Example 91 with PermissionCollection
use of java.security.PermissionCollection in project lwjgl by LWJGL.
the class AppletLoader method updateClassPath.
/**
* Edits the ClassPath at runtime to include the jars
* that have just been downloaded and then adds the
* lwjgl natives folder property.
*
* @param path location where applet is stored
* @throws Exception if it fails to add classpath
*/
protected void updateClassPath(final String path) throws Exception {
setState(STATE_UPDATING_CLASSPATH);
percentage = 95;
URL[] urls = new URL[urlList.length];
for (int i = 0; i < urlList.length; i++) {
String file = new File(path, getJarName(urlList[i])).toURI().toString();
// fix JVM bug where ! is not escaped
file = file.replace("!", "%21");
urls[i] = new URL(file);
}
// get AppletLoader certificates
final Certificate[] certs = getCurrentCertificates();
// detect if we are running on a mac and save result as boolean
String osName = System.getProperty("os.name");
final boolean isMacOS = (osName.startsWith("Mac") || osName.startsWith("Darwin"));
// add downloaded jars to the classpath with required permissions
classLoader = new URLClassLoader(urls) {
protected PermissionCollection getPermissions(CodeSource codesource) {
PermissionCollection perms = null;
try {
// no permissions
perms = new Permissions();
// if certificates match the AppletLoader certificates then we should be all set
if (certificatesMatch(certs, codesource.getCertificates())) {
perms.add(new AllPermission());
return perms;
}
String host = getCodeBase().getHost();
if (host != null && (host.length() > 0)) {
// add permission for downloaded jars to access host they were from
perms.add(new SocketPermission(host, "connect,accept"));
} else if ("file".equals(codesource.getLocation().getProtocol())) {
// if running locally add file permission
String path = codesource.getLocation().getFile().replace('/', File.separatorChar);
perms.add(new FilePermission(path, "read"));
}
} catch (Exception e) {
e.printStackTrace();
}
return perms;
}
// allow non lwjgl native to be found from cache directory
protected String findLibrary(String libname) {
String libPath = path + "natives" + File.separator + LWJGLUtil.mapLibraryName(libname);
if (new File(libPath).exists()) {
return libPath;
}
return super.findLibrary(libname);
}
};
debug_sleep(2000);
// unload natives loaded by a previous instance of this lwjgl applet
unloadNatives(path);
// add natives files path to native class path
System.setProperty("org.lwjgl.librarypath", path + "natives");
// Make sure jinput knows about the new path too
System.setProperty("net.java.games.input.librarypath", path + "natives");
// set the library path, useful for non lwjgl natives
System.setProperty("java.library.path", path + "natives");
// mark natives as loaded
natives_loaded = true;
}
Also used :
PermissionCollection(java.security.PermissionCollection)
SocketPermission(java.net.SocketPermission)
CodeSource(java.security.CodeSource)
FilePermission(java.io.FilePermission)
URL(java.net.URL)
AccessControlException(java.security.AccessControlException)
IOException(java.io.IOException)
URLClassLoader(java.net.URLClassLoader)
Permissions(java.security.Permissions)
AllPermission(java.security.AllPermission)
JarFile(java.util.jar.JarFile)
ZipFile(java.util.zip.ZipFile)
File(java.io.File)
Certificate(java.security.cert.Certificate)
Example 92 with PermissionCollection
use of java.security.PermissionCollection in project stanbol by apache.
the class UserAwarePolicy method getUserPermissionsFromSystemGraph.
/**
* Returns the permissions of the specified user according to the entries in
* the sytemGraph.
*
* @param user
* @return
* @throws java.lang.IllegalArgumentException
* @throws java.lang.SecurityException
*/
private PermissionCollection getUserPermissionsFromSystemGraph(final Principal user) throws IllegalArgumentException, SecurityException, UserUnregisteredException {
final PermissionCollection result = new Permissions();
AccessController.doPrivileged(new PrivilegedAction<Object>() {
@Override
public Object run() {
logger.debug("Get permissions for user " + user.getName());
List<String> permissions = getAllPermissionsOfAUserByName(user.getName());
for (String permissionStr : permissions) {
logger.debug("Add permission {}", permissionStr);
Permission perm = permissionMap.get(permissionStr);
// <code>Permission</code> object is not in the map.
if (perm == null) {
try {
perm = PermissionParser.getPermission(permissionStr, getClass().getClassLoader());
} catch (IllegalArgumentException e) {
logger.error("parsing " + permissionStr, e);
continue;
} catch (RuntimeException e) {
logger.error("instantiating " + permissionStr, e);
continue;
}
}
result.add(perm);
}
return null;
}
});
return result;
}
Also used :
PermissionCollection(java.security.PermissionCollection)
Permissions(java.security.Permissions)
Permission(java.security.Permission)
ArrayList(java.util.ArrayList)
List(java.util.List)
Example 93 with PermissionCollection
use of java.security.PermissionCollection in project groovy by apache.
the class GroovyClassLoader method getPermissions.
@Override
protected PermissionCollection getPermissions(CodeSource codeSource) {
PermissionCollection perms;
try {
try {
perms = super.getPermissions(codeSource);
} catch (SecurityException e) {
// We lied about our CodeSource and that makes URLClassLoader unhappy.
perms = new Permissions();
}
ProtectionDomain myDomain = VMPluginFactory.getPlugin().doPrivileged(new PrivilegedAction<ProtectionDomain>() {
@Override
public ProtectionDomain run() {
return getClass().getProtectionDomain();
}
});
PermissionCollection myPerms = myDomain.getPermissions();
if (myPerms != null) {
for (Enumeration<Permission> elements = myPerms.elements(); elements.hasMoreElements(); ) {
perms.add(elements.nextElement());
}
}
} catch (Throwable e) {
// We lied about our CodeSource and that makes URLClassLoader unhappy.
perms = new Permissions();
}
perms.setReadOnly();
return perms;
}
Also used :
PermissionCollection(java.security.PermissionCollection)
ProtectionDomain(java.security.ProtectionDomain)
Permissions(java.security.Permissions)
Permission(java.security.Permission)
Example 94 with PermissionCollection
use of java.security.PermissionCollection in project wildfly by wildfly.
the class JndiPermissionTestCase method testCollectionSecurity.
@Test
public void testCollectionSecurity() {
final PermissionCollection permissionCollection = new JndiPermission("", "").newPermissionCollection();
permissionCollection.add(new JndiPermission("foo/bar", "unbind,rebind"));
permissionCollection.setReadOnly();
try {
permissionCollection.add(new JndiPermission("fob/baz", "unbind,rebind"));
fail("Expected exception");
} catch (SecurityException ignored) {
}
}
Also used :
PermissionCollection(java.security.PermissionCollection)
Test(org.junit.Test)
Example 95 with PermissionCollection
use of java.security.PermissionCollection in project wildfly by wildfly.
the class JndiPermissionTestCase method testCollectionSerialization.
@Test
public void testCollectionSerialization() {
final PermissionCollection permissionCollection = new JndiPermission("", "").newPermissionCollection();
permissionCollection.add(new JndiPermission("foo/bar", "createSubcontext,rebind"));
permissionCollection.add(new JndiPermission("foo", "addNamingListener"));
permissionCollection.add(new JndiPermission("-", "lookup,rebind"));
final PermissionCollection other = (PermissionCollection) ((SerializedJndiPermissionCollection) ((JndiPermissionCollection) permissionCollection).writeReplace()).readResolve();
Enumeration<Permission> e;
assertNotNull(e = other.elements());
assertTrue(e.hasMoreElements());
assertEquals(new JndiPermission("foo/bar", "createSubcontext,rebind"), e.nextElement());
assertTrue(e.hasMoreElements());
assertEquals(new JndiPermission("foo", "addNamingListener"), e.nextElement());
assertTrue(e.hasMoreElements());
assertEquals(new JndiPermission("-", "lookup,rebind"), e.nextElement());
assertFalse(e.hasMoreElements());
}
Also used :
PermissionCollection(java.security.PermissionCollection)
Permission(java.security.Permission)
Test(org.junit.Test)
Aggregations
PermissionCollection (java.security.PermissionCollection)107
Permission (java.security.Permission)39
Permissions (java.security.Permissions)29
CodeSource (java.security.CodeSource)25
FilePermission (java.io.FilePermission)20
ProtectionDomain (java.security.ProtectionDomain)19
AllPermission (java.security.AllPermission)16
Policy (java.security.Policy)15
URL (java.net.URL)14
File (java.io.File)10
IOException (java.io.IOException)10
Certificate (java.security.cert.Certificate)8
AccessControlContext (java.security.AccessControlContext)7
PropertyPermission (java.util.PropertyPermission)7
Test (org.junit.Test)7
SocketPermission (java.net.SocketPermission)6
Method (java.lang.reflect.Method)5
Principal (java.security.Principal)5
PrivilegedActionException (java.security.PrivilegedActionException)5
URLClassLoader (java.net.URLClassLoader)4
