use of java.net.SocketPermission in project jdk8u_jdk by JetBrains.
the class EmptyInputStream method URLtoSocketPermission.
/**
* if the caller has a URLPermission for connecting to the
* given URL, then return a SocketPermission which permits
* access to that destination. Return null otherwise. The permission
* is cached in a field (which can only be changed by redirects)
*/
SocketPermission URLtoSocketPermission(URL url) throws IOException {
if (socketPermission != null) {
return socketPermission;
}
SecurityManager sm = System.getSecurityManager();
if (sm == null) {
return null;
}
// the permission, which we might grant
SocketPermission newPerm = new SocketPermission(getHostAndPort(url), "connect");
String actions = getRequestMethod() + ":" + getUserSetHeaders().getHeaderNamesInList();
String urlstring = url.getProtocol() + "://" + url.getAuthority() + url.getPath();
URLPermission p = new URLPermission(urlstring, actions);
try {
sm.checkPermission(p);
socketPermission = newPerm;
return socketPermission;
} catch (SecurityException e) {
// fall thru
}
return null;
}
use of java.net.SocketPermission in project jdk8u_jdk by JetBrains.
the class SocketPermissionTest method connectSocketTest.
@Test
public void connectSocketTest() throws Exception {
try (ServerSocket ss = new ServerSocket(0)) {
int port = ss.getLocalPort();
String addr = "localhost:" + port;
AccessControlContext acc = getAccessControlContext(new SocketPermission(addr, "listen,connect,resolve"));
// Positive
AccessController.doPrivileged((PrivilegedExceptionAction<Void>) () -> {
try (Socket client = new Socket(InetAddress.getLocalHost(), port)) {
}
return null;
}, acc);
//Negative
try {
AccessController.doPrivileged((PrivilegedExceptionAction<Void>) () -> {
Socket client = new Socket(InetAddress.getLocalHost(), port);
fail("Expected SecurityException");
return null;
}, RESTRICTED_ACC);
} catch (SecurityException expected) {
}
}
}
use of java.net.SocketPermission in project jdk8u_jdk by JetBrains.
the class SocketPermissionTest method listenServerSocketTest.
@Test
public void listenServerSocketTest() throws Exception {
// the hardcoded port number doesn't really matter since we expect the
// security permission to be checked before the underlying operation.
int port = 8899;
String addr = "localhost:" + port;
AccessControlContext acc = getAccessControlContext(new SocketPermission(addr, "listen"));
// Positive
AccessController.doPrivileged((PrivilegedExceptionAction<Void>) () -> {
try (ServerSocket ss = new ServerSocket(port)) {
} catch (IOException intermittentlyExpected) {
}
return null;
}, acc);
// Negative
try {
AccessController.doPrivileged((PrivilegedExceptionAction<Void>) () -> {
try (ServerSocket ss = new ServerSocket(port)) {
} catch (IOException intermittentlyExpected) {
}
fail("Expected SecurityException");
return null;
}, RESTRICTED_ACC);
} catch (SecurityException expected) {
}
}
use of java.net.SocketPermission in project jdk8u_jdk by JetBrains.
the class SocketPermissionTest method listenMulticastSocketTest.
@Test
public void listenMulticastSocketTest() throws Exception {
// the hardcoded port number doesn't really matter since we expect the
// security permission to be checked before the underlying operation.
int port = 8899;
String addr = "localhost:" + port;
AccessControlContext acc = getAccessControlContext(new SocketPermission(addr, "listen"));
// Positive
AccessController.doPrivileged((PrivilegedExceptionAction<Void>) () -> {
try (MulticastSocket ms = new MulticastSocket(port)) {
} catch (IOException intermittentlyExpected) {
}
return null;
}, acc);
// Negative
try {
AccessController.doPrivileged((PrivilegedExceptionAction<Void>) () -> {
try (MulticastSocket ms = new MulticastSocket(port)) {
} catch (IOException intermittentlyExpected) {
}
fail("Expected SecurityException");
return null;
}, RESTRICTED_ACC);
} catch (SecurityException expected) {
}
}
use of java.net.SocketPermission in project jdk8u_jdk by JetBrains.
the class SocketPermissionTest method listenDatagramSocketTest.
@Test
public void listenDatagramSocketTest() throws Exception {
// the hardcoded port number doesn't really matter since we expect the
// security permission to be checked before the underlying operation.
int port = 8899;
String addr = "localhost:" + port;
AccessControlContext acc = getAccessControlContext(new SocketPermission(addr, "listen"));
// Positive
AccessController.doPrivileged((PrivilegedExceptionAction<Void>) () -> {
try (DatagramSocket ds = new DatagramSocket(port)) {
} catch (IOException intermittentlyExpected) {
}
return null;
}, acc);
// Negative
try {
AccessController.doPrivileged((PrivilegedExceptionAction<Void>) () -> {
try (DatagramSocket ds = new DatagramSocket(port)) {
} catch (IOException intermittentlyExpected) {
}
fail("Expected SecurityException");
return null;
}, RESTRICTED_ACC);
} catch (SecurityException expected) {
}
}
Aggregations