Examples with Permissions java.security.Permissions used on opensource projects

Search in sources :

Example 31 with Permissions

use of java.security.Permissions in project jdk8u_jdk by JetBrains.

the class RegistryImpl method getAccessControlContext.

/**
     * Generates an AccessControlContext with minimal permissions.
     * The approach used here is taken from the similar method
     * getAccessControlContext() in the sun.applet.AppletPanel class.
     */
private static AccessControlContext getAccessControlContext(int port) {
    // begin with permissions granted to all code in current policy
    PermissionCollection perms = AccessController.doPrivileged(new java.security.PrivilegedAction<PermissionCollection>() {

        public PermissionCollection run() {
            CodeSource codesource = new CodeSource(null, (java.security.cert.Certificate[]) null);
            Policy p = java.security.Policy.getPolicy();
            if (p != null) {
                return p.getPermissions(codesource);
            } else {
                return new Permissions();
            }
        }
    });
    /*
         * Anyone can connect to the registry and the registry can connect
         * to and possibly download stubs from anywhere. Downloaded stubs and
         * related classes themselves are more tightly limited by RMI.
         */
    perms.add(new SocketPermission("*", "connect,accept"));
    perms.add(new SocketPermission("localhost:" + port, "listen,accept"));
    perms.add(new RuntimePermission("accessClassInPackage.sun.jvmstat.*"));
    perms.add(new RuntimePermission("accessClassInPackage.sun.jvm.hotspot.*"));
    perms.add(new FilePermission("<<ALL FILES>>", "read"));
    /*
         * Create an AccessControlContext that consists of a single
         * protection domain with only the permissions calculated above.
         */
    ProtectionDomain pd = new ProtectionDomain(new CodeSource(null, (java.security.cert.Certificate[]) null), perms);
    return new AccessControlContext(new ProtectionDomain[] { pd });
}
Also used : Policy(java.security.Policy) PermissionCollection(java.security.PermissionCollection) ProtectionDomain(java.security.ProtectionDomain) CodeSource(java.security.CodeSource) FilePermission(java.io.FilePermission) AccessControlContext(java.security.AccessControlContext) Permissions(java.security.Permissions)

Example 32 with Permissions

use of java.security.Permissions in project jdk8u_jdk by JetBrains.

the class PathPermissions method init.

private synchronized void init() {
    if (perms != null)
        return;
    perms = new Permissions();
    // this is needed to be able to create the classloader itself!
    perms.add(SecurityConstants.CREATE_CLASSLOADER_PERMISSION);
    // add permission to read any "java.*" property
    perms.add(new java.util.PropertyPermission("java.*", SecurityConstants.PROPERTY_READ_ACTION));
    AccessController.doPrivileged(new PrivilegedAction<Void>() {

        public Void run() {
            for (int i = 0; i < path.length; i++) {
                File f = path[i];
                String path;
                try {
                    path = f.getCanonicalPath();
                } catch (IOException ioe) {
                    path = f.getAbsolutePath();
                }
                if (i == 0) {
                    codeBase = Launcher.getFileURL(new File(path));
                }
                if (f.isDirectory()) {
                    if (path.endsWith(File.separator)) {
                        perms.add(new FilePermission(path + "-", SecurityConstants.FILE_READ_ACTION));
                    } else {
                        perms.add(new FilePermission(path + File.separator + "-", SecurityConstants.FILE_READ_ACTION));
                    }
                } else {
                    int endIndex = path.lastIndexOf(File.separatorChar);
                    if (endIndex != -1) {
                        path = path.substring(0, endIndex + 1) + "-";
                        perms.add(new FilePermission(path, SecurityConstants.FILE_READ_ACTION));
                    } else {
                    // XXX?
                    }
                }
            }
            return null;
        }
    });
}
Also used : Permissions(java.security.Permissions) IOException(java.io.IOException) File(java.io.File) FilePermission(java.io.FilePermission)

Example 33 with Permissions

use of java.security.Permissions in project jdk8u_jdk by JetBrains.

the class SocketPermissionTest method setupSecurityManager.

@BeforeMethod
public void setupSecurityManager() throws Exception {
    // All permissions, a specific ACC will be used to when testing
    // with a reduced permission set.
    Policy.setPolicy(new Policy() {

        final PermissionCollection perms = new Permissions();

        {
            perms.add(new java.security.AllPermission());
        }

        public PermissionCollection getPermissions(ProtectionDomain domain) {
            return perms;
        }

        public PermissionCollection getPermissions(CodeSource codesource) {
            return perms;
        }

        public boolean implies(ProtectionDomain domain, Permission perm) {
            return perms.implies(perm);
        }
    });
    System.setSecurityManager(new SecurityManager());
}
Also used : Policy(java.security.Policy) PermissionCollection(java.security.PermissionCollection) ProtectionDomain(java.security.ProtectionDomain) Permissions(java.security.Permissions) Permission(java.security.Permission) SocketPermission(java.net.SocketPermission) CodeSource(java.security.CodeSource) BeforeMethod(org.testng.annotations.BeforeMethod)

Example 34 with Permissions

use of java.security.Permissions in project jdk8u_jdk by JetBrains.

the class SocketPermissionTest method getAccessControlContext.

private static AccessControlContext getAccessControlContext(Permission... ps) {
    Permissions perms = new Permissions();
    for (Permission p : ps) {
        perms.add(p);
    }
    /*
         *Create an AccessControlContext that consist a single protection domain
         * with only the permissions calculated above
         */
    ProtectionDomain pd = new ProtectionDomain(null, perms);
    return new AccessControlContext(new ProtectionDomain[] { pd });
}
Also used : ProtectionDomain(java.security.ProtectionDomain) AccessControlContext(java.security.AccessControlContext) Permissions(java.security.Permissions) Permission(java.security.Permission) SocketPermission(java.net.SocketPermission)

Example 35 with Permissions

use of java.security.Permissions in project stanbol by apache.

the class UserAwarePolicy method getUserPermissionsFromSystemGraph.

/**
	 * Returns the permissions of the specified user according to the entries in
	 * the sytemGraph.
	 * 
	 * @param user
	 * @return
	 * @throws java.lang.IllegalArgumentException
	 * @throws java.lang.SecurityException
	 */
private PermissionCollection getUserPermissionsFromSystemGraph(final Principal user) throws IllegalArgumentException, SecurityException, UserUnregisteredException {
    final PermissionCollection result = new Permissions();
    AccessController.doPrivileged(new PrivilegedAction<Object>() {

        @Override
        public Object run() {
            logger.debug("Get permissions for user " + user.getName());
            List<String> permissions = getAllPermissionsOfAUserByName(user.getName());
            for (String permissionStr : permissions) {
                logger.debug("Add permission {}", permissionStr);
                Permission perm = permissionMap.get(permissionStr);
                // <code>Permission</code> object is not in the map.
                if (perm == null) {
                    try {
                        perm = PermissionParser.getPermission(permissionStr, getClass().getClassLoader());
                    } catch (IllegalArgumentException e) {
                        logger.error("parsing " + permissionStr, e);
                        continue;
                    } catch (RuntimeException e) {
                        logger.error("instantiating " + permissionStr, e);
                        continue;
                    }
                }
                result.add(perm);
            }
            return null;
        }
    });
    return result;
}
Also used : PermissionCollection(java.security.PermissionCollection) Permissions(java.security.Permissions) Permission(java.security.Permission) ArrayList(java.util.ArrayList) List(java.util.List)

Aggregations

Permissions (java.security.Permissions)35 ProtectionDomain (java.security.ProtectionDomain)21 PermissionCollection (java.security.PermissionCollection)16 AccessControlContext (java.security.AccessControlContext)13 Permission (java.security.Permission)11 FilePermission (java.io.FilePermission)10 CodeSource (java.security.CodeSource)10 SocketPermission (java.net.SocketPermission)7 Path (java.nio.file.Path)6 Policy (java.security.Policy)6 AllPermission (java.security.AllPermission)5 Certificate (java.security.cert.Certificate)5 URLClassLoader (java.net.URLClassLoader)4 File (java.io.File)3 IOException (java.io.IOException)3 SecurityPermission (java.security.SecurityPermission)2 UnresolvedPermission (java.security.UnresolvedPermission)2 ArrayList (java.util.ArrayList)2 Settings (org.elasticsearch.common.settings.Settings)2 Environment (org.elasticsearch.env.Environment)2
About Me
UseOf

Java Tutorials :

Simple Java RabbitMQ Example with Spring
Simple Springboot JPA Eclipeslink Example
Simple SpringBoot JPA Hibernate Example
Jackson JSON @JsonIgnore and @JsonIgnoreProperties Examples
Java Infinite recursion (StackOverflowError) Jackson solutions
Simple Java Jackson Serialize Objects to JSON and convert them back To Object
ElasticSearch 5 - Upload files using Java API in binary field Example
Java JAXB marshall unmarshall Examples from String and Stream
Java 8 forEach List and Map examples
ElasticSearch 5 Java API SearchRequestBuilder examples
Java ElasticSearch 5 examples with node index and mapping - running local
Convert String to int or Integer Java 8
Java 9 in action - JShell - Ubuntu
Java - removing invalid characters from a file name
Hello world!? or Hello Tutorial