java.net.URLPermission Java Examples

The following examples show how to use java.net.URLPermission. You can vote up the ones you like or vote down the ones you don't like, and go to the original project or source file by following the links above each example. You may check out the related API usage on the sidebar.
Example #1
Source File: URLPermissionTest.java    From openjdk-jdk8u with GNU General Public License v2.0 6 votes vote down vote up
static void serializationTest(String name, String actions)
    throws Exception {

    URLPermission out = new URLPermission(name, actions);

    ByteArrayOutputStream baos = new ByteArrayOutputStream();
    ObjectOutputStream o = new ObjectOutputStream(baos);
    o.writeObject(out);
    ByteArrayInputStream bain = new ByteArrayInputStream(baos.toByteArray());
    ObjectInputStream i = new ObjectInputStream(bain);
    URLPermission in = (URLPermission)i.readObject();
    if (!in.equals(out)) {
        System.out.println ("FAIL");
        System.out.println ("in = " + in);
        System.out.println ("out = " + out);
        failed = true;
    }
}
 
Example #2
Source File: URLPermissionTest.java    From jdk8u60 with GNU General Public License v2.0 6 votes vote down vote up
static void serializationTest(String name, String actions)
    throws Exception {

    URLPermission out = new URLPermission(name, actions);

    ByteArrayOutputStream baos = new ByteArrayOutputStream();
    ObjectOutputStream o = new ObjectOutputStream(baos);
    o.writeObject(out);
    ByteArrayInputStream bain = new ByteArrayInputStream(baos.toByteArray());
    ObjectInputStream i = new ObjectInputStream(bain);
    URLPermission in = (URLPermission)i.readObject();
    if (!in.equals(out)) {
        System.out.println ("FAIL");
        System.out.println ("in = " + in);
        System.out.println ("out = " + out);
        failed = true;
    }
}
 
Example #3
Source File: URLPermissionTest.java    From jdk8u-jdk with GNU General Public License v2.0 6 votes vote down vote up
static void serializationTest(String name, String actions)
    throws Exception {

    URLPermission out = new URLPermission(name, actions);

    ByteArrayOutputStream baos = new ByteArrayOutputStream();
    ObjectOutputStream o = new ObjectOutputStream(baos);
    o.writeObject(out);
    ByteArrayInputStream bain = new ByteArrayInputStream(baos.toByteArray());
    ObjectInputStream i = new ObjectInputStream(bain);
    URLPermission in = (URLPermission)i.readObject();
    if (!in.equals(out)) {
        System.out.println ("FAIL");
        System.out.println ("in = " + in);
        System.out.println ("out = " + out);
        failed = true;
    }
}
 
Example #4
Source File: URLTest.java    From openjdk-jdk9 with GNU General Public License v2.0 6 votes vote down vote up
static void test2() throws IOException {
    System.out.println("\n--- Test 2 ---");

    SecurityManager sm = System.getSecurityManager();
    if (sm != null) {
        Policy.setPolicy(new CustomPolicy(
            new URLPermission("http://127.0.0.1:"+httpPort+"/*", "GET:X-Foo"),
            new URLPermission("https://127.0.0.1:"+httpsPort+"/*", "POST:X-Fob")));
    }

    String url1 = "http://127.0.0.1:"+httpPort+"/foo.html";
    String url2 = "https://127.0.0.1:"+httpsPort+"/foo.html";
    String url3 = "http://127.0.0.1:"+httpPort+"/bar.html";
    String url4 = "https://127.0.0.1:"+httpsPort+"/bar.html";

    // simple positive test. Should succeed
    test(url1, "GET", "X-Foo");
    test(url2, "POST", "X-Fob");
    test(url3, "GET", "X-Foo");
    test(url4, "POST", "X-Fob");
}
 
Example #5
Source File: PluginSandboxPolicy.java    From rapidminer-studio with GNU Affero General Public License v3.0 6 votes vote down vote up
/**
 * Adds a couple of common permissions for both unsigned extensions as well as Groovy scripts.
 *
 * @param permissions
 *            the permissions object which will get the permissions added to it
 */
private static void addCommonPermissions(Permissions permissions) {
	permissions.add(new AudioPermission("play"));
	permissions.add(new AWTPermission("listenToAllAWTEvents"));
	permissions.add(new AWTPermission("setWindowAlwaysOnTop"));
	permissions.add(new AWTPermission("showWindowWithoutWarningBanner"));
	permissions.add(new AWTPermission("watchMousePointer"));
	permissions.add(new LoggingPermission("control", ""));
	permissions.add(new SocketPermission("*", "connect, listen, accept, resolve"));
	permissions.add(new URLPermission("http://-", "*:*"));
	permissions.add(new URLPermission("https://-", "*:*"));

	// because random Java library calls use sun classes which may or may not do an acess check,
	// we have to grant access to all of them
	// this is a very unfortunate permission and I would love to not have it
	// so if at any point in the future this won't be necessary any longer, remove it!!!
	permissions.add(new RuntimePermission("accessClassInPackage.sun.*"));

	permissions.add(new RuntimePermission("accessDeclaredMembers"));
	permissions.add(new RuntimePermission("getenv.*"));
	permissions.add(new RuntimePermission("getFileSystemAttributes"));
	permissions.add(new RuntimePermission("readFileDescriptor"));
	permissions.add(new RuntimePermission("writeFileDescriptor"));
	permissions.add(new RuntimePermission("queuePrintJob"));
	permissions.add(new NetPermission("specifyStreamHandler"));
}
 
Example #6
Source File: URLPermissionTest.java    From openjdk-jdk9 with GNU General Public License v2.0 6 votes vote down vote up
static void serializationTest(String name, String actions)
    throws Exception {

    URLPermission out = new URLPermission(name, actions);

    ByteArrayOutputStream baos = new ByteArrayOutputStream();
    ObjectOutputStream o = new ObjectOutputStream(baos);
    o.writeObject(out);
    ByteArrayInputStream bain = new ByteArrayInputStream(baos.toByteArray());
    ObjectInputStream i = new ObjectInputStream(bain);
    URLPermission in = (URLPermission)i.readObject();
    if (!in.equals(out)) {
        System.out.println ("FAIL");
        System.out.println ("in = " + in);
        System.out.println ("out = " + out);
        failed = true;
    }
}
 
Example #7
Source File: URLPermissionTest.java    From dragonwell8_jdk with GNU General Public License v2.0 6 votes vote down vote up
static void serializationTest(String name, String actions)
    throws Exception {

    URLPermission out = new URLPermission(name, actions);

    ByteArrayOutputStream baos = new ByteArrayOutputStream();
    ObjectOutputStream o = new ObjectOutputStream(baos);
    o.writeObject(out);
    ByteArrayInputStream bain = new ByteArrayInputStream(baos.toByteArray());
    ObjectInputStream i = new ObjectInputStream(bain);
    URLPermission in = (URLPermission)i.readObject();
    if (!in.equals(out)) {
        System.out.println ("FAIL");
        System.out.println ("in = " + in);
        System.out.println ("out = " + out);
        failed = true;
    }
}
 
Example #8
Source File: URLPermissionTest.java    From hottub with GNU General Public License v2.0 6 votes vote down vote up
static void serializationTest(String name, String actions)
    throws Exception {

    URLPermission out = new URLPermission(name, actions);

    ByteArrayOutputStream baos = new ByteArrayOutputStream();
    ObjectOutputStream o = new ObjectOutputStream(baos);
    o.writeObject(out);
    ByteArrayInputStream bain = new ByteArrayInputStream(baos.toByteArray());
    ObjectInputStream i = new ObjectInputStream(bain);
    URLPermission in = (URLPermission)i.readObject();
    if (!in.equals(out)) {
        System.out.println ("FAIL");
        System.out.println ("in = " + in);
        System.out.println ("out = " + out);
        failed = true;
    }
}
 
Example #9
Source File: HttpURLConnection.java    From openjdk-jdk9 with GNU General Public License v2.0 5 votes vote down vote up
/**
 *  if the caller has a URLPermission for connecting to the
 *  given URL, then return a SocketPermission which permits
 *  access to that destination. Return null otherwise. The permission
 *  is cached in a field (which can only be changed by redirects)
 */
SocketPermission URLtoSocketPermission(URL url) throws IOException {

    if (socketPermission != null) {
        return socketPermission;
    }

    SecurityManager sm = System.getSecurityManager();

    if (sm == null) {
        return null;
    }

    // the permission, which we might grant

    SocketPermission newPerm = new SocketPermission(
        getHostAndPort(url), "connect"
    );

    String actions = getRequestMethod()+":" +
            getUserSetHeaders().getHeaderNamesInList();

    String urlstring = url.getProtocol() + "://" + url.getAuthority()
            + url.getPath();

    URLPermission p = new URLPermission(urlstring, actions);
    try {
        sm.checkPermission(p);
        socketPermission = newPerm;
        return socketPermission;
    } catch (SecurityException e) {
        // fall thru
    }
    return null;
}
 
Example #10
Source File: URLPermissionTest.java    From openjdk-jdk9 with GNU General Public License v2.0 5 votes vote down vote up
@Override
boolean execute() {
    try {
        URLPermission p = new URLPermission(arg);
        return true;
    } catch (Exception e) {
        return false;
    }
}
 
Example #11
Source File: URLPermissionTest.java    From hottub with GNU General Public License v2.0 5 votes vote down vote up
@Override
  boolean execute() {
    String url1 = "http://www.foo.com/-";
    String url2 = "http://www.foo.com/a/b";
    URLPermission p1 = new URLPermission(url1, arg1);
    URLPermission p2 = new URLPermission(url2, arg2);
    boolean result = p1.implies(p2);

    return result == expected;
}
 
Example #12
Source File: URLTest.java    From openjdk-jdk9 with GNU General Public License v2.0 5 votes vote down vote up
static void test1() throws IOException {
    System.out.println("\n--- Test 1 ---");

    boolean expectException = false;
    SecurityManager sm = System.getSecurityManager();
    if (sm != null) {
        expectException = true;
        Policy.setPolicy(new CustomPolicy(
            new URLPermission("http://127.0.0.1:"+httpPort+"/foo.html", "GET:X-Foo,Z-Bar"),
            new URLPermission("https://127.0.0.1:"+httpsPort+"/foo.html", "POST:X-Fob,T-Bar")));
    }

    String url1 = "http://127.0.0.1:"+httpPort+"/foo.html";
    String url2 = "https://127.0.0.1:"+httpsPort+"/foo.html";
    String url3 = "http://127.0.0.1:"+httpPort+"/bar.html";
    String url4 = "https://127.0.0.1:"+httpsPort+"/bar.html";

    // simple positive test. Should succeed
    test(url1, "GET", "X-Foo");
    test(url1, "GET", "Z-Bar", "X-Foo");
    test(url1, "GET", "X-Foo", "Z-Bar");
    test(url1, "GET", "Z-Bar");
    test(url2, "POST", "X-Fob");

    // reverse the methods, should fail
    test(url1, "POST", "X-Foo", expectException);
    test(url2, "GET", "X-Fob", expectException);

    // different URLs, should fail
    test(url3, "GET", "X-Foo", expectException);
    test(url4, "POST", "X-Fob", expectException);
}
 
Example #13
Source File: HttpURLConnection.java    From jdk8u_jdk with GNU General Public License v2.0 5 votes vote down vote up
/**
 *  if the caller has a URLPermission for connecting to the
 *  given URL, then return a SocketPermission which permits
 *  access to that destination. Return null otherwise. The permission
 *  is cached in a field (which can only be changed by redirects)
 */
SocketPermission URLtoSocketPermission(URL url) throws IOException {

    if (socketPermission != null) {
        return socketPermission;
    }

    SecurityManager sm = System.getSecurityManager();

    if (sm == null) {
        return null;
    }

    // the permission, which we might grant

    SocketPermission newPerm = new SocketPermission(
        getHostAndPort(url), "connect"
    );

    String actions = getRequestMethod()+":" +
            getUserSetHeaders().getHeaderNamesInList();

    String urlstring = url.getProtocol() + "://" + url.getAuthority()
            + url.getPath();

    URLPermission p = new URLPermission(urlstring, actions);
    try {
        sm.checkPermission(p);
        socketPermission = newPerm;
        return socketPermission;
    } catch (SecurityException e) {
        // fall thru
    }
    return null;
}
 
Example #14
Source File: URLPermissionTest.java    From jdk8u-jdk with GNU General Public License v2.0 5 votes vote down vote up
@Override
boolean execute() {
    try {
        URLPermission p = new URLPermission(arg);
        return false;
    } catch (IllegalArgumentException e) {
        return true;
    }
}
 
Example #15
Source File: URLPermissionTest.java    From jdk8u-dev-jdk with GNU General Public License v2.0 5 votes vote down vote up
@Override
  boolean execute() {
    URLPermission p1 = new URLPermission(arg1);
    URLPermission p2 = new URLPermission(arg2);
    boolean result = p1.equals(p2);

    return result == expected;
}
 
Example #16
Source File: URLPermissionTest.java    From jdk8u-jdk with GNU General Public License v2.0 5 votes vote down vote up
boolean execute() {
    URLPermission p1 = new URLPermission (arg1, "GET:*");
    URLPermission p2 = new URLPermission (arg2, "GET:*");
    boolean result = p1.implies(p2);
    if (result != expected) {
        System.out.println("p1 = " + p1);
        System.out.println("p2 = " + p2);
    }
    return result == expected;
}
 
Example #17
Source File: URLPermissionTest.java    From jdk8u-jdk with GNU General Public License v2.0 5 votes vote down vote up
@Override
boolean execute() {
    try {
        URLPermission p = new URLPermission(arg);
        return true;
    } catch (Exception e) {
        return false;
    }
}
 
Example #18
Source File: HttpURLConnection.java    From jdk8u-jdk with GNU General Public License v2.0 5 votes vote down vote up
/**
 *  if the caller has a URLPermission for connecting to the
 *  given URL, then return a SocketPermission which permits
 *  access to that destination. Return null otherwise. The permission
 *  is cached in a field (which can only be changed by redirects)
 */
SocketPermission URLtoSocketPermission(URL url) throws IOException {

    if (socketPermission != null) {
        return socketPermission;
    }

    SecurityManager sm = System.getSecurityManager();

    if (sm == null) {
        return null;
    }

    // the permission, which we might grant

    SocketPermission newPerm = new SocketPermission(
        getHostAndPort(url), "connect"
    );

    String actions = getRequestMethod()+":" +
            getUserSetHeaders().getHeaderNamesInList();

    String urlstring = url.getProtocol() + "://" + url.getAuthority()
            + url.getPath();

    URLPermission p = new URLPermission(urlstring, actions);
    try {
        sm.checkPermission(p);
        socketPermission = newPerm;
        return socketPermission;
    } catch (SecurityException e) {
        // fall thru
    }
    return null;
}
 
Example #19
Source File: URLPermissionTest.java    From hottub with GNU General Public License v2.0 5 votes vote down vote up
@Override
boolean execute() {
    try {
        URLPermission p = new URLPermission(arg);
        return true;
    } catch (Exception e) {
        return false;
    }
}
 
Example #20
Source File: URLPermissionTest.java    From hottub with GNU General Public License v2.0 5 votes vote down vote up
@Override
  boolean execute() {
    URLPermission p1 = new URLPermission(arg1);
    URLPermission p2 = new URLPermission(arg2);
    boolean result = p1.equals(p2);

    return result == expected;
}
 
Example #21
Source File: HttpURLConnection.java    From Bytecoder with Apache License 2.0 5 votes vote down vote up
/**
 *  if the caller has a URLPermission for connecting to the
 *  given URL, then return a SocketPermission which permits
 *  access to that destination. Return null otherwise. The permission
 *  is cached in a field (which can only be changed by redirects)
 */
SocketPermission URLtoSocketPermission(URL url) throws IOException {

    if (socketPermission != null) {
        return socketPermission;
    }

    SecurityManager sm = System.getSecurityManager();

    if (sm == null) {
        return null;
    }

    // the permission, which we might grant

    SocketPermission newPerm = new SocketPermission(
        getHostAndPort(url), "connect"
    );

    String actions = getRequestMethod()+":" +
            getUserSetHeaders().getHeaderNamesInList();

    String urlstring = url.getProtocol() + "://" + url.getAuthority()
            + url.getPath();

    URLPermission p = new URLPermission(urlstring, actions);
    try {
        sm.checkPermission(p);
        socketPermission = newPerm;
        return socketPermission;
    } catch (SecurityException e) {
        // fall thru
    }
    return null;
}
 
Example #22
Source File: HttpURLConnection.java    From jdk8u-dev-jdk with GNU General Public License v2.0 5 votes vote down vote up
/**
 *  if the caller has a URLPermission for connecting to the
 *  given URL, then return a SocketPermission which permits
 *  access to that destination. Return null otherwise. The permission
 *  is cached in a field (which can only be changed by redirects)
 */
SocketPermission URLtoSocketPermission(URL url) throws IOException {

    if (socketPermission != null) {
        return socketPermission;
    }

    SecurityManager sm = System.getSecurityManager();

    if (sm == null) {
        return null;
    }

    // the permission, which we might grant

    SocketPermission newPerm = new SocketPermission(
        getHostAndPort(url), "connect"
    );

    String actions = getRequestMethod()+":" +
            getUserSetHeaders().getHeaderNamesInList();

    String urlstring = url.getProtocol() + "://" + url.getAuthority()
            + url.getPath();

    URLPermission p = new URLPermission(urlstring, actions);
    try {
        sm.checkPermission(p);
        socketPermission = newPerm;
        return socketPermission;
    } catch (SecurityException e) {
        // fall thru
    }
    return null;
}
 
Example #23
Source File: URLPermissionTest.java    From jdk8u-dev-jdk with GNU General Public License v2.0 5 votes vote down vote up
@Override
boolean execute() {
    try {
        URLPermission p = new URLPermission(arg);
        return false;
    } catch (IllegalArgumentException e) {
        return true;
    }
}
 
Example #24
Source File: URLPermissionTest.java    From openjdk-8-source with GNU General Public License v2.0 5 votes vote down vote up
boolean execute() {
    URLPermission p1 = new URLPermission (arg1, "GET:*");
    URLPermission p2 = new URLPermission (arg2, "GET:*");
    boolean result = p1.implies(p2);
    if (result != expected) {
        System.out.println("p1 = " + p1);
        System.out.println("p2 = " + p2);
    }
    return result == expected;
}
 
Example #25
Source File: URLPermissionTest.java    From openjdk-jdk8u-backup with GNU General Public License v2.0 5 votes vote down vote up
@Override
boolean execute() {
    try {
        URLPermission p = new URLPermission(arg);
        return false;
    } catch (IllegalArgumentException e) {
        return true;
    }
}
 
Example #26
Source File: URLPermissionTest.java    From openjdk-8-source with GNU General Public License v2.0 5 votes vote down vote up
@Override
boolean execute() {
    try {
        URLPermission p = new URLPermission(arg);
        return true;
    } catch (Exception e) {
        return false;
    }
}
 
Example #27
Source File: URLPermissionTest.java    From jdk8u_jdk with GNU General Public License v2.0 5 votes vote down vote up
@Override
boolean execute() {
    try {
        URLPermission p = new URLPermission(arg);
        return true;
    } catch (Exception e) {
        return false;
    }
}
 
Example #28
Source File: HttpURLConnection.java    From openjdk-jdk8u-backup with GNU General Public License v2.0 5 votes vote down vote up
/**
 *  if the caller has a URLPermission for connecting to the
 *  given URL, then return a SocketPermission which permits
 *  access to that destination. Return null otherwise. The permission
 *  is cached in a field (which can only be changed by redirects)
 */
SocketPermission URLtoSocketPermission(URL url) throws IOException {

    if (socketPermission != null) {
        return socketPermission;
    }

    SecurityManager sm = System.getSecurityManager();

    if (sm == null) {
        return null;
    }

    // the permission, which we might grant

    SocketPermission newPerm = new SocketPermission(
        getHostAndPort(url), "connect"
    );

    String actions = getRequestMethod()+":" +
            getUserSetHeaders().getHeaderNamesInList();

    String urlstring = url.getProtocol() + "://" + url.getAuthority()
            + url.getPath();

    URLPermission p = new URLPermission(urlstring, actions);
    try {
        sm.checkPermission(p);
        socketPermission = newPerm;
        return socketPermission;
    } catch (SecurityException e) {
        // fall thru
    }
    return null;
}
 
Example #29
Source File: URLPermissionTest.java    From openjdk-jdk8u-backup with GNU General Public License v2.0 5 votes vote down vote up
boolean execute() {
    URLPermission p1 = new URLPermission (arg1, "GET:*");
    URLPermission p2 = new URLPermission (arg2, "GET:*");
    boolean result = p1.implies(p2);
    if (result != expected) {
        System.out.println("p1 = " + p1);
        System.out.println("p2 = " + p2);
    }
    return result == expected;
}
 
Example #30
Source File: URLPermissionTest.java    From hottub with GNU General Public License v2.0 5 votes vote down vote up
boolean execute() {
    URLPermission p1 = new URLPermission (arg1, "GET:*");
    URLPermission p2 = new URLPermission (arg2, "GET:*");
    boolean result = p1.implies(p2);
    if (result != expected) {
        System.out.println("p1 = " + p1);
        System.out.println("p2 = " + p2);
    }
    return result == expected;
}