Example 26 with AllPermission
use of java.security.AllPermission in project Payara by payara.
the class PermissionCache method checkCache.
private boolean checkCache(Permission p, Epoch e) {
// test-and-set to guard critical section
rLock.lock();
try {
if (loading) {
return false;
} else if (cache != null) {
// check permission and return
return checkLoadedCache(p, e);
}
} finally {
rLock.unlock();
}
wLock.lock();
if (loading) {
// another thread started the load
// release the writelock and return
wLock.unlock();
return false;
} else if (cache != null) {
// another thread loaded the cache
// get readlock inside writelock.
// check permission and return
rLock.lock();
wLock.unlock();
try {
// check permission and return
return checkLoadedCache(p, e);
} finally {
rLock.unlock();
}
} else {
// set the load indicators so that readers will
// bypass the cache until it is loaded
// release the writelock and return
cache = null;
loading = true;
wLock.unlock();
}
// cache will be null if we proceed past this point
// NO LOCKS ARE HELD AT THIS POINT
Permissions nextCache = new Permissions();
boolean setPc = false;
String oldpcID = null;
try {
oldpcID = PolicyContext.getContextID();
if (this.pcID == null || !this.pcID.equals(oldpcID)) {
setPc = true;
}
} catch (Exception ex) {
_logger.log(Level.SEVERE, "JACC: Unexpected security exception on access decision", ex);
return false;
}
PermissionCollection pc = null;
try {
if (setPc) {
setPolicyContextID(this.pcID);
}
pc = policy.getPermissions(this.codesource);
} catch (Exception ex) {
_logger.log(Level.SEVERE, "JACC: Unexpected security exception on access decision", ex);
return false;
} finally {
if (setPc) {
try {
setPolicyContextID(oldpcID);
} catch (Exception ex) {
_logger.log(Level.SEVERE, "JACC: Unexpected security exception on access decision", ex);
return false;
}
}
}
// force resolution of unresolved permissions
// so that we can filter out all but the permissions
// that are supposed to be in the cache.
resolvePermissions(pc, p);
Enumeration granted = pc.elements();
while (granted.hasMoreElements()) {
Permission i = (Permission) granted.nextElement();
if (i.equals(allPermission)) {
nextCache.add(i);
} else {
boolean classMatch = true;
if (this.classes != null) {
classMatch = false;
Class iClazz = i.getClass();
for (int j = 0; j < this.classes.length; j++) {
if (this.classes[j].equals(iClazz)) {
classMatch = true;
break;
}
}
}
if (classMatch) {
if (this.name != null) {
String iName = i.getName();
if (iName != null && this.name.equals(iName)) {
nextCache.add(i);
}
} else {
nextCache.add(i);
}
}
}
}
// get the writelock to mark cache as loaded
wLock.lock();
cache = nextCache;
loading = false;
try {
// get readlock inside writelock.
rLock.lock();
wLock.unlock();
// check permission and return
return checkLoadedCache(p, e);
} finally {
rLock.unlock();
}
}
Also used :
PermissionCollection(java.security.PermissionCollection)
Enumeration(java.util.Enumeration)
Permissions(java.security.Permissions)
AllPermission(java.security.AllPermission)
Permission(java.security.Permission)
PrivilegedActionException(java.security.PrivilegedActionException)
Example 27 with AllPermission
use of java.security.AllPermission in project Payara by payara.
the class VoidPermissionTest method testImpliedByAllPermission.
@Test
public void testImpliedByAllPermission() {
Permission allPerm = new AllPermission();
VoidPermission vPerm = new VoidPermission();
Assert.assertTrue(allPerm.implies(vPerm));
Assert.assertTrue(!vPerm.implies(allPerm));
}
Also used :
Permission(java.security.Permission)
FilePermission(java.io.FilePermission)
AllPermission(java.security.AllPermission)
AllPermission(java.security.AllPermission)
Test(org.junit.Test)
Example 28 with AllPermission
use of java.security.AllPermission in project rt.equinox.framework by eclipse.
the class ModuleRevisionBuilder method addRevision.
/**
* Used by the container to build a new revision for a module.
* This builder is used to build a new {@link Module#getCurrentRevision() current}
* revision for the specified module.
* @param module the module to build a new revision for
* @param revisionInfo the revision info for the new revision, may be {@code null}
* @return the new new {@link Module#getCurrentRevision() current} revision.
*/
ModuleRevision addRevision(Module module, Object revisionInfo) {
Collection<?> systemNames = Collections.emptyList();
Module systemModule = module.getContainer().getModule(0);
if (systemModule != null) {
ModuleRevision systemRevision = systemModule.getCurrentRevision();
List<ModuleCapability> hostCapabilities = systemRevision.getModuleCapabilities(HostNamespace.HOST_NAMESPACE);
for (ModuleCapability hostCapability : hostCapabilities) {
Object hostNames = hostCapability.getAttributes().get(HostNamespace.HOST_NAMESPACE);
if (hostNames instanceof Collection) {
systemNames = (Collection<?>) hostNames;
} else if (hostNames instanceof String) {
systemNames = Arrays.asList(hostNames);
}
}
}
ModuleRevisions revisions = module.getRevisions();
ModuleRevision revision = new ModuleRevision(symbolicName, version, types, capabilityInfos, requirementInfos, revisions, revisionInfo);
revisions.addRevision(revision);
module.getContainer().getAdaptor().associateRevision(revision, revisionInfo);
try {
List<ModuleRequirement> hostRequirements = revision.getModuleRequirements(HostNamespace.HOST_NAMESPACE);
for (ModuleRequirement hostRequirement : hostRequirements) {
FilterImpl f = null;
String filterSpec = hostRequirement.getDirectives().get(Namespace.REQUIREMENT_FILTER_DIRECTIVE);
if (filterSpec != null) {
try {
f = FilterImpl.newInstance(filterSpec);
String hostName = f.getPrimaryKeyValue(HostNamespace.HOST_NAMESPACE);
if (hostName != null) {
if (systemNames.contains(hostName)) {
Bundle b = module.getBundle();
if (b != null && !b.hasPermission(new AllPermission())) {
// $NON-NLS-1$
SecurityException se = new SecurityException("Must have AllPermission granted to install an extension bundle");
// TODO this is such a hack: making the cause a bundle exception so we can throw the right one later
BundleException be = new BundleException(se.getMessage(), BundleException.SECURITY_ERROR, se);
se.initCause(be);
throw se;
}
module.getContainer().checkAdminPermission(module.getBundle(), AdminPermission.EXTENSIONLIFECYCLE);
}
}
} catch (InvalidSyntaxException e) {
continue;
}
}
}
module.getContainer().checkAdminPermission(module.getBundle(), AdminPermission.LIFECYCLE);
} catch (SecurityException e) {
revisions.removeRevision(revision);
throw e;
}
return revision;
}
Also used :
FilterImpl(org.eclipse.osgi.internal.framework.FilterImpl)
AllPermission(java.security.AllPermission)
Example 29 with AllPermission
use of java.security.AllPermission in project Payara by payara.
the class VoidPermissionTest method testImpliedByAllPermission.
@Test
public void testImpliedByAllPermission() {
Permission allPerm = new AllPermission();
VoidPermission vPerm = new VoidPermission();
Assert.assertTrue(allPerm.implies(vPerm));
Assert.assertTrue(!vPerm.implies(allPerm));
}
Also used :
Permission(java.security.Permission)
FilePermission(java.io.FilePermission)
AllPermission(java.security.AllPermission)
AllPermission(java.security.AllPermission)
Test(org.junit.Test)
Example 30 with AllPermission
use of java.security.AllPermission in project ignite by apache.
the class AbstractSandboxTest method beforeTestsStarted.
/**
* {@inheritDoc}
*/
@Override
protected void beforeTestsStarted() throws Exception {
if (System.getSecurityManager() == null) {
Policy.setPolicy(new Policy() {
@Override
public PermissionCollection getPermissions(CodeSource cs) {
Permissions res = new Permissions();
res.add(new AllPermission());
return res;
}
});
System.setSecurityManager(new SecurityManager());
setupSM = true;
}
prepareCluster();
}
Also used :
Policy(java.security.Policy)
PermissionCollection(java.security.PermissionCollection)
Permissions(java.security.Permissions)
AllPermission(java.security.AllPermission)
CodeSource(java.security.CodeSource)
Aggregations
AllPermission (java.security.AllPermission)38
PermissionCollection (java.security.PermissionCollection)14
Permissions (java.security.Permissions)14
Permission (java.security.Permission)9
Policy (java.security.Policy)8
CodeSource (java.security.CodeSource)6
File (java.io.File)5
FilePermission (java.io.FilePermission)5
ProtectionDomain (java.security.ProtectionDomain)5
Test (org.junit.Test)5
Deployment (org.jboss.arquillian.container.test.api.Deployment)3
JavaArchive (org.jboss.shrinkwrap.api.spec.JavaArchive)3
InetSocketAddress (java.net.InetSocketAddress)2
SocketPermission (java.net.SocketPermission)2
URL (java.net.URL)2
URLClassLoader (java.net.URLClassLoader)2
PrivilegedActionException (java.security.PrivilegedActionException)2
LocalDate (java.time.LocalDate)2
Date (java.util.Date)2
AtomicInteger (java.util.concurrent.atomic.AtomicInteger)2
