Example 21 with SocketPermission
use of java.net.SocketPermission in project newsrob by marianokamp.
the class UntrustedScriptHandler method run.
/**
* Runs this handler. This method is called by the SVG viewer
* when the scripts are loaded.
* @param doc The current document.
* @param win An object which represents the current viewer.
*/
public void run(final Document doc, final Window win) {
int nGrantedTmp = 0;
//
// If the document is loaded over the network, check that the
// class has permission to access the server
//
URL docURL = ((SVGOMDocument) doc).getURLObject();
if (docURL != null && docURL.getHost() != null && !"".equals(docURL.getHost())) {
permissions = new Object[basePermissions.length + 3][2];
System.arraycopy(basePermissions, 0, permissions, 3, basePermissions.length);
String docHost = docURL.getHost();
if (docURL.getPort() != -1) {
docHost += ":" + docURL.getPort();
}
permissions[0][0] = "SocketPermission accept " + docHost;
permissions[0][1] = new SocketPermission(docHost, "accept");
permissions[1][0] = "SocketPermission connect " + docHost;
permissions[1][1] = new SocketPermission(docHost, "connect");
permissions[2][0] = "SocketPermission resolve " + docHost;
permissions[2][1] = new SocketPermission(docHost, "resolve");
nGrantedTmp = 3;
} else {
permissions = basePermissions;
}
// Captures the number of permissions which should be
// granted to this code.
final int nGranted = nGrantedTmp;
//
// Build a table in the scrollable area of the document
//
Element securityResults = doc.getElementById("securityResults");
statusRects = new Element[permissions.length];
for (int i = 0; i < permissions.length; i++) {
Element textElt = doc.createElementNS(svgNS, "text");
textElt.setAttributeNS(null, "x", "55");
textElt.setAttributeNS(null, "y", "" + (85 + i * 20));
textElt.appendChild(doc.createTextNode(permissions[i][0].toString()));
securityResults.appendChild(textElt);
Element rectElt = doc.createElementNS(svgNS, "rect");
rectElt.setAttributeNS(null, "x", "50");
rectElt.setAttributeNS(null, "y", "" + (70 + i * 20));
rectElt.setAttributeNS(null, "width", "330");
rectElt.setAttributeNS(null, "height", "20");
rectElt.setAttributeNS(null, "class", "tableCell");
securityResults.appendChild(rectElt);
rectElt = doc.createElementNS(svgNS, "rect");
rectElt.setAttributeNS(null, "x", "380");
rectElt.setAttributeNS(null, "y", "" + (70 + i * 20));
rectElt.setAttributeNS(null, "width", "20");
rectElt.setAttributeNS(null, "height", "20");
rectElt.setAttributeNS(null, "class", "tableCell");
securityResults.appendChild(rectElt);
rectElt = doc.createElementNS(svgNS, "rect");
rectElt.setAttributeNS(null, "x", "383");
rectElt.setAttributeNS(null, "y", "" + (73 + i * 20));
rectElt.setAttributeNS(null, "width", "14");
rectElt.setAttributeNS(null, "height", "14");
rectElt.setAttributeNS(null, "class", "untested");
securityResults.appendChild(rectElt);
statusRects[i] = rectElt;
}
EventTarget testButton = (EventTarget) doc.getElementById("runTest");
testButton.addEventListener("click", new EventListener() {
public void handleEvent(Event evt) {
SecurityManager sm = System.getSecurityManager();
int successCnt = 0;
if (sm == null) {
for (int i = 0; i < nGranted; i++) {
statusRects[i].setAttributeNS(null, "class", "passedTest");
successCnt++;
}
for (int i = nGranted; i < permissions.length; i++) {
statusRects[i].setAttributeNS(null, "class", "failedTest");
}
} else {
for (int i = 0; i < nGranted; i++) {
Permission p = (Permission) permissions[i][1];
boolean success = true;
try {
sm.checkPermission(p);
statusRects[i].setAttributeNS(null, "class", "passedTest");
successCnt++;
} catch (SecurityException se) {
statusRects[i].setAttributeNS(null, "class", "failedTest");
System.out.println("*********************************************");
se.printStackTrace();
}
}
for (int i = nGranted; i < permissions.length; i++) {
Permission p = (Permission) permissions[i][1];
boolean success = true;
try {
sm.checkPermission(p);
statusRects[i].setAttributeNS(null, "class", "failedTest");
} catch (SecurityException se) {
statusRects[i].setAttributeNS(null, "class", "passedTest");
successCnt++;
}
}
}
// Update the global status
Element globalStatus = doc.getElementById("globalStatus");
if (successCnt == (statusRects.length)) {
globalStatus.setAttributeNS(null, "class", "passedTest");
} else {
globalStatus.setAttributeNS(null, "class", "failedTest");
}
String successRatioString = "Test Result: " + successCnt + " / " + statusRects.length;
Element successRatio = doc.getElementById("successRatio");
successRatio.replaceChild(doc.createTextNode(successRatioString), successRatio.getFirstChild());
}
}, false);
}
Also used :
SVGOMDocument(org.apache.batik.dom.svg.SVGOMDocument)
SocketPermission(java.net.SocketPermission)
ReflectPermission(java.lang.reflect.ReflectPermission)
SecurityPermission(java.security.SecurityPermission)
AllPermission(java.security.AllPermission)
SQLPermission(java.sql.SQLPermission)
PropertyPermission(java.util.PropertyPermission)
SerializablePermission(java.io.SerializablePermission)
NetPermission(java.net.NetPermission)
Permission(java.security.Permission)
FilePermission(java.io.FilePermission)
AWTPermission(java.awt.AWTPermission)
SocketPermission(java.net.SocketPermission)
AudioPermission(javax.sound.sampled.AudioPermission)
URL(java.net.URL)
Example 22 with SocketPermission
use of java.net.SocketPermission in project okhttp by square.
the class OkHttpURLConnection method getPermission.
@Override
public Permission getPermission() throws IOException {
URL url = getURL();
String hostname = url.getHost();
int hostPort = url.getPort() != -1 ? url.getPort() : HttpUrl.defaultPort(url.getProtocol());
if (usingProxy()) {
InetSocketAddress proxyAddress = (InetSocketAddress) client.proxy().address();
hostname = proxyAddress.getHostName();
hostPort = proxyAddress.getPort();
}
return new SocketPermission(hostname + ":" + hostPort, "connect, resolve");
}
Also used :
InetSocketAddress(java.net.InetSocketAddress)
SocketPermission(java.net.SocketPermission)
URL(java.net.URL)
Example 23 with SocketPermission
use of java.net.SocketPermission in project cordova-android-chromeview by thedracle.
the class HttpURLConnectionImpl method getPermission.
@Override
public final Permission getPermission() throws IOException {
String hostName = getURL().getHost();
int hostPort = Util.getEffectivePort(getURL());
if (usingProxy()) {
InetSocketAddress proxyAddress = (InetSocketAddress) requestedProxy.address();
hostName = proxyAddress.getHostName();
hostPort = proxyAddress.getPort();
}
return new SocketPermission(hostName + ":" + hostPort, "connect, resolve");
}
Also used :
InetSocketAddress(java.net.InetSocketAddress)
SocketPermission(java.net.SocketPermission)
Example 24 with SocketPermission
use of java.net.SocketPermission in project lwjgl by LWJGL.
the class AppletLoader method updateClassPath.
/**
* Edits the ClassPath at runtime to include the jars
* that have just been downloaded and then adds the
* lwjgl natives folder property.
*
* @param path location where applet is stored
* @throws Exception if it fails to add classpath
*/
protected void updateClassPath(final String path) throws Exception {
setState(STATE_UPDATING_CLASSPATH);
percentage = 95;
URL[] urls = new URL[urlList.length];
for (int i = 0; i < urlList.length; i++) {
String file = new File(path, getJarName(urlList[i])).toURI().toString();
// fix JVM bug where ! is not escaped
file = file.replace("!", "%21");
urls[i] = new URL(file);
}
// get AppletLoader certificates
final Certificate[] certs = getCurrentCertificates();
// detect if we are running on a mac and save result as boolean
String osName = System.getProperty("os.name");
final boolean isMacOS = (osName.startsWith("Mac") || osName.startsWith("Darwin"));
// add downloaded jars to the classpath with required permissions
classLoader = new URLClassLoader(urls) {
protected PermissionCollection getPermissions(CodeSource codesource) {
PermissionCollection perms = null;
try {
// no permissions
perms = new Permissions();
// if certificates match the AppletLoader certificates then we should be all set
if (certificatesMatch(certs, codesource.getCertificates())) {
perms.add(new AllPermission());
return perms;
}
String host = getCodeBase().getHost();
if (host != null && (host.length() > 0)) {
// add permission for downloaded jars to access host they were from
perms.add(new SocketPermission(host, "connect,accept"));
} else if ("file".equals(codesource.getLocation().getProtocol())) {
// if running locally add file permission
String path = codesource.getLocation().getFile().replace('/', File.separatorChar);
perms.add(new FilePermission(path, "read"));
}
} catch (Exception e) {
e.printStackTrace();
}
return perms;
}
// allow non lwjgl native to be found from cache directory
protected String findLibrary(String libname) {
String libPath = path + "natives" + File.separator + LWJGLUtil.mapLibraryName(libname);
if (new File(libPath).exists()) {
return libPath;
}
return super.findLibrary(libname);
}
};
debug_sleep(2000);
// unload natives loaded by a previous instance of this lwjgl applet
unloadNatives(path);
// add natives files path to native class path
System.setProperty("org.lwjgl.librarypath", path + "natives");
// Make sure jinput knows about the new path too
System.setProperty("net.java.games.input.librarypath", path + "natives");
// set the library path, useful for non lwjgl natives
System.setProperty("java.library.path", path + "natives");
// mark natives as loaded
natives_loaded = true;
}
Also used :
PermissionCollection(java.security.PermissionCollection)
SocketPermission(java.net.SocketPermission)
CodeSource(java.security.CodeSource)
FilePermission(java.io.FilePermission)
URL(java.net.URL)
AccessControlException(java.security.AccessControlException)
IOException(java.io.IOException)
URLClassLoader(java.net.URLClassLoader)
Permissions(java.security.Permissions)
AllPermission(java.security.AllPermission)
JarFile(java.util.jar.JarFile)
ZipFile(java.util.zip.ZipFile)
File(java.io.File)
Certificate(java.security.cert.Certificate)
Example 25 with SocketPermission
use of java.net.SocketPermission in project wildfly by wildfly.
the class RolloutPlanTestCase method before.
@BeforeClass
public static void before() throws Exception {
CLITestSuite.createSupport(RolloutPlanTestCase.class.getSimpleName());
final WebArchive war = ShrinkWrap.create(WebArchive.class, "RolloutPlanTestCase.war");
war.addClass(RolloutPlanTestServlet.class);
war.addAsManifestResource(createPermissionsXmlAsset(// main-one
new SocketPermission(TestSuiteEnvironment.formatPossibleIpv6Address(CLITestSuite.hostAddresses.get("master")) + ":" + TEST_PORT, "listen,resolve"), // main-three
new SocketPermission(TestSuiteEnvironment.formatPossibleIpv6Address(CLITestSuite.hostAddresses.get("master")) + ":" + (TEST_PORT + 350), "listen,resolve")), "permissions.xml");
String tempDir = System.getProperty("java.io.tmpdir");
warFile = new File(tempDir + File.separator + "RolloutPlanTestCase.war");
new ZipExporterImpl(war).exportTo(warFile, true);
AbstractCliTestBase.initCLI(DomainTestSupport.masterAddress);
// add another server group to default profile
cli.sendLine("/server-group=test-server-group:add(profile=default,socket-binding-group=standard-sockets)");
// add a server to the group
cli.sendLine("/host=master/server-config=test-one:add(group=test-server-group,socket-binding-port-offset=700");
cli.sendLine("/host=master/server-config=test-one/interface=public:add(inet-address=" + CLITestSuite.hostAddresses.get("master") + ")");
CLITestSuite.addServer("test-one", "master", "test-server-group", "default", 700, true);
// start main-two
cli.sendLine("/host=master/server-config=main-two:start(blocking=true)");
CLIOpResult res = cli.readAllAsOpResult();
Assert.assertTrue(res.isIsOutcomeSuccess());
waitUntilState("main-two", "STARTED");
// start test-one
cli.sendLine("/host=master/server-config=test-one:start(blocking=true)");
res = cli.readAllAsOpResult();
Assert.assertTrue(res.isIsOutcomeSuccess());
waitUntilState("test-one", "STARTED");
}
Also used :
WebArchive(org.jboss.shrinkwrap.api.spec.WebArchive)
SocketPermission(java.net.SocketPermission)
CLIOpResult(org.jboss.as.test.integration.management.util.CLIOpResult)
File(java.io.File)
ZipExporterImpl(org.jboss.shrinkwrap.impl.base.exporter.zip.ZipExporterImpl)
BeforeClass(org.junit.BeforeClass)
Aggregations
SocketPermission (java.net.SocketPermission)45
Deployment (org.jboss.arquillian.container.test.api.Deployment)13
WebArchive (org.jboss.shrinkwrap.api.spec.WebArchive)10
AccessControlContext (java.security.AccessControlContext)9
PropertyPermission (java.util.PropertyPermission)9
FilePermission (java.io.FilePermission)8
Test (org.testng.annotations.Test)8
StringAsset (org.jboss.shrinkwrap.api.asset.StringAsset)7
URL (java.net.URL)6
IOException (java.io.IOException)5
DatagramSocket (java.net.DatagramSocket)5
InetAddress (java.net.InetAddress)4
InetSocketAddress (java.net.InetSocketAddress)4
MulticastSocket (java.net.MulticastSocket)4
ServerSocket (java.net.ServerSocket)3
Permissions (java.security.Permissions)3
PrivilegedActionException (java.security.PrivilegedActionException)3
Properties (java.util.Properties)3
JavaArchive (org.jboss.shrinkwrap.api.spec.JavaArchive)3
File (java.io.File)2
