Search in sources :

Example 6 with DomainCombiner

use of java.security.DomainCombiner in project XobotOS by xamarin.

the class Subject method getSubject.

/**
     * Returns the {@code Subject} that was last associated with the {@code
     * context} provided as argument.
     *
     * @param context
     *            the {@code context} that was associated with the
     *            {@code Subject}.
     * @return the {@code Subject} that was last associated with the {@code
     *         context} provided as argument.
     */
public static Subject getSubject(final AccessControlContext context) {
    if (context == null) {
        throw new NullPointerException("AccessControlContext cannot be null");
    }
    PrivilegedAction<DomainCombiner> action = new PrivilegedAction<DomainCombiner>() {

        public DomainCombiner run() {
            return context.getDomainCombiner();
        }
    };
    DomainCombiner combiner = AccessController.doPrivileged(action);
    if ((combiner == null) || !(combiner instanceof SubjectDomainCombiner)) {
        return null;
    }
    return ((SubjectDomainCombiner) combiner).getSubject();
}
Also used : DomainCombiner(java.security.DomainCombiner) PrivilegedAction(java.security.PrivilegedAction)

Example 7 with DomainCombiner

use of java.security.DomainCombiner in project jspwiki by apache.

the class GroupPermission method impliesMember.

/**
 * <p>
 * Returns <code>true</code> if this GroupPermission was created with the
 * token <code>&lt;groupmember&gt;</code>
 * <em>and</em> the current
 * thread&#8217;s Subject is a member of the Group indicated by the implied
 * GroupPermission. Thus, a GroupPermission with the group
 * <code>&lt;groupmember&gt;</code> implies GroupPermission for group
 * "TestGroup" only if the Subject is a member of TestGroup.
 * </p>
 * <p>
 * We make this determination by obtaining the current {@link Thread}&#8217;s
 * {@link java.security.AccessControlContext} and requesting the
 * {@link javax.security.auth.SubjectDomainCombiner}. If the combiner is
 * not <code>null</code>, then we know that the access check was
 * requested using a {@link javax.security.auth.Subject}; that is, that an
 * upstream caller caused a Subject to be associated with the Thread&#8217;s
 * ProtectionDomain by executing a
 * {@link javax.security.auth.Subject#doAs(Subject, java.security.PrivilegedAction)}
 * operation.
 * </p>
 * <p>
 * If a SubjectDomainCombiner exists, determining group membership is
 * simple: just iterate through the Subject&#8217;s Principal set and look for all
 * Principals of type {@link org.apache.wiki.auth.GroupPrincipal}. If the
 * name of any Principal matches the value of the implied Permission&#8217;s
 * {@link GroupPermission#getGroup()} value, then the Subject is a member of
 * this group -- and therefore this <code>impliesMember</code> call
 * returns <code>true</code>.
 * </p>
 * <p>
 * This may sound complicated, but it really isn&#8217;t. Consider the following
 * examples:
 * </p>
 * <table border="1"> <thead>
 * <tr>
 * <th width="25%">This object</th>
 * <th width="25%"><code>impliesMember</code> parameter</th>
 * <th width="25%">Calling Subject&#8217;s Principals
 * <th width="25%">Result</th>
 * </tr>
 * <tr>
 * <td><code>GroupPermission ("&lt;groupmember&gt;")</code></td>
 * <td><code>GroupPermission ("*:TestGroup")</code></td>
 * <td><code>WikiPrincipal ("Biff"),<br/>GroupPrincipal ("TestGroup")</code></td>
 * <td><code>true</code></td>
 * </tr>
 * <tr>
 * <td><code>GroupPermission ("*:TestGroup")</code></td>
 * <td><code>GroupPermission ("*:TestGroup")</code></td>
 * <td><code>WikiPrincipal ("Biff"),<br/>GroupPrincipal ("TestGroup")</code></td>
 * <td><code>false</code> - this object does not contain
 * <code>&lt;groupmember&gt;</code></td>
 * </tr>
 * <tr>
 * <td><code>GroupPermission ("&lt;groupmember&gt;")</code></td>
 * <td><code>GroupPermission ("*:TestGroup")</code></td>
 * <td><code>WikiPrincipal ("Biff"),<br/>GroupPrincipal ("FooGroup")</code></td>
 * <td><code>false</code> - Subject does not contain GroupPrincipal
 * matching implied Permission&#8217;s group (TestGroup)</td>
 * </tr>
 * <tr>
 * <td><code>GroupPermission ("&lt;groupmember&gt;")</code></td>
 * <td><code>WikiPermission ("*:createGroups")</code></td>
 * <td><code>WikiPrincipal ("Biff"),<br/>GroupPrincipal ("TestGroup")</code></td>
 * <td><code>false</code> - implied permission not of type
 * GroupPermission</td>
 * </tr>
 * <tr>
 * <td><code>GroupPermission ("&lt;groupmember&gt;")</code></td>
 * <td><code>GroupPermission ("*:TestGroup")</code></td>
 * <td>-</td>
 * <td><code>false</code> - <code>Subject.doAs()</code> not called
 * upstream</td>
 * </tr>
 * </table>
 * <p>
 * Note that JSPWiki&#8217;s access control checks are made inside of
 * {@link org.apache.wiki.auth.AuthorizationManager#checkPermission(org.apache.wiki.WikiSession, Permission)},
 * which performs a <code>Subject.doAs()</code> call. Thus, this
 * Permission functions exactly the way it should during normal
 * operations.
 * </p>
 * @param permission the implied permission
 * @return <code>true</code> if the calling Thread&#8217;s Subject contains a
 *         GroupPrincipal matching the implied GroupPermission&#8217;s group;
 *         <code>false</code> otherwise
 */
protected boolean impliesMember(Permission permission) {
    if (!(permission instanceof GroupPermission)) {
        return false;
    }
    GroupPermission gp = (GroupPermission) permission;
    if (!MEMBER_TOKEN.equals(m_group)) {
        return false;
    }
    // For the current thread, retrieve the SubjectDomainCombiner
    // (if one was used to create current AccessControlContext )
    AccessControlContext acc = AccessController.getContext();
    DomainCombiner dc = acc.getDomainCombiner();
    if (dc != null && dc instanceof SubjectDomainCombiner) {
        // <member> implies permission if subject possesses
        // GroupPrincipal with same name as target
        Subject subject = ((SubjectDomainCombiner) dc).getSubject();
        Set<GroupPrincipal> principals = subject.getPrincipals(GroupPrincipal.class);
        for (Principal principal : principals) {
            if (principal.getName().equals(gp.m_group)) {
                return true;
            }
        }
    }
    return false;
}
Also used : DomainCombiner(java.security.DomainCombiner) SubjectDomainCombiner(javax.security.auth.SubjectDomainCombiner) AccessControlContext(java.security.AccessControlContext) GroupPrincipal(org.apache.wiki.auth.GroupPrincipal) SubjectDomainCombiner(javax.security.auth.SubjectDomainCombiner) Subject(javax.security.auth.Subject) Principal(java.security.Principal) GroupPrincipal(org.apache.wiki.auth.GroupPrincipal)

Example 8 with DomainCombiner

use of java.security.DomainCombiner in project openj9 by eclipse.

the class Test_AccessController method test_doPrivilegedWithCombiner.

/**
 *        java.security.AccessController#doPrivilegedWithCombiner(java.security
 *        .PrivilegedAction)
 */
@Test
public void test_doPrivilegedWithCombiner() {
    class MyDomainCombiner implements DomainCombiner {

        public ProtectionDomain[] combine(ProtectionDomain[] executionDomains, ProtectionDomain[] parentDomains) {
            Permissions perms = new Permissions();
            perms.add(new RuntimePermission("checking"));
            return new ProtectionDomain[] { new ProtectionDomain(null, perms) };
        }
    }
    AccessControlContext acc1 = new AccessControlContext(new ProtectionDomain[] { new ProtectionDomain(null, new Permissions()) });
    AccessControlContext acc = new AccessControlContext(acc1, new MyDomainCombiner());
    AccessController.doPrivileged(new PrivilegedAction() {

        public Object run() {
            AccessController.doPrivilegedWithCombiner(new PrivilegedAction() {

                public Object run() {
                    AccessController.checkPermission(new RuntimePermission("checking"));
                    return null;
                }
            });
            try {
                AccessController.doPrivileged(new PrivilegedAction() {

                    public Object run() {
                        AccessController.checkPermission(new RuntimePermission("checking"));
                        return null;
                    }
                });
                Assert.fail("Expected SecurityException");
            } catch (SecurityException e) {
            // expected
            }
            return null;
        }
    }, acc);
}
Also used : ProtectionDomain(java.security.ProtectionDomain) DomainCombiner(java.security.DomainCombiner) AccessControlContext(java.security.AccessControlContext) PrivilegedAction(java.security.PrivilegedAction) Permissions(java.security.Permissions) Test(org.testng.annotations.Test)

Example 9 with DomainCombiner

use of java.security.DomainCombiner in project j2objc by google.

the class AccessControllerTest method testDoPrivilegedWithCombiner.

public void testDoPrivilegedWithCombiner() {
    final Permission permission = new RuntimePermission("do stuff");
    final DomainCombiner union = new DomainCombiner() {

        @Override
        public ProtectionDomain[] combine(ProtectionDomain[] a, ProtectionDomain[] b) {
            throw new AssertionFailedError("Expected combiner to be unused");
        }
    };
    ProtectionDomain protectionDomain = new ProtectionDomain(null, new Permissions());
    AccessControlContext accessControlContext = new AccessControlContext(new AccessControlContext(new ProtectionDomain[] { protectionDomain }), union);
    final AtomicInteger actionCount = new AtomicInteger();
    AccessController.doPrivileged(new PrivilegedAction<Void>() {

        @Override
        public Void run() {
            assertEquals(null, AccessController.getContext().getDomainCombiner());
            AccessController.getContext().checkPermission(permission);
            // Calling doPrivileged again would have exercised the combiner
            AccessController.doPrivileged(new PrivilegedAction<Void>() {

                @Override
                public Void run() {
                    actionCount.incrementAndGet();
                    assertEquals(null, AccessController.getContext().getDomainCombiner());
                    AccessController.getContext().checkPermission(permission);
                    return null;
                }
            });
            return null;
        }
    }, accessControlContext);
    assertEquals(1, actionCount.get());
}
Also used : ProtectionDomain(java.security.ProtectionDomain) DomainCombiner(java.security.DomainCombiner) AccessControlContext(java.security.AccessControlContext) AtomicInteger(java.util.concurrent.atomic.AtomicInteger) PrivilegedAction(java.security.PrivilegedAction) Permission(java.security.Permission) Permissions(java.security.Permissions) AssertionFailedError(junit.framework.AssertionFailedError)

Aggregations

DomainCombiner (java.security.DomainCombiner)9 PrivilegedAction (java.security.PrivilegedAction)7 AccessControlContext (java.security.AccessControlContext)6 ProtectionDomain (java.security.ProtectionDomain)5 Permissions (java.security.Permissions)4 Permission (java.security.Permission)2 AtomicInteger (java.util.concurrent.atomic.AtomicInteger)2 AssertionFailedError (junit.framework.AssertionFailedError)2 Test (org.testng.annotations.Test)2 Principal (java.security.Principal)1 PrivilegedActionException (java.security.PrivilegedActionException)1 PrivilegedExceptionAction (java.security.PrivilegedExceptionAction)1 Subject (javax.security.auth.Subject)1 SubjectDomainCombiner (javax.security.auth.SubjectDomainCombiner)1 GroupPrincipal (org.apache.wiki.auth.GroupPrincipal)1