Examples with Permission - java.security.Permission

Example 16 with Permission

use of java.security.Permission in project jdk8u_jdk by JetBrains.

the class PolicyPermissions method init.

private synchronized void init() {
    if (notInit) {
        if (perms == null) {
            perms = new Permissions();
        }
        if (additionalPerms != null) {
            Enumeration<Permission> e = additionalPerms.elements();
            while (e.hasMoreElements()) {
                perms.add(e.nextElement());
            }
            additionalPerms = null;
        }
        policy.getPermissions(perms, codesource);
        notInit = false;
    }
}

Also used : Permissions(java.security.Permissions) UnresolvedPermission(java.security.UnresolvedPermission) PrivateCredentialPermission(javax.security.auth.PrivateCredentialPermission) Permission(java.security.Permission)

Example 17 with Permission

use of java.security.Permission in project jdk8u_jdk by JetBrains.

the class SubjectDelegator method checkRemoveCallerContext.

/**
     * Check if the connector server creator can assume the identity of each
     * principal in the authenticated subject, i.e. check if the connector
     * server creator codebase contains a subject delegation permission for
     * each principal present in the authenticated subject.
     *
     * @return {@code true} if the connector server creator can delegate to all
     * the authenticated principals in the subject. Otherwise, {@code false}.
     */
public static synchronized boolean checkRemoveCallerContext(Subject subject) {
    try {
        for (Principal p : getSubjectPrincipals(subject)) {
            final String pname = p.getClass().getName() + "." + p.getName();
            final Permission sdp = new SubjectDelegationPermission(pname);
            AccessController.checkPermission(sdp);
        }
    } catch (SecurityException e) {
        return false;
    }
    return true;
}

Also used : Permission(java.security.Permission) SubjectDelegationPermission(javax.management.remote.SubjectDelegationPermission) SubjectDelegationPermission(javax.management.remote.SubjectDelegationPermission) Principal(java.security.Principal)

Example 18 with Permission

use of java.security.Permission in project jdk8u_jdk by JetBrains.

the class SubjectDelegator method delegatedContext.

/* Return the AccessControlContext appropriate to execute an
       operation on behalf of the delegatedSubject.  If the
       authenticatedAccessControlContext does not have permission to
       delegate to that subject, throw SecurityException.  */
public AccessControlContext delegatedContext(AccessControlContext authenticatedACC, Subject delegatedSubject, boolean removeCallerContext) throws SecurityException {
    if (System.getSecurityManager() != null && authenticatedACC == null) {
        throw new SecurityException("Illegal AccessControlContext: null");
    }
    // Check if the subject delegation permission allows the
    // authenticated subject to assume the identity of each
    // principal in the delegated subject
    //
    Collection<Principal> ps = getSubjectPrincipals(delegatedSubject);
    final Collection<Permission> permissions = new ArrayList<>(ps.size());
    for (Principal p : ps) {
        final String pname = p.getClass().getName() + "." + p.getName();
        permissions.add(new SubjectDelegationPermission(pname));
    }
    PrivilegedAction<Void> action = new PrivilegedAction<Void>() {

        public Void run() {
            for (Permission sdp : permissions) {
                AccessController.checkPermission(sdp);
            }
            return null;
        }
    };
    AccessController.doPrivileged(action, authenticatedACC);
    return getDelegatedAcc(delegatedSubject, removeCallerContext);
}

Also used : PrivilegedAction(java.security.PrivilegedAction) Permission(java.security.Permission) SubjectDelegationPermission(javax.management.remote.SubjectDelegationPermission) SubjectDelegationPermission(javax.management.remote.SubjectDelegationPermission) Principal(java.security.Principal)

Example 19 with Permission

use of java.security.Permission in project jdk8u_jdk by JetBrains.

the class URLClassPath method check.

/*
     * Check whether the resource URL should be returned.
     * Throw exception on failure.
     * Called internally within this file.
     */
static void check(URL url) throws IOException {
    SecurityManager security = System.getSecurityManager();
    if (security != null) {
        URLConnection urlConnection = url.openConnection();
        Permission perm = urlConnection.getPermission();
        if (perm != null) {
            try {
                security.checkPermission(perm);
            } catch (SecurityException se) {
                // security managers
                if ((perm instanceof java.io.FilePermission) && perm.getActions().indexOf("read") != -1) {
                    security.checkRead(perm.getName());
                } else if ((perm instanceof java.net.SocketPermission) && perm.getActions().indexOf("connect") != -1) {
                    URL locUrl = url;
                    if (urlConnection instanceof JarURLConnection) {
                        locUrl = ((JarURLConnection) urlConnection).getJarFileURL();
                    }
                    security.checkConnect(locUrl.getHost(), locUrl.getPort());
                } else {
                    throw se;
                }
            }
        }
    }
}

Also used : java.io(java.io) JarURLConnection(java.net.JarURLConnection) Permission(java.security.Permission) HttpURLConnection(java.net.HttpURLConnection) URLConnection(java.net.URLConnection) JarURLConnection(java.net.JarURLConnection) URL(java.net.URL)

Example 20 with Permission

use of java.security.Permission in project jdk8u_jdk by JetBrains.

the class MarshalInputStream method checkSunClass.

/**
     * Fix for 4179055: Need to assist resolving sun stubs; resolve
     * class locally if it is a "permitted" sun class
     */
private Class<?> checkSunClass(String className, AccessControlException e) throws AccessControlException {
    // ensure that we are giving out a stub for the correct reason
    Permission perm = e.getPermission();
    String name = null;
    if (perm != null) {
        name = perm.getName();
    }
    Class<?> resolvedClass = permittedSunClasses.get(className);
    // if class not permitted, throw the SecurityException
    if ((name == null) || (resolvedClass == null) || ((!name.equals("accessClassInPackage.sun.rmi.server")) && (!name.equals("accessClassInPackage.sun.rmi.registry")))) {
        throw e;
    }
    return resolvedClass;
}

Also used : Permission(java.security.Permission)

Aggregations

Permission (java.security.Permission)236 Test (org.junit.Test)55 PermissionCollection (java.security.PermissionCollection)39 FilePermission (java.io.FilePermission)38 Permissions (java.security.Permissions)31 ProtectionDomain (java.security.ProtectionDomain)27 IOException (java.io.IOException)20 AllPermission (java.security.AllPermission)20 QuickTest (com.hazelcast.test.annotation.QuickTest)17 File (java.io.File)17 URL (java.net.URL)16 AccessControlException (java.security.AccessControlException)14 Principal (java.security.Principal)14 PropertyPermission (java.util.PropertyPermission)14 Policy (java.security.Policy)13 MBeanPermission (javax.management.MBeanPermission)13 AccessControlContext (java.security.AccessControlContext)12 CodeSource (java.security.CodeSource)11 SecurityPermission (java.security.SecurityPermission)11 ArrayList (java.util.ArrayList)10