Examples with ReflectPermission java.lang.reflect.ReflectPermission used on opensource projects

Search in sources :

Example 6 with ReflectPermission

use of java.lang.reflect.ReflectPermission in project ignite by apache.

the class SecuritySubjectPermissionsTest method beforeTestsStarted.

/**
 * {@inheritDoc}
 */
@Override
protected void beforeTestsStarted() throws Exception {
    if (System.getSecurityManager() == null) {
        Policy.setPolicy(new Policy() {

            @Override
            public PermissionCollection getPermissions(CodeSource cs) {
                Permissions res = new Permissions();
                res.add(new RuntimePermission("*"));
                res.add(new MBeanServerPermission("*"));
                res.add(new MBeanPermission("*", "*"));
                res.add(new MBeanTrustPermission("*"));
                res.add(new ReflectPermission("*"));
                res.add(new SSLPermission("*"));
                res.add(new ManagementPermission("monitor"));
                res.add(new ManagementPermission("control"));
                res.add(new SerializablePermission("*"));
                res.add(new SecurityPermission("*"));
                res.add(new SocketPermission("*", "connect,accept,listen,resolve"));
                res.add(new FilePermission("<<ALL FILES>>", "read,write,delete,execute,readlink"));
                res.add(new PropertyPermission("*", "read,write"));
                res.add(new TestPermission("common"));
                return res;
            }
        });
        System.setSecurityManager(new SecurityManager());
        setupSM = true;
    }
}
Also used : Policy(java.security.Policy) PermissionCollection(java.security.PermissionCollection) PropertyPermission(java.util.PropertyPermission) MBeanPermission(javax.management.MBeanPermission) SocketPermission(java.net.SocketPermission) ManagementPermission(java.lang.management.ManagementPermission) SSLPermission(javax.net.ssl.SSLPermission) CodeSource(java.security.CodeSource) FilePermission(java.io.FilePermission) MBeanServerPermission(javax.management.MBeanServerPermission) MBeanTrustPermission(javax.management.MBeanTrustPermission) Permissions(java.security.Permissions) ReflectPermission(java.lang.reflect.ReflectPermission) SerializablePermission(java.io.SerializablePermission) SecurityPermission(java.security.SecurityPermission)

Example 7 with ReflectPermission

use of java.lang.reflect.ReflectPermission in project elasticsearch by elastic.

the class TikaImpl method getRestrictedPermissions.

// compute some minimal permissions for parsers. they only get r/w access to the java temp directory,
// the ability to load some resources from JARs, and read sysprops
static PermissionCollection getRestrictedPermissions() {
    Permissions perms = new Permissions();
    // property/env access needed for parsing
    perms.add(new PropertyPermission("*", "read"));
    perms.add(new RuntimePermission("getenv.TIKA_CONFIG"));
    // add permissions for resource access:
    // classpath
    addReadPermissions(perms, JarHell.parseClassPath());
    // plugin jars
    if (TikaImpl.class.getClassLoader() instanceof URLClassLoader) {
        addReadPermissions(perms, ((URLClassLoader) TikaImpl.class.getClassLoader()).getURLs());
    }
    // jvm's java.io.tmpdir (needs read/write)
    perms.add(new FilePermission(System.getProperty("java.io.tmpdir") + System.getProperty("file.separator") + "-", "read,readlink,write,delete"));
    // current hacks needed for POI/PDFbox issues:
    perms.add(new SecurityPermission("putProviderProperty.BC"));
    perms.add(new SecurityPermission("insertProvider"));
    perms.add(new ReflectPermission("suppressAccessChecks"));
    // xmlbeans, use by POI, needs to get the context classloader
    perms.add(new RuntimePermission("getClassLoader"));
    perms.setReadOnly();
    return perms;
}
Also used : PropertyPermission(java.util.PropertyPermission) URLClassLoader(java.net.URLClassLoader) Permissions(java.security.Permissions) ReflectPermission(java.lang.reflect.ReflectPermission) FilePermission(java.io.FilePermission) SecurityPermission(java.security.SecurityPermission)

Example 8 with ReflectPermission

use of java.lang.reflect.ReflectPermission in project jdk8u_jdk by JetBrains.

the class DcmdMBeanPermissionsTest method main.

public static void main(final String[] args) {
    final MBeanServer mbs = ManagementFactory.getPlatformMBeanServer();
    ObjectName on = null;
    try {
        on = new ObjectName(HOTSPOT_DIAGNOSTIC_MXBEAN_NAME);
    } catch (MalformedObjectNameException ex) {
        ex.printStackTrace();
        throw new RuntimeException("TEST FAILED");
    }
    MBeanInfo info = null;
    try {
        info = mbs.getMBeanInfo(on);
    } catch (InstanceNotFoundException | IntrospectionException | ReflectionException ex) {
        ex.printStackTrace();
        throw new RuntimeException("TEST FAILED");
    }
    CustomSecurityManager sm = new CustomSecurityManager();
    System.setSecurityManager(sm);
    // Set of permission required to run the test cleanly
    // Some permissions are required by the MBeanServer and other
    // platform services (RuntimePermission("createClassLoader"),
    // ReflectPermission("suppressAccessChecks"),
    // java.util.logging.LoggingPermission("control"),
    // RuntimePermission("exitVM.97")).
    // Other permissions are required by commands being invoked
    // in the test (for instance, RuntimePermission("modifyThreadGroup")
    // and RuntimePermission("modifyThread") are checked when
    // runFinalization() is invoked by the gcRunFinalization command.
    sm.grantPermission(new RuntimePermission("createClassLoader"));
    sm.grantPermission(new ReflectPermission("suppressAccessChecks"));
    sm.grantPermission(new java.util.logging.LoggingPermission("control", ""));
    sm.grantPermission(new java.lang.RuntimePermission("exitVM.97"));
    sm.grantPermission(new java.lang.RuntimePermission("modifyThreadGroup"));
    sm.grantPermission(new java.lang.RuntimePermission("modifyThread"));
    for (MBeanOperationInfo opInfo : info.getOperations()) {
        Permission opPermission = new MBeanPermission(info.getClassName(), opInfo.getName(), on, "invoke");
        sm.grantPermission(opPermission);
        testOperation(mbs, sm, on, opInfo);
        sm.denyPermission(opPermission);
    }
    System.out.println("TEST PASSED");
}
Also used : ReflectionException(javax.management.ReflectionException) MalformedObjectNameException(javax.management.MalformedObjectNameException) MBeanInfo(javax.management.MBeanInfo) MBeanOperationInfo(javax.management.MBeanOperationInfo) MBeanPermission(javax.management.MBeanPermission) InstanceNotFoundException(javax.management.InstanceNotFoundException) IntrospectionException(javax.management.IntrospectionException) ObjectName(javax.management.ObjectName) ReflectPermission(java.lang.reflect.ReflectPermission) MBeanPermission(javax.management.MBeanPermission) Permission(java.security.Permission) ReflectPermission(java.lang.reflect.ReflectPermission) MBeanServer(javax.management.MBeanServer)

Example 9 with ReflectPermission

use of java.lang.reflect.ReflectPermission in project groovy by apache.

the class SecurityTest method setUp.

public void setUp() {
    // Forbidding suppressAccessChecks in the test will make the internal implementation of some JDK fail,
    // so load vm plugin before security manager is installed:
    /*
         *     Caused by: java.security.AccessControlException: suppressAccessChecks
         *         at org.codehaus.groovy.reflection.SecurityTest$1.checkPermission(SecurityTest.java:92)
         *         at java.base/java.lang.reflect.AccessibleObject.checkPermission(AccessibleObject.java:83)
         *         at java.base/java.lang.reflect.Constructor.setAccessible(Constructor.java:180)
         *         at java.base/java.lang.invoke.InnerClassLambdaMetafactory$1.run(InnerClassLambdaMetafactory.java:207)
         *         at java.base/java.lang.invoke.InnerClassLambdaMetafactory$1.run(InnerClassLambdaMetafactory.java:200)
         *         at java.base/java.security.AccessController.doPrivileged(Native Method)
         *         at java.base/java.lang.invoke.InnerClassLambdaMetafactory.buildCallSite(InnerClassLambdaMetafactory.java:199)
         *         at java.base/java.lang.invoke.LambdaMetafactory.metafactory(LambdaMetafactory.java:329)
         *         at java.base/java.lang.invoke.BootstrapMethodInvoker.invoke(BootstrapMethodInvoker.java:127)
         */
    VMPluginFactory.getPlugin();
    forbidden = new Permissions();
    forbidden.add(new ReflectPermission("suppressAccessChecks"));
    restrictiveSecurityManager = new SecurityManager() {

        @Override
        public void checkPermission(Permission perm) {
            if (forbidden.implies(perm))
                throw new AccessControlException(perm.getName());
        }
    };
}
Also used : Permissions(java.security.Permissions) ReflectPermission(java.lang.reflect.ReflectPermission) Permission(java.security.Permission) AccessControlException(java.security.AccessControlException) ReflectPermission(java.lang.reflect.ReflectPermission)

Example 10 with ReflectPermission

use of java.lang.reflect.ReflectPermission in project wildfly by wildfly.

the class JAXBContextTestBase method createInternalDeployment.

public static WebArchive createInternalDeployment() {
    final WebArchive war = ShrinkWrap.create(WebArchive.class, WEB_APP_INTERNAL_CONTEXT + ".war");
    war.addClasses(JAXBContextServlet.class, JAXBUsageServlet.class, Items.class, ObjectFactory.class, PurchaseOrderType.class, USAddress.class);
    war.add(PermissionUtils.createPermissionsXmlAsset(new RuntimePermission("accessDeclaredMembers"), new ReflectPermission("suppressAccessChecks"), new FilePermission("<<ALL FILES>>", "read")), PERMISSIONS_FILE);
    return war;
}
Also used : WebArchive(org.jboss.shrinkwrap.api.spec.WebArchive) ReflectPermission(java.lang.reflect.ReflectPermission) FilePermission(java.io.FilePermission)

Aggregations

ReflectPermission (java.lang.reflect.ReflectPermission)17 FilePermission (java.io.FilePermission)12 Deployment (org.jboss.arquillian.container.test.api.Deployment)10 JavaArchive (org.jboss.shrinkwrap.api.spec.JavaArchive)10 StringAsset (org.jboss.shrinkwrap.api.asset.StringAsset)9 RemotingPermission (org.jboss.remoting3.security.RemotingPermission)7 PropertyPermission (java.util.PropertyPermission)6 WebArchive (org.jboss.shrinkwrap.api.spec.WebArchive)4 Permissions (java.security.Permissions)3 SecurityPermission (java.security.SecurityPermission)3 MBeanPermission (javax.management.MBeanPermission)3 ResourceAdapterArchive (org.jboss.shrinkwrap.api.spec.ResourceAdapterArchive)3 SocketPermission (java.net.SocketPermission)2 Permission (java.security.Permission)2 LazyConnectionFactory (org.jboss.as.test.integration.jca.lazyconnectionmanager.rar.LazyConnectionFactory)2 LazyConnectionImpl (org.jboss.as.test.integration.jca.lazyconnectionmanager.rar.LazyConnectionImpl)2 LazyLocalTransaction (org.jboss.as.test.integration.jca.lazyconnectionmanager.rar.LazyLocalTransaction)2 LazyManagedConnection (org.jboss.as.test.integration.jca.lazyconnectionmanager.rar.LazyManagedConnection)2 LazyResourceAdapter (org.jboss.as.test.integration.jca.lazyconnectionmanager.rar.LazyResourceAdapter)2 EnterpriseArchive (org.jboss.shrinkwrap.api.spec.EnterpriseArchive)2
About Me
UseOf

Java Tutorials :

Simple Java RabbitMQ Example with Spring
Simple Springboot JPA Eclipeslink Example
Simple SpringBoot JPA Hibernate Example
Jackson JSON @JsonIgnore and @JsonIgnoreProperties Examples
Java Infinite recursion (StackOverflowError) Jackson solutions
Simple Java Jackson Serialize Objects to JSON and convert them back To Object
ElasticSearch 5 - Upload files using Java API in binary field Example
Java JAXB marshall unmarshall Examples from String and Stream
Java 8 forEach List and Map examples
ElasticSearch 5 Java API SearchRequestBuilder examples
Java ElasticSearch 5 examples with node index and mapping - running local
Convert String to int or Integer Java 8
Java 9 in action - JShell - Ubuntu
Java - removing invalid characters from a file name
Hello world!? or Hello Tutorial