Examples with PermissionCollection java.security.PermissionCollection used on opensource projects

Search in sources :

Example 1 with PermissionCollection

use of java.security.PermissionCollection in project elasticsearch by elastic.

the class PluginSecurityTests method testParsePermissions.

/** Test that we can parse the set of permissions correctly for a simple policy */
public void testParsePermissions() throws Exception {
    assumeTrue("test cannot run with security manager enabled", System.getSecurityManager() == null);
    Path scratch = createTempDir();
    Path testFile = this.getDataPath("security/simple-plugin-security.policy");
    Permissions expected = new Permissions();
    expected.add(new RuntimePermission("queuePrintJob"));
    PermissionCollection actual = PluginSecurity.parsePermissions(Terminal.DEFAULT, testFile, scratch);
    assertEquals(expected, actual);
}
Also used : Path(java.nio.file.Path) PermissionCollection(java.security.PermissionCollection) Permissions(java.security.Permissions)

Example 2 with PermissionCollection

use of java.security.PermissionCollection in project elasticsearch by elastic.

the class PluginSecurityTests method testFormatUnresolvedPermission.

/** Test that we can format an unresolved permission properly */
public void testFormatUnresolvedPermission() throws Exception {
    assumeTrue("test cannot run with security manager enabled", System.getSecurityManager() == null);
    Path scratch = createTempDir();
    Path testFile = this.getDataPath("security/unresolved-plugin-security.policy");
    PermissionCollection actual = PluginSecurity.parsePermissions(Terminal.DEFAULT, testFile, scratch);
    List<Permission> permissions = Collections.list(actual.elements());
    assertEquals(1, permissions.size());
    assertEquals("org.fake.FakePermission fakeName", PluginSecurity.formatPermission(permissions.get(0)));
}
Also used : Path(java.nio.file.Path) PermissionCollection(java.security.PermissionCollection) Permission(java.security.Permission)

Example 3 with PermissionCollection

use of java.security.PermissionCollection in project elasticsearch by elastic.

the class ESPolicyTests method testRestrictPrivileges.

/** 
     * test restricting privileges to no permissions actually works
     */
public void testRestrictPrivileges() {
    assumeTrue("test requires security manager", System.getSecurityManager() != null);
    try {
        System.getProperty("user.home");
    } catch (SecurityException e) {
        fail("this test needs to be fixed: user.home not available by policy");
    }
    PermissionCollection noPermissions = new Permissions();
    AccessControlContext noPermissionsAcc = new AccessControlContext(new ProtectionDomain[] { new ProtectionDomain(null, noPermissions) });
    try {
        AccessController.doPrivileged(new PrivilegedAction<Void>() {

            public Void run() {
                System.getProperty("user.home");
                fail("access should have been denied");
                return null;
            }
        }, noPermissionsAcc);
    } catch (SecurityException expected) {
    // expected exception
    }
}
Also used : PermissionCollection(java.security.PermissionCollection) ProtectionDomain(java.security.ProtectionDomain) AccessControlContext(java.security.AccessControlContext) Permissions(java.security.Permissions)

Example 4 with PermissionCollection

use of java.security.PermissionCollection in project elasticsearch by elastic.

the class ESPolicyUnitTests method testNullCodeSource.

/**
     * Test policy with null codesource.
     * <p>
     * This can happen when restricting privileges with doPrivileged,
     * even though ProtectionDomain's ctor javadocs might make you think
     * that the policy won't be consulted.
     */
public void testNullCodeSource() throws Exception {
    assumeTrue("test cannot run with security manager", System.getSecurityManager() == null);
    // create a policy with AllPermission
    Permission all = new AllPermission();
    PermissionCollection allCollection = all.newPermissionCollection();
    allCollection.add(all);
    ESPolicy policy = new ESPolicy(allCollection, Collections.emptyMap(), true);
    // restrict ourselves to NoPermission
    PermissionCollection noPermissions = new Permissions();
    assertFalse(policy.implies(new ProtectionDomain(null, noPermissions), new FilePermission("foo", "read")));
}
Also used : PermissionCollection(java.security.PermissionCollection) ProtectionDomain(java.security.ProtectionDomain) Permission(java.security.Permission) FilePermission(java.io.FilePermission) SocketPermission(java.net.SocketPermission) AllPermission(java.security.AllPermission) Permissions(java.security.Permissions) AllPermission(java.security.AllPermission) FilePermission(java.io.FilePermission)

Example 5 with PermissionCollection

use of java.security.PermissionCollection in project elasticsearch by elastic.

the class ESPolicyUnitTests method testNullLocation.

/**
     * test with null location
     * <p>
     * its unclear when/if this happens, see https://bugs.openjdk.java.net/browse/JDK-8129972
     */
public void testNullLocation() throws Exception {
    assumeTrue("test cannot run with security manager", System.getSecurityManager() == null);
    PermissionCollection noPermissions = new Permissions();
    ESPolicy policy = new ESPolicy(noPermissions, Collections.emptyMap(), true);
    assertFalse(policy.implies(new ProtectionDomain(new CodeSource(null, (Certificate[]) null), noPermissions), new FilePermission("foo", "read")));
}
Also used : PermissionCollection(java.security.PermissionCollection) ProtectionDomain(java.security.ProtectionDomain) Permissions(java.security.Permissions) CodeSource(java.security.CodeSource) FilePermission(java.io.FilePermission)

Aggregations

PermissionCollection (java.security.PermissionCollection)107 Permission (java.security.Permission)39 Permissions (java.security.Permissions)29 CodeSource (java.security.CodeSource)25 FilePermission (java.io.FilePermission)20 ProtectionDomain (java.security.ProtectionDomain)19 AllPermission (java.security.AllPermission)16 Policy (java.security.Policy)15 URL (java.net.URL)14 File (java.io.File)10 IOException (java.io.IOException)10 Certificate (java.security.cert.Certificate)8 AccessControlContext (java.security.AccessControlContext)7 PropertyPermission (java.util.PropertyPermission)7 Test (org.junit.Test)7 SocketPermission (java.net.SocketPermission)6 Method (java.lang.reflect.Method)5 Principal (java.security.Principal)5 PrivilegedActionException (java.security.PrivilegedActionException)5 URLClassLoader (java.net.URLClassLoader)4
About Me
UseOf

Java Tutorials :

Simple Java RabbitMQ Example with Spring
Simple Springboot JPA Eclipeslink Example
Simple SpringBoot JPA Hibernate Example
Jackson JSON @JsonIgnore and @JsonIgnoreProperties Examples
Java Infinite recursion (StackOverflowError) Jackson solutions
Simple Java Jackson Serialize Objects to JSON and convert them back To Object
ElasticSearch 5 - Upload files using Java API in binary field Example
Java JAXB marshall unmarshall Examples from String and Stream
Java 8 forEach List and Map examples
ElasticSearch 5 Java API SearchRequestBuilder examples
Java ElasticSearch 5 examples with node index and mapping - running local
Convert String to int or Integer Java 8
Java 9 in action - JShell - Ubuntu
Java - removing invalid characters from a file name
Hello world!? or Hello Tutorial