Examples with SecurityPermission java.security.SecurityPermission used on opensource projects

Search in sources :

Example 11 with SecurityPermission

use of java.security.SecurityPermission in project ignite by apache.

the class SecuritySubjectPermissionsTest method beforeTestsStarted.

/**
 * {@inheritDoc}
 */
@Override
protected void beforeTestsStarted() throws Exception {
    if (System.getSecurityManager() == null) {
        Policy.setPolicy(new Policy() {

            @Override
            public PermissionCollection getPermissions(CodeSource cs) {
                Permissions res = new Permissions();
                res.add(new RuntimePermission("*"));
                res.add(new MBeanServerPermission("*"));
                res.add(new MBeanPermission("*", "*"));
                res.add(new MBeanTrustPermission("*"));
                res.add(new ReflectPermission("*"));
                res.add(new SSLPermission("*"));
                res.add(new ManagementPermission("monitor"));
                res.add(new ManagementPermission("control"));
                res.add(new SerializablePermission("*"));
                res.add(new SecurityPermission("*"));
                res.add(new SocketPermission("*", "connect,accept,listen,resolve"));
                res.add(new FilePermission("<<ALL FILES>>", "read,write,delete,execute,readlink"));
                res.add(new PropertyPermission("*", "read,write"));
                res.add(new TestPermission("common"));
                return res;
            }
        });
        System.setSecurityManager(new SecurityManager());
        setupSM = true;
    }
}
Also used : Policy(java.security.Policy) PermissionCollection(java.security.PermissionCollection) PropertyPermission(java.util.PropertyPermission) MBeanPermission(javax.management.MBeanPermission) SocketPermission(java.net.SocketPermission) ManagementPermission(java.lang.management.ManagementPermission) SSLPermission(javax.net.ssl.SSLPermission) CodeSource(java.security.CodeSource) FilePermission(java.io.FilePermission) MBeanServerPermission(javax.management.MBeanServerPermission) MBeanTrustPermission(javax.management.MBeanTrustPermission) Permissions(java.security.Permissions) ReflectPermission(java.lang.reflect.ReflectPermission) SerializablePermission(java.io.SerializablePermission) SecurityPermission(java.security.SecurityPermission)

Example 12 with SecurityPermission

use of java.security.SecurityPermission in project Payara by payara.

the class PolicyConfigurationImpl method addToExcludedPolicy.

/**
 * Used to add excluded policy statements to this PolicyConfiguration.
 * <P>
 *
 * @param permissions the collection of permissions to be added to the excluded policy statements. The collection may be
 * either a homogenous or heterogenous collection.
 *
 * @throws java.lang.SecurityException if called by an AccessControlContext that has not been granted the "setPolicy"
 * SecurityPermission.
 *
 * @throws java.lang.UnsupportedOperationException if the state of the policy context whose interface is this
 * PolicyConfiguration Object is "deleted" or "inService" when this method is called.
 *
 * @throws javax.security.jacc.PolicyContextException if the implementation throws a checked exception that has not been
 * accounted for by the addToExcludedPolicy method signature. The exception thrown by the implementation class will be
 * encapsulated (during construction) in the thrown PolicyContextException.
 */
@Override
public void addToExcludedPolicy(PermissionCollection permissions) throws PolicyContextException {
    assertStateIsOpen();
    if (permissions != null) {
        checkSetPolicyPermission();
        for (Permission permission : list(permissions.elements())) {
            getExcludedPermissions().add(permission);
            writeOnCommit = true;
        }
    }
}
Also used : Permission(java.security.Permission) SecurityPermission(java.security.SecurityPermission)

Example 13 with SecurityPermission

use of java.security.SecurityPermission in project Payara by payara.

the class PolicyConfigurationImpl method addToRole.

/**
 * Used to add permissions to a named role in this PolicyConfiguration. If the named Role does not exist in the
 * PolicyConfiguration, it is created as a result of the call to this function.
 * <P>
 * It is the job of the Policy provider to ensure that all the permissions added to a role are granted to principals
 * "mapped to the role".
 * <P>
 *
 * @param roleName the name of the Role to which the permissions are to be added.
 * <P>
 * @param permissions the collection of permissions to be added to the role. The collection may be either a homogenous
 * or heterogenous collection.
 *
 * @throws java.lang.SecurityException if called by an AccessControlContext that has not been granted the "setPolicy"
 * SecurityPermission.
 *
 * @throws java.lang.UnsupportedOperationException if the state of the policy context whose interface is this
 * PolicyConfiguration Object is "deleted" or "inService" when this method is called.
 *
 * @throws javax.security.jacc.PolicyContextException if the implementation throws a checked exception that has not been
 * accounted for by the addToRole method signature. The exception thrown by the implementation class will be
 * encapsulated (during construction) in the thrown PolicyContextException.
 */
@Override
public void addToRole(String roleName, PermissionCollection permissions) throws PolicyContextException {
    assertStateIsOpen();
    if (roleName != null && permissions != null) {
        checkSetPolicyPermission();
        for (Permission permission : list(permissions.elements())) {
            getRolePermissions(roleName).add(permission);
            writeOnCommit = true;
        }
    }
}
Also used : Permission(java.security.Permission) SecurityPermission(java.security.SecurityPermission)

Example 14 with SecurityPermission

use of java.security.SecurityPermission in project elasticsearch by elastic.

the class TikaImpl method getRestrictedPermissions.

// compute some minimal permissions for parsers. they only get r/w access to the java temp directory,
// the ability to load some resources from JARs, and read sysprops
static PermissionCollection getRestrictedPermissions() {
    Permissions perms = new Permissions();
    // property/env access needed for parsing
    perms.add(new PropertyPermission("*", "read"));
    perms.add(new RuntimePermission("getenv.TIKA_CONFIG"));
    // add permissions for resource access:
    // classpath
    addReadPermissions(perms, JarHell.parseClassPath());
    // plugin jars
    if (TikaImpl.class.getClassLoader() instanceof URLClassLoader) {
        addReadPermissions(perms, ((URLClassLoader) TikaImpl.class.getClassLoader()).getURLs());
    }
    // jvm's java.io.tmpdir (needs read/write)
    perms.add(new FilePermission(System.getProperty("java.io.tmpdir") + System.getProperty("file.separator") + "-", "read,readlink,write,delete"));
    // current hacks needed for POI/PDFbox issues:
    perms.add(new SecurityPermission("putProviderProperty.BC"));
    perms.add(new SecurityPermission("insertProvider"));
    perms.add(new ReflectPermission("suppressAccessChecks"));
    // xmlbeans, use by POI, needs to get the context classloader
    perms.add(new RuntimePermission("getClassLoader"));
    perms.setReadOnly();
    return perms;
}
Also used : PropertyPermission(java.util.PropertyPermission) URLClassLoader(java.net.URLClassLoader) Permissions(java.security.Permissions) ReflectPermission(java.lang.reflect.ReflectPermission) FilePermission(java.io.FilePermission) SecurityPermission(java.security.SecurityPermission)

Example 15 with SecurityPermission

use of java.security.SecurityPermission in project jdk8u_jdk by JetBrains.

the class KeyStore method engineLoad.

/**
     * Loads the keystore.
     *
     * A compatibility mode is supported for applications that assume
     * keystores are stream-based. It permits (but ignores) a non-null
     * <code>stream</code> or <code>password</code>.
     * The mode is enabled by default.
     * Set the
     * <code>sun.security.mscapi.keyStoreCompatibilityMode</code>
     * system property to <code>false</code> to disable compatibility mode
     * and reject a non-null <code>stream</code> or <code>password</code>.
     *
     * @param stream the input stream, which should be <code>null</code>.
     * @param password the password, which should be <code>null</code>.
     *
     * @exception IOException if there is an I/O or format problem with the
     * keystore data. Or if compatibility mode is disabled and either
     * parameter is non-null.
     * @exception NoSuchAlgorithmException if the algorithm used to check
     * the integrity of the keystore cannot be found
     * @exception CertificateException if any of the certificates in the
     * keystore could not be loaded
     * @exception SecurityException if the security check for
     *  <code>SecurityPermission("authProvider.<i>name</i>")</code> does not
     *  pass, where <i>name</i> is the value returned by
     *  this provider's <code>getName</code> method.
     */
public void engineLoad(InputStream stream, char[] password) throws IOException, NoSuchAlgorithmException, CertificateException {
    if (stream != null && !keyStoreCompatibilityMode) {
        throw new IOException("Keystore input stream must be null");
    }
    if (password != null && !keyStoreCompatibilityMode) {
        throw new IOException("Keystore password must be null");
    }
    /*
         * Use the same security check as AuthProvider.login
         */
    SecurityManager sm = System.getSecurityManager();
    if (sm != null) {
        sm.checkPermission(new SecurityPermission("authProvider.SunMSCAPI"));
    }
    // Clear all key entries
    entries.clear();
    try {
        // Load keys and/or certificate chains
        loadKeysOrCertificateChains(getName());
    } catch (KeyStoreException e) {
        throw new IOException(e);
    }
}
Also used : IOException(java.io.IOException) KeyStoreException(java.security.KeyStoreException) SecurityPermission(java.security.SecurityPermission)

Aggregations

SecurityPermission (java.security.SecurityPermission)27 FilePermission (java.io.FilePermission)8 Deployment (org.jboss.arquillian.container.test.api.Deployment)8 WebArchive (org.jboss.shrinkwrap.api.spec.WebArchive)7 Policy (java.security.Policy)6 JavaArchive (org.jboss.shrinkwrap.api.spec.JavaArchive)6 PropertyPermission (java.util.PropertyPermission)5 OperateOnDeployment (org.jboss.arquillian.container.test.api.OperateOnDeployment)5 TargetsContainer (org.jboss.arquillian.container.test.api.TargetsContainer)5 SocketPermission (java.net.SocketPermission)4 AbstractClientInterceptorsSetupTask (org.jboss.as.test.shared.integration.interceptor.clientside.AbstractClientInterceptorsSetupTask)4 ReflectPermission (java.lang.reflect.ReflectPermission)3 Permission (java.security.Permission)3 PermissionCollection (java.security.PermissionCollection)3 Permissions (java.security.Permissions)3 StringAsset (org.jboss.shrinkwrap.api.asset.StringAsset)3 CodeSource (java.security.CodeSource)2 PrivilegedActionException (java.security.PrivilegedActionException)2 Expectations (mockit.Expectations)2 EnterpriseArchive (org.jboss.shrinkwrap.api.spec.EnterpriseArchive)2
About Me
UseOf

Java Tutorials :

Simple Java RabbitMQ Example with Spring
Simple Springboot JPA Eclipeslink Example
Simple SpringBoot JPA Hibernate Example
Jackson JSON @JsonIgnore and @JsonIgnoreProperties Examples
Java Infinite recursion (StackOverflowError) Jackson solutions
Simple Java Jackson Serialize Objects to JSON and convert them back To Object
ElasticSearch 5 - Upload files using Java API in binary field Example
Java JAXB marshall unmarshall Examples from String and Stream
Java 8 forEach List and Map examples
ElasticSearch 5 Java API SearchRequestBuilder examples
Java ElasticSearch 5 examples with node index and mapping - running local
Convert String to int or Integer Java 8
Java 9 in action - JShell - Ubuntu
Java - removing invalid characters from a file name
Hello world!? or Hello Tutorial