Examples with Permission java.security.Permission used on opensource projects

Example 71 with Permission

use of java.security.Permission in project tomcat70 by apache.

the class WebappClassLoaderBase method getPermissions.

/**
 * Get the Permissions for a CodeSource.  If this instance
 * of WebappClassLoaderBase is for a web application context,
 * add read FilePermission or JndiPermissions for the base
 * directory (if unpacked),
 * the context URL, and jar file resources.
 *
 * @param codeSource where the code was loaded from
 * @return PermissionCollection for CodeSource
 */
@Override
protected PermissionCollection getPermissions(CodeSource codeSource) {
    String codeUrl = codeSource.getLocation().toString();
    PermissionCollection pc;
    if ((pc = loaderPC.get(codeUrl)) == null) {
        pc = super.getPermissions(codeSource);
        if (pc != null) {
            Iterator<Permission> perms = permissionList.iterator();
            while (perms.hasNext()) {
                Permission p = perms.next();
                pc.add(p);
            }
            loaderPC.put(codeUrl, pc);
        }
    }
    return (pc);
}

Example 72 with Permission

use of java.security.Permission in project tomcat70 by apache.

the class HostConfig method isDeployThisXML.

private boolean isDeployThisXML(File docBase, ContextName cn) {
    boolean deployThisXML = isDeployXML();
    if (Globals.IS_SECURITY_ENABLED && !deployThisXML) {
        // When running under a SecurityManager, deployXML may be overridden
        // on a per Context basis by the granting of a specific permission
        Policy currentPolicy = Policy.getPolicy();
        if (currentPolicy != null) {
            URL contextRootUrl;
            try {
                contextRootUrl = docBase.toURI().toURL();
                CodeSource cs = new CodeSource(contextRootUrl, (Certificate[]) null);
                PermissionCollection pc = currentPolicy.getPermissions(cs);
                Permission p = new DeployXmlPermission(cn.getBaseName());
                if (pc.implies(p)) {
                    deployThisXML = true;
                }
            } catch (MalformedURLException e) {
                // Should never happen
                log.warn("hostConfig.docBaseUrlInvalid", e);
            }
        }
    }
    return deployThisXML;
}

Example 73 with Permission

use of java.security.Permission in project tomcat70 by apache.

the class ClassLoaderLogManager method readConfiguration.

/**
 * Read configuration for the specified classloader.
 *
 * @param classLoader
 * @throws IOException Error
 */
protected synchronized void readConfiguration(ClassLoader classLoader) throws IOException {
    InputStream is = null;
    // only look in the local repositories to avoid redefining loggers 20 times
    try {
        if (classLoader instanceof URLClassLoader) {
            URL logConfig = ((URLClassLoader) classLoader).findResource("logging.properties");
            if (null != logConfig) {
                if (Boolean.getBoolean(DEBUG_PROPERTY))
                    System.err.println(getClass().getName() + ".readConfiguration(): " + "Found logging.properties at " + logConfig);
                is = classLoader.getResourceAsStream("logging.properties");
            } else {
                if (Boolean.getBoolean(DEBUG_PROPERTY))
                    System.err.println(getClass().getName() + ".readConfiguration(): " + "Found no logging.properties");
            }
        }
    } catch (AccessControlException ace) {
        // No permission to configure logging in context
        // Log and carry on
        ClassLoaderLogInfo info = classLoaderLoggers.get(ClassLoader.getSystemClassLoader());
        if (info != null) {
            Logger log = info.loggers.get("");
            if (log != null) {
                Permission perm = ace.getPermission();
                if (perm instanceof FilePermission && perm.getActions().equals("read")) {
                    log.warning("Reading " + perm.getName() + " is not permitted. See \"per context logging\" in the default catalina.policy file.");
                } else {
                    log.warning("Reading logging.properties is not permitted in some context. See \"per context logging\" in the default catalina.policy file.");
                    log.warning("Original error was: " + ace.getMessage());
                }
            }
        }
    }
    if ((is == null) && (classLoader == ClassLoader.getSystemClassLoader())) {
        String configFileStr = System.getProperty("java.util.logging.config.file");
        if (configFileStr != null) {
            try {
                is = new FileInputStream(replace(configFileStr));
            } catch (IOException e) {
                System.err.println("Configuration error");
                e.printStackTrace();
            }
        }
        // Try the default JVM configuration
        if (is == null) {
            File defaultFile = new File(new File(System.getProperty("java.home"), isJava9 ? "conf" : "lib"), "logging.properties");
            try {
                is = new FileInputStream(defaultFile);
            } catch (IOException e) {
                System.err.println("Configuration error");
                e.printStackTrace();
            }
        }
    }
    Logger localRootLogger = new RootLogger();
    if (is == null) {
        // Retrieve the root logger of the parent classloader instead
        ClassLoader current = classLoader.getParent();
        ClassLoaderLogInfo info = null;
        while (current != null && info == null) {
            info = getClassLoaderInfo(current);
            current = current.getParent();
        }
        if (info != null) {
            localRootLogger.setParent(info.rootNode.logger);
        }
    }
    ClassLoaderLogInfo info = new ClassLoaderLogInfo(new LogNode(null, localRootLogger));
    classLoaderLoggers.put(classLoader, info);
    if (is != null) {
        readConfiguration(is, classLoader);
    }
    try {
        // Use a ThreadLocal to work around
        // https://bugs.openjdk.java.net/browse/JDK-8195096
        addingLocalRootLogger.set(Boolean.TRUE);
        addLogger(localRootLogger);
    } finally {
        addingLocalRootLogger.set(Boolean.FALSE);
    }
}

Example 74 with Permission

use of java.security.Permission in project logging-log4j2 by apache.

the class ThrowableProxyTest method testLogStackTraceWithClassLoaderThatWithCauseSecurityException.

@Test
public void testLogStackTraceWithClassLoaderThatWithCauseSecurityException() throws Exception {
    final SecurityManager sm = System.getSecurityManager();
    try {
        System.setSecurityManager(new SecurityManager() {

            @Override
            public void checkPermission(final Permission perm) {
                if (perm instanceof RuntimePermission) {
                    // deny access to the classloader to trigger the security exception
                    if ("getClassLoader".equals(perm.getName())) {
                        throw new SecurityException(perm.toString());
                    }
                }
            }
        });
        final String algorithm = "AES/CBC/PKCS5Padding";
        final Cipher ec = Cipher.getInstance(algorithm);
        // initialization vector
        final byte[] bytes = new byte[16];
        final SecureRandom secureRandom = new SecureRandom();
        secureRandom.nextBytes(bytes);
        final KeyGenerator generator = KeyGenerator.getInstance("AES");
        generator.init(128);
        final IvParameterSpec algorithmParameterSpec = new IvParameterSpec(bytes);
        ec.init(Cipher.ENCRYPT_MODE, generator.generateKey(), algorithmParameterSpec, secureRandom);
        final byte[] raw = new byte[0];
        final byte[] encrypted = ec.doFinal(raw);
        final Cipher dc = Cipher.getInstance(algorithm);
        dc.init(Cipher.DECRYPT_MODE, generator.generateKey(), algorithmParameterSpec, secureRandom);
        final BadPaddingException e = assertThrows(BadPaddingException.class, () -> dc.doFinal(encrypted));
        assertDoesNotThrow(() -> new ThrowableProxy(e));
    } finally {
        // restore the existing security manager
        System.setSecurityManager(sm);
    }
}

Example 75 with Permission

use of java.security.Permission in project symja_android_library by axkr.

the class L4MLogger method initialize.

/**
 * Default initialization, checking for applet in sandbox.
 */
protected void initialize() {
    String loggerName = getName();
    boolean runningSandbox = false;
    // check if we are running in an applet sandbox
    SecurityManager sm = System.getSecurityManager();
    if (null != sm) {
        try {
            Permission perm = new java.util.logging.LoggingPermission("control", "");
            sm.checkPermission(perm);
        } catch (SecurityException e) {
            System.out.println("L4M Logger runs in sandbox");
            runningSandbox = true;
        }
    }
    if (!runningSandbox) {
        // do not use parent handlers but our own
        setUseParentHandlers(false);
        // and add the Lab4inf handler to our logger
        addHandler(new Lab4InfHandler());
    // register with the LogManager
    }
    LogManager manager = LogManager.getLogManager();
    Logger aLogger = manager.getLogger(loggerName);
    if (manager.getLogger(loggerName) == null) {
        if (!LogManager.getLogManager().addLogger(this)) {
            System.err.println("failed to add " + this);
            throw new RuntimeException("addding L4MLogger failed");
        }
    } else {
        String msg;
        msg = format("allready registered %s by %s", loggerName, aLogger);
        aLogger.warning(msg);
        msg = format("could not register me: %s", this);
        aLogger.warning(msg);
    }
    setLevel(Level.WARNING);
}