You are viewing a plain text version of this content. The canonical link for it is here.
Posted to axis-cvs@ws.apache.org by sc...@apache.org on 2006/09/20 02:58:11 UTC
svn commit: r448021 - in /webservices/axis2/trunk/java: etc/ modules/kernel/
modules/kernel/src/org/apache/axis2/java/
modules/kernel/src/org/apache/axis2/java/security/
modules/kernel/test-resources/java2sec/
modules/kernel/test-resources/java2sec/pol...
Author: scheu
Date: Tue Sep 19 17:58:10 2006
New Revision: 448021
URL: http://svn.apache.org/viewvc?view=rev&rev=448021
Log:
AXIS2-1110
Summary: A Java2Security AccessController to speed performance plus a number of deep tests for Java 2 Security
Contributor: Ming Cheung
Added:
webservices/axis2/trunk/java/modules/kernel/src/org/apache/axis2/java/
webservices/axis2/trunk/java/modules/kernel/src/org/apache/axis2/java/security/
webservices/axis2/trunk/java/modules/kernel/src/org/apache/axis2/java/security/AccessController.java
webservices/axis2/trunk/java/modules/kernel/test-resources/java2sec/
webservices/axis2/trunk/java/modules/kernel/test-resources/java2sec/policy/
webservices/axis2/trunk/java/modules/kernel/test-resources/java2sec/policy/java2sectest.policy
webservices/axis2/trunk/java/modules/kernel/test-resources/java2sec/private/
webservices/axis2/trunk/java/modules/kernel/test-resources/java2sec/private/private.txt
webservices/axis2/trunk/java/modules/kernel/test-resources/java2sec/public/
webservices/axis2/trunk/java/modules/kernel/test-resources/java2sec/public/public.txt
webservices/axis2/trunk/java/modules/kernel/test/org/apache/axis2/java/
webservices/axis2/trunk/java/modules/kernel/test/org/apache/axis2/java/security/
webservices/axis2/trunk/java/modules/kernel/test/org/apache/axis2/java/security/action/
webservices/axis2/trunk/java/modules/kernel/test/org/apache/axis2/java/security/action/Action.java
webservices/axis2/trunk/java/modules/kernel/test/org/apache/axis2/java/security/driver/
webservices/axis2/trunk/java/modules/kernel/test/org/apache/axis2/java/security/driver/Java2SecTest.java
webservices/axis2/trunk/java/modules/kernel/test/org/apache/axis2/java/security/interf/
webservices/axis2/trunk/java/modules/kernel/test/org/apache/axis2/java/security/interf/Actor.java
webservices/axis2/trunk/java/modules/kernel/test/org/apache/axis2/java/security/less/
webservices/axis2/trunk/java/modules/kernel/test/org/apache/axis2/java/security/less/LessPermission.java
webservices/axis2/trunk/java/modules/kernel/test/org/apache/axis2/java/security/less/LessPermissionAccessControlContext.java
webservices/axis2/trunk/java/modules/kernel/test/org/apache/axis2/java/security/less/LessPermissionPrivilegedExceptionAction.java
webservices/axis2/trunk/java/modules/kernel/test/org/apache/axis2/java/security/more/
webservices/axis2/trunk/java/modules/kernel/test/org/apache/axis2/java/security/more/MorePermission.java
webservices/axis2/trunk/java/modules/kernel/test/org/apache/axis2/java/security/more/MorePermissionAccessControlContext.java
webservices/axis2/trunk/java/modules/kernel/test/org/apache/axis2/java/security/more/MorePermissionPrivilegedExceptionAction.java
Modified:
webservices/axis2/trunk/java/etc/project.properties
webservices/axis2/trunk/java/modules/kernel/maven.xml
webservices/axis2/trunk/java/modules/kernel/project.properties
webservices/axis2/trunk/java/modules/kernel/project.xml
Modified: webservices/axis2/trunk/java/etc/project.properties
URL: http://svn.apache.org/viewvc/webservices/axis2/trunk/java/etc/project.properties?view=diff&rev=448021&r1=448020&r2=448021
==============================================================================
--- webservices/axis2/trunk/java/etc/project.properties (original)
+++ webservices/axis2/trunk/java/etc/project.properties Tue Sep 19 17:58:10 2006
@@ -111,6 +111,7 @@
jibx.version=SNAPSHOT
junit.version=3.8.2
maven.itest.plugin.version=1.0
+maven.test.plugin.version=1.8
opensaml.version=1.1
neethi.version=SNAPSHOT
servletapi.version=2.3
Modified: webservices/axis2/trunk/java/modules/kernel/maven.xml
URL: http://svn.apache.org/viewvc/webservices/axis2/trunk/java/modules/kernel/maven.xml?view=diff&rev=448021&r1=448020&r2=448021
==============================================================================
--- webservices/axis2/trunk/java/modules/kernel/maven.xml (original)
+++ webservices/axis2/trunk/java/modules/kernel/maven.xml Tue Sep 19 17:58:10 2006
@@ -8,6 +8,12 @@
xmlns:maven="jelly:maven"
xmlns:deploy="deploy"
xmlns:ant="jelly:ant">
+
+ <goal name="java2sec:copy">
+ <mkdir dir="${basedir}/test-resources/java2sec/test/classes"/>
+ <copy toFile="${basedir}/test-resources/java2sec/test/classes/org/apache/axis2/java/security/less/LessPermission.class" file="${basedir}/target/test-classes/org/apache/axis2/java/security/less/LessPermission.class"/>
+ </goal>
+
<postGoal name="test:compile">
<j:if test="${context.getVariable('maven.test.skip') != 'true'}">
<j:jelly xmlns="jelly:ant">
@@ -20,6 +26,31 @@
</j:jelly>
<ant:copy file="${basedir}/test-resources/deployment/axis2.xml" tofile="${basedir}/target/test-resources/deployment/axis2.xml"/>
</j:if>
+ <mkdir dir="${basedir}/target/test-resources/Java2Sec/more"/>
+ <mkdir dir="${basedir}/target/test-resources/Java2Sec/less"/>
+
+ <ant:jar destfile="${maven.build.dir}/test-resources/Java2Sec/more/MorePermission.jar" update="true">
+ <fileset dir="target/test-classes">
+ <include name="org/apache/axis2/java/security/driver/*"/>
+ <include name="org/apache/axis2/java/security/action/*"/>
+ <include name="org/apache/axis2/java/security/interf/*"/>
+ <include name="org/apache/axis2/java/security/more/*"/>
+ </fileset>
+ </ant:jar>
+
+ <ant:delete dir="${basedir}/target/test-classes/org/apache/axis2/java/security/dirver" />
+ <ant:delete dir="${basedir}/target/test-classes/org/apache/axis2/java/security/more" />
+ <ant:delete dir="${basedir}/target/test-classes/org/apache/axis2/java/security/action" />
+ <ant:delete dir="${basedir}/target/test-classes/org/apache/axis2/java/security/interf" />
+
+ <ant:jar destfile="${maven.build.dir}/test-resources/Java2Sec/less/LessPermission.jar" update="true">
+ <fileset dir="target/test-classes">
+ <include name="org/apache/axis2/java/security/less/*"/>
+ </fileset>
+ </ant:jar>
+
+ <ant:delete dir="${basedir}/target/test-classes/org/apache/axis2/java/security/less" />
+
</postGoal>
<preGoal name="itest:compile">
<u:file var="file" name="${maven.itest.src}"/>
Modified: webservices/axis2/trunk/java/modules/kernel/project.properties
URL: http://svn.apache.org/viewvc/webservices/axis2/trunk/java/modules/kernel/project.properties?view=diff&rev=448021&r1=448020&r2=448021
==============================================================================
--- webservices/axis2/trunk/java/modules/kernel/project.properties (original)
+++ webservices/axis2/trunk/java/modules/kernel/project.properties Tue Sep 19 17:58:10 2006
@@ -15,3 +15,16 @@
# -------------------------------------------------------------------
maven.multiproject.type=jar
+
+# These properties are used by Java 2 Security testcase
+maven.test.classpath=${maven.build.dir}/test-resources/java2sec/less/LessPermission.jar;${maven.build.dir}/test-resources/Java2Sec/more/MorePermission.jar
+maven.junit.jvmargs=-Djava.security.policy=${base_dir}/test-resources/java2sec/policy/java2sectest.policy
+maven.junit.sysproperties=maven_home_dir base_dir maven_build_dir maven_repo_local maven_installed_root maven_test_dest
+maven_installed_root=${maven.home}
+base_dir=${basedir}
+maven_build_dir=${maven.build.dir}
+maven_test_dest=${maven.test.dest}
+maven_repo_local=${maven.repo.local}
+
+# This is the remote repositories for downloading more recent plugins, ibiblio.org is the default site
+maven.repo.remote=http://cvs.apache.org/repository/, http://www.ibiblio.org/maven/
Modified: webservices/axis2/trunk/java/modules/kernel/project.xml
URL: http://svn.apache.org/viewvc/webservices/axis2/trunk/java/modules/kernel/project.xml?view=diff&rev=448021&r1=448020&r2=448021
==============================================================================
--- webservices/axis2/trunk/java/modules/kernel/project.xml (original)
+++ webservices/axis2/trunk/java/modules/kernel/project.xml Tue Sep 19 17:58:10 2006
@@ -45,6 +45,13 @@
<!-- external JARs -->
<dependency>
+ <groupId>maven</groupId>
+ <artifactId>maven-test-plugin</artifactId>
+ <type>plugin</type>
+ <version>${maven.test.plugin.version}</version>
+ </dependency>
+
+ <dependency>
<groupId>commons-logging</groupId>
<artifactId>commons-logging</artifactId>
<version>${commons.logging.version}</version>
Added: webservices/axis2/trunk/java/modules/kernel/src/org/apache/axis2/java/security/AccessController.java
URL: http://svn.apache.org/viewvc/webservices/axis2/trunk/java/modules/kernel/src/org/apache/axis2/java/security/AccessController.java?view=auto&rev=448021
==============================================================================
--- webservices/axis2/trunk/java/modules/kernel/src/org/apache/axis2/java/security/AccessController.java (added)
+++ webservices/axis2/trunk/java/modules/kernel/src/org/apache/axis2/java/security/AccessController.java Tue Sep 19 17:58:10 2006
@@ -0,0 +1,215 @@
+/*
+ * Copyright 2004,2005 The Apache Software Foundation.
+ * Copyright 2006 International Business Machines Corp.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package org.apache.axis2.java.security;
+
+import java.lang.SecurityManager;
+import java.security.AccessControlContext;
+import java.security.AccessControlException;
+import java.security.Permission;
+import java.security.PrivilegedAction;
+import java.security.PrivilegedActionException;
+import java.security.PrivilegedExceptionAction;
+
+/**
+ * This utility wrapper class is created to support AXIS2 runs
+ * inside of Java 2 Security environment. Due to the access control
+ * checking algorithm, for Java 2 Security to function properly,
+ * <code>doPrivileged()</code>
+ * is required in cases where there is application code on the stack frame
+ * accessing the system resources (ie, read/write files, opening ports, and etc).
+ * This class also improve performance no matther Security Manager is being enabled
+ * or not.
+ *
+ * Note: This utility should be used properly, otherwise might introduce
+ * security holes.
+ *
+ * Usage Example:
+ * <code>
+ * public void changePassword() {
+ * ...
+ * AccessController.doPrivileged(new PrivilegedAction() {
+ * public Object run() {
+ * f = Util.openPasswordFile();
+ * ...
+ *
+ * }
+ * });
+ * ...
+ * }
+ * </code>
+ */
+
+
+public class AccessController {
+
+ /**
+ * Performs the specified <code>PrivilegedAction</code> with privileges
+ * enabled if a security manager is present.
+ * <p>
+ * If the action's <code>run</code> method throws an (unchecked) exception,
+ * it will propagate through this method.
+ *
+ * @param action the action to be performed.
+ * @return the value returned by the action's <code>run</code> method.
+ * @see #doPrivileged(PrivilegedAction,AccessControlContext)
+ * @see #doPrivileged(PrivilegedExceptionAction)
+ */
+ public static Object doPrivileged(PrivilegedAction action) {
+ SecurityManager sm = System.getSecurityManager();
+ if (sm == null) {
+ return(action.run());
+ } else {
+ return java.security.AccessController.doPrivileged(action);
+ }
+ }
+
+
+ /**
+ * Performs the specified <code>PrivilegedAction</code> with privileges
+ * enabled and restricted by the specified <code>AccessControlContext</code>.
+ * The action is performed with the intersection of the permissions
+ * possessed by the caller's protection domain, and those possessed
+ * by the domains represented by the specified
+ * <code>AccessControlContext</code> if a security manager is present.
+ * <p>
+ *
+ * If the action's <code>run</code> method throws an (unchecked) exception,
+ * it will propagate through this method.
+ *
+ * @param action the action to be performed.
+ * @param context an <i>access control context</i> representing the
+ * restriction to be applied to the caller's domain's
+ * privileges before performing the specified action.
+ * @return the value returned by the action's <code>run</code> method.
+ * @see #doPrivileged(PrivilegedAction)
+ * @see #doPrivileged(PrivilegedExceptionAction,AccessControlContext)
+ */
+ public static Object doPrivileged(PrivilegedAction action, AccessControlContext context) {
+ SecurityManager sm = System.getSecurityManager();
+ if (sm == null) {
+ return action.run();
+ } else {
+ return java.security.AccessController.doPrivileged(action, context);
+ }
+ }
+
+ /**
+ * Performs the specified <code>PrivilegedExceptionAction</code> with
+ * privileges enabled. The action is performed with <i>all</i> of the
+ * permissions possessed by the caller's protection domain.
+ * <p>
+ * If the action's <code>run</code> method throws an <i>unchecked</i>
+ * exception, it will propagate through this method.
+ *
+ * @param action the action to be performed.
+ * @return the value returned by the action's <code>run</code> method.
+ * @throws PrivilgedActionException the specified action's
+ * <code>run</code> method threw a <i>checked</i> exception.
+ * @see #doPrivileged(PrivilegedExceptionAction,AccessControlContext)
+ * @see #doPrivileged(PrivilegedAction)
+ */
+ public static Object doPrivileged(PrivilegedExceptionAction action) throws PrivilegedActionException {
+ SecurityManager sm = System.getSecurityManager();
+ if (sm == null) {
+ try {
+ return action.run();
+ } catch (java.lang.RuntimeException e) {
+ throw e;
+ } catch (Exception e) {
+ throw new PrivilegedActionException(e);
+ }
+ } else {
+ return java.security.AccessController.doPrivileged(action);
+ }
+ }
+
+
+ /**
+ * Performs the specified <code>PrivilegedExceptionAction</code> with
+ * privileges enabled and restricted by the specified
+ * <code>AccessControlContext</code>. The action is performed with the
+ * intersection of the the permissions possessed by the caller's
+ * protection domain, and those possessed by the domains represented by the
+ * specified <code>AccessControlContext</code>.
+ * <p>
+ * If the action's <code>run</code> method throws an <i>unchecked</i>
+ * exception, it will propagate through this method.
+ *
+ * @param action the action to be performed.
+ * @param context an <i>access control context</i> representing the
+ * restriction to be applied to the caller's domain's
+ * privileges before performing the specified action.
+ * @return the value returned by the action's <code>run</code> method.
+ * @throws PrivilegedActionException the specified action's
+ * <code>run</code> method
+ * threw a <i>checked</i> exception.
+ * @see #doPrivileged(PrivilegedAction)
+ * @see #doPrivileged(PrivilegedExceptionAction,AccessControlContext)
+ */
+ public static Object doPrivileged(PrivilegedExceptionAction action, AccessControlContext context)
+ throws PrivilegedActionException {
+
+ SecurityManager sm = System.getSecurityManager();
+ if (sm == null) {
+ try {
+ return action.run();
+ } catch (java.lang.RuntimeException e) {
+ throw e;
+ } catch (Exception e) {
+ throw new PrivilegedActionException(e);
+ }
+ } else {
+ return java.security.AccessController.doPrivileged(action, context);
+ }
+ }
+
+ /**
+ * This method takes a "snapshot" of the current calling context, which
+ * includes the current Thread's inherited AccessControlContext,
+ * and places it in an AccessControlContext object. This context may then
+ * be checked at a later point, possibly in another thread.
+ *
+ * @see AccessControlContext
+ *
+ * @return the AccessControlContext based on the current context.
+ */
+ public static AccessControlContext getContext() {
+ return java.security.AccessController.getContext();
+ }
+
+ /**
+ * Determines whether the access request indicated by the
+ * specified permission should be allowed or denied, based on
+ * the security policy currently in effect.
+ * This method quietly returns if the access request
+ * is permitted, or throws a suitable AccessControlException otherwise.
+ *
+ * @param perm the requested permission.
+ *
+ * @exception AccessControlException if the specified permission
+ * is not permitted, based on the current security policy.
+ */
+ public static void checkPermission(Permission perm) throws AccessControlException {
+ java.security.AccessController.checkPermission(perm);
+ }
+
+ /**
+ * No instantiation allowed
+ */
+ private AccessController() {}
+}
Added: webservices/axis2/trunk/java/modules/kernel/test-resources/java2sec/policy/java2sectest.policy
URL: http://svn.apache.org/viewvc/webservices/axis2/trunk/java/modules/kernel/test-resources/java2sec/policy/java2sectest.policy?view=auto&rev=448021
==============================================================================
--- webservices/axis2/trunk/java/modules/kernel/test-resources/java2sec/policy/java2sectest.policy (added)
+++ webservices/axis2/trunk/java/modules/kernel/test-resources/java2sec/policy/java2sectest.policy Tue Sep 19 17:58:10 2006
@@ -0,0 +1,61 @@
+grant {
+ permission java.util.PropertyPermission "basedir", "read";
+ permission java.util.PropertyPermission "maven.build.dir", "read";
+ permission java.lang.RuntimePermission "accessDeclaredMembers";
+ permission java.lang.RuntimePermission "exitVM";
+ permission java.lang.RuntimePermission "getProtectionDomain";
+ permission java.lang.RuntimePermission "modifyThreadGroup";
+ permission java.lang.RuntimePermission "setContextClassLoader";
+ permission java.lang.RuntimePermission "setIO";
+ permission java.lang.RuntimePermission "setSecurityManager";
+
+ permission java.io.FilePermission "${maven_build_dir}/classes/", "read";
+ permission java.io.FilePermission "${maven_build_dir}/classes/org/apache/axis2/java/security/AccessController.class", "read";
+ permission java.io.FilePermission "${maven_build_dir}/classes/org/apache/xerces/dom/CharacterDataImpl$1.class", "read";
+
+ permission java.io.FilePermission "${maven_build_dir}/test-classes/", "read";
+ permission java.io.FilePermission "${maven_build_dir}/test-classes/org/apache/axis2/java/security/AccessController.class", "read";
+ permission java.io.FilePermission "${maven_build_dir}/test-classes/org/apache/xerces/dom/CDATASectionImpl.class", "read";
+ permission java.io.FilePermission "${maven_build_dir}/test-classes/org/apache/xerces/dom/CharacterDataImpl$1.class", "read";
+
+
+ permission java.io.FilePermission "${base_dir}/test-resources/java2sec/less/LessPermission.jar", "read";
+ permission java.io.FilePermission "${base_dir}/test-resources/java2sec/more/MorePermission.jar", "read";
+
+ permission java.io.FilePermission "${maven_repo_local}/-", "read";
+ permission java.io.FilePermission "${maven_installed_root}/lib/-", "read";
+
+ permission java.util.PropertyPermission "maven_build_dir", "read";
+ permission java.util.PropertyPermission "maven_test_dest", "read";
+
+
+};
+
+
+grant codeBase "file:/${maven_build_dir}/test-resources/java2sec/more/MorePermission.jar" {
+ permission java.io.FilePermission "${base_dir}/test-resources/java2sec/private/private.txt", "read";
+ permission java.io.FilePermission "${base_dir}/test-resources/java2sec/public/public.txt", "read";
+};
+
+grant codeBase "file:/${maven_build_dir}/test-resources/java2sec/less/LessPermission.jar" {
+ permission java.io.FilePermission "${base_dir}/test-resources/java2sec/public/public.txt", "read";
+};
+
+
+grant codeBase "file:/${maven_installed_root}/lib/-" {
+ permission java.io.FilePermission "${base_dir}/test-resources/java2sec/public/public.txt", "read";
+ permission java.io.FilePermission "${base_dir}/test-resources/java2sec/private/private.txt", "read";
+};
+
+grant codeBase "file:/${maven_build_dir}/test-classes/" {
+ permission java.io.FilePermission "${base_dir}/test-resources/java2sec/public/public.txt", "read";
+};
+
+grant codeBase "file:/${maven_build_dir}/classes/" {
+ permission java.io.FilePermission "${base_dir}/test-resources/java2sec/public/public.txt", "read";
+ permission java.io.FilePermission "${base_dir}/test-resources/java2sec/private/private.txt", "read";
+};
+
+grant codeBase "file:/${maven_repo_local}/-" {
+ permission java.io.FilePermission "${base_dir}/test-resources/java2sec/public/public.txt", "read";
+};
Added: webservices/axis2/trunk/java/modules/kernel/test-resources/java2sec/private/private.txt
URL: http://svn.apache.org/viewvc/webservices/axis2/trunk/java/modules/kernel/test-resources/java2sec/private/private.txt?view=auto&rev=448021
==============================================================================
--- webservices/axis2/trunk/java/modules/kernel/test-resources/java2sec/private/private.txt (added)
+++ webservices/axis2/trunk/java/modules/kernel/test-resources/java2sec/private/private.txt Tue Sep 19 17:58:10 2006
@@ -0,0 +1 @@
+This line is from private.txt.
Added: webservices/axis2/trunk/java/modules/kernel/test-resources/java2sec/public/public.txt
URL: http://svn.apache.org/viewvc/webservices/axis2/trunk/java/modules/kernel/test-resources/java2sec/public/public.txt?view=auto&rev=448021
==============================================================================
--- webservices/axis2/trunk/java/modules/kernel/test-resources/java2sec/public/public.txt (added)
+++ webservices/axis2/trunk/java/modules/kernel/test-resources/java2sec/public/public.txt Tue Sep 19 17:58:10 2006
@@ -0,0 +1 @@
+This line is from public.txt.
Added: webservices/axis2/trunk/java/modules/kernel/test/org/apache/axis2/java/security/action/Action.java
URL: http://svn.apache.org/viewvc/webservices/axis2/trunk/java/modules/kernel/test/org/apache/axis2/java/security/action/Action.java?view=auto&rev=448021
==============================================================================
--- webservices/axis2/trunk/java/modules/kernel/test/org/apache/axis2/java/security/action/Action.java (added)
+++ webservices/axis2/trunk/java/modules/kernel/test/org/apache/axis2/java/security/action/Action.java Tue Sep 19 17:58:10 2006
@@ -0,0 +1,97 @@
+/*
+ * Copyright 2006 International Business Machines Corp.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ *
+ */
+
+package org.apache.axis2.java.security.action;
+
+import org.apache.axis2.java.security.interf.Actor;
+import org.apache.axis2.java.security.driver.Java2SecTest;
+
+import java.io.CharArrayWriter;
+import java.io.FileReader;
+import java.io.IOException;
+
+
+
+/**
+ * Action reads the data from an input file
+ * and then saves the file input to Java2SecTest class
+ */
+
+public class Action implements Actor {
+
+ private String fileName;
+ private FileReader fileReader;
+
+ // Constructor
+ public Action(String fileName) {
+ this.fileName = fileName;
+ }
+
+ // Implementing Actor's takeAction method
+ public void takeAction () {
+ try {
+ // Print out maven's base,build, and test direcotories
+ String baseDir = System.getProperty("basedir");
+ System.out.println("basedir => " + baseDir);
+
+ String buildDir = System.getProperty("maven_build_dir");
+ System.out.println("buildDir => " + buildDir);
+
+ String testDir = System.getProperty("maven_test_dest");
+ System.out.println("testDir => " + testDir);
+
+ // Convert the \ (back slash) to / (forward slash)
+ String baseDirM = baseDir.replace('\\', '/');
+ System.out.println("baseDirM => "+ baseDirM);
+
+ String fs = "/";
+
+ // Build the file URL
+ String fileURL=baseDirM+fs+"test-resources"+fs+"java2sec"+fs+fileName;
+ System.out.println("File URL => " + fileURL);
+
+ if (fileName != null)
+ fileReader = new FileReader(fileURL);
+ else
+ fileReader = new FileReader("public.txt");
+
+ try {
+ CharArrayWriter caw = new CharArrayWriter();
+ int c;
+ while ((c = fileReader.read()) != -1) {
+ caw.write(c);
+ }
+ // Set/save the file input as test result onto Java2SecTest
+ Java2SecTest.testResult = caw.toString();
+ }
+ catch (IOException e) {
+ e.printStackTrace(System.out);
+ }
+ finally {
+ try {
+ fileReader.close();
+ }
+ catch (IOException e) {
+ e.printStackTrace(System.out);
+ }
+ }
+ }
+ catch (IOException e) {
+ e.printStackTrace(System.out);
+ }
+ }
+}
Added: webservices/axis2/trunk/java/modules/kernel/test/org/apache/axis2/java/security/driver/Java2SecTest.java
URL: http://svn.apache.org/viewvc/webservices/axis2/trunk/java/modules/kernel/test/org/apache/axis2/java/security/driver/Java2SecTest.java?view=auto&rev=448021
==============================================================================
--- webservices/axis2/trunk/java/modules/kernel/test/org/apache/axis2/java/security/driver/Java2SecTest.java (added)
+++ webservices/axis2/trunk/java/modules/kernel/test/org/apache/axis2/java/security/driver/Java2SecTest.java Tue Sep 19 17:58:10 2006
@@ -0,0 +1,536 @@
+/*
+ * Copyright 2006 International Business Machines Corp.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package org.apache.axis2.java.security.driver;
+
+import org.apache.axis2.java.security.action.Action;
+import org.apache.axis2.java.security.less.LessPermission;
+import org.apache.axis2.java.security.more.MorePermission;
+import org.apache.axis2.java.security.less.LessPermissionPrivilegedExceptionAction;
+import org.apache.axis2.java.security.more.MorePermissionPrivilegedExceptionAction;
+import org.apache.axis2.java.security.less.LessPermissionAccessControlContext;
+import org.apache.axis2.java.security.more.MorePermissionAccessControlContext;
+import org.apache.axis2.java.security.AccessController;
+
+import junit.framework.TestCase;
+import junit.framework.Test;
+import junit.framework.TestCase;
+import junit.framework.TestSuite;
+import junit.textui.TestRunner;
+
+import java.util.Calendar;
+import java.util.TimeZone;
+import java.security.AccessControlException;
+import java.security.Permission;
+import java.security.PrivilegedActionException;
+import java.security.PrivilegedExceptionAction;
+
+/**
+ * Java2SecTest demostrates the usages of AccessController class and Policy file(s) while Security Manager is enabled:
+ * 1. testNoPrivilegePassed shows the usage of no AccessController but it still work fine
+ * because it has all the permissions.
+ * 2. testNoPrivilegeFailure shows the usage of AccessController with LessPermission.java,
+ * which is not right approach.
+ * 3. testDoPrivilegePassed shows the correct practice of java 2 security by granting the appropriate
+ * permission in the policy file(s0 and wrapping the AccessController calls with MorePermission.java.
+ * 4. testDoPrivilegeFailure shows the reverse call order of MorePermission and LessPermission
+ * from testDoPrivilegedPassed.
+ * 5. testAccessControlContextFailure shows the AccessContext which contains a no-permission class
+ * on the stack can cause a failure. In our case, the no-permission class is
+ * LessPermissionAccessControlContext.
+ *
+ */
+
+public class Java2SecTest extends TestCase {
+ // Static variable to keep the test result
+ public static String testResult = "";
+
+ // Default constructor
+ public Java2SecTest() {
+ super();
+ System.out.println("\nJava2SecTest ctor 1");
+ Calendar cal = Calendar.getInstance(TimeZone.getDefault());
+ String DATE_FORMAT = "yyyy-MM-dd HH:mm:ss";
+ java.text.SimpleDateFormat sdf = new java.text.SimpleDateFormat(DATE_FORMAT);
+ sdf.setTimeZone(TimeZone.getDefault());
+ System.out.println("Current time => " + sdf.format(cal.getTime()) + "\n");
+ }
+
+ // Constructor
+ public Java2SecTest(String arg) {
+ super(arg);
+ System.out.println("\nJava2SecTest ctor 2");
+ Calendar cal = Calendar.getInstance(TimeZone.getDefault());
+ String DATE_FORMAT = "yyyy-MM-dd HH:mm:ss";
+ java.text.SimpleDateFormat sdf = new java.text.SimpleDateFormat(DATE_FORMAT);
+ sdf.setTimeZone(TimeZone.getDefault());
+ System.out.println("Current time => " + sdf.format(cal.getTime()) + "\n");
+ }
+
+ // This method is added for running this test as a pure junit test
+ public static void main(String[] args) {
+ TestRunner.run(suite());
+
+ }
+
+ // This method is added for running this test as a pure junit test
+ public static Test suite() {
+ TestSuite suite = new TestSuite(Java2SecTest.class);
+
+ return suite;
+
+ }
+
+
+
+ /**
+ * testNoPrivilegedSuccessed
+ */
+
+ public void testNoPrivilegeSuccessed() throws Exception {
+ SecurityManager oldSM = null;
+ String expectedString = "This line is from public.txt.";
+
+ System.out.println("\ntestNoPrivilegedSuccessed() begins");
+ // Check whether the security manager is enabled or not.
+ // If not, turn it on
+ oldSM = System.getSecurityManager();
+ if (oldSM != null) {
+ System.out.println("\nSecurity Manager is enabled.");
+ } else {
+ System.out.println("\nSecurity Manager is disabled.");
+ System.out.println("Enabling the default Java Security Manager");
+ System.setSecurityManager(new SecurityManager());
+ }
+
+ // Run test WITHOUT AccessController.doPrivileged wrapper
+ Action dp= new Action("public/public.txt");
+ MorePermission mp = new MorePermission(dp, false);
+ LessPermission lp = new LessPermission(mp, false);
+ lp.takeAction();
+
+ // Disable security manager if it is enabled by this testcsae
+ if (System.getSecurityManager() != null && oldSM == null) {
+ System.setSecurityManager(null);
+ if (System.getSecurityManager() == null) {
+ System.out.println("Security Manager is successfully disabled.");
+ } else {
+ System.out.println("Security Manager is still enabled");
+ }
+ }
+ // Remove extra characters within the result string
+ testResult = testResult.replaceAll("\\r", "");
+ testResult = testResult.replaceAll("\\n", "");
+ System.out.println("Resulting string is " + testResult);
+
+ // Verify the test result by comparing the test result with expected string
+ assertTrue("The string contents do not match.", expectedString.equalsIgnoreCase(testResult));
+
+ System.out.println("\ntestNoPrivilegedSuccessed() ends\n\n");
+ }
+
+
+
+ /**
+ * testNoPrivilegedFailure
+ */
+
+ public void testNoPrivilegeFailure() throws Exception {
+ SecurityManager oldSM = null;
+
+ System.out.println("\ntestNoPrivilegedFailured() begins");
+ // Check whether the security is enable or not.
+ // if it is not enabled, turn it on
+ oldSM = System.getSecurityManager();
+ if (oldSM != null) {
+ System.out.println("\nSecurity Manager is enabled.");
+ } else {
+ System.out.println("\nSecurity Manager is disabled.");
+ System.out.println("Enabling the default Security Manager");
+ System.setSecurityManager(new SecurityManager());
+ }
+ // Run test with AccessController.doPrivilege wrapper
+ Action dp= new Action("private/private.txt");
+ MorePermission mp = new MorePermission(dp, false);
+ LessPermission lp = new LessPermission(mp, false);
+ try {
+ lp.takeAction();
+ } catch (Exception e){
+ // verify the test result
+ assertTrue("It is not the security exception.", (e instanceof java.security.AccessControlException));
+ } finally {
+ // Disable security manager if it is enabled by this testcsae
+ if (System.getSecurityManager() != null && oldSM == null) {
+ System.setSecurityManager(null);
+ if (System.getSecurityManager() == null) {
+ System.out.println("Security Manager is successfully disabled.");
+ } else {
+ System.out.println("Security Manager is still enabled");
+ }
+ }
+ System.out.println("\ntesNoPrivilegedFailure() ends\n\n");
+ }
+ }
+
+
+
+ /**
+ * testDoPrivilegedSuccessed
+ */
+
+ public void testDoPrivilegeSuccessed() throws Exception {
+ SecurityManager oldSM = null;
+ String expectedString = "This line is from private.txt.";
+
+ System.out.println("\ntestDoPrivilegedSuccessed() begins");
+ // Check whether the security is enable or not.
+ // If it is not enabled, turn it on
+ oldSM = System.getSecurityManager();
+ if (oldSM != null) {
+ System.out.println("\nSecurity Manager is enabled.");
+ } else {
+ System.out.println("\nSecurity Manager is disabled.");
+ System.out.println("Enabling the default Java Security Manager");
+ System.setSecurityManager(new SecurityManager());
+ }
+
+ // Run test with AccessController.doPrivilege
+ Action dp= new Action("private/private.txt");
+ MorePermission mp = new MorePermission(dp, true);
+ LessPermission lp = new LessPermission(mp, false);
+ lp.takeAction();
+
+
+ // Disable security manager if it is enabled by this testcsae
+ if (System.getSecurityManager() != null && oldSM == null) {
+ System.setSecurityManager(null);
+ if (System.getSecurityManager() == null) {
+ System.out.println("Security Manager is successfully disabled.");
+ } else {
+ System.out.println("Security Manager is still enabled");
+ }
+ }
+
+ // Remove extra characters within the result string
+ testResult = testResult.replaceAll("\\r", "");
+ testResult = testResult.replaceAll("\\n", "");
+ System.out.println("Resulting string is " + testResult);
+
+ // Verify the test result by comparing the test result with expected string
+ assertTrue("The string contents do not match.", expectedString.equalsIgnoreCase(testResult));
+ System.out.println("\ntestDoPrivilegedSuccessed() ends\n\n");
+ }
+
+
+
+ /**
+ * testDoPrivilegedFailure
+ */
+
+ public void testDoPrivilegeFailure() throws Exception {
+ SecurityManager oldSM = null;
+ String expectedString = "This line is from private.txt.";
+
+ System.out.println("\ntestDoPrivilegedFailure() begins");
+ // Check whether the security is enable or not.
+ // If it is not enabled, turn it on
+ oldSM = System.getSecurityManager();
+ if (oldSM != null) {
+ System.out.println("\nSecurity Manager is enabled.");
+ } else {
+ System.out.println("\nSecurity Manager is disabled.");
+ System.out.println("Enabling the default Java Security Manager");
+ System.setSecurityManager(new SecurityManager());
+ }
+
+ // Run test with AccessController.doPrivilege
+ Action dp= new Action("private/private.txt");
+ MorePermission mp = new MorePermission(dp, false);
+ LessPermission lp = new LessPermission(mp, true);
+ try {
+ mp.takeAction();
+ } catch (Exception e) {
+ // Verify the test result
+ assertTrue("It is not the security exception.", (e instanceof java.security.AccessControlException));
+
+ } finally {
+ // Disable security manager if it is enabled by this testcsae
+ if (System.getSecurityManager() != null && oldSM == null) {
+ System.setSecurityManager(null);
+ if (System.getSecurityManager() == null) {
+ System.out.println("Security Manager is successfully disabled.");
+ } else {
+ System.out.println("Security Manager is still enabled");
+ }
+ }
+ System.out.println("\ntestDoPrivilegedFailure() ends\n\n");
+ }
+ }
+
+
+
+
+ /**
+ * testAccessControlContextFailure
+ */
+
+ public void testAccessControlContextFailure() throws Exception {
+ SecurityManager oldSM = null;
+ String expectedString = "This line is from private.txt.";
+
+ System.out.println("\ntestAccessControlContextFailure() begins");
+ // Check whether the security is enable or not.
+ // If it is not enabled, turn it on
+ oldSM = System.getSecurityManager();
+ if (oldSM != null) {
+ System.out.println("\nSecurity Manager is enabled.");
+ } else {
+ System.out.println("\nSecurity Manager is disabled.");
+ System.out.println("Enabling the default Java Security Manager");
+ System.setSecurityManager(new SecurityManager());
+ }
+
+ // Run test with AccessController.doPrivilege
+ Action dp= new Action("private/private.txt");
+ MorePermissionAccessControlContext mp = new MorePermissionAccessControlContext(dp, false);
+ LessPermissionAccessControlContext lp = new LessPermissionAccessControlContext(mp, true);
+ try {
+ lp.takeAction();
+ } catch (Exception e) {
+ // Verify the test result
+ assertTrue("It is not the security exception.", (e instanceof java.security.AccessControlException));
+
+ } finally {
+ // Disable security manager if it is enabled by this testcsae
+ if (System.getSecurityManager() != null && oldSM == null) {
+ System.setSecurityManager(null);
+ if (System.getSecurityManager() == null) {
+ System.out.println("Security Manager is successfully disabled.");
+ } else {
+ System.out.println("Security Manager is still enabled");
+ }
+ }
+ System.out.println("\ntestAccessControlContextFailure() ends\n\n");
+ }
+ }
+
+ // 2 begins
+
+ /**
+ * testPrivilegedExceptionActionSuccessed
+ */
+
+ public void testPrivilegedExceptionSuccessed() throws Exception {
+ SecurityManager oldSM = null;
+ String expectedString = "This line is from private.txt.";
+
+ System.out.println("\ntestPrivilegedExceptionActionSuccessed() begins");
+ // Check whether the security is enable or not.
+ // If it is not enabled, turn it on
+ oldSM = System.getSecurityManager();
+ if (oldSM != null) {
+ System.out.println("\nSecurity Manager is enabled.");
+ } else {
+ System.out.println("\nSecurity Manager is disabled.");
+ System.out.println("Enabling the default Java Security Manager");
+ System.setSecurityManager(new SecurityManager());
+ }
+
+ // Run test with AccessController.doPrivilege
+ Action dp= new Action("private/private.txt");
+ MorePermissionPrivilegedExceptionAction mp = new MorePermissionPrivilegedExceptionAction(dp, true);
+ LessPermissionPrivilegedExceptionAction lp = new LessPermissionPrivilegedExceptionAction(mp, false);
+ lp.takeAction();
+
+
+ // Disable security manager if it is enabled by this testcsae
+ if (System.getSecurityManager() != null && oldSM == null) {
+ System.setSecurityManager(null);
+ if (System.getSecurityManager() == null) {
+ System.out.println("Security Manager is successfully disabled.");
+ } else {
+ System.out.println("Security Manager is still enabled");
+ }
+ }
+
+ // Remove extra characters within the result string
+ testResult = testResult.replaceAll("\\r", "");
+ testResult = testResult.replaceAll("\\n", "");
+ System.out.println("testDoPrivilege's result string is " + testResult);
+
+ // Verify the test result by comparing the test result with expected string
+ assertTrue("The string contents do not match.", expectedString.equalsIgnoreCase(testResult));
+ System.out.println("\ntestDoPrivilegeSuccessed() ends\n\n");
+ }
+
+
+
+ /**
+ * testPrivilegedExceptionActionFailure
+ */
+
+ public void testPrivilegedExceptionActionFailure() throws Exception {
+ SecurityManager oldSM = null;
+ String expectedString = "This line is from private.txt.";
+
+ System.out.println("\ntestPrivilegedExceptionActionFailure() begins");
+ // Check whether the security is enable or not.
+ // If it is not enabled, turn it on
+ oldSM = System.getSecurityManager();
+ if (oldSM != null) {
+ System.out.println("\nSecurity Manager is enabled.");
+ } else {
+ System.out.println("\nSecurity Manager is disabled.");
+ System.out.println("Enabling the default Java Security Manager");
+ System.setSecurityManager(new SecurityManager());
+ }
+
+ // Run test with AccessController.doPrivilege
+ Action dp= new Action("private/private.txt");
+ MorePermissionPrivilegedExceptionAction mp = new MorePermissionPrivilegedExceptionAction(dp, false);
+ LessPermissionPrivilegedExceptionAction lp = new LessPermissionPrivilegedExceptionAction(mp, true);
+ try {
+ mp.takeAction();
+ } catch (Exception e) {
+ // Verify the test result
+ assertTrue("It is not the security exception.", (e instanceof java.security.PrivilegedActionException));
+ } finally {
+ // Disable security manager if it is enabled by this testcsae
+ if (System.getSecurityManager() != null && oldSM == null) {
+ System.setSecurityManager(null);
+ if (System.getSecurityManager() == null) {
+ System.out.println("Security Manager is successfully disabled.");
+ } else {
+ System.out.println("Security Manager is still enabled");
+ }
+ }
+ System.out.println("\ntestPrivilegedExceptionActionFailure() ends\n\n");
+ }
+ }
+
+ /**
+ * testCheckPermissionAllowed
+ */
+
+ public void testCheckPermissionAllowed() throws Exception {
+ SecurityManager oldSM = null;
+
+ System.out.println("\ntestCheckPermissionAllowed() begins.\n");
+ boolean allowed = false;
+ String fileName = "public/public.txt";
+
+ oldSM = System.getSecurityManager();
+ if (oldSM != null) {
+ System.out.println("\nSecurity Manager is enabled.");
+ } else {
+ System.out.println("\nSecurity Manager is disabled.");
+ System.out.println("Enabling the default Java Security Manager");
+ System.setSecurityManager(new SecurityManager());
+ }
+
+ try {
+ // Print out maven's base,build, and test direcotories
+ String baseDir = System.getProperty("basedir");
+ System.out.println("basedir => " + baseDir);
+ // Convert the \ (back slash) to / (forward slash)
+ String baseDirM = baseDir.replace('\\', '/');
+ System.out.println("baseDirM => "+ baseDirM);
+ String fs = "/";
+
+ // Build the file URL
+ String fileURL=baseDirM+fs+"test-resources"+fs+"java2sec"+fs+fileName;
+ Permission perm = new java.io.FilePermission(fileURL, "read");
+ AccessController.checkPermission(perm);
+ allowed = true;
+ } catch (Exception e) {
+ if (e instanceof AccessControlException) {
+ e.printStackTrace(System.out);
+ }
+ } finally {
+ assertTrue("Accessing to public.txt file is denied; Test failed.", allowed);
+ // Disable security manager if it is enabled by this testcsae
+ if (System.getSecurityManager() != null && oldSM == null) {
+ System.setSecurityManager(null);
+ if (System.getSecurityManager() == null) {
+ System.out.println("Security Manager is successfully disabled.");
+ } else {
+ System.out.println("Security Manager is still enabled");
+ }
+ }
+ System.out.println("\ntestCheckPermissionAllowed() ends.\n");
+ }
+
+ }
+
+
+
+ /**
+ * testCheckPermissionDenied
+ */
+
+ public void testCheckPermissionDenied() throws Exception {
+ SecurityManager oldSM = null;
+
+ System.out.println("\ntestCheckPermissionDenied() begins.\n");
+ boolean denied = true;
+ String fileName = "private/private.txt";
+
+ oldSM = System.getSecurityManager();
+ if (oldSM != null) {
+ System.out.println("\nSecurity Manager is enabled.");
+ } else {
+ System.out.println("\nSecurity Manager is disabled.");
+ System.out.println("Enabling the default Java Security Manager");
+ System.setSecurityManager(new SecurityManager());
+ }
+
+ try {
+ // Print out maven's base,build, and test direcotories
+ String baseDir = System.getProperty("basedir");
+ System.out.println("basedir => " + baseDir);
+
+ // Convert the \ (back slash) to / (forward slash)
+ String baseDirM = baseDir.replace('\\', '/');
+ System.out.println("baseDirM => "+ baseDirM);
+
+ String fs = "/";
+
+ // Build the file URL
+ String fileURL=baseDirM+fs+"test-resources"+fs+"java2sec"+fs+fileName;
+ Permission perm = new java.io.FilePermission(fileURL, "read");
+ AccessController.checkPermission(perm);
+ denied = false;
+ } catch (Exception e) {
+ if (!(e instanceof AccessControlException)) {
+ denied = false;
+ }
+ e.printStackTrace(System.out);
+ } finally {
+ assertTrue("Accessing to private.txt file is allowed; Test failed.", denied);
+
+ // Disable security manager if it is enabled by this testcsae
+ if (System.getSecurityManager() != null && oldSM == null) {
+ System.setSecurityManager(null);
+ if (System.getSecurityManager() == null) {
+ System.out.println("Security Manager is successfully disabled.");
+ } else {
+ System.out.println("Security Manager is still enabled");
+ }
+ }
+ System.out.println("\ntestCheckPermissionDenied() ends.\n");
+ }
+ }
+}
Added: webservices/axis2/trunk/java/modules/kernel/test/org/apache/axis2/java/security/interf/Actor.java
URL: http://svn.apache.org/viewvc/webservices/axis2/trunk/java/modules/kernel/test/org/apache/axis2/java/security/interf/Actor.java?view=auto&rev=448021
==============================================================================
--- webservices/axis2/trunk/java/modules/kernel/test/org/apache/axis2/java/security/interf/Actor.java (added)
+++ webservices/axis2/trunk/java/modules/kernel/test/org/apache/axis2/java/security/interf/Actor.java Tue Sep 19 17:58:10 2006
@@ -0,0 +1,26 @@
+/*
+ * Copyright 2006 International Business Machines Corp.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package org.apache.axis2.java.security.interf;
+
+/**
+ * Interface Actor
+ */
+
+public interface Actor {
+ public void takeAction();
+}
+
Added: webservices/axis2/trunk/java/modules/kernel/test/org/apache/axis2/java/security/less/LessPermission.java
URL: http://svn.apache.org/viewvc/webservices/axis2/trunk/java/modules/kernel/test/org/apache/axis2/java/security/less/LessPermission.java?view=auto&rev=448021
==============================================================================
--- webservices/axis2/trunk/java/modules/kernel/test/org/apache/axis2/java/security/less/LessPermission.java (added)
+++ webservices/axis2/trunk/java/modules/kernel/test/org/apache/axis2/java/security/less/LessPermission.java Tue Sep 19 17:58:10 2006
@@ -0,0 +1,63 @@
+/*
+ * Copyright 2006 International Business Machines Corp.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package org.apache.axis2.java.security.less;
+
+import org.apache.axis2.java.security.AccessController;
+import org.apache.axis2.java.security.interf.Actor;
+
+import java.security.PrivilegedAction;
+
+
+
+/**
+ * LessPermission has no read permission to the private.txt file
+ */
+
+public class LessPermission implements Actor {
+
+ private Actor _actor;
+ private boolean _usingDoPrivilege;
+
+ // Construtor
+ public LessPermission(Actor a, boolean usingDoPrivilege) {
+ _actor = a;
+ _usingDoPrivilege = usingDoPrivilege;
+ }
+
+ // Implement Actor's takeAction method
+ public void takeAction() {
+ try {
+ if (_usingDoPrivilege) {
+ // Use AccessController's doPrivilege
+ AccessController.doPrivileged(
+ new PrivilegedAction() {
+ public Object run() {
+ _actor.takeAction();
+ return null;
+ }
+ });
+ }
+ else {
+ // Use no AccessController's doPrivilege
+ _actor.takeAction();
+ }
+ } catch (Exception e) {
+ e.printStackTrace(System.out);
+ }
+ }
+}
+
Added: webservices/axis2/trunk/java/modules/kernel/test/org/apache/axis2/java/security/less/LessPermissionAccessControlContext.java
URL: http://svn.apache.org/viewvc/webservices/axis2/trunk/java/modules/kernel/test/org/apache/axis2/java/security/less/LessPermissionAccessControlContext.java?view=auto&rev=448021
==============================================================================
--- webservices/axis2/trunk/java/modules/kernel/test/org/apache/axis2/java/security/less/LessPermissionAccessControlContext.java (added)
+++ webservices/axis2/trunk/java/modules/kernel/test/org/apache/axis2/java/security/less/LessPermissionAccessControlContext.java Tue Sep 19 17:58:10 2006
@@ -0,0 +1,65 @@
+/*
+ * Copyright 2006 International Business Machines Corp.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package org.apache.axis2.java.security.less;
+
+import org.apache.axis2.java.security.AccessController;
+import org.apache.axis2.java.security.interf.Actor;
+
+import java.security.PrivilegedAction;
+import java.security.AccessControlContext;
+
+
+
+/**
+ * LessPermission has no read permission to the private.txt file
+ */
+
+public class LessPermissionAccessControlContext implements Actor {
+
+ private Actor _actor;
+ private boolean _usingDoPrivilege;
+
+ // Construtor
+ public LessPermissionAccessControlContext(Actor a, boolean usingDoPrivilege) {
+ _actor = a;
+ _usingDoPrivilege = usingDoPrivilege;
+ }
+
+ // Implement Actor's takeAction method
+ public void takeAction() {
+ try {
+ if (_usingDoPrivilege) {
+ final AccessControlContext acc = AccessController.getContext();
+ // Demostrate the usage of AccessController.doPrivileged(PrivilegeAction action, AccessContext ctx)
+ AccessController.doPrivileged(
+ new PrivilegedAction() {
+ public Object run() {
+ _actor.takeAction();
+ return null;
+ }
+ }, acc);
+ }
+ else {
+ // Use no doPrivileged
+ _actor.takeAction();
+ }
+ } catch (Exception e) {
+ e.printStackTrace(System.out);
+ }
+ }
+}
+
Added: webservices/axis2/trunk/java/modules/kernel/test/org/apache/axis2/java/security/less/LessPermissionPrivilegedExceptionAction.java
URL: http://svn.apache.org/viewvc/webservices/axis2/trunk/java/modules/kernel/test/org/apache/axis2/java/security/less/LessPermissionPrivilegedExceptionAction.java?view=auto&rev=448021
==============================================================================
--- webservices/axis2/trunk/java/modules/kernel/test/org/apache/axis2/java/security/less/LessPermissionPrivilegedExceptionAction.java (added)
+++ webservices/axis2/trunk/java/modules/kernel/test/org/apache/axis2/java/security/less/LessPermissionPrivilegedExceptionAction.java Tue Sep 19 17:58:10 2006
@@ -0,0 +1,63 @@
+/*
+ * Copyright 2006 International Business Machines Corp.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package org.apache.axis2.java.security.less;
+
+import org.apache.axis2.java.security.AccessController;
+import org.apache.axis2.java.security.interf.Actor;
+
+import java.security.PrivilegedExceptionAction;
+
+
+
+/**
+ * LessPermission has no read permission to the private.txt file
+ */
+
+public class LessPermissionPrivilegedExceptionAction implements Actor {
+
+ private Actor _actor;
+ private boolean _usingDoPrivilege;
+
+ // Construtor
+ public LessPermissionPrivilegedExceptionAction(Actor a, boolean usingDoPrivilege) {
+ _actor = a;
+ _usingDoPrivilege = usingDoPrivilege;
+ }
+
+ // Implement Actor's takeAction method
+ public void takeAction() {
+ try {
+ if (_usingDoPrivilege) {
+ // Demostrate the usage of AccessController.doPrivileged(PrivilegedExceptionAction action)
+ AccessController.doPrivileged(
+ new PrivilegedExceptionAction() {
+ public Object run() {
+ _actor.takeAction();
+ return null;
+ }
+ });
+ }
+ else {
+ // Use no doPrivileged
+ _actor.takeAction();
+ }
+ } catch (Exception e) {
+ e.printStackTrace(System.out);
+ }
+ }
+}
+
Added: webservices/axis2/trunk/java/modules/kernel/test/org/apache/axis2/java/security/more/MorePermission.java
URL: http://svn.apache.org/viewvc/webservices/axis2/trunk/java/modules/kernel/test/org/apache/axis2/java/security/more/MorePermission.java?view=auto&rev=448021
==============================================================================
--- webservices/axis2/trunk/java/modules/kernel/test/org/apache/axis2/java/security/more/MorePermission.java (added)
+++ webservices/axis2/trunk/java/modules/kernel/test/org/apache/axis2/java/security/more/MorePermission.java Tue Sep 19 17:58:10 2006
@@ -0,0 +1,62 @@
+/*
+ * Copyright 2006 International Business Machines Corp.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package org.apache.axis2.java.security.more;
+
+import org.apache.axis2.java.security.AccessController;
+import org.apache.axis2.java.security.interf.Actor;
+
+import java.security.PrivilegedAction;
+
+/**
+ * MorePermission has read permission to both public.txt and private.txt
+ */
+
+public class MorePermission implements Actor {
+
+ private Actor _actor;
+ private boolean _usingDoPrivilege;
+
+ // Constructor
+ public MorePermission(Actor a, boolean usingDoPrivilege) {
+ _actor = a;
+ _usingDoPrivilege = usingDoPrivilege;
+
+ }
+
+ // Implementing Actor's takeAction method
+ public void takeAction() {
+ try {
+ if (_usingDoPrivilege) {
+ // Use AccessController's doPrivilege
+ AccessController.doPrivileged(
+ new PrivilegedAction() {
+ public Object run() {
+ _actor.takeAction();
+ return null;
+ }
+ });
+ }
+ else {
+ // Use no AccessController's doPrivilege
+ _actor.takeAction();
+ }
+ } catch (Exception e) {
+ e.printStackTrace(System.out);
+ }
+ }
+}
+
Added: webservices/axis2/trunk/java/modules/kernel/test/org/apache/axis2/java/security/more/MorePermissionAccessControlContext.java
URL: http://svn.apache.org/viewvc/webservices/axis2/trunk/java/modules/kernel/test/org/apache/axis2/java/security/more/MorePermissionAccessControlContext.java?view=auto&rev=448021
==============================================================================
--- webservices/axis2/trunk/java/modules/kernel/test/org/apache/axis2/java/security/more/MorePermissionAccessControlContext.java (added)
+++ webservices/axis2/trunk/java/modules/kernel/test/org/apache/axis2/java/security/more/MorePermissionAccessControlContext.java Tue Sep 19 17:58:10 2006
@@ -0,0 +1,80 @@
+/*
+ * Copyright 2006 International Business Machines Corp.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package org.apache.axis2.java.security.more;
+
+import org.apache.axis2.java.security.AccessController;
+import org.apache.axis2.java.security.interf.Actor;
+
+import java.security.PrivilegedAction;
+import java.security.AccessControlContext;
+import java.security.Permission;
+
+/**
+ * MorePermissionAccessControllerContext has read permission to both public.txt and private.txt
+ */
+
+public class MorePermissionAccessControlContext implements Actor {
+
+ private Actor _actor;
+ private boolean _usingDoPrivilege;
+
+ // Constructor
+ public MorePermissionAccessControlContext(Actor a, boolean usingDoPrivilege) {
+ _actor = a;
+ _usingDoPrivilege = usingDoPrivilege;
+
+ }
+
+ // Implementing Actor's takeAction method
+ public void takeAction() {
+ try {
+ if (_usingDoPrivilege) {
+ final AccessControlContext acc = AccessController.getContext();
+ // Print out maven's base,build, and test direcotories
+ String baseDir = System.getProperty("basedir");
+ System.out.println("basedir => " + baseDir);
+
+ // Convert the \ (back slash) to / (forward slash)
+ String baseDirM = baseDir.replace('\\', '/');
+ System.out.println("baseDirM => "+ baseDirM);
+
+ String fs = "/";
+ String fileName = "private/private.txt";
+
+ // Build the file URL
+ String fileURL=baseDirM+fs+"test-resources"+fs+"java2sec"+fs+fileName;
+ Permission perm = new java.io.FilePermission(fileURL, "read");
+ acc.checkPermission(perm);
+ // Demostrate the usage of AccessController's doPrivilege(PrivilegeAction action, AccessContext ctx)
+ AccessController.doPrivileged(
+ new PrivilegedAction() {
+ public Object run() {
+ _actor.takeAction();
+ return null;
+ }
+ }, acc);
+ }
+ else {
+ // Use no doPrivileged
+ _actor.takeAction();
+ }
+ } catch (Exception e) {
+ e.printStackTrace(System.out);
+ }
+ }
+}
+
Added: webservices/axis2/trunk/java/modules/kernel/test/org/apache/axis2/java/security/more/MorePermissionPrivilegedExceptionAction.java
URL: http://svn.apache.org/viewvc/webservices/axis2/trunk/java/modules/kernel/test/org/apache/axis2/java/security/more/MorePermissionPrivilegedExceptionAction.java?view=auto&rev=448021
==============================================================================
--- webservices/axis2/trunk/java/modules/kernel/test/org/apache/axis2/java/security/more/MorePermissionPrivilegedExceptionAction.java (added)
+++ webservices/axis2/trunk/java/modules/kernel/test/org/apache/axis2/java/security/more/MorePermissionPrivilegedExceptionAction.java Tue Sep 19 17:58:10 2006
@@ -0,0 +1,62 @@
+/*
+ * Copyright 2006 International Business Machines Corp.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package org.apache.axis2.java.security.more;
+
+import org.apache.axis2.java.security.AccessController;
+import org.apache.axis2.java.security.interf.Actor;
+
+import java.security.PrivilegedExceptionAction;
+
+/**
+ * MorePermission has read permission to both public.txt and private.txt
+ */
+
+public class MorePermissionPrivilegedExceptionAction implements Actor {
+
+ private Actor _actor;
+ private boolean _usingDoPrivilege;
+
+ // Constructor
+ public MorePermissionPrivilegedExceptionAction(Actor a, boolean usingDoPrivilege) {
+ _actor = a;
+ _usingDoPrivilege = usingDoPrivilege;
+
+ }
+
+ // Implementing Actor's takeAction method
+ public void takeAction() {
+ try {
+ if (_usingDoPrivilege) {
+ // Demostrate the usage of AccessController.doPrivileged(PrivilegedExceptionAction action)
+ AccessController.doPrivileged(
+ new PrivilegedExceptionAction() {
+ public Object run() {
+ _actor.takeAction();
+ return null;
+ }
+ });
+ }
+ else {
+ // Use no doPrivilege
+ _actor.takeAction();
+ }
+ } catch (Exception e) {
+ e.printStackTrace(System.out);
+ }
+ }
+}
+
---------------------------------------------------------------------
To unsubscribe, e-mail: axis-cvs-unsubscribe@ws.apache.org
For additional commands, e-mail: axis-cvs-help@ws.apache.org