Examples with PermissionCollection java.security.PermissionCollection used on opensource projects

Search in sources :

Example 96 with PermissionCollection

use of java.security.PermissionCollection in project tomee by apache.

the class BasicPolicyConfiguration method addToRole.

public void addToRole(final String roleName, final Permission permission) throws PolicyContextException {
    if (state != OPEN) {
        throw new UnsupportedOperationException("Not in an open state");
    }
    PermissionCollection permissions = rolePermissionsMap.get(roleName);
    if (permissions == null) {
        permissions = new DelegatePermissionCollection();
        rolePermissionsMap.put(roleName, permissions);
    }
    permissions.add(permission);
}
Also used : DelegatePermissionCollection(org.apache.openejb.assembler.classic.DelegatePermissionCollection) PermissionCollection(java.security.PermissionCollection) DelegatePermissionCollection(org.apache.openejb.assembler.classic.DelegatePermissionCollection)

Example 97 with PermissionCollection

use of java.security.PermissionCollection in project tomee by apache.

the class JaccPermissionsBuilder method build.

public PolicyContext build(final EjbJarInfo ejbJar, final HashMap<String, BeanContext> deployments) throws OpenEJBException {
    final List<MethodPermissionInfo> normalized = new ArrayList<>();
    List<MethodPermissionInfo> perms = ejbJar.methodPermissions;
    for (final MethodInfo info : ejbJar.excludeList) {
        final MethodPermissionInfo perm = new MethodPermissionInfo();
        perm.excluded = true;
        perm.methods.add(info);
        perms.add(perm);
    }
    perms = MethodInfoUtil.normalizeMethodPermissionInfos(perms);
    for (final BeanContext beanContext : deployments.values()) {
        final Map<Method, MethodAttributeInfo> attributes = resolveAttributes(perms, beanContext);
        if (log.isDebugEnabled()) {
            for (final Map.Entry<Method, MethodAttributeInfo> entry : attributes.entrySet()) {
                final Method method = entry.getKey();
                final MethodPermissionInfo value = (MethodPermissionInfo) entry.getValue();
                log.debug("Security Attribute: " + method + " -- " + MethodInfoUtil.toString(value));
            }
        }
        for (final Map.Entry<Method, MethodAttributeInfo> entry : attributes.entrySet()) {
            final Method method = entry.getKey();
            final MethodPermissionInfo a = (MethodPermissionInfo) entry.getValue();
            final MethodPermissionInfo b = new MethodPermissionInfo();
            b.excluded = a.excluded;
            b.unchecked = a.unchecked;
            b.roleNames.addAll(a.roleNames);
            final MethodInfo am = a.methods.get(0);
            final MethodInfo bm = new MethodInfo();
            bm.ejbName = beanContext.getEjbName();
            bm.ejbDeploymentId = String.valueOf(beanContext.getDeploymentID());
            bm.methodIntf = am.methodIntf;
            bm.className = method.getDeclaringClass().getName();
            bm.methodName = method.getName();
            bm.methodParams = new ArrayList<>();
            for (final Class<?> type : method.getParameterTypes()) {
                bm.methodParams.add(type.getName());
            }
            b.methods.add(bm);
            normalized.add(b);
        }
    }
    ejbJar.methodPermissions.clear();
    ejbJar.methodPermissions.addAll(normalized);
    ejbJar.excludeList.clear();
    final PolicyContext policyContext = new PolicyContext(ejbJar.moduleUri.toString());
    for (final EnterpriseBeanInfo enterpriseBean : ejbJar.enterpriseBeans) {
        final BeanContext beanContext = deployments.get(enterpriseBean.ejbDeploymentId);
        final PermissionCollection permissions = DelegatePermissionCollection.getPermissionCollection();
        final String ejbName = enterpriseBean.ejbName;
        for (final InterfaceType type : InterfaceType.values()) {
            if (type == InterfaceType.UNKNOWN) {
                continue;
            }
            for (final Class interfce : beanContext.getInterfaces(type)) {
                addPossibleEjbMethodPermissions(permissions, ejbName, type.getSpecName(), interfce);
            }
        }
        addPossibleEjbMethodPermissions(permissions, ejbName, null, beanContext.getBeanClass());
        addDeclaredEjbPermissions(ejbJar, enterpriseBean, null, permissions, policyContext);
    }
    return policyContext;
}
Also used : PermissionCollection(java.security.PermissionCollection) ArrayList(java.util.ArrayList) Method(java.lang.reflect.Method) BeanContext(org.apache.openejb.BeanContext) InterfaceType(org.apache.openejb.InterfaceType) HashMap(java.util.HashMap) Map(java.util.Map)

Example 98 with PermissionCollection

use of java.security.PermissionCollection in project tomee by apache.

the class JaccPermissionsBuilder method addDeclaredEjbPermissions.

private void addDeclaredEjbPermissions(final EjbJarInfo ejbJar, final EnterpriseBeanInfo beanInfo, final String defaultRole, PermissionCollection notAssigned, final PolicyContext policyContext) throws OpenEJBException {
    final PermissionCollection uncheckedPermissions = policyContext.getUncheckedPermissions();
    final PermissionCollection excludedPermissions = policyContext.getExcludedPermissions();
    final Map<String, PermissionCollection> rolePermissions = policyContext.getRolePermissions();
    final String ejbName = beanInfo.ejbName;
    /**
     * JACC v1.0 section 3.1.5.1
     */
    for (final MethodPermissionInfo methodPermission : ejbJar.methodPermissions) {
        final List<String> roleNames = methodPermission.roleNames;
        final boolean unchecked = methodPermission.unchecked;
        final boolean excluded = methodPermission.excluded;
        for (final MethodInfo method : methodPermission.methods) {
            if (!ejbName.equals(method.ejbName)) {
                continue;
            }
            // method name
            String methodName = method.methodName;
            if ("*".equals(methodName)) {
                // jacc uses null instead of *
                methodName = null;
            }
            // method interface
            final String methodIntf = method.methodIntf;
            // method parameters
            final String[] methodParams;
            if (method.methodParams != null) {
                final List<String> paramList = method.methodParams;
                methodParams = paramList.toArray(new String[paramList.size()]);
            } else {
                methodParams = null;
            }
            // create the permission object
            final EJBMethodPermission permission = new EJBMethodPermission(ejbName, methodName, methodIntf, methodParams);
            notAssigned = cullPermissions(notAssigned, permission);
            // if this is unchecked, mark it as unchecked; otherwise assign the roles
            if (unchecked) {
                uncheckedPermissions.add(permission);
            } else if (excluded) {
                /**
                 * JACC v1.0 section 3.1.5.2
                 */
                excludedPermissions.add(permission);
            } else {
                for (final String roleName : roleNames) {
                    PermissionCollection permissions = rolePermissions.get(roleName);
                    if (permissions == null) {
                        permissions = DelegatePermissionCollection.getPermissionCollection();
                        rolePermissions.put(roleName, permissions);
                    }
                    permissions.add(permission);
                }
            }
        }
    }
    /**
     * JACC v1.0 section 3.1.5.3
     */
    for (final SecurityRoleReferenceInfo securityRoleRef : beanInfo.securityRoleReferences) {
        if (securityRoleRef.roleLink == null) {
            throw new OpenEJBException("Missing role-link");
        }
        final String roleLink = securityRoleRef.roleLink;
        PermissionCollection roleLinks = rolePermissions.get(roleLink);
        if (roleLinks == null) {
            roleLinks = DelegatePermissionCollection.getPermissionCollection();
            rolePermissions.put(roleLink, roleLinks);
        }
        roleLinks.add(new EJBRoleRefPermission(ejbName, securityRoleRef.roleName));
    }
    /**
     * EJB v2.1 section 21.3.2
     *
     * It is possible that some methods are not assigned to any security
     * roles nor contained in the <code>exclude-list</code> element. In
     * this case, it is the responsibility of the Deployer to assign method
     * permissions for all of the unspecified methods, either by assigning
     * them to security roles, or by marking them as <code>unchecked</code>.
     */
    PermissionCollection permissions;
    if (defaultRole == null) {
        permissions = uncheckedPermissions;
    } else {
        permissions = rolePermissions.get(defaultRole);
        if (permissions == null) {
            permissions = DelegatePermissionCollection.getPermissionCollection();
            rolePermissions.put(defaultRole, permissions);
        }
    }
    final Enumeration e = notAssigned.elements();
    while (e.hasMoreElements()) {
        final Permission p = (Permission) e.nextElement();
        permissions.add(p);
    }
}
Also used : PermissionCollection(java.security.PermissionCollection) OpenEJBException(org.apache.openejb.OpenEJBException) Enumeration(java.util.Enumeration) EJBMethodPermission(javax.security.jacc.EJBMethodPermission) EJBRoleRefPermission(javax.security.jacc.EJBRoleRefPermission) EJBMethodPermission(javax.security.jacc.EJBMethodPermission) EJBRoleRefPermission(javax.security.jacc.EJBRoleRefPermission) Permission(java.security.Permission)

Example 99 with PermissionCollection

use of java.security.PermissionCollection in project ignite by apache.

the class AbstractSandboxTest method beforeTestsStarted.

/**
 * {@inheritDoc}
 */
@Override
protected void beforeTestsStarted() throws Exception {
    if (System.getSecurityManager() == null) {
        Policy.setPolicy(new Policy() {

            @Override
            public PermissionCollection getPermissions(CodeSource cs) {
                Permissions res = new Permissions();
                res.add(new AllPermission());
                return res;
            }
        });
        System.setSecurityManager(new SecurityManager());
        setupSM = true;
    }
    prepareCluster();
}
Also used : Policy(java.security.Policy) PermissionCollection(java.security.PermissionCollection) Permissions(java.security.Permissions) AllPermission(java.security.AllPermission) CodeSource(java.security.CodeSource)

Example 100 with PermissionCollection

use of java.security.PermissionCollection in project Payara by payara.

the class ClientClassLoaderDelegate method processDeclaredPermissions.

private void processDeclaredPermissions() throws IOException {
    if (getSecurityManager() == null) {
        return;
    }
    PermissionCollection declaredPermissionCollection = getClientDeclaredPermissions(classLoader);
    PermissionCollection eePc = getClientEEPolicy(classLoader);
    PermissionCollection eeRestriction = getClientRestrictPolicy(classLoader);
    checkRestriction(eePc, eeRestriction);
    checkRestriction(declaredPermissionCollection, eeRestriction);
    permHolder = new PermsHolder(eePc, declaredPermissionCollection, eeRestriction);
}
Also used : PermissionCollection(java.security.PermissionCollection) PermsHolder(com.sun.enterprise.security.integration.PermsHolder)

Aggregations

PermissionCollection (java.security.PermissionCollection)107 Permission (java.security.Permission)39 Permissions (java.security.Permissions)29 CodeSource (java.security.CodeSource)25 FilePermission (java.io.FilePermission)20 ProtectionDomain (java.security.ProtectionDomain)19 AllPermission (java.security.AllPermission)16 Policy (java.security.Policy)15 URL (java.net.URL)14 File (java.io.File)10 IOException (java.io.IOException)10 Certificate (java.security.cert.Certificate)8 AccessControlContext (java.security.AccessControlContext)7 PropertyPermission (java.util.PropertyPermission)7 Test (org.junit.Test)7 SocketPermission (java.net.SocketPermission)6 Method (java.lang.reflect.Method)5 Principal (java.security.Principal)5 PrivilegedActionException (java.security.PrivilegedActionException)5 URLClassLoader (java.net.URLClassLoader)4
About Me
UseOf

Java Tutorials :

Simple Java RabbitMQ Example with Spring
Simple Springboot JPA Eclipeslink Example
Simple SpringBoot JPA Hibernate Example
Jackson JSON @JsonIgnore and @JsonIgnoreProperties Examples
Java Infinite recursion (StackOverflowError) Jackson solutions
Simple Java Jackson Serialize Objects to JSON and convert them back To Object
ElasticSearch 5 - Upload files using Java API in binary field Example
Java JAXB marshall unmarshall Examples from String and Stream
Java 8 forEach List and Map examples
ElasticSearch 5 Java API SearchRequestBuilder examples
Java ElasticSearch 5 examples with node index and mapping - running local
Convert String to int or Integer Java 8
Java 9 in action - JShell - Ubuntu
Java - removing invalid characters from a file name
Hello world!? or Hello Tutorial