java.net.SocketPermission Java Examples

The following examples show how to use java.net.SocketPermission. You can vote up the ones you like or vote down the ones you don't like, and go to the original project or source file by following the links above each example. You may check out the related API usage on the sidebar.
Example #1
Source File: PolicyFile.java    From TencentKona-8 with GNU General Public License v2.0 6 votes vote down vote up
/**
 * Creates one of the well-known permissions directly instead of
 * via reflection. Keep list short to not penalize non-JDK-defined
 * permissions.
 */
private static final Permission getKnownInstance(Class<?> claz,
    String name, String actions) {
    if (claz.equals(FilePermission.class)) {
        return new FilePermission(name, actions);
    } else if (claz.equals(SocketPermission.class)) {
        return new SocketPermission(name, actions);
    } else if (claz.equals(RuntimePermission.class)) {
        return new RuntimePermission(name, actions);
    } else if (claz.equals(PropertyPermission.class)) {
        return new PropertyPermission(name, actions);
    } else if (claz.equals(NetPermission.class)) {
        return new NetPermission(name, actions);
    } else if (claz.equals(AllPermission.class)) {
        return SecurityConstants.ALL_PERMISSION;
    } else {
        return null;
    }
}
 
Example #2
Source File: AppletViewer.java    From openjdk-8-source with GNU General Public License v2.0 6 votes vote down vote up
/**
 * Get an applet by name.
 */
public Applet getApplet(String name) {
    AppletSecurity security = (AppletSecurity)System.getSecurityManager();
    name = name.toLowerCase();
    SocketPermission panelSp =
        new SocketPermission(panel.getCodeBase().getHost(), "connect");
    for (Enumeration e = appletPanels.elements() ; e.hasMoreElements() ;) {
        AppletPanel p = (AppletPanel)e.nextElement();
        String param = p.getParameter("name");
        if (param != null) {
            param = param.toLowerCase();
        }
        if (name.equals(param) &&
            p.getDocumentBase().equals(panel.getDocumentBase())) {

            SocketPermission sp =
                new SocketPermission(p.getCodeBase().getHost(), "connect");

            if (panelSp.implies(sp)) {
                return p.applet;
            }
        }
    }
    return null;
}
 
Example #3
Source File: AppletViewer.java    From TencentKona-8 with GNU General Public License v2.0 6 votes vote down vote up
/**
 * Return an enumeration of all the accessible
 * applets on this page.
 */
@Override
public Enumeration getApplets() {
    AppletSecurity security = (AppletSecurity)System.getSecurityManager();
    Vector v = new Vector();
    SocketPermission panelSp =
        new SocketPermission(panel.getCodeBase().getHost(), "connect");

    for (Enumeration e = appletPanels.elements() ; e.hasMoreElements() ;) {
        AppletPanel p = (AppletPanel)e.nextElement();
        if (p.getDocumentBase().equals(panel.getDocumentBase())) {

            SocketPermission sp =
                new SocketPermission(p.getCodeBase().getHost(), "connect");
            if (panelSp.implies(sp)) {
                v.addElement(p.applet);
            }
        }
    }
    return v.elements();
}
 
Example #4
Source File: AppletViewer.java    From openjdk-jdk8u with GNU General Public License v2.0 6 votes vote down vote up
/**
 * Get an applet by name.
 */
@Override
public Applet getApplet(String name) {
    AppletSecurity security = (AppletSecurity)System.getSecurityManager();
    name = name.toLowerCase();
    SocketPermission panelSp =
        new SocketPermission(panel.getCodeBase().getHost(), "connect");
    for (Enumeration e = appletPanels.elements() ; e.hasMoreElements() ;) {
        AppletPanel p = (AppletPanel)e.nextElement();
        String param = p.getParameter("name");
        if (param != null) {
            param = param.toLowerCase();
        }
        if (name.equals(param) &&
            p.getDocumentBase().equals(panel.getDocumentBase())) {

            SocketPermission sp =
                new SocketPermission(p.getCodeBase().getHost(), "connect");

            if (panelSp.implies(sp)) {
                return p.applet;
            }
        }
    }
    return null;
}
 
Example #5
Source File: HttpURLConnection.java    From jdk8u60 with GNU General Public License v2.0 6 votes vote down vote up
@Override
public synchronized OutputStream getOutputStream() throws IOException {
    connecting = true;
    SocketPermission p = URLtoSocketPermission(this.url);

    if (p != null) {
        try {
            return AccessController.doPrivilegedWithCombiner(
                new PrivilegedExceptionAction<OutputStream>() {
                    public OutputStream run() throws IOException {
                        return getOutputStream0();
                    }
                }, null, p
            );
        } catch (PrivilegedActionException e) {
            throw (IOException) e.getException();
        }
    } else {
        return getOutputStream0();
    }
}
 
Example #6
Source File: HttpURLConnection.java    From jdk8u60 with GNU General Public License v2.0 6 votes vote down vote up
protected void plainConnect()  throws IOException {
    synchronized (this) {
        if (connected) {
            return;
        }
    }
    SocketPermission p = URLtoSocketPermission(this.url);
    if (p != null) {
        try {
            AccessController.doPrivilegedWithCombiner(
                new PrivilegedExceptionAction<Void>() {
                    public Void run() throws IOException {
                        plainConnect0();
                        return null;
                    }
                }, null, p
            );
        } catch (PrivilegedActionException e) {
                throw (IOException) e.getException();
        }
    } else {
        // run without additional permission
        plainConnect0();
    }
}
 
Example #7
Source File: HttpURLConnection.java    From hottub with GNU General Public License v2.0 6 votes vote down vote up
@Override
public synchronized OutputStream getOutputStream() throws IOException {
    connecting = true;
    SocketPermission p = URLtoSocketPermission(this.url);

    if (p != null) {
        try {
            return AccessController.doPrivilegedWithCombiner(
                new PrivilegedExceptionAction<OutputStream>() {
                    public OutputStream run() throws IOException {
                        return getOutputStream0();
                    }
                }, null, p
            );
        } catch (PrivilegedActionException e) {
            throw (IOException) e.getException();
        }
    } else {
        return getOutputStream0();
    }
}
 
Example #8
Source File: AddToReadOnlyPermissionCollection.java    From openjdk-jdk8u-backup with GNU General Public License v2.0 6 votes vote down vote up
static void trySockPC() throws Exception {
    try {
        SocketPermission p0= new SocketPermission("example.com","connect");
        PermissionCollection pc = p0.newPermissionCollection();
        pc.setReadOnly();   // this should lock out future adds
        //
        SocketPermission p1= new SocketPermission("example.net","connect");
        pc.add(p1);
        throw new
            Exception("Failed...SocketPermission added to readonly SocketPermissionCollection.");

    } catch (SecurityException se) {
        System.out.println("SocketPermissionCollection passed");
    }

}
 
Example #9
Source File: AppletViewer.java    From TencentKona-8 with GNU General Public License v2.0 6 votes vote down vote up
/**
 * Get an applet by name.
 */
@Override
public Applet getApplet(String name) {
    AppletSecurity security = (AppletSecurity)System.getSecurityManager();
    name = name.toLowerCase();
    SocketPermission panelSp =
        new SocketPermission(panel.getCodeBase().getHost(), "connect");
    for (Enumeration e = appletPanels.elements() ; e.hasMoreElements() ;) {
        AppletPanel p = (AppletPanel)e.nextElement();
        String param = p.getParameter("name");
        if (param != null) {
            param = param.toLowerCase();
        }
        if (name.equals(param) &&
            p.getDocumentBase().equals(panel.getDocumentBase())) {

            SocketPermission sp =
                new SocketPermission(p.getCodeBase().getHost(), "connect");

            if (panelSp.implies(sp)) {
                return p.applet;
            }
        }
    }
    return null;
}
 
Example #10
Source File: PolicyFile.java    From openjdk-8-source with GNU General Public License v2.0 6 votes vote down vote up
/**
 * Creates one of the well-known permissions directly instead of
 * via reflection. Keep list short to not penalize non-JDK-defined
 * permissions.
 */
private static final Permission getKnownInstance(Class<?> claz,
    String name, String actions) {
    if (claz.equals(FilePermission.class)) {
        return new FilePermission(name, actions);
    } else if (claz.equals(SocketPermission.class)) {
        return new SocketPermission(name, actions);
    } else if (claz.equals(RuntimePermission.class)) {
        return new RuntimePermission(name, actions);
    } else if (claz.equals(PropertyPermission.class)) {
        return new PropertyPermission(name, actions);
    } else if (claz.equals(NetPermission.class)) {
        return new NetPermission(name, actions);
    } else if (claz.equals(AllPermission.class)) {
        return SecurityConstants.ALL_PERMISSION;
    } else {
        return null;
    }
}
 
Example #11
Source File: AppletViewer.java    From jdk8u-dev-jdk with GNU General Public License v2.0 6 votes vote down vote up
/**
 * Return an enumeration of all the accessible
 * applets on this page.
 */
@Override
public Enumeration getApplets() {
    AppletSecurity security = (AppletSecurity)System.getSecurityManager();
    Vector v = new Vector();
    SocketPermission panelSp =
        new SocketPermission(panel.getCodeBase().getHost(), "connect");

    for (Enumeration e = appletPanels.elements() ; e.hasMoreElements() ;) {
        AppletPanel p = (AppletPanel)e.nextElement();
        if (p.getDocumentBase().equals(panel.getDocumentBase())) {

            SocketPermission sp =
                new SocketPermission(p.getCodeBase().getHost(), "connect");
            if (panelSp.implies(sp)) {
                v.addElement(p.applet);
            }
        }
    }
    return v.elements();
}
 
Example #12
Source File: HttpURLConnection.java    From Bytecoder with Apache License 2.0 6 votes vote down vote up
@Override
public synchronized OutputStream getOutputStream() throws IOException {
    connecting = true;
    SocketPermission p = URLtoSocketPermission(this.url);

    if (p != null) {
        try {
            return AccessController.doPrivilegedWithCombiner(
                new PrivilegedExceptionAction<>() {
                    public OutputStream run() throws IOException {
                        return getOutputStream0();
                    }
                }, null, p
            );
        } catch (PrivilegedActionException e) {
            throw (IOException) e.getException();
        }
    } else {
        return getOutputStream0();
    }
}
 
Example #13
Source File: HttpURLConnection.java    From jdk8u60 with GNU General Public License v2.0 6 votes vote down vote up
@Override
public synchronized InputStream getInputStream() throws IOException {
    connecting = true;
    SocketPermission p = URLtoSocketPermission(this.url);

    if (p != null) {
        try {
            return AccessController.doPrivilegedWithCombiner(
                new PrivilegedExceptionAction<InputStream>() {
                    public InputStream run() throws IOException {
                        return getInputStream0();
                    }
                }, null, p
            );
        } catch (PrivilegedActionException e) {
            throw (IOException) e.getException();
        }
    } else {
        return getInputStream0();
    }
}
 
Example #14
Source File: HttpURLConnection.java    From jdk8u_jdk with GNU General Public License v2.0 6 votes vote down vote up
@Override
public synchronized OutputStream getOutputStream() throws IOException {
    connecting = true;
    SocketPermission p = URLtoSocketPermission(this.url);

    if (p != null) {
        try {
            return AccessController.doPrivilegedWithCombiner(
                new PrivilegedExceptionAction<OutputStream>() {
                    public OutputStream run() throws IOException {
                        return getOutputStream0();
                    }
                }, null, p
            );
        } catch (PrivilegedActionException e) {
            throw (IOException) e.getException();
        }
    } else {
        return getOutputStream0();
    }
}
 
Example #15
Source File: PolicyFile.java    From hottub with GNU General Public License v2.0 6 votes vote down vote up
/**
 * Creates one of the well-known permissions directly instead of
 * via reflection. Keep list short to not penalize non-JDK-defined
 * permissions.
 */
private static final Permission getKnownInstance(Class<?> claz,
    String name, String actions) {
    if (claz.equals(FilePermission.class)) {
        return new FilePermission(name, actions);
    } else if (claz.equals(SocketPermission.class)) {
        return new SocketPermission(name, actions);
    } else if (claz.equals(RuntimePermission.class)) {
        return new RuntimePermission(name, actions);
    } else if (claz.equals(PropertyPermission.class)) {
        return new PropertyPermission(name, actions);
    } else if (claz.equals(NetPermission.class)) {
        return new NetPermission(name, actions);
    } else if (claz.equals(AllPermission.class)) {
        return SecurityConstants.ALL_PERMISSION;
    } else {
        return null;
    }
}
 
Example #16
Source File: PolicyFile.java    From Bytecoder with Apache License 2.0 6 votes vote down vote up
/**
 * Creates one of the well-known permissions in the java.base module
 * directly instead of via reflection. Keep list short to not penalize
 * permissions from other modules.
 */
private static Permission getKnownPermission(Class<?> claz, String name,
                                             String actions) {
    if (claz.equals(FilePermission.class)) {
        return new FilePermission(name, actions);
    } else if (claz.equals(SocketPermission.class)) {
        return new SocketPermission(name, actions);
    } else if (claz.equals(RuntimePermission.class)) {
        return new RuntimePermission(name, actions);
    } else if (claz.equals(PropertyPermission.class)) {
        return new PropertyPermission(name, actions);
    } else if (claz.equals(NetPermission.class)) {
        return new NetPermission(name, actions);
    } else if (claz.equals(AllPermission.class)) {
        return SecurityConstants.ALL_PERMISSION;
    } else if (claz.equals(SecurityPermission.class)) {
        return new SecurityPermission(name, actions);
    } else {
        return null;
    }
}
 
Example #17
Source File: Exchange.java    From openjdk-jdk9 with GNU General Public License v2.0 6 votes vote down vote up
private static SocketPermission getSocketPermissionFor(URI url) {
    if (System.getSecurityManager() == null) {
        return null;
    }

    StringBuilder sb = new StringBuilder();
    String host = url.getHost();
    sb.append(host);
    int port = url.getPort();
    if (port == -1) {
        String scheme = url.getScheme();
        if ("http".equals(scheme)) {
            sb.append(":80");
        } else { // scheme must be https
            sb.append(":443");
        }
    } else {
        sb.append(':')
          .append(Integer.toString(port));
    }
    String target = sb.toString();
    return new SocketPermission(target, "connect");
}
 
Example #18
Source File: PolicyFile.java    From openjdk-jdk8u-backup with GNU General Public License v2.0 6 votes vote down vote up
/**
 * Creates one of the well-known permissions directly instead of
 * via reflection. Keep list short to not penalize non-JDK-defined
 * permissions.
 */
private static final Permission getKnownInstance(Class<?> claz,
    String name, String actions) {
    if (claz.equals(FilePermission.class)) {
        return new FilePermission(name, actions);
    } else if (claz.equals(SocketPermission.class)) {
        return new SocketPermission(name, actions);
    } else if (claz.equals(RuntimePermission.class)) {
        return new RuntimePermission(name, actions);
    } else if (claz.equals(PropertyPermission.class)) {
        return new PropertyPermission(name, actions);
    } else if (claz.equals(NetPermission.class)) {
        return new NetPermission(name, actions);
    } else if (claz.equals(AllPermission.class)) {
        return SecurityConstants.ALL_PERMISSION;
    } else {
        return null;
    }
}
 
Example #19
Source File: AddToReadOnlyPermissionCollection.java    From jdk8u60 with GNU General Public License v2.0 6 votes vote down vote up
static void trySockPC() throws Exception {
    try {
        SocketPermission p0= new SocketPermission("example.com","connect");
        PermissionCollection pc = p0.newPermissionCollection();
        pc.setReadOnly();   // this should lock out future adds
        //
        SocketPermission p1= new SocketPermission("example.net","connect");
        pc.add(p1);
        throw new
            Exception("Failed...SocketPermission added to readonly SocketPermissionCollection.");

    } catch (SecurityException se) {
        System.out.println("SocketPermissionCollection passed");
    }

}
 
Example #20
Source File: AppletViewer.java    From dragonwell8_jdk with GNU General Public License v2.0 6 votes vote down vote up
/**
 * Return an enumeration of all the accessible
 * applets on this page.
 */
@Override
public Enumeration getApplets() {
    AppletSecurity security = (AppletSecurity)System.getSecurityManager();
    Vector v = new Vector();
    SocketPermission panelSp =
        new SocketPermission(panel.getCodeBase().getHost(), "connect");

    for (Enumeration e = appletPanels.elements() ; e.hasMoreElements() ;) {
        AppletPanel p = (AppletPanel)e.nextElement();
        if (p.getDocumentBase().equals(panel.getDocumentBase())) {

            SocketPermission sp =
                new SocketPermission(p.getCodeBase().getHost(), "connect");
            if (panelSp.implies(sp)) {
                v.addElement(p.applet);
            }
        }
    }
    return v.elements();
}
 
Example #21
Source File: GopherURLConnection.java    From freehealth-connector with GNU Affero General Public License v3.0 5 votes vote down vote up
public Permission getPermission() {
   if (this.permission == null) {
      int port = this.url.getPort();
      port = port < 0 ? 70 : port;
      String host = this.url.getHost() + ":" + this.url.getPort();
      this.permission = new SocketPermission(host, "connect");
   }

   return this.permission;
}
 
Example #22
Source File: ActionSpace.java    From openjdk-jdk8u with GNU General Public License v2.0 5 votes vote down vote up
public static void main(String[]args) throws Exception {
    try {
        SocketPermission sp =
            new SocketPermission("*", "connect , accept");
    } catch (Exception e) {
        throw new Exception("should not have caught an exception");
    }
}
 
Example #23
Source File: Wildcard.java    From jdk8u-jdk with GNU General Public License v2.0 5 votes vote down vote up
public static void main(String[] args) throws Exception {
    SocketPermission star_All =
            new SocketPermission("*.blabla.bla", "listen,accept,connect");
    SocketPermission www_All =
            new SocketPermission("bla.blabla.bla", "listen,accept,connect");

    if (!star_All.implies(www_All)) {
        throw new RuntimeException(
               "Failed: " + star_All + " does not imply " + www_All);
    }
}
 
Example #24
Source File: HttpURLConnection.java    From jdk8u60 with GNU General Public License v2.0 5 votes vote down vote up
/**
 *  if the caller has a URLPermission for connecting to the
 *  given URL, then return a SocketPermission which permits
 *  access to that destination. Return null otherwise. The permission
 *  is cached in a field (which can only be changed by redirects)
 */
SocketPermission URLtoSocketPermission(URL url) throws IOException {

    if (socketPermission != null) {
        return socketPermission;
    }

    SecurityManager sm = System.getSecurityManager();

    if (sm == null) {
        return null;
    }

    // the permission, which we might grant

    SocketPermission newPerm = new SocketPermission(
        getHostAndPort(url), "connect"
    );

    String actions = getRequestMethod()+":" +
            getUserSetHeaders().getHeaderNamesInList();

    String urlstring = url.getProtocol() + "://" + url.getAuthority()
            + url.getPath();

    URLPermission p = new URLPermission(urlstring, actions);
    try {
        sm.checkPermission(p);
        socketPermission = newPerm;
        return socketPermission;
    } catch (SecurityException e) {
        // fall thru
    }
    return null;
}
 
Example #25
Source File: HttpURLConnectionImpl.java    From apiman with Apache License 2.0 5 votes vote down vote up
@Override public final Permission getPermission() throws IOException {
  String hostName = getURL().getHost();
  int hostPort = Util.getEffectivePort(getURL());
  if (usingProxy()) {
    InetSocketAddress proxyAddress = (InetSocketAddress) client.getProxy().address();
    hostName = proxyAddress.getHostName();
    hostPort = proxyAddress.getPort();
  }
  return new SocketPermission(hostName + ":" + hostPort, "connect, resolve");
}
 
Example #26
Source File: SocketPermissionTest.java    From openjdk-jdk8u-backup with GNU General Public License v2.0 5 votes vote down vote up
@Test
public void joinGroupMulticastTest() throws Exception {
    InetAddress group = InetAddress.getByName("229.227.226.221");
    try (MulticastSocket s = new MulticastSocket(0)) {
        int port = s.getLocalPort();

        String addr = "localhost:" + port;
        AccessControlContext acc = getAccessControlContext(
                new SocketPermission(addr, "listen,resolve"),
                new SocketPermission("229.227.226.221", "connect,accept"));

        // Positive
        AccessController.doPrivileged((PrivilegedExceptionAction<Void>) () -> {
            s.joinGroup(group);
            s.leaveGroup(group);
            return null;
        }, acc);

        // Negative
        try {
            AccessController.doPrivileged((PrivilegedExceptionAction<Void>) () -> {
                s.joinGroup(group);
                s.leaveGroup(group);
                fail("Expected SecurityException");
                return null;
            }, RESTRICTED_ACC);
        } catch (SecurityException expected) { }
    }

}
 
Example #27
Source File: HttpURLConnection.java    From jdk8u-dev-jdk with GNU General Public License v2.0 5 votes vote down vote up
/**
 *  if the caller has a URLPermission for connecting to the
 *  given URL, then return a SocketPermission which permits
 *  access to that destination. Return null otherwise. The permission
 *  is cached in a field (which can only be changed by redirects)
 */
SocketPermission URLtoSocketPermission(URL url) throws IOException {

    if (socketPermission != null) {
        return socketPermission;
    }

    SecurityManager sm = System.getSecurityManager();

    if (sm == null) {
        return null;
    }

    // the permission, which we might grant

    SocketPermission newPerm = new SocketPermission(
        getHostAndPort(url), "connect"
    );

    String actions = getRequestMethod()+":" +
            getUserSetHeaders().getHeaderNamesInList();

    String urlstring = url.getProtocol() + "://" + url.getAuthority()
            + url.getPath();

    URLPermission p = new URLPermission(urlstring, actions);
    try {
        sm.checkPermission(p);
        socketPermission = newPerm;
        return socketPermission;
    } catch (SecurityException e) {
        // fall thru
    }
    return null;
}
 
Example #28
Source File: HttpURLConnection.java    From hottub with GNU General Public License v2.0 5 votes vote down vote up
/**
 *  if the caller has a URLPermission for connecting to the
 *  given URL, then return a SocketPermission which permits
 *  access to that destination. Return null otherwise. The permission
 *  is cached in a field (which can only be changed by redirects)
 */
SocketPermission URLtoSocketPermission(URL url) throws IOException {

    if (socketPermission != null) {
        return socketPermission;
    }

    SecurityManager sm = System.getSecurityManager();

    if (sm == null) {
        return null;
    }

    // the permission, which we might grant

    SocketPermission newPerm = new SocketPermission(
        getHostAndPort(url), "connect"
    );

    String actions = getRequestMethod()+":" +
            getUserSetHeaders().getHeaderNamesInList();

    String urlstring = url.getProtocol() + "://" + url.getAuthority()
            + url.getPath();

    URLPermission p = new URLPermission(urlstring, actions);
    try {
        sm.checkPermission(p);
        socketPermission = newPerm;
        return socketPermission;
    } catch (SecurityException e) {
        // fall thru
    }
    return null;
}
 
Example #29
Source File: SocketPermissionTest.java    From TencentKona-8 with GNU General Public License v2.0 5 votes vote down vote up
@Test
public void joinGroupMulticastTest() throws Exception {
    InetAddress group = InetAddress.getByName("229.227.226.221");
    try (MulticastSocket s = new MulticastSocket(0)) {
        int port = s.getLocalPort();

        String addr = "localhost:" + port;
        AccessControlContext acc = getAccessControlContext(
                new SocketPermission(addr, "listen,resolve"),
                new SocketPermission("229.227.226.221", "connect,accept"));

        // Positive
        AccessController.doPrivileged((PrivilegedExceptionAction<Void>) () -> {
            s.joinGroup(group);
            s.leaveGroup(group);
            return null;
        }, acc);

        // Negative
        try {
            AccessController.doPrivileged((PrivilegedExceptionAction<Void>) () -> {
                s.joinGroup(group);
                s.leaveGroup(group);
                fail("Expected SecurityException");
                return null;
            }, RESTRICTED_ACC);
        } catch (SecurityException expected) { }
    }

}
 
Example #30
Source File: ActionSpace.java    From TencentKona-8 with GNU General Public License v2.0 5 votes vote down vote up
public static void main(String[]args) throws Exception {
    try {
        SocketPermission sp =
            new SocketPermission("*", "connect , accept");
    } catch (Exception e) {
        throw new Exception("should not have caught an exception");
    }
}