You are viewing a plain text version of this content. The canonical link for it is here.
Posted to java-dev@axis.apache.org by na...@apache.org on 2006/11/20 23:17:08 UTC
svn commit: r477365 - in /webservices/axis2/trunk/java: etc/ modules/jibx/
modules/kernel/ modules/kernel/test-resources/java2sec/
modules/kernel/test-resources/java2sec/policy/
modules/kernel/test-resources/java2sec/private/ modules/kernel/test-resour...
Author: nagy
Date: Mon Nov 20 14:17:06 2006
New Revision: 477365
URL: http://svn.apache.org/viewvc?view=rev&rev=477365
Log:
Ported r469475 (Java 2 Security AccessController)
Added:
webservices/axis2/trunk/java/modules/kernel/test-resources/java2sec/
webservices/axis2/trunk/java/modules/kernel/test-resources/java2sec/policy/
webservices/axis2/trunk/java/modules/kernel/test-resources/java2sec/policy/java2sectest.policy
webservices/axis2/trunk/java/modules/kernel/test-resources/java2sec/private/
webservices/axis2/trunk/java/modules/kernel/test-resources/java2sec/private/private.txt
webservices/axis2/trunk/java/modules/kernel/test-resources/java2sec/public/
webservices/axis2/trunk/java/modules/kernel/test-resources/java2sec/public/public.txt
webservices/axis2/trunk/java/modules/kernel/test/org/apache/axis2/java/
webservices/axis2/trunk/java/modules/kernel/test/org/apache/axis2/java/security/
webservices/axis2/trunk/java/modules/kernel/test/org/apache/axis2/java/security/action/
webservices/axis2/trunk/java/modules/kernel/test/org/apache/axis2/java/security/action/Action.java
webservices/axis2/trunk/java/modules/kernel/test/org/apache/axis2/java/security/driver/
webservices/axis2/trunk/java/modules/kernel/test/org/apache/axis2/java/security/driver/Java2SecTest.java
webservices/axis2/trunk/java/modules/kernel/test/org/apache/axis2/java/security/interf/
webservices/axis2/trunk/java/modules/kernel/test/org/apache/axis2/java/security/interf/Actor.java
webservices/axis2/trunk/java/modules/kernel/test/org/apache/axis2/java/security/less/
webservices/axis2/trunk/java/modules/kernel/test/org/apache/axis2/java/security/less/LessPermission.java
webservices/axis2/trunk/java/modules/kernel/test/org/apache/axis2/java/security/less/LessPermissionAccessControlContext.java
webservices/axis2/trunk/java/modules/kernel/test/org/apache/axis2/java/security/less/LessPermissionPrivilegedExceptionAction.java
webservices/axis2/trunk/java/modules/kernel/test/org/apache/axis2/java/security/more/
webservices/axis2/trunk/java/modules/kernel/test/org/apache/axis2/java/security/more/MorePermission.java
webservices/axis2/trunk/java/modules/kernel/test/org/apache/axis2/java/security/more/MorePermissionAccessControlContext.java
webservices/axis2/trunk/java/modules/kernel/test/org/apache/axis2/java/security/more/MorePermissionPrivilegedExceptionAction.java
Modified:
webservices/axis2/trunk/java/etc/project.properties
webservices/axis2/trunk/java/etc/project.xml
webservices/axis2/trunk/java/modules/jibx/maven.xml
webservices/axis2/trunk/java/modules/kernel/maven.xml
webservices/axis2/trunk/java/modules/kernel/project.properties
Modified: webservices/axis2/trunk/java/etc/project.properties
URL: http://svn.apache.org/viewvc/webservices/axis2/trunk/java/etc/project.properties?view=diff&rev=477365&r1=477364&r2=477365
==============================================================================
--- webservices/axis2/trunk/java/etc/project.properties (original)
+++ webservices/axis2/trunk/java/etc/project.properties Mon Nov 20 14:17:06 2006
@@ -31,6 +31,7 @@
# Dependency Repositories
# -------------------------------------------------------------------
maven.repo.remote=\
+http://people.apache.org/repo/m1-snapshot-repository/,\
http://repo1.maven.org/maven/,\
http://ws.zones.apache.org/repository/,\
http://people.apache.org/repo/m1-ibiblio-rsync-repository/,\
@@ -110,6 +111,10 @@
jibx.version=1.1.2
junit.version=3.8.2
maven.itest.plugin.version=1.0
+maven.jar.plugin.version=1.8-SNAPSHOT
+maven.multiproject.plugin.version=1.5-SNAPSHOT
+maven.plugin.plugin.version=1.8-SNAPSHOT
+maven.test.plugin.version=1.8.1-SNAPSHOT
opensaml.version=1.1
neethi.version=2.0
servletapi.version=2.3
Modified: webservices/axis2/trunk/java/etc/project.xml
URL: http://svn.apache.org/viewvc/webservices/axis2/trunk/java/etc/project.xml?view=diff&rev=477365&r1=477364&r2=477365
==============================================================================
--- webservices/axis2/trunk/java/etc/project.xml (original)
+++ webservices/axis2/trunk/java/etc/project.xml Mon Nov 20 14:17:06 2006
@@ -91,6 +91,38 @@
<archive>http://marc.theaimsgroup.com/?l=axis-user&r=1&w=2</archive>
</mailingList>
</mailingLists>
+
+ <dependencies>
+ <dependency>
+ <groupId>maven</groupId>
+ <artifactId>maven-test-plugin</artifactId>
+ <type>plugin</type>
+ <version>${maven.test.plugin.version}</version>
+ </dependency>
+
+ <dependency>
+ <groupId>maven</groupId>
+ <artifactId>maven-multiproject-plugin</artifactId>
+ <type>plugin</type>
+ <version>${maven.multiproject.plugin.version}</version>
+ </dependency>
+
+ <dependency>
+ <groupId>maven</groupId>
+ <artifactId>maven-jar-plugin</artifactId>
+ <type>plugin</type>
+ <version>${maven.jar.plugin.version}</version>
+ </dependency>
+
+ <dependency>
+ <groupId>maven</groupId>
+ <artifactId>maven-plugin-plugin</artifactId>
+ <type>plugin</type>
+ <version>${maven.plugin.plugin.version}</version>
+ </dependency>
+ </dependencies>
+
+
<!-- ========== -->
<!-- Developers -->
<!-- ========== -->
Modified: webservices/axis2/trunk/java/modules/jibx/maven.xml
URL: http://svn.apache.org/viewvc/webservices/axis2/trunk/java/modules/jibx/maven.xml?view=diff&rev=477365&r1=477364&r2=477365
==============================================================================
--- webservices/axis2/trunk/java/modules/jibx/maven.xml (original)
+++ webservices/axis2/trunk/java/modules/jibx/maven.xml Mon Nov 20 14:17:06 2006
@@ -17,13 +17,13 @@
</preGoal>
<!-- run the JiBX binding compiler after the Java compiler -->
- <preGoal name="test:test">
+ <postGoal name="test:compile">
<java classname="org.jibx.binding.Compile" fork="true">
<classpath refid="maven.dependency.classpath"/>
<classpath location="target/test-classes"/>
<arg value="test-resources/binding/customer-binding.xml"/>
<arg value="test-resources/binding/library-binding.xml"/>
</java>
- </preGoal>
+ </postGoal>
</project>
Modified: webservices/axis2/trunk/java/modules/kernel/maven.xml
URL: http://svn.apache.org/viewvc/webservices/axis2/trunk/java/modules/kernel/maven.xml?view=diff&rev=477365&r1=477364&r2=477365
==============================================================================
--- webservices/axis2/trunk/java/modules/kernel/maven.xml (original)
+++ webservices/axis2/trunk/java/modules/kernel/maven.xml Mon Nov 20 14:17:06 2006
@@ -8,6 +8,7 @@
xmlns:maven="jelly:maven"
xmlns:deploy="deploy"
xmlns:ant="jelly:ant">
+
<postGoal name="test:compile">
<j:if test="${context.getVariable('maven.test.skip') != 'true'}">
<j:jelly xmlns="jelly:ant">
@@ -20,6 +21,32 @@
</j:jelly>
<ant:copy file="${basedir}/test-resources/deployment/axis2.xml" tofile="${basedir}/target/test-resources/deployment/axis2.xml"/>
</j:if>
+
+ <mkdir dir="${maven.build.dir}/test-resources/java2sec/more"/>
+ <mkdir dir="${maven.build.dir}/test-resources/java2sec/less"/>
+
+ <ant:jar destfile="${maven.build.dir}/test-resources/java2sec/more/MorePermission.jar" update="true">
+ <fileset dir="target/test-classes">
+ <include name="org/apache/axis2/java/security/driver/*"/>
+ <include name="org/apache/axis2/java/security/action/*"/>
+ <include name="org/apache/axis2/java/security/interf/*"/>
+ <include name="org/apache/axis2/java/security/more/*"/>
+ </fileset>
+ </ant:jar>
+
+ <ant:delete dir="${basedir}/target/test-classes/org/apache/axis2/java/security/driver" />
+ <ant:delete dir="${basedir}/target/test-classes/org/apache/axis2/java/security/more" />
+ <ant:delete dir="${basedir}/target/test-classes/org/apache/axis2/java/security/action" />
+ <ant:delete dir="${basedir}/target/test-classes/org/apache/axis2/java/security/interf" />
+
+ <ant:jar destfile="${maven.build.dir}/test-resources/java2sec/less/LessPermission.jar" update="true">
+ <fileset dir="target/test-classes">
+ <include name="org/apache/axis2/java/security/less/*"/>
+ </fileset>
+ </ant:jar>
+
+ <ant:delete dir="${basedir}/target/test-classes/org/apache/axis2/java/security/less" />
+
</postGoal>
<preGoal name="itest:compile">
<u:file var="file" name="${maven.itest.src}"/>
Modified: webservices/axis2/trunk/java/modules/kernel/project.properties
URL: http://svn.apache.org/viewvc/webservices/axis2/trunk/java/modules/kernel/project.properties?view=diff&rev=477365&r1=477364&r2=477365
==============================================================================
--- webservices/axis2/trunk/java/modules/kernel/project.properties (original)
+++ webservices/axis2/trunk/java/modules/kernel/project.properties Mon Nov 20 14:17:06 2006
@@ -16,3 +16,12 @@
maven.multiproject.type=jar
+# These properties are used by Java 2 Security testcase
+maven.test.classpath=${maven.build.dir}/test-resources/java2sec/less/LessPermission.jar;${maven.build.dir}/test-resources/java2sec/more/MorePermission.jar
+maven.junit.jvmargs=-Djava.security.policy=${base_dir}/test-resources/java2sec/policy/java2sectest.policy
+maven.junit.sysproperties=maven_home_dir base_dir maven_build_dir maven_repo_local maven_installed_root maven_test_dest
+maven_installed_root=${maven.home}
+base_dir=${basedir}
+maven_build_dir=${maven.build.dir}
+maven_test_dest=${maven.test.dest}
+maven_repo_local=${maven.repo.local}
Added: webservices/axis2/trunk/java/modules/kernel/test-resources/java2sec/policy/java2sectest.policy
URL: http://svn.apache.org/viewvc/webservices/axis2/trunk/java/modules/kernel/test-resources/java2sec/policy/java2sectest.policy?view=auto&rev=477365
==============================================================================
--- webservices/axis2/trunk/java/modules/kernel/test-resources/java2sec/policy/java2sectest.policy (added)
+++ webservices/axis2/trunk/java/modules/kernel/test-resources/java2sec/policy/java2sectest.policy Mon Nov 20 14:17:06 2006
@@ -0,0 +1,60 @@
+grant {
+ permission java.util.PropertyPermission "basedir", "read";
+ permission java.util.PropertyPermission "maven.build.dir", "read";
+ permission java.lang.RuntimePermission "accessDeclaredMembers";
+ permission java.lang.RuntimePermission "exitVM";
+ permission java.lang.RuntimePermission "getProtectionDomain";
+ permission java.lang.RuntimePermission "modifyThreadGroup";
+ permission java.lang.RuntimePermission "setContextClassLoader";
+ permission java.lang.RuntimePermission "setIO";
+ permission java.lang.RuntimePermission "setSecurityManager";
+
+ permission java.io.FilePermission "${maven_build_dir}/classes/", "read";
+ permission java.io.FilePermission "${maven_build_dir}/classes/org/apache/axis2/java/security/AccessController.class", "read";
+ permission java.io.FilePermission "${maven_build_dir}/classes/org/apache/xerces/dom/CharacterDataImpl$1.class", "read";
+
+ permission java.io.FilePermission "${maven_build_dir}/test-classes/", "read";
+ permission java.io.FilePermission "${maven_build_dir}/test-classes/org/apache/axis2/java/security/AccessController.class", "read";
+ permission java.io.FilePermission "${maven_build_dir}/test-classes/org/apache/xerces/dom/CDATASectionImpl.class", "read";
+ permission java.io.FilePermission "${maven_build_dir}/test-classes/org/apache/xerces/dom/CharacterDataImpl$1.class", "read";
+
+
+ permission java.io.FilePermission "${maven_build_dir}/test-resources/java2sec/less/LessPermission.jar", "read";
+ permission java.io.FilePermission "${maven_build_dir}/test-resources/java2sec/more/MorePermission.jar", "read";
+
+ permission java.io.FilePermission "${maven_repo_local}/-", "read";
+ permission java.io.FilePermission "${maven_installed_root}/lib/-", "read";
+
+ permission java.util.PropertyPermission "maven_build_dir", "read";
+ permission java.util.PropertyPermission "maven_test_dest", "read";
+
+};
+
+
+grant codeBase "file:${maven_build_dir}/test-resources/java2sec/more/MorePermission.jar" {
+ permission java.io.FilePermission "${base_dir}/test-resources/java2sec/private/private.txt", "read";
+ permission java.io.FilePermission "${base_dir}/test-resources/java2sec/public/public.txt", "read";
+};
+
+grant codeBase "file:${maven_build_dir}/test-resources/java2sec/less/LessPermission.jar" {
+ permission java.io.FilePermission "${base_dir}/test-resources/java2sec/public/public.txt", "read";
+};
+
+
+grant codeBase "file:${maven_installed_root}/lib/-" {
+ permission java.io.FilePermission "${base_dir}/test-resources/java2sec/public/public.txt", "read";
+ permission java.io.FilePermission "${base_dir}/test-resources/java2sec/private/private.txt", "read";
+};
+
+grant codeBase "file:${maven_build_dir}/test-classes/" {
+ permission java.io.FilePermission "${base_dir}/test-resources/java2sec/public/public.txt", "read";
+};
+
+grant codeBase "file:${maven_build_dir}/classes/" {
+ permission java.io.FilePermission "${base_dir}/test-resources/java2sec/public/public.txt", "read";
+ permission java.io.FilePermission "${base_dir}/test-resources/java2sec/private/private.txt", "read";
+};
+
+grant codeBase "file:${maven_repo_local}/-" {
+ permission java.io.FilePermission "${base_dir}/test-resources/java2sec/public/public.txt", "read";
+};
Added: webservices/axis2/trunk/java/modules/kernel/test-resources/java2sec/private/private.txt
URL: http://svn.apache.org/viewvc/webservices/axis2/trunk/java/modules/kernel/test-resources/java2sec/private/private.txt?view=auto&rev=477365
==============================================================================
--- webservices/axis2/trunk/java/modules/kernel/test-resources/java2sec/private/private.txt (added)
+++ webservices/axis2/trunk/java/modules/kernel/test-resources/java2sec/private/private.txt Mon Nov 20 14:17:06 2006
@@ -0,0 +1 @@
+This line is from private.txt.
Added: webservices/axis2/trunk/java/modules/kernel/test-resources/java2sec/public/public.txt
URL: http://svn.apache.org/viewvc/webservices/axis2/trunk/java/modules/kernel/test-resources/java2sec/public/public.txt?view=auto&rev=477365
==============================================================================
--- webservices/axis2/trunk/java/modules/kernel/test-resources/java2sec/public/public.txt (added)
+++ webservices/axis2/trunk/java/modules/kernel/test-resources/java2sec/public/public.txt Mon Nov 20 14:17:06 2006
@@ -0,0 +1 @@
+This line is from public.txt.
Added: webservices/axis2/trunk/java/modules/kernel/test/org/apache/axis2/java/security/action/Action.java
URL: http://svn.apache.org/viewvc/webservices/axis2/trunk/java/modules/kernel/test/org/apache/axis2/java/security/action/Action.java?view=auto&rev=477365
==============================================================================
--- webservices/axis2/trunk/java/modules/kernel/test/org/apache/axis2/java/security/action/Action.java (added)
+++ webservices/axis2/trunk/java/modules/kernel/test/org/apache/axis2/java/security/action/Action.java Mon Nov 20 14:17:06 2006
@@ -0,0 +1,97 @@
+/*
+ * Copyright 2006 International Business Machines Corp.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ *
+ */
+
+package org.apache.axis2.java.security.action;
+
+import org.apache.axis2.java.security.interf.Actor;
+import org.apache.axis2.java.security.driver.Java2SecTest;
+
+import java.io.CharArrayWriter;
+import java.io.FileReader;
+import java.io.IOException;
+
+
+
+/**
+ * Action reads the data from an input file
+ * and then saves the file input to Java2SecTest class
+ */
+
+public class Action implements Actor {
+
+ private String fileName;
+ private FileReader fileReader;
+
+ // Constructor
+ public Action(String fileName) {
+ this.fileName = fileName;
+ }
+
+ // Implementing Actor's takeAction method
+ public void takeAction () {
+ try {
+ // Print out maven's base,build, and test direcotories
+ String baseDir = System.getProperty("basedir");
+ System.out.println("basedir => " + baseDir);
+
+ String buildDir = System.getProperty("maven_build_dir");
+ System.out.println("buildDir => " + buildDir);
+
+ String testDir = System.getProperty("maven_test_dest");
+ System.out.println("testDir => " + testDir);
+
+ // Convert the \ (back slash) to / (forward slash)
+ String baseDirM = baseDir.replace('\\', '/');
+ System.out.println("baseDirM => "+ baseDirM);
+
+ String fs = "/";
+
+ // Build the file URL
+ String fileURL=baseDirM+fs+"test-resources"+fs+"java2sec"+fs+fileName;
+ System.out.println("File URL => " + fileURL);
+
+ if (fileName != null)
+ fileReader = new FileReader(fileURL);
+ else
+ fileReader = new FileReader("public.txt");
+
+ try {
+ CharArrayWriter caw = new CharArrayWriter();
+ int c;
+ while ((c = fileReader.read()) != -1) {
+ caw.write(c);
+ }
+ // Set/save the file input as test result onto Java2SecTest
+ Java2SecTest.testResult = caw.toString();
+ }
+ catch (IOException e) {
+ e.printStackTrace(System.out);
+ }
+ finally {
+ try {
+ fileReader.close();
+ }
+ catch (IOException e) {
+ e.printStackTrace(System.out);
+ }
+ }
+ }
+ catch (IOException e) {
+ e.printStackTrace(System.out);
+ }
+ }
+}
Added: webservices/axis2/trunk/java/modules/kernel/test/org/apache/axis2/java/security/driver/Java2SecTest.java
URL: http://svn.apache.org/viewvc/webservices/axis2/trunk/java/modules/kernel/test/org/apache/axis2/java/security/driver/Java2SecTest.java?view=auto&rev=477365
==============================================================================
--- webservices/axis2/trunk/java/modules/kernel/test/org/apache/axis2/java/security/driver/Java2SecTest.java (added)
+++ webservices/axis2/trunk/java/modules/kernel/test/org/apache/axis2/java/security/driver/Java2SecTest.java Mon Nov 20 14:17:06 2006
@@ -0,0 +1,545 @@
+/*
+ * Copyright 2006 International Business Machines Corp.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package org.apache.axis2.java.security.driver;
+
+import org.apache.axis2.java.security.action.Action;
+import org.apache.axis2.java.security.less.LessPermission;
+import org.apache.axis2.java.security.more.MorePermission;
+import org.apache.axis2.java.security.less.LessPermissionPrivilegedExceptionAction;
+import org.apache.axis2.java.security.more.MorePermissionPrivilegedExceptionAction;
+import org.apache.axis2.java.security.less.LessPermissionAccessControlContext;
+import org.apache.axis2.java.security.more.MorePermissionAccessControlContext;
+import org.apache.axis2.java.security.AccessController;
+
+import junit.framework.TestCase;
+import junit.framework.Test;
+import junit.framework.TestCase;
+import junit.framework.TestSuite;
+import junit.textui.TestRunner;
+
+import java.util.Calendar;
+import java.util.TimeZone;
+import java.security.AccessControlException;
+import java.security.Permission;
+import java.security.PrivilegedActionException;
+import java.security.PrivilegedExceptionAction;
+
+/**
+ * Java2SecTest demostrates the usages of AccessController class and Policy file(s) while Security Manager is enabled:
+ * 1. testNoPrivilegePassed shows the usage of no AccessController but it still work fine
+ * because it has all the permissions.
+ * 2. testNoPrivilegeFailure shows the usage of AccessController with LessPermission.java,
+ * which is not right approach.
+ * 3. testDoPrivilegePassed shows the correct practice of java 2 security by granting the appropriate
+ * permission in the policy file(s0 and wrapping the AccessController calls with MorePermission.java.
+ * 4. testDoPrivilegeFailure shows the reverse call order of MorePermission and LessPermission
+ * from testDoPrivilegedPassed.
+ * 5. testAccessControlContextFailure shows the AccessContext which contains a no-permission class
+ * on the stack can cause a failure. In our case, the no-permission class is
+ * LessPermissionAccessControlContext.
+ *
+ */
+
+public class Java2SecTest extends TestCase {
+ // Static variable to keep the test result
+ public static String testResult = "";
+
+ // Default constructor
+ public Java2SecTest() {
+ super();
+ System.out.println("\nJava2SecTest ctor 1");
+ Calendar cal = Calendar.getInstance(TimeZone.getDefault());
+ String DATE_FORMAT = "yyyy-MM-dd HH:mm:ss";
+ java.text.SimpleDateFormat sdf = new java.text.SimpleDateFormat(DATE_FORMAT);
+ sdf.setTimeZone(TimeZone.getDefault());
+ System.out.println("Current time => " + sdf.format(cal.getTime()) + "\n");
+ }
+
+ // Constructor
+ public Java2SecTest(String arg) {
+ super(arg);
+ System.out.println("\nJava2SecTest ctor 2");
+ Calendar cal = Calendar.getInstance(TimeZone.getDefault());
+ String DATE_FORMAT = "yyyy-MM-dd HH:mm:ss";
+ java.text.SimpleDateFormat sdf = new java.text.SimpleDateFormat(DATE_FORMAT);
+ sdf.setTimeZone(TimeZone.getDefault());
+ System.out.println("Current time => " + sdf.format(cal.getTime()) + "\n");
+ }
+
+ // This method is added for running this test as a pure junit test
+ public static void main(String[] args) {
+ TestRunner.run(suite());
+
+ }
+
+ // This method is added for running this test as a pure junit test
+ public static Test suite() {
+ TestSuite suite = new TestSuite(Java2SecTest.class);
+
+ return suite;
+
+ }
+
+
+
+ /**
+ * testNoPrivilegedSuccessed
+ */
+
+ public void testNoPrivilegeSuccessed() throws Exception {
+ Java2SecTest.testResult = "testNoPrivilegeSuccessed failed.";
+ SecurityManager oldSM = null;
+ String expectedString = "This line is from public.txt.";
+
+ System.out.println("\ntestNoPrivilegedSuccessed() begins");
+ // Check whether the security manager is enabled or not.
+ // If not, turn it on
+ oldSM = System.getSecurityManager();
+ if (oldSM != null) {
+ System.out.println("\nSecurity Manager is enabled.");
+ } else {
+ System.out.println("\nSecurity Manager is disabled.");
+ System.out.println("Enabling the default Java Security Manager");
+ System.setSecurityManager(new SecurityManager());
+ }
+
+ // Run test WITHOUT AccessController.doPrivileged wrapper
+ Action dp= new Action("public/public.txt");
+ MorePermission mp = new MorePermission(dp, false);
+ LessPermission lp = new LessPermission(mp, false);
+ lp.takeAction();
+
+ // Disable security manager if it is enabled by this testcsae
+ if (System.getSecurityManager() != null && oldSM == null) {
+ System.setSecurityManager(null);
+ if (System.getSecurityManager() == null) {
+ System.out.println("Security Manager is successfully disabled.");
+ } else {
+ System.out.println("Security Manager is still enabled");
+ }
+ }
+ // Remove extra characters within the result string
+ testResult = testResult.replaceAll("\\r", "");
+ testResult = testResult.replaceAll("\\n", "");
+ System.out.println("Resulting string is " + testResult);
+
+ // Verify the test result by comparing the test result with expected string
+ assertTrue("The string contents do not match.", expectedString.equalsIgnoreCase(testResult));
+
+ System.out.println("\ntestNoPrivilegedSuccessed() ends\n\n");
+ }
+
+
+
+ /**
+ * testNoPrivilegedFailure
+ */
+
+ public void testNoPrivilegeFailure() throws Exception {
+ Java2SecTest.testResult = "testNoPrivilegeFailure failed.";
+ SecurityManager oldSM = null;
+
+ System.out.println("\ntestNoPrivilegedFailured() begins");
+ // Check whether the security is enable or not.
+ // if it is not enabled, turn it on
+ oldSM = System.getSecurityManager();
+ if (oldSM != null) {
+ System.out.println("\nSecurity Manager is enabled.");
+ } else {
+ System.out.println("\nSecurity Manager is disabled.");
+ System.out.println("Enabling the default Security Manager");
+ System.setSecurityManager(new SecurityManager());
+ }
+ // Run test with AccessController.doPrivilege wrapper
+ Action dp= new Action("private/private.txt");
+ MorePermission mp = new MorePermission(dp, false);
+ LessPermission lp = new LessPermission(mp, false);
+ try {
+ lp.takeAction();
+ } catch (Exception e){
+ // verify the test result
+ assertTrue("It is not the security exception.", (e instanceof java.security.AccessControlException));
+ } finally {
+ // Disable security manager if it is enabled by this testcsae
+ if (System.getSecurityManager() != null && oldSM == null) {
+ System.setSecurityManager(null);
+ if (System.getSecurityManager() == null) {
+ System.out.println("Security Manager is successfully disabled.");
+ } else {
+ System.out.println("Security Manager is still enabled");
+ }
+ }
+ System.out.println("\ntesNoPrivilegedFailure() ends\n\n");
+ }
+ }
+
+
+
+ /**
+ * testDoPrivilegedSuccessed
+ */
+
+ public void testDoPrivilegeSuccessed() throws Exception {
+ Java2SecTest.testResult = "testDoPrivilegeSuccessed failed.";
+ SecurityManager oldSM = null;
+ String expectedString = "This line is from private.txt.";
+
+ System.out.println("\ntestDoPrivilegedSuccessed() begins");
+ // Check whether the security is enable or not.
+ // If it is not enabled, turn it on
+ oldSM = System.getSecurityManager();
+ if (oldSM != null) {
+ System.out.println("\nSecurity Manager is enabled.");
+ } else {
+ System.out.println("\nSecurity Manager is disabled.");
+ System.out.println("Enabling the default Java Security Manager");
+ System.setSecurityManager(new SecurityManager());
+ }
+
+ // Run test with AccessController.doPrivilege
+ Action dp= new Action("private/private.txt");
+ MorePermission mp = new MorePermission(dp, true);
+ LessPermission lp = new LessPermission(mp, false);
+ lp.takeAction();
+
+
+ // Disable security manager if it is enabled by this testcsae
+ if (System.getSecurityManager() != null && oldSM == null) {
+ System.setSecurityManager(null);
+ if (System.getSecurityManager() == null) {
+ System.out.println("Security Manager is successfully disabled.");
+ } else {
+ System.out.println("Security Manager is still enabled");
+ }
+ }
+
+ // Remove extra characters within the result string
+ testResult = testResult.replaceAll("\\r", "");
+ testResult = testResult.replaceAll("\\n", "");
+ System.out.println("Resulting string is " + testResult);
+
+ // Verify the test result by comparing the test result with expected string
+ assertTrue("The string contents do not match.", expectedString.equalsIgnoreCase(testResult));
+ System.out.println("\ntestDoPrivilegedSuccessed() ends\n\n");
+ }
+
+
+
+ /**
+ * testDoPrivilegedFailure
+ */
+
+ public void testDoPrivilegeFailure() throws Exception {
+ Java2SecTest.testResult = "testDoPrivilegeFailure failed.";
+ SecurityManager oldSM = null;
+ String expectedString = "This line is from private.txt.";
+
+ System.out.println("\ntestDoPrivilegedFailure() begins");
+ // Check whether the security is enable or not.
+ // If it is not enabled, turn it on
+ oldSM = System.getSecurityManager();
+ if (oldSM != null) {
+ System.out.println("\nSecurity Manager is enabled.");
+ } else {
+ System.out.println("\nSecurity Manager is disabled.");
+ System.out.println("Enabling the default Java Security Manager");
+ System.setSecurityManager(new SecurityManager());
+ }
+
+ // Run test with AccessController.doPrivilege
+ Action dp= new Action("private/private.txt");
+ MorePermission mp = new MorePermission(dp, false);
+ LessPermission lp = new LessPermission(mp, true);
+ try {
+ mp.takeAction();
+ } catch (Exception e) {
+ // Verify the test result
+ assertTrue("It is not the security exception.", (e instanceof java.security.AccessControlException));
+
+ } finally {
+ // Disable security manager if it is enabled by this testcsae
+ if (System.getSecurityManager() != null && oldSM == null) {
+ System.setSecurityManager(null);
+ if (System.getSecurityManager() == null) {
+ System.out.println("Security Manager is successfully disabled.");
+ } else {
+ System.out.println("Security Manager is still enabled");
+ }
+ }
+ System.out.println("\ntestDoPrivilegedFailure() ends\n\n");
+ }
+ }
+
+
+
+
+ /**
+ * testAccessControlContextFailure
+ */
+
+ public void testAccessControlContextFailure() throws Exception {
+ Java2SecTest.testResult = "testAccessControlContextFailure failed.";
+ SecurityManager oldSM = null;
+ String expectedString = "This line is from private.txt.";
+
+ System.out.println("\ntestAccessControlContextFailure() begins");
+ // Check whether the security is enable or not.
+ // If it is not enabled, turn it on
+ oldSM = System.getSecurityManager();
+ if (oldSM != null) {
+ System.out.println("\nSecurity Manager is enabled.");
+ } else {
+ System.out.println("\nSecurity Manager is disabled.");
+ System.out.println("Enabling the default Java Security Manager");
+ System.setSecurityManager(new SecurityManager());
+ }
+
+ // Run test with AccessController.doPrivilege
+ Action dp= new Action("private/private.txt");
+ MorePermissionAccessControlContext mp = new MorePermissionAccessControlContext(dp, false);
+ LessPermissionAccessControlContext lp = new LessPermissionAccessControlContext(mp, true);
+ try {
+ lp.takeAction();
+ } catch (Exception e) {
+ // Verify the test result
+ assertTrue("It is not the security exception.", (e instanceof java.security.AccessControlException));
+
+ } finally {
+ // Disable security manager if it is enabled by this testcsae
+ if (System.getSecurityManager() != null && oldSM == null) {
+ System.setSecurityManager(null);
+ if (System.getSecurityManager() == null) {
+ System.out.println("Security Manager is successfully disabled.");
+ } else {
+ System.out.println("Security Manager is still enabled");
+ }
+ }
+ System.out.println("\ntestAccessControlContextFailure() ends\n\n");
+ }
+ }
+
+ // 2 begins
+
+ /**
+ * testPrivilegedExceptionActionSuccessed
+ */
+
+ public void testPrivilegedExceptionSuccessed() throws Exception {
+ Java2SecTest.testResult = "testPrivielgedExceptionSuccessed failed";
+ SecurityManager oldSM = null;
+ String expectedString = "This line is from private.txt.";
+
+ System.out.println("\ntestPrivilegedExceptionActionSuccessed() begins");
+ // Check whether the security is enable or not.
+ // If it is not enabled, turn it on
+ oldSM = System.getSecurityManager();
+ if (oldSM != null) {
+ System.out.println("\nSecurity Manager is enabled.");
+ } else {
+ System.out.println("\nSecurity Manager is disabled.");
+ System.out.println("Enabling the default Java Security Manager");
+ System.setSecurityManager(new SecurityManager());
+ }
+
+ // Run test with AccessController.doPrivilege
+ Action dp= new Action("private/private.txt");
+ MorePermissionPrivilegedExceptionAction mp = new MorePermissionPrivilegedExceptionAction(dp, true);
+ LessPermissionPrivilegedExceptionAction lp = new LessPermissionPrivilegedExceptionAction(mp, false);
+ lp.takeAction();
+
+
+ // Disable security manager if it is enabled by this testcsae
+ if (System.getSecurityManager() != null && oldSM == null) {
+ System.setSecurityManager(null);
+ if (System.getSecurityManager() == null) {
+ System.out.println("Security Manager is successfully disabled.");
+ } else {
+ System.out.println("Security Manager is still enabled");
+ }
+ }
+
+ // Remove extra characters within the result string
+ testResult = testResult.replaceAll("\\r", "");
+ testResult = testResult.replaceAll("\\n", "");
+ System.out.println("testDoPrivilege's result string is " + testResult);
+
+ // Verify the test result by comparing the test result with expected string
+ assertTrue("The string contents do not match.", expectedString.equalsIgnoreCase(testResult));
+ System.out.println("\ntestDoPrivilegeSuccessed() ends\n\n");
+ }
+
+
+
+ /**
+ * testPrivilegedExceptionActionFailure
+ */
+
+ public void testPrivilegedExceptionActionFailure() throws Exception {
+ Java2SecTest.testResult = "testPrivilegedExceptionActionFailure failed.";
+ SecurityManager oldSM = null;
+ String expectedString = "This line is from private.txt.";
+
+ System.out.println("\ntestPrivilegedExceptionActionFailure() begins");
+ // Check whether the security is enable or not.
+ // If it is not enabled, turn it on
+ oldSM = System.getSecurityManager();
+ if (oldSM != null) {
+ System.out.println("\nSecurity Manager is enabled.");
+ } else {
+ System.out.println("\nSecurity Manager is disabled.");
+ System.out.println("Enabling the default Java Security Manager");
+ System.setSecurityManager(new SecurityManager());
+ }
+
+ // Run test with AccessController.doPrivilege
+ Action dp= new Action("private/private.txt");
+ MorePermissionPrivilegedExceptionAction mp = new MorePermissionPrivilegedExceptionAction(dp, false);
+ LessPermissionPrivilegedExceptionAction lp = new LessPermissionPrivilegedExceptionAction(mp, true);
+ try {
+ mp.takeAction();
+ } catch (Exception e) {
+ // Verify the test result
+ assertTrue("It is not the security exception.", (e instanceof java.security.PrivilegedActionException));
+ } finally {
+ // Disable security manager if it is enabled by this testcsae
+ if (System.getSecurityManager() != null && oldSM == null) {
+ System.setSecurityManager(null);
+ if (System.getSecurityManager() == null) {
+ System.out.println("Security Manager is successfully disabled.");
+ } else {
+ System.out.println("Security Manager is still enabled");
+ }
+ }
+ System.out.println("\ntestPrivilegedExceptionActionFailure() ends\n\n");
+ }
+ }
+
+ /**
+ * testCheckPermissionAllowed
+ */
+
+ public void testCheckPermissionAllowed() throws Exception {
+ Java2SecTest.testResult = "testCheckPermissionAllowed failed.";
+ SecurityManager oldSM = null;
+
+ System.out.println("\ntestCheckPermissionAllowed() begins.\n");
+ boolean allowed = false;
+ String fileName = "public/public.txt";
+
+ oldSM = System.getSecurityManager();
+ if (oldSM != null) {
+ System.out.println("\nSecurity Manager is enabled.");
+ } else {
+ System.out.println("\nSecurity Manager is disabled.");
+ System.out.println("Enabling the default Java Security Manager");
+ System.setSecurityManager(new SecurityManager());
+ }
+
+ try {
+ // Print out maven's base,build, and test direcotories
+ String baseDir = System.getProperty("basedir");
+ System.out.println("basedir => " + baseDir);
+ // Convert the \ (back slash) to / (forward slash)
+ String baseDirM = baseDir.replace('\\', '/');
+ System.out.println("baseDirM => "+ baseDirM);
+ String fs = "/";
+
+ // Build the file URL
+ String fileURL=baseDirM+fs+"test-resources"+fs+"java2sec"+fs+fileName;
+ Permission perm = new java.io.FilePermission(fileURL, "read");
+ AccessController.checkPermission(perm);
+ allowed = true;
+ } catch (Exception e) {
+ if (e instanceof AccessControlException) {
+ e.printStackTrace(System.out);
+ }
+ } finally {
+ assertTrue("Accessing to public.txt file is denied; Test failed.", allowed);
+ // Disable security manager if it is enabled by this testcsae
+ if (System.getSecurityManager() != null && oldSM == null) {
+ System.setSecurityManager(null);
+ if (System.getSecurityManager() == null) {
+ System.out.println("Security Manager is successfully disabled.");
+ } else {
+ System.out.println("Security Manager is still enabled");
+ }
+ }
+ System.out.println("\ntestCheckPermissionAllowed() ends.\n");
+ }
+
+ }
+
+
+
+ /**
+ * testCheckPermissionDenied
+ */
+
+ public void testCheckPermissionDenied() throws Exception {
+ Java2SecTest.testResult = "testCheckPermissionDenied failed";
+ SecurityManager oldSM = null;
+
+ System.out.println("\ntestCheckPermissionDenied() begins.\n");
+ boolean denied = true;
+ String fileName = "private/private.txt";
+
+ oldSM = System.getSecurityManager();
+ if (oldSM != null) {
+ System.out.println("\nSecurity Manager is enabled.");
+ } else {
+ System.out.println("\nSecurity Manager is disabled.");
+ System.out.println("Enabling the default Java Security Manager");
+ System.setSecurityManager(new SecurityManager());
+ }
+
+ try {
+ // Print out maven's base,build, and test direcotories
+ String baseDir = System.getProperty("basedir");
+ System.out.println("basedir => " + baseDir);
+
+ // Convert the \ (back slash) to / (forward slash)
+ String baseDirM = baseDir.replace('\\', '/');
+ System.out.println("baseDirM => "+ baseDirM);
+
+ String fs = "/";
+
+ // Build the file URL
+ String fileURL=baseDirM+fs+"test-resources"+fs+"java2sec"+fs+fileName;
+ Permission perm = new java.io.FilePermission(fileURL, "read");
+ AccessController.checkPermission(perm);
+ denied = false;
+ } catch (Exception e) {
+ if (!(e instanceof AccessControlException)) {
+ denied = false;
+ }
+ e.printStackTrace(System.out);
+ } finally {
+ assertTrue("Accessing to private.txt file is allowed; Test failed.", denied);
+
+ // Disable security manager if it is enabled by this testcsae
+ if (System.getSecurityManager() != null && oldSM == null) {
+ System.setSecurityManager(null);
+ if (System.getSecurityManager() == null) {
+ System.out.println("Security Manager is successfully disabled.");
+ } else {
+ System.out.println("Security Manager is still enabled");
+ }
+ }
+ System.out.println("\ntestCheckPermissionDenied() ends.\n");
+ }
+ }
+}
Added: webservices/axis2/trunk/java/modules/kernel/test/org/apache/axis2/java/security/interf/Actor.java
URL: http://svn.apache.org/viewvc/webservices/axis2/trunk/java/modules/kernel/test/org/apache/axis2/java/security/interf/Actor.java?view=auto&rev=477365
==============================================================================
--- webservices/axis2/trunk/java/modules/kernel/test/org/apache/axis2/java/security/interf/Actor.java (added)
+++ webservices/axis2/trunk/java/modules/kernel/test/org/apache/axis2/java/security/interf/Actor.java Mon Nov 20 14:17:06 2006
@@ -0,0 +1,26 @@
+/*
+ * Copyright 2006 International Business Machines Corp.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package org.apache.axis2.java.security.interf;
+
+/**
+ * Interface Actor
+ */
+
+public interface Actor {
+ public void takeAction();
+}
+
Added: webservices/axis2/trunk/java/modules/kernel/test/org/apache/axis2/java/security/less/LessPermission.java
URL: http://svn.apache.org/viewvc/webservices/axis2/trunk/java/modules/kernel/test/org/apache/axis2/java/security/less/LessPermission.java?view=auto&rev=477365
==============================================================================
--- webservices/axis2/trunk/java/modules/kernel/test/org/apache/axis2/java/security/less/LessPermission.java (added)
+++ webservices/axis2/trunk/java/modules/kernel/test/org/apache/axis2/java/security/less/LessPermission.java Mon Nov 20 14:17:06 2006
@@ -0,0 +1,63 @@
+/*
+ * Copyright 2006 International Business Machines Corp.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package org.apache.axis2.java.security.less;
+
+import org.apache.axis2.java.security.AccessController;
+import org.apache.axis2.java.security.interf.Actor;
+
+import java.security.PrivilegedAction;
+
+
+
+/**
+ * LessPermission has no read permission to the private.txt file
+ */
+
+public class LessPermission implements Actor {
+
+ private Actor _actor;
+ private boolean _usingDoPrivilege;
+
+ // Construtor
+ public LessPermission(Actor a, boolean usingDoPrivilege) {
+ _actor = a;
+ _usingDoPrivilege = usingDoPrivilege;
+ }
+
+ // Implement Actor's takeAction method
+ public void takeAction() {
+ try {
+ if (_usingDoPrivilege) {
+ // Use AccessController's doPrivilege
+ AccessController.doPrivileged(
+ new PrivilegedAction() {
+ public Object run() {
+ _actor.takeAction();
+ return null;
+ }
+ });
+ }
+ else {
+ // Use no AccessController's doPrivilege
+ _actor.takeAction();
+ }
+ } catch (Exception e) {
+ e.printStackTrace(System.out);
+ }
+ }
+}
+
Added: webservices/axis2/trunk/java/modules/kernel/test/org/apache/axis2/java/security/less/LessPermissionAccessControlContext.java
URL: http://svn.apache.org/viewvc/webservices/axis2/trunk/java/modules/kernel/test/org/apache/axis2/java/security/less/LessPermissionAccessControlContext.java?view=auto&rev=477365
==============================================================================
--- webservices/axis2/trunk/java/modules/kernel/test/org/apache/axis2/java/security/less/LessPermissionAccessControlContext.java (added)
+++ webservices/axis2/trunk/java/modules/kernel/test/org/apache/axis2/java/security/less/LessPermissionAccessControlContext.java Mon Nov 20 14:17:06 2006
@@ -0,0 +1,65 @@
+/*
+ * Copyright 2006 International Business Machines Corp.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package org.apache.axis2.java.security.less;
+
+import org.apache.axis2.java.security.AccessController;
+import org.apache.axis2.java.security.interf.Actor;
+
+import java.security.PrivilegedAction;
+import java.security.AccessControlContext;
+
+
+
+/**
+ * LessPermission has no read permission to the private.txt file
+ */
+
+public class LessPermissionAccessControlContext implements Actor {
+
+ private Actor _actor;
+ private boolean _usingDoPrivilege;
+
+ // Construtor
+ public LessPermissionAccessControlContext(Actor a, boolean usingDoPrivilege) {
+ _actor = a;
+ _usingDoPrivilege = usingDoPrivilege;
+ }
+
+ // Implement Actor's takeAction method
+ public void takeAction() {
+ try {
+ if (_usingDoPrivilege) {
+ final AccessControlContext acc = AccessController.getContext();
+ // Demostrate the usage of AccessController.doPrivileged(PrivilegeAction action, AccessContext ctx)
+ AccessController.doPrivileged(
+ new PrivilegedAction() {
+ public Object run() {
+ _actor.takeAction();
+ return null;
+ }
+ }, acc);
+ }
+ else {
+ // Use no doPrivileged
+ _actor.takeAction();
+ }
+ } catch (Exception e) {
+ e.printStackTrace(System.out);
+ }
+ }
+}
+
Added: webservices/axis2/trunk/java/modules/kernel/test/org/apache/axis2/java/security/less/LessPermissionPrivilegedExceptionAction.java
URL: http://svn.apache.org/viewvc/webservices/axis2/trunk/java/modules/kernel/test/org/apache/axis2/java/security/less/LessPermissionPrivilegedExceptionAction.java?view=auto&rev=477365
==============================================================================
--- webservices/axis2/trunk/java/modules/kernel/test/org/apache/axis2/java/security/less/LessPermissionPrivilegedExceptionAction.java (added)
+++ webservices/axis2/trunk/java/modules/kernel/test/org/apache/axis2/java/security/less/LessPermissionPrivilegedExceptionAction.java Mon Nov 20 14:17:06 2006
@@ -0,0 +1,63 @@
+/*
+ * Copyright 2006 International Business Machines Corp.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package org.apache.axis2.java.security.less;
+
+import org.apache.axis2.java.security.AccessController;
+import org.apache.axis2.java.security.interf.Actor;
+
+import java.security.PrivilegedExceptionAction;
+
+
+
+/**
+ * LessPermission has no read permission to the private.txt file
+ */
+
+public class LessPermissionPrivilegedExceptionAction implements Actor {
+
+ private Actor _actor;
+ private boolean _usingDoPrivilege;
+
+ // Construtor
+ public LessPermissionPrivilegedExceptionAction(Actor a, boolean usingDoPrivilege) {
+ _actor = a;
+ _usingDoPrivilege = usingDoPrivilege;
+ }
+
+ // Implement Actor's takeAction method
+ public void takeAction() {
+ try {
+ if (_usingDoPrivilege) {
+ // Demostrate the usage of AccessController.doPrivileged(PrivilegedExceptionAction action)
+ AccessController.doPrivileged(
+ new PrivilegedExceptionAction() {
+ public Object run() {
+ _actor.takeAction();
+ return null;
+ }
+ });
+ }
+ else {
+ // Use no doPrivileged
+ _actor.takeAction();
+ }
+ } catch (Exception e) {
+ e.printStackTrace(System.out);
+ }
+ }
+}
+
Added: webservices/axis2/trunk/java/modules/kernel/test/org/apache/axis2/java/security/more/MorePermission.java
URL: http://svn.apache.org/viewvc/webservices/axis2/trunk/java/modules/kernel/test/org/apache/axis2/java/security/more/MorePermission.java?view=auto&rev=477365
==============================================================================
--- webservices/axis2/trunk/java/modules/kernel/test/org/apache/axis2/java/security/more/MorePermission.java (added)
+++ webservices/axis2/trunk/java/modules/kernel/test/org/apache/axis2/java/security/more/MorePermission.java Mon Nov 20 14:17:06 2006
@@ -0,0 +1,62 @@
+/*
+ * Copyright 2006 International Business Machines Corp.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package org.apache.axis2.java.security.more;
+
+import org.apache.axis2.java.security.AccessController;
+import org.apache.axis2.java.security.interf.Actor;
+
+import java.security.PrivilegedAction;
+
+/**
+ * MorePermission has read permission to both public.txt and private.txt
+ */
+
+public class MorePermission implements Actor {
+
+ private Actor _actor;
+ private boolean _usingDoPrivilege;
+
+ // Constructor
+ public MorePermission(Actor a, boolean usingDoPrivilege) {
+ _actor = a;
+ _usingDoPrivilege = usingDoPrivilege;
+
+ }
+
+ // Implementing Actor's takeAction method
+ public void takeAction() {
+ try {
+ if (_usingDoPrivilege) {
+ // Use AccessController's doPrivilege
+ AccessController.doPrivileged(
+ new PrivilegedAction() {
+ public Object run() {
+ _actor.takeAction();
+ return null;
+ }
+ });
+ }
+ else {
+ // Use no AccessController's doPrivilege
+ _actor.takeAction();
+ }
+ } catch (Exception e) {
+ e.printStackTrace(System.out);
+ }
+ }
+}
+
Added: webservices/axis2/trunk/java/modules/kernel/test/org/apache/axis2/java/security/more/MorePermissionAccessControlContext.java
URL: http://svn.apache.org/viewvc/webservices/axis2/trunk/java/modules/kernel/test/org/apache/axis2/java/security/more/MorePermissionAccessControlContext.java?view=auto&rev=477365
==============================================================================
--- webservices/axis2/trunk/java/modules/kernel/test/org/apache/axis2/java/security/more/MorePermissionAccessControlContext.java (added)
+++ webservices/axis2/trunk/java/modules/kernel/test/org/apache/axis2/java/security/more/MorePermissionAccessControlContext.java Mon Nov 20 14:17:06 2006
@@ -0,0 +1,80 @@
+/*
+ * Copyright 2006 International Business Machines Corp.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package org.apache.axis2.java.security.more;
+
+import org.apache.axis2.java.security.AccessController;
+import org.apache.axis2.java.security.interf.Actor;
+
+import java.security.PrivilegedAction;
+import java.security.AccessControlContext;
+import java.security.Permission;
+
+/**
+ * MorePermissionAccessControllerContext has read permission to both public.txt and private.txt
+ */
+
+public class MorePermissionAccessControlContext implements Actor {
+
+ private Actor _actor;
+ private boolean _usingDoPrivilege;
+
+ // Constructor
+ public MorePermissionAccessControlContext(Actor a, boolean usingDoPrivilege) {
+ _actor = a;
+ _usingDoPrivilege = usingDoPrivilege;
+
+ }
+
+ // Implementing Actor's takeAction method
+ public void takeAction() {
+ try {
+ if (_usingDoPrivilege) {
+ final AccessControlContext acc = AccessController.getContext();
+ // Print out maven's base,build, and test direcotories
+ String baseDir = System.getProperty("basedir");
+ System.out.println("basedir => " + baseDir);
+
+ // Convert the \ (back slash) to / (forward slash)
+ String baseDirM = baseDir.replace('\\', '/');
+ System.out.println("baseDirM => "+ baseDirM);
+
+ String fs = "/";
+ String fileName = "private/private.txt";
+
+ // Build the file URL
+ String fileURL=baseDirM+fs+"test-resources"+fs+"java2sec"+fs+fileName;
+ Permission perm = new java.io.FilePermission(fileURL, "read");
+ acc.checkPermission(perm);
+ // Demostrate the usage of AccessController's doPrivilege(PrivilegeAction action, AccessContext ctx)
+ AccessController.doPrivileged(
+ new PrivilegedAction() {
+ public Object run() {
+ _actor.takeAction();
+ return null;
+ }
+ }, acc);
+ }
+ else {
+ // Use no doPrivileged
+ _actor.takeAction();
+ }
+ } catch (Exception e) {
+ e.printStackTrace(System.out);
+ }
+ }
+}
+
Added: webservices/axis2/trunk/java/modules/kernel/test/org/apache/axis2/java/security/more/MorePermissionPrivilegedExceptionAction.java
URL: http://svn.apache.org/viewvc/webservices/axis2/trunk/java/modules/kernel/test/org/apache/axis2/java/security/more/MorePermissionPrivilegedExceptionAction.java?view=auto&rev=477365
==============================================================================
--- webservices/axis2/trunk/java/modules/kernel/test/org/apache/axis2/java/security/more/MorePermissionPrivilegedExceptionAction.java (added)
+++ webservices/axis2/trunk/java/modules/kernel/test/org/apache/axis2/java/security/more/MorePermissionPrivilegedExceptionAction.java Mon Nov 20 14:17:06 2006
@@ -0,0 +1,62 @@
+/*
+ * Copyright 2006 International Business Machines Corp.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package org.apache.axis2.java.security.more;
+
+import org.apache.axis2.java.security.AccessController;
+import org.apache.axis2.java.security.interf.Actor;
+
+import java.security.PrivilegedExceptionAction;
+
+/**
+ * MorePermission has read permission to both public.txt and private.txt
+ */
+
+public class MorePermissionPrivilegedExceptionAction implements Actor {
+
+ private Actor _actor;
+ private boolean _usingDoPrivilege;
+
+ // Constructor
+ public MorePermissionPrivilegedExceptionAction(Actor a, boolean usingDoPrivilege) {
+ _actor = a;
+ _usingDoPrivilege = usingDoPrivilege;
+
+ }
+
+ // Implementing Actor's takeAction method
+ public void takeAction() {
+ try {
+ if (_usingDoPrivilege) {
+ // Demostrate the usage of AccessController.doPrivileged(PrivilegedExceptionAction action)
+ AccessController.doPrivileged(
+ new PrivilegedExceptionAction() {
+ public Object run() {
+ _actor.takeAction();
+ return null;
+ }
+ });
+ }
+ else {
+ // Use no doPrivilege
+ _actor.takeAction();
+ }
+ } catch (Exception e) {
+ e.printStackTrace(System.out);
+ }
+ }
+}
+
---------------------------------------------------------------------
To unsubscribe, e-mail: axis-cvs-unsubscribe@ws.apache.org
For additional commands, e-mail: axis-cvs-help@ws.apache.org