avalon-cvs mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From nic...@apache.org
Subject cvs commit: avalon-sandbox/security/src/tests Component.java ComponentImpl.java InnerContainer.java InnerContainerImpl.java Main.java OuterContainer.java OuterContainerImpl.java
Date Mon, 05 Jan 2004 15:42:31 GMT
niclas      2004/01/05 07:42:31

  Added:       security build.properties build.xml run.sh security.policy
               security/src/tests Component.java ComponentImpl.java
                        InnerContainer.java InnerContainerImpl.java
                        Main.java OuterContainer.java
                        OuterContainerImpl.java
  Log:
  A little test to figure out how to do nested codebase level security.
  
  Revision  Changes    Path
  1.1                  avalon-sandbox/security/build.properties
  
  Index: build.properties
  ===================================================================
  java.dir=src/tests
  build.classes=build/classes
  build.debug=on
  build.optimize=off
  build.deprecation=on
  
  
  
  1.1                  avalon-sandbox/security/build.xml
  
  Index: build.xml
  ===================================================================
  
  <project name="security" default="all" basedir="." >
  
    <target name="prepare" >
      <property file="build.properties" />
    </target>
    
    <target name="compile" depends="prepare" >
      <mkdir dir="${build.classes}" />
      <javac 
          srcdir="${java.dir}"
          destdir="${build.classes}"
          debug="${build.debug}"
          optimize="${build.optimize}"
          deprecation="${build.deprecation}">
      </javac>
    </target>
    
    <target name="package" depends="compile" >
    
      <jar jarfile="main.jar" basedir="${build.classes}" includes="Main.class, OuterContainer.class"
/>
      <jar jarfile="outer.jar" basedir="${build.classes}" includes="OuterContainerImpl*.class,
InnerContainer.class" />
      <jar jarfile="inner.jar" basedir="${build.classes}" includes="InnerContainerImpl*.class,
Component.class" />
      <jar jarfile="component.jar" basedir="${build.classes}" includes="ComponentImpl.class"
/>
    </target>
    
    <target name="all" depends="package" />
  
    <target name="clean" depends="prepare" >
    
      <delete dir="build/" />
      <delete file="main.jar" />
      <delete file="outer.jar" />
      <delete file="inner.jar" />
      <delete file="component.jar" />
      
    </target>
  </project>
  
  
  
  1.1                  avalon-sandbox/security/run.sh
  
  Index: run.sh
  ===================================================================
  #!/bin/sh
  #
  
  java -Djava.security.policy=security.policy \
       -Djava.security.manager= -cp main.jar Main
  
  
  
  
  1.1                  avalon-sandbox/security/security.policy
  
  Index: security.policy
  ===================================================================
  
  
  grant {
      permission java.security.AllPermission;  
  };
  
  
  1.1                  avalon-sandbox/security/src/tests/Component.java
  
  Index: Component.java
  ===================================================================
  
  public interface Component
  {
      void doProtectedMethod();
      
  } 
  
  
  
  1.1                  avalon-sandbox/security/src/tests/ComponentImpl.java
  
  Index: ComponentImpl.java
  ===================================================================
  
  import java.security.*;
  
  public class ComponentImpl
      implements Component
  {
      public void doProtectedMethod()
      {
          Permission perm = new RuntimePermission( "doProtected" );
          AccessController.checkPermission( perm );
          
          System.out.println( "Phase 1 OK.      <--  Custom Permission in Component passed."
);
          
          try
          {
              String s = System.getProperty( "java.home" );
              System.out.println( "JavaHome=" + s );
              System.out.println( "Phase 2 failed." );
          } catch( SecurityException e )
          {
              System.out.println( "Phase 2 OK.      <--  Component reads a non-allowed
property, and is denied" );
          }
      }
      
  } 
   
  
  
  
  1.1                  avalon-sandbox/security/src/tests/InnerContainer.java
  
  Index: InnerContainer.java
  ===================================================================
  
  
  public interface InnerContainer
  {
      void doThatMethod() throws Exception;
  } 
  
  
  
  1.1                  avalon-sandbox/security/src/tests/InnerContainerImpl.java
  
  Index: InnerContainerImpl.java
  ===================================================================
  
  import java.io.*;
  import java.net.*;
  import java.security.*;
  import java.util.*;
  
  public class InnerContainerImpl
      implements InnerContainer
  {
      private Component m_Component;
      private AccessControlContext m_AccContext;
      
      public InnerContainerImpl()
          throws Exception
      {
          ClassLoader parentCL = getClass().getClassLoader();
          File f = new File( System.getProperty( "user.dir" ), "component.jar" );
          CodeSource cs = new CodeSource( f.toURL(), null );        
          
          Permissions p = new Permissions();
          
          Permission perm = new RuntimePermission( "doProtected" );
          p.add( perm );
          
          ProtectionDomain pd = new ProtectionDomain( cs, p );
          ProtectionDomain[] domains = new ProtectionDomain[] { pd };
          
          m_AccContext = new AccessControlContext( domains );    
          
          m_Component = (Component) Main.instantiate( f, "ComponentImpl", parentCL );
      }
      
      public void doThatMethod() throws Exception
      {
          String s = System.getProperty( "java.home" );
          System.out.println( "Phase 0 OK.      <--  Container reads an allowed Property,
and passed." );
          AccessController.doPrivileged( new PrivilegedExceptionAction()
          {
              public Object run() throws Exception
              {
                  m_Component.doProtectedMethod();
                  return null;
              }
          }, m_AccContext );
          
          try
          {
              s = System.getProperty( "java.vendor" );
              System.out.println( "Java Vendor=" + s );
          } catch( SecurityException e )
          {
              System.out.println( "Phase 3 OK.      <--  Container reads a non-allowed
Property, and is denied." );
          }
      }
  }
  
  
  
  1.1                  avalon-sandbox/security/src/tests/Main.java
  
  Index: Main.java
  ===================================================================
  
  import java.io.*;
  import java.net.*;
  import java.security.*;
  import java.util.*;
  
  public class Main
  {
      static public void main( String[] args )
          throws Exception
      {
          System.out.println( "Starting." );
          
          ClassLoader parentCL = Main.class.getClassLoader();
          File f = new File( System.getProperty( "user.dir" ), "outer.jar" );
          OuterContainer container = (OuterContainer) instantiate( f, "OuterContainerImpl",
parentCL );
          container.doThisMethod();
          
          System.out.println( "Finishing." );
      }
      
      static public Object instantiate( File jarFile, String classname, ClassLoader parent
)
          throws Exception
      {
          URL url = jarFile.toURL();
          URL[] urls = new URL[] { url };
          URLClassLoader cl = new URLClassLoader( urls, parent );
          Class cls = cl.loadClass( classname );
          return cls.newInstance();
      }    
  }
  
  
  
  1.1                  avalon-sandbox/security/src/tests/OuterContainer.java
  
  Index: OuterContainer.java
  ===================================================================
   
  public interface OuterContainer
  {
      void doThisMethod() throws Exception;
  }
  
  
  1.1                  avalon-sandbox/security/src/tests/OuterContainerImpl.java
  
  Index: OuterContainerImpl.java
  ===================================================================
  
  
  import java.io.*;
  import java.net.*;
  import java.security.*;
  import java.util.*;
  
  
  public class OuterContainerImpl
      implements OuterContainer
  {
      private InnerContainer m_Inner;
      private AccessControlContext m_AccContext;
      
      public OuterContainerImpl()
          throws Exception
      {
          ClassLoader parentCL = getClass().getClassLoader();
          File f = new File( System.getProperty( "user.dir" ), "inner.jar" );
          
          CodeSource cs = new CodeSource( f.toURL(), null );        
          
          Permissions p = new Permissions();
          
          Permission perm = new RuntimePermission( "doProtected" );
          p.add( perm );
          
          perm = new PropertyPermission( "java.home", "read" );
          p.add( perm );
          
          ProtectionDomain pd = new ProtectionDomain( cs, p );
          ProtectionDomain[] domains = new ProtectionDomain[] { pd };
          m_AccContext = new AccessControlContext( domains );    
          
          m_Inner = (InnerContainer) Main.instantiate( f, "InnerContainerImpl", parentCL );
      }
      
      public void doThisMethod() throws Exception
      {
          AccessController.doPrivileged( new PrivilegedExceptionAction()
          {
              public Object run() throws Exception
              {
                  m_Inner.doThatMethod();
                  return null;
              }
          }, m_AccContext );
      }
  }
  
  
  

---------------------------------------------------------------------
To unsubscribe, e-mail: cvs-unsubscribe@avalon.apache.org
For additional commands, e-mail: cvs-help@avalon.apache.org


Mime
View raw message