use of java.security.ProtectionDomain in project jdk8u_jdk by JetBrains.
the class PreserveCombinerTest method main.
public static void main(String[] args) throws Exception {
final DomainCombiner dc = new DomainCombiner() {
@Override
public ProtectionDomain[] combine(ProtectionDomain[] currentDomains, ProtectionDomain[] assignedDomains) {
// basically a no-op
return currentDomains;
}
};
// Get an instance of the saved ACC
AccessControlContext saved = AccessController.getContext();
// Simulate the stack ACC with a DomainCombiner attached
AccessControlContext stack = new AccessControlContext(AccessController.getContext(), dc);
// Now try to run JavaSecurityAccess.doIntersectionPrivilege() and assert
// whether the DomainCombiner from the stack ACC is preserved
boolean ret = SharedSecrets.getJavaSecurityAccess().doIntersectionPrivilege(new PrivilegedAction<Boolean>() {
@Override
public Boolean run() {
return dc == AccessController.getContext().getDomainCombiner();
}
}, stack, saved);
if (!ret) {
System.exit(1);
}
}
use of java.security.ProtectionDomain in project jdk8u_jdk by JetBrains.
the class TestLogConfigurationDeadLock method main.
/**
* This test will run both with and without a security manager.
*
* The test starts a number of threads that will call
* LogManager.readConfiguration() concurrently (ReadConf), then starts
* a number of threads that will create new loggers concurrently
* (AddLogger), and then two additional threads: one (Stopper) that
* will stop the test after 4secs (TIME ms), and one DeadlockDetector
* that will attempt to detect deadlocks.
* If after 4secs no deadlock was detected and no exception was thrown
* then the test is considered a success and passes.
*
* This procedure is done twice: once without a security manager and once
* again with a security manager - which means the test takes ~8secs to
* run.
*
* Note that 8sec may not be enough to detect issues if there are some.
* This is a best effort test.
*
* @param args the command line arguments
*/
public static void main(String[] args) throws Exception {
// test without security
System.out.println("No security");
test();
// test with security
System.out.println("\nWith security");
Policy.setPolicy(new Policy() {
@Override
public boolean implies(ProtectionDomain domain, Permission permission) {
if (super.implies(domain, permission))
return true;
// all permissions
return true;
}
});
System.setSecurityManager(new SecurityManager());
test();
}
use of java.security.ProtectionDomain in project jdk8u_jdk by JetBrains.
the class TestLogConfigurationDeadLockWithConf method main.
/**
* This test will run both with and without a security manager.
*
* The test starts a number of threads that will call
* LogManager.readConfiguration() concurrently (ReadConf), then starts
* a number of threads that will create new loggers concurrently
* (AddLogger), and then two additional threads: one (Stopper) that
* will stop the test after 4secs (TIME ms), and one DeadlockDetector
* that will attempt to detect deadlocks.
* If after 4secs no deadlock was detected and no exception was thrown
* then the test is considered a success and passes.
*
* This procedure is done twice: once without a security manager and once
* again with a security manager - which means the test takes ~8secs to
* run.
*
* Note that 8sec may not be enough to detect issues if there are some.
* This is a best effort test.
*
* @param args the command line arguments
* @throws java.lang.Exception if the test fails.
*/
public static void main(String[] args) throws Exception {
File config = new File(System.getProperty("test.src", "."), "deadlockconf.properties");
if (!config.canRead()) {
System.err.println("Can't read config file: test cannot execute.");
System.err.println("Please check your test environment: ");
System.err.println("\t -Dtest.src=" + System.getProperty("test.src", "."));
System.err.println("\t config file is: " + config.getAbsolutePath());
throw new RuntimeException("Can't read config file: " + config.getAbsolutePath());
}
System.setProperty("java.util.logging.config.file", config.getAbsolutePath());
// test without security
System.out.println("No security");
test();
// test with security
System.out.println("\nWith security");
Policy.setPolicy(new Policy() {
@Override
public boolean implies(ProtectionDomain domain, Permission permission) {
if (super.implies(domain, permission))
return true;
// all permissions
return true;
}
});
System.setSecurityManager(new SecurityManager());
test();
}
use of java.security.ProtectionDomain in project wildfly by wildfly.
the class AuthorizationInterceptor method processInvocation.
@Override
public Object processInvocation(InterceptorContext context) throws Exception {
final Component component = context.getPrivateData(Component.class);
if (component instanceof EJBComponent == false) {
throw EjbLogger.ROOT_LOGGER.unexpectedComponent(component, EJBComponent.class);
}
final Method invokedMethod = context.getMethod();
final ComponentView componentView = context.getPrivateData(ComponentView.class);
final String viewClassOfInvokedMethod = componentView.getViewClass().getName();
// shouldn't really happen if the interceptor was setup correctly. But let's be safe and do a check
if (!this.viewClassName.equals(viewClassOfInvokedMethod) || !this.viewMethod.equals(invokedMethod)) {
throw EjbLogger.ROOT_LOGGER.failProcessInvocation(this.getClass().getName(), invokedMethod, viewClassOfInvokedMethod, viewMethod, viewClassName);
}
final EJBComponent ejbComponent = (EJBComponent) component;
final ServerSecurityManager securityManager = ejbComponent.getSecurityManager();
final MethodInterfaceType methodIntfType = this.getMethodInterfaceType(componentView.getPrivateData(MethodIntf.class));
// set the JACC contextID before calling the security manager.
final String previousContextID = setContextID(this.contextID);
try {
if (WildFlySecurityManager.isChecking()) {
try {
AccessController.doPrivileged(new PrivilegedExceptionAction<Object>() {
@Override
public ProtectionDomain run() {
if (!securityManager.authorize(ejbComponent.getComponentName(), componentView.getProxyClass().getProtectionDomain().getCodeSource(), methodIntfType.name(), AuthorizationInterceptor.this.viewMethod, AuthorizationInterceptor.this.getMethodRolesAsPrincipals(), AuthorizationInterceptor.this.contextID)) {
throw EjbLogger.ROOT_LOGGER.invocationOfMethodNotAllowed(invokedMethod, ejbComponent.getComponentName());
}
return null;
}
});
} catch (PrivilegedActionException e) {
throw e.getException();
}
} else {
if (!securityManager.authorize(ejbComponent.getComponentName(), componentView.getProxyClass().getProtectionDomain().getCodeSource(), methodIntfType.name(), this.viewMethod, this.getMethodRolesAsPrincipals(), this.contextID)) {
throw EjbLogger.ROOT_LOGGER.invocationOfMethodNotAllowed(invokedMethod, ejbComponent.getComponentName());
}
}
// successful authorization, let the invocation proceed
return context.proceed();
} finally {
// reset the previous JACC contextID.
setContextID(previousContextID);
}
}
use of java.security.ProtectionDomain in project intellij-community by JetBrains.
the class SystemClassLoaderAction method getDefaultDomain.
/*
* returns (and initializes) the default domain.
*/
private synchronized ProtectionDomain getDefaultDomain() {
if (defaultDomain == null) {
CodeSource cs = new CodeSource(null, null);
defaultDomain = new ProtectionDomain(cs, null, this, null);
}
return defaultDomain;
}
Aggregations