Example 16 with AccessControlContext
use of java.security.AccessControlContext in project jdk8u_jdk by JetBrains.
the class PreserveCombinerTest method main.
public static void main(String[] args) throws Exception {
final DomainCombiner dc = new DomainCombiner() {
@Override
public ProtectionDomain[] combine(ProtectionDomain[] currentDomains, ProtectionDomain[] assignedDomains) {
// basically a no-op
return currentDomains;
}
};
// Get an instance of the saved ACC
AccessControlContext saved = AccessController.getContext();
// Simulate the stack ACC with a DomainCombiner attached
AccessControlContext stack = new AccessControlContext(AccessController.getContext(), dc);
// Now try to run JavaSecurityAccess.doIntersectionPrivilege() and assert
// whether the DomainCombiner from the stack ACC is preserved
boolean ret = SharedSecrets.getJavaSecurityAccess().doIntersectionPrivilege(new PrivilegedAction<Boolean>() {
@Override
public Boolean run() {
return dc == AccessController.getContext().getDomainCombiner();
}
}, stack, saved);
if (!ret) {
System.exit(1);
}
}
Also used :
ProtectionDomain(java.security.ProtectionDomain)
DomainCombiner(java.security.DomainCombiner)
AccessControlContext(java.security.AccessControlContext)
Example 17 with AccessControlContext
use of java.security.AccessControlContext in project jdk8u_jdk by JetBrains.
the class ContextInsulation method main.
public static void main(String[] args) throws Exception {
/*
* If we delay setting the security manager until after the service
* configuration file has been installed, then this test still
* functions properly, but the -Djava.security.debug output is
* lacking, so to ease debugging, we'll set it early-- at the cost
* of having to specify the policy even when running standalone.
*/
TestLibrary.suggestSecurityManager(null);
ServiceConfiguration.installServiceConfigurationFile();
/*
* Execute use of RMIClassLoader within an AccessControlContext
* that has a protection domain with no permissions, to make sure
* that RMIClassLoader can still properly initialize itself.
*/
CodeSource codesource = new CodeSource(null, (Certificate[]) null);
Permissions perms = null;
ProtectionDomain pd = new ProtectionDomain(codesource, perms);
AccessControlContext acc = new AccessControlContext(new ProtectionDomain[] { pd });
java.security.AccessController.doPrivileged(new java.security.PrivilegedExceptionAction() {
public Object run() throws Exception {
TestProvider.exerciseTestProvider(TestProvider2.loadClassReturn, TestProvider2.loadProxyClassReturn, TestProvider2.getClassLoaderReturn, TestProvider2.getClassAnnotationReturn, TestProvider2.invocations);
return null;
}
}, acc);
}
Also used :
ProtectionDomain(java.security.ProtectionDomain)
AccessControlContext(java.security.AccessControlContext)
Permissions(java.security.Permissions)
CodeSource(java.security.CodeSource)
Certificate(java.security.cert.Certificate)
Example 18 with AccessControlContext
use of java.security.AccessControlContext in project jdk8u_jdk by JetBrains.
the class DGCImplInsulation method main.
public static void main(String[] args) throws Exception {
TestLibrary.suggestSecurityManager(null);
Permissions perms = new Permissions();
perms.add(new SocketPermission("*:1024-", "listen"));
AccessControlContext acc = new AccessControlContext(new ProtectionDomain[] { new ProtectionDomain(new CodeSource(null, (Certificate[]) null), perms) });
Remote impl = new DGCImplInsulation();
;
try {
Remote stub = (Remote) java.security.AccessController.doPrivileged(new ExportAction(impl));
System.err.println("exported remote object; local stub: " + stub);
MarshalledObject mobj = new MarshalledObject(stub);
stub = (Remote) mobj.get();
System.err.println("marshalled/unmarshalled stub: " + stub);
ReferenceQueue refQueue = new ReferenceQueue();
Reference weakRef = new WeakReference(impl, refQueue);
impl = null;
System.gc();
if (refQueue.remove(TIMEOUT) == weakRef) {
throw new RuntimeException("TEST FAILED: remote object garbage collected");
} else {
System.err.println("TEST PASSED");
stub = null;
System.gc();
Thread.sleep(2000);
System.gc();
}
} finally {
try {
UnicastRemoteObject.unexportObject(impl, true);
} catch (Exception e) {
}
}
}
Also used :
ProtectionDomain(java.security.ProtectionDomain)
ReferenceQueue(java.lang.ref.ReferenceQueue)
Reference(java.lang.ref.Reference)
WeakReference(java.lang.ref.WeakReference)
SocketPermission(java.net.SocketPermission)
Remote(java.rmi.Remote)
CodeSource(java.security.CodeSource)
AccessControlContext(java.security.AccessControlContext)
MarshalledObject(java.rmi.MarshalledObject)
WeakReference(java.lang.ref.WeakReference)
Permissions(java.security.Permissions)
Certificate(java.security.cert.Certificate)
Example 19 with AccessControlContext
use of java.security.AccessControlContext in project aries by apache.
the class AggregateConverter method convert.
public Object convert(Object fromValue, final ReifiedType type) throws Exception {
// Discard null values
if (fromValue == null) {
return null;
}
// First convert service proxies
if (fromValue instanceof Convertible) {
return ((Convertible) fromValue).convert(type);
} else if (fromValue instanceof UnwrapperedBeanHolder) {
UnwrapperedBeanHolder holder = (UnwrapperedBeanHolder) fromValue;
if (isAssignable(holder.unwrapperedBean, type)) {
return BeanRecipe.wrap(holder, type.getRawClass());
} else {
fromValue = BeanRecipe.wrap(holder, Object.class);
}
} else if (isAssignable(fromValue, type)) {
// If the object is an instance of the type, just return it
return fromValue;
}
final Object finalFromValue = fromValue;
ConversionResult result = null;
AccessControlContext acc = blueprintContainer.getAccessControlContext();
if (acc == null) {
result = convertWithConverters(fromValue, type);
} else {
result = AccessController.doPrivileged(new PrivilegedExceptionAction<ConversionResult>() {
public ConversionResult run() throws Exception {
return convertWithConverters(finalFromValue, type);
}
}, acc);
}
if (result == null) {
if (fromValue instanceof Number && Number.class.isAssignableFrom(unwrap(toClass(type)))) {
return convertToNumber((Number) fromValue, toClass(type));
} else if (fromValue instanceof String) {
return convertFromString((String) fromValue, toClass(type), blueprintContainer);
} else if (toClass(type).isArray() && (fromValue instanceof Collection || fromValue.getClass().isArray())) {
return convertToArray(fromValue, type);
} else if (Map.class.isAssignableFrom(toClass(type)) && (fromValue instanceof Map || fromValue instanceof Dictionary)) {
return convertToMap(fromValue, type);
} else if (Dictionary.class.isAssignableFrom(toClass(type)) && (fromValue instanceof Map || fromValue instanceof Dictionary)) {
return convertToDictionary(fromValue, type);
} else if (Collection.class.isAssignableFrom(toClass(type)) && (fromValue instanceof Collection || fromValue.getClass().isArray())) {
return convertToCollection(fromValue, type);
} else {
throw new Exception("Unable to convert value " + fromValue + " to type " + type);
}
}
return result.value;
}
Also used :
Dictionary(java.util.Dictionary)
AccessControlContext(java.security.AccessControlContext)
Collection(java.util.Collection)
PrivilegedExceptionAction(java.security.PrivilegedExceptionAction)
HashMap(java.util.HashMap)
Map(java.util.Map)
UnwrapperedBeanHolder(org.apache.aries.blueprint.container.BeanRecipe.UnwrapperedBeanHolder)
Example 20 with AccessControlContext
use of java.security.AccessControlContext in project aries by apache.
the class AggregateConverter method canConvert.
public boolean canConvert(Object fromValue, final ReifiedType toType) {
if (fromValue == null) {
return true;
} else if (fromValue instanceof UnwrapperedBeanHolder) {
fromValue = ((UnwrapperedBeanHolder) fromValue).unwrapperedBean;
}
if (isAssignable(fromValue, toType)) {
return true;
}
final Object toTest = fromValue;
boolean canConvert = false;
AccessControlContext acc = blueprintContainer.getAccessControlContext();
if (acc == null) {
canConvert = canConvertWithConverters(toTest, toType);
} else {
canConvert = AccessController.doPrivileged(new PrivilegedAction<Boolean>() {
public Boolean run() {
return canConvertWithConverters(toTest, toType);
}
}, acc);
}
if (canConvert) {
return true;
}
// TODO implement better logic ?!
try {
convert(toTest, toType);
return true;
} catch (Exception e) {
return false;
}
}
Also used :
AccessControlContext(java.security.AccessControlContext)
PrivilegedAction(java.security.PrivilegedAction)
UnwrapperedBeanHolder(org.apache.aries.blueprint.container.BeanRecipe.UnwrapperedBeanHolder)
Aggregations
AccessControlContext (java.security.AccessControlContext)96
Subject (javax.security.auth.Subject)23
ProtectionDomain (java.security.ProtectionDomain)20
PrivilegedAction (java.security.PrivilegedAction)18
Permissions (java.security.Permissions)13
PrivilegedActionException (java.security.PrivilegedActionException)12
IOException (java.io.IOException)10
SocketPermission (java.net.SocketPermission)10
Test (org.testng.annotations.Test)8
Principal (java.security.Principal)7
DatagramSocket (java.net.DatagramSocket)5
InetAddress (java.net.InetAddress)4
MulticastSocket (java.net.MulticastSocket)4
CodeSource (java.security.CodeSource)4
PrivilegedExceptionAction (java.security.PrivilegedExceptionAction)4
ExecutorService (java.util.concurrent.ExecutorService)4
RejectedExecutionException (java.util.concurrent.RejectedExecutionException)4
ReflectionException (javax.management.ReflectionException)4
Test (org.junit.Test)4
InvocationTargetException (java.lang.reflect.InvocationTargetException)3
