Example 1 with SecurityPermission
use of java.security.SecurityPermission in project voltdb by VoltDB.
the class JSR166TestCase method runWithSecurityManagerWithPermissions.
/**
* Runs Runnable r with a security policy that permits precisely
* the specified permissions. If there is no current security
* manager, a temporary one is set for the duration of the
* Runnable. We require that any security manager permit
* getPolicy/setPolicy.
*/
public void runWithSecurityManagerWithPermissions(Runnable r, Permission... permissions) {
SecurityManager sm = System.getSecurityManager();
if (sm == null) {
Policy savedPolicy = Policy.getPolicy();
try {
Policy.setPolicy(permissivePolicy());
System.setSecurityManager(new SecurityManager());
runWithSecurityManagerWithPermissions(r, permissions);
} finally {
System.setSecurityManager(null);
Policy.setPolicy(savedPolicy);
}
} else {
Policy savedPolicy = Policy.getPolicy();
AdjustablePolicy policy = new AdjustablePolicy(permissions);
Policy.setPolicy(policy);
try {
r.run();
} finally {
policy.addPermission(new SecurityPermission("setPolicy"));
Policy.setPolicy(savedPolicy);
}
}
}
Also used :
Policy(java.security.Policy)
SecurityPermission(java.security.SecurityPermission)
Example 2 with SecurityPermission
use of java.security.SecurityPermission in project lucene-solr by apache.
the class LuceneTestCase method runWithRestrictedPermissions.
/**
* Runs a code part with restricted permissions (be sure to add all required permissions,
* because it would start with empty permissions). You cannot grant more permissions than
* our policy file allows, but you may restrict writing to several dirs...
* <p><em>Note:</em> This assumes a {@link SecurityManager} enabled, otherwise it
* stops test execution. If enabled, it needs the following {@link SecurityPermission}:
* {@code "createAccessControlContext"}
*/
public static <T> T runWithRestrictedPermissions(PrivilegedExceptionAction<T> action, Permission... permissions) throws Exception {
assumeTrue("runWithRestrictedPermissions requires a SecurityManager enabled", System.getSecurityManager() != null);
// be sure to have required permission, otherwise doPrivileged runs with *no* permissions:
AccessController.checkPermission(new SecurityPermission("createAccessControlContext"));
final PermissionCollection perms = new Permissions();
Arrays.stream(permissions).forEach(perms::add);
final AccessControlContext ctx = new AccessControlContext(new ProtectionDomain[] { new ProtectionDomain(null, perms) });
try {
return AccessController.doPrivileged(action, ctx);
} catch (PrivilegedActionException e) {
throw e.getException();
}
}
Also used :
PermissionCollection(java.security.PermissionCollection)
ProtectionDomain(java.security.ProtectionDomain)
AccessControlContext(java.security.AccessControlContext)
PrivilegedActionException(java.security.PrivilegedActionException)
Permissions(java.security.Permissions)
SecurityPermission(java.security.SecurityPermission)
Example 3 with SecurityPermission
use of java.security.SecurityPermission in project caffeine by ben-manes.
the class JSR166TestCase method runWithSecurityManagerWithPermissions.
/**
* Runs Runnable r with a security policy that permits precisely
* the specified permissions. If there is no current security
* manager, a temporary one is set for the duration of the
* Runnable. We require that any security manager permit
* getPolicy/setPolicy.
*/
public void runWithSecurityManagerWithPermissions(Runnable r, Permission... permissions) {
SecurityManager sm = System.getSecurityManager();
if (sm == null) {
Policy savedPolicy = Policy.getPolicy();
try {
Policy.setPolicy(permissivePolicy());
System.setSecurityManager(new SecurityManager());
runWithSecurityManagerWithPermissions(r, permissions);
} finally {
System.setSecurityManager(null);
Policy.setPolicy(savedPolicy);
}
} else {
Policy savedPolicy = Policy.getPolicy();
AdjustablePolicy policy = new AdjustablePolicy(permissions);
Policy.setPolicy(policy);
try {
r.run();
} finally {
policy.addPermission(new SecurityPermission("setPolicy"));
Policy.setPolicy(savedPolicy);
}
}
}
Also used :
Policy(java.security.Policy)
SecurityPermission(java.security.SecurityPermission)
Example 4 with SecurityPermission
use of java.security.SecurityPermission in project openj9 by eclipse.
the class Test_AccessController method test_doPrivileged_createAccessControlContext.
/**
* java.security.AccessController#doPrivileged(java.security.PrivilegedAction, AccessControlContext)
*/
@Test
public void test_doPrivileged_createAccessControlContext() {
/*
* Classes loaded by this Classloader withPermCL have the Permission JAVA_HOME_READ & CREATE_ACC
*/
ClassLoader withPermCL = new TestURLClassLoader(new URL[] { this.getClass().getProtectionDomain().getCodeSource().getLocation() }, null) {
public PermissionCollection getPermissions(CodeSource cs) {
PermissionCollection pc = super.getPermissions(cs);
pc.add(new PropertyPermission("java.home", "read"));
pc.add(new SecurityPermission("createAccessControlContext"));
return pc;
}
};
try {
Class<?> mwp = Class.forName("org.openj9.test.java.security.Test_AccessController$MainWithPerm", true, withPermCL);
Object mwpObj = mwp.newInstance();
Method m = mwp.getDeclaredMethod("testCreateACC");
m.setAccessible(true);
m.invoke(mwpObj);
} catch (Exception e) {
e.printStackTrace();
Assert.fail("FAIL: TEST FAILED, probably setup issue.");
}
}
Also used :
PermissionCollection(java.security.PermissionCollection)
PropertyPermission(java.util.PropertyPermission)
BeforeMethod(org.testng.annotations.BeforeMethod)
AfterMethod(org.testng.annotations.AfterMethod)
Method(java.lang.reflect.Method)
CodeSource(java.security.CodeSource)
SecurityPermission(java.security.SecurityPermission)
PrivilegedActionException(java.security.PrivilegedActionException)
AccessControlException(java.security.AccessControlException)
Test(org.testng.annotations.Test)
Example 5 with SecurityPermission
use of java.security.SecurityPermission in project wildfly by wildfly.
the class BouncyCastleModuleTestCase method createDeployment.
@Deployment(name = BC_DEPLOYMENT, testable = true)
public static WebArchive createDeployment() {
WebArchive archive = ShrinkWrap.create(WebArchive.class, BC_DEPLOYMENT + ".war");
archive.addPackage(BouncyCastleModuleTestCase.class.getPackage());
// needed to load CDI for arquillian
archive.addAsWebInfResource(EmptyAsset.INSTANCE, "beans.xml");
archive.addAsManifestResource(createPermissionsXmlAsset(new SecurityPermission("insertProvider")), "permissions.xml");
archive.setManifest(new StringAsset("" + "Manifest-Version: 1.0\n" + "Dependencies: org.bouncycastle.bcprov, org.bouncycastle.bcpkix, org.bouncycastle.bcmail\n"));
return archive;
}
Also used :
StringAsset(org.jboss.shrinkwrap.api.asset.StringAsset)
WebArchive(org.jboss.shrinkwrap.api.spec.WebArchive)
SecurityPermission(java.security.SecurityPermission)
Deployment(org.jboss.arquillian.container.test.api.Deployment)
Aggregations
SecurityPermission (java.security.SecurityPermission)27
FilePermission (java.io.FilePermission)8
Deployment (org.jboss.arquillian.container.test.api.Deployment)8
WebArchive (org.jboss.shrinkwrap.api.spec.WebArchive)7
Policy (java.security.Policy)6
JavaArchive (org.jboss.shrinkwrap.api.spec.JavaArchive)6
PropertyPermission (java.util.PropertyPermission)5
OperateOnDeployment (org.jboss.arquillian.container.test.api.OperateOnDeployment)5
TargetsContainer (org.jboss.arquillian.container.test.api.TargetsContainer)5
SocketPermission (java.net.SocketPermission)4
AbstractClientInterceptorsSetupTask (org.jboss.as.test.shared.integration.interceptor.clientside.AbstractClientInterceptorsSetupTask)4
ReflectPermission (java.lang.reflect.ReflectPermission)3
Permission (java.security.Permission)3
PermissionCollection (java.security.PermissionCollection)3
Permissions (java.security.Permissions)3
StringAsset (org.jboss.shrinkwrap.api.asset.StringAsset)3
CodeSource (java.security.CodeSource)2
PrivilegedActionException (java.security.PrivilegedActionException)2
Expectations (mockit.Expectations)2
EnterpriseArchive (org.jboss.shrinkwrap.api.spec.EnterpriseArchive)2
