DeploymentUnit deploymentUnit = phaseContext.getDeploymentUnit();
    final ModuleSpecification attachment = deploymentUnit.getAttachment(Attachments.MODULE_SPECIFICATION);
    if (attachment == null) {
        return;
    }
    final List<PermissionFactory> permissions = attachment.getPermissionFactories();
    final Enumeration<Permission> e = DEFAULT_PERMISSIONS.elements();
    while (e.hasMoreElements()) {
        permissions.add(new ImmediatePermissionFactory(e.nextElement()));
    }
    //make sure they can read the contents of the deployment
    ResourceRoot root = deploymentUnit.getAttachment(Attachments.DEPLOYMENT_ROOT);
    try {
        File file = root.getRoot().getPhysicalFile();
        if (file != null && file.isDirectory()) {
            FilePermission permission = new FilePermission(file.getAbsolutePath() + File.separatorChar + "-", "read");
            permissions.add(new ImmediatePermissionFactory(permission));
        }
    } catch (IOException ex) {
        throw new DeploymentUnitProcessingException(ex);
    }
}
Also used : DeploymentUnitProcessingException(org.jboss.as.server.deployment.DeploymentUnitProcessingException) ResourceRoot(org.jboss.as.server.deployment.module.ResourceRoot) ImmediatePermissionFactory(org.jboss.modules.security.ImmediatePermissionFactory) PermissionFactory(org.jboss.modules.security.PermissionFactory) ModuleSpecification(org.jboss.as.server.deployment.module.ModuleSpecification) Permission(java.security.Permission) FilePermission(java.io.FilePermission) JndiPermission(org.wildfly.naming.java.permission.JndiPermission) ImmediatePermissionFactory(org.jboss.modules.security.ImmediatePermissionFactory) IOException(java.io.IOException) DeploymentUnit(org.jboss.as.server.deployment.DeploymentUnit) File(java.io.File) FilePermission(java.io.FilePermission)

Example 40 with FilePermission

use of java.io.FilePermission in project wildfly by wildfly.

the class RebindTestCase method deploy.

@Deployment
public static Archive<?> deploy() {
    String tmpdir = System.getProperty("jboss.home");
    JavaArchive jar = ShrinkWrap.create(JavaArchive.class, "RebindTestCase.jar");
    jar.addClasses(RebindTestCase.class, BindingLookupBean.class);
    jar.addAsManifestResource(new StringAsset("Dependencies: org.jboss.as.controller, " + "org.jboss.remoting3\n"), "MANIFEST.MF");
    jar.addAsManifestResource(createPermissionsXmlAsset(new RemotingPermission("addConnectionProvider"), new RemotingPermission("connect"), new RemotingPermission("createEndpoint"), new RuntimePermission("createXnioWorker"), new FilePermission(tmpdir + "/standalone/tmp/auth/-", "read"), new SocketPermission(TestSuiteEnvironment.getServerAddress(), "connect,resolve")), "permissions.xml");
    return jar;
}
Also used : StringAsset(org.jboss.shrinkwrap.api.asset.StringAsset) SocketPermission(java.net.SocketPermission) RemotingPermission(org.jboss.remoting3.security.RemotingPermission) FilePermission(java.io.FilePermission) JavaArchive(org.jboss.shrinkwrap.api.spec.JavaArchive) Deployment(org.jboss.arquillian.container.test.api.Deployment)

Aggregations

FilePermission (java.io.FilePermission)57 IOException (java.io.IOException)16 File (java.io.File)14 URL (java.net.URL)13 PermissionCollection (java.security.PermissionCollection)11 SocketPermission (java.net.SocketPermission)9 Permission (java.security.Permission)9 Permissions (java.security.Permissions)9 Test (org.junit.Test)9 CodeSource (java.security.CodeSource)7 PropertyPermission (java.util.PropertyPermission)7 Path (java.nio.file.Path)6 Deployment (org.jboss.arquillian.container.test.api.Deployment)6 Policy (java.security.Policy)5 URLClassLoader (java.net.URLClassLoader)4 ProtectionDomain (java.security.ProtectionDomain)4 Properties (java.util.Properties)4 WebArchive (org.jboss.shrinkwrap.api.spec.WebArchive)4 FileInputStream (java.io.FileInputStream)3 ReflectPermission (java.lang.reflect.ReflectPermission)3