svn commit: r1509008 - in /commons/sandbox/weaver/trunk/example: pom.xml src/test/resources/java.policy

[mb...@apache.org]

Author: mbenson
Date: Wed Jul 31 19:52:46 2013
New Revision: 1509008

URL: http://svn.apache.org/r1509008
Log:
get security profile actually working, on non-Windows systems, anyway

Modified:
    commons/sandbox/weaver/trunk/example/pom.xml
    commons/sandbox/weaver/trunk/example/src/test/resources/java.policy

Modified: commons/sandbox/weaver/trunk/example/pom.xml
URL: http://svn.apache.org/viewvc/commons/sandbox/weaver/trunk/example/pom.xml?rev=1509008&r1=1509007&r2=1509008&view=diff
==============================================================================
--- commons/sandbox/weaver/trunk/example/pom.xml (original)
+++ commons/sandbox/weaver/trunk/example/pom.xml Wed Jul 31 19:52:46 2013
@@ -121,11 +121,7 @@
             <groupId>org.apache.maven.plugins</groupId>
             <artifactId>maven-surefire-plugin</artifactId>
             <configuration>
-              <forkMode>once</forkMode>
-              <systemPropertyVariables>
-                <surefire.security.manager>java.lang.SecurityManager</surefire.security.manager>
-                <java.security.policy>${project.basedir}/src/test/resources/java.policy</java.security.policy>
-              </systemPropertyVariables>
+              <argLine>-Djava.security.manager -Djava.security.policy=${basedir}/src/test/resources/java.policy</argLine>
             </configuration>
           </plugin>
         </plugins>

Modified: commons/sandbox/weaver/trunk/example/src/test/resources/java.policy
URL: http://svn.apache.org/viewvc/commons/sandbox/weaver/trunk/example/src/test/resources/java.policy?rev=1509008&r1=1509007&r2=1509008&view=diff
==============================================================================
--- commons/sandbox/weaver/trunk/example/src/test/resources/java.policy (original)
+++ commons/sandbox/weaver/trunk/example/src/test/resources/java.policy Wed Jul 31 19:52:46 2013
@@ -24,6 +24,19 @@ grant
   permission java.io.FilePermission "${user.dir}${/}target${/}-", "read";
 };
 
+// we don't care about the permissions of the testing infrastructure,
+// including maven;
+grant codeBase "file://${user.home}/.m2/repository/org/apache/maven/-"
+{
+  permission java.security.AllPermission;
+};
+
+// junit;
+grant codeBase "file://${user.home}/.m2/repository/junit/-"
+{
+  permission java.security.AllPermission;
+};
+
 // if you set up eclipse to propagate this property it will work :D
 grant codeBase "file://${eclipse.home}/-"
 {
@@ -32,15 +45,16 @@ grant codeBase "file://${eclipse.home}/-
 
 // and our own testcases
 
-grant codeBase "file:${user.dir}/target/test-classes/-"
+grant codeBase "file://${user.dir}/target/test-classes/-"
 {
   permission java.security.AllPermission;
 };
 
-grant codeBase "file:${user.dir}/target/classes/-"
+grant codeBase "file://${user.dir}/target/classes/-"
 {
   permission java.util.PropertyPermission "foo", "read";
   permission java.util.PropertyPermission "bar", "read";
   permission java.util.PropertyPermission "baz", "read";
-  #permission java.lang.RuntimePermission "getClassLoader";
+  permission java.lang.RuntimePermission "accessDeclaredMembers";
+  permission java.lang.reflect.ReflectPermission "suppressAccessChecks";
 };