Example 11 with Permission
use of java.security.Permission in project spring-framework by spring-projects.
the class ApplicationContextExpressionTests method systemPropertiesSecurityManager.
@Test
public void systemPropertiesSecurityManager() {
GenericApplicationContext ac = new GenericApplicationContext();
AnnotationConfigUtils.registerAnnotationConfigProcessors(ac);
GenericBeanDefinition bd = new GenericBeanDefinition();
bd.setBeanClass(TestBean.class);
bd.getPropertyValues().add("country", "#{systemProperties.country}");
ac.registerBeanDefinition("tb", bd);
SecurityManager oldSecurityManager = System.getSecurityManager();
try {
System.setProperty("country", "NL");
SecurityManager securityManager = new SecurityManager() {
@Override
public void checkPropertiesAccess() {
throw new AccessControlException("Not Allowed");
}
@Override
public void checkPermission(Permission perm) {
// allow everything else
}
};
System.setSecurityManager(securityManager);
ac.refresh();
TestBean tb = ac.getBean("tb", TestBean.class);
assertEquals("NL", tb.getCountry());
} finally {
System.setSecurityManager(oldSecurityManager);
System.getProperties().remove("country");
}
}
Also used :
GenericBeanDefinition(org.springframework.beans.factory.support.GenericBeanDefinition)
GenericApplicationContext(org.springframework.context.support.GenericApplicationContext)
TestBean(org.springframework.tests.sample.beans.TestBean)
Permission(java.security.Permission)
AccessControlException(java.security.AccessControlException)
Test(org.junit.Test)
Example 12 with Permission
use of java.security.Permission in project spring-framework by spring-projects.
the class EnvironmentSecurityManagerIntegrationTests method securityManagerDisallowsAccessToSystemEnvironmentAndDisallowsAccessToIndividualKey.
@Test
public void securityManagerDisallowsAccessToSystemEnvironmentAndDisallowsAccessToIndividualKey() {
SecurityManager securityManager = new SecurityManager() {
@Override
public void checkPermission(Permission perm) {
// ReadOnlySystemAttributesMap will come into play.
if ("getenv.*".equals(perm.getName())) {
throw new AccessControlException("Accessing the system environment is disallowed");
}
// be ignored.
if (("getenv." + AbstractEnvironment.ACTIVE_PROFILES_PROPERTY_NAME).equals(perm.getName())) {
throw new AccessControlException(format("Accessing system environment variable [%s] is disallowed", AbstractEnvironment.ACTIVE_PROFILES_PROPERTY_NAME));
}
}
};
System.setSecurityManager(securityManager);
DefaultListableBeanFactory bf = new DefaultListableBeanFactory();
AnnotatedBeanDefinitionReader reader = new AnnotatedBeanDefinitionReader(bf);
reader.register(C1.class);
assertThat(bf.containsBean("c1"), is(false));
}
Also used :
Permission(java.security.Permission)
DefaultListableBeanFactory(org.springframework.beans.factory.support.DefaultListableBeanFactory)
AccessControlException(java.security.AccessControlException)
AnnotatedBeanDefinitionReader(org.springframework.context.annotation.AnnotatedBeanDefinitionReader)
Test(org.junit.Test)
Example 13 with Permission
use of java.security.Permission in project robovm by robovm.
the class AccessControllerTest method testDoPrivilegedWithCombiner.
public void testDoPrivilegedWithCombiner() {
final Permission permission = new RuntimePermission("do stuff");
final DomainCombiner union = new DomainCombiner() {
public ProtectionDomain[] combine(ProtectionDomain[] a, ProtectionDomain[] b) {
throw new AssertionFailedError("Expected combiner to be unused");
}
};
ProtectionDomain protectionDomain = new ProtectionDomain(null, new Permissions());
AccessControlContext accessControlContext = new AccessControlContext(new AccessControlContext(new ProtectionDomain[] { protectionDomain }), union);
final AtomicInteger actionCount = new AtomicInteger();
AccessController.doPrivileged(new PrivilegedAction<Void>() {
public Void run() {
assertEquals(null, AccessController.getContext().getDomainCombiner());
AccessController.getContext().checkPermission(permission);
// Calling doPrivileged again would have exercised the combiner
AccessController.doPrivileged(new PrivilegedAction<Void>() {
public Void run() {
actionCount.incrementAndGet();
assertEquals(null, AccessController.getContext().getDomainCombiner());
AccessController.getContext().checkPermission(permission);
return null;
}
});
return null;
}
}, accessControlContext);
assertEquals(1, actionCount.get());
}
Also used :
ProtectionDomain(java.security.ProtectionDomain)
DomainCombiner(java.security.DomainCombiner)
AccessControlContext(java.security.AccessControlContext)
AtomicInteger(java.util.concurrent.atomic.AtomicInteger)
PrivilegedAction(java.security.PrivilegedAction)
Permission(java.security.Permission)
Permissions(java.security.Permissions)
AssertionFailedError(junit.framework.AssertionFailedError)
Example 14 with Permission
use of java.security.Permission in project felix by apache.
the class Permissions method getFromCache.
private Permission getFromCache(String encoded, Class target) {
synchronized (m_permissionCache) {
SoftReference ref = (SoftReference) m_permissionCache.get(encoded);
if (ref != null) {
Map inner = (Map) ref.get();
if (inner != null) {
Entry entry = (Entry) inner.get(target);
if (entry != null) {
Permission result = (Permission) entry.get();
if (result != null) {
return result;
}
inner.remove(entry);
}
if (inner.isEmpty()) {
m_permissionCache.remove(encoded);
}
} else {
m_permissionCache.remove(encoded);
}
}
}
return null;
}
Also used :
SoftReference(java.lang.ref.SoftReference)
AllPermission(java.security.AllPermission)
FilePermission(java.io.FilePermission)
AdminPermission(org.osgi.framework.AdminPermission)
Permission(java.security.Permission)
HashMap(java.util.HashMap)
Map(java.util.Map)
Example 15 with Permission
use of java.security.Permission in project felix by apache.
the class CoordinatorImpl method checkPermission.
public void checkPermission(final String coordinationName, final String actions) {
final SecurityManager securityManager = System.getSecurityManager();
if (securityManager != null) {
final Permission permission = new CoordinationPermission(coordinationName, this.owner, actions);
securityManager.checkPermission(permission);
}
}
Also used :
Permission(java.security.Permission)
CoordinationPermission(org.osgi.service.coordinator.CoordinationPermission)
CoordinationPermission(org.osgi.service.coordinator.CoordinationPermission)
Aggregations
Permission (java.security.Permission)236
Test (org.junit.Test)55
PermissionCollection (java.security.PermissionCollection)39
FilePermission (java.io.FilePermission)38
Permissions (java.security.Permissions)31
ProtectionDomain (java.security.ProtectionDomain)27
IOException (java.io.IOException)20
AllPermission (java.security.AllPermission)20
QuickTest (com.hazelcast.test.annotation.QuickTest)17
File (java.io.File)17
URL (java.net.URL)16
AccessControlException (java.security.AccessControlException)14
Principal (java.security.Principal)14
PropertyPermission (java.util.PropertyPermission)14
Policy (java.security.Policy)13
MBeanPermission (javax.management.MBeanPermission)13
AccessControlContext (java.security.AccessControlContext)12
CodeSource (java.security.CodeSource)11
SecurityPermission (java.security.SecurityPermission)11
ArrayList (java.util.ArrayList)10
