Examples with TestClass1 org.apache.activemq.artemis.tests.unit.util.deserialization.pkg1.TestClass1 used on opensource projects

Search in sources :

Example 1 with TestClass1

use of org.apache.activemq.artemis.tests.unit.util.deserialization.pkg1.TestClass1 in project activemq-artemis by apache.

the class ObjectInputStreamWithClassLoaderTest method testWhiteBlackListAgainstListMapObject.

@Test
public void testWhiteBlackListAgainstListMapObject() throws Exception {
    File serailizeFile = new File(temporaryFolder.getRoot(), "testclass.bin");
    Map<TestClass1, TestClass2> sourceObject = new HashMap<>();
    sourceObject.put(new TestClass1(), new TestClass2());
    ObjectOutputStream outputStream = new ObjectOutputStream(new FileOutputStream(serailizeFile));
    try {
        outputStream.writeObject(sourceObject);
        outputStream.flush();
    } finally {
        outputStream.close();
    }
    String blackList = null;
    String whiteList = null;
    Object result = readSerializedObject(whiteList, blackList, serailizeFile);
    assertNull(result);
    // now blacklist the key
    blackList = "org.apache.activemq.artemis.tests.unit.util.deserialization.pkg1.TestClass1";
    whiteList = null;
    result = readSerializedObject(whiteList, blackList, serailizeFile);
    assertTrue(result instanceof ClassNotFoundException);
    // now blacklist the value
    blackList = "org.apache.activemq.artemis.tests.unit.util.deserialization.pkg1.TestClass2";
    whiteList = null;
    result = readSerializedObject(whiteList, blackList, serailizeFile);
    assertTrue(result instanceof ClassNotFoundException);
    // now white list the key, should fail too because value is forbidden
    blackList = null;
    whiteList = "org.apache.activemq.artemis.tests.unit.util.deserialization.pkg1.TestClass1";
    result = readSerializedObject(whiteList, blackList, serailizeFile);
    assertTrue(result instanceof ClassNotFoundException);
    // now white list the value, should fail too because the key is forbidden
    blackList = null;
    whiteList = "org.apache.activemq.artemis.tests.unit.util.deserialization.pkg1.TestClass2";
    result = readSerializedObject(whiteList, blackList, serailizeFile);
    assertTrue(result instanceof ClassNotFoundException);
    // both key and value are in the whitelist, it should fail because HashMap not permitted
    blackList = null;
    whiteList = "org.apache.activemq.artemis.tests.unit.util.deserialization.pkg1.TestClass1," + "org.apache.activemq.artemis.tests.unit.util.deserialization.pkg1.TestClass2";
    result = readSerializedObject(whiteList, blackList, serailizeFile);
    assertTrue(result instanceof ClassNotFoundException);
    // now add HashMap, test should pass.
    blackList = null;
    whiteList = "org.apache.activemq.artemis.tests.unit.util.deserialization.pkg1.TestClass1," + "org.apache.activemq.artemis.tests.unit.util.deserialization.pkg1.TestClass2," + "java.util.HashMap";
    result = readSerializedObject(whiteList, blackList, serailizeFile);
    assertNull(result);
}
Also used : HashMap(java.util.HashMap) FileOutputStream(java.io.FileOutputStream) TestClass2(org.apache.activemq.artemis.tests.unit.util.deserialization.pkg1.TestClass2) TestClass1(org.apache.activemq.artemis.tests.unit.util.deserialization.pkg1.TestClass1) ObjectOutputStream(java.io.ObjectOutputStream) File(java.io.File) Test(org.junit.Test)

Example 2 with TestClass1

use of org.apache.activemq.artemis.tests.unit.util.deserialization.pkg1.TestClass1 in project activemq-artemis by apache.

the class ObjectInputStreamWithClassLoaderTest method testWhiteBlackListSystemProperty.

@Test
public void testWhiteBlackListSystemProperty() throws Exception {
    File serailizeFile = new File(temporaryFolder.getRoot(), "testclass.bin");
    ObjectOutputStream outputStream = new ObjectOutputStream(new FileOutputStream(serailizeFile));
    try {
        outputStream.writeObject(new TestClass1());
        outputStream.flush();
    } finally {
        outputStream.close();
    }
    System.setProperty(ObjectInputStreamWithClassLoader.BLACKLIST_PROPERTY, "system.defined.black.list");
    System.setProperty(ObjectInputStreamWithClassLoader.WHITELIST_PROPERTY, "system.defined.white.list");
    try {
        ObjectInputStreamWithClassLoader ois = new ObjectInputStreamWithClassLoader(new FileInputStream(serailizeFile));
        String bList = ois.getBlackList();
        String wList = ois.getWhiteList();
        assertEquals("wrong black list: " + bList, "system.defined.black.list", bList);
        assertEquals("wrong white list: " + wList, "system.defined.white.list", wList);
        ois.close();
    } finally {
        System.clearProperty(ObjectInputStreamWithClassLoader.BLACKLIST_PROPERTY);
        System.clearProperty(ObjectInputStreamWithClassLoader.WHITELIST_PROPERTY);
    }
}
Also used : ObjectInputStreamWithClassLoader(org.apache.activemq.artemis.utils.ObjectInputStreamWithClassLoader) FileOutputStream(java.io.FileOutputStream) ObjectOutputStream(java.io.ObjectOutputStream) TestClass1(org.apache.activemq.artemis.tests.unit.util.deserialization.pkg1.TestClass1) File(java.io.File) FileInputStream(java.io.FileInputStream) Test(org.junit.Test)

Example 3 with TestClass1

use of org.apache.activemq.artemis.tests.unit.util.deserialization.pkg1.TestClass1 in project activemq-artemis by apache.

the class ObjectInputStreamWithClassLoaderTest method testWhiteBlackListAgainstArrayObject.

@Test
public void testWhiteBlackListAgainstArrayObject() throws Exception {
    File serailizeFile = new File(temporaryFolder.getRoot(), "testclass.bin");
    TestClass1[] sourceObject = new TestClass1[] { new TestClass1() };
    ObjectOutputStream outputStream = new ObjectOutputStream(new FileOutputStream(serailizeFile));
    try {
        outputStream.writeObject(sourceObject);
        outputStream.flush();
    } finally {
        outputStream.close();
    }
    // default ok
    String blackList = null;
    String whiteList = null;
    Object result = readSerializedObject(whiteList, blackList, serailizeFile);
    assertNull(result);
    // now blacklist TestClass1
    blackList = "org.apache.activemq.artemis.tests.unit.util.deserialization.pkg1.TestClass1";
    whiteList = null;
    result = readSerializedObject(whiteList, blackList, serailizeFile);
    assertTrue(result instanceof ClassNotFoundException);
    // now whitelist TestClass1, it should pass.
    blackList = null;
    whiteList = "org.apache.activemq.artemis.tests.unit.util.deserialization.pkg1.TestClass1";
    result = readSerializedObject(whiteList, blackList, serailizeFile);
    assertNull(result);
}
Also used : FileOutputStream(java.io.FileOutputStream) TestClass1(org.apache.activemq.artemis.tests.unit.util.deserialization.pkg1.TestClass1) ObjectOutputStream(java.io.ObjectOutputStream) File(java.io.File) Test(org.junit.Test)

Example 4 with TestClass1

use of org.apache.activemq.artemis.tests.unit.util.deserialization.pkg1.TestClass1 in project activemq-artemis by apache.

the class ObjectInputStreamWithClassLoaderTest method testWhiteBlackList.

@Test
public void testWhiteBlackList() throws Exception {
    File serailizeFile = new File(temporaryFolder.getRoot(), "testclass.bin");
    ObjectOutputStream outputStream = new ObjectOutputStream(new FileOutputStream(serailizeFile));
    try {
        outputStream.writeObject(new TestClass1());
        outputStream.flush();
    } finally {
        outputStream.close();
    }
    // default
    assertNull(readSerializedObject(null, null, serailizeFile));
    // white list
    String whiteList = "org.apache.activemq.artemis.tests.unit.util.deserialization";
    assertNull(readSerializedObject(whiteList, null, serailizeFile));
    whiteList = "org.apache.activemq.artemis.tests.unit.util.deserialization.pkg1";
    assertNull(readSerializedObject(whiteList, null, serailizeFile));
    whiteList = "some.other.package";
    Exception result = readSerializedObject(whiteList, null, serailizeFile);
    assertTrue(result instanceof ClassNotFoundException);
    // blacklist
    String blackList = "org.apache.activemq.artemis.tests.unit.util";
    result = readSerializedObject(null, blackList, serailizeFile);
    assertTrue(result instanceof ClassNotFoundException);
    blackList = "org.apache.activemq.artemis.tests.unit.util.deserialization.pkg1";
    result = readSerializedObject(null, blackList, serailizeFile);
    assertTrue(result instanceof ClassNotFoundException);
    blackList = "org.apache.activemq.artemis.tests.unit.util.deserialization.pkg2";
    result = readSerializedObject(null, blackList, serailizeFile);
    assertNull(result);
    blackList = "some.other.package";
    whiteList = "some.other.package1";
    result = readSerializedObject(whiteList, blackList, serailizeFile);
    assertTrue(result instanceof ClassNotFoundException);
    // blacklist priority
    blackList = "org.apache.activemq.artemis.tests.unit.util.deserialization.pkg1, some.other.package";
    whiteList = "org.apache.activemq.artemis.tests.unit.util.deserialization.pkg1";
    result = readSerializedObject(whiteList, blackList, serailizeFile);
    assertTrue(result instanceof ClassNotFoundException);
    blackList = "org.apache.activemq.artemis.tests.unit, some.other.package";
    whiteList = "org.apache.activemq.artemis.tests.unit.util.deserialization.pkg1";
    result = readSerializedObject(whiteList, blackList, serailizeFile);
    assertTrue(result instanceof ClassNotFoundException);
    blackList = "org.apache.activemq.artemis.tests.unit.util.deserialization.pkg1.pkg2, some.other.package";
    whiteList = "org.apache.activemq.artemis.tests.unit.util.deserialization.pkg1";
    result = readSerializedObject(whiteList, blackList, serailizeFile);
    assertNull(result);
    blackList = "some.other.package, org.apache.activemq.artemis.tests.unit.util.deserialization.pkg2";
    whiteList = "org.apache.activemq.artemis.tests.unit.util.deserialization.pkg1";
    result = readSerializedObject(whiteList, blackList, serailizeFile);
    assertNull(result);
    // wildcard
    blackList = "*";
    whiteList = "org.apache.activemq.artemis.tests.unit.util.deserialization.pkg1";
    result = readSerializedObject(whiteList, blackList, serailizeFile);
    assertTrue(result instanceof ClassNotFoundException);
    blackList = "*";
    whiteList = "*";
    result = readSerializedObject(whiteList, blackList, serailizeFile);
    assertTrue(result instanceof ClassNotFoundException);
    result = readSerializedObject(whiteList, null, serailizeFile);
    assertNull(result);
}
Also used : FileOutputStream(java.io.FileOutputStream) ObjectOutputStream(java.io.ObjectOutputStream) TestClass1(org.apache.activemq.artemis.tests.unit.util.deserialization.pkg1.TestClass1) File(java.io.File) IOException(java.io.IOException) Test(org.junit.Test)

Example 5 with TestClass1

use of org.apache.activemq.artemis.tests.unit.util.deserialization.pkg1.TestClass1 in project activemq-artemis by apache.

the class ObjectInputStreamWithClassLoaderTest method testWhiteBlackListAgainstListObject.

@Test
public void testWhiteBlackListAgainstListObject() throws Exception {
    File serailizeFile = new File(temporaryFolder.getRoot(), "testclass.bin");
    List<TestClass1> sourceObject = new ArrayList<>();
    sourceObject.add(new TestClass1());
    ObjectOutputStream outputStream = new ObjectOutputStream(new FileOutputStream(serailizeFile));
    try {
        outputStream.writeObject(sourceObject);
        outputStream.flush();
    } finally {
        outputStream.close();
    }
    // default ok
    String blackList = null;
    String whiteList = null;
    Object result = readSerializedObject(whiteList, blackList, serailizeFile);
    assertNull(result);
    // now blacklist TestClass1
    blackList = "org.apache.activemq.artemis.tests.unit.util.deserialization.pkg1.TestClass1";
    whiteList = null;
    result = readSerializedObject(whiteList, blackList, serailizeFile);
    assertTrue(result instanceof ClassNotFoundException);
    // now whitelist TestClass1, should fail because the List type is not allowed
    blackList = null;
    whiteList = "org.apache.activemq.artemis.tests.unit.util.deserialization.pkg1.TestClass1";
    result = readSerializedObject(whiteList, blackList, serailizeFile);
    assertTrue(result instanceof ClassNotFoundException);
    // now add List to white list, it should pass
    blackList = null;
    whiteList = "org.apache.activemq.artemis.tests.unit.util.deserialization.pkg1.TestClass1," + "java.util.ArrayList";
    result = readSerializedObject(whiteList, blackList, serailizeFile);
    assertNull(result);
}
Also used : FileOutputStream(java.io.FileOutputStream) ArrayList(java.util.ArrayList) TestClass1(org.apache.activemq.artemis.tests.unit.util.deserialization.pkg1.TestClass1) ObjectOutputStream(java.io.ObjectOutputStream) File(java.io.File) Test(org.junit.Test)

Aggregations

File (java.io.File)5 FileOutputStream (java.io.FileOutputStream)5 ObjectOutputStream (java.io.ObjectOutputStream)5 TestClass1 (org.apache.activemq.artemis.tests.unit.util.deserialization.pkg1.TestClass1)5 Test (org.junit.Test)5 FileInputStream (java.io.FileInputStream)1 IOException (java.io.IOException)1 ArrayList (java.util.ArrayList)1 HashMap (java.util.HashMap)1 TestClass2 (org.apache.activemq.artemis.tests.unit.util.deserialization.pkg1.TestClass2)1 ObjectInputStreamWithClassLoader (org.apache.activemq.artemis.utils.ObjectInputStreamWithClassLoader)1
About Me
UseOf

Java Tutorials :

Simple Java RabbitMQ Example with Spring
Simple Springboot JPA Eclipeslink Example
Simple SpringBoot JPA Hibernate Example
Jackson JSON @JsonIgnore and @JsonIgnoreProperties Examples
Java Infinite recursion (StackOverflowError) Jackson solutions
Simple Java Jackson Serialize Objects to JSON and convert them back To Object
ElasticSearch 5 - Upload files using Java API in binary field Example
Java JAXB marshall unmarshall Examples from String and Stream
Java 8 forEach List and Map examples
ElasticSearch 5 Java API SearchRequestBuilder examples
Java ElasticSearch 5 examples with node index and mapping - running local
Convert String to int or Integer Java 8
Java 9 in action - JShell - Ubuntu
Java - removing invalid characters from a file name
Hello world!? or Hello Tutorial