Example 21 with AllPermission
use of java.security.AllPermission in project derby by apache.
the class SystemPrivilegesPermissionTest method testSystemPermissionCollections.
/**
* Test that collections of SystemPermissions behave as expected.
* Before DERBY-6717, adding multiple single-action permissions with
* the same name didn't work.
*/
public void testSystemPermissionCollections() {
Permissions allPerms = new Permissions();
for (String name : VALID_SYSPERM_NAMES) {
for (String action : VALID_SYSPERM_ACTIONS) {
allPerms.add(new SystemPermission(name, action));
}
}
assertEquals(VALID_SYSPERM_NAMES.length, Collections.list(allPerms.elements()).size());
// all system permissions.
for (String name : VALID_SYSPERM_NAMES) {
for (String a1 : VALID_SYSPERM_ACTIONS) {
// allPerms should imply any valid (name, action) pair.
assertTrue(allPerms.implies(new SystemPermission(name, a1)));
// system permission.
for (String a2 : VALID_SYSPERM_ACTIONS) {
assertTrue(allPerms.implies(new SystemPermission(name, a1 + ',' + a2)));
}
}
}
Permissions onePerm = new Permissions();
onePerm.add(new SystemPermission("server", "shutdown"));
// onePerm implies server shutdown and nothing else
assertTrue(onePerm.implies(new SystemPermission("server", "shutdown")));
assertFalse(onePerm.implies(new SystemPermission("engine", "shutdown")));
assertFalse(onePerm.implies(new SystemPermission("server", "shutdown,monitor")));
Permissions somePerms = new Permissions();
somePerms.add(new SystemPermission("server", "shutdown"));
somePerms.add(new SystemPermission("jmx", "shutdown,monitor"));
somePerms.add(new SystemPermission("engine", "shutdown,control"));
somePerms.add(new SystemPermission("engine", "control,monitor"));
// somePerms implies the shutdown action for server
assertTrue(somePerms.implies(new SystemPermission("server", "shutdown")));
assertFalse(somePerms.implies(new SystemPermission("server", "control")));
assertFalse(somePerms.implies(new SystemPermission("server", "monitor")));
assertFalse(somePerms.implies(new SystemPermission("server", "shutdown,monitor")));
// somePerms implies the shutdown and monitor actions for jmx
assertTrue(somePerms.implies(new SystemPermission("jmx", "shutdown")));
assertTrue(somePerms.implies(new SystemPermission("jmx", "monitor")));
assertFalse(somePerms.implies(new SystemPermission("jmx", "control")));
assertTrue(somePerms.implies(new SystemPermission("jmx", "shutdown,monitor")));
assertTrue(somePerms.implies(new SystemPermission("jmx", "monitor,shutdown")));
assertFalse(somePerms.implies(new SystemPermission("jmx", "monitor,shutdown,control")));
// somePerms implies shutdown, control and monitor for engine
assertTrue(somePerms.implies(new SystemPermission("engine", "shutdown")));
assertTrue(somePerms.implies(new SystemPermission("engine", "control")));
assertTrue(somePerms.implies(new SystemPermission("engine", "monitor")));
assertTrue(somePerms.implies(new SystemPermission("engine", "shutdown,monitor")));
assertTrue(somePerms.implies(new SystemPermission("engine", "shutdown,monitor,control")));
// A SystemPermission collection should not accept other permissions.
SystemPermission sp = new SystemPermission("engine", "monitor");
PermissionCollection collection = sp.newPermissionCollection();
try {
collection.add(new AllPermission());
fail();
} catch (IllegalArgumentException iae) {
// expected
}
// Read-only collections cannot be added to.
collection.setReadOnly();
try {
collection.add(sp);
fail();
} catch (SecurityException se) {
// expected
}
// The collection does not imply other permission types.
assertFalse(collection.implies(new AllPermission()));
}
Also used :
SystemPermission(org.apache.derby.shared.common.security.SystemPermission)
PermissionCollection(java.security.PermissionCollection)
Permissions(java.security.Permissions)
AllPermission(java.security.AllPermission)
Example 22 with AllPermission
use of java.security.AllPermission in project jdk8u_jdk by JetBrains.
the class XSLTExFuncTest method testExtFuncNotAllowed.
/**
* Security is enabled, extension function not allowed
*/
public void testExtFuncNotAllowed() {
Policy p = new SimplePolicy(new AllPermission());
Policy.setPolicy(p);
System.setSecurityManager(new SecurityManager());
TransformerFactory factory = TransformerFactory.newInstance();
try {
transform(factory);
} catch (TransformerConfigurationException e) {
fail(e.getMessage());
} catch (TransformerException ex) {
//expected since extension function is disallowed
System.out.println("testExtFuncNotAllowed: OK");
} finally {
System.setSecurityManager(null);
}
}
Also used :
Policy(java.security.Policy)
AllPermission(java.security.AllPermission)
Example 23 with AllPermission
use of java.security.AllPermission in project jdk8u_jdk by JetBrains.
the class XSLTExFuncTest method testEnableExtFunc.
/**
* Security is enabled, use new feature: enableExtensionFunctions
*/
public void testEnableExtFunc() {
Policy p = new SimplePolicy(new AllPermission());
Policy.setPolicy(p);
System.setSecurityManager(new SecurityManager());
TransformerFactory factory = TransformerFactory.newInstance();
/**
* Use of the extension function 'http://exslt.org/strings:tokenize' is
* not allowed when the secure processing feature is set to true.
* Attempt to use the new property to enable extension function
*/
boolean isExtensionSupported = enableExtensionFunction(factory);
try {
transform(factory);
System.out.println("testEnableExt: OK");
} catch (TransformerConfigurationException e) {
fail(e.getMessage());
} catch (TransformerException e) {
fail(e.getMessage());
} finally {
System.setSecurityManager(null);
}
}
Also used :
Policy(java.security.Policy)
AllPermission(java.security.AllPermission)
Example 24 with AllPermission
use of java.security.AllPermission in project jdk8u_jdk by JetBrains.
the class XPathExFuncTest method testExtFuncNotAllowed.
/**
* Security is enabled, extension function not allowed
*/
public void testExtFuncNotAllowed() {
Policy p = new SimplePolicy(new AllPermission());
Policy.setPolicy(p);
System.setSecurityManager(new SecurityManager());
try {
evaluate(false);
} catch (XPathFactoryConfigurationException e) {
fail(e.getMessage());
} catch (XPathExpressionException ex) {
//expected since extension function is disallowed
System.out.println("testExtFuncNotAllowed: OK");
} finally {
System.setSecurityManager(null);
}
}
Also used :
Policy(java.security.Policy)
XPathExpressionException(javax.xml.xpath.XPathExpressionException)
AllPermission(java.security.AllPermission)
XPathFactoryConfigurationException(javax.xml.xpath.XPathFactoryConfigurationException)
Example 25 with AllPermission
use of java.security.AllPermission in project lucene-solr by apache.
the class TestRunWithRestrictedPermissions method testCompletelyForbidden2.
public void testCompletelyForbidden2() throws Exception {
try {
runWithRestrictedPermissions(this::doSomeCompletelyForbiddenStuff, new AllPermission());
fail("this should not pass (not even with AllPermission)");
} catch (SecurityException se) {
// pass
}
}
Also used :
AllPermission(java.security.AllPermission)
Aggregations
AllPermission (java.security.AllPermission)38
PermissionCollection (java.security.PermissionCollection)14
Permissions (java.security.Permissions)14
Permission (java.security.Permission)9
Policy (java.security.Policy)8
CodeSource (java.security.CodeSource)6
File (java.io.File)5
FilePermission (java.io.FilePermission)5
ProtectionDomain (java.security.ProtectionDomain)5
Test (org.junit.Test)5
Deployment (org.jboss.arquillian.container.test.api.Deployment)3
JavaArchive (org.jboss.shrinkwrap.api.spec.JavaArchive)3
InetSocketAddress (java.net.InetSocketAddress)2
SocketPermission (java.net.SocketPermission)2
URL (java.net.URL)2
URLClassLoader (java.net.URLClassLoader)2
PrivilegedActionException (java.security.PrivilegedActionException)2
LocalDate (java.time.LocalDate)2
Date (java.util.Date)2
AtomicInteger (java.util.concurrent.atomic.AtomicInteger)2
