Examples with PermissionCollection java.security.PermissionCollection used on opensource projects

Search in sources :

Example 11 with PermissionCollection

use of java.security.PermissionCollection in project jdk8u_jdk by JetBrains.

the class JarURL method main.

public static void main(String[] args) throws Exception {
    String userDir = System.getProperty("user.dir");
    String jarURL = "jar:file:" + userDir + File.separator + "foo.jar!/";
    URL codeSourceURL = new URL(jarURL);
    CodeSource cs = new CodeSource(codeSourceURL, new Certificate[0]);
    PermissionCollection perms = Policy.getPolicy().getPermissions(cs);
    if (!perms.implies(new AllPermission()))
        throw new Exception("FAILED: " + codeSourceURL + " not granted AllPermission");
}
Also used : PermissionCollection(java.security.PermissionCollection) AllPermission(java.security.AllPermission) CodeSource(java.security.CodeSource) URL(java.net.URL)

Example 12 with PermissionCollection

use of java.security.PermissionCollection in project lucene-solr by apache.

the class LuceneTestCase method runWithRestrictedPermissions.

/** 
   * Runs a code part with restricted permissions (be sure to add all required permissions,
   * because it would start with empty permissions). You cannot grant more permissions than
   * our policy file allows, but you may restrict writing to several dirs...
   * <p><em>Note:</em> This assumes a {@link SecurityManager} enabled, otherwise it
   * stops test execution. If enabled, it needs the following {@link SecurityPermission}:
   * {@code "createAccessControlContext"}
   */
public static <T> T runWithRestrictedPermissions(PrivilegedExceptionAction<T> action, Permission... permissions) throws Exception {
    assumeTrue("runWithRestrictedPermissions requires a SecurityManager enabled", System.getSecurityManager() != null);
    // be sure to have required permission, otherwise doPrivileged runs with *no* permissions:
    AccessController.checkPermission(new SecurityPermission("createAccessControlContext"));
    final PermissionCollection perms = new Permissions();
    Arrays.stream(permissions).forEach(perms::add);
    final AccessControlContext ctx = new AccessControlContext(new ProtectionDomain[] { new ProtectionDomain(null, perms) });
    try {
        return AccessController.doPrivileged(action, ctx);
    } catch (PrivilegedActionException e) {
        throw e.getException();
    }
}
Also used : PermissionCollection(java.security.PermissionCollection) ProtectionDomain(java.security.ProtectionDomain) AccessControlContext(java.security.AccessControlContext) PrivilegedActionException(java.security.PrivilegedActionException) Permissions(java.security.Permissions) SecurityPermission(java.security.SecurityPermission)

Example 13 with PermissionCollection

use of java.security.PermissionCollection in project wildfly by wildfly.

the class JndiPermissionTestCase method testCollection.

@Test
public void testCollection() {
    final PermissionCollection permissionCollection = new JndiPermission("", "").newPermissionCollection();
    Enumeration<Permission> e;
    permissionCollection.add(new JndiPermission("foo/bar", "lookup,bind"));
    assertTrue(permissionCollection.implies(new JndiPermission("foo/bar", "lookup,bind")));
    assertFalse(permissionCollection.implies(new JndiPermission("foo/bar", "lookup,bind,unbind")));
    assertFalse(permissionCollection.implies(new JndiPermission("foo/bar", "unbind")));
    assertNotNull(e = permissionCollection.elements());
    assertTrue(e.hasMoreElements());
    assertEquals(new JndiPermission("foo/bar", "lookup,bind"), e.nextElement());
    assertFalse(e.hasMoreElements());
    permissionCollection.add(new JndiPermission("foo/bar", "unbind"));
    assertTrue(permissionCollection.implies(new JndiPermission("foo/bar", "lookup,bind")));
    assertTrue(permissionCollection.implies(new JndiPermission("foo/bar", "lookup,bind,unbind")));
    assertTrue(permissionCollection.implies(new JndiPermission("foo/bar", "unbind")));
    assertNotNull(e = permissionCollection.elements());
    assertTrue(e.hasMoreElements());
    assertEquals(new JndiPermission("foo/bar", "lookup,bind,unbind"), e.nextElement());
    assertFalse(e.hasMoreElements());
    permissionCollection.add(new JndiPermission("-", "lookup"));
    assertTrue(permissionCollection.implies(new JndiPermission("foo/bar", "lookup,bind")));
    assertTrue(permissionCollection.implies(new JndiPermission("foo/bar", "lookup,bind,unbind")));
    assertTrue(permissionCollection.implies(new JndiPermission("foo/bar", "unbind")));
    assertTrue(permissionCollection.implies(new JndiPermission("baz/zap", "lookup")));
    assertTrue(permissionCollection.implies(new JndiPermission("", "lookup")));
    assertFalse(permissionCollection.implies(new JndiPermission("baz/zap", "lookup,bind,unbind")));
    assertFalse(permissionCollection.implies(new JndiPermission("baz/zap", "unbind")));
    assertNotNull(e = permissionCollection.elements());
    assertTrue(e.hasMoreElements());
    assertEquals(new JndiPermission("foo/bar", "lookup,bind,unbind"), e.nextElement());
    assertTrue(e.hasMoreElements());
    assertEquals(new JndiPermission("-", "lookup"), e.nextElement());
    assertFalse(e.hasMoreElements());
    permissionCollection.add(new JndiPermission("-", "bind,unbind"));
    assertTrue(permissionCollection.implies(new JndiPermission("foo/bar", "lookup,bind")));
    assertTrue(permissionCollection.implies(new JndiPermission("foo/bar", "lookup,bind,unbind")));
    assertTrue(permissionCollection.implies(new JndiPermission("foo/bar", "unbind")));
    assertTrue(permissionCollection.implies(new JndiPermission("baz/zap", "lookup")));
    assertTrue(permissionCollection.implies(new JndiPermission("", "lookup")));
    assertTrue(permissionCollection.implies(new JndiPermission("baz/zap", "lookup,bind,unbind")));
    assertTrue(permissionCollection.implies(new JndiPermission("baz/zap", "unbind")));
    assertNotNull(e = permissionCollection.elements());
    assertTrue(e.hasMoreElements());
    assertEquals(new JndiPermission("-", "lookup,bind,unbind"), e.nextElement());
    assertFalse(e.hasMoreElements());
}
Also used : PermissionCollection(java.security.PermissionCollection) Permission(java.security.Permission) Test(org.junit.Test)

Example 14 with PermissionCollection

use of java.security.PermissionCollection in project jdk8u_jdk by JetBrains.

the class MethodUtil method getPermissions.

protected PermissionCollection getPermissions(CodeSource codesource) {
    PermissionCollection perms = super.getPermissions(codesource);
    perms.add(new AllPermission());
    return perms;
}
Also used : PermissionCollection(java.security.PermissionCollection) AllPermission(java.security.AllPermission)

Example 15 with PermissionCollection

use of java.security.PermissionCollection in project jdk8u_jdk by JetBrains.

the class LoaderHandler method getLoaderAccessControlContext.

/**
     * Return the access control context that a loader for the given
     * codebase URL path should execute with.
     */
private static AccessControlContext getLoaderAccessControlContext(URL[] urls) {
    /*
         * The approach used here is taken from the similar method
         * getAccessControlContext() in the sun.applet.AppletPanel class.
         */
    // begin with permissions granted to all code in current policy
    PermissionCollection perms = java.security.AccessController.doPrivileged(new java.security.PrivilegedAction<PermissionCollection>() {

        public PermissionCollection run() {
            CodeSource codesource = new CodeSource(null, (java.security.cert.Certificate[]) null);
            Policy p = java.security.Policy.getPolicy();
            if (p != null) {
                return p.getPermissions(codesource);
            } else {
                return new Permissions();
            }
        }
    });
    // createClassLoader permission needed to create loader in context
    perms.add(new RuntimePermission("createClassLoader"));
    // add permissions to read any "java.*" property
    perms.add(new java.util.PropertyPermission("java.*", "read"));
    // add permissions reuiqred to load from codebase URL path
    addPermissionsForURLs(urls, perms, true);
    /*
         * Create an AccessControlContext that consists of a single
         * protection domain with only the permissions calculated above.
         */
    ProtectionDomain pd = new ProtectionDomain(new CodeSource((urls.length > 0 ? urls[0] : null), (java.security.cert.Certificate[]) null), perms);
    return new AccessControlContext(new ProtectionDomain[] { pd });
}
Also used : Policy(java.security.Policy) PermissionCollection(java.security.PermissionCollection) ProtectionDomain(java.security.ProtectionDomain) CodeSource(java.security.CodeSource) AccessControlContext(java.security.AccessControlContext) Permissions(java.security.Permissions)

Aggregations

PermissionCollection (java.security.PermissionCollection)64 Permission (java.security.Permission)21 Permissions (java.security.Permissions)19 CodeSource (java.security.CodeSource)12 ProtectionDomain (java.security.ProtectionDomain)12 FilePermission (java.io.FilePermission)11 Policy (java.security.Policy)9 AllPermission (java.security.AllPermission)8 URL (java.net.URL)7 File (java.io.File)6 IOException (java.io.IOException)5 SocketPermission (java.net.SocketPermission)5 Path (java.nio.file.Path)4 AccessControlContext (java.security.AccessControlContext)4 Principal (java.security.Principal)4 Certificate (java.security.cert.Certificate)4 Enumeration (java.util.Enumeration)4 Test (org.junit.Test)4 UnresolvedPermission (java.security.UnresolvedPermission)3 ArrayList (java.util.ArrayList)3
About Me
UseOf

Java Tutorials :

Simple Java RabbitMQ Example with Spring
Simple Springboot JPA Eclipeslink Example
Simple SpringBoot JPA Hibernate Example
Jackson JSON @JsonIgnore and @JsonIgnoreProperties Examples
Java Infinite recursion (StackOverflowError) Jackson solutions
Simple Java Jackson Serialize Objects to JSON and convert them back To Object
ElasticSearch 5 - Upload files using Java API in binary field Example
Java JAXB marshall unmarshall Examples from String and Stream
Java 8 forEach List and Map examples
ElasticSearch 5 Java API SearchRequestBuilder examples
Java ElasticSearch 5 examples with node index and mapping - running local
Convert String to int or Integer Java 8
Java 9 in action - JShell - Ubuntu
Java - removing invalid characters from a file name
Hello world!? or Hello Tutorial