Search in sources :

Example 91 with PermissionCollection

use of java.security.PermissionCollection in project lwjgl by LWJGL.

the class AppletLoader method updateClassPath.

/**
 * Edits the ClassPath at runtime to include the jars
 * that have just been downloaded and then adds the
 * lwjgl natives folder property.
 *
 * @param path location where applet is stored
 * @throws Exception if it fails to add classpath
 */
protected void updateClassPath(final String path) throws Exception {
    setState(STATE_UPDATING_CLASSPATH);
    percentage = 95;
    URL[] urls = new URL[urlList.length];
    for (int i = 0; i < urlList.length; i++) {
        String file = new File(path, getJarName(urlList[i])).toURI().toString();
        // fix JVM bug where ! is not escaped
        file = file.replace("!", "%21");
        urls[i] = new URL(file);
    }
    // get AppletLoader certificates
    final Certificate[] certs = getCurrentCertificates();
    // detect if we are running on a mac and save result as boolean
    String osName = System.getProperty("os.name");
    final boolean isMacOS = (osName.startsWith("Mac") || osName.startsWith("Darwin"));
    // add downloaded jars to the classpath with required permissions
    classLoader = new URLClassLoader(urls) {

        protected PermissionCollection getPermissions(CodeSource codesource) {
            PermissionCollection perms = null;
            try {
                // no permissions
                perms = new Permissions();
                // if certificates match the AppletLoader certificates then we should be all set
                if (certificatesMatch(certs, codesource.getCertificates())) {
                    perms.add(new AllPermission());
                    return perms;
                }
                String host = getCodeBase().getHost();
                if (host != null && (host.length() > 0)) {
                    // add permission for downloaded jars to access host they were from
                    perms.add(new SocketPermission(host, "connect,accept"));
                } else if ("file".equals(codesource.getLocation().getProtocol())) {
                    // if running locally add file permission
                    String path = codesource.getLocation().getFile().replace('/', File.separatorChar);
                    perms.add(new FilePermission(path, "read"));
                }
            } catch (Exception e) {
                e.printStackTrace();
            }
            return perms;
        }

        // allow non lwjgl native to be found from cache directory
        protected String findLibrary(String libname) {
            String libPath = path + "natives" + File.separator + LWJGLUtil.mapLibraryName(libname);
            if (new File(libPath).exists()) {
                return libPath;
            }
            return super.findLibrary(libname);
        }
    };
    debug_sleep(2000);
    // unload natives loaded by a previous instance of this lwjgl applet
    unloadNatives(path);
    // add natives files path to native class path
    System.setProperty("org.lwjgl.librarypath", path + "natives");
    // Make sure jinput knows about the new path too
    System.setProperty("net.java.games.input.librarypath", path + "natives");
    // set the library path, useful for non lwjgl natives
    System.setProperty("java.library.path", path + "natives");
    // mark natives as loaded
    natives_loaded = true;
}
Also used : PermissionCollection(java.security.PermissionCollection) SocketPermission(java.net.SocketPermission) CodeSource(java.security.CodeSource) FilePermission(java.io.FilePermission) URL(java.net.URL) AccessControlException(java.security.AccessControlException) IOException(java.io.IOException) URLClassLoader(java.net.URLClassLoader) Permissions(java.security.Permissions) AllPermission(java.security.AllPermission) JarFile(java.util.jar.JarFile) ZipFile(java.util.zip.ZipFile) File(java.io.File) Certificate(java.security.cert.Certificate)

Example 92 with PermissionCollection

use of java.security.PermissionCollection in project stanbol by apache.

the class UserAwarePolicy method getUserPermissionsFromSystemGraph.

/**
 * Returns the permissions of the specified user according to the entries in
 * the sytemGraph.
 *
 * @param user
 * @return
 * @throws java.lang.IllegalArgumentException
 * @throws java.lang.SecurityException
 */
private PermissionCollection getUserPermissionsFromSystemGraph(final Principal user) throws IllegalArgumentException, SecurityException, UserUnregisteredException {
    final PermissionCollection result = new Permissions();
    AccessController.doPrivileged(new PrivilegedAction<Object>() {

        @Override
        public Object run() {
            logger.debug("Get permissions for user " + user.getName());
            List<String> permissions = getAllPermissionsOfAUserByName(user.getName());
            for (String permissionStr : permissions) {
                logger.debug("Add permission {}", permissionStr);
                Permission perm = permissionMap.get(permissionStr);
                // <code>Permission</code> object is not in the map.
                if (perm == null) {
                    try {
                        perm = PermissionParser.getPermission(permissionStr, getClass().getClassLoader());
                    } catch (IllegalArgumentException e) {
                        logger.error("parsing " + permissionStr, e);
                        continue;
                    } catch (RuntimeException e) {
                        logger.error("instantiating " + permissionStr, e);
                        continue;
                    }
                }
                result.add(perm);
            }
            return null;
        }
    });
    return result;
}
Also used : PermissionCollection(java.security.PermissionCollection) Permissions(java.security.Permissions) Permission(java.security.Permission) ArrayList(java.util.ArrayList) List(java.util.List)

Example 93 with PermissionCollection

use of java.security.PermissionCollection in project groovy by apache.

the class GroovyClassLoader method getPermissions.

@Override
protected PermissionCollection getPermissions(CodeSource codeSource) {
    PermissionCollection perms;
    try {
        try {
            perms = super.getPermissions(codeSource);
        } catch (SecurityException e) {
            // We lied about our CodeSource and that makes URLClassLoader unhappy.
            perms = new Permissions();
        }
        ProtectionDomain myDomain = VMPluginFactory.getPlugin().doPrivileged(new PrivilegedAction<ProtectionDomain>() {

            @Override
            public ProtectionDomain run() {
                return getClass().getProtectionDomain();
            }
        });
        PermissionCollection myPerms = myDomain.getPermissions();
        if (myPerms != null) {
            for (Enumeration<Permission> elements = myPerms.elements(); elements.hasMoreElements(); ) {
                perms.add(elements.nextElement());
            }
        }
    } catch (Throwable e) {
        // We lied about our CodeSource and that makes URLClassLoader unhappy.
        perms = new Permissions();
    }
    perms.setReadOnly();
    return perms;
}
Also used : PermissionCollection(java.security.PermissionCollection) ProtectionDomain(java.security.ProtectionDomain) Permissions(java.security.Permissions) Permission(java.security.Permission)

Example 94 with PermissionCollection

use of java.security.PermissionCollection in project wildfly by wildfly.

the class JndiPermissionTestCase method testCollectionSecurity.

@Test
public void testCollectionSecurity() {
    final PermissionCollection permissionCollection = new JndiPermission("", "").newPermissionCollection();
    permissionCollection.add(new JndiPermission("foo/bar", "unbind,rebind"));
    permissionCollection.setReadOnly();
    try {
        permissionCollection.add(new JndiPermission("fob/baz", "unbind,rebind"));
        fail("Expected exception");
    } catch (SecurityException ignored) {
    }
}
Also used : PermissionCollection(java.security.PermissionCollection) Test(org.junit.Test)

Example 95 with PermissionCollection

use of java.security.PermissionCollection in project wildfly by wildfly.

the class JndiPermissionTestCase method testCollectionSerialization.

@Test
public void testCollectionSerialization() {
    final PermissionCollection permissionCollection = new JndiPermission("", "").newPermissionCollection();
    permissionCollection.add(new JndiPermission("foo/bar", "createSubcontext,rebind"));
    permissionCollection.add(new JndiPermission("foo", "addNamingListener"));
    permissionCollection.add(new JndiPermission("-", "lookup,rebind"));
    final PermissionCollection other = (PermissionCollection) ((SerializedJndiPermissionCollection) ((JndiPermissionCollection) permissionCollection).writeReplace()).readResolve();
    Enumeration<Permission> e;
    assertNotNull(e = other.elements());
    assertTrue(e.hasMoreElements());
    assertEquals(new JndiPermission("foo/bar", "createSubcontext,rebind"), e.nextElement());
    assertTrue(e.hasMoreElements());
    assertEquals(new JndiPermission("foo", "addNamingListener"), e.nextElement());
    assertTrue(e.hasMoreElements());
    assertEquals(new JndiPermission("-", "lookup,rebind"), e.nextElement());
    assertFalse(e.hasMoreElements());
}
Also used : PermissionCollection(java.security.PermissionCollection) Permission(java.security.Permission) Test(org.junit.Test)

Aggregations

PermissionCollection (java.security.PermissionCollection)107 Permission (java.security.Permission)39 Permissions (java.security.Permissions)29 CodeSource (java.security.CodeSource)25 FilePermission (java.io.FilePermission)20 ProtectionDomain (java.security.ProtectionDomain)19 AllPermission (java.security.AllPermission)16 Policy (java.security.Policy)15 URL (java.net.URL)14 File (java.io.File)10 IOException (java.io.IOException)10 Certificate (java.security.cert.Certificate)8 AccessControlContext (java.security.AccessControlContext)7 PropertyPermission (java.util.PropertyPermission)7 Test (org.junit.Test)7 SocketPermission (java.net.SocketPermission)6 Method (java.lang.reflect.Method)5 Principal (java.security.Principal)5 PrivilegedActionException (java.security.PrivilegedActionException)5 URLClassLoader (java.net.URLClassLoader)4