Search in sources :

Example 56 with AccessControlContext

use of java.security.AccessControlContext in project robovm by robovm.

the class myPrivilegedExceptionAction method test_doAsPrivileged_02.

/**
     * javax.security.auth.Subject#doAsPrivileged(Subject subject,
     *                                                   PrivilegedExceptionAction action,
     *                                                   AccessControlContext acc)
     */
public void test_doAsPrivileged_02() {
    Subject subj = new Subject();
    PrivilegedExceptionAction<Object> pea = new myPrivilegedExceptionAction();
    PrivilegedExceptionAction<Object> peaNull = null;
    AccessControlContext acc = AccessController.getContext();
    try {
        Object obj = Subject.doAsPrivileged(null, pea, acc);
    } catch (Exception e) {
        fail("Unexpected exception: " + e);
    }
    try {
        Object obj = Subject.doAsPrivileged(subj, pea, acc);
    } catch (Exception e) {
        fail("Unexpected exception: " + e);
    }
    try {
        Object obj = Subject.doAsPrivileged(subj, peaNull, acc);
        fail("NullPointerException wasn't thrown");
    } catch (NullPointerException npe) {
    } catch (Exception e) {
        fail(e + " was thrown instead of NullPointerException");
    }
    try {
        Subject.doAsPrivileged(subj, new PrivilegedExceptionAction<Object>() {

            public Object run() throws PrivilegedActionException {
                throw new PrivilegedActionException(null);
            }
        }, acc);
        fail("PrivilegedActionException wasn't thrown");
    } catch (PrivilegedActionException e) {
    }
}
Also used : AccessControlContext(java.security.AccessControlContext) PrivilegedActionException(java.security.PrivilegedActionException) Subject(javax.security.auth.Subject) PrivilegedActionException(java.security.PrivilegedActionException)

Example 57 with AccessControlContext

use of java.security.AccessControlContext in project robovm by robovm.

the class myPrivilegedExceptionAction method test_getSubject.

/**
     * javax.security.auth.Subject#getSubject(AccessControlContext acc)
     */
public void test_getSubject() {
    Subject subj = new Subject();
    AccessControlContext acc = new AccessControlContext(new ProtectionDomain[0]);
    try {
        assertNull(Subject.getSubject(acc));
    } catch (Exception e) {
        fail("Unexpected exception " + e);
    }
}
Also used : AccessControlContext(java.security.AccessControlContext) Subject(javax.security.auth.Subject) PrivilegedActionException(java.security.PrivilegedActionException)

Example 58 with AccessControlContext

use of java.security.AccessControlContext in project AsmackService by rtreffer.

the class Subject method doAs_PrivilegedAction.

// instantiates a new context and passes it to AccessController
@SuppressWarnings("unchecked")
private static Object doAs_PrivilegedAction(Subject subject, PrivilegedAction action, final AccessControlContext context) {
    AccessControlContext newContext;
    final SubjectDomainCombiner combiner;
    if (subject == null) {
        // performance optimization
        // if subject is null there is nothing to combine
        combiner = null;
    } else {
        combiner = new SubjectDomainCombiner(subject);
    }
    PrivilegedAction dccAction = new PrivilegedAction() {

        public Object run() {
            return new AccessControlContext(context, combiner);
        }
    };
    newContext = (AccessControlContext) AccessController.doPrivileged(dccAction);
    return AccessController.doPrivileged(action, newContext);
}
Also used : AccessControlContext(java.security.AccessControlContext) PrivilegedAction(java.security.PrivilegedAction)

Example 59 with AccessControlContext

use of java.security.AccessControlContext in project spring-framework by spring-projects.

the class CallbacksSecurityTests method setUp.

@Before
public void setUp() throws Exception {
    final ProtectionDomain empty = new ProtectionDomain(null, new Permissions());
    provider = new SecurityContextProvider() {

        private final AccessControlContext acc = new AccessControlContext(new ProtectionDomain[] { empty });

        @Override
        public AccessControlContext getAccessControlContext() {
            return acc;
        }
    };
    DefaultResourceLoader drl = new DefaultResourceLoader();
    Resource config = drl.getResource("/org/springframework/beans/factory/support/security/callbacks.xml");
    beanFactory = new DefaultListableBeanFactory();
    new XmlBeanDefinitionReader(beanFactory).loadBeanDefinitions(config);
    beanFactory.setSecurityContextProvider(provider);
}
Also used : SecurityContextProvider(org.springframework.beans.factory.support.SecurityContextProvider) ProtectionDomain(java.security.ProtectionDomain) AccessControlContext(java.security.AccessControlContext) XmlBeanDefinitionReader(org.springframework.beans.factory.xml.XmlBeanDefinitionReader) Permissions(java.security.Permissions) Resource(org.springframework.core.io.Resource) DefaultListableBeanFactory(org.springframework.beans.factory.support.DefaultListableBeanFactory) DefaultResourceLoader(org.springframework.core.io.DefaultResourceLoader) Before(org.junit.Before)

Example 60 with AccessControlContext

use of java.security.AccessControlContext in project spring-framework by spring-projects.

the class CallbacksSecurityTests method testTrustedExecution.

@Test
public void testTrustedExecution() throws Exception {
    beanFactory.setSecurityContextProvider(null);
    Permissions perms = new Permissions();
    perms.add(new AuthPermission("getSubject"));
    ProtectionDomain pd = new ProtectionDomain(null, perms);
    new AccessControlContext(new ProtectionDomain[] { pd });
    final Subject subject = new Subject();
    subject.getPrincipals().add(new TestPrincipal("user1"));
    // request the beans from non-privileged code
    Subject.doAsPrivileged(subject, new PrivilegedAction<Object>() {

        @Override
        public Object run() {
            // sanity check
            assertEquals("user1", getCurrentSubjectName());
            assertEquals(false, NonPrivilegedBean.destroyed);
            beanFactory.getBean("trusted-spring-callbacks");
            beanFactory.getBean("trusted-custom-init-destroy");
            // the factory is a prototype - ask for multiple instances
            beanFactory.getBean("trusted-spring-factory");
            beanFactory.getBean("trusted-spring-factory");
            beanFactory.getBean("trusted-spring-factory");
            beanFactory.getBean("trusted-factory-bean");
            beanFactory.getBean("trusted-static-factory-method");
            beanFactory.getBean("trusted-factory-method");
            beanFactory.getBean("trusted-property-injection");
            beanFactory.getBean("trusted-working-property-injection");
            beanFactory.destroySingletons();
            assertEquals(true, NonPrivilegedBean.destroyed);
            return null;
        }
    }, provider.getAccessControlContext());
}
Also used : ProtectionDomain(java.security.ProtectionDomain) AccessControlContext(java.security.AccessControlContext) AuthPermission(javax.security.auth.AuthPermission) Permissions(java.security.Permissions) Subject(javax.security.auth.Subject) Test(org.junit.Test)

Aggregations

AccessControlContext (java.security.AccessControlContext)96 Subject (javax.security.auth.Subject)23 ProtectionDomain (java.security.ProtectionDomain)20 PrivilegedAction (java.security.PrivilegedAction)18 Permissions (java.security.Permissions)13 PrivilegedActionException (java.security.PrivilegedActionException)12 IOException (java.io.IOException)10 SocketPermission (java.net.SocketPermission)10 Test (org.testng.annotations.Test)8 Principal (java.security.Principal)7 DatagramSocket (java.net.DatagramSocket)5 InetAddress (java.net.InetAddress)4 MulticastSocket (java.net.MulticastSocket)4 CodeSource (java.security.CodeSource)4 PrivilegedExceptionAction (java.security.PrivilegedExceptionAction)4 ExecutorService (java.util.concurrent.ExecutorService)4 RejectedExecutionException (java.util.concurrent.RejectedExecutionException)4 ReflectionException (javax.management.ReflectionException)4 Test (org.junit.Test)4 InvocationTargetException (java.lang.reflect.InvocationTargetException)3