Examples with Permission java.security.Permission used on opensource projects

Search in sources :

Example 91 with Permission

use of java.security.Permission in project wildfly by wildfly.

the class SecurityHelper method runWithSecurityManager.

public static <T> T runWithSecurityManager(final Callable<T> action, final AccessControlContext securityContext) throws Exception {
    Policy previousPolicy = Policy.getPolicy();
    SecurityManager previousSM = System.getSecurityManager();
    // let's be a bit brutal here and just allow any code do anything by default for the time this method executes.
    Policy.setPolicy(new Policy() {

        @Override
        public boolean implies(ProtectionDomain domain, Permission permission) {
            return true;
        }
    });
    // with our new totally unsecure policy, let's install a new security manager
    System.setSecurityManager(new SecurityManager());
    try {
        // run the code to test with limited privs defined by the securityContext
        return AccessController.doPrivileged(new PrivilegedExceptionAction<T>() {

            @Override
            public T run() throws Exception {
                return action.call();
            }
        }, securityContext);
    } catch (PrivilegedActionException e) {
        throw e.getException();
    } finally {
        // and reset back the previous security settings
        System.setSecurityManager(previousSM);
        Policy.setPolicy(previousPolicy);
    }
}
Also used : Policy(java.security.Policy) ProtectionDomain(java.security.ProtectionDomain) PrivilegedActionException(java.security.PrivilegedActionException) Permission(java.security.Permission) JndiPermission(org.wildfly.naming.java.permission.JndiPermission) PrivilegedActionException(java.security.PrivilegedActionException) NamingException(javax.naming.NamingException)

Example 92 with Permission

use of java.security.Permission in project wildfly by wildfly.

the class JpaDsRestartTestCase method deploy.

@Deployment
public static Archive<?> deploy() {
    WebArchive war = ShrinkWrap.create(WebArchive.class, "dsrestartjpa.war");
    war.addPackage(JpaInjectedSfsb.class.getPackage());
    // WEB-INF/classes is implied
    war.addAsResource(JpaDsRestartTestCase.class.getPackage(), "persistence.xml", "META-INF/persistence.xml");
    war.addAsManifestResource(JpaDsRestartTestCase.class.getPackage(), "MANIFEST.MF", "MANIFEST.MF");
    final Permission[] permissions = new Permission[] { ControllerPermission.CAN_ACCESS_MODEL_CONTROLLER, ControllerPermission.CAN_ACCESS_IMMUTABLE_MANAGEMENT_RESOURCE_REGISTRATION };
    war.addAsManifestResource(PermissionUtils.createPermissionsXmlAsset(permissions), "permissions.xml");
    return war;
}
Also used : WebArchive(org.jboss.shrinkwrap.api.spec.WebArchive) ControllerPermission(org.jboss.as.controller.security.ControllerPermission) Permission(java.security.Permission) Deployment(org.jboss.arquillian.container.test.api.Deployment)

Example 93 with Permission

use of java.security.Permission in project wildfly by wildfly.

the class JndiPermissionTestCase method testCollection.

@Test
public void testCollection() {
    final PermissionCollection permissionCollection = new JndiPermission("", "").newPermissionCollection();
    Enumeration<Permission> e;
    permissionCollection.add(new JndiPermission("foo/bar", "lookup,bind"));
    assertTrue(permissionCollection.implies(new JndiPermission("foo/bar", "lookup,bind")));
    assertFalse(permissionCollection.implies(new JndiPermission("foo/bar", "lookup,bind,unbind")));
    assertFalse(permissionCollection.implies(new JndiPermission("foo/bar", "unbind")));
    assertNotNull(e = permissionCollection.elements());
    assertTrue(e.hasMoreElements());
    assertEquals(new JndiPermission("foo/bar", "lookup,bind"), e.nextElement());
    assertFalse(e.hasMoreElements());
    permissionCollection.add(new JndiPermission("foo/bar", "unbind"));
    assertTrue(permissionCollection.implies(new JndiPermission("foo/bar", "lookup,bind")));
    assertTrue(permissionCollection.implies(new JndiPermission("foo/bar", "lookup,bind,unbind")));
    assertTrue(permissionCollection.implies(new JndiPermission("foo/bar", "unbind")));
    assertNotNull(e = permissionCollection.elements());
    assertTrue(e.hasMoreElements());
    assertEquals(new JndiPermission("foo/bar", "lookup,bind,unbind"), e.nextElement());
    assertFalse(e.hasMoreElements());
    permissionCollection.add(new JndiPermission("-", "lookup"));
    assertTrue(permissionCollection.implies(new JndiPermission("foo/bar", "lookup,bind")));
    assertTrue(permissionCollection.implies(new JndiPermission("foo/bar", "lookup,bind,unbind")));
    assertTrue(permissionCollection.implies(new JndiPermission("foo/bar", "unbind")));
    assertTrue(permissionCollection.implies(new JndiPermission("baz/zap", "lookup")));
    assertTrue(permissionCollection.implies(new JndiPermission("", "lookup")));
    assertFalse(permissionCollection.implies(new JndiPermission("baz/zap", "lookup,bind,unbind")));
    assertFalse(permissionCollection.implies(new JndiPermission("baz/zap", "unbind")));
    assertNotNull(e = permissionCollection.elements());
    assertTrue(e.hasMoreElements());
    assertEquals(new JndiPermission("foo/bar", "lookup,bind,unbind"), e.nextElement());
    assertTrue(e.hasMoreElements());
    assertEquals(new JndiPermission("-", "lookup"), e.nextElement());
    assertFalse(e.hasMoreElements());
    permissionCollection.add(new JndiPermission("-", "bind,unbind"));
    assertTrue(permissionCollection.implies(new JndiPermission("foo/bar", "lookup,bind")));
    assertTrue(permissionCollection.implies(new JndiPermission("foo/bar", "lookup,bind,unbind")));
    assertTrue(permissionCollection.implies(new JndiPermission("foo/bar", "unbind")));
    assertTrue(permissionCollection.implies(new JndiPermission("baz/zap", "lookup")));
    assertTrue(permissionCollection.implies(new JndiPermission("", "lookup")));
    assertTrue(permissionCollection.implies(new JndiPermission("baz/zap", "lookup,bind,unbind")));
    assertTrue(permissionCollection.implies(new JndiPermission("baz/zap", "unbind")));
    assertNotNull(e = permissionCollection.elements());
    assertTrue(e.hasMoreElements());
    assertEquals(new JndiPermission("-", "lookup,bind,unbind"), e.nextElement());
    assertFalse(e.hasMoreElements());
}
Also used : PermissionCollection(java.security.PermissionCollection) Permission(java.security.Permission) Test(org.junit.Test)

Example 94 with Permission

use of java.security.Permission in project wildfly by wildfly.

the class LimitedModulePermissionsTestCase method testReadJavaHome.

/**
 * Test which reads system property without Permission.
 */
@Test
public void testReadJavaHome() {
    try {
        CheckJSMUtils.getSystemProperty("java.home");
        fail("Access should be denied");
    } catch (AccessControlException e) {
        Permission expectedPerm = new PropertyPermission("java.home", "read");
        assertEquals("Permission type doesn't match", expectedPerm, e.getPermission());
    }
}
Also used : PropertyPermission(java.util.PropertyPermission) PropertyPermission(java.util.PropertyPermission) Permission(java.security.Permission) AccessControlException(java.security.AccessControlException) Test(org.junit.Test)

Example 95 with Permission

use of java.security.Permission in project wildfly by wildfly.

the class CheckIdentityPermissionServlet method doGet.

@Override
protected void doGet(HttpServletRequest req, HttpServletResponse resp) throws ServletException, IOException {
    resp.setContentType("text/plain");
    resp.setCharacterEncoding("UTF-8");
    SecurityIdentity si = null;
    final String user = req.getParameter(PARAM_USER);
    if (user != null) {
        final String password = req.getParameter(PARAM_PASSWORD);
        try {
            si = SecurityDomain.getCurrent().authenticate(user, new PasswordGuessEvidence(password.toCharArray()));
        } catch (Exception e) {
            e.printStackTrace();
            resp.sendError(SC_FORBIDDEN, e.getMessage());
            return;
        }
    } else {
        si = SecurityDomain.getCurrent().getCurrentSecurityIdentity();
    }
    String className = req.getParameter(PARAM_CLASS);
    if (className == null) {
        resp.sendError(SC_BAD_REQUEST, "Parameter class has to be provided");
        return;
    }
    String target = req.getParameter(PARAM_TARGET);
    String action = req.getParameter(PARAM_ACTION);
    Permission perm = null;
    try {
        if (target == null) {
            perm = (Permission) Class.forName(className).newInstance();
        } else if (action == null) {
            perm = (Permission) Class.forName(className).getConstructor(String.class).newInstance(target);
        } else {
            perm = (Permission) Class.forName(className).getConstructor(String.class, String.class).newInstance(target, action);
        }
    } catch (Exception e) {
        throw new ServletException("Unable to create permission instance", e);
    }
    final PrintWriter writer = resp.getWriter();
    writer.print(si.implies(perm));
    writer.close();
}
Also used : SecurityIdentity(org.wildfly.security.auth.server.SecurityIdentity) ServletException(javax.servlet.ServletException) Permission(java.security.Permission) PasswordGuessEvidence(org.wildfly.security.evidence.PasswordGuessEvidence) ServletException(javax.servlet.ServletException) IOException(java.io.IOException) PrintWriter(java.io.PrintWriter)

Aggregations

Permission (java.security.Permission)236 Test (org.junit.Test)55 PermissionCollection (java.security.PermissionCollection)39 FilePermission (java.io.FilePermission)38 Permissions (java.security.Permissions)31 ProtectionDomain (java.security.ProtectionDomain)27 IOException (java.io.IOException)20 AllPermission (java.security.AllPermission)20 QuickTest (com.hazelcast.test.annotation.QuickTest)17 File (java.io.File)17 URL (java.net.URL)16 AccessControlException (java.security.AccessControlException)14 Principal (java.security.Principal)14 PropertyPermission (java.util.PropertyPermission)14 Policy (java.security.Policy)13 MBeanPermission (javax.management.MBeanPermission)13 AccessControlContext (java.security.AccessControlContext)12 CodeSource (java.security.CodeSource)11 SecurityPermission (java.security.SecurityPermission)11 ArrayList (java.util.ArrayList)10
About Me
UseOf

Java Tutorials :

Simple Java RabbitMQ Example with Spring
Simple Springboot JPA Eclipeslink Example
Simple SpringBoot JPA Hibernate Example
Jackson JSON @JsonIgnore and @JsonIgnoreProperties Examples
Java Infinite recursion (StackOverflowError) Jackson solutions
Simple Java Jackson Serialize Objects to JSON and convert them back To Object
ElasticSearch 5 - Upload files using Java API in binary field Example
Java JAXB marshall unmarshall Examples from String and Stream
Java 8 forEach List and Map examples
ElasticSearch 5 Java API SearchRequestBuilder examples
Java ElasticSearch 5 examples with node index and mapping - running local
Convert String to int or Integer Java 8
Java 9 in action - JShell - Ubuntu
Java - removing invalid characters from a file name
Hello world!? or Hello Tutorial