Examples with Permissions java.security.Permissions used on opensource projects

Search in sources :

Example 11 with Permissions

use of java.security.Permissions in project joda-time by JodaOrg.

the class TestDateTimeZone method testZoneInfoProviderResourceLoading.

public void testZoneInfoProviderResourceLoading() {
    final Set<String> ids = new HashSet<String>(DateTimeZone.getAvailableIDs());
    ids.remove(DateTimeZone.getDefault().getID());
    final String id = ids.toArray(new String[ids.size()])[new Random().nextInt(ids.size())];
    try {
        Policy.setPolicy(new Policy() {

            @Override
            public PermissionCollection getPermissions(CodeSource codesource) {
                Permissions p = new Permissions();
                // enable everything
                p.add(new AllPermission());
                return p;
            }

            @Override
            public void refresh() {
            }

            @Override
            public boolean implies(ProtectionDomain domain, Permission permission) {
                return !(permission instanceof FilePermission) && !permission.getName().contains(id);
            }
        });
        System.setSecurityManager(new SecurityManager());
        // will throw IllegalArgumentException if the resource can
        // not be loaded
        final DateTimeZone zone = DateTimeZone.forID(id);
        assertNotNull(zone);
    } finally {
        System.setSecurityManager(null);
        Policy.setPolicy(ALLOW);
    }
}
Also used : Policy(java.security.Policy) PermissionCollection(java.security.PermissionCollection) ProtectionDomain(java.security.ProtectionDomain) CodeSource(java.security.CodeSource) FilePermission(java.io.FilePermission) Random(java.util.Random) Permissions(java.security.Permissions) AllPermission(java.security.AllPermission) FilePermission(java.io.FilePermission) Permission(java.security.Permission) AllPermission(java.security.AllPermission) HashSet(java.util.HashSet)

Example 12 with Permissions

use of java.security.Permissions in project lucene-solr by apache.

the class LuceneTestCase method runWithRestrictedPermissions.

/** 
   * Runs a code part with restricted permissions (be sure to add all required permissions,
   * because it would start with empty permissions). You cannot grant more permissions than
   * our policy file allows, but you may restrict writing to several dirs...
   * <p><em>Note:</em> This assumes a {@link SecurityManager} enabled, otherwise it
   * stops test execution. If enabled, it needs the following {@link SecurityPermission}:
   * {@code "createAccessControlContext"}
   */
public static <T> T runWithRestrictedPermissions(PrivilegedExceptionAction<T> action, Permission... permissions) throws Exception {
    assumeTrue("runWithRestrictedPermissions requires a SecurityManager enabled", System.getSecurityManager() != null);
    // be sure to have required permission, otherwise doPrivileged runs with *no* permissions:
    AccessController.checkPermission(new SecurityPermission("createAccessControlContext"));
    final PermissionCollection perms = new Permissions();
    Arrays.stream(permissions).forEach(perms::add);
    final AccessControlContext ctx = new AccessControlContext(new ProtectionDomain[] { new ProtectionDomain(null, perms) });
    try {
        return AccessController.doPrivileged(action, ctx);
    } catch (PrivilegedActionException e) {
        throw e.getException();
    }
}
Also used : PermissionCollection(java.security.PermissionCollection) ProtectionDomain(java.security.ProtectionDomain) AccessControlContext(java.security.AccessControlContext) PrivilegedActionException(java.security.PrivilegedActionException) Permissions(java.security.Permissions) SecurityPermission(java.security.SecurityPermission)

Example 13 with Permissions

use of java.security.Permissions in project wildfly by wildfly.

the class SecurityHelper method getSecurityContextForJNDILookup.

private static AccessControlContext getSecurityContextForJNDILookup(Collection<JndiPermission> jndiPermissions) {
    CodeSource src = new CodeSource(null, (Certificate[]) null);
    Permissions perms = new Permissions();
    for (JndiPermission p : jndiPermissions) {
        perms.add(p);
    }
    ProtectionDomain domain = new ProtectionDomain(src, perms);
    AccessControlContext ctx = new AccessControlContext(new ProtectionDomain[] { domain });
    return ctx;
}
Also used : ProtectionDomain(java.security.ProtectionDomain) AccessControlContext(java.security.AccessControlContext) Permissions(java.security.Permissions) JndiPermission(org.wildfly.naming.java.permission.JndiPermission) CodeSource(java.security.CodeSource) Certificate(java.security.cert.Certificate)

Example 14 with Permissions

use of java.security.Permissions in project jdk8u_jdk by JetBrains.

the class MBeanInstantiator method getClassLoader.

private ClassLoader getClassLoader(final ObjectName name) {
    if (clr == null) {
        return null;
    }
    // Restrict to getClassLoader permission only
    Permissions permissions = new Permissions();
    permissions.add(new MBeanPermission("*", null, name, "getClassLoader"));
    ProtectionDomain protectionDomain = new ProtectionDomain(null, permissions);
    ProtectionDomain[] domains = { protectionDomain };
    AccessControlContext ctx = new AccessControlContext(domains);
    ClassLoader loader = AccessController.doPrivileged(new PrivilegedAction<ClassLoader>() {

        public ClassLoader run() {
            return clr.getClassLoader(name);
        }
    }, ctx);
    return loader;
}
Also used : ProtectionDomain(java.security.ProtectionDomain) AccessControlContext(java.security.AccessControlContext) MBeanPermission(javax.management.MBeanPermission) Permissions(java.security.Permissions)

Example 15 with Permissions

use of java.security.Permissions in project jdk8u_jdk by JetBrains.

the class RMIConnectionImpl method withPermissions.

private static AccessControlContext withPermissions(Permission... perms) {
    Permissions col = new Permissions();
    for (Permission thePerm : perms) {
        col.add(thePerm);
    }
    final ProtectionDomain pd = new ProtectionDomain(null, col);
    return new AccessControlContext(new ProtectionDomain[] { pd });
}
Also used : ProtectionDomain(java.security.ProtectionDomain) AccessControlContext(java.security.AccessControlContext) Permissions(java.security.Permissions) Permission(java.security.Permission)

Aggregations

Permissions (java.security.Permissions)35 ProtectionDomain (java.security.ProtectionDomain)21 PermissionCollection (java.security.PermissionCollection)16 AccessControlContext (java.security.AccessControlContext)13 Permission (java.security.Permission)11 FilePermission (java.io.FilePermission)10 CodeSource (java.security.CodeSource)10 SocketPermission (java.net.SocketPermission)7 Path (java.nio.file.Path)6 Policy (java.security.Policy)6 AllPermission (java.security.AllPermission)5 Certificate (java.security.cert.Certificate)5 URLClassLoader (java.net.URLClassLoader)4 File (java.io.File)3 IOException (java.io.IOException)3 SecurityPermission (java.security.SecurityPermission)2 UnresolvedPermission (java.security.UnresolvedPermission)2 ArrayList (java.util.ArrayList)2 Settings (org.elasticsearch.common.settings.Settings)2 Environment (org.elasticsearch.env.Environment)2
About Me
UseOf

Java Tutorials :

Simple Java RabbitMQ Example with Spring
Simple Springboot JPA Eclipeslink Example
Simple SpringBoot JPA Hibernate Example
Jackson JSON @JsonIgnore and @JsonIgnoreProperties Examples
Java Infinite recursion (StackOverflowError) Jackson solutions
Simple Java Jackson Serialize Objects to JSON and convert them back To Object
ElasticSearch 5 - Upload files using Java API in binary field Example
Java JAXB marshall unmarshall Examples from String and Stream
Java 8 forEach List and Map examples
ElasticSearch 5 Java API SearchRequestBuilder examples
Java ElasticSearch 5 examples with node index and mapping - running local
Convert String to int or Integer Java 8
Java 9 in action - JShell - Ubuntu
Java - removing invalid characters from a file name
Hello world!? or Hello Tutorial