use of java.security.PermissionCollection in project lwjgl by LWJGL.
the class AppletLoader method updateClassPath.
/**
* Edits the ClassPath at runtime to include the jars
* that have just been downloaded and then adds the
* lwjgl natives folder property.
*
* @param path location where applet is stored
* @throws Exception if it fails to add classpath
*/
protected void updateClassPath(final String path) throws Exception {
setState(STATE_UPDATING_CLASSPATH);
percentage = 95;
URL[] urls = new URL[urlList.length];
for (int i = 0; i < urlList.length; i++) {
String file = new File(path, getJarName(urlList[i])).toURI().toString();
// fix JVM bug where ! is not escaped
file = file.replace("!", "%21");
urls[i] = new URL(file);
}
// get AppletLoader certificates
final Certificate[] certs = getCurrentCertificates();
// detect if we are running on a mac and save result as boolean
String osName = System.getProperty("os.name");
final boolean isMacOS = (osName.startsWith("Mac") || osName.startsWith("Darwin"));
// add downloaded jars to the classpath with required permissions
classLoader = new URLClassLoader(urls) {
protected PermissionCollection getPermissions(CodeSource codesource) {
PermissionCollection perms = null;
try {
// no permissions
perms = new Permissions();
// if certificates match the AppletLoader certificates then we should be all set
if (certificatesMatch(certs, codesource.getCertificates())) {
perms.add(new AllPermission());
return perms;
}
String host = getCodeBase().getHost();
if (host != null && (host.length() > 0)) {
// add permission for downloaded jars to access host they were from
perms.add(new SocketPermission(host, "connect,accept"));
} else if ("file".equals(codesource.getLocation().getProtocol())) {
// if running locally add file permission
String path = codesource.getLocation().getFile().replace('/', File.separatorChar);
perms.add(new FilePermission(path, "read"));
}
} catch (Exception e) {
e.printStackTrace();
}
return perms;
}
// allow non lwjgl native to be found from cache directory
protected String findLibrary(String libname) {
String libPath = path + "natives" + File.separator + LWJGLUtil.mapLibraryName(libname);
if (new File(libPath).exists()) {
return libPath;
}
return super.findLibrary(libname);
}
};
debug_sleep(2000);
// unload natives loaded by a previous instance of this lwjgl applet
unloadNatives(path);
// add natives files path to native class path
System.setProperty("org.lwjgl.librarypath", path + "natives");
// Make sure jinput knows about the new path too
System.setProperty("net.java.games.input.librarypath", path + "natives");
// set the library path, useful for non lwjgl natives
System.setProperty("java.library.path", path + "natives");
// mark natives as loaded
natives_loaded = true;
}
use of java.security.PermissionCollection in project stanbol by apache.
the class UserAwarePolicy method getUserPermissionsFromSystemGraph.
/**
* Returns the permissions of the specified user according to the entries in
* the sytemGraph.
*
* @param user
* @return
* @throws java.lang.IllegalArgumentException
* @throws java.lang.SecurityException
*/
private PermissionCollection getUserPermissionsFromSystemGraph(final Principal user) throws IllegalArgumentException, SecurityException, UserUnregisteredException {
final PermissionCollection result = new Permissions();
AccessController.doPrivileged(new PrivilegedAction<Object>() {
@Override
public Object run() {
logger.debug("Get permissions for user " + user.getName());
List<String> permissions = getAllPermissionsOfAUserByName(user.getName());
for (String permissionStr : permissions) {
logger.debug("Add permission {}", permissionStr);
Permission perm = permissionMap.get(permissionStr);
// <code>Permission</code> object is not in the map.
if (perm == null) {
try {
perm = PermissionParser.getPermission(permissionStr, getClass().getClassLoader());
} catch (IllegalArgumentException e) {
logger.error("parsing " + permissionStr, e);
continue;
} catch (RuntimeException e) {
logger.error("instantiating " + permissionStr, e);
continue;
}
}
result.add(perm);
}
return null;
}
});
return result;
}
use of java.security.PermissionCollection in project groovy by apache.
the class GroovyClassLoader method getPermissions.
@Override
protected PermissionCollection getPermissions(CodeSource codeSource) {
PermissionCollection perms;
try {
try {
perms = super.getPermissions(codeSource);
} catch (SecurityException e) {
// We lied about our CodeSource and that makes URLClassLoader unhappy.
perms = new Permissions();
}
ProtectionDomain myDomain = VMPluginFactory.getPlugin().doPrivileged(new PrivilegedAction<ProtectionDomain>() {
@Override
public ProtectionDomain run() {
return getClass().getProtectionDomain();
}
});
PermissionCollection myPerms = myDomain.getPermissions();
if (myPerms != null) {
for (Enumeration<Permission> elements = myPerms.elements(); elements.hasMoreElements(); ) {
perms.add(elements.nextElement());
}
}
} catch (Throwable e) {
// We lied about our CodeSource and that makes URLClassLoader unhappy.
perms = new Permissions();
}
perms.setReadOnly();
return perms;
}
use of java.security.PermissionCollection in project wildfly by wildfly.
the class JndiPermissionTestCase method testCollectionSecurity.
@Test
public void testCollectionSecurity() {
final PermissionCollection permissionCollection = new JndiPermission("", "").newPermissionCollection();
permissionCollection.add(new JndiPermission("foo/bar", "unbind,rebind"));
permissionCollection.setReadOnly();
try {
permissionCollection.add(new JndiPermission("fob/baz", "unbind,rebind"));
fail("Expected exception");
} catch (SecurityException ignored) {
}
}
use of java.security.PermissionCollection in project wildfly by wildfly.
the class JndiPermissionTestCase method testCollectionSerialization.
@Test
public void testCollectionSerialization() {
final PermissionCollection permissionCollection = new JndiPermission("", "").newPermissionCollection();
permissionCollection.add(new JndiPermission("foo/bar", "createSubcontext,rebind"));
permissionCollection.add(new JndiPermission("foo", "addNamingListener"));
permissionCollection.add(new JndiPermission("-", "lookup,rebind"));
final PermissionCollection other = (PermissionCollection) ((SerializedJndiPermissionCollection) ((JndiPermissionCollection) permissionCollection).writeReplace()).readResolve();
Enumeration<Permission> e;
assertNotNull(e = other.elements());
assertTrue(e.hasMoreElements());
assertEquals(new JndiPermission("foo/bar", "createSubcontext,rebind"), e.nextElement());
assertTrue(e.hasMoreElements());
assertEquals(new JndiPermission("foo", "addNamingListener"), e.nextElement());
assertTrue(e.hasMoreElements());
assertEquals(new JndiPermission("-", "lookup,rebind"), e.nextElement());
assertFalse(e.hasMoreElements());
}
Aggregations