java.security.Permissions Java Examples
The following examples show how to use
java.security.Permissions.
You can vote up the ones you like or vote down the ones you don't like,
and go to the original project or source file by following the links above each example. You may check out the related API usage on the sidebar.
Example #1
Source File: CallbacksSecurityTests.java From java-technology-stack with MIT License | 6 votes |
@Before public void setUp() throws Exception { final ProtectionDomain empty = new ProtectionDomain(null, new Permissions()); provider = new SecurityContextProvider() { private final AccessControlContext acc = new AccessControlContext( new ProtectionDomain[] { empty }); @Override public AccessControlContext getAccessControlContext() { return acc; } }; DefaultResourceLoader drl = new DefaultResourceLoader(); Resource config = drl .getResource("/org/springframework/beans/factory/support/security/callbacks.xml"); beanFactory = new DefaultListableBeanFactory(); new XmlBeanDefinitionReader(beanFactory).loadBeanDefinitions(config); beanFactory.setSecurityContextProvider(provider); }
Example #2
Source File: Activation.java From openjdk-jdk9 with GNU General Public License v2.0 | 6 votes |
private static PermissionCollection getExecPermissions() { /* * The approach used here is taken from the similar method * getLoaderAccessControlContext() in the class * sun.rmi.server.LoaderHandler. */ // obtain permissions granted to all code in current policy PermissionCollection perms = AccessController.doPrivileged( new PrivilegedAction<PermissionCollection>() { public PermissionCollection run() { CodeSource codesource = new CodeSource(null, (Certificate[]) null); Policy p = Policy.getPolicy(); if (p != null) { return p.getPermissions(codesource); } else { return new Permissions(); } } }); return perms; }
Example #3
Source File: FieldSetAccessibleTest.java From hottub with GNU General Public License v2.0 | 6 votes |
public SimplePolicy(TestCase test, ThreadLocal<AtomicBoolean> allowAll) { this.allowAll = allowAll; // Permission needed by the tested code exercised in the test permissions = new Permissions(); permissions.add(new RuntimePermission("fileSystemProvider")); permissions.add(new RuntimePermission("createClassLoader")); permissions.add(new RuntimePermission("closeClassLoader")); permissions.add(new RuntimePermission("getClassLoader")); permissions.add(new RuntimePermission("accessDeclaredMembers")); permissions.add(new ReflectPermission("suppressAccessChecks")); permissions.add(new PropertyPermission("*", "read")); permissions.add(new FilePermission("<<ALL FILES>>", "read")); // these are used for configuring the test itself... allPermissions = new Permissions(); allPermissions.add(new java.security.AllPermission()); }
Example #4
Source File: LoaderHandler.java From TencentKona-8 with GNU General Public License v2.0 | 6 votes |
private Loader(URL[] urls, ClassLoader parent) { super(urls, parent); this.parent = parent; /* * Precompute the permissions required to access the loader. */ permissions = new Permissions(); addPermissionsForURLs(urls, permissions, false); /* * Caching the value of class annotation string here assumes * that the protected method addURL() is never called on this * class loader. */ annotation = urlsToPath(urls); }
Example #5
Source File: FileHandlerPath.java From jdk8u60 with GNU General Public License v2.0 | 6 votes |
public SimplePolicy(TestCase test, AtomicBoolean allowAll) { this.allowAll = allowAll; permissions = new Permissions(); permissions.add(new LoggingPermission("control", null)); // needed by new FileHandler() permissions.add(new FilePermission("<<ALL FILES>>", "read")); // needed by new FileHandler() permissions.add(new FilePermission(logFile, "write,delete")); // needed by new FileHandler() permissions.add(new FilePermission(logFile+".lck", "write,delete")); // needed by FileHandler.close() permissions.add(new FilePermission(logFile+".1", "write,delete")); // needed by new FileHandler() permissions.add(new FilePermission(logFile+".1.lck", "write,delete")); // needed by FileHandler.close() permissions.add(new FilePermission(tmpLogFile, "write,delete")); // needed by new FileHandler() permissions.add(new FilePermission(tmpLogFile+".lck", "write,delete")); // needed by FileHandler.close() permissions.add(new FilePermission(tmpLogFile+".1", "write,delete")); // needed by new FileHandler() permissions.add(new FilePermission(tmpLogFile+".1.lck", "write,delete")); // needed by FileHandler.close() permissions.add(new FilePermission(userDir, "write")); // needed by new FileHandler() permissions.add(new FilePermission(tmpDir, "write")); // needed by new FileHandler() permissions.add(new PropertyPermission("user.dir", "read")); permissions.add(new PropertyPermission("java.io.tmpdir", "read")); allPermissions = new Permissions(); allPermissions.add(new java.security.AllPermission()); }
Example #6
Source File: GetCallerClassTest.java From openjdk-jdk9 with GNU General Public License v2.0 | 6 votes |
public static void main(String... args) throws Exception { if (args.length > 0 && args[0].equals("sm")) { PermissionCollection perms = new Permissions(); perms.add(new RuntimePermission("getStackWalkerWithClassReference")); Policy.setPolicy(new Policy() { @Override public boolean implies(ProtectionDomain domain, Permission p) { return perms.implies(p); } }); System.setSecurityManager(new SecurityManager()); } new GetCallerClassTest(StackWalker.getInstance(), true).test(); new GetCallerClassTest(StackWalker.getInstance(RETAIN_CLASS_REFERENCE), false).test(); new GetCallerClassTest(StackWalker.getInstance(EnumSet.of(RETAIN_CLASS_REFERENCE, SHOW_HIDDEN_FRAMES)), false).test(); }
Example #7
Source File: FrameworkPolicy.java From knopflerfish.org with BSD 3-Clause "New" or "Revised" License | 6 votes |
/** */ @Override public PermissionCollection getPermissions(CodeSource cs) { if (null==cs) { // Not a code source for a bundle, delegate to the default policy return defaultPolicy.getPermissions(cs); } final URL u = cs.getLocation(); if (u != null && BundleURLStreamHandler.PROTOCOL.equals(u.getProtocol())) { try { final Long id = new Long(BundleURLStreamHandler.getId(u.getHost())); //return getPermissions(id); final PermissionCollection pc = ph.getPermissionCollection(id); if (pc != null) { return copy(pc); } } catch (final NumberFormatException ignore) { } return new Permissions(); } else { return defaultPolicy.getPermissions(cs); } }
Example #8
Source File: CallbacksSecurityTests.java From spring-analysis-note with MIT License | 6 votes |
@Before public void setUp() throws Exception { final ProtectionDomain empty = new ProtectionDomain(null, new Permissions()); provider = new SecurityContextProvider() { private final AccessControlContext acc = new AccessControlContext( new ProtectionDomain[] { empty }); @Override public AccessControlContext getAccessControlContext() { return acc; } }; DefaultResourceLoader drl = new DefaultResourceLoader(); Resource config = drl .getResource("/org/springframework/beans/factory/support/security/callbacks.xml"); beanFactory = new DefaultListableBeanFactory(); new XmlBeanDefinitionReader(beanFactory).loadBeanDefinitions(config); beanFactory.setSecurityContextProvider(provider); }
Example #9
Source File: MBeanInstantiator.java From jdk1.8-source-analysis with Apache License 2.0 | 6 votes |
private ClassLoader getClassLoader(final ObjectName name) { if(clr == null){ return null; } // Restrict to getClassLoader permission only Permissions permissions = new Permissions(); permissions.add(new MBeanPermission("*", null, name, "getClassLoader")); ProtectionDomain protectionDomain = new ProtectionDomain(null, permissions); ProtectionDomain[] domains = {protectionDomain}; AccessControlContext ctx = new AccessControlContext(domains); ClassLoader loader = AccessController.doPrivileged(new PrivilegedAction<ClassLoader>() { public ClassLoader run() { return clr.getClassLoader(name); } }, ctx); return loader; }
Example #10
Source File: LoggerBridgeTest.java From openjdk-jdk9 with GNU General Public License v2.0 | 6 votes |
Permissions getPermissions() { if (allowControl.get().get() || allowAccess.get().get() || allowAll.get().get()) { PermissionsBuilder builder = new PermissionsBuilder() .addAll(permissions); if (allowControl.get().get()) { builder.add(CONTROL); } if (allowAccess.get().get()) { builder.add(ACCESS_LOGGER); builder.add(ACCESS_LOGGING); } if (allowAll.get().get()) { builder.addAll(allPermissions); } return builder.toPermissions(); } return permissions; }
Example #11
Source File: FileHandlerPath.java From jdk8u-jdk with GNU General Public License v2.0 | 6 votes |
public SimplePolicy(TestCase test, AtomicBoolean allowAll) { this.allowAll = allowAll; permissions = new Permissions(); permissions.add(new LoggingPermission("control", null)); // needed by new FileHandler() permissions.add(new FilePermission("<<ALL FILES>>", "read")); // needed by new FileHandler() permissions.add(new FilePermission(logFile, "write,delete")); // needed by new FileHandler() permissions.add(new FilePermission(logFile+".lck", "write,delete")); // needed by FileHandler.close() permissions.add(new FilePermission(logFile+".1", "write,delete")); // needed by new FileHandler() permissions.add(new FilePermission(logFile+".1.lck", "write,delete")); // needed by FileHandler.close() permissions.add(new FilePermission(tmpLogFile, "write,delete")); // needed by new FileHandler() permissions.add(new FilePermission(tmpLogFile+".lck", "write,delete")); // needed by FileHandler.close() permissions.add(new FilePermission(tmpLogFile+".1", "write,delete")); // needed by new FileHandler() permissions.add(new FilePermission(tmpLogFile+".1.lck", "write,delete")); // needed by FileHandler.close() permissions.add(new FilePermission(userDir, "write")); // needed by new FileHandler() permissions.add(new FilePermission(tmpDir, "write")); // needed by new FileHandler() permissions.add(new PropertyPermission("user.dir", "read")); permissions.add(new PropertyPermission("java.io.tmpdir", "read")); allPermissions = new Permissions(); allPermissions.add(new java.security.AllPermission()); }
Example #12
Source File: SocketPermissionTest.java From hottub with GNU General Public License v2.0 | 5 votes |
private static AccessControlContext getAccessControlContext(Permission... ps) { Permissions perms = new Permissions(); for (Permission p : ps) { perms.add(p); } /* *Create an AccessControlContext that consist a single protection domain * with only the permissions calculated above */ ProtectionDomain pd = new ProtectionDomain(null, perms); return new AccessControlContext(new ProtectionDomain[]{pd}); }
Example #13
Source File: ContextInsulation.java From openjdk-8-source with GNU General Public License v2.0 | 5 votes |
public static void main(String[] args) throws Exception { /* * If we delay setting the security manager until after the service * configuration file has been installed, then this test still * functions properly, but the -Djava.security.debug output is * lacking, so to ease debugging, we'll set it early-- at the cost * of having to specify the policy even when running standalone. */ TestLibrary.suggestSecurityManager(null); ServiceConfiguration.installServiceConfigurationFile(); /* * Execute use of RMIClassLoader within an AccessControlContext * that has a protection domain with no permissions, to make sure * that RMIClassLoader can still properly initialize itself. */ CodeSource codesource = new CodeSource(null, (Certificate[]) null); Permissions perms = null; ProtectionDomain pd = new ProtectionDomain(codesource, perms); AccessControlContext acc = new AccessControlContext(new ProtectionDomain[] { pd }); java.security.AccessController.doPrivileged( new java.security.PrivilegedExceptionAction() { public Object run() throws Exception { TestProvider.exerciseTestProvider( TestProvider2.loadClassReturn, TestProvider2.loadProxyClassReturn, TestProvider2.getClassLoaderReturn, TestProvider2.getClassAnnotationReturn, TestProvider2.invocations); return null; } }, acc); }
Example #14
Source File: JavaAdapterFactory.java From jdk8u_nashorn with GNU General Public License v2.0 | 5 votes |
private static ProtectionDomain createMinimalPermissionDomain() { // Generated classes need to have at least the permission to access Nashorn runtime and runtime.linker packages. final Permissions permissions = new Permissions(); permissions.add(new RuntimePermission("accessClassInPackage.jdk.nashorn.internal.objects")); permissions.add(new RuntimePermission("accessClassInPackage.jdk.nashorn.internal.runtime")); permissions.add(new RuntimePermission("accessClassInPackage.jdk.nashorn.internal.runtime.linker")); return new ProtectionDomain(new CodeSource(null, (CodeSigner[])null), permissions); }
Example #15
Source File: RMIConnectionImpl.java From hottub with GNU General Public License v2.0 | 5 votes |
private static AccessControlContext withPermissions(Permission ... perms){ Permissions col = new Permissions(); for (Permission thePerm : perms ) { col.add(thePerm); } final ProtectionDomain pd = new ProtectionDomain(null, col); return new AccessControlContext( new ProtectionDomain[] { pd }); }
Example #16
Source File: TestSetResourceBundle.java From jdk8u60 with GNU General Public License v2.0 | 5 votes |
public SimplePolicy(TestCase test) { permissions = new Permissions(); if (test != TestCase.PERMISSION) { permissions.add(new LoggingPermission("control", null)); } // required for calling Locale.setDefault in the test. permissions.add(new PropertyPermission("user.language", "write")); }
Example #17
Source File: JavaAdapterFactory.java From openjdk-jdk8u with GNU General Public License v2.0 | 5 votes |
private static ProtectionDomain createMinimalPermissionDomain() { // Generated classes need to have at least the permission to access Nashorn runtime and runtime.linker packages. final Permissions permissions = new Permissions(); permissions.add(new RuntimePermission("accessClassInPackage.jdk.nashorn.internal.objects")); permissions.add(new RuntimePermission("accessClassInPackage.jdk.nashorn.internal.runtime")); permissions.add(new RuntimePermission("accessClassInPackage.jdk.nashorn.internal.runtime.linker")); return new ProtectionDomain(new CodeSource(null, (CodeSigner[])null), permissions); }
Example #18
Source File: LogManagerAppContextDeadlock.java From jdk8u-dev-jdk with GNU General Public License v2.0 | 5 votes |
public SimplePolicy(TestCase test, ThreadLocal<AtomicBoolean> allowAll) { this.allowAll = allowAll; // we don't actually need any permission to create our // FileHandlers because we're passing invalid parameters // which will make the creation fail... permissions = new Permissions(); permissions.add(new RuntimePermission("accessClassInPackage.sun.misc")); // these are used for configuring the test itself... allPermissions = new Permissions(); allPermissions.add(new java.security.AllPermission()); }
Example #19
Source File: ForkJoinPool.java From Bytecoder with Apache License 2.0 | 5 votes |
static AccessControlContext contextWithPermissions(Permission ... perms) { Permissions permissions = new Permissions(); for (Permission perm : perms) permissions.add(perm); return new AccessControlContext( new ProtectionDomain[] { new ProtectionDomain(null, permissions) }); }
Example #20
Source File: SecurityTest.java From groovy with Apache License 2.0 | 5 votes |
public void setUp() { forbidden = new Permissions(); forbidden.add(new ReflectPermission("suppressAccessChecks")); restrictiveSecurityManager = new SecurityManager() { @Override public void checkPermission(Permission perm) { if (forbidden.implies(perm)) throw new AccessControlException(perm.getName()); } }; }
Example #21
Source File: NashornLoader.java From openjdk-jdk8u with GNU General Public License v2.0 | 5 votes |
@Override protected PermissionCollection getPermissions(final CodeSource codesource) { final Permissions permCollection = new Permissions(); for (final Permission perm : SCRIPT_PERMISSIONS) { permCollection.add(perm); } return permCollection; }
Example #22
Source File: ClassAndLoader.java From openjdk-8 with GNU General Public License v2.0 | 5 votes |
static AccessControlContext createPermAccCtxt(final String... permNames) { final Permissions perms = new Permissions(); for (final String permName : permNames) { perms.add(new RuntimePermission(permName)); } return new AccessControlContext(new ProtectionDomain[] { new ProtectionDomain(null, perms) }); }
Example #23
Source File: NashornLoader.java From openjdk-8-source with GNU General Public License v2.0 | 5 votes |
@Override protected PermissionCollection getPermissions(CodeSource codesource) { final Permissions permCollection = new Permissions(); for (final Permission perm : SCRIPT_PERMISSIONS) { permCollection.add(perm); } return permCollection; }
Example #24
Source File: DefaultLoggerTest.java From openjdk-jdk9 with GNU General Public License v2.0 | 5 votes |
public SimplePolicy(ThreadLocal<AtomicBoolean> allowControl, ThreadLocal<AtomicBoolean> allowAll) { this.allowControl = allowControl; this.allowAll = allowAll; permissions = new Permissions(); // these are used for configuring the test itself... controlPermissions = new Permissions(); controlPermissions.add(LOGGERFINDER_PERMISSION); allPermissions = new Permissions(); allPermissions.add(new java.security.AllPermission()); }
Example #25
Source File: LogManagerAppContextDeadlock.java From jdk8u60 with GNU General Public License v2.0 | 5 votes |
public SimplePolicy(TestCase test, ThreadLocal<AtomicBoolean> allowAll) { this.allowAll = allowAll; // we don't actually need any permission to create our // FileHandlers because we're passing invalid parameters // which will make the creation fail... permissions = new Permissions(); permissions.add(new RuntimePermission("accessClassInPackage.sun.misc")); // these are used for configuring the test itself... allPermissions = new Permissions(); allPermissions.add(new java.security.AllPermission()); }
Example #26
Source File: TestSetResourceBundle.java From jdk8u_jdk with GNU General Public License v2.0 | 5 votes |
public SimplePolicy(TestCase test) { permissions = new Permissions(); if (test != TestCase.PERMISSION) { permissions.add(new LoggingPermission("control", null)); } // required for calling Locale.setDefault in the test. permissions.add(new PropertyPermission("user.language", "write")); }
Example #27
Source File: AbstractSecurityTest.java From ignite with Apache License 2.0 | 5 votes |
/** */ protected IgniteEx startGrid(String login, SecurityPermissionSet prmSet, Permissions sandboxPerms, boolean isClient) throws Exception { return startGrid(getConfiguration(login, new TestSecurityPluginProvider(login, "", prmSet, sandboxPerms, globalAuth)) .setClientMode(isClient)); }
Example #28
Source File: ContextInsulation.java From openjdk-jdk9 with GNU General Public License v2.0 | 5 votes |
public static void main(String[] args) throws Exception { /* * If we delay setting the security manager until after the service * configuration file has been installed, then this test still * functions properly, but the -Djava.security.debug output is * lacking, so to ease debugging, we'll set it early-- at the cost * of having to specify the policy even when running standalone. */ TestLibrary.suggestSecurityManager(null); ServiceConfiguration.installServiceConfigurationFile(); /* * Execute use of RMIClassLoader within an AccessControlContext * that has a protection domain with no permissions, to make sure * that RMIClassLoader can still properly initialize itself. */ CodeSource codesource = new CodeSource(null, (Certificate[]) null); Permissions perms = null; ProtectionDomain pd = new ProtectionDomain(codesource, perms); AccessControlContext acc = new AccessControlContext(new ProtectionDomain[] { pd }); java.security.AccessController.doPrivileged( new java.security.PrivilegedExceptionAction() { public Object run() throws Exception { TestProvider.exerciseTestProvider( TestProvider2.loadClassReturn, TestProvider2.loadProxyClassReturn, TestProvider2.getClassLoaderReturn, TestProvider2.getClassAnnotationReturn, TestProvider2.invocations); return null; } }, acc); }
Example #29
Source File: LoggerBridgeTest.java From openjdk-jdk9 with GNU General Public License v2.0 | 5 votes |
public SimplePolicy(ThreadLocal<AtomicBoolean> allowControl, ThreadLocal<AtomicBoolean> allowAccess, ThreadLocal<AtomicBoolean> allowAll) { this.allowControl = allowControl; this.allowAccess = allowAccess; this.allowAll = allowAll; permissions = new Permissions(); allPermissions = new PermissionsBuilder() .add(new java.security.AllPermission()) .toPermissions(); }
Example #30
Source File: FileHandlerPatternExceptions.java From openjdk-jdk9 with GNU General Public License v2.0 | 5 votes |
public SimplePolicy(TestCase test, AtomicBoolean allowAll) { this.allowAll = allowAll; // we don't actually need any permission to create our // FileHandlers because we're passing invalid parameters // which will make the creation fail... permissions = new Permissions(); // these are used for configuring the test itself... allPermissions = new Permissions(); allPermissions.add(new java.security.AllPermission()); }