Example 11 with AccessControlContext
use of java.security.AccessControlContext in project XobotOS by xamarin.
the class Subject method doAs_PrivilegedExceptionAction.
// instantiates a new context and passes it to AccessController
@SuppressWarnings("unchecked")
private static <T> T doAs_PrivilegedExceptionAction(Subject subject, PrivilegedExceptionAction<T> action, final AccessControlContext context) throws PrivilegedActionException {
AccessControlContext newContext;
final SubjectDomainCombiner combiner;
if (subject == null) {
// performance optimization
// if subject is null there is nothing to combine
combiner = null;
} else {
combiner = new SubjectDomainCombiner(subject);
}
PrivilegedAction<AccessControlContext> dccAction = new PrivilegedAction<AccessControlContext>() {
public AccessControlContext run() {
return new AccessControlContext(context, combiner);
}
};
newContext = AccessController.doPrivileged(dccAction);
return AccessController.doPrivileged(action, newContext);
}
Also used :
AccessControlContext(java.security.AccessControlContext)
PrivilegedAction(java.security.PrivilegedAction)
Example 12 with AccessControlContext
use of java.security.AccessControlContext in project jdk8u_jdk by JetBrains.
the class SocketPermissionTest method acceptServerSocketTest.
@Test
public void acceptServerSocketTest() throws Exception {
try (ServerSocket ss = new ServerSocket(0)) {
int port = ss.getLocalPort();
String addr = "localhost:" + port;
AccessControlContext acc = getAccessControlContext(new SocketPermission(addr, "listen,connect,resolve"), new SocketPermission("localhost:1024-", "accept"));
// Positive
AccessController.doPrivileged((PrivilegedExceptionAction<Void>) () -> {
InetAddress me = InetAddress.getLocalHost();
try (Socket client = new Socket(me, port)) {
ss.accept();
}
return null;
}, acc);
// Negative
try {
AccessController.doPrivileged((PrivilegedExceptionAction<Void>) () -> {
InetAddress me = InetAddress.getLocalHost();
try (Socket client = new Socket(me, port)) {
ss.accept();
}
fail("Expected SecurityException");
return null;
}, RESTRICTED_ACC);
} catch (SecurityException expected) {
}
}
}
Also used :
AccessControlContext(java.security.AccessControlContext)
SocketPermission(java.net.SocketPermission)
ServerSocket(java.net.ServerSocket)
InetAddress(java.net.InetAddress)
Socket(java.net.Socket)
DatagramSocket(java.net.DatagramSocket)
ServerSocket(java.net.ServerSocket)
MulticastSocket(java.net.MulticastSocket)
Test(org.testng.annotations.Test)
Example 13 with AccessControlContext
use of java.security.AccessControlContext in project jdk8u_jdk by JetBrains.
the class SocketPermissionTest method joinGroupMulticastTest.
@Test
public void joinGroupMulticastTest() throws Exception {
InetAddress group = InetAddress.getByName("229.227.226.221");
try (MulticastSocket s = new MulticastSocket(0)) {
int port = s.getLocalPort();
String addr = "localhost:" + port;
AccessControlContext acc = getAccessControlContext(new SocketPermission(addr, "listen,resolve"), new SocketPermission("229.227.226.221", "connect,accept"));
// Positive
AccessController.doPrivileged((PrivilegedExceptionAction<Void>) () -> {
s.joinGroup(group);
s.leaveGroup(group);
return null;
}, acc);
// Negative
try {
AccessController.doPrivileged((PrivilegedExceptionAction<Void>) () -> {
s.joinGroup(group);
s.leaveGroup(group);
fail("Expected SecurityException");
return null;
}, RESTRICTED_ACC);
} catch (SecurityException expected) {
}
}
}
Also used :
MulticastSocket(java.net.MulticastSocket)
AccessControlContext(java.security.AccessControlContext)
SocketPermission(java.net.SocketPermission)
InetAddress(java.net.InetAddress)
Test(org.testng.annotations.Test)
Example 14 with AccessControlContext
use of java.security.AccessControlContext in project jdk8u_jdk by JetBrains.
the class SocketPermissionTest method sendDatagramPacketTest.
@Test
public void sendDatagramPacketTest() throws Exception {
byte[] msg = "Hello".getBytes(UTF_8);
InetAddress group = InetAddress.getByName("229.227.226.221");
try (DatagramSocket ds = new DatagramSocket(0)) {
int port = ds.getLocalPort();
String addr = "localhost:" + port;
//test for SocketPermission "229.227.226.221", "connect,accept"
AccessControlContext acc = getAccessControlContext(new SocketPermission(addr, "listen,resolve"), new SocketPermission("229.227.226.221", "connect,accept"));
// Positive
AccessController.doPrivileged((PrivilegedExceptionAction<Void>) () -> {
DatagramPacket hi = new DatagramPacket(msg, msg.length, group, port);
ds.send(hi);
return null;
}, acc);
// Negative
try {
AccessController.doPrivileged((PrivilegedExceptionAction<Void>) () -> {
DatagramPacket hi = new DatagramPacket(msg, msg.length, group, port);
ds.send(hi);
fail("Expected SecurityException");
return null;
}, RESTRICTED_ACC);
} catch (SecurityException expected) {
}
}
}
Also used :
AccessControlContext(java.security.AccessControlContext)
DatagramSocket(java.net.DatagramSocket)
SocketPermission(java.net.SocketPermission)
DatagramPacket(java.net.DatagramPacket)
InetAddress(java.net.InetAddress)
Test(org.testng.annotations.Test)
Example 15 with AccessControlContext
use of java.security.AccessControlContext in project jdk8u_jdk by JetBrains.
the class SimpleStandard method checkSubject.
/*
* ---------------
* PRIVATE METHODS
* ---------------
*/
/**
* Check that the principal contained in the Subject is of
* type JMXPrincipal and refers to the principalName identity.
*/
private void checkSubject(String op) {
AccessControlContext acc = AccessController.getContext();
Subject subject = Subject.getSubject(acc);
Set principals = subject.getPrincipals();
Principal principal = (Principal) principals.iterator().next();
if (!(principal instanceof JMXPrincipal))
throw new SecurityException(op + ": Authenticated subject contains " + "invalid principal type = " + principal.getClass().getName());
String identity = principal.getName();
if (!identity.equals(principalName))
throw new SecurityException(op + ": Authenticated subject contains " + "invalid principal name = " + identity);
}
Also used :
Set(java.util.Set)
AccessControlContext(java.security.AccessControlContext)
JMXPrincipal(javax.management.remote.JMXPrincipal)
Subject(javax.security.auth.Subject)
Principal(java.security.Principal)
JMXPrincipal(javax.management.remote.JMXPrincipal)
Aggregations
AccessControlContext (java.security.AccessControlContext)96
Subject (javax.security.auth.Subject)23
ProtectionDomain (java.security.ProtectionDomain)20
PrivilegedAction (java.security.PrivilegedAction)18
Permissions (java.security.Permissions)13
PrivilegedActionException (java.security.PrivilegedActionException)12
IOException (java.io.IOException)10
SocketPermission (java.net.SocketPermission)10
Test (org.testng.annotations.Test)8
Principal (java.security.Principal)7
DatagramSocket (java.net.DatagramSocket)5
InetAddress (java.net.InetAddress)4
MulticastSocket (java.net.MulticastSocket)4
CodeSource (java.security.CodeSource)4
PrivilegedExceptionAction (java.security.PrivilegedExceptionAction)4
ExecutorService (java.util.concurrent.ExecutorService)4
RejectedExecutionException (java.util.concurrent.RejectedExecutionException)4
ReflectionException (javax.management.ReflectionException)4
Test (org.junit.Test)4
InvocationTargetException (java.lang.reflect.InvocationTargetException)3
