Search in sources :

Example 96 with CodeSource

use of java.security.CodeSource in project poi by apache.

the class OOXMLLite method getLoadedClasses.

/**
     *
     * @param ptrn the pattern to filter output
     * @return the classes loaded by the system class loader keyed by class name
     */
@SuppressWarnings("unchecked")
private static Map<String, Class<?>> getLoadedClasses(String ptrn) {
    // make the field accessible, we defer this from static initialization to here to 
    // allow JDKs which do not have this field (e.g. IBM JDK) to at least load the class
    // without failing, see https://issues.apache.org/bugzilla/show_bug.cgi?id=56550
    final Field _classes = AccessController.doPrivileged(new PrivilegedAction<Field>() {

        @SuppressForbidden("TODO: Reflection works until Java 8 on Oracle/Sun JDKs, but breaks afterwards (different classloader types, access checks)")
        public Field run() {
            try {
                Field fld = ClassLoader.class.getDeclaredField("classes");
                fld.setAccessible(true);
                return fld;
            } catch (Exception e) {
                throw new RuntimeException(e);
            }
        }
    });
    ClassLoader appLoader = ClassLoader.getSystemClassLoader();
    try {
        Vector<Class<?>> classes = (Vector<Class<?>>) _classes.get(appLoader);
        Map<String, Class<?>> map = new HashMap<String, Class<?>>();
        for (Class<?> cls : classes) {
            // e.g. proxy-classes, ...
            ProtectionDomain pd = cls.getProtectionDomain();
            if (pd == null)
                continue;
            CodeSource cs = pd.getCodeSource();
            if (cs == null)
                continue;
            URL loc = cs.getLocation();
            if (loc == null)
                continue;
            String jar = loc.toString();
            if (jar.contains(ptrn)) {
                map.put(cls.getName(), cls);
            }
        }
        return map;
    } catch (IllegalAccessException e) {
        throw new RuntimeException(e);
    }
}
Also used : ProtectionDomain(java.security.ProtectionDomain) HashMap(java.util.HashMap) CodeSource(java.security.CodeSource) IOException(java.io.IOException) URL(java.net.URL) Field(java.lang.reflect.Field) Vector(java.util.Vector)

Example 97 with CodeSource

use of java.security.CodeSource in project sling by apache.

the class JspRuntimeContext method initSecurity.

// -------------------------------------------------------- Private Methods
/**
     * Method used to initialize SecurityManager data.
     */
private void initSecurity() {
    // Setup the PermissionCollection for this web app context
    // based on the permissions configured for the root of the
    // web app context directory, then add a file read permission
    // for that directory.
    Policy policy = Policy.getPolicy();
    if (policy != null) {
        try {
            // Get the permissions for the web app context
            String docBase = context.getRealPath("/");
            if (docBase == null) {
                docBase = options.getScratchDir().toString();
            }
            String codeBase = docBase;
            if (!codeBase.endsWith(File.separator)) {
                codeBase = codeBase + File.separator;
            }
            File contextDir = new File(codeBase);
            URL url = contextDir.getCanonicalFile().toURL();
            final CodeSource codeSource = new CodeSource(url, (Certificate[]) null);
            permissionCollection = policy.getPermissions(codeSource);
            // Create a file read permission for web app context directory
            if (!docBase.endsWith(File.separator)) {
                permissionCollection.add(new FilePermission(docBase, "read"));
                docBase = docBase + File.separator;
            } else {
                permissionCollection.add(new FilePermission(docBase.substring(0, docBase.length() - 1), "read"));
            }
            docBase = docBase + "-";
            permissionCollection.add(new FilePermission(docBase, "read"));
            // Create a file read permission for web app tempdir (work)
            // directory
            String workDir = options.getScratchDir().toString();
            if (!workDir.endsWith(File.separator)) {
                permissionCollection.add(new FilePermission(workDir, "read"));
                workDir = workDir + File.separator;
            }
            workDir = workDir + "-";
            permissionCollection.add(new FilePermission(workDir, "read"));
            // Allow the JSP to access org.apache.sling.scripting.jsp.jasper.runtime.HttpJspBase
            permissionCollection.add(new RuntimePermission("accessClassInPackage.org.apache.jasper.runtime"));
        } catch (final Exception e) {
            context.log("Security Init for context failed", e);
        }
    }
}
Also used : Policy(java.security.Policy) CodeSource(java.security.CodeSource) File(java.io.File) FilePermission(java.io.FilePermission) URL(java.net.URL) Certificate(java.security.cert.Certificate)

Example 98 with CodeSource

use of java.security.CodeSource in project Lucee by lucee.

the class CFMLEngineImpl method deployBundledExtensionZip.

private void deployBundledExtensionZip(ConfigServerImpl cs) {
    Resource dir = cs.getLocalExtensionProviderDirectory();
    List<ExtensionDefintion> existing = DeployHandler.getLocalExtensions(cs);
    String sub = "extensions/";
    // MUST this does not work on windows! we need to add an index
    ZipEntry entry;
    ZipInputStream zis = null;
    try {
        CodeSource src = CFMLEngineFactory.class.getProtectionDomain().getCodeSource();
        if (src == null)
            return;
        URL loc = src.getLocation();
        zis = new ZipInputStream(loc.openStream());
        String path, name;
        int index;
        Resource temp;
        RHExtension rhe;
        Iterator<ExtensionDefintion> it;
        ExtensionDefintion exist;
        while ((entry = zis.getNextEntry()) != null) {
            path = entry.getName();
            if (path.startsWith(sub) && path.endsWith(".lex")) {
                // ignore non lex files or file from else where
                index = path.lastIndexOf('/') + 1;
                if (index == sub.length()) {
                    // ignore sub directories
                    name = path.substring(index);
                    temp = null;
                    try {
                        temp = SystemUtil.getTempDirectory().getRealResource(name);
                        ResourceUtil.touch(temp);
                        Util.copy(zis, temp.getOutputStream(), false, true);
                        rhe = new RHExtension(cs, temp, false);
                        boolean alreadyExists = false;
                        it = existing.iterator();
                        while (it.hasNext()) {
                            exist = it.next();
                            if (exist.equals(rhe)) {
                                alreadyExists = true;
                                break;
                            }
                        }
                        if (!alreadyExists) {
                            temp.moveTo(dir.getRealResource(name));
                        }
                    } finally {
                        if (temp != null && temp.exists())
                            temp.delete();
                    }
                }
            }
            zis.closeEntry();
        }
    } catch (Throwable t) {
        // TODO log this
        ExceptionUtil.rethrowIfNecessary(t);
    } finally {
        Util.closeEL(zis);
    }
    return;
}
Also used : ZipEntry(java.util.zip.ZipEntry) Resource(lucee.commons.io.res.Resource) CodeSource(java.security.CodeSource) URL(java.net.URL) RHExtension(lucee.runtime.extension.RHExtension) ZipInputStream(java.util.zip.ZipInputStream) ExtensionDefintion(lucee.runtime.extension.ExtensionDefintion) CFMLEngineFactory(lucee.loader.engine.CFMLEngineFactory)

Example 99 with CodeSource

use of java.security.CodeSource in project kernel by exoplatform.

the class AbstractSecureCollectionsTest method doActionWithPermissions.

/**
 * Run privileged action with given privileges.
 */
protected <T> T doActionWithPermissions(PrivilegedExceptionAction<T> action, Permission... permissions) throws PrivilegedActionException {
    Permissions allPermissions = new Permissions();
    for (Permission permission : permissions) {
        if (permission != null) {
            allPermissions.add(permission);
        }
    }
    ProtectionDomain[] protectionDomains = new ProtectionDomain[] { new ProtectionDomain(new CodeSource(getCodeSource(), (java.security.cert.Certificate[]) null), allPermissions) };
    return AccessController.doPrivileged(action, new AccessControlContext(protectionDomains));
}
Also used : ProtectionDomain(java.security.ProtectionDomain) AccessControlContext(java.security.AccessControlContext) Permissions(java.security.Permissions) Permission(java.security.Permission) CodeSource(java.security.CodeSource)

Example 100 with CodeSource

use of java.security.CodeSource in project Payara by payara.

the class Launcher method createArchive.

protected final Archive createArchive() throws Exception {
    ProtectionDomain protectionDomain = getClass().getProtectionDomain();
    CodeSource codeSource = protectionDomain.getCodeSource();
    URI location = (codeSource == null ? null : codeSource.getLocation().toURI());
    String path = (location == null ? null : location.getSchemeSpecificPart());
    if (path == null) {
        throw new IllegalStateException("Unable to determine code source archive");
    }
    File root = new File(path);
    if (!root.exists()) {
        throw new IllegalStateException("Unable to determine code source archive from " + root);
    }
    return new JarFileArchive(root);
}
Also used : ProtectionDomain(java.security.ProtectionDomain) JarFileArchive(fish.payara.micro.boot.loader.archive.JarFileArchive) CodeSource(java.security.CodeSource) URI(java.net.URI) File(java.io.File)

Aggregations

CodeSource (java.security.CodeSource)104 URL (java.net.URL)49 ProtectionDomain (java.security.ProtectionDomain)39 File (java.io.File)30 IOException (java.io.IOException)20 Certificate (java.security.cert.Certificate)17 JarFile (java.util.jar.JarFile)13 PermissionCollection (java.security.PermissionCollection)12 URI (java.net.URI)11 URISyntaxException (java.net.URISyntaxException)11 Permissions (java.security.Permissions)11 Policy (java.security.Policy)10 FilePermission (java.io.FilePermission)7 InputStream (java.io.InputStream)6 AccessControlContext (java.security.AccessControlContext)6 MalformedURLException (java.net.MalformedURLException)5 Permission (java.security.Permission)4 JarEntry (java.util.jar.JarEntry)4 GroovyClassLoader (groovy.lang.GroovyClassLoader)3 URLClassLoader (java.net.URLClassLoader)3