use of java.security.CodeSource in project jdk8u_jdk by JetBrains.
the class Regression method main.
public static void main(String[] args) {
Set principals = new HashSet();
principals.add(new com.sun.security.auth.NTUserPrincipal("test1"));
principals.add(new com.sun.security.auth.NTUserPrincipal("test2"));
Subject subject = new Subject(false, principals, new HashSet(), new HashSet());
SubjectDomainCombiner sdc = new SubjectDomainCombiner(subject);
URL url1;
URL url2;
URL url3;
URL url4;
try {
url1 = new URL("http://one");
url2 = new URL("http://two");
url3 = new URL("http://three");
url4 = new URL("http://four");
} catch (java.net.MalformedURLException mue) {
mue.printStackTrace();
throw new SecurityException("Test failed: " + mue.toString());
}
ProtectionDomain d1 = new ProtectionDomain(new CodeSource(url1, (java.security.cert.Certificate[]) null), // permissions
null, // class loader
null, // principals
null);
ProtectionDomain d2 = new ProtectionDomain(new CodeSource(url2, (java.security.cert.Certificate[]) null), // permissions
null, // class loader
null, // principals
null);
ProtectionDomain d3 = new ProtectionDomain(new CodeSource(url3, (java.security.cert.Certificate[]) null), // permissions
null, // class loader
null, // principals
null);
ProtectionDomain d4 = new ProtectionDomain(new CodeSource(url4, (java.security.cert.Certificate[]) null), // permissions
null, // class loader
null, // principals
null);
// test 1
// -- regular combine, make sure we get a proper combination back
ProtectionDomain[] currentDomains = { d1, d2, d3 };
ProtectionDomain[] assignedDomains = { d4 };
ProtectionDomain[] domains1 = sdc.combine(currentDomains, assignedDomains);
if (domains1.length != 4 || domains1[0] == d1 || domains1[1] == d2 || domains1[2] == d3 || domains1[3] != d4 || !domains1[0].implies(new RuntimePermission("queuePrintJob"))) {
throw new SecurityException("Test failed: combine test 1 failed");
}
System.out.println("-------- TEST ONE PASSED --------");
// test 2
// -- repeat combine, make sure combiner cachine returned the
// same PD's back
ProtectionDomain[] domains2 = sdc.combine(currentDomains, assignedDomains);
if (domains2.length != 4 || domains2[0] != domains1[0] || domains2[1] != domains1[1] || domains2[2] != domains1[2] || domains2[3] != domains1[3] || !domains2[0].implies(new RuntimePermission("queuePrintJob"))) {
throw new SecurityException("Test failed: combine test 2 failed");
}
System.out.println("-------- TEST TWO PASSED --------");
// test 3
// -- mutate the Subject and make sure the combiner cache
// got cleared out
subject.getPrincipals().remove(new com.sun.security.auth.NTUserPrincipal("test2"));
ProtectionDomain[] domains3 = sdc.combine(currentDomains, assignedDomains);
if (domains3.length != 4 || domains3[0] == domains1[0] || domains3[1] == domains1[1] || domains3[2] == domains1[2] || domains3[3] != domains1[3] || !domains3[0].implies(new RuntimePermission("createClassLoader")) || domains3[0].implies(new RuntimePermission("queuePrintJob"))) {
throw new SecurityException("Test failed: combine test 3 failed");
}
System.out.println("-------- TEST THREE PASSED --------");
System.out.println("Test Passed");
}
use of java.security.CodeSource in project jdk8u_jdk by JetBrains.
the class JarFile method getCodeSource.
CodeSource getCodeSource(URL url, String name) {
ensureInitialization();
if (jv != null) {
if (jv.eagerValidation) {
CodeSource cs = null;
JarEntry je = getJarEntry(name);
if (je != null) {
cs = jv.getCodeSource(url, this, je);
} else {
cs = jv.getCodeSource(url, name);
}
return cs;
} else {
return jv.getCodeSource(url, name);
}
}
return JarVerifier.getUnsignedCS(url);
}
use of java.security.CodeSource in project flink by apache.
the class SerializedThrowableTest method testSerialization.
@Test
public void testSerialization() {
try {
// We need an exception whose class is not in the core class loader
// we solve that by defining an exception class dynamically
// an exception class, as bytes
final byte[] classData = { -54, -2, -70, -66, 0, 0, 0, 51, 0, 21, 10, 0, 3, 0, 18, 7, 0, 19, 7, 0, 20, 1, 0, 16, 115, 101, 114, 105, 97, 108, 86, 101, 114, 115, 105, 111, 110, 85, 73, 68, 1, 0, 1, 74, 1, 0, 13, 67, 111, 110, 115, 116, 97, 110, 116, 86, 97, 108, 117, 101, 5, -103, -52, 22, -41, -23, -36, -25, 47, 1, 0, 6, 60, 105, 110, 105, 116, 62, 1, 0, 3, 40, 41, 86, 1, 0, 4, 67, 111, 100, 101, 1, 0, 15, 76, 105, 110, 101, 78, 117, 109, 98, 101, 114, 84, 97, 98, 108, 101, 1, 0, 18, 76, 111, 99, 97, 108, 86, 97, 114, 105, 97, 98, 108, 101, 84, 97, 98, 108, 101, 1, 0, 4, 116, 104, 105, 115, 1, 0, 61, 76, 111, 114, 103, 47, 97, 112, 97, 99, 104, 101, 47, 102, 108, 105, 110, 107, 47, 114, 117, 110, 116, 105, 109, 101, 47, 117, 116, 105, 108, 47, 84, 101, 115, 116, 69, 120, 99, 101, 112, 116, 105, 111, 110, 70, 111, 114, 83, 101, 114, 105, 97, 108, 105, 122, 97, 116, 105, 111, 110, 59, 1, 0, 10, 83, 111, 117, 114, 99, 101, 70, 105, 108, 101, 1, 0, 34, 84, 101, 115, 116, 69, 120, 99, 101, 112, 116, 105, 111, 110, 70, 111, 114, 83, 101, 114, 105, 97, 108, 105, 122, 97, 116, 105, 111, 110, 46, 106, 97, 118, 97, 12, 0, 9, 0, 10, 1, 0, 59, 111, 114, 103, 47, 97, 112, 97, 99, 104, 101, 47, 102, 108, 105, 110, 107, 47, 114, 117, 110, 116, 105, 109, 101, 47, 117, 116, 105, 108, 47, 84, 101, 115, 116, 69, 120, 99, 101, 112, 116, 105, 111, 110, 70, 111, 114, 83, 101, 114, 105, 97, 108, 105, 122, 97, 116, 105, 111, 110, 1, 0, 19, 106, 97, 118, 97, 47, 108, 97, 110, 103, 47, 69, 120, 99, 101, 112, 116, 105, 111, 110, 0, 33, 0, 2, 0, 3, 0, 0, 0, 1, 0, 26, 0, 4, 0, 5, 0, 1, 0, 6, 0, 0, 0, 2, 0, 7, 0, 1, 0, 1, 0, 9, 0, 10, 0, 1, 0, 11, 0, 0, 0, 47, 0, 1, 0, 1, 0, 0, 0, 5, 42, -73, 0, 1, -79, 0, 0, 0, 2, 0, 12, 0, 0, 0, 6, 0, 1, 0, 0, 0, 21, 0, 13, 0, 0, 0, 12, 0, 1, 0, 0, 0, 5, 0, 14, 0, 15, 0, 0, 0, 1, 0, 16, 0, 0, 0, 2, 0, 17 };
// dummy class loader that has no access to any classes
ClassLoader loader = new URLClassLoader(new URL[0]);
// define a class into the classloader
Class<?> clazz = MemoryUtils.UNSAFE.defineClass("org.apache.flink.runtime.util.TestExceptionForSerialization", classData, 0, classData.length, loader, new ProtectionDomain(new CodeSource(null, (Certificate[]) null), new Permissions()));
// create an instance of the exception (no message, no cause)
Exception userException = clazz.asSubclass(Exception.class).newInstance();
// check that we cannot simply copy the exception
try {
byte[] serialized = InstantiationUtil.serializeObject(userException);
InstantiationUtil.deserializeObject(serialized, getClass().getClassLoader());
fail("should fail with a class not found exception");
} catch (ClassNotFoundException e) {
// as we want it
}
// validate that the SerializedThrowable mimics the original exception
SerializedThrowable serialized = new SerializedThrowable(userException);
assertEquals(userException.getMessage(), serialized.getMessage());
assertEquals(userException.toString(), serialized.toString());
assertEquals(ExceptionUtils.stringifyException(userException), ExceptionUtils.stringifyException(serialized));
assertArrayEquals(userException.getStackTrace(), serialized.getStackTrace());
// copy the serialized throwable and make sure everything still works
SerializedThrowable copy = CommonTestUtils.createCopySerializable(serialized);
assertEquals(userException.getMessage(), copy.getMessage());
assertEquals(userException.toString(), copy.toString());
assertEquals(ExceptionUtils.stringifyException(userException), ExceptionUtils.stringifyException(copy));
assertArrayEquals(userException.getStackTrace(), copy.getStackTrace());
// deserialize the proper exception
Throwable deserialized = copy.deserializeError(loader);
assertEquals(clazz, deserialized.getClass());
// deserialization with the wrong classloader does not lead to a failure
Throwable wronglyDeserialized = copy.deserializeError(getClass().getClassLoader());
assertEquals(ExceptionUtils.stringifyException(userException), ExceptionUtils.stringifyException(wronglyDeserialized));
} catch (Exception e) {
e.printStackTrace();
fail(e.getMessage());
}
}
use of java.security.CodeSource in project qi4j-sdk by Qi4j.
the class ClassScanner method findClasses.
/**
* Get all classes from the same package of the given class, and recursively in all subpackages.
* <p>
* This only works if the seed class is loaded from a file: URL. Jar files are possible as well. Abstract classes
* are not included in the results. For further filtering use e.g. Iterables.filter.
* </p>
* @param seedClass starting point for classpath scanning
*
* @return iterable of all concrete classes in the same package as the seedclass, and also all classes in subpackages.
*/
public static Iterable<Class<?>> findClasses(final Class<?> seedClass) {
CodeSource codeSource = seedClass.getProtectionDomain().getCodeSource();
if (codeSource == null) {
return Iterables.empty();
}
URL location = codeSource.getLocation();
if (!location.getProtocol().equals("file")) {
throw new IllegalArgumentException("Can only enumerate classes from file system locations. URL is:" + location);
}
final File file;
try {
file = new File(location.toURI().getPath());
} catch (URISyntaxException e) {
throw new IllegalArgumentException("The file location of codebase is invalid. Can not convert to URI. URL is:" + location);
}
if (file.getName().endsWith(".jar")) {
try {
final String packageName = seedClass.getPackage().getName().replace('.', '/');
JarFile jarFile = new JarFile(file);
Iterable<JarEntry> entries = Iterables.iterable(jarFile.entries());
try {
return Iterables.toList(filter(new ValidClass(), map(new Function<JarEntry, Class<?>>() {
@Override
public Class map(JarEntry jarEntry) {
String name = jarEntry.getName();
name = name.substring(0, name.length() - 6);
name = name.replace('/', '.');
try {
return seedClass.getClassLoader().loadClass(name);
} catch (ClassNotFoundException e) {
return null;
}
}
}, filter(new Specification<JarEntry>() {
@Override
public boolean satisfiedBy(JarEntry jarEntry) {
return jarEntry.getName().startsWith(packageName) && jarEntry.getName().endsWith(".class");
}
}, entries))));
} finally {
jarFile.close();
}
} catch (IOException e) {
throw new IllegalArgumentException("Could not open jar file " + file, e);
}
} else {
final File path = new File(file, seedClass.getPackage().getName().replace('.', File.separatorChar));
Iterable<File> files = findFiles(path, new Specification<File>() {
@Override
public boolean satisfiedBy(File file) {
return file.getName().endsWith(".class");
}
});
return filter(new ValidClass(), map(new Function<File, Class<?>>() {
@Override
public Class<?> map(File f) {
String fileName = f.getAbsolutePath().substring(file.toString().length() + 1);
fileName = fileName.replace(File.separatorChar, '.').substring(0, fileName.length() - 6);
try {
return seedClass.getClassLoader().loadClass(fileName);
} catch (ClassNotFoundException e) {
return null;
}
}
}, files));
}
}
use of java.security.CodeSource in project jdk8u_jdk by JetBrains.
the class SystemClassLoaderAction method defineClassSourceLocation.
private String defineClassSourceLocation(ProtectionDomain pd) {
CodeSource cs = pd.getCodeSource();
String source = null;
if (cs != null && cs.getLocation() != null) {
source = cs.getLocation().toString();
}
return source;
}
Aggregations