You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@river.apache.org by pe...@apache.org on 2012/02/19 05:51:25 UTC
svn commit: r1290948 [2/4] - in /river/jtsk/merge: ./ asm/ qa/
qa/harness/policy/ qa/harness/trust/ qa/jtreg/certs/ qa/jtreg/certs/keys/
qa/jtreg/net/jini/jeri/ssl/UnitTests/
qa/jtreg/net/jini/jeri/tcp/localHostExposure/
qa/jtreg/net/jini/jeri/transpor...
Modified: river/jtsk/merge/qa/jtreg/net/jini/jeri/ssl/UnitTests/TestRMI.java
URL: http://svn.apache.org/viewvc/river/jtsk/merge/qa/jtreg/net/jini/jeri/ssl/UnitTests/TestRMI.java?rev=1290948&r1=1290947&r2=1290948&view=diff
==============================================================================
--- river/jtsk/merge/qa/jtreg/net/jini/jeri/ssl/UnitTests/TestRMI.java (original)
+++ river/jtsk/merge/qa/jtreg/net/jini/jeri/ssl/UnitTests/TestRMI.java Sun Feb 19 04:51:20 2012
@@ -306,39 +306,55 @@ public class TestRMI extends TestUtiliti
/** Test timing out client and server SSL sessions. */
public static class TestTimeout extends BasicTest {
+ static final String serverPropName = "com.sun.jini.jeri.ssl.maxServerSessionDuration";
+ static final String clientPropName = "com.sun.jini.jeri.ssl.maxClientSessionDuration";
+ static final String max = Long.toString(Long.MAX_VALUE);
/* Time needed to complete an initial call successfully */
static final long CALLTIME = 10 * 1000;
+ static final String calltime = Long.toString(CALLTIME);
static Test[] localtests = {
new TestTimeout("client timeout", 2 * CALLTIME) {
public Object run() throws IOException {
- long old = setMaxClientSessionDuration(CALLTIME);
+ String old = System.setProperty(clientPropName, calltime);
try {
return super.run();
} finally {
- setMaxClientSessionDuration(old);
+ if ( old != null ){
+ System.setProperty(clientPropName, old );
+ }else{
+ System.clearProperty(clientPropName);
+ }
}
}
},
new TestTimeout("client timeout wraparound", CALLTIME) {
public Object run() throws IOException {
- long old = setMaxClientSessionDuration(Long.MAX_VALUE);
+ String old = System.setProperty(clientPropName, max);
try {
return super.run();
} finally {
- setMaxClientSessionDuration(old);
+ if ( old != null ){
+ System.setProperty(clientPropName, old );
+ }else{
+ System.clearProperty(clientPropName);
+ }
}
}
},
new TestTimeout("server timeout", 2 * CALLTIME) {
public Object run() throws IOException {
- long old = setMaxServerSessionDuration(CALLTIME);
+ String old = System.setProperty(serverPropName, calltime);
try {
return super.run();
} catch (IOException e) {
return e;
} finally {
- setMaxServerSessionDuration(old);
+ if ( old != null ){
+ System.setProperty(serverPropName, old );
+ }else{
+ System.clearProperty(serverPropName);
+ }
}
}
public void check(Object result) {
@@ -350,20 +366,24 @@ public class TestRMI extends TestUtiliti
},
new TestTimeout("server timeout wraparound", CALLTIME) {
public Object run() throws IOException {
- long old = setMaxServerSessionDuration(Long.MAX_VALUE);
+ String old = System.setProperty(serverPropName, max);
try {
return super.run();
} finally {
- setMaxServerSessionDuration(old);
+ if ( old != null ){
+ System.setProperty(serverPropName, old );
+ }else{
+ System.clearProperty(serverPropName);
+ }
}
}
}
};
- Subject clientSubject = getClientSubject();
+ final Subject clientSubject = getClientSubject();
- long timeout;
- int calls;
+ final long timeout;
+ volatile int calls; //Ok cause only one thread increments.
IOException ioException;
boolean done;
@@ -374,6 +394,9 @@ public class TestRMI extends TestUtiliti
TestTimeout(String name, long timeout) {
super(name);
this.timeout = timeout;
+ calls = 0;
+ ioException = null;
+ done = false;
}
Subject getClientSubject() {
@@ -415,14 +438,14 @@ public class TestRMI extends TestUtiliti
} catch (InterruptedException e) {
}
} while (!done && System.currentTimeMillis() < stop);
- }
- if (calls == 0) {
- throw new FailedException("No calls made");
- } else if (ioException != null) {
- throw ioException;
- } else {
- return null;
- }
+ if (calls == 0) {
+ throw new FailedException("No calls made");
+ } else if (ioException != null) {
+ throw ioException;
+ } else {
+ return null;
+ }
+ }
}
void runInThread() {
@@ -457,7 +480,9 @@ public class TestRMI extends TestUtiliti
}
server.unexport();
} catch (IOException e) {
- ioException = e;
+ synchronized (this){
+ ioException = e;
+ }
} finally {
synchronized (TestTimeout.this) {
done = true;
@@ -475,7 +500,11 @@ public class TestRMI extends TestUtiliti
/** Test with expired certificates. */
public static class TestExpired extends BasicTest {
- static Test[] localtests = { new TestExpired() };
+ static final String serverPropName = "com.sun.jini.jeri.ssl.maxServerSessionDuration";
+ static final String clientPropName = "com.sun.jini.jeri.ssl.maxClientSessionDuration";
+ static final String clientMax = Long.toString(23*60*60*1000);
+ static final String serverMax = Long.toString(24*60*60*1000);
+ static Test[] localtests = { new TestExpired()};
Subject clientSubject = new WithSubject() { {
addX500Principal("clientDSA2", subject);
@@ -504,9 +533,9 @@ public class TestRMI extends TestUtiliti
});
} catch (PrivilegedActionException e) {
throw (IOException) e.getException();
- }
- }
-
+ }
+ }
+
public void check(Object result) { }
Object runInternal() throws IOException {
Modified: river/jtsk/merge/qa/jtreg/net/jini/jeri/ssl/UnitTests/TestUtilities.java
URL: http://svn.apache.org/viewvc/river/jtsk/merge/qa/jtreg/net/jini/jeri/ssl/UnitTests/TestUtilities.java?rev=1290948&r1=1290947&r2=1290948&view=diff
==============================================================================
--- river/jtsk/merge/qa/jtreg/net/jini/jeri/ssl/UnitTests/TestUtilities.java (original)
+++ river/jtsk/merge/qa/jtreg/net/jini/jeri/ssl/UnitTests/TestUtilities.java Sun Feb 19 04:51:20 2012
@@ -76,8 +76,8 @@ public class TestUtilities extends UnitT
/* Reflection */
/** The name of the package containing the classes */
- static String PACKAGE = "net.jini.jeri.ssl";
-
+ static final String PACKAGE = "net.jini.jeri.ssl";
+
static final LazyMethod impliesConstraintConstraint = new LazyMethod(
"Utilities", "implies",
new Class[] { InvocationConstraint.class, InvocationConstraint.class });
@@ -179,11 +179,11 @@ public class TestUtilities extends UnitT
/* Credentials */
- private static KeyStore keyStore;
+ private static volatile KeyStore keyStore;
- private static CertificateFactory certFactory;
+ private static volatile CertificateFactory certFactory;
- static char[] keyStorePassword = "keypass".toCharArray();
+ static final char[] keyStorePassword = "keypass".toCharArray();
static final String clientDSA = "CN=clientDSA";
static final String clientRSA1 = "CN=clientRSA1, C=US";
@@ -402,10 +402,10 @@ public class TestUtilities extends UnitT
/** Like Method, but resolves method when first invoked */
static class LazyMethod {
- private String className;
- private String methodName;
- private Class[] argumentTypes;
- private Method method;
+ private final String className;
+ private final String methodName;
+ private final Class[] argumentTypes;
+ private volatile Method method;
LazyMethod(String className,
String methodName,
@@ -430,7 +430,10 @@ public class TestUtilities extends UnitT
*/
Object invoke(Object object, Object[] arguments) {
try {
- return getMethod().invoke(object, arguments);
+ Method m = getMethod();
+ synchronized (m){
+ return m.invoke(object, arguments);
+ }
} catch (InvocationTargetException e) {
throw unexpectedException(e.getTargetException());
} catch (Exception e) {
@@ -446,7 +449,10 @@ public class TestUtilities extends UnitT
throws InvocationTargetException
{
try {
- return getMethod().invoke(object, arguments);
+ Method m = getMethod();
+ synchronized (m){
+ return m.invoke(object, arguments);
+ }
} catch (InvocationTargetException e) {
throw e;
} catch (Exception e) {
@@ -457,13 +463,17 @@ public class TestUtilities extends UnitT
/** Returns the requested provider method */
private Method getMethod() {
if (method == null) {
- try {
- Class type = TestUtilities.getClass(className);
- method = type.getDeclaredMethod(methodName, argumentTypes);
- method.setAccessible(true);
- } catch (NoSuchMethodException e) {
- throw unexpectedException(e);
- }
+ synchronized (this){
+ if (method == null){
+ try {
+ Class type = TestUtilities.getClass(className);
+ method = type.getDeclaredMethod(methodName, argumentTypes);
+ method.setAccessible(true);
+ } catch (NoSuchMethodException e) {
+ throw unexpectedException(e);
+ }
+ }
+ }
}
return method;
}
@@ -471,9 +481,9 @@ public class TestUtilities extends UnitT
/** Like Constructor, but resolves constructor when first used */
static class LazyConstructor {
- private String className;
- private Class[] argumentTypes;
- private Constructor constructor;
+ private final String className;
+ private final Class[] argumentTypes;
+ private volatile Constructor constructor;
LazyConstructor(String className, Class[] argumentTypes) {
this.className = className;
@@ -513,13 +523,17 @@ public class TestUtilities extends UnitT
/** Returns the requested provider constructor */
private Constructor getConstructor() {
if (constructor == null) {
- try {
- Class type = TestUtilities.getClass(className);
- constructor = type.getDeclaredConstructor(argumentTypes);
- constructor.setAccessible(true);
- } catch (NoSuchMethodException e) {
- throw unexpectedException(e);
- }
+ synchronized (this){
+ if (constructor == null){
+ try {
+ Class type = TestUtilities.getClass(className);
+ constructor = type.getDeclaredConstructor(argumentTypes);
+ constructor.setAccessible(true);
+ } catch (NoSuchMethodException e) {
+ throw unexpectedException(e);
+ }
+ }
+ }
}
return constructor;
}
@@ -527,10 +541,10 @@ public class TestUtilities extends UnitT
/** Like Field, but resolves field when first used */
static class LazyField {
- private String packageName;
- private String className;
- private String fieldName;
- private Field field;
+ private final String packageName;
+ private final String className;
+ private final String fieldName;
+ private volatile Field field;
LazyField(String className, String fieldName) {
this(PACKAGE, className, fieldName);
@@ -559,15 +573,19 @@ public class TestUtilities extends UnitT
/** Returns the requested provider field */
private Field getField() {
if (field == null) {
- try {
- Class type =
- TestUtilities.getClass(packageName, className);
- field = type.getDeclaredField(fieldName);
- field.setAccessible(true);
- } catch (NoSuchFieldException e) {
- throw unexpectedException(e);
- }
- }
+ synchronized (this) {
+ if (field == null){
+ try {
+ Class type =
+ TestUtilities.getClass(packageName, className);
+ field = type.getDeclaredField(fieldName);
+ field.setAccessible(true);
+ } catch (NoSuchFieldException e) {
+ throw unexpectedException(e);
+ }
+ }
+ }
+ }
return field;
}
@@ -579,7 +597,10 @@ public class TestUtilities extends UnitT
/** Sets a field */
void set(Object object, Object value) {
try {
- getField().set(object, value);
+ Field f = getField();
+ synchronized (f){
+ f.set(object, value);
+ }
} catch (Exception e) {
throw unexpectedException(e);
}
@@ -660,8 +681,12 @@ public class TestUtilities extends UnitT
/* -- Credentials -- */
static class TestPrincipal implements Principal {
- String name;
- TestPrincipal(String name) { this.name = name; }
+ private final String name;
+
+ TestPrincipal(String name) {
+ this.name = name;
+ }
+
public String getName() { return name; }
public String toString() { return "TestPrincipal{" + name + "}"; }
public int hashCode() { return name.hashCode(); }
Modified: river/jtsk/merge/qa/jtreg/net/jini/jeri/ssl/UnitTests/keystore
URL: http://svn.apache.org/viewvc/river/jtsk/merge/qa/jtreg/net/jini/jeri/ssl/UnitTests/keystore?rev=1290948&r1=1290947&r2=1290948&view=diff
==============================================================================
Binary files - no diff available.
Modified: river/jtsk/merge/qa/jtreg/net/jini/jeri/ssl/UnitTests/keystore.sh
URL: http://svn.apache.org/viewvc/river/jtsk/merge/qa/jtreg/net/jini/jeri/ssl/UnitTests/keystore.sh?rev=1290948&r1=1290947&r2=1290948&view=diff
==============================================================================
--- river/jtsk/merge/qa/jtreg/net/jini/jeri/ssl/UnitTests/keystore.sh (original)
+++ river/jtsk/merge/qa/jtreg/net/jini/jeri/ssl/UnitTests/keystore.sh Sun Feb 19 04:51:20 2012
@@ -19,6 +19,11 @@
#
# Create the keystore and truststore files
# Usage: keystore.sh
+#
+# You must first compile CA.java in the qa/jtreg/certs directory by calling
+# make compile, in that directory. When you've finished, run this script,
+# to generate new certificates.
+# This task needs to be performed once every ten years when certificates expire.
if [ "${TESTJAVA}" ]; then
JAVABIN=${TESTJAVA}/bin/;
@@ -34,6 +39,7 @@ TRUSTSTORE=${TESTSRC}/truststore
KEYTOOL=${JAVABIN}keytool
+KEYSTORECMDEXP="${KEYTOOL} -keystore ${KEYSTORE} -storepass keypass -keypass keypass -validity 1"
KEYSTORECMD="${KEYTOOL} -keystore ${KEYSTORE} -storepass keypass -keypass keypass -validity 3650"
TRUSTSTORECMD="${KEYTOOL} -keystore ${TRUSTSTORE} -storepass keypass -keypass keypass -validity 3650"
@@ -60,21 +66,34 @@ ${KEYSTORECMD} -genkey -alias notTrusted
${KEYSTORECMD} -genkey -alias clientDSA2 -dname CN=clientDSA2 -keyalg DSA
${KEYSTORECMD} -certreq -alias clientDSA2 -file clientDSA2.request
-${KEYSTORECMD} -keyclone -alias clientDSA2 -dest clientDSA2expired -new keypass
-${KEYSTORECMD} -selfcert -alias clientDSA2expired
+${KEYSTORECMDEXP} -genkey -alias clientDSA2expired -dname CN=clientDSA2 -keyalg DSA
+${KEYSTORECMDEXP} -certreq -alias clientDSA2expired -file clientDSA2expired.request
${KEYSTORECMD} -genkey -alias serverRSA2 -dname CN=serverRSA2 -keyalg RSA
${KEYSTORECMD} -certreq -alias serverRSA2 -file serverRSA2.request
-${KEYSTORECMD} -keyclone -alias serverRSA2 -dest serverRSA2expired -new keypass
-${KEYSTORECMD} -selfcert -alias serverRSA2expired
+${KEYSTORECMDEXP} -genkey -alias serverRSA2expired -dname CN=serverRSA2 -keyalg RSA
+${KEYSTORECMDEXP} -certreq -alias serverRSA2expired -file serverRSA2expired.request
set +x
+echo Sign clientDSA2.req, serverRSA2.req, clientDSA2expired.req and serverRSA2expired.req,\
+ then import them:
+echo expired certificates need one day to expire before testing.
-echo Sign clientDSA2.req and serverRSA2.req and then import them:
-echo ${TRUSTSTORECMD} -import -noprompt -alias ca -file ca.cert
-echo ${KEYSTORECMD} -import -noprompt -alias ca -file ca.cert
-echo ${KEYSTORECMD} -import -noprompt -alias clientDSA2 -file clientDSA2.cert
-echo ${KEYSTORECMD} -import -noprompt -alias clientDSA2expired -file clientDSA2expired.cert
-echo ${KEYSTORECMD} -import -noprompt -alias serverRSA2 -file serverRSA2.cert
-echo ${KEYSTORECMD} -import -noprompt -alias serverRSA2expired -file serverRSA2expired.cert
+set -x
+
+../../../../../certs/run-ca.sh -CA ./ca.properties
+../../../../../certs/run-ca.sh -CA ./ca1.properties
+../../../../../certs/run-ca.sh -CR ./ca.properties
+../../../../../certs/run-ca.sh -CR ./ca1.properties
+../../../../../certs/run-ca.sh -CR ./serverRSA2expired.properties
+../../../../../certs/run-ca.sh -CR ./clientDSA2expired.properties
+
+${TRUSTSTORECMD} -import -noprompt -alias ca -file ca.cert
+${TRUSTSTORECMD} -import -noprompt -alias ca1 -file ca1.cert
+${KEYSTORECMD} -import -noprompt -alias ca -file ca.cert
+${KEYSTORECMD} -import -noprompt -alias ca1 -file ca1.cert
+${KEYSTORECMD} -import -noprompt -alias clientDSA2 -file clientDSA2.chain
+${KEYSTORECMDEXP} -import -noprompt -alias clientDSA2expired -file clientDSA2expired.chain
+${KEYSTORECMD} -import -noprompt -alias serverRSA2 -file serverRSA2.chain
+${KEYSTORECMDEXP} -import -noprompt -alias serverRSA2expired -file serverRSA2expired.chain
Modified: river/jtsk/merge/qa/jtreg/net/jini/jeri/ssl/UnitTests/policy
URL: http://svn.apache.org/viewvc/river/jtsk/merge/qa/jtreg/net/jini/jeri/ssl/UnitTests/policy?rev=1290948&r1=1290947&r2=1290948&view=diff
==============================================================================
--- river/jtsk/merge/qa/jtreg/net/jini/jeri/ssl/UnitTests/policy (original)
+++ river/jtsk/merge/qa/jtreg/net/jini/jeri/ssl/UnitTests/policy Sun Feb 19 04:51:20 2012
@@ -48,6 +48,10 @@ grant {
permission net.jini.security.AuthenticationPermission
"TestUtilities$TestPrincipal \"*\"", "connect,accept";
+// permission net.jini.security.AuthenticationPermission
+// "javax.security.auth.x500.X500Principal \"CN=clientDSA2expired\" peer javax.security.auth.x500.X500Principal \"CN=serverRSA2\"",
+// "connect";
+
permission java.security.SecurityPermission "insertProvider.*";
permission java.security.SecurityPermission "putProviderProperty.*";
permission java.security.SecurityPermission "getPolicy";
Modified: river/jtsk/merge/qa/jtreg/net/jini/jeri/ssl/UnitTests/truststore
URL: http://svn.apache.org/viewvc/river/jtsk/merge/qa/jtreg/net/jini/jeri/ssl/UnitTests/truststore?rev=1290948&r1=1290947&r2=1290948&view=diff
==============================================================================
Binary files - no diff available.
Modified: river/jtsk/merge/qa/jtreg/net/jini/jeri/tcp/localHostExposure/TestNameService.java
URL: http://svn.apache.org/viewvc/river/jtsk/merge/qa/jtreg/net/jini/jeri/tcp/localHostExposure/TestNameService.java?rev=1290948&r1=1290947&r2=1290948&view=diff
==============================================================================
--- river/jtsk/merge/qa/jtreg/net/jini/jeri/tcp/localHostExposure/TestNameService.java (original)
+++ river/jtsk/merge/qa/jtreg/net/jini/jeri/tcp/localHostExposure/TestNameService.java Sun Feb 19 04:51:20 2012
@@ -15,6 +15,7 @@
* See the License for the specific language governing permissions and
* limitations under the License.
*/
+import java.net.InetAddress;
import java.net.UnknownHostException;
import sun.net.spi.nameservice.NameService;
@@ -28,8 +29,19 @@ public class TestNameService implements
return lastNameLookup;
}
}
+
+ /* Java 6 version */
+ public InetAddress [] lookupAllHostAddr(String host) throws UnknownHostException{
+ byte [][] allHostAdd = lookAllHostAddr(host);
+ int l = allHostAdd.length;
+ InetAddress [] result = new InetAddress[l];
+ for (int i = 0; i<l; i++){
+ result[i] = InetAddress.getByAddress(allHostAdd[i]);
+ }
+ return result;
+ }
- public byte[][] lookupAllHostAddr(String host)
+ private byte[][] lookAllHostAddr(String host)
throws UnknownHostException
{
// System.err.println("FORWARD: " + host);
Modified: river/jtsk/merge/qa/jtreg/net/jini/jeri/transport/multihomed/TestNameService.java
URL: http://svn.apache.org/viewvc/river/jtsk/merge/qa/jtreg/net/jini/jeri/transport/multihomed/TestNameService.java?rev=1290948&r1=1290947&r2=1290948&view=diff
==============================================================================
--- river/jtsk/merge/qa/jtreg/net/jini/jeri/transport/multihomed/TestNameService.java (original)
+++ river/jtsk/merge/qa/jtreg/net/jini/jeri/transport/multihomed/TestNameService.java Sun Feb 19 04:51:20 2012
@@ -58,8 +58,20 @@ public class TestNameService implements
// do nothing
}
}
+
+ /* Java 6 version */
+ public InetAddress [] lookupAllHostAddr(String host) throws UnknownHostException{
+ byte [][] allHostAdd = lookAllHostAddr(host);
+ int l = allHostAdd.length;
+ InetAddress [] result = new InetAddress[l];
+ for (int i = 0; i<l; i++){
+ result[i] = InetAddress.getByAddress(allHostAdd[i]);
+ }
+ return result;
+ }
- public byte[][] lookupAllHostAddr(String host)
+ /* Java 5 version of provider, renamed and privatised */
+ private byte[][] lookAllHostAddr(String host)
throws UnknownHostException
{
// System.err.println("FORWARD: " + host);
Modified: river/jtsk/merge/qa/jtreg/net/jini/security/Security/implicitGrants/Test.java
URL: http://svn.apache.org/viewvc/river/jtsk/merge/qa/jtreg/net/jini/security/Security/implicitGrants/Test.java?rev=1290948&r1=1290947&r2=1290948&view=diff
==============================================================================
--- river/jtsk/merge/qa/jtreg/net/jini/security/Security/implicitGrants/Test.java (original)
+++ river/jtsk/merge/qa/jtreg/net/jini/security/Security/implicitGrants/Test.java Sun Feb 19 04:51:20 2012
@@ -49,6 +49,10 @@ public class Test {
TestLibrary.installClassInCodebase("Foo", "cb2")});
cl1 = Class.forName("Foo", true, ldr1);
cl2 = Class.forName("Foo", true, ldr2);
+ ProtectionDomain pd2 = cl2.getProtectionDomain();
+ if (policy.implies(pd2, pA)) throw new Error();
+ if (policy.implies(pd2, pB)) throw new Error();
+ if (policy.implies(pd2, pC)) throw new Error();
ClassLoader ldr3 = new URLClassLoader(new URL[]{
TestLibrary.installClassInCodebase("Setup", "cb3")});
@@ -62,13 +66,10 @@ public class Test {
{
throw new Error();
}
- ProtectionDomain pd2 = cl2.getProtectionDomain();
- if (policy.implies(pd2, pA) ||
- policy.implies(pd2, pB) ||
- policy.implies(pd2, pC))
- {
- throw new Error();
- }
+ //ProtectionDomain pd2 = cl2.getProtectionDomain();
+ if (policy.implies(pd2, pA)) throw new Error();
+ if (policy.implies(pd2, pB)) throw new Error();
+ if (policy.implies(pd2, pC)) throw new Error();
final Principal prX = new StringPrincipal("X"),
prY = new StringPrincipal("Y"),
Modified: river/jtsk/merge/qa/jtreg/net/jini/security/Security/implicitGrants/policy
URL: http://svn.apache.org/viewvc/river/jtsk/merge/qa/jtreg/net/jini/security/Security/implicitGrants/policy?rev=1290948&r1=1290947&r2=1290948&view=diff
==============================================================================
--- river/jtsk/merge/qa/jtreg/net/jini/security/Security/implicitGrants/policy (original)
+++ river/jtsk/merge/qa/jtreg/net/jini/security/Security/implicitGrants/policy Sun Feb 19 04:51:20 2012
@@ -25,10 +25,11 @@ grant {
permission java.lang.RuntimePermission "setSecurityManager";
permission java.security.SecurityPermission "getProperty.*";
permission java.security.SecurityPermission "setPolicy";
+ permission java.security.SecurityPermission "getPolicy";
permission java.util.PropertyPermission "*", "read";
permission javax.security.auth.AuthPermission "doAs";
};
-grant codeBase "file:.${/}cb3${/}" {
+grant codeBase "file:${scratch.dir}${/}cb3${/}*" {
permission java.security.AllPermission;
};
Modified: river/jtsk/merge/qa/jtreg/net/jini/security/policy/DynamicPolicyProvider/basePolicyNotFound/policy
URL: http://svn.apache.org/viewvc/river/jtsk/merge/qa/jtreg/net/jini/security/policy/DynamicPolicyProvider/basePolicyNotFound/policy?rev=1290948&r1=1290947&r2=1290948&view=diff
==============================================================================
--- river/jtsk/merge/qa/jtreg/net/jini/security/policy/DynamicPolicyProvider/basePolicyNotFound/policy (original)
+++ river/jtsk/merge/qa/jtreg/net/jini/security/policy/DynamicPolicyProvider/basePolicyNotFound/policy Sun Feb 19 04:51:20 2012
@@ -15,4 +15,5 @@ grant {
permission java.lang.RuntimePermission "setSecurityManager";
permission java.security.SecurityPermission "getProperty.*";
permission java.security.SecurityPermission "setProperty.*";
+ permission java.security.SecurityPermission "getPolicy";
};
Modified: river/jtsk/merge/qa/jtreg/net/jini/security/policy/DynamicPolicyProvider/domainCaching/policy
URL: http://svn.apache.org/viewvc/river/jtsk/merge/qa/jtreg/net/jini/security/policy/DynamicPolicyProvider/domainCaching/policy?rev=1290948&r1=1290947&r2=1290948&view=diff
==============================================================================
--- river/jtsk/merge/qa/jtreg/net/jini/security/policy/DynamicPolicyProvider/domainCaching/policy (original)
+++ river/jtsk/merge/qa/jtreg/net/jini/security/policy/DynamicPolicyProvider/domainCaching/policy Sun Feb 19 04:51:20 2012
@@ -14,6 +14,7 @@ grant {
permission java.lang.RuntimePermission "accessClassInPackage.*";
permission java.util.PropertyPermission "*", "read";
permission java.security.SecurityPermission "getProperty.*";
+ permission java.security.SecurityPermission "getPolicy";
permission java.io.FilePermission ".", "read,write,delete";
permission java.io.FilePermission ".${/}-", "read,write,delete";
permission java.io.FilePermission "${test.classes}", "read,write,delete";
Modified: river/jtsk/merge/qa/jtreg/net/jini/security/policy/DynamicPolicyProvider/dynamicBasePolicy/Test.java
URL: http://svn.apache.org/viewvc/river/jtsk/merge/qa/jtreg/net/jini/security/policy/DynamicPolicyProvider/dynamicBasePolicy/Test.java?rev=1290948&r1=1290947&r2=1290948&view=diff
==============================================================================
--- river/jtsk/merge/qa/jtreg/net/jini/security/policy/DynamicPolicyProvider/dynamicBasePolicy/Test.java (original)
+++ river/jtsk/merge/qa/jtreg/net/jini/security/policy/DynamicPolicyProvider/dynamicBasePolicy/Test.java Sun Feb 19 04:51:20 2012
@@ -50,9 +50,9 @@ public class Test {
}
p = new RuntimePermission("C");
+ if (policy1.implies(pd, p)) throw new Error();
policy2.grant(cl, null, new Permission[]{ p });
- if (policy1.implies(pd, p) || !policy2.implies(pd, p)) {
- throw new Error();
- }
+ if (policy1.implies(pd, p)) throw new Error();
+ if (!policy2.implies(pd, p)) throw new Error();
}
}
Modified: river/jtsk/merge/qa/jtreg/net/jini/security/policy/DynamicPolicyProvider/dynamicBasePolicy/policy
URL: http://svn.apache.org/viewvc/river/jtsk/merge/qa/jtreg/net/jini/security/policy/DynamicPolicyProvider/dynamicBasePolicy/policy?rev=1290948&r1=1290947&r2=1290948&view=diff
==============================================================================
--- river/jtsk/merge/qa/jtreg/net/jini/security/policy/DynamicPolicyProvider/dynamicBasePolicy/policy (original)
+++ river/jtsk/merge/qa/jtreg/net/jini/security/policy/DynamicPolicyProvider/dynamicBasePolicy/policy Sun Feb 19 04:51:20 2012
@@ -16,4 +16,5 @@ grant {
permission java.lang.RuntimePermission "accessClassInPackage.*";
permission java.lang.RuntimePermission "getProtectionDomain";
permission java.security.SecurityPermission "getProperty.*";
+ permission java.security.SecurityPermission "getPolicy";
};
Modified: river/jtsk/merge/qa/jtreg/net/jini/security/policy/DynamicPolicyProvider/nullCases/policy
URL: http://svn.apache.org/viewvc/river/jtsk/merge/qa/jtreg/net/jini/security/policy/DynamicPolicyProvider/nullCases/policy?rev=1290948&r1=1290947&r2=1290948&view=diff
==============================================================================
--- river/jtsk/merge/qa/jtreg/net/jini/security/policy/DynamicPolicyProvider/nullCases/policy (original)
+++ river/jtsk/merge/qa/jtreg/net/jini/security/policy/DynamicPolicyProvider/nullCases/policy Sun Feb 19 04:51:20 2012
@@ -13,4 +13,5 @@ grant {
permission java.lang.RuntimePermission "accessClassInPackage.*";
permission java.lang.RuntimePermission "setSecurityManager";
permission java.security.SecurityPermission "getProperty.*";
+ permission java.security.SecurityPermission "getPolicy";
};
Modified: river/jtsk/merge/qa/jtreg/net/jini/security/policy/DynamicPolicyProvider/principalGrants/policy
URL: http://svn.apache.org/viewvc/river/jtsk/merge/qa/jtreg/net/jini/security/policy/DynamicPolicyProvider/principalGrants/policy?rev=1290948&r1=1290947&r2=1290948&view=diff
==============================================================================
--- river/jtsk/merge/qa/jtreg/net/jini/security/policy/DynamicPolicyProvider/principalGrants/policy (original)
+++ river/jtsk/merge/qa/jtreg/net/jini/security/policy/DynamicPolicyProvider/principalGrants/policy Sun Feb 19 04:51:20 2012
@@ -23,4 +23,5 @@ grant {
permission java.lang.RuntimePermission "setSecurityManager";
permission java.util.PropertyPermission "*", "read";
permission java.security.SecurityPermission "getProperty.*";
+ permission java.security.SecurityPermission "getPolicy";
};
Modified: river/jtsk/merge/qa/jtreg/net/jini/security/policy/DynamicPolicyProvider/selfGrants/policy.0
URL: http://svn.apache.org/viewvc/river/jtsk/merge/qa/jtreg/net/jini/security/policy/DynamicPolicyProvider/selfGrants/policy.0?rev=1290948&r1=1290947&r2=1290948&view=diff
==============================================================================
--- river/jtsk/merge/qa/jtreg/net/jini/security/policy/DynamicPolicyProvider/selfGrants/policy.0 (original)
+++ river/jtsk/merge/qa/jtreg/net/jini/security/policy/DynamicPolicyProvider/selfGrants/policy.0 Sun Feb 19 04:51:20 2012
@@ -20,4 +20,5 @@ grant {
permission java.util.PropertyPermission "test.src", "read";
permission java.security.SecurityPermission "getProperty.*";
permission java.security.SecurityPermission "setPolicy";
+ permission java.security.SecurityPermission "getPolicy";
};
Modified: river/jtsk/merge/qa/jtreg/net/jini/security/policy/PolicyFileProvider/basePolicyNotFound/policy
URL: http://svn.apache.org/viewvc/river/jtsk/merge/qa/jtreg/net/jini/security/policy/PolicyFileProvider/basePolicyNotFound/policy?rev=1290948&r1=1290947&r2=1290948&view=diff
==============================================================================
--- river/jtsk/merge/qa/jtreg/net/jini/security/policy/PolicyFileProvider/basePolicyNotFound/policy (original)
+++ river/jtsk/merge/qa/jtreg/net/jini/security/policy/PolicyFileProvider/basePolicyNotFound/policy Sun Feb 19 04:51:20 2012
@@ -15,4 +15,5 @@ grant {
permission java.lang.RuntimePermission "setSecurityManager";
permission java.security.SecurityPermission "getProperty.*";
permission java.security.SecurityPermission "setProperty.*";
+ permission java.security.SecurityPermission "getPolicy";
};
Modified: river/jtsk/merge/qa/jtreg/net/jini/security/policy/PolicyFileProvider/basicGrants/policy.0
URL: http://svn.apache.org/viewvc/river/jtsk/merge/qa/jtreg/net/jini/security/policy/PolicyFileProvider/basicGrants/policy.0?rev=1290948&r1=1290947&r2=1290948&view=diff
==============================================================================
--- river/jtsk/merge/qa/jtreg/net/jini/security/policy/PolicyFileProvider/basicGrants/policy.0 (original)
+++ river/jtsk/merge/qa/jtreg/net/jini/security/policy/PolicyFileProvider/basicGrants/policy.0 Sun Feb 19 04:51:20 2012
@@ -17,6 +17,7 @@ grant {
"java.security.policy", "read,write";
permission java.util.PropertyPermission "test.src", "read";
permission java.security.SecurityPermission "getProperty.*";
+ permission java.security.SecurityPermission "getPolicy";
};
grant codeBase "file:/foo/*" {
Modified: river/jtsk/merge/qa/jtreg/net/jini/security/policy/PolicyFileProvider/nullCases/policy
URL: http://svn.apache.org/viewvc/river/jtsk/merge/qa/jtreg/net/jini/security/policy/PolicyFileProvider/nullCases/policy?rev=1290948&r1=1290947&r2=1290948&view=diff
==============================================================================
--- river/jtsk/merge/qa/jtreg/net/jini/security/policy/PolicyFileProvider/nullCases/policy (original)
+++ river/jtsk/merge/qa/jtreg/net/jini/security/policy/PolicyFileProvider/nullCases/policy Sun Feb 19 04:51:20 2012
@@ -13,4 +13,5 @@ grant {
permission java.lang.RuntimePermission "accessClassInPackage.*";
permission java.lang.RuntimePermission "setSecurityManager";
permission java.security.SecurityPermission "getProperty.*";
+ permission java.security.SecurityPermission "getPolicy";
};
Modified: river/jtsk/merge/qa/jtreg/net/jini/security/policy/PolicyFileProvider/umbrellaGrants/policy
URL: http://svn.apache.org/viewvc/river/jtsk/merge/qa/jtreg/net/jini/security/policy/PolicyFileProvider/umbrellaGrants/policy?rev=1290948&r1=1290947&r2=1290948&view=diff
==============================================================================
--- river/jtsk/merge/qa/jtreg/net/jini/security/policy/PolicyFileProvider/umbrellaGrants/policy (original)
+++ river/jtsk/merge/qa/jtreg/net/jini/security/policy/PolicyFileProvider/umbrellaGrants/policy Sun Feb 19 04:51:20 2012
@@ -1,7 +1,7 @@
/* @summary Test PolicyFileProvider expansion of UmbrellaGrantPermissions
*/
-grant codeBase "file:${java.home}/lib/ext/*" {
+grant codeBase "file:${{java.ext.dirs}}/*" {
permission java.security.AllPermission;
};
@@ -13,6 +13,7 @@ grant {
permission java.lang.RuntimePermission "accessClassInPackage.*";
permission java.lang.RuntimePermission "setSecurityManager";
permission java.security.SecurityPermission "getProperty.*";
+ permission java.security.SecurityPermission "getPolicy";
};
grant codeBase "file:/foo.jar" {
Modified: river/jtsk/merge/qa/jtreg/net/jini/security/porter/policy
URL: http://svn.apache.org/viewvc/river/jtsk/merge/qa/jtreg/net/jini/security/porter/policy?rev=1290948&r1=1290947&r2=1290948&view=diff
==============================================================================
--- river/jtsk/merge/qa/jtreg/net/jini/security/porter/policy (original)
+++ river/jtsk/merge/qa/jtreg/net/jini/security/porter/policy Sun Feb 19 04:51:20 2012
@@ -1,5 +1,5 @@
-grant codeBase "file:${java.home}/lib/ext/*" {
- permission java.security.AllPermission;
+grant codeBase "file:${{java.ext.dirs}}/*" {
+ permission java.security.AllPermission;
};
grant codeBase "file:${jtlib.tmp}/*" {
Modified: river/jtsk/merge/qa/jtreg/unittestlib/BasicTest.java
URL: http://svn.apache.org/viewvc/river/jtsk/merge/qa/jtreg/unittestlib/BasicTest.java?rev=1290948&r1=1290947&r2=1290948&view=diff
==============================================================================
--- river/jtsk/merge/qa/jtreg/unittestlib/BasicTest.java (original)
+++ river/jtsk/merge/qa/jtreg/unittestlib/BasicTest.java Sun Feb 19 04:51:20 2012
@@ -39,16 +39,20 @@ public abstract class BasicTest extends
/** Set the value to compare to. */
protected void setCompareTo(Object compareTo) {
- this.compareTo = compareTo;
- compareToSet = true;
+ synchronized (this){
+ this.compareTo = compareTo;
+ compareToSet = true;
+ }
}
/** Get the value to compare to. Throws an exception if not set. */
protected Object getCompareTo() {
- if (!compareToSet) {
- throw new FailedException("Test error: compareTo not set");
- }
- return compareTo;
+ synchronized (this){
+ if (!compareToSet) {
+ throw new FailedException("Test error: compareTo not set");
+ }
+ return compareTo;
+ }
}
/**
@@ -64,8 +68,9 @@ public abstract class BasicTest extends
}
public void check(Object result) throws Exception {
- if (!safeEquals(getCompareTo(), result)) {
- throw new FailedException("Should be: " + compareTo);
+ Object compareToObj = getCompareTo();
+ if (!safeEquals(compareToObj, result)) {
+ throw new FailedException("Should be: " + compareToObj);
}
}
}
Modified: river/jtsk/merge/qa/jtreg/unittestlib/UnitTestUtilities.java
URL: http://svn.apache.org/viewvc/river/jtsk/merge/qa/jtreg/unittestlib/UnitTestUtilities.java?rev=1290948&r1=1290947&r2=1290948&view=diff
==============================================================================
--- river/jtsk/merge/qa/jtreg/unittestlib/UnitTestUtilities.java (original)
+++ river/jtsk/merge/qa/jtreg/unittestlib/UnitTestUtilities.java Sun Feb 19 04:51:20 2012
@@ -62,7 +62,7 @@ public class UnitTestUtilities {
Integer.getInteger("lastTest", Integer.MAX_VALUE).intValue();
/** The number of the current test */
- public static int testNumber = 0;
+ public static volatile int testNumber = 0;
/** If true, stop after first failure. */
public static final boolean stopOnFail = Boolean.getBoolean("stopOnFail");
@@ -74,8 +74,8 @@ public class UnitTestUtilities {
/** Holds test results */
private static class TestResults {
- int pass;
- int fail;
+ volatile int pass;
+ volatile int fail;
}
/** Used to signal that lastTest has been done. */
Modified: river/jtsk/merge/qa/src/com/sun/jini/qa/harness/MasterTest.java
URL: http://svn.apache.org/viewvc/river/jtsk/merge/qa/src/com/sun/jini/qa/harness/MasterTest.java?rev=1290948&r1=1290947&r2=1290948&view=diff
==============================================================================
--- river/jtsk/merge/qa/src/com/sun/jini/qa/harness/MasterTest.java (original)
+++ river/jtsk/merge/qa/src/com/sun/jini/qa/harness/MasterTest.java Sun Feb 19 04:51:20 2012
@@ -36,6 +36,7 @@ import javax.security.auth.Subject;
import net.jini.config.Configuration;
import net.jini.config.ConfigurationException;
+import org.apache.river.api.security.DelegateCombinerSecurityManager;
/**
* A wrapper which drives the execution of a test on the master host.
@@ -82,9 +83,10 @@ class MasterTest {
origErr = System.err;
System.setErr(System.out);
logger.log(Level.FINE, "Starting MasterTest");
- if (System.getSecurityManager() == null) {
- System.setSecurityManager(new java.rmi.RMISecurityManager());
+ if (System.getSecurityManager() == null) {
+// System.setSecurityManager(new java.rmi.RMISecurityManager());
// System.setSecurityManager(new ProfilingSecurityManager());
+ System.setSecurityManager(new DelegateCombinerSecurityManager());
}
if (args.length < 1) {
exit(false, Test.ENV, "Arguments missing");
Modified: river/jtsk/merge/qa/src/com/sun/jini/qa/harness/MergedPolicyProvider.java
URL: http://svn.apache.org/viewvc/river/jtsk/merge/qa/src/com/sun/jini/qa/harness/MergedPolicyProvider.java?rev=1290948&r1=1290947&r2=1290948&view=diff
==============================================================================
--- river/jtsk/merge/qa/src/com/sun/jini/qa/harness/MergedPolicyProvider.java (original)
+++ river/jtsk/merge/qa/src/com/sun/jini/qa/harness/MergedPolicyProvider.java Sun Feb 19 04:51:20 2012
@@ -24,13 +24,21 @@ import java.security.Policy;
import java.security.ProtectionDomain;
import java.util.ArrayList;
+import java.util.Collection;
+import java.util.Collections;
import java.util.Enumeration;
import java.util.HashSet;
import java.util.Iterator;
+import java.util.List;
import java.util.StringTokenizer;
+import java.util.concurrent.locks.Lock;
+import java.util.concurrent.locks.ReentrantLock;
+import org.apache.river.api.security.ConcurrentPermissions;
+import org.apache.river.api.security.ConcurrentPolicy;
import net.jini.security.policy.PolicyInitializationException;
import net.jini.security.policy.PolicyFileProvider;
+import org.apache.river.api.security.PermissionGrant;
/**
* Security policy provider that delegates to a collection of underlying
@@ -40,12 +48,14 @@ import net.jini.security.policy.PolicyFi
* access to the same file, a check for read,write access would still
* fail.
*/
-public class MergedPolicyProvider extends Policy {
+public class MergedPolicyProvider extends Policy implements ConcurrentPolicy{
+ /** class state */
+// private static final Lock lock = new ReentrantLock();; // protects first
+// private static boolean first = false; // Why is first static?
+
/** the collection of underlying policies */
- private ArrayList policies = new ArrayList();
-
- private static boolean first = false;
+ private final Collection<Policy> policies ;
/**
* Creates a new <code>MergedPolicyProvider</code> instance that wraps a
@@ -74,6 +84,7 @@ public class MergedPolicyProvider extend
}
// no-arg semantics for 'default policy' necessary for correct behavior
// of PolicyFileProvider.refresh
+ Collection<Policy> policies = new ArrayList<Policy>();
try {
if (p1 != null) {
policies.add(new PolicyFileProvider());
@@ -93,6 +104,7 @@ public class MergedPolicyProvider extend
throw new PolicyInitializationException(
"unable to construct base policy", e);
}
+ this.policies = Collections.unmodifiableCollection(policies);
}
/**
@@ -103,25 +115,37 @@ public class MergedPolicyProvider extend
* @param source the <code>CodeSource</code>
*/
public PermissionCollection getPermissions(CodeSource source) {
- Iterator it = policies.iterator();
- if (it.hasNext()) {
- PermissionCollection pc =
- ((Policy) it.next()).getPermissions(source);
- while (it.hasNext()) {
- PermissionCollection pc2 =
- ((Policy) it.next()).getPermissions(source);
- Enumeration en = pc2.elements();
- while (en.hasMoreElements()) {
- Permission perm = (Permission) en.nextElement();
- if (!pc.implies(perm)) {
- pc.add(perm);
- }
- }
- }
- return pc;
- } else {
- throw new IllegalStateException("No policies in provider");
- }
+ if (policies.isEmpty()) throw new IllegalStateException("No policies in provider");
+ PermissionCollection pc = new ConcurrentPermissions();
+ Iterator<Policy> it = policies.iterator();
+ while (it.hasNext()){
+ Policy policy = it.next();
+ PermissionCollection col = policy.getPermissions(source);
+ Enumeration<Permission> e = col.elements();
+ while(e.hasMoreElements()){
+ pc.add(e.nextElement());
+ }
+ }
+ return pc;
+// Iterator it = policies.iterator();
+// if (it.hasNext()) {
+// PermissionCollection pc =
+// ((Policy) it.next()).getPermissions(source);
+// while (it.hasNext()) {
+// PermissionCollection pc2 =
+// ((Policy) it.next()).getPermissions(source);
+// Enumeration en = pc2.elements();
+// while (en.hasMoreElements()) {
+// Permission perm = (Permission) en.nextElement();
+// if (!pc.implies(perm)) {
+// pc.add(perm);
+// }
+// }
+// }
+// return pc;
+// } else {
+// throw new IllegalStateException("No policies in provider");
+// }
}
/**
@@ -131,55 +155,76 @@ public class MergedPolicyProvider extend
*
* @param domain the <code>ProtectionDomain</code>
*/
+// public PermissionCollection getPermissions(ProtectionDomain domain) {
+// Iterator it = policies.iterator();
+// ArrayList list = new ArrayList(64);
+// boolean first = false;
+//// lock.lock();
+//// try {
+// if (it.hasNext()) {
+// PermissionCollection pc =
+// ((Policy) it.next()).getPermissions(domain);
+// if (first) {
+// first = false;
+// Enumeration en = pc.elements();
+// list.add("BASE PERMISSIONS for domain " + domain);
+// while (en.hasMoreElements()) {
+// Permission perm = (Permission) en.nextElement();
+// list.add(perm.toString());
+// }
+// first = true;
+// }
+// while (it.hasNext()) {
+// PermissionCollection pc2 =
+// ((Policy) it.next()).getPermissions(domain);
+// Enumeration en = pc2.elements();
+// while (en.hasMoreElements()) {
+// Permission perm = (Permission) en.nextElement();
+// if (!pc.implies(perm)) {
+// if (first) {
+// first = false;
+// list.add("checking " + perm + " and adding");
+// first = true;
+// }
+// pc.add(perm);
+// } else {
+// if (first) {
+// first = false;
+// list.add("checking " + perm + " and not adding");
+// first = true;
+// }
+// }
+// }
+// }
+// if (first) {
+// first = false;
+// for (int i = 0; i < list.size(); i++) {
+// System.out.println((String) list.get(i));
+// }
+// first = true;
+// }
+// return pc;
+// } else {
+// throw new IllegalStateException("No policies in provider");
+// }
+//// }finally{
+//// lock.unlock();
+//// }
+// }
+
public PermissionCollection getPermissions(ProtectionDomain domain) {
- Iterator it = policies.iterator();
- ArrayList list = new ArrayList();
- if (it.hasNext()) {
- PermissionCollection pc =
- ((Policy) it.next()).getPermissions(domain);
- if (first) {
- first = false;
- Enumeration en = pc.elements();
- list.add("BASE PERMISSIONS for domain " + domain);
- while (en.hasMoreElements()) {
- Permission perm = (Permission) en.nextElement();
- list.add(perm.toString());
- }
- first = true;
- }
- while (it.hasNext()) {
- PermissionCollection pc2 =
- ((Policy) it.next()).getPermissions(domain);
- Enumeration en = pc2.elements();
- while (en.hasMoreElements()) {
- Permission perm = (Permission) en.nextElement();
- if (!pc.implies(perm)) {
- if (first) {
- first = false;
- list.add("checking " + perm + " and adding");
- first = true;
- }
- pc.add(perm);
- } else {
- if (first) {
- first = false;
- list.add("checking " + perm + " and not adding");
- first = true;
- }
- }
- }
- }
- if (first) {
- first = false;
- for (int i = 0; i < list.size(); i++) {
- System.out.println((String) list.get(i));
- }
- first = true;
- }
- return pc;
- } else {
- throw new IllegalStateException("No policies in provider");
- }
+ if (policies.isEmpty()) throw new IllegalStateException("No policies in provider");
+ PermissionCollection pc = new ConcurrentPermissions();
+ Iterator<Policy> it = policies.iterator();
+ while (it.hasNext()){
+ Policy policy = it.next();
+ PermissionCollection col = policy.getPermissions(domain);
+ Enumeration<Permission> e = col.elements();
+ while(e.hasMoreElements()){
+ pc.add(e.nextElement());
+ }
+ }
+ return pc;
}
/**
@@ -214,4 +259,70 @@ public class MergedPolicyProvider extend
p.refresh();
}
}
+
+ public boolean isConcurrent() {
+ if (policies.isEmpty()) throw new IllegalStateException("No policies in provider");
+ Iterator<Policy> it = policies.iterator();
+ while (it.hasNext()){
+ Policy p = it.next();
+ if (p instanceof ConcurrentPolicy){
+ if (!((ConcurrentPolicy)p).isConcurrent()) return false;
+ } else {
+ return false;
+ }
+ }
+ return true;
+ }
+
+ public PermissionGrant[] getPermissionGrants(ProtectionDomain domain) {
+ if (policies.isEmpty()) throw new IllegalStateException("No policies in provider");
+ List<PermissionGrant[]> perms = new ArrayList<PermissionGrant[]>(policies.size());
+ Iterator<Policy> it = policies.iterator();
+ int arrayLength = 0;
+ while (it.hasNext()){
+ Policy p = it.next();
+ if (p instanceof ConcurrentPolicy){
+ PermissionGrant [] g = ((ConcurrentPolicy)p).getPermissionGrants(domain);
+ arrayLength = arrayLength + g.length;
+ perms.add(g);
+ }
+ }
+ PermissionGrant [] result = new PermissionGrant[arrayLength];
+ int index = 0;
+ Iterator<PermissionGrant[]> grants = perms.iterator();
+ while (grants.hasNext()){
+ PermissionGrant [] g = grants.next();
+ int l = g.length;
+ for (int i = 0; i < l; i++, index++){
+ result[index] = g[i];
+ }
+ }
+ return result;
+ }
+
+ public PermissionGrant[] getPermissionGrants() {
+ if (policies.isEmpty()) throw new IllegalStateException("No policies in provider");
+ List<PermissionGrant[]> perms = new ArrayList<PermissionGrant[]>(policies.size());
+ Iterator<Policy> it = policies.iterator();
+ int arrayLength = 0;
+ while (it.hasNext()){
+ Policy p = it.next();
+ if (p instanceof ConcurrentPolicy){
+ PermissionGrant [] g = ((ConcurrentPolicy)p).getPermissionGrants();
+ arrayLength = arrayLength + g.length;
+ perms.add(g);
+ }
+ }
+ PermissionGrant [] result = new PermissionGrant[arrayLength];
+ int index = 0;
+ Iterator<PermissionGrant[]> grants = perms.iterator();
+ while (grants.hasNext()){
+ PermissionGrant [] g = grants.next();
+ int l = g.length;
+ for (int i = 0; i < l; i++, index++){
+ result[index] = g[i];
+ }
+ }
+ return result;
+ }
}
Modified: river/jtsk/merge/qa/src/com/sun/jini/qa/harness/QATest.java
URL: http://svn.apache.org/viewvc/river/jtsk/merge/qa/src/com/sun/jini/qa/harness/QATest.java?rev=1290948&r1=1290947&r2=1290948&view=diff
==============================================================================
--- river/jtsk/merge/qa/src/com/sun/jini/qa/harness/QATest.java (original)
+++ river/jtsk/merge/qa/src/com/sun/jini/qa/harness/QATest.java Sun Feb 19 04:51:20 2012
@@ -24,7 +24,10 @@ import java.io.PrintWriter;
import java.io.File;
import java.rmi.RemoteException;
import java.util.ArrayList;
+import java.util.Collection;
+import java.util.Collections;
import java.util.Iterator;
+import java.util.List;
import java.util.logging.Logger;
import java.util.logging.Level;
@@ -46,17 +49,17 @@ import net.jini.core.lease.UnknownLeaseE
public abstract class QATest implements Test {
/** the logger */
- protected static Logger logger =
+ protected static final Logger logger =
Logger.getLogger("com.sun.jini.qa.harness");
/** Keeps track of leases for automatic cancellation when test ends. */
- private ArrayList leaseArray = new ArrayList();
+ private final Collection<Lease> leaseArray = new ArrayList<Lease>();
/** The admin manager for managing services */
- protected AdminManager manager;
+ protected volatile AdminManager manager;
/** The config object for accessing the test environment */
- protected QAConfig config;
+ protected volatile QAConfig config;
/**
* Mostly mimics the behavior of the assert keyword.
Modified: river/jtsk/merge/qa/src/com/sun/jini/qa/harness/TestDescription.java
URL: http://svn.apache.org/viewvc/river/jtsk/merge/qa/src/com/sun/jini/qa/harness/TestDescription.java?rev=1290948&r1=1290947&r2=1290948&view=diff
==============================================================================
--- river/jtsk/merge/qa/src/com/sun/jini/qa/harness/TestDescription.java (original)
+++ river/jtsk/merge/qa/src/com/sun/jini/qa/harness/TestDescription.java Sun Feb 19 04:51:20 2012
@@ -603,7 +603,9 @@ public class TestDescription implements
ArrayList cmdList = new ArrayList(10);
cmdList.add(getJVM());
// Uncomment the following line if you want to debug permission requests
- //cmdList.add("-Djava.security.manager=com.sun.jini.tool.ProfilingSecurityManager");
+// cmdList.add("-Djava.security.manager=com.sun.jini.tool.ProfilingSecurityManager");
+// cmdList.add("-Djava.security.manager=java.lang.SecurityManager");
+ cmdList.add("-Djava.security.manager=org.apache.river.api.security.DelegateCombinerSecurityManager");
cmdList.add("-Djava.security.policy=" + getPolicyFile());
if (getCodebase() != null) {
cmdList.add("-Djava.rmi.server.codebase=" + getCodebase());
Modified: river/jtsk/merge/qa/src/com/sun/jini/qa/resources/qaDefaults.properties
URL: http://svn.apache.org/viewvc/river/jtsk/merge/qa/src/com/sun/jini/qa/resources/qaDefaults.properties?rev=1290948&r1=1290947&r2=1290948&view=diff
==============================================================================
--- river/jtsk/merge/qa/src/com/sun/jini/qa/resources/qaDefaults.properties (original)
+++ river/jtsk/merge/qa/src/com/sun/jini/qa/resources/qaDefaults.properties Sun Feb 19 04:51:20 2012
@@ -210,11 +210,14 @@ com.sun.jini.qa.harness.actdeathdelay=5
# system property if that property is defined. The '-OD' marker flags this
# property as optional. If the property is not defined as a system property
# or in any configuration file, then the property will not be set on the VM.
-#
+#
# You might find the following debugging options useful
# -Djava.security.debug=access:failure,\
# -Djava.security.manager=com.sun.jini.tool.ProfilingSecurityManager,\
+# -Djava.security.manager=org.apache.river.api.security.DelegateCombinerSecurityManager,\
# -Dpolicy.provider=net.jini.security.policy.DynamicPolicyProvider,\
+# -Djava.security.manager=java.rmi.RMISecurityManager,\
+
# no cosmetic whitespace
com.sun.jini.qa.harness.globalvmargs=\
@@ -249,7 +252,11 @@ testPolicyfile=<url:harness/policy/defau
# The default classpath. This property must be defined, and must include
# all Jini dependencies as components
-testClasspath=<harnessJar>$:<testJar>$:${com.sun.jini.jsk.home}$/lib$/jsk-platform.jar$:${com.sun.jini.jsk.home}$/lib$/jsk-lib.jar
+testClasspath=<harnessJar>$:<testJar>$:${com.sun.jini.jsk.home}$/lib$/jsk-platform.jar$:${com.sun.jini.jsk.home}$/lib$/jsk-lib.jar$:${com.sun.jini.jsk.home}$/lib$/high-scale-lib.jar
+
+# Alternate test classpath, for tests that don't use <testJar>
+#
+altClasspath=<harnessJar>$:${com.sun.jini.jsk.home}$/lib$/jsk-platform.jar$:${com.sun.jini.jsk.home}$/lib$/jsk-lib.jar$:${com.sun.jini.jsk.home}$/lib$/high-scale-lib.jar
#
# Services run with server vm; test runs with client vm
Modified: river/jtsk/merge/qa/src/com/sun/jini/test/impl/reggie/NameServiceImpl.java
URL: http://svn.apache.org/viewvc/river/jtsk/merge/qa/src/com/sun/jini/test/impl/reggie/NameServiceImpl.java?rev=1290948&r1=1290947&r2=1290948&view=diff
==============================================================================
--- river/jtsk/merge/qa/src/com/sun/jini/test/impl/reggie/NameServiceImpl.java (original)
+++ river/jtsk/merge/qa/src/com/sun/jini/test/impl/reggie/NameServiceImpl.java Sun Feb 19 04:51:20 2012
@@ -39,17 +39,25 @@ public class NameServiceImpl implements
}
- public InetAddress[] lookupAllHostAddr(String host)
+// public byte [][] lookupAllHostAddr(String host)
+ public InetAddress [] lookupAllHostAddr(String host)
throws UnknownHostException
{
if (host.equalsIgnoreCase(testClient)) {
- return ( new InetAddress[]
- { InetAddress.getByAddress(addr1),
- InetAddress.getByAddress(addr2),
- InetAddress.getByAddress(localhostAddr) } );
+// return ( new byte [][]
+// { InetAddress.getByAddress(addr1).getAddress(),
+// InetAddress.getByAddress(addr2).getAddress(),
+// InetAddress.getByAddress(localhostAddr).getAddress()
+ return (new InetAddress []{
+ InetAddress.getByAddress(addr1),
+ InetAddress.getByAddress(addr2),
+ InetAddress.getByAddress(localhostAddr)
+ });
} else if (host.equalsIgnoreCase(localhost)) {
- return ( new InetAddress[]
- { InetAddress.getByAddress(localhostAddr) } );
+ return
+// ( new byte[][] { InetAddress.getByAddress(localhostAddr).getAddress()
+ (new InetAddress [] { InetAddress.getByAddress(localhostAddr)
+ });
} else {
throw new UnknownHostException(host);
}
Modified: river/jtsk/merge/qa/src/com/sun/jini/test/impl/start/ClassLoaderTest.td
URL: http://svn.apache.org/viewvc/river/jtsk/merge/qa/src/com/sun/jini/test/impl/start/ClassLoaderTest.td?rev=1290948&r1=1290947&r2=1290948&view=diff
==============================================================================
--- river/jtsk/merge/qa/src/com/sun/jini/test/impl/start/ClassLoaderTest.td (original)
+++ river/jtsk/merge/qa/src/com/sun/jini/test/impl/start/ClassLoaderTest.td Sun Feb 19 04:51:20 2012
@@ -2,7 +2,7 @@ testClass=ClassLoaderTest
testCategories=start,start_impl
#testClasspath=${com.sun.jini.qa.home}$/lib$/harness.jar$:${com.sun.jini.qa.home}$/lib$/qa1-start-tests.jar$:${com.sun.jini.qa.home}$/lib$/$qajinidep$:${com.sun.jini.jsk.home}$/lib$/jsk-platform.jar
-testClasspath=<harnessJar>$:<file:lib/qa1-start-tests.jar>$:${com.sun.jini.jsk.home}$/lib$/jsk-platform.jar$:${com.sun.jini.jsk.home}$/lib$/jsk-lib.jar
+testClasspath=${altClasspath}$:<file:lib/qa1-start-tests.jar>
/*******************************************************************************
Modified: river/jtsk/merge/qa/src/com/sun/jini/test/impl/start/ClasspathTest.td
URL: http://svn.apache.org/viewvc/river/jtsk/merge/qa/src/com/sun/jini/test/impl/start/ClasspathTest.td?rev=1290948&r1=1290947&r2=1290948&view=diff
==============================================================================
--- river/jtsk/merge/qa/src/com/sun/jini/test/impl/start/ClasspathTest.td (original)
+++ river/jtsk/merge/qa/src/com/sun/jini/test/impl/start/ClasspathTest.td Sun Feb 19 04:51:20 2012
@@ -2,7 +2,7 @@ testClass=ClasspathTest
testCategories=start,start_impl
#testClasspath=${com.sun.jini.qa.home}$/lib$/harness.jar$:${com.sun.jini.qa.home}$/lib$/qa1-start-tests.jar$:${com.sun.jini.qa.home}$/lib$/$qajinidep$:${com.sun.jini.jsk.home}$/lib$/jsk-platform.jar
-testClasspath=<harnessJar>$:<file:lib/qa1-start-tests.jar>$:${com.sun.jini.jsk.home}$/lib$/jsk-platform.jar$:${com.sun.jini.jsk.home}$/lib$/jsk-lib.jar
+testClasspath=${altClasspath}$:<file:lib/qa1-start-tests.jar>
/*******************************************************************************
Modified: river/jtsk/merge/qa/src/com/sun/jini/test/impl/start/CodebaseTest.td
URL: http://svn.apache.org/viewvc/river/jtsk/merge/qa/src/com/sun/jini/test/impl/start/CodebaseTest.td?rev=1290948&r1=1290947&r2=1290948&view=diff
==============================================================================
--- river/jtsk/merge/qa/src/com/sun/jini/test/impl/start/CodebaseTest.td (original)
+++ river/jtsk/merge/qa/src/com/sun/jini/test/impl/start/CodebaseTest.td Sun Feb 19 04:51:20 2012
@@ -2,7 +2,7 @@ testClass=CodebaseTest
testCategories=start,start_impl
#testClasspath=${com.sun.jini.qa.home}$/lib$/harness.jar$:${com.sun.jini.qa.home}$/lib$/qa1-start-tests.jar$:${com.sun.jini.qa.home}$/lib$/$qajinidep$:${com.sun.jini.jsk.home}$/lib$/jsk-platform.jar
-testClasspath=<harnessJar>$:<file:lib/qa1-start-tests.jar>$:${com.sun.jini.jsk.home}$/lib$/jsk-platform.jar$:${com.sun.jini.jsk.home}$/lib$/jsk-lib.jar
+testClasspath=${altClasspath}$:<file:lib/qa1-start-tests.jar>
/*******************************************************************************
Modified: river/jtsk/merge/qa/src/com/sun/jini/test/impl/start/SecurityTest.td
URL: http://svn.apache.org/viewvc/river/jtsk/merge/qa/src/com/sun/jini/test/impl/start/SecurityTest.td?rev=1290948&r1=1290947&r2=1290948&view=diff
==============================================================================
--- river/jtsk/merge/qa/src/com/sun/jini/test/impl/start/SecurityTest.td (original)
+++ river/jtsk/merge/qa/src/com/sun/jini/test/impl/start/SecurityTest.td Sun Feb 19 04:51:20 2012
@@ -2,8 +2,11 @@ testClass=SecurityTest
testCategories=start,start_impl
#testClasspath=${com.sun.jini.qa.home}$/lib$/harness.jar$:${com.sun.jini.qa.home}$/lib$/qa1-start-tests.jar$:${com.sun.jini.qa.home}$/lib$/$qajinidep$:${com.sun.jini.jsk.home}$/lib$/jsk-platform.jar
-testClasspath=<harnessJar>$:<file:lib/qa1-start-tests.jar>$:${com.sun.jini.jsk.home}$/lib$/jsk-platform.jar$:${com.sun.jini.jsk.home}$/lib$/jsk-lib.jar
-
+testClasspath=${altClasspath}$:<file:lib/qa1-start-tests.jar>
+#testjvmargs=\
+#-Xdebug,\
+#-Xrunjdwp:transport=dt_socket+,address=8000+,server=y+,suspend=y,\
+#${testjvmargs}
/*******************************************************************************
* Test-specific property files
@@ -15,7 +18,8 @@ com.sun.jini.test.impl.start.SecurityTes
com.sun.jini.test.impl.start.SecurityTest1.codebase=http://${HOST}:${com.sun.jini.test.port}/qa1-start-testservice1-dl.jar
com.sun.jini.test.impl.start.SecurityTest1.policyfile=<url:securityTest.testservice1.policy>
com.sun.jini.test.impl.start.SecurityTest1.log=none
-com.sun.jini.test.impl.start.SecurityTest1.serverjvmargs=
+com.sun.jini.test.impl.start.SecurityTest1.serverjvmargs=-Dnet.jini.security.policy.PolicyFileProvider.basePolicyClass=sun.security.provider.PolicyFile,\
+-Dnet.jini.security.policy.DynamicPolicyProvider.basePolicyClass=net.jini.security.policy.PolicyFileProvider
com.sun.jini.test.impl.start.SecurityTest1.serviceConfiguration=<url:configs/<config>/testservice.config>
com.sun.jini.test.impl.start.SecurityTest1.starterConfiguration=<url:configs/<config>/testservice.config>
com.sun.jini.test.impl.start.SecurityTest1.host=master
Modified: river/jtsk/merge/qa/src/com/sun/jini/test/impl/start/SecurityTestNonActivatable.td
URL: http://svn.apache.org/viewvc/river/jtsk/merge/qa/src/com/sun/jini/test/impl/start/SecurityTestNonActivatable.td?rev=1290948&r1=1290947&r2=1290948&view=diff
==============================================================================
--- river/jtsk/merge/qa/src/com/sun/jini/test/impl/start/SecurityTestNonActivatable.td (original)
+++ river/jtsk/merge/qa/src/com/sun/jini/test/impl/start/SecurityTestNonActivatable.td Sun Feb 19 04:51:20 2012
@@ -3,7 +3,7 @@ testCategories=start,start_impl
#testClasspath=${com.sun.jini.qa.home}$/lib$/harness.jar$:${com.sun.jini.qa.home}$/lib$/qa1-start-tests.jar$:${com.sun.jini.qa.home}$/lib$/$qajinidep$:${com.sun.jini.jsk.home}$/lib$/jsk-platform.jar
-testClasspath=<harnessJar>$:<file:lib/qa1-start-tests.jar>$:${com.sun.jini.jsk.home}$/lib$/jsk-platform.jar$:${com.sun.jini.jsk.home}$/lib$/jsk-lib.jar
+testClasspath=${altClasspath}$:<file:lib/qa1-start-tests.jar>
/*******************************************************************************
Modified: river/jtsk/merge/qa/src/com/sun/jini/test/impl/start/ServiceStarterCreateBadTransientServiceTest.td
URL: http://svn.apache.org/viewvc/river/jtsk/merge/qa/src/com/sun/jini/test/impl/start/ServiceStarterCreateBadTransientServiceTest.td?rev=1290948&r1=1290947&r2=1290948&view=diff
==============================================================================
--- river/jtsk/merge/qa/src/com/sun/jini/test/impl/start/ServiceStarterCreateBadTransientServiceTest.td (original)
+++ river/jtsk/merge/qa/src/com/sun/jini/test/impl/start/ServiceStarterCreateBadTransientServiceTest.td Sun Feb 19 04:51:20 2012
@@ -1,3 +1,7 @@
testClass=ServiceStarterCreateBadTransientServiceTest
testCategories=start,start_impl
include0=start.properties
+#testjvmargs=\
+#-Xdebug,\
+#-Xrunjdwp:transport=dt_socket+,address=8000+,server=y+,suspend=y,\
+#${testjvmargs}
\ No newline at end of file
Modified: river/jtsk/merge/qa/src/com/sun/jini/test/impl/start/aggregatepolicyprovider/GetContextTest.java
URL: http://svn.apache.org/viewvc/river/jtsk/merge/qa/src/com/sun/jini/test/impl/start/aggregatepolicyprovider/GetContextTest.java?rev=1290948&r1=1290947&r2=1290948&view=diff
==============================================================================
--- river/jtsk/merge/qa/src/com/sun/jini/test/impl/start/aggregatepolicyprovider/GetContextTest.java (original)
+++ river/jtsk/merge/qa/src/com/sun/jini/test/impl/start/aggregatepolicyprovider/GetContextTest.java Sun Feb 19 04:51:20 2012
@@ -43,20 +43,20 @@ import com.sun.jini.qa.harness.QAConfig;
*/
public class GetContextTest extends QATest {
- public static SecurityContext securityContext;
- public static Permission[] passPermissions = {
+ public static volatile SecurityContext securityContext;
+ public static final Permission[] passPermissions = {
new RuntimePermission("A")
};
- public static Permission[] failPermissions = {
+ public static final Permission[] failPermissions = {
new RuntimePermission("B"),
new RuntimePermission("C"),
new RuntimePermission("D")
};
- public static PrivilegedAction checkContextAction;
- public static ClassLoader contextClassLoader;
- private String getContextJarFile;
- private String restoreContextJarFile;
- private String checkContextActionJarFile;
+ public static volatile PrivilegedAction checkContextAction;
+ public static volatile ClassLoader contextClassLoader;
+ private volatile String getContextJarFile;
+ private volatile String restoreContextJarFile;
+ private volatile String checkContextActionJarFile;
public void setup(QAConfig sysConfig) throws Exception {
super.setup(sysConfig);
Modified: river/jtsk/merge/qa/src/com/sun/jini/test/impl/start/aggregatepolicyprovider/GetContextTest.policy
URL: http://svn.apache.org/viewvc/river/jtsk/merge/qa/src/com/sun/jini/test/impl/start/aggregatepolicyprovider/GetContextTest.policy?rev=1290948&r1=1290947&r2=1290948&view=diff
==============================================================================
--- river/jtsk/merge/qa/src/com/sun/jini/test/impl/start/aggregatepolicyprovider/GetContextTest.policy (original)
+++ river/jtsk/merge/qa/src/com/sun/jini/test/impl/start/aggregatepolicyprovider/GetContextTest.policy Sun Feb 19 04:51:20 2012
@@ -25,8 +25,14 @@ grant codebase "file:${com.sun.jini.qa.h
permission java.security.AllPermission "", "";
};
-grant codeBase "file:${java.home}/lib/ext/*" {
- permission java.security.AllPermission;
+//grant codeBase "file:${java.home}/lib/ext/*" {
+// permission java.security.AllPermission;
+//};
+
+// For SecurityManager used from command line
+grant codeBase "file:${com.sun.jini.qa.home}${/}lib${/}qa1-start-tests.jar" {
+ permission java.io.FilePermission "-", "read";
+ permission java.lang.RuntimePermission "getProtectionDomain";
};
grant {
@@ -39,6 +45,7 @@ grant {
permission java.util.PropertyPermission "*", "read,write";
permission java.security.SecurityPermission "getProperty.*";
permission java.security.SecurityPermission "setPolicy";
+ permission java.security.SecurityPermission "getPolicy";
};
grant codeBase "file:${com.sun.jini.test.home}${/}lib${/}qa1-start-cb1.jar" {
Modified: river/jtsk/merge/qa/src/com/sun/jini/test/impl/start/aggregatepolicyprovider/GetContextTest.td
URL: http://svn.apache.org/viewvc/river/jtsk/merge/qa/src/com/sun/jini/test/impl/start/aggregatepolicyprovider/GetContextTest.td?rev=1290948&r1=1290947&r2=1290948&view=diff
==============================================================================
--- river/jtsk/merge/qa/src/com/sun/jini/test/impl/start/aggregatepolicyprovider/GetContextTest.td (original)
+++ river/jtsk/merge/qa/src/com/sun/jini/test/impl/start/aggregatepolicyprovider/GetContextTest.td Sun Feb 19 04:51:20 2012
@@ -2,9 +2,13 @@ testClass=GetContextTest
testCategories=start,start_impl
#testClasspath=<harnessJar>$:${com.sun.jini.qa.home}$/lib$/qa1-start-tests.jar$:${com.sun.jini.qa.home}$/lib$/$qajinidep$:${com.sun.jini.jsk.home}$/lib$/jsk-platform.jar
-testClasspath=<harnessJar>$:<file:lib/qa1-start-tests.jar>$:${com.sun.jini.jsk.home}$/lib$/jsk-platform.jar$:${com.sun.jini.jsk.home}$/lib$/jsk-lib.jar
+testClasspath=${altClasspath}$:<file:lib/qa1-start-tests.jar>
testPolicyfile=GetContextTest.policy
getContextJarFile=<file:lib/qa1-start-cb1.jar>
restoreContextJarFile=<file:lib/qa1-start-cb2.jar>
checkContextActionJarFile=<file:lib/qa1-start-cb3.jar>
include0=../start.properties
+#testjvmargs=\
+#-Xdebug,\
+#-Xrunjdwp:transport=dt_socket+,address=8000+,server=y+,suspend=y,\
+#${testjvmargs}
\ No newline at end of file
Modified: river/jtsk/merge/qa/src/com/sun/jini/test/impl/start/aggregatepolicyprovider/SubPoliciesTest.0.policy
URL: http://svn.apache.org/viewvc/river/jtsk/merge/qa/src/com/sun/jini/test/impl/start/aggregatepolicyprovider/SubPoliciesTest.0.policy?rev=1290948&r1=1290947&r2=1290948&view=diff
==============================================================================
--- river/jtsk/merge/qa/src/com/sun/jini/test/impl/start/aggregatepolicyprovider/SubPoliciesTest.0.policy (original)
+++ river/jtsk/merge/qa/src/com/sun/jini/test/impl/start/aggregatepolicyprovider/SubPoliciesTest.0.policy Sun Feb 19 04:51:20 2012
@@ -25,8 +25,15 @@ grant codebase "file:${com.sun.jini.qa.h
permission java.security.AllPermission "", "";
};
-grant codeBase "file:${java.home}/lib/ext/*" {
- permission java.security.AllPermission;
+grant codeBase "file:${{java.ext.dirs}}/*" {
+ permission java.security.AllPermission;
+};
+
+
+// For SecurityManager used from command line
+grant codeBase "file:${com.sun.jini.qa.home}${/}lib${/}qa1-start-tests.jar" {
+ //permission java.io.FilePermission "-", "read";
+ permission java.lang.RuntimePermission "getProtectionDomain";
};
grant {
@@ -39,10 +46,12 @@ grant {
permission java.lang.RuntimePermission "createClassLoader";
permission java.lang.RuntimePermission "setContextClassLoader";
permission java.lang.RuntimePermission "setSecurityManager";
+ permission java.lang.RuntimePermission "getProtectionDomain";
permission java.util.PropertyPermission
"java.security.policy", "read,write";
permission java.security.SecurityPermission "getProperty.*";
permission java.security.SecurityPermission "setPolicy";
+ permission java.security.SecurityPermission "getPolicy";
permission java.util.PropertyPermission "*", "read";
};
Modified: river/jtsk/merge/qa/src/com/sun/jini/test/impl/start/aggregatepolicyprovider/SubPoliciesTest.td
URL: http://svn.apache.org/viewvc/river/jtsk/merge/qa/src/com/sun/jini/test/impl/start/aggregatepolicyprovider/SubPoliciesTest.td?rev=1290948&r1=1290947&r2=1290948&view=diff
==============================================================================
--- river/jtsk/merge/qa/src/com/sun/jini/test/impl/start/aggregatepolicyprovider/SubPoliciesTest.td (original)
+++ river/jtsk/merge/qa/src/com/sun/jini/test/impl/start/aggregatepolicyprovider/SubPoliciesTest.td Sun Feb 19 04:51:20 2012
@@ -2,7 +2,7 @@ testClass=SubPoliciesTest
testCategories=start,start_impl
#testClasspath=${com.sun.jini.qa.home}$/lib$/harness.jar$:${com.sun.jini.qa.home}$/lib$/qa1-start-tests.jar$:${com.sun.jini.qa.home}$/lib$/$qajinidep$:${com.sun.jini.jsk.home}$/lib$/jsk-platform.jar
-testClasspath=<harnessJar>$:<file:lib/qa1-start-tests.jar>$:${com.sun.jini.jsk.home}$/lib$/jsk-platform.jar$:${com.sun.jini.jsk.home}$/lib$/jsk-lib.jar
+testClasspath=${altClasspath}$:<file:lib/qa1-start-tests.jar>
testPolicyfile=SubPoliciesTest.0.policy
#!!!! the next two lines are wrong
Modified: river/jtsk/merge/qa/src/com/sun/jini/test/impl/start/loadersplitpolicyprovider/LoaderSplitPolicyProviderTest.java
URL: http://svn.apache.org/viewvc/river/jtsk/merge/qa/src/com/sun/jini/test/impl/start/loadersplitpolicyprovider/LoaderSplitPolicyProviderTest.java?rev=1290948&r1=1290947&r2=1290948&view=diff
==============================================================================
--- river/jtsk/merge/qa/src/com/sun/jini/test/impl/start/loadersplitpolicyprovider/LoaderSplitPolicyProviderTest.java (original)
+++ river/jtsk/merge/qa/src/com/sun/jini/test/impl/start/loadersplitpolicyprovider/LoaderSplitPolicyProviderTest.java Sun Feb 19 04:51:20 2012
@@ -28,10 +28,12 @@ import net.jini.security.policy.*;
import java.io.File;
import java.net.*;
import java.security.*;
-import java.util.Collections;
import com.sun.jini.qa.harness.QATest;
import com.sun.jini.qa.harness.QAConfig;
import com.sun.jini.qa.harness.TestException;
+import java.util.Enumeration;
+import java.util.HashSet;
+import java.util.Set;
public class LoaderSplitPolicyProviderTest extends QATest {
private String ldrPolicyFile;
@@ -146,7 +148,7 @@ public class LoaderSplitPolicyProviderTe
throw new TestException("Does not satisfy implies conditions for "
+ perm + ".");
}
-
+
if (!contains(pol.getPermissions(myPd), perm) ||
contains(pol.getPermissions(fooPd), perm) ||
contains(pol.getPermissions(barPd), perm) ||
@@ -212,7 +214,22 @@ public class LoaderSplitPolicyProviderTe
}
}
+ /*
+ * Dynamic policy no longer returns the permission directly, instead
+ * it encapsulates it in a container Permission that implies nothing,
+ * it is useful for debugging only since it delegates toString()
+ * to the encapsulated Permission.
+ *
+ * Dynamic policy does this to prevent the Permission becoming merged
+ * in the ProtectionDomain.
+ */
static boolean contains(PermissionCollection pc, Permission p) {
- return Collections.list(pc.elements()).contains(p);
+// return Collections.list(pc.elements()).contains(p);
+ Set<String> perms = new HashSet<String>();
+ Enumeration<Permission> e = pc.elements();
+ while (e.hasMoreElements()){
+ perms.add(e.nextElement().toString());
+ }
+ return perms.contains(p.toString());
}
}
Modified: river/jtsk/merge/qa/src/com/sun/jini/test/impl/start/loadersplitpolicyprovider/LoaderSplitPolicyProviderTest.td
URL: http://svn.apache.org/viewvc/river/jtsk/merge/qa/src/com/sun/jini/test/impl/start/loadersplitpolicyprovider/LoaderSplitPolicyProviderTest.td?rev=1290948&r1=1290947&r2=1290948&view=diff
==============================================================================
--- river/jtsk/merge/qa/src/com/sun/jini/test/impl/start/loadersplitpolicyprovider/LoaderSplitPolicyProviderTest.td (original)
+++ river/jtsk/merge/qa/src/com/sun/jini/test/impl/start/loadersplitpolicyprovider/LoaderSplitPolicyProviderTest.td Sun Feb 19 04:51:20 2012
@@ -1,6 +1,6 @@
testClass=LoaderSplitPolicyProviderTest
testCategories=start,start_impl
-testClasspath=<harnessJar>$:<file:lib/qa1-start-tests.jar>$:${com.sun.jini.jsk.home}$/lib$/jsk-platform.jar$:${com.sun.jini.jsk.home}$/lib$/jsk-lib.jar
+testClasspath=${altClasspath}$:<file:lib/qa1-start-tests.jar>
testPolicyfile=<url:harness/policy/defaulttest.policy>
ldrPolicyfile=<url:LoaderSplitPolicyProviderTest.loader.policy>
defPolicyfile=<url:/LoaderSplitPolicyProviderTest.default.policy>
Modified: river/jtsk/merge/qa/src/com/sun/jini/test/impl/start/securityTest.sharedgroup.policy
URL: http://svn.apache.org/viewvc/river/jtsk/merge/qa/src/com/sun/jini/test/impl/start/securityTest.sharedgroup.policy?rev=1290948&r1=1290947&r2=1290948&view=diff
==============================================================================
--- river/jtsk/merge/qa/src/com/sun/jini/test/impl/start/securityTest.sharedgroup.policy (original)
+++ river/jtsk/merge/qa/src/com/sun/jini/test/impl/start/securityTest.sharedgroup.policy Sun Feb 19 04:51:20 2012
@@ -1,3 +1,11 @@
+/* Grants required for SecurityManager used a startup: */
+
+grant codebase "file:${com.sun.jini.jsk.home}${/}lib${/}jsk-platform.jar" {
+ permission java.security.AllPermission "", "";
+};
+
+/* end grants required for SecurityManager during startup. */
+
grant {
permission java.io.FilePermission "${java.io.tmpdir}${/}-", "read,write,delete";
permission java.net.SocketPermission "*:*", "connect,resolve";
Modified: river/jtsk/merge/qa/src/com/sun/jini/test/impl/start/securityTest.testservice1.policy
URL: http://svn.apache.org/viewvc/river/jtsk/merge/qa/src/com/sun/jini/test/impl/start/securityTest.testservice1.policy?rev=1290948&r1=1290947&r2=1290948&view=diff
==============================================================================
--- river/jtsk/merge/qa/src/com/sun/jini/test/impl/start/securityTest.testservice1.policy (original)
+++ river/jtsk/merge/qa/src/com/sun/jini/test/impl/start/securityTest.testservice1.policy Sun Feb 19 04:51:20 2012
@@ -1,3 +1,11 @@
+/* Grants required for SecurityManager used a startup: */
+
+grant codebase "file:${com.sun.jini.jsk.home}${/}lib${/}jsk-platform.jar" {
+ permission java.security.AllPermission "", "";
+};
+
+/* end grants required for SecurityManager during startup. */
+
grant {
permission java.io.FilePermission
"${java.io.tmpdir}${/}testservice1", "read";
Modified: river/jtsk/merge/qa/src/com/sun/jini/test/impl/start/securityTest.testservice2.policy
URL: http://svn.apache.org/viewvc/river/jtsk/merge/qa/src/com/sun/jini/test/impl/start/securityTest.testservice2.policy?rev=1290948&r1=1290947&r2=1290948&view=diff
==============================================================================
--- river/jtsk/merge/qa/src/com/sun/jini/test/impl/start/securityTest.testservice2.policy (original)
+++ river/jtsk/merge/qa/src/com/sun/jini/test/impl/start/securityTest.testservice2.policy Sun Feb 19 04:51:20 2012
@@ -1,3 +1,11 @@
+/* Grants required for SecurityManager used a startup: */
+
+grant codebase "file:${com.sun.jini.jsk.home}${/}lib${/}jsk-platform.jar" {
+ permission java.security.AllPermission "", "";
+};
+
+/* end grants required for SecurityManager during startup. */
+
grant {
permission java.io.FilePermission "${java.io.tmpdir}${/}testservice2", "read";
permission java.io.FilePermission
Modified: river/jtsk/merge/qa/src/com/sun/jini/test/resources/jinitest.policy
URL: http://svn.apache.org/viewvc/river/jtsk/merge/qa/src/com/sun/jini/test/resources/jinitest.policy?rev=1290948&r1=1290947&r2=1290948&view=diff
==============================================================================
--- river/jtsk/merge/qa/src/com/sun/jini/test/resources/jinitest.policy (original)
+++ river/jtsk/merge/qa/src/com/sun/jini/test/resources/jinitest.policy Sun Feb 19 04:51:20 2012
@@ -8,10 +8,19 @@ grant codebase "file:${com.sun.jini.test
};
grant {
+ permission java.util.PropertyPermission "java.system.class.loader", "read";
permission java.io.FilePermission "${com.sun.jini.test.home}${/}lib${/}-", "read";
permission java.util.PropertyPermission "com.sun.jini.reggie.enableImplToStubReplacement", "read";
};
+grant {
+ permission com.sun.jini.phoenix.ExecOptionPermission "*";
+ // for a start test
+ permission com.sun.jini.phoenix.ExecPermission "/bin/javax";
+ permission java.util.PropertyPermission "FILEPOLICY02", "read";
+ permission java.security.SecurityPermission "getPolicy";
+};
+
grant codebase "file:${com.sun.jini.test.home}${/}lib${/}qa1-start-tests.jar" {
permission java.security.AllPermission "", "";
};
@@ -46,6 +55,10 @@ grant codebase "file:${com.sun.jini.test
permission java.security.AllPermission "", "";
};
+// required for new PolicyFile provider.
+grant codeBase "file:${{java.ext.dirs}}/*" {
+ permission java.security.AllPermission;
+};
grant codebase "file:${com.sun.jini.qa.harness.testJar}" {
permission net.jini.security.GrantPermission
Modified: river/jtsk/merge/qa/src/com/sun/jini/test/spec/config/configurationfile/configurationfile.policy
URL: http://svn.apache.org/viewvc/river/jtsk/merge/qa/src/com/sun/jini/test/spec/config/configurationfile/configurationfile.policy?rev=1290948&r1=1290947&r2=1290948&view=diff
==============================================================================
--- river/jtsk/merge/qa/src/com/sun/jini/test/spec/config/configurationfile/configurationfile.policy (original)
+++ river/jtsk/merge/qa/src/com/sun/jini/test/spec/config/configurationfile/configurationfile.policy Sun Feb 19 04:51:20 2012
@@ -1,3 +1,12 @@
+/* Grants required for SecurityManager used a startup: */
+
+grant codebase "file:${com.sun.jini.jsk.home}${/}lib${/}jsk-platform.jar" {
+ permission java.security.AllPermission "", "";
+};
+
+/* end grants required for SecurityManager during startup. */
+
+
grant {
permission java.security.SecurityPermission "getDomainCombiner";
permission java.security.SecurityPermission "createAccessControlContext";
Modified: river/jtsk/merge/qa/src/com/sun/jini/test/spec/export/servercontext/GetServerContextElement_NoContext.td
URL: http://svn.apache.org/viewvc/river/jtsk/merge/qa/src/com/sun/jini/test/spec/export/servercontext/GetServerContextElement_NoContext.td?rev=1290948&r1=1290947&r2=1290948&view=diff
==============================================================================
--- river/jtsk/merge/qa/src/com/sun/jini/test/spec/export/servercontext/GetServerContextElement_NoContext.td (original)
+++ river/jtsk/merge/qa/src/com/sun/jini/test/spec/export/servercontext/GetServerContextElement_NoContext.td Sun Feb 19 04:51:20 2012
@@ -1,5 +1,5 @@
testClass=GetServerContextElement_NoContext
testCategories=export_spec,spec
-testClasspath=<file:lib/qa1-export-servercontext-tests-null.jar>$:<harnessJar>$:<testJar>$:${com.sun.jini.jsk.home}$/lib$/jsk-platform.jar$:${com.sun.jini.jsk.home}$/lib$/jsk-lib.jar
+testClasspath=<file:lib/qa1-export-servercontext-tests-null.jar>$:${testClasspath}
com.sun.jini.qa.harness.runkitserver=false
com.sun.jini.qa.harness.runjiniserver=false
Modified: river/jtsk/merge/qa/src/com/sun/jini/test/spec/export/servercontext/GetServerContext_NoContext.td
URL: http://svn.apache.org/viewvc/river/jtsk/merge/qa/src/com/sun/jini/test/spec/export/servercontext/GetServerContext_NoContext.td?rev=1290948&r1=1290947&r2=1290948&view=diff
==============================================================================
--- river/jtsk/merge/qa/src/com/sun/jini/test/spec/export/servercontext/GetServerContext_NoContext.td (original)
+++ river/jtsk/merge/qa/src/com/sun/jini/test/spec/export/servercontext/GetServerContext_NoContext.td Sun Feb 19 04:51:20 2012
@@ -1,5 +1,5 @@
testClass=GetServerContext_NoContext
testCategories=export_spec,spec
-testClasspath=<file:lib/qa1-export-servercontext-tests-null.jar>$:<harnessJar>$:<testJar>$:${com.sun.jini.jsk.home}$/lib$/jsk-platform.jar$:${com.sun.jini.jsk.home}$/lib$/jsk-lib.jar
+testClasspath=<file:lib/qa1-export-servercontext-tests-null.jar>$:${testClasspath}
com.sun.jini.qa.harness.runkitserver=false
com.sun.jini.qa.harness.runjiniserver=false
Modified: river/jtsk/merge/qa/src/com/sun/jini/test/spec/export/servercontext/GetServerContext_ProvidersParsing.td
URL: http://svn.apache.org/viewvc/river/jtsk/merge/qa/src/com/sun/jini/test/spec/export/servercontext/GetServerContext_ProvidersParsing.td?rev=1290948&r1=1290947&r2=1290948&view=diff
==============================================================================
--- river/jtsk/merge/qa/src/com/sun/jini/test/spec/export/servercontext/GetServerContext_ProvidersParsing.td (original)
+++ river/jtsk/merge/qa/src/com/sun/jini/test/spec/export/servercontext/GetServerContext_ProvidersParsing.td Sun Feb 19 04:51:20 2012
@@ -1,5 +1,5 @@
testClass=GetServerContext_ProvidersParsing
testCategories=export_spec,spec
-testClasspath=<file:lib/qa1-export-servercontext-tests-providers-parsing.jar>$:<harnessJar>$:<testJar>$:${com.sun.jini.jsk.home}$/lib$/jsk-platform.jar$:${com.sun.jini.jsk.home}$/lib$/jsk-lib.jar
+testClasspath=<file:lib/qa1-export-servercontext-tests-providers-parsing.jar>$:${testClasspath}
com.sun.jini.qa.harness.runkitserver=false
com.sun.jini.qa.harness.runjiniserver=false
Modified: river/jtsk/merge/qa/src/com/sun/jini/test/spec/export/servercontext/GetServerContext_Providers_NonNull.td
URL: http://svn.apache.org/viewvc/river/jtsk/merge/qa/src/com/sun/jini/test/spec/export/servercontext/GetServerContext_Providers_NonNull.td?rev=1290948&r1=1290947&r2=1290948&view=diff
==============================================================================
--- river/jtsk/merge/qa/src/com/sun/jini/test/spec/export/servercontext/GetServerContext_Providers_NonNull.td (original)
+++ river/jtsk/merge/qa/src/com/sun/jini/test/spec/export/servercontext/GetServerContext_Providers_NonNull.td Sun Feb 19 04:51:20 2012
@@ -1,5 +1,5 @@
testClass=GetServerContext_Providers_NonNull
testCategories=export_spec,spec
-testClasspath=<file:lib/qa1-export-servercontext-tests-non-null.jar>$:<harnessJar>$:<testJar>$:${com.sun.jini.jsk.home}$/lib$/jsk-platform.jar$:${com.sun.jini.jsk.home}$/lib$/jsk-lib.jar
+testClasspath=<file:lib/qa1-export-servercontext-tests-non-null.jar>$:${testClasspath}
com.sun.jini.qa.harness.runkitserver=false
com.sun.jini.qa.harness.runjiniserver=false
Modified: river/jtsk/merge/qa/src/com/sun/jini/test/spec/id/uuid/ConstructorAccessorTest.td
URL: http://svn.apache.org/viewvc/river/jtsk/merge/qa/src/com/sun/jini/test/spec/id/uuid/ConstructorAccessorTest.td?rev=1290948&r1=1290947&r2=1290948&view=diff
==============================================================================
--- river/jtsk/merge/qa/src/com/sun/jini/test/spec/id/uuid/ConstructorAccessorTest.td (original)
+++ river/jtsk/merge/qa/src/com/sun/jini/test/spec/id/uuid/ConstructorAccessorTest.td Sun Feb 19 04:51:20 2012
@@ -2,3 +2,4 @@ testClass=ConstructorAccessorTest
testCategories=id,id_spec
com.sun.jini.qa.harness.runkitserver=false
com.sun.jini.qa.harness.runjiniserver=false
+#testjvmargs=-Djava.security.manager=com.sun.jini.tool.ProfilingSecurityManager
Modified: river/jtsk/merge/qa/src/com/sun/jini/test/spec/io/marshalinputstream/ConstructorAccessorTest.td
URL: http://svn.apache.org/viewvc/river/jtsk/merge/qa/src/com/sun/jini/test/spec/io/marshalinputstream/ConstructorAccessorTest.td?rev=1290948&r1=1290947&r2=1290948&view=diff
==============================================================================
--- river/jtsk/merge/qa/src/com/sun/jini/test/spec/io/marshalinputstream/ConstructorAccessorTest.td (original)
+++ river/jtsk/merge/qa/src/com/sun/jini/test/spec/io/marshalinputstream/ConstructorAccessorTest.td Sun Feb 19 04:51:20 2012
@@ -1,6 +1,6 @@
testClass=ConstructorAccessorTest
testCategories=io,io_spec
-testClasspath=<harnessJar>$:<file:lib/qa1-io-marshalinputstream-test.jar>$:${com.sun.jini.jsk.home}$/lib$/jsk-platform.jar$:${com.sun.jini.jsk.home}$/lib$/jsk-lib.jar
+testClasspath=${altClasspath}$:<file:lib/qa1-io-marshalinputstream-test.jar>
com.sun.jini.qa.harness.runkitserver=false
com.sun.jini.qa.harness.runjiniserver=false
include0=../io.properties