Example 81 with PermissionCollection
use of java.security.PermissionCollection in project core by weld.
the class ProtectionDomainCache method create.
private ProtectionDomain create(ProtectionDomain domain) {
if (domain.implies(ACCESS_DECLARED_MEMBERS_PERMISSION)) {
return domain;
}
PermissionCollection permissions = domain.getPermissions();
PermissionCollection proxyPermissions = new Permissions();
if (permissions != null) {
Enumeration<Permission> permissionElements = permissions.elements();
while (permissionElements.hasMoreElements()) {
proxyPermissions.add(permissionElements.nextElement());
}
}
proxyPermissions.add(ACCESS_DECLARED_MEMBERS_PERMISSION);
return new ProtectionDomain(domain.getCodeSource(), proxyPermissions);
}
Also used :
PermissionCollection(java.security.PermissionCollection)
ProtectionDomain(java.security.ProtectionDomain)
Permissions(java.security.Permissions)
Permission(java.security.Permission)
Example 82 with PermissionCollection
use of java.security.PermissionCollection in project openj9 by eclipse.
the class Test_J9VMInternalsImpl method test_checkPackageAccess.
@Test
public void test_checkPackageAccess() throws Throwable {
final String className = getClass().getName();
System.setSecurityManager(new SecurityManager());
try {
/*
* these tests are not dependent on the ClassLoader behaviour
*/
try {
@SuppressWarnings("rawtypes") Class // $NON-NLS-1$
cl = Class.forName(className + "$SuperclassRestricted");
Assert.fail(// $NON-NLS-1$
"FAILED: successfully loaded " + cl + // $NON-NLS-1$
" with restricted superclass");
} catch (SecurityException e) {
/* intentionally empty */
}
try {
@SuppressWarnings("rawtypes") Class // $NON-NLS-1$
cl = Class.forName(className + "$InterfaceRestricted");
Assert.fail(// $NON-NLS-1$
"FAILED: successfully loaded " + cl + // $NON-NLS-1$
" with restricted interface");
} catch (SecurityException e) {
/* intentionally empty */
}
} finally {
System.setSecurityManager(null);
}
/*
* special ClassLoader that changes behavior every time the
* $NCDFEHelper class load is attempted
*/
ClassLoader loader1 = new URLClassLoader(new URL[] { getClass().getProtectionDomain().getCodeSource().getLocation() }, null) {
int behaviorLoadingNCDFEHelper = 2;
@Override
@SuppressWarnings({ "rawtypes", "unchecked" })
public Class findClass(String name) throws ClassNotFoundException {
Class result;
if (name.startsWith(ORG_TESTNG)) {
result = Class.forName(name, true, ClassLoader.getSystemClassLoader());
} else {
if (name.equals(className + "$NCDFEHelper") && behaviorLoadingNCDFEHelper > 0) {
// $NON-NLS-1$
// $NON-NLS-1$
logger.debug("Trying to load NCDFEHelper");
behaviorLoadingNCDFEHelper--;
if (behaviorLoadingNCDFEHelper == 1) {
throw new OutOfMemoryError();
}
throw new LinkageError();
}
result = super.findClass(name);
}
return result;
}
};
/*
* run the $TestNCDFE test
*/
@SuppressWarnings("rawtypes") Class // $NON-NLS-1$
cl1 = Class.forName(className + "$TestNCDFE", true, loader1);
Object testInstance1 = cl1.newInstance();
@SuppressWarnings("unchecked") Method // $NON-NLS-1$
testMethod1 = cl1.getMethod("runTest1");
testMethod1.invoke(testInstance1);
/*
* Create a ClassLoader with AllPermission so classes loaded by this loader
* are not restricted by the default permissions of the application ClassLoader.
*/
ClassLoader privilegedLoader = new URLClassLoader(new URL[] { getClass().getProtectionDomain().getCodeSource().getLocation() }, null) {
@SuppressWarnings({ "rawtypes", "unchecked" })
@Override
public Class findClass(String name) throws ClassNotFoundException {
Class result;
if (name.startsWith(ORG_TESTNG)) {
result = Class.forName(name, true, ClassLoader.getSystemClassLoader());
} else {
if (!name.startsWith(className + TEST_RESTRICTED)) {
throw new ClassNotFoundException(name);
}
result = super.findClass(name);
}
return result;
}
@Override
public PermissionCollection getPermissions(CodeSource csource) {
PermissionCollection permCollection = super.getPermissions(csource);
/*
* Allow AllPermission so we can use this classloader
* to define a custom SecurityManager.
*/
permCollection.add(new AllPermission());
return permCollection;
}
};
/*
* These tests are dependent on the ClassLoader behaviour.
* The default application ClassLoader checks package access of the classes being loaded.
* Other ClassLoaders don't have this behaviour
* and depend on the VM to do the check. We wish to test the VM behavior.
*/
@SuppressWarnings("rawtypes") Class cl2 = Class.forName(className + TEST_RESTRICTED, true, privilegedLoader);
Object testInstance2 = cl2.newInstance();
@SuppressWarnings("unchecked") Method // $NON-NLS-1$
testMethod2 = cl2.getMethod("runTest2", String.class);
testMethod2.invoke(testInstance2, className);
}
Also used :
PermissionCollection(java.security.PermissionCollection)
Method(java.lang.reflect.Method)
CodeSource(java.security.CodeSource)
URLClassLoader(java.net.URLClassLoader)
URLClassLoader(java.net.URLClassLoader)
AllPermission(java.security.AllPermission)
Test(org.testng.annotations.Test)
Example 83 with PermissionCollection
use of java.security.PermissionCollection in project scheduling by ow2-proactive.
the class ClientsPolicy method getPermissions.
@Override
public PermissionCollection getPermissions(final ProtectionDomain domain) {
try {
readLock.lock();
PermissionCollection permissions = new Permissions();
// Look up permissions
Principal[] principals = domain.getPrincipals();
boolean identityPrincipal = false;
if (principals != null) {
for (Principal principal : principals) {
if (principal instanceof IdentityPrincipal) {
identityPrincipal = true;
PermissionCollection pc = original.getPermissions(domain);
if (pc != null) {
Permission permission = new PrincipalPermission((IdentityPrincipal) principal);
// always adding identity permission
permissions.add(permission);
if (debug) {
// WARNING cannot use log4j as it may lead to recursive permission check
System.out.println(principal + " has " + permission);
}
for (Enumeration<Permission> en = pc.elements(); en.hasMoreElements(); ) {
permission = en.nextElement();
// boot class path, so they were not correctly resolved at JVM start up time
if (permission instanceof UnresolvedPermission) {
permission = resolvePermission((UnresolvedPermission) permission);
if (permission == null)
continue;
}
// For IdentityPrincipal org.ow2.proactive.permissions.AllPermissions must be used
if (!permission.getClass().isAssignableFrom(AllPermission.class)) {
if (debug) {
// WARNING cannot use log4j as it may lead to recursive permission check
System.out.println(principal + " has " + permission);
}
permissions.add(permission);
}
}
}
}
}
}
if (!identityPrincipal) {
return original.getPermissions(domain);
}
return permissions;
} finally {
readLock.unlock();
}
}
Also used :
UnresolvedPermission(java.security.UnresolvedPermission)
PermissionCollection(java.security.PermissionCollection)
UnresolvedPermission(java.security.UnresolvedPermission)
MBeanPermission(javax.management.MBeanPermission)
AllPermission(java.security.AllPermission)
Permission(java.security.Permission)
ClientPermission(org.ow2.proactive.permissions.ClientPermission)
PrincipalPermission(org.ow2.proactive.permissions.PrincipalPermission)
AuthPermission(javax.security.auth.AuthPermission)
PrincipalPermission(org.ow2.proactive.permissions.PrincipalPermission)
AllPermission(java.security.AllPermission)
IdentityPrincipal(org.ow2.proactive.authentication.principals.IdentityPrincipal)
IdentityPrincipal(org.ow2.proactive.authentication.principals.IdentityPrincipal)
Principal(java.security.Principal)
Example 84 with PermissionCollection
use of java.security.PermissionCollection in project ecf by eclipse.
the class RssServerSOContainer method main.
public static void main(String[] args) throws Exception {
RssServerSOContainerGroup[] serverGroups = null;
final List servers = new ArrayList();
int port = DEFAULT_PORT;
if (args.length > 0) {
if (args[0].equals("-p")) {
port = Integer.parseInt(args[1]);
}
}
// Get server identity
final String serverName = "//" + InetAddress.getLocalHost().getHostName() + ":" + port;
serverGroups = new RssServerSOContainerGroup[1];
// Setup server group
serverGroups[0] = new RssServerSOContainerGroup(port);
// Create identity for server
final ID id = IDFactory.getDefault().createStringID(serverName);
// Create server config object with identity and default timeout
final SOContainerConfig config = new SOContainerConfig(id);
// Make server instance
System.out.println("Creating ECF server container...");
final RssServerSOContainer server = new RssServerSOContainer(config, serverGroups[0], DEFAULT_KEEPALIVE);
// Setup join policy
((ISharedObjectContainerGroupManager) server).setConnectPolicy(new IConnectHandlerPolicy() {
public PermissionCollection checkConnect(Object address, ID fromID, ID targetID, String targetGroup, Object connectData) throws Exception {
System.out.println("JOIN Addr=" + address + ";From=" + fromID + ";Group=" + targetGroup + ";Data=" + connectData);
return null;
}
public void refresh() {
System.out.println("joinPolicy.refresh()");
}
});
// Setup add shared object policy
final ISharedObjectManager manager = server.getSharedObjectManager();
manager.setRemoteAddPolicy(new ISharedObjectPolicy() {
public PermissionCollection checkAddSharedObject(ID fromID, ID toID, ID localID, ReplicaSharedObjectDescription newObjectDescription) throws SecurityException {
System.out.println("ADDSHAREDOBJECT From=" + fromID + ";To=" + toID + ";SharedObjectDesc=" + newObjectDescription);
return null;
}
public void refresh() {
System.out.println("sharedObjectPolicy.refresh()");
}
});
serverGroups[0].putOnTheAir();
servers.add(server);
System.out.println("success!");
System.out.println("Waiting for JOIN requests at '" + id.getName() + "'...");
System.out.println("<Ctrl>+C to stop server");
}
Also used :
PermissionCollection(java.security.PermissionCollection)
IConnectHandlerPolicy(org.eclipse.ecf.core.security.IConnectHandlerPolicy)
ArrayList(java.util.ArrayList)
ISharedObjectManager(org.eclipse.ecf.core.sharedobject.ISharedObjectManager)
ReplicaSharedObjectDescription(org.eclipse.ecf.core.sharedobject.ReplicaSharedObjectDescription)
SOContainerConfig(org.eclipse.ecf.provider.generic.SOContainerConfig)
URISyntaxException(java.net.URISyntaxException)
IOException(java.io.IOException)
ISharedObjectPolicy(org.eclipse.ecf.core.sharedobject.security.ISharedObjectPolicy)
ISharedObjectContainerGroupManager(org.eclipse.ecf.core.sharedobject.ISharedObjectContainerGroupManager)
ArrayList(java.util.ArrayList)
List(java.util.List)
ID(org.eclipse.ecf.core.identity.ID)
Example 85 with PermissionCollection
use of java.security.PermissionCollection in project jboss-modules by jboss-modules.
the class ModuleClassLoader method getProtectionDomain.
private ProtectionDomain getProtectionDomain(CodeSource codeSource) {
final IdentityHashMap<CodeSource, ProtectionDomain> map = protectionDomains;
synchronized (map) {
ProtectionDomain protectionDomain = map.get(codeSource);
if (protectionDomain == null) {
final PermissionCollection permissions = module.getPermissionCollection();
protectionDomain = new ModularProtectionDomain(codeSource, permissions, this);
map.put(codeSource, protectionDomain);
}
return protectionDomain;
}
}
Also used :
ModularProtectionDomain(org.jboss.modules.security.ModularProtectionDomain)
ProtectionDomain(java.security.ProtectionDomain)
ModularProtectionDomain(org.jboss.modules.security.ModularProtectionDomain)
PermissionCollection(java.security.PermissionCollection)
CodeSource(java.security.CodeSource)
Aggregations
PermissionCollection (java.security.PermissionCollection)107
Permission (java.security.Permission)39
Permissions (java.security.Permissions)29
CodeSource (java.security.CodeSource)25
FilePermission (java.io.FilePermission)20
ProtectionDomain (java.security.ProtectionDomain)19
AllPermission (java.security.AllPermission)16
Policy (java.security.Policy)15
URL (java.net.URL)14
File (java.io.File)10
IOException (java.io.IOException)10
Certificate (java.security.cert.Certificate)8
AccessControlContext (java.security.AccessControlContext)7
PropertyPermission (java.util.PropertyPermission)7
Test (org.junit.Test)7
SocketPermission (java.net.SocketPermission)6
Method (java.lang.reflect.Method)5
Principal (java.security.Principal)5
PrivilegedActionException (java.security.PrivilegedActionException)5
URLClassLoader (java.net.URLClassLoader)4
