You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@river.apache.org by pe...@apache.org on 2011/08/17 08:18:12 UTC
svn commit: r1158535 [4/4] - in /river/jtsk/skunk/peterConcurrentPolicy: ./
qa/ qa/harness/policy/ qa/src/com/sun/jini/qa/harness/
qa/src/com/sun/jini/qa/resources/ qa/src/com/sun/jini/test/impl/reggie/
qa/src/com/sun/jini/test/impl/start/loadersplitpo...
Added: river/jtsk/skunk/peterConcurrentPolicy/src/org/apache/river/api/security/DelegateCombinerSecurityManager.java
URL: http://svn.apache.org/viewvc/river/jtsk/skunk/peterConcurrentPolicy/src/org/apache/river/api/security/DelegateCombinerSecurityManager.java?rev=1158535&view=auto
==============================================================================
--- river/jtsk/skunk/peterConcurrentPolicy/src/org/apache/river/api/security/DelegateCombinerSecurityManager.java (added)
+++ river/jtsk/skunk/peterConcurrentPolicy/src/org/apache/river/api/security/DelegateCombinerSecurityManager.java Wed Aug 17 06:18:09 2011
@@ -0,0 +1,250 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package org.apache.river.api.security;
+
+import java.lang.ref.WeakReference;
+import java.security.AccessControlContext;
+import java.security.AccessController;
+import java.security.DomainCombiner;
+import java.security.Guard;
+import java.security.Permission;
+import java.security.PrivilegedAction;
+import java.security.ProtectionDomain;
+import java.util.ArrayList;
+import java.util.Collection;
+import java.util.HashSet;
+import java.util.Iterator;
+import java.util.Set;
+import java.util.concurrent.ConcurrentMap;
+import org.apache.river.api.delegates.DelegatePermission;
+import org.apache.river.impl.util.ConcurrentCollections;
+import org.apache.river.impl.util.ConcurrentWeakIdentityMap;
+import org.apache.river.impl.util.ConcurrentWeakMap;
+
+/**
+ * DelegateCombinerSecurityManager, is intended to be a high performance
+ * SecurityManager implementation that weakly caches the results of security checks
+ * for each AccessControlContext.
+ *
+ * @author Peter Firmstone
+ */
+public class DelegateCombinerSecurityManager
+extends SecurityManager implements DelegateSecurityManager {
+
+ private final DomainCombiner dc;
+ // Cache of optimised Delegate AccessControlContext's
+ private final ConcurrentMap<AccessControlContext, AccessControlContext> contextCache;
+ private final ConcurrentMap<AccessControlContext, Set<Permission>> checked;
+ private final Guard g;
+ private final Action action;
+
+ public DelegateCombinerSecurityManager(){
+ super();
+ dc = new DelegateDomainCombiner();
+ contextCache = new ConcurrentWeakMap<AccessControlContext, AccessControlContext>(100);
+ checked = new ConcurrentWeakMap<AccessControlContext, Set<Permission>>(100);
+ g = new RevokePermission();
+ action = new Action();
+ }
+
+ @Override
+ public void checkPermission(Permission perm, Object context) throws SecurityException {
+ if (!(context instanceof AccessControlContext)) throw new SecurityException();
+ if (perm == null ) throw new NullPointerException("Permission Collection null");
+ AccessControlContext executionContext = (AccessControlContext) context;
+ // Checks if Permission has already been checked for this context.
+ Set<Permission> checkedPerms = checked.get(executionContext);
+ if (checkedPerms == null){
+ checkedPerms = ConcurrentCollections.multiReadSet(new HashSet<Permission>(96));
+ Set<Permission> existed = checked.putIfAbsent(executionContext, checkedPerms);
+ if (existed != null) checkedPerms = existed;
+ }
+ if (checkedPerms.contains(perm)) return; // don't need to check again.
+ if (perm instanceof DelegatePermission) {
+ // This is an expensive operation, so we cache the created AccessControlContext.
+ AccessControlContext delegateContext = contextCache.get(executionContext);
+ if (delegateContext == null) {
+ final AccessControlContext finalExecutionContext = executionContext;
+ // Create a new AccessControlContext with the DelegateDomainCombiner
+ // we don't need to preserve the Subject accross the call
+ // we have sufficient privilege.
+ delegateContext = AccessController.doPrivileged(
+ new PrivilegedAction<AccessControlContext>(){
+
+ public AccessControlContext run() {
+ return new AccessControlContext(finalExecutionContext, dc);
+ }
+ }
+ );
+ // Optimise the delegateContext, this runs the DelegateDomainCombiner
+ // and returns the AccessControlContext.
+ // This is a mutator method, the delegateContext returned
+ // is actually the same object passed in, after it is
+ // mutated, but just in case that changes in future we
+ // return it.
+ delegateContext = AccessController.doPrivileged(action, delegateContext);
+ contextCache.putIfAbsent(executionContext, delegateContext);
+ // Above putIfAbsent: It doesn't matter if it already existed,
+ // the context we have is valid to perform a permissionCheck.
+ }
+ executionContext = delegateContext;
+ }
+ // Normal execution, same as SecurityManager.
+ executionContext.checkPermission(perm);
+ // If we get to here, no exceptions were thrown, we have permission.
+ checkedPerms.add(perm);
+ }
+
+ public void clearFromCache(Set<Permission> perms) throws SecurityException {
+ // This is a slow operation, with the benefit
+ // of faster security checks, which occur far more often.
+ // The cache will change while we make removals, however
+ // the policy will prevent any being re-added, since these have already
+ // been removed from the policy.
+ g.checkGuard(this);
+ if (perms == null){
+ checked.clear();
+ return;
+ }
+ Set<Class> classes = new HashSet<Class>(30);
+ Iterator<Permission> i = perms.iterator();
+ while (i.hasNext()){
+ classes.add(i.next().getClass());
+ }
+ Collection<Set<Permission>> cache = checked.values();
+ Collection<Permission> remove = new ArrayList<Permission>(60);
+ Iterator<Set<Permission>> j = cache.iterator();
+ while (j.hasNext()){
+ Set<Permission> s = j.next();
+ Iterator<Permission> k = s.iterator();
+ while(k.hasNext()){
+ Permission p = k.next();
+ if (classes.contains(p.getClass())) remove.add(p);
+ }
+ s.removeAll(remove);
+ remove.clear();
+ }
+ }
+
+ // Action retrieves the optimised AccessControlContext.
+ private class Action implements PrivilegedAction<AccessControlContext> {
+ private Action(){}
+
+ public AccessControlContext run(){
+ return AccessController.getContext();
+ }
+
+ }
+
+ private class DelegateDomainCombiner implements DomainCombiner {
+ // Cache the DelegateProtectionDomain's we don't want to
+ // create any more than abolutely necessary.
+ private final ConcurrentMap<ProtectionDomain,DelegateProtectionDomain> cache;
+ private DelegateDomainCombiner (){
+ cache = new ConcurrentWeakIdentityMap<ProtectionDomain,DelegateProtectionDomain>(120);
+ }
+
+ public ProtectionDomain[] combine(ProtectionDomain[] currentDomains, ProtectionDomain[] assignedDomains) {
+ /* We're only interested in the assignedDomains, since these
+ * are from the Context that the SecurityManager has been asked
+ * to check.
+ *
+ * This code wraps each ProtectionDomain in a DelegateProtectionDomain
+ * to ensure we check for the DelegatePermission or it's candidate
+ * Permission.
+ *
+ * The AccessControlContext instance will be the new instance
+ * we just created moments earlier, but with the context returned
+ * by this DomainCombiner.
+ */
+ int l = assignedDomains.length;
+ // I don't believe it's safe to re-use the existing array yet.
+ // I think it's the same context array from the original AccessControlContext
+ // we've duplicated, so modifing it would risk contaminating the
+ // call stack context.
+ DelegateProtectionDomain[] delegated = new DelegateProtectionDomain[l];
+ for ( int i = 0; i < l ;i++ ){
+ delegated[i] = cache.get(assignedDomains[i]);
+ if (delegated[i] == null){
+ delegated[i] = new DelegateProtectionDomain(assignedDomains[i]);
+ DelegateProtectionDomain existed =
+ cache.putIfAbsent(assignedDomains[i], delegated[i]);
+ if (existed != null){
+ delegated[i] = existed;
+ }
+ }
+ }
+ return delegated;
+ }
+ }
+
+ /*
+ * DelegateProtectionDomain is only used briefly on the stack for
+ * a permission check. The policy will never see it.
+ */
+ private class DelegateProtectionDomain extends ProtectionDomain {
+ // weakly reference the pd, so it doesn't prevent the cache key
+ // from being garbage collected.
+ private final WeakReference<ProtectionDomain> pd;
+
+ DelegateProtectionDomain(ProtectionDomain pd){
+ // Use static domain so we don't strong reference to ClassLoader
+ // which has a strong reference to ProtectionDomain.
+ super(pd.getCodeSource(),pd.getPermissions());
+ this.pd = new WeakReference<ProtectionDomain>(pd);
+ }
+
+ @Override
+ public boolean implies(Permission perm) {
+ ProtectionDomain pd = this.pd.get();
+ if (pd != null){
+ if (pd.implies(perm)) {
+ return true;
+ }
+ if (perm instanceof DelegatePermission ){
+ Permission candidate = ((DelegatePermission)perm).getPermission();
+ if (pd.implies(candidate)){
+ return true;
+ }
+ }
+ }
+ return false;
+ }
+
+ @Override
+ public String toString(){
+ // When pd.toString() is called, it will merge the policy permissions
+ // with those in pd if non static, which means the Permissions will no longer
+ // be correct in the superclass. This won't affect implies, since it
+ // calls the policy anyway, where the permissions have been combined
+ // by the policy.
+ // It will affect getPermissions() however this won't be used.
+// StringBuilder sb = new StringBuilder(200);
+// return sb.append("DelegateProtectionDomain\n").append(pd.toString()).toString();
+ // I don't think the output should be any different from standard.
+ ProtectionDomain pd = this.pd.get();
+ if (pd != null){
+ return pd.toString();
+ }
+ return "";
+ }
+
+ }
+
+}
Propchange: river/jtsk/skunk/peterConcurrentPolicy/src/org/apache/river/api/security/DelegateCombinerSecurityManager.java
------------------------------------------------------------------------------
svn:eol-style = native
Copied: river/jtsk/skunk/peterConcurrentPolicy/src/org/apache/river/api/security/DelegateReflectionSecurityManager.java (from r1153098, river/jtsk/skunk/peterConcurrentPolicy/src/org/apache/river/api/security/InternetSecurityManager.java)
URL: http://svn.apache.org/viewvc/river/jtsk/skunk/peterConcurrentPolicy/src/org/apache/river/api/security/DelegateReflectionSecurityManager.java?p2=river/jtsk/skunk/peterConcurrentPolicy/src/org/apache/river/api/security/DelegateReflectionSecurityManager.java&p1=river/jtsk/skunk/peterConcurrentPolicy/src/org/apache/river/api/security/InternetSecurityManager.java&r1=1153098&r2=1158535&rev=1158535&view=diff
==============================================================================
--- river/jtsk/skunk/peterConcurrentPolicy/src/org/apache/river/api/security/InternetSecurityManager.java (original)
+++ river/jtsk/skunk/peterConcurrentPolicy/src/org/apache/river/api/security/DelegateReflectionSecurityManager.java Wed Aug 17 06:18:09 2011
@@ -39,7 +39,7 @@ import org.apache.river.impl.util.Concur
import org.apache.river.impl.util.ConcurrentWeakMap;
/**
- * The InternetSecurityManager provides cached permission check results and
+ * The DelegateReflectionSecurityManager provides cached permission check results and
* proper functionality for DelegatePermission's.
*
* The best way to utilise this SecurityManager is via Guard.checkGuard().
@@ -49,7 +49,7 @@ import org.apache.river.impl.util.Concur
*
* @author Peter Firmstone
*/
-public class InternetSecurityManager extends SecurityManager {
+public class DelegateReflectionSecurityManager extends SecurityManager implements DelegateSecurityManager {
private final ConcurrentMap<AccessControlContext,ExecutionContextChecks> checks;
// private final ReadWriteLock revokeLock;
@@ -78,7 +78,7 @@ public class InternetSecurityManager ext
* contains.
*/
- public InternetSecurityManager(){
+ public DelegateReflectionSecurityManager(){
/* This checks adequate permission is held */
super();
/* Previous checks */
@@ -171,7 +171,10 @@ public class InternetSecurityManager ext
* are on the stack.
* However if there is an error, then we default to the safest
* action of directly consulting the AccessControlContext instead.
- */
+ *
+ *
+ * Instead of using reflection
+ */
ProtectionDomain[] contx = AccessController.doPrivileged( new PrivilegedAction<ProtectionDomain[]>(){
public ProtectionDomain[] run() {
try {
@@ -179,16 +182,16 @@ public class InternetSecurityManager ext
field.setAccessible(true);
return (ProtectionDomain[]) field.get(acc);
} catch (IllegalArgumentException ex) {
- Logger.getLogger(InternetSecurityManager.class.getName()).log(Level.SEVERE, null, ex);
+ Logger.getLogger(DelegateReflectionSecurityManager.class.getName()).log(Level.SEVERE, null, ex);
return null;
} catch (IllegalAccessException ex) {
- Logger.getLogger(InternetSecurityManager.class.getName()).log(Level.SEVERE, null, ex);
+ Logger.getLogger(DelegateReflectionSecurityManager.class.getName()).log(Level.SEVERE, null, ex);
return null;
} catch (NoSuchFieldException ex) {
- Logger.getLogger(InternetSecurityManager.class.getName()).log(Level.SEVERE, null, ex);
+ Logger.getLogger(DelegateReflectionSecurityManager.class.getName()).log(Level.SEVERE, null, ex);
return null;
} catch (SecurityException ex) {
- Logger.getLogger(InternetSecurityManager.class.getName()).log(Level.SEVERE, null, ex);
+ Logger.getLogger(DelegateReflectionSecurityManager.class.getName()).log(Level.SEVERE, null, ex);
return null;
}
}
@@ -243,4 +246,5 @@ public class InternetSecurityManager ext
}
}
+
}
Added: river/jtsk/skunk/peterConcurrentPolicy/src/org/apache/river/api/security/DelegateSecurityManager.java
URL: http://svn.apache.org/viewvc/river/jtsk/skunk/peterConcurrentPolicy/src/org/apache/river/api/security/DelegateSecurityManager.java?rev=1158535&view=auto
==============================================================================
--- river/jtsk/skunk/peterConcurrentPolicy/src/org/apache/river/api/security/DelegateSecurityManager.java (added)
+++ river/jtsk/skunk/peterConcurrentPolicy/src/org/apache/river/api/security/DelegateSecurityManager.java Wed Aug 17 06:18:09 2011
@@ -0,0 +1,61 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package org.apache.river.api.security;
+
+import java.security.Permission;
+import java.util.Set;
+
+/**
+ * The DelegateSecurityManager is designed to enable the use of DelegatePermission
+ * for Delegate Objects to encapsulate security sensitive objects using
+ * Li Gong's method guard pattern.
+ *
+ * In this manner we can prevent references to security sensitive object's from
+ * escaping.
+ *
+ * See "Inside Java 2 Platform Security" 2nd Edition, ISBN:0-201-78791-1, page 176.
+ *
+ * @author Peter Firmstone.
+ */
+public interface DelegateSecurityManager {
+
+ /**
+ *
+ * @param perm
+ * @param context
+ * @throws SecurityException
+ */
+ void checkPermission(Permission perm, Object context) throws SecurityException;
+
+ /**
+ * This method clears permissions from the checked cache, it should be
+ * called after calling Policy.refresh();
+ *
+ * If the Set provided contains permissions, only those of the same
+ * class will be removed from the checked cache.
+ *
+ * If the Set is null, the checked cache is cleared completely.
+ *
+ * @param perms
+ * @throws java.lang.InterruptedException
+ * @throws java.util.concurrent.ExecutionException
+ */
+ void clearFromCache(Set<Permission> perms) throws SecurityException;
+
+}
Propchange: river/jtsk/skunk/peterConcurrentPolicy/src/org/apache/river/api/security/DelegateSecurityManager.java
------------------------------------------------------------------------------
svn:eol-style = native
Modified: river/jtsk/skunk/peterConcurrentPolicy/src/org/apache/river/api/security/PermissionGrant.java
URL: http://svn.apache.org/viewvc/river/jtsk/skunk/peterConcurrentPolicy/src/org/apache/river/api/security/PermissionGrant.java?rev=1158535&r1=1158534&r2=1158535&view=diff
==============================================================================
--- river/jtsk/skunk/peterConcurrentPolicy/src/org/apache/river/api/security/PermissionGrant.java (original)
+++ river/jtsk/skunk/peterConcurrentPolicy/src/org/apache/river/api/security/PermissionGrant.java Wed Aug 17 06:18:09 2011
@@ -90,7 +90,16 @@ public interface PermissionGrant {
* Returns true if this PermissionGrant defines no Permissions, or if
* a PermissionGrant was made to a ProtectionDomain that no longer exists,
* or if the Exclusion excludes the PermissionGrant.
+ * @param excl
*/
public boolean isVoid(Exclusion excl);
+
+ /**
+ * Provide a suitable PermissionGrantBuilder, the user can use to
+ * produce a new PermissionGrant.
+ *
+ * @return
+ */
+ public PermissionGrantBuilder getBuilderTemplate();
}
Modified: river/jtsk/skunk/peterConcurrentPolicy/src/org/apache/river/api/security/PermissionGrantBuilder.java
URL: http://svn.apache.org/viewvc/river/jtsk/skunk/peterConcurrentPolicy/src/org/apache/river/api/security/PermissionGrantBuilder.java?rev=1158535&r1=1158534&r2=1158535&view=diff
==============================================================================
--- river/jtsk/skunk/peterConcurrentPolicy/src/org/apache/river/api/security/PermissionGrantBuilder.java (original)
+++ river/jtsk/skunk/peterConcurrentPolicy/src/org/apache/river/api/security/PermissionGrantBuilder.java Wed Aug 17 06:18:09 2011
@@ -77,7 +77,7 @@ public abstract class PermissionGrantBui
*/
public static final int PRINCIPAL = 4;
- public static PermissionGrantBuilder create(){
+ public static PermissionGrantBuilder newBuilder(){
return new PermissionGrantBuilderImp();
}
Modified: river/jtsk/skunk/peterConcurrentPolicy/src/org/apache/river/api/security/PermissionGrantBuilderImp.java
URL: http://svn.apache.org/viewvc/river/jtsk/skunk/peterConcurrentPolicy/src/org/apache/river/api/security/PermissionGrantBuilderImp.java?rev=1158535&r1=1158534&r2=1158535&view=diff
==============================================================================
--- river/jtsk/skunk/peterConcurrentPolicy/src/org/apache/river/api/security/PermissionGrantBuilderImp.java (original)
+++ river/jtsk/skunk/peterConcurrentPolicy/src/org/apache/river/api/security/PermissionGrantBuilderImp.java Wed Aug 17 06:18:09 2011
@@ -22,6 +22,7 @@ import java.io.IOException;
import java.io.ObjectInputStream;
import java.io.ObjectOutputStream;
import java.io.Serializable;
+import java.util.Collection;
import org.apache.river.api.security.Exclusion;
import org.apache.river.api.security.PermissionGrantBuilder;
import java.lang.ref.WeakReference;
@@ -30,6 +31,7 @@ import java.security.Permission;
import java.security.Principal;
import java.security.ProtectionDomain;
import java.security.cert.Certificate;
+import java.util.Collections;
import org.apache.river.api.security.PermissionGrant;
/**
@@ -46,6 +48,7 @@ import org.apache.river.api.security.Per
class PermissionGrantBuilderImp extends PermissionGrantBuilder implements
Serializable{
private static final long serialVersionUID = 1L;
+ private static final PermissionGrant nullGrant = new NullPermissionGrant();
private CodeSource cs;
private Certificate[] certs;
private transient WeakReference<ProtectionDomain> domain;
@@ -72,7 +75,7 @@ class PermissionGrantBuilderImp extends
principals = null;
permissions = null;
deny = null;
- context = CODESOURCE;
+ context = -1;
}
public PermissionGrantBuilder context(int context) {
@@ -138,20 +141,20 @@ class PermissionGrantBuilderImp extends
public PermissionGrant build() {
switch (context) {
- case CLASSLOADER:
- if (!hasDomain) return new PrincipalGrant(principals, permissions);
+ case CLASSLOADER: //Dynamic grant
+ // Don't return principal grant if domain null, dynamic grant's
+ // are treated special.
return new ClassLoaderGrant(domain, principals, permissions );
case CODESOURCE:
return new CodeSourceGrant(cs, principals, permissions ,null );
case CODESOURCE_CERTS:
return new CertificateGrant(certs, principals, permissions, deny );
- case PROTECTIONDOMAIN:
- if (!hasDomain) return new PrincipalGrant(principals, permissions);
+ case PROTECTIONDOMAIN: //Dynamic grant
return new ProtectionDomainGrant(domain, principals, permissions );
case PRINCIPAL:
return new PrincipalGrant(principals, permissions);
default:
- return null;
+ return nullGrant;
}
}
@@ -179,6 +182,49 @@ class PermissionGrantBuilderImp extends
// readResolve method returns a PermissionGrant instance.
private Object readResolve(){
+ // Don't deserialize specific grant's, they will grant to any domain.
+ if (context == CLASSLOADER || context == PROTECTIONDOMAIN){
+ if (hasDomain) return nullGrant;
+ }
+ // It's ok to return domainless dynamic grants.
return build();
}
+
+ // This is a singleton so we don't need to implement equals or hashCode.
+ private static class NullPermissionGrant implements PermissionGrant, Serializable {
+ private static final long serialVersionUID = 1L;
+
+ public boolean implies(ProtectionDomain pd) {
+ return false;
+ }
+
+ public boolean implies(ClassLoader cl, Principal[] pal) {
+ return false;
+ }
+
+ public boolean implies(CodeSource codeSource, Principal[] pal) {
+ return false;
+ }
+
+ public Collection<Permission> getPermissions() {
+ return Collections.emptySet();
+ }
+
+ public boolean isVoid(Exclusion excl) {
+ return true;
+ }
+
+ public PermissionGrantBuilder getBuilderTemplate() {
+ return new PermissionGrantBuilderImp();
+ }
+
+ public String toString(){
+ return "Null PermissionGrant";
+ }
+
+ private Object readResolve(){
+ return nullGrant;
+ }
+
+ }
}
Modified: river/jtsk/skunk/peterConcurrentPolicy/src/org/apache/river/api/security/PrincipalGrant.java
URL: http://svn.apache.org/viewvc/river/jtsk/skunk/peterConcurrentPolicy/src/org/apache/river/api/security/PrincipalGrant.java?rev=1158535&r1=1158534&r2=1158535&view=diff
==============================================================================
--- river/jtsk/skunk/peterConcurrentPolicy/src/org/apache/river/api/security/PrincipalGrant.java (original)
+++ river/jtsk/skunk/peterConcurrentPolicy/src/org/apache/river/api/security/PrincipalGrant.java Wed Aug 17 06:18:09 2011
@@ -28,6 +28,7 @@ import java.security.Permission;
import java.security.Principal;
import java.security.ProtectionDomain;
import java.security.acl.Group;
+import java.security.cert.Certificate;
import java.util.Arrays;
import java.util.Collection;
import java.util.Collections;
@@ -43,7 +44,9 @@ import org.apache.river.impl.security.po
*/
class PrincipalGrant implements PermissionGrant, Serializable{
private static final long serialVersionUID = 1L;
- private final Set<Principal> pals;
+ // Null object pattern for CodeSource.
+ protected static final CodeSource nullCS = new CodeSource((URL) null, (Certificate[]) null);
+ protected final Set<Principal> pals;
private final int hashCode;
private final Set<Permission> perms;
@SuppressWarnings("unchecked")
@@ -116,10 +119,10 @@ class PrincipalGrant implements Permissi
Iterator<Principal> principalItr = pals.iterator();
while (principalItr.hasNext()){
Principal entrypal = principalItr.next();
- Group g = null;
- if ( entrypal instanceof Group ){
- g = (Group) entrypal;
- }
+// Group g = null;
+// if ( entrypal instanceof Group ){
+// g = (Group) entrypal;
+// }
Iterator<Principal> p = princp.iterator();
// The first match breaks out of internal loop.
while (p.hasNext()){
@@ -180,9 +183,18 @@ class PrincipalGrant implements Permissi
return result;
}
+ /* Dynamic grant's and file policy grant's have different semantics,
+ * this class was originally abstract, it might be advisable to make it so
+ * again.
+ *
+ * dynamic grant's check if the contained protection domain is null first
+ * and if so return true. policy file grant's check if the passed in
+ * pd is null first and if so return false.
+ *
+ */
public boolean implies(ProtectionDomain pd) {
+ if (pals.isEmpty()) return true;
if (pd == null) return false;
- if (pals.isEmpty()) return true;
Principal[] hasPrincipals = pd.getPrincipals();
return implies(hasPrincipals);
}
@@ -197,7 +209,7 @@ class PrincipalGrant implements Permissi
}
public PermissionGrantBuilder getBuilderTemplate() {
- PermissionGrantBuilder pgb = PermissionGrantBuilder.create();
+ PermissionGrantBuilder pgb = PermissionGrantBuilder.newBuilder();
pgb.context(PermissionGrantBuilder.PRINCIPAL)
.principals(pals.toArray(new Principal[pals.size()]))
.permissions(perms.toArray(new Permission[perms.size()]));
Modified: river/jtsk/skunk/peterConcurrentPolicy/src/org/apache/river/api/security/ProtectionDomainGrant.java
URL: http://svn.apache.org/viewvc/river/jtsk/skunk/peterConcurrentPolicy/src/org/apache/river/api/security/ProtectionDomainGrant.java?rev=1158535&r1=1158534&r2=1158535&view=diff
==============================================================================
--- river/jtsk/skunk/peterConcurrentPolicy/src/org/apache/river/api/security/ProtectionDomainGrant.java (original)
+++ river/jtsk/skunk/peterConcurrentPolicy/src/org/apache/river/api/security/ProtectionDomainGrant.java Wed Aug 17 06:18:09 2011
@@ -41,7 +41,6 @@ class ProtectionDomainGrant extends Prin
ProtectionDomainGrant(WeakReference<ProtectionDomain> domain, Principal[] groups,
Permission[] perm){
super(groups, perm);
- if (domain == null) throw new IllegalArgumentException("domain cannot be null");
this.domain = domain;
int hash = 7;
hash = 13 * hash + (this.domain != null ? this.domain.hashCode() : 0);
@@ -57,7 +56,7 @@ class ProtectionDomainGrant extends Prin
if (o instanceof ProtectionDomainGrant){
ProtectionDomainGrant c = (ProtectionDomainGrant) o;
if ( !super.equals(o)) return false;
- if (domain.equals(c.domain)) return true;
+ if ( domain !=null && domain.equals(c.domain)) return true;
}
return false;
}
@@ -71,11 +70,15 @@ class ProtectionDomainGrant extends Prin
StringBuilder sb = new StringBuilder(400);
sb.append(super.toString())
.append("ProtectionDomain: \n");
- ProtectionDomain pd = domain.get();
- if (pd != null){
- sb.append(pd.toString());
+ ProtectionDomain pd = null;
+ if (domain != null){ pd = domain.get();
+ if (pd != null){
+ sb.append(pd.toString());
+ } else {
+ sb.append("Grant is void - ProtectionDomain is null");
+ }
} else {
- sb.append("Grant is void - ProtectionDomain is null");
+ sb.append("Grant applies to all ProtectionDomain's");
}
return sb.toString();
}
@@ -83,6 +86,8 @@ class ProtectionDomainGrant extends Prin
@Override
public boolean implies(ProtectionDomain pd){
+// if ((domain == null) && (pals.isEmpty())) return true;
+// if (pd == null) return false;
return impliesProtectionDomain(pd) && implies(pd.getPrincipals());
}
@@ -106,6 +111,7 @@ class ProtectionDomainGrant extends Prin
// for grant
private boolean impliesProtectionDomain(ProtectionDomain pd) {
// ProtectionDomain comparison
+ if (domain == null) return true; // Dynamic grant compatibility, opposite of CodeSource and Certificate grant's
if (pd == null) return false;
if (domain.get() == null ) return false; // grant is void.
if ( pd.equals(domain.get())) return true; // pd not null fast reference comparison
@@ -119,14 +125,15 @@ class ProtectionDomainGrant extends Prin
// This is here for revoke and for new ProtectionDomain's created by the
// DomainCombiner such as those in the SubjectDomainCombiner.
private boolean impliesClassLoader(ClassLoader cl) {
+ if (domain == null ) return true; // Dynamic grant compatibility
if (cl == null) return false;
if (domain.get() == null ) return false; // is void.
return domain.get().getClassLoader().equals(cl); // pd not null
}
// This is here for revoke and for new ProtectionDomain's created by the
// DomainCombiner such as those in the SubjectDomainCombiner.
- private boolean impliesCodeSource(CodeSource codeSource) {
- ProtectionDomain pd = domain.get();
+ private boolean impliesCodeSource(CodeSource codeSource) {
+ ProtectionDomain pd = domain != null ? domain.get(): null;
if (pd == null) return false; // is void - why did I have true?
CodeSource cs = normalizeCodeSource(pd.getCodeSource());
if (cs == codeSource) return true; // same reference.
@@ -138,7 +145,7 @@ class ProtectionDomainGrant extends Prin
@Override
public boolean isVoid(Exclusion excl) {
if ( super.isVoid(null)) return true;
- if (domain.get() == null) return true;
+ if ( domain != null && domain.get() == null) return true;
return false;
}
Copied: river/jtsk/skunk/peterConcurrentPolicy/src/org/apache/river/api/security/policy/RemotePolicy.java (from r1153098, river/jtsk/skunk/peterConcurrentPolicy/src/org/apache/river/api/security/RemotePolicy.java)
URL: http://svn.apache.org/viewvc/river/jtsk/skunk/peterConcurrentPolicy/src/org/apache/river/api/security/policy/RemotePolicy.java?p2=river/jtsk/skunk/peterConcurrentPolicy/src/org/apache/river/api/security/policy/RemotePolicy.java&p1=river/jtsk/skunk/peterConcurrentPolicy/src/org/apache/river/api/security/RemotePolicy.java&r1=1153098&r2=1158535&rev=1158535&view=diff
==============================================================================
--- river/jtsk/skunk/peterConcurrentPolicy/src/org/apache/river/api/security/RemotePolicy.java (original)
+++ river/jtsk/skunk/peterConcurrentPolicy/src/org/apache/river/api/security/policy/RemotePolicy.java Wed Aug 17 06:18:09 2011
@@ -16,11 +16,12 @@
* limitations under the License.
*/
-package org.apache.river.api.security;
+package org.apache.river.api.security.policy;
import java.io.IOException;
import net.jini.security.GrantPermission;
import net.jini.security.policy.UmbrellaGrantPermission;
+import org.apache.river.api.security.PermissionGrant;
import org.apache.river.impl.security.policy.util.PolicyParser;
import org.apache.river.impl.security.policy.util.DefaultPolicyParser;
import org.apache.river.impl.security.policy.util.DefaultPolicyScanner;
@@ -95,10 +96,15 @@ public interface RemotePolicy {
* as well as GrantPermission or UmbrellaGrantPermission for every
* Permission granted by each PermissionGrant.
*
- * In this case the caller will be the client Subject.
+ * If the calling Subject doesn't have sufficient permission, the
+ * first permission that fails will include the SecurityException as the
+ * cause of the thrown IOException.
*
- * These Permissions should be set in the local policy files at the
- * RemotePolicy server.
+ * Permissions required by the callers Subject should be set in the
+ * local policy files at the RemotePolicy server.
+ *
+ * Where an IOException is thrown, no update to the
+ * RemotePolicy has occurred.
*
* @param policyPermissions
* @throws java.io.IOException
Copied: river/jtsk/skunk/peterConcurrentPolicy/src/org/apache/river/api/security/policy/RevokeableDynamicPolicy.java (from r1153098, river/jtsk/skunk/peterConcurrentPolicy/src/org/apache/river/api/security/RevokeableDynamicPolicy.java)
URL: http://svn.apache.org/viewvc/river/jtsk/skunk/peterConcurrentPolicy/src/org/apache/river/api/security/policy/RevokeableDynamicPolicy.java?p2=river/jtsk/skunk/peterConcurrentPolicy/src/org/apache/river/api/security/policy/RevokeableDynamicPolicy.java&p1=river/jtsk/skunk/peterConcurrentPolicy/src/org/apache/river/api/security/RevokeableDynamicPolicy.java&r1=1153098&r2=1158535&rev=1158535&view=diff
==============================================================================
--- river/jtsk/skunk/peterConcurrentPolicy/src/org/apache/river/api/security/RevokeableDynamicPolicy.java (original)
+++ river/jtsk/skunk/peterConcurrentPolicy/src/org/apache/river/api/security/policy/RevokeableDynamicPolicy.java Wed Aug 17 06:18:09 2011
@@ -16,7 +16,7 @@
* limitations under the License.
*/
-package org.apache.river.api.security;
+package org.apache.river.api.security.policy;
import java.security.Permission;
import java.security.Principal;
Modified: river/jtsk/skunk/peterConcurrentPolicy/src/org/apache/river/impl/security/policy/util/DefaultPolicyParser.java
URL: http://svn.apache.org/viewvc/river/jtsk/skunk/peterConcurrentPolicy/src/org/apache/river/impl/security/policy/util/DefaultPolicyParser.java?rev=1158535&r1=1158534&r2=1158535&view=diff
==============================================================================
--- river/jtsk/skunk/peterConcurrentPolicy/src/org/apache/river/impl/security/policy/util/DefaultPolicyParser.java (original)
+++ river/jtsk/skunk/peterConcurrentPolicy/src/org/apache/river/impl/security/policy/util/DefaultPolicyParser.java Wed Aug 17 06:18:09 2011
@@ -225,7 +225,7 @@ public class DefaultPolicyParser impleme
}
}
}
- PermissionGrantBuilder pgb = PermissionGrantBuilder.create();
+ PermissionGrantBuilder pgb = PermissionGrantBuilder.newBuilder();
return pgb.codeSource(new CodeSource(codebase, signers))
.principals(principals.toArray(new Principal[principals.size()]))
.permissions(permissions.toArray(new Permission[permissions.size()]))
@@ -250,7 +250,7 @@ public class DefaultPolicyParser impleme
* @return resolved Permission object, either of concrete class or UnresolvedPermission
* @throws Exception if failed to expand properties,
* or to get a Certificate,
- * or to create an instance of a successfully found class
+ * or to newBuilder an instance of a successfully found class
*/
protected Permission resolvePermission(
DefaultPolicyScanner.PermissionEntry pe,
Modified: river/jtsk/skunk/peterConcurrentPolicy/src/org/apache/river/impl/security/policy/util/PolicyUtils.java
URL: http://svn.apache.org/viewvc/river/jtsk/skunk/peterConcurrentPolicy/src/org/apache/river/impl/security/policy/util/PolicyUtils.java?rev=1158535&r1=1158534&r2=1158535&view=diff
==============================================================================
--- river/jtsk/skunk/peterConcurrentPolicy/src/org/apache/river/impl/security/policy/util/PolicyUtils.java (original)
+++ river/jtsk/skunk/peterConcurrentPolicy/src/org/apache/river/impl/security/policy/util/PolicyUtils.java Wed Aug 17 06:18:09 2011
@@ -42,7 +42,7 @@ import java.util.Enumeration;
import java.util.Iterator;
import java.util.List;
import java.util.Properties;
-import org.apache.river.impl.security.policy.se.ConcurrentPermissions;
+import net.jini.security.ConcurrentPermissions;
/**
* This class consist of a number of static methods, which provide a common functionality
@@ -80,54 +80,6 @@ public class PolicyUtils {
}
/**
- * Auxiliary action for accessing system properties in a bundle.
- */
- public static class SystemKit implements PrivilegedAction<Properties> {
-
- /**
- * Returns system properties.
- */
- public Properties run() {
- return System.getProperties();
- }
- }
-
- /**
- * Auxiliary action for accessing specific system property.
- */
- public static class SystemPropertyAccessor implements PrivilegedAction<String> {
-
- /**
- * A key of a required system property.
- */
- public String key;
-
- /**
- * Constructor with a property key parameter.
- */
- public SystemPropertyAccessor(String key) {
- this.key = key;
- }
-
- /**
- * Handy one-line replacement of
- * "provide key and supply action" code block,
- * for reusing existing action instance.
- */
- public PrivilegedAction<String> key(String key) {
- this.key = key;
- return this;
- }
-
- /**
- * Returns specified system property.
- */
- public String run() {
- return System.getProperty(key);
- }
- }
-
- /**
* Auxiliary action for accessing specific security property.
*/
public static class SecurityPropertyAccessor implements PrivilegedAction<String> {
@@ -154,66 +106,6 @@ public class PolicyUtils {
return Security.getProperty(key);
}
}
-
- /**
- * Auxiliary action for loading a provider by specific security property.
- */
- public static class ProviderLoader<T> implements PrivilegedAction<T> {
-
- private String key;
-
- /**
- * Acceptable provider superclass.
- */
- private Class<T> expectedType;
-
- /**
- * Constructor taking property key and acceptable provider
- * superclass parameters.
- */
- public ProviderLoader(String key, Class<T> expected) {
- super();
- this.key = key;
- this.expectedType = expected;
- }
-
- /**
- * Returns provider instance by specified security property.
- * The <code>key</code> should map to a fully qualified classname.
- *
- * @throws SecurityException if no value specified for the key
- * in security properties or if an Exception has occurred
- * during classloading and instantiating.
- */
- public T run() {
- String klassName = Security.getProperty(key);
- if (klassName == null || klassName.length() == 0) {
- throw new SecurityException(Messages.getString("security.14C", //$NON-NLS-1$
- key));
- }
- // TODO accurate classloading
- try {
- Class<?> klass = Class.forName(klassName, true,
- Thread.currentThread().getContextClassLoader());
- if (expectedType != null && klass.isAssignableFrom(expectedType)){
- throw new SecurityException(Messages.getString("security.14D", //$NON-NLS-1$
- klassName, expectedType.getName()));
- }
- //FIXME expectedType.cast(klass.newInstance());
- return (T)klass.newInstance();
- }
- catch (SecurityException se){
- throw se;
- }
- catch (Exception e) {
- // TODO log error ??
- SecurityException se = new SecurityException(
- Messages.getString("security.14E", klassName)); //$NON-NLS-1$
- se.initCause(e);
- throw se;
- }
- }
- }
/**
* Specific exception to signal that property expansion failed
@@ -463,15 +355,12 @@ public class PolicyUtils {
public static URL[] getPolicyURLs(final Properties system,
final String systemUrlKey, final String securityUrlPrefix) {
- final SecurityPropertyAccessor security = new SecurityPropertyAccessor(
- null);
final List<URL> urls = new ArrayList<URL>();
boolean dynamicOnly = false;
URL dynamicURL = null;
//first check if policy is set via system properties
- if (!Util.equalsIgnoreCase(FALSE, AccessController
- .doPrivileged(security.key(POLICY_ALLOW_DYNAMIC)))) {
+ if (!Util.equalsIgnoreCase(FALSE, Security.getProperty(POLICY_ALLOW_DYNAMIC))) {
String location = system.getProperty(systemUrlKey);
if (location != null) {
if (location.startsWith("=")) { //$NON-NLS-1$
@@ -483,34 +372,25 @@ public class PolicyUtils {
location = expandURL(location, system);
// location can be a file, but we need an url...
final File f = new File(location);
- dynamicURL = AccessController
- .doPrivileged(new PrivilegedExceptionAction<URL>() {
-
- public URL run() throws Exception {
- if (f.exists()) {
- return f.toURI().toURL();
- } else {
- return null;
- }
- }
- });
+ if (f.exists()) {
+ dynamicURL = f.toURI().toURL();
+ }
if (dynamicURL == null) {
dynamicURL = new URL(location);
}
}
catch (Exception e) {
// TODO: log error
- // System.err.println("Error detecting system policy location: "+e);
+ System.err.println("Error detecting system policy location: "+e);
}
}
}
//next read urls from security.properties
if (!dynamicOnly) {
int i = 1;
- while (true) {
- String location = AccessController
- .doPrivileged(security.key(new StringBuilder(
- securityUrlPrefix).append(i++).toString()));
+ while (true) {
+ String location = Security.getProperty(new StringBuilder(
+ securityUrlPrefix).append(i++).toString());
if (location == null) {
break;
}
@@ -523,7 +403,7 @@ public class PolicyUtils {
}
catch (Exception e) {
// TODO: log error
- // System.err.println("Error detecting security policy location: "+e);
+ System.err.println("Error detecting security policy location: "+e);
}
}
}
@@ -542,7 +422,7 @@ public class PolicyUtils {
*/
public static PermissionCollection
toPermissionCollection(Collection<Permission> perms) {
- PermissionCollection pc = new ConcurrentPermissions();
+ PermissionCollection pc = new Permissions();
if (perms != null) {
for (Iterator<Permission> iter = perms.iterator(); iter.hasNext();) {
Permission element = iter.next();
@@ -562,21 +442,21 @@ public class PolicyUtils {
* from the specified PermissionCollection. An empty PermissionCollection
* is returned if parameter is null.
*/
- public static PermissionCollection
- mergePermissions(PermissionCollection[] perms) {
- PermissionCollection pc = new ConcurrentPermissions();
- int l = perms.length;
- for (int i = 0; i < l; i++ ){
- if (perms[i] != null) {
- Enumeration<Permission> iter = perms[i].elements();
- while ( iter.hasMoreElements() ) {
- Permission element = iter.nextElement();
- pc.add(element);
- }
- }
- }
- return pc;
- }
+// public static PermissionCollection
+// mergePermissions(PermissionCollection[] perms) {
+// PermissionCollection pc = new ConcurrentPermissions();
+// int l = perms.length;
+// for (int i = 0; i < l; i++ ){
+// if (perms[i] != null) {
+// Enumeration<Permission> iter = perms[i].elements();
+// while ( iter.hasMoreElements() ) {
+// Permission element = iter.nextElement();
+// pc.add(element);
+// }
+// }
+// }
+// return pc;
+// }
/**
* Converts common-purpose homegeneous or heterogeneous PermissionCollection's
Copied: river/jtsk/skunk/peterConcurrentPolicy/test/src/net/jini/security/ConcurrentPermissionsTest.java (from r1153098, river/jtsk/skunk/peterConcurrentPolicy/test/src/org/apache/river/impl/security/policy/se/ConcurrentPermissionsTest.java)
URL: http://svn.apache.org/viewvc/river/jtsk/skunk/peterConcurrentPolicy/test/src/net/jini/security/ConcurrentPermissionsTest.java?p2=river/jtsk/skunk/peterConcurrentPolicy/test/src/net/jini/security/ConcurrentPermissionsTest.java&p1=river/jtsk/skunk/peterConcurrentPolicy/test/src/org/apache/river/impl/security/policy/se/ConcurrentPermissionsTest.java&r1=1153098&r2=1158535&rev=1158535&view=diff
==============================================================================
--- river/jtsk/skunk/peterConcurrentPolicy/test/src/org/apache/river/impl/security/policy/se/ConcurrentPermissionsTest.java (original)
+++ river/jtsk/skunk/peterConcurrentPolicy/test/src/net/jini/security/ConcurrentPermissionsTest.java Wed Aug 17 06:18:09 2011
@@ -3,7 +3,7 @@
* and open the template in the editor.
*/
-package org.apache.river.impl.security.policy.se;
+package net.jini.security;
import java.lang.reflect.ReflectPermission;
import java.net.NetPermission;
@@ -18,7 +18,6 @@ import java.util.PropertyPermission;
import java.util.logging.LoggingPermission;
import net.jini.security.AccessPermission;
import net.jini.security.AuthenticationPermission;
-import org.apache.river.impl.security.policy.se.ConcurrentPermissions;
import org.junit.After;
import org.junit.AfterClass;
import org.junit.Before;
Modified: river/jtsk/skunk/peterConcurrentPolicy/test/src/net/jini/security/GrantPermissionTest.java
URL: http://svn.apache.org/viewvc/river/jtsk/skunk/peterConcurrentPolicy/test/src/net/jini/security/GrantPermissionTest.java?rev=1158535&r1=1158534&r2=1158535&view=diff
==============================================================================
--- river/jtsk/skunk/peterConcurrentPolicy/test/src/net/jini/security/GrantPermissionTest.java (original)
+++ river/jtsk/skunk/peterConcurrentPolicy/test/src/net/jini/security/GrantPermissionTest.java Wed Aug 17 06:18:09 2011
@@ -38,33 +38,29 @@ public class GrantPermissionTest {
public void tearDown() throws Exception {
}
- /**
- * Test of getActions method, of class GrantPermission.
- */
-// @org.junit.Test
-// public void getActions() {
-// System.out.println("getActions");
-// GrantPermission instance = null;
-// String expResult = "";
-// String result = instance.getActions();
-// assertEquals(expResult, result);
-// // TODO review the generated test code and remove the default call to fail.
-// fail("The test case is a prototype.");
-// }
-
- /**
- * Test of newPermissionCollection method, of class GrantPermission.
+ /**
+ * Test of string construction, of class GrantPermission.
*/
-// @org.junit.Test
-// public void newPermissionCollection() {
-// System.out.println("newPermissionCollection");
-// GrantPermission instance = null;
-// PermissionCollection expResult = null;
-// PermissionCollection result = instance.newPermissionCollection();
-// assertEquals(expResult, result);
-// // TODO review the generated test code and remove the default call to fail.
-// fail("The test case is a prototype.");
-// }
+ @org.junit.Test
+ public void construct() {
+ System.out.println("String constructor");
+ RuntimePermission rpD = new RuntimePermission("D", "");
+// RuntimePermission rpD1 = new RuntimePermission("D1");
+// RuntimePermission rpC = new RuntimePermission("C");
+// RuntimePermission rpC1 = new RuntimePermission("C1");
+
+ String rpDS = "delim=' java.lang.RuntimePermission 'D'";
+
+ GrantPermission gpS = new GrantPermission(rpDS);
+ GrantPermission gpP = new GrantPermission(rpD);
+ System.out.print(gpS.toString());
+ System.out.print(gpP.toString());
+ boolean result = gpS.implies(gpP);
+ boolean expResult = true;
+ assertEquals(expResult, result);
+ result = gpP.implies(gpS);
+ assertEquals(expResult, result);
+ }
/**
* Test of implies method, of class GrantPermission.
@@ -199,7 +195,7 @@ public class GrantPermissionTest {
System.out.println(msg);
return ret == exp;
}
-
+
/**
* Test of equals method, of class GrantPermission.
*/
Copied: river/jtsk/skunk/peterConcurrentPolicy/test/src/net/jini/security/MultiReadPermissionCollectionTest.java (from r1153098, river/jtsk/skunk/peterConcurrentPolicy/test/src/org/apache/river/impl/security/policy/se/MultiReadPermissionCollectionTest.java)
URL: http://svn.apache.org/viewvc/river/jtsk/skunk/peterConcurrentPolicy/test/src/net/jini/security/MultiReadPermissionCollectionTest.java?p2=river/jtsk/skunk/peterConcurrentPolicy/test/src/net/jini/security/MultiReadPermissionCollectionTest.java&p1=river/jtsk/skunk/peterConcurrentPolicy/test/src/org/apache/river/impl/security/policy/se/MultiReadPermissionCollectionTest.java&r1=1153098&r2=1158535&rev=1158535&view=diff
==============================================================================
--- river/jtsk/skunk/peterConcurrentPolicy/test/src/org/apache/river/impl/security/policy/se/MultiReadPermissionCollectionTest.java (original)
+++ river/jtsk/skunk/peterConcurrentPolicy/test/src/net/jini/security/MultiReadPermissionCollectionTest.java Wed Aug 17 06:18:09 2011
@@ -3,7 +3,7 @@
* and open the template in the editor.
*/
-package org.apache.river.impl.security.policy.se;
+package net.jini.security;
import java.security.Permission;
@@ -12,7 +12,6 @@ import java.util.ArrayList;
import java.util.Enumeration;
import net.jini.security.AccessPermission;
import net.jini.security.AuthenticationPermission;
-import org.apache.river.impl.security.policy.se.MultiReadPermissionCollection;
import org.junit.After;
import org.junit.Before;
import org.junit.Test;
Copied: river/jtsk/skunk/peterConcurrentPolicy/test/src/net/jini/security/Permissions_ImplTest.java (from r1153098, river/jtsk/skunk/peterConcurrentPolicy/test/src/org/apache/river/impl/security/policy/se/Permissions_ImplTest.java)
URL: http://svn.apache.org/viewvc/river/jtsk/skunk/peterConcurrentPolicy/test/src/net/jini/security/Permissions_ImplTest.java?p2=river/jtsk/skunk/peterConcurrentPolicy/test/src/net/jini/security/Permissions_ImplTest.java&p1=river/jtsk/skunk/peterConcurrentPolicy/test/src/org/apache/river/impl/security/policy/se/Permissions_ImplTest.java&r1=1153098&r2=1158535&rev=1158535&view=diff
==============================================================================
--- river/jtsk/skunk/peterConcurrentPolicy/test/src/org/apache/river/impl/security/policy/se/Permissions_ImplTest.java (original)
+++ river/jtsk/skunk/peterConcurrentPolicy/test/src/net/jini/security/Permissions_ImplTest.java Wed Aug 17 06:18:09 2011
@@ -20,7 +20,7 @@
* @version $Revision$
*/
-package org.apache.river.impl.security.policy.se;
+package net.jini.security;
import java.security.AllPermission;
import java.security.BasicPermission;
import java.security.Permission;
@@ -29,7 +29,6 @@ import java.security.SecurityPermission;
import java.security.UnresolvedPermission;
import junit.framework.TestCase;
-import org.apache.river.impl.security.policy.se.ConcurrentPermissions;
/**
* Tests for <code>Permissions</code>
Copied: river/jtsk/skunk/peterConcurrentPolicy/test/src/net/jini/security/policy/ConcurrentPolicyFileTest.java (from r1153103, river/jtsk/skunk/peterConcurrentPolicy/test/src/org/apache/river/impl/security/policy/se/ConcurrentPolicyFileTest.java)
URL: http://svn.apache.org/viewvc/river/jtsk/skunk/peterConcurrentPolicy/test/src/net/jini/security/policy/ConcurrentPolicyFileTest.java?p2=river/jtsk/skunk/peterConcurrentPolicy/test/src/net/jini/security/policy/ConcurrentPolicyFileTest.java&p1=river/jtsk/skunk/peterConcurrentPolicy/test/src/org/apache/river/impl/security/policy/se/ConcurrentPolicyFileTest.java&r1=1153103&r2=1158535&rev=1158535&view=diff
==============================================================================
--- river/jtsk/skunk/peterConcurrentPolicy/test/src/org/apache/river/impl/security/policy/se/ConcurrentPolicyFileTest.java (original)
+++ river/jtsk/skunk/peterConcurrentPolicy/test/src/net/jini/security/policy/ConcurrentPolicyFileTest.java Wed Aug 17 06:18:09 2011
@@ -20,7 +20,7 @@
* @version $Revision$
*/
-package org.apache.river.impl.security.policy.se;
+package net.jini.security.policy;
import tests.support.FakePrincipal;
import java.net.URL;
@@ -39,7 +39,6 @@ import org.apache.river.impl.security.po
import junit.framework.TestCase;
import org.apache.river.api.security.PermissionGrant;
import org.apache.river.api.security.PermissionGrantBuilder;
-import org.apache.river.impl.security.policy.se.ConcurrentPolicyFile;
/**
@@ -74,10 +73,11 @@ public class ConcurrentPolicyFileTest ex
*/
public void testRefresh() {
Permission sp = new SecurityPermission("sdf");
- PermissionGrantBuilder pgb = PermissionGrantBuilder.create();
+ PermissionGrantBuilder pgb = PermissionGrantBuilder.newBuilder();
PermissionGrant[] pe = new PermissionGrant[] {
pgb.codeSource(null).principals(null)
.permissions(new Permission[] { sp })
+ .context(PermissionGrantBuilder.CODESOURCE)
.build()
};
TestParser tp = new TestParser(pe);
@@ -109,7 +109,8 @@ public class ConcurrentPolicyFileTest ex
* @throws java.lang.Exception
*/
public void testGetPermissions_CodeSource() throws Exception {
- PermissionGrantBuilder pgb = PermissionGrantBuilder.create();
+ PermissionGrantBuilder pgb = PermissionGrantBuilder.newBuilder();
+ pgb.context(PermissionGrantBuilder.CODESOURCE);
CodeSource cs = new CodeSource(null, (Certificate[])null);
CodeSource cs2 = new CodeSource(new URL("http://a.b.c"),
(Certificate[])null);
@@ -144,7 +145,8 @@ public class ConcurrentPolicyFileTest ex
* @throws java.lang.Exception
*/
public void testGetPermissions_ProtectionDomain() throws Exception {
- PermissionGrantBuilder pgb = PermissionGrantBuilder.create();
+ PermissionGrantBuilder pgb = PermissionGrantBuilder.newBuilder();
+ pgb.context(PermissionGrantBuilder.CODESOURCE);
Permission sp1 = new SecurityPermission("aaa");
Permission sp2 = new SecurityPermission("bbb");
Permission sp3 = new SecurityPermission("ccc");
Copied: river/jtsk/skunk/peterConcurrentPolicy/test/src/net/jini/security/policy/PermissionCollectionTest.java (from r1153098, river/jtsk/skunk/peterConcurrentPolicy/test/src/org/apache/river/impl/security/policy/se/PermissionCollectionTest.java)
URL: http://svn.apache.org/viewvc/river/jtsk/skunk/peterConcurrentPolicy/test/src/net/jini/security/policy/PermissionCollectionTest.java?p2=river/jtsk/skunk/peterConcurrentPolicy/test/src/net/jini/security/policy/PermissionCollectionTest.java&p1=river/jtsk/skunk/peterConcurrentPolicy/test/src/org/apache/river/impl/security/policy/se/PermissionCollectionTest.java&r1=1153098&r2=1158535&rev=1158535&view=diff
==============================================================================
--- river/jtsk/skunk/peterConcurrentPolicy/test/src/org/apache/river/impl/security/policy/se/PermissionCollectionTest.java (original)
+++ river/jtsk/skunk/peterConcurrentPolicy/test/src/net/jini/security/policy/PermissionCollectionTest.java Wed Aug 17 06:18:09 2011
@@ -15,7 +15,7 @@
* limitations under the License.
*/
-package org.apache.river.impl.security.policy.se;
+package net.jini.security.policy;
import java.io.File;
import java.io.FileOutputStream;
Added: river/jtsk/skunk/peterConcurrentPolicy/test/src/org/apache/river/api/security/CodeSourceGrantTest.java
URL: http://svn.apache.org/viewvc/river/jtsk/skunk/peterConcurrentPolicy/test/src/org/apache/river/api/security/CodeSourceGrantTest.java?rev=1158535&view=auto
==============================================================================
--- river/jtsk/skunk/peterConcurrentPolicy/test/src/org/apache/river/api/security/CodeSourceGrantTest.java (added)
+++ river/jtsk/skunk/peterConcurrentPolicy/test/src/org/apache/river/api/security/CodeSourceGrantTest.java Wed Aug 17 06:18:09 2011
@@ -0,0 +1,88 @@
+/*
+ * To change this template, choose Tools | Templates
+ * and open the template in the editor.
+ */
+package org.apache.river.api.security;
+
+import java.net.MalformedURLException;
+import java.security.cert.Certificate;
+import java.net.URL;
+import java.security.Permission;
+import java.security.ProtectionDomain;
+import net.jini.security.GrantPermission;
+import java.security.CodeSource;
+import java.security.Principal;
+import org.junit.AfterClass;
+import org.junit.Before;
+import org.junit.BeforeClass;
+import org.junit.Test;
+import static org.junit.Assert.*;
+
+/**
+ *
+ * @author peter
+ */
+public class CodeSourceGrantTest {
+
+ RuntimePermission rpD, rpA;
+// RuntimePermission rpD1 = new RuntimePermission("D1");
+// RuntimePermission rpC = new RuntimePermission("C");
+// RuntimePermission rpC1 = new RuntimePermission("C1");
+
+ String rpDS;
+
+ GrantPermission gpS;
+ GrantPermission gpP;
+ ProtectionDomain pd1;
+ CodeSourceGrant instance;
+
+ public CodeSourceGrantTest() {
+ }
+
+ @BeforeClass
+ public static void setUpClass() throws Exception {
+ }
+
+ @AfterClass
+ public static void tearDownClass() throws Exception {
+ }
+
+ @Before
+ public void setUp() throws MalformedURLException {
+ rpD = new RuntimePermission("D", "");
+ rpDS = "delim=' java.lang.RuntimePermission 'D'";
+ gpS = new GrantPermission(rpDS);
+ gpP = new GrantPermission(rpD);
+ rpA = new RuntimePermission("A");
+ Permission[] perms = { rpA, gpS };
+ instance = new CodeSourceGrant(null, null, perms, null);
+ CodeSource cs = new CodeSource(new URL("file://foo.bar"), (Certificate[]) null);
+ pd1 = new ProtectionDomain(cs, null);
+ // CodeSource cs =
+ }
+
+ /**
+ * Test of implies method, of class CodeSourceGrant.
+ */
+ @Test
+ public void testImplies() {
+ System.out.println("implies");
+ boolean expResult = true;
+ boolean result = instance.implies(pd1);
+ assertEquals(expResult, result);
+ }
+
+// /**
+// * Test of getBuilderTemplate method, of class CodeSourceGrant.
+// */
+// @Test
+// public void testGetBuilderTemplate() {
+// System.out.println("getBuilderTemplate");
+// CodeSourceGrant instance = null;
+// PermissionGrantBuilder expResult = null;
+// PermissionGrantBuilder result = instance.getBuilderTemplate();
+// assertEquals(expResult, result);
+// // TODO review the generated test code and remove the default call to fail.
+// fail("The test case is a prototype.");
+// }
+}
Propchange: river/jtsk/skunk/peterConcurrentPolicy/test/src/org/apache/river/api/security/CodeSourceGrantTest.java
------------------------------------------------------------------------------
svn:eol-style = native
Added: river/jtsk/skunk/peterConcurrentPolicy/test/src/org/apache/river/api/security/DelegateCombinerSecurityManagerTest.java
URL: http://svn.apache.org/viewvc/river/jtsk/skunk/peterConcurrentPolicy/test/src/org/apache/river/api/security/DelegateCombinerSecurityManagerTest.java?rev=1158535&view=auto
==============================================================================
--- river/jtsk/skunk/peterConcurrentPolicy/test/src/org/apache/river/api/security/DelegateCombinerSecurityManagerTest.java (added)
+++ river/jtsk/skunk/peterConcurrentPolicy/test/src/org/apache/river/api/security/DelegateCombinerSecurityManagerTest.java Wed Aug 17 06:18:09 2011
@@ -0,0 +1,162 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package org.apache.river.api.security;
+
+import java.security.Permissions;
+import java.net.MalformedURLException;
+import java.net.URL;
+import java.security.cert.Certificate;
+import java.security.CodeSource;
+import java.security.AllPermission;
+import java.util.PropertyPermission;
+import org.apache.river.api.delegates.DelegatePermission;
+import java.security.AccessControlContext;
+import java.net.SocketPermission;
+import java.security.ProtectionDomain;
+import java.security.Permission;
+import org.junit.AfterClass;
+import org.junit.Before;
+import org.junit.BeforeClass;
+import org.junit.Test;
+import static org.junit.Assert.*;
+
+/**
+ *
+ * @author peter
+ */
+public class DelegateCombinerSecurityManagerTest {
+
+ public DelegateCombinerSecurityManagerTest() {
+ }
+
+ private ProtectionDomain[] context;
+ private AccessControlContext acc;
+ Permission p1, p2, p3, p4, p5, p6, p7, p8;
+ SecurityManager sm;
+
+ @BeforeClass
+ public static void setUpClass() throws Exception {
+ }
+
+ @AfterClass
+ public static void tearDownClass() throws Exception {
+ }
+
+ @Before
+ public void setUp() {
+ try {
+ sm = new DelegateCombinerSecurityManager();
+ CodeSource cs0, cs10, cs11, cs12;
+ p1 = new SocketPermission("river.apache.org:80", "connect,accept");
+ p2 = DelegatePermission.get(p1);
+ p3 = new RuntimePermission("readFileDescriptor");
+ p4 = DelegatePermission.get(p3);
+ p5 = new PropertyPermission("java.home", "read,write");
+ p6 = new PropertyPermission("java.home", "read");
+ p7 = DelegatePermission.get(p6);
+ p8 = new AllPermission();
+ cs0 = new CodeSource(null, (Certificate[]) null);
+ cs10 = new CodeSource(new URL("file:/foo.bar"), (Certificate[]) null);
+ cs11 = new CodeSource(new URL("file:/foo.too"), (Certificate[]) null);
+ cs12 = new CodeSource(new URL("file:/too.foo"), (Certificate[]) null);
+ Permissions pc1, pc2, pc3, pc4;
+ pc1 = new Permissions();
+ pc1.add(p1);
+ pc1.add(p3);
+ pc1.add(p5);
+ pc2 = new Permissions();
+ pc2.add(p2);
+ pc2.add(p4);
+ pc2.add(p7);
+ pc3 = new Permissions();
+ pc3.add(p2);
+ pc3.add(p4);
+ pc3.add(p7);
+ pc4 = new Permissions();
+ pc4.add(p8);
+ ProtectionDomain pd1, pd2, pd3, pd4;
+ pd1 = new ProtectionDomain(cs0, pc4);
+ pd2 = new ProtectionDomain(cs10,pc3);
+ pd3 = new ProtectionDomain(cs11,pc2);
+ pd4 = new ProtectionDomain(cs12,pc1);
+ context = new ProtectionDomain[]{pd1, pd2, pd3, pd4};
+ acc = new AccessControlContext(context);
+ } catch (MalformedURLException ex) {
+ ex.printStackTrace(System.out);
+ }
+ }
+
+ /**
+ * Test of checkPermission method, of class DelegateCombinerSecurityManager.
+ */
+ @Test
+ public void testCheckPermission1() {
+ System.out.println("checkPermission1");
+ Boolean result = Boolean.FALSE;
+ Boolean expectedResult = Boolean.FALSE;
+ try {
+ sm.checkPermission(p1, acc);
+ result = Boolean.TRUE;
+ } catch (SecurityException e){
+ result = Boolean.FALSE;
+ }
+ assertEquals(expectedResult,result);
+ }
+
+ @Test
+ public void testCheckPermission2() {
+ System.out.println("checkPermission2");
+ Boolean result = Boolean.FALSE;
+ Boolean expectedResult = Boolean.TRUE;
+ try {
+ sm.checkPermission(p2, acc);
+ result = Boolean.TRUE;
+ } catch (Exception e){
+ e.printStackTrace(System.out);
+ result = Boolean.FALSE;
+ }
+ assertEquals(expectedResult,result);
+ }
+ /**
+ * Test of checkPermission method, of class DelegateCombinerSecurityManager.
+ */
+// @Test
+// public void testCheckPermission_Permission_Object() {
+// System.out.println("checkPermission");
+// Permission perm = null;
+// Object context = null;
+// DelegateCombinerSecurityManager instance = new DelegateCombinerSecurityManager();
+// instance.checkPermission(perm, context);
+// // TODO review the generated test code and remove the default call to fail.
+// fail("The test case is a prototype.");
+// }
+//
+// /**
+// * Test of clearFromCache method, of class DelegateCombinerSecurityManager.
+// */
+// @Test
+// public void testClearFromCache() {
+// System.out.println("clearFromCache");
+// Set<Permission> perms = null;
+// DelegateCombinerSecurityManager instance = new DelegateCombinerSecurityManager();
+// instance.clearFromCache(perms);
+// // TODO review the generated test code and remove the default call to fail.
+// fail("The test case is a prototype.");
+// }
+}
Propchange: river/jtsk/skunk/peterConcurrentPolicy/test/src/org/apache/river/api/security/DelegateCombinerSecurityManagerTest.java
------------------------------------------------------------------------------
svn:eol-style = native
Modified: river/jtsk/skunk/peterConcurrentPolicy/test/src/org/apache/river/api/security/PermissionGrantTest.java
URL: http://svn.apache.org/viewvc/river/jtsk/skunk/peterConcurrentPolicy/test/src/org/apache/river/api/security/PermissionGrantTest.java?rev=1158535&r1=1158534&r2=1158535&view=diff
==============================================================================
--- river/jtsk/skunk/peterConcurrentPolicy/test/src/org/apache/river/api/security/PermissionGrantTest.java (original)
+++ river/jtsk/skunk/peterConcurrentPolicy/test/src/org/apache/river/api/security/PermissionGrantTest.java Wed Aug 17 06:18:09 2011
@@ -60,7 +60,7 @@ public class PermissionGrantTest {
} catch ( CertificateException e) {
cf = null;
}
- pgb = PermissionGrantBuilder.create();
+ pgb = PermissionGrantBuilder.newBuilder();
cs0 = new CodeSource(null, (Certificate[]) null);
cs10 = new CodeSource(new URL("file:"), (Certificate[]) null);
cs11 = new CodeSource(new URL("file:/"), (Certificate[]) null);
@@ -77,7 +77,11 @@ public class PermissionGrantTest {
cs32 = new CodeSource(new URL("file://-"), (Certificate[]) null);
cs33 = new CodeSource(new URL("file:///-"), (Certificate[]) null);
- pe0 = pgb.codeSource(null).principals(null).permissions(null).build();
+ pe0 = pgb.codeSource(null)
+ .principals(null)
+ .permissions(null)
+ .context(PermissionGrantBuilder.CODESOURCE)
+ .build();
pe10 = pgb.codeSource(cs10).build();
pe11 = pgb.codeSource(cs11).build();
Modified: river/jtsk/skunk/peterConcurrentPolicy/test/src/org/apache/river/api/security/PrincipalGrantTest.java
URL: http://svn.apache.org/viewvc/river/jtsk/skunk/peterConcurrentPolicy/test/src/org/apache/river/api/security/PrincipalGrantTest.java?rev=1158535&r1=1158534&r2=1158535&view=diff
==============================================================================
--- river/jtsk/skunk/peterConcurrentPolicy/test/src/org/apache/river/api/security/PrincipalGrantTest.java (original)
+++ river/jtsk/skunk/peterConcurrentPolicy/test/src/org/apache/river/api/security/PrincipalGrantTest.java Wed Aug 17 06:18:09 2011
@@ -78,11 +78,11 @@ public class PrincipalGrantTest {
@Test
public void testEquals() {
System.out.println("equals");
- Object o = PermissionGrantBuilder.create()
- .principals(pals)
- .permissions(perms)
- .context(PermissionGrantBuilder.PRINCIPAL)
- .build();
+ PermissionGrant o = PermissionGrantBuilder.newBuilder()
+ .principals(pals)
+ .permissions(perms)
+ .context(PermissionGrantBuilder.PRINCIPAL)
+ .build();
Object o2 = new Object();
boolean result = instance.equals(o);
assertEquals(true, result);
Modified: river/jtsk/skunk/peterConcurrentPolicy/test/src/org/apache/river/impl/security/policy/util/PolicyEntryTest.java
URL: http://svn.apache.org/viewvc/river/jtsk/skunk/peterConcurrentPolicy/test/src/org/apache/river/impl/security/policy/util/PolicyEntryTest.java?rev=1158535&r1=1158534&r2=1158535&view=diff
==============================================================================
--- river/jtsk/skunk/peterConcurrentPolicy/test/src/org/apache/river/impl/security/policy/util/PolicyEntryTest.java (original)
+++ river/jtsk/skunk/peterConcurrentPolicy/test/src/org/apache/river/impl/security/policy/util/PolicyEntryTest.java Wed Aug 17 06:18:09 2011
@@ -51,27 +51,31 @@ public class PolicyEntryTest extends Tes
* Tests constructor and accessors of PolicyEntry
*/
public void testCtor() {
- PermissionGrantBuilder pgb = PermissionGrantBuilder.create();
+ PermissionGrantBuilder pgb = PermissionGrantBuilder.newBuilder();
PermissionGrant pe = pgb.build(); //everything set to null
// PolicyEntry pe =
// new PolicyEntry((CodeSource) null, (Collection<Principal>) null,
// (Collection<Permission>)null);
assertTrue(pe.isVoid(null));
- assertTrue(pe.getPermissions().size() == 0);
+ assertTrue(pe.getPermissions().isEmpty());
// pe = new PolicyEntry(new CodeSource(null, (Certificate[])null),
// new ArrayList<Principal>(), new ArrayList<Permission>());
pe = pgb.codeSource(new CodeSource(null, (Certificate[])null))
.principals(new Principal[0])
.permissions(new Permission[0])
+ .context(PermissionGrantBuilder.CODESOURCE)
.build();
assertTrue(pe.isVoid(null));
- assertTrue(pe.getPermissions().size() == 0);
+ assertTrue(pe.getPermissions().isEmpty());
Permission[] perms = new Permission[] {
new SecurityPermission("dsfg"), new AllPermission() };
//pe = new PolicyEntry((CodeSource) null, (Collection<Principal>) null, perms);
- pe = pgb.codeSource(null).principals(null).permissions(perms).build();
+ pe = pgb.codeSource(null)
+ .principals(null)
+ .permissions(perms)
+ .build();
assertFalse(pe.isVoid(null));
assertTrue(Arrays.asList(perms).containsAll(pe.getPermissions()));
}
@@ -81,8 +85,8 @@ public class PolicyEntryTest extends Tes
* otherwise tested set must contain all Principals of PolicyEntry.
*/
public void testImpliesPrincipals() {
- PermissionGrantBuilder pgb = PermissionGrantBuilder.create();
- PermissionGrant pe = pgb.build(); // Everything set to null;
+ PermissionGrantBuilder pgb = PermissionGrantBuilder.newBuilder();
+ PermissionGrant pe = pgb.context(PermissionGrantBuilder.CODESOURCE).build(); // Everything set to null;
// PolicyEntry pe =
// new PolicyEntry((CodeSource) null, (Collection<Principal>) null,