Search in sources :

Example 16 with PermissionCollection

use of java.security.PermissionCollection in project jdk8u_jdk by JetBrains.

the class MethodUtil method getPermissions.

protected PermissionCollection getPermissions(CodeSource codesource) {
    PermissionCollection perms = super.getPermissions(codesource);
    perms.add(new AllPermission());
    return perms;
}
Also used : PermissionCollection(java.security.PermissionCollection) AllPermission(java.security.AllPermission)

Example 17 with PermissionCollection

use of java.security.PermissionCollection in project jdk8u_jdk by JetBrains.

the class LoaderHandler method getLoaderAccessControlContext.

/**
     * Return the access control context that a loader for the given
     * codebase URL path should execute with.
     */
private static AccessControlContext getLoaderAccessControlContext(URL[] urls) {
    /*
         * The approach used here is taken from the similar method
         * getAccessControlContext() in the sun.applet.AppletPanel class.
         */
    // begin with permissions granted to all code in current policy
    PermissionCollection perms = java.security.AccessController.doPrivileged(new java.security.PrivilegedAction<PermissionCollection>() {

        public PermissionCollection run() {
            CodeSource codesource = new CodeSource(null, (java.security.cert.Certificate[]) null);
            Policy p = java.security.Policy.getPolicy();
            if (p != null) {
                return p.getPermissions(codesource);
            } else {
                return new Permissions();
            }
        }
    });
    // createClassLoader permission needed to create loader in context
    perms.add(new RuntimePermission("createClassLoader"));
    // add permissions to read any "java.*" property
    perms.add(new java.util.PropertyPermission("java.*", "read"));
    // add permissions reuiqred to load from codebase URL path
    addPermissionsForURLs(urls, perms, true);
    /*
         * Create an AccessControlContext that consists of a single
         * protection domain with only the permissions calculated above.
         */
    ProtectionDomain pd = new ProtectionDomain(new CodeSource((urls.length > 0 ? urls[0] : null), (java.security.cert.Certificate[]) null), perms);
    return new AccessControlContext(new ProtectionDomain[] { pd });
}
Also used : Policy(java.security.Policy) PermissionCollection(java.security.PermissionCollection) ProtectionDomain(java.security.ProtectionDomain) CodeSource(java.security.CodeSource) AccessControlContext(java.security.AccessControlContext) Permissions(java.security.Permissions)

Example 18 with PermissionCollection

use of java.security.PermissionCollection in project stanbol by apache.

the class Main method main.

/**
     * @param args
     */
public static void main(String[] args) {
    String home = System.getProperties().getProperty(SLING_HOME);
    if (home == null) {
        home = new File(DEFAULT_STANBOL_HOME).getAbsolutePath();
        System.setProperty(SLING_HOME, home);
    }
    //else do not override user configured values
    List<String> argsList = new ArrayList<String>(Arrays.asList(args));
    if (argsList.contains(PRINTHELPARG)) {
        doHelp();
        System.exit(0);
    }
    if (argsList.contains(NOSECURITYARG)) {
        argsList.remove(NOSECURITYARG);
    } else {
        args = argsList.toArray(new String[argsList.size()]);
        Policy.setPolicy(new Policy() {

            @Override
            public PermissionCollection getPermissions(ProtectionDomain domain) {
                PermissionCollection result = new Permissions();
                result.add(new AllPermission());
                return result;
            }
        });
        System.setSecurityManager(new SecurityManager());
    }
    //now use the standard Apache Sling launcher to do the job
    org.apache.sling.launchpad.app.Main.main(argsList.toArray(new String[argsList.size()]));
}
Also used : Policy(java.security.Policy) ProtectionDomain(java.security.ProtectionDomain) PermissionCollection(java.security.PermissionCollection) ArrayList(java.util.ArrayList) Permissions(java.security.Permissions) AllPermission(java.security.AllPermission) File(java.io.File)

Example 19 with PermissionCollection

use of java.security.PermissionCollection in project tomee by apache.

the class JaccPermissionsBuilder method install.

public void install(final PolicyContext policyContext) throws OpenEJBException {
    if (SystemInstance.get().hasProperty("openejb.geronimo")) {
        return;
    }
    try {
        final PolicyConfigurationFactory factory = PolicyConfigurationFactory.getPolicyConfigurationFactory();
        final PolicyConfiguration policy = factory.getPolicyConfiguration(policyContext.getContextID(), false);
        policy.addToExcludedPolicy(policyContext.getExcludedPermissions());
        policy.addToUncheckedPolicy(policyContext.getUncheckedPermissions());
        for (final Map.Entry<String, PermissionCollection> entry : policyContext.getRolePermissions().entrySet()) {
            policy.addToRole(entry.getKey(), entry.getValue());
        }
        policy.commit();
    } catch (final ClassNotFoundException e) {
        throw new OpenEJBException("PolicyConfigurationFactory class not found", e);
    } catch (final PolicyContextException e) {
        throw new OpenEJBException("JACC PolicyConfiguration failed: ContextId=" + policyContext.getContextID(), e);
    }
}
Also used : PermissionCollection(java.security.PermissionCollection) OpenEJBException(org.apache.openejb.OpenEJBException) PolicyConfiguration(javax.security.jacc.PolicyConfiguration) PolicyContextException(javax.security.jacc.PolicyContextException) PolicyConfigurationFactory(javax.security.jacc.PolicyConfigurationFactory) HashMap(java.util.HashMap) Map(java.util.Map)

Example 20 with PermissionCollection

use of java.security.PermissionCollection in project tomee by apache.

the class BasicPolicyConfiguration method implies.

public boolean implies(final ProtectionDomain domain, final Permission permission) {
    if (excluded != null && excluded.implies(permission)) {
        return false;
    }
    if (unchecked != null && unchecked.implies(permission)) {
        return true;
    }
    final Principal[] principals = domain.getPrincipals();
    if (principals.length == 0) {
        return false;
    }
    final RoleResolver roleResolver = SystemInstance.get().getComponent(RoleResolver.class);
    final Set<String> roles = roleResolver.getLogicalRoles(principals, rolePermissionsMap.keySet());
    for (final String role : roles) {
        final PermissionCollection permissions = rolePermissionsMap.get(role);
        if (permissions != null && permissions.implies(permission)) {
            return true;
        }
    }
    return false;
}
Also used : DelegatePermissionCollection(org.apache.openejb.assembler.classic.DelegatePermissionCollection) PermissionCollection(java.security.PermissionCollection) Principal(java.security.Principal)

Aggregations

PermissionCollection (java.security.PermissionCollection)45 Permissions (java.security.Permissions)16 Permission (java.security.Permission)14 FilePermission (java.io.FilePermission)11 ProtectionDomain (java.security.ProtectionDomain)11 CodeSource (java.security.CodeSource)9 Policy (java.security.Policy)9 AllPermission (java.security.AllPermission)6 IOException (java.io.IOException)5 SocketPermission (java.net.SocketPermission)5 URL (java.net.URL)5 File (java.io.File)4 Path (java.nio.file.Path)4 AccessControlContext (java.security.AccessControlContext)4 Principal (java.security.Principal)3 ArrayList (java.util.ArrayList)3 Enumeration (java.util.Enumeration)3 Test (org.junit.Test)3 UnresolvedPermission (java.security.UnresolvedPermission)2 Certificate (java.security.cert.Certificate)2