db-derby-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From d..@apache.org
Subject svn commit: r637294 - in /db/derby/code/branches/10.4: java/drda/org/apache/derby/drda/ java/drda/org/apache/derby/impl/drda/ java/drda/org/apache/derby/mbeans/drda/ java/engine/org/apache/derby/iapi/services/info/ java/engine/org/apache/derby/impl/ser...
Date Fri, 14 Mar 2008 22:23:21 GMT
Author: djd
Date: Fri Mar 14 15:23:20 2008
New Revision: 637294

URL: http://svn.apache.org/viewvc?rev=637294&view=rev
Log:
Merge 636323 636417 636435 636493 636583 636803 636813
636818 636824 636878 637275 637281 from trunk
DERBY-3506 DERBY-3385 DERBY-3491 DERBY-3462 DERBY-1387
JMX changes including more testing & test improvements
and security changes to ensure permissions are needed
to access Derby information through JMX.
All merged clean.

Modified:
    db/derby/code/branches/10.4/java/drda/org/apache/derby/drda/server.policy
    db/derby/code/branches/10.4/java/drda/org/apache/derby/impl/drda/NetworkServerControlImpl.java
    db/derby/code/branches/10.4/java/drda/org/apache/derby/impl/drda/NetworkServerMBeanImpl.java
    db/derby/code/branches/10.4/java/drda/org/apache/derby/mbeans/drda/NetworkServerMBean.java
    db/derby/code/branches/10.4/java/engine/org/apache/derby/iapi/services/info/Version.java
    db/derby/code/branches/10.4/java/engine/org/apache/derby/impl/services/jmx/JMXManagementService.java
    db/derby/code/branches/10.4/java/engine/org/apache/derby/jdbc/InternalDriver.java
    db/derby/code/branches/10.4/java/engine/org/apache/derby/mbeans/ManagementMBean.java
    db/derby/code/branches/10.4/java/engine/org/apache/derby/mbeans/VersionMBean.java
    db/derby/code/branches/10.4/java/engine/org/apache/derby/mbeans/package.html
    db/derby/code/branches/10.4/java/engine/org/apache/derby/security/SystemPermission.java
    db/derby/code/branches/10.4/java/testing/org/apache/derbyTesting/functionTests/tests/management/JDBCMBeanTest.java
    db/derby/code/branches/10.4/java/testing/org/apache/derbyTesting/functionTests/tests/management/MBeanTest.java
    db/derby/code/branches/10.4/java/testing/org/apache/derbyTesting/functionTests/tests/management/build.xml
    db/derby/code/branches/10.4/java/testing/org/apache/derbyTesting/functionTests/util/derby_tests.policy
    db/derby/code/branches/10.4/java/testing/org/apache/derbyTesting/junit/NetworkServerTestSetup.java
    db/derby/code/branches/10.4/java/testing/org/apache/derbyTesting/junit/Utilities.java
    db/derby/code/branches/10.4/java/testing/org/apache/derbyTesting/unitTests/junit/SystemPrivilegesPermissionTest.java
    db/derby/code/branches/10.4/java/testing/org/apache/derbyTesting/unitTests/junit/SystemPrivilegesPermissionTest.policy
    db/derby/code/branches/10.4/java/testing/org/apache/derbyTesting/unitTests/junit/_Suite.java
    db/derby/code/branches/10.4/tools/javadoc/publishedapi.ant

Modified: db/derby/code/branches/10.4/java/drda/org/apache/derby/drda/server.policy
URL: http://svn.apache.org/viewvc/db/derby/code/branches/10.4/java/drda/org/apache/derby/drda/server.policy?rev=637294&r1=637293&r2=637294&view=diff
==============================================================================
--- db/derby/code/branches/10.4/java/drda/org/apache/derby/drda/server.policy (original)
+++ db/derby/code/branches/10.4/java/drda/org/apache/derby/drda/server.policy Fri Mar 14 15:23:20 2008
@@ -56,6 +56,15 @@
 // Trusts Derby code to be a source of MBeans and to register these in the MBean server.
 //
   permission javax.management.MBeanTrustPermission "register";
+  
+  // Gives permission for jmx to be used against Derby but
+  // only if JMX authentication is not being used.
+  // In that case the application would need to create
+  // a whole set of fine-grained permissions to allow specific
+  // users access to MBeans and actions they perform.
+  permission org.apache.derby.security.SystemPermission "jmx", "control";
+  permission org.apache.derby.security.SystemPermission "engine", "monitor";
+  permission org.apache.derby.security.SystemPermission "server", "monitor";
 
 };
 
@@ -79,6 +88,9 @@
 // Needed for server tracing.
 //
   permission java.io.FilePermission "${derby.drda.traceDirectory}${/}-", "read,write,delete";
+  
+  // Needed for NetworkServerMBean access (see JMX section above)
+  permission org.apache.derby.security.SystemPermission "server", "control,monitor";
 
 //
 // Needed by sysinfo. The file permission is needed to

Modified: db/derby/code/branches/10.4/java/drda/org/apache/derby/impl/drda/NetworkServerControlImpl.java
URL: http://svn.apache.org/viewvc/db/derby/code/branches/10.4/java/drda/org/apache/derby/impl/drda/NetworkServerControlImpl.java?rev=637294&r1=637293&r2=637294&view=diff
==============================================================================
--- db/derby/code/branches/10.4/java/drda/org/apache/derby/impl/drda/NetworkServerControlImpl.java (original)
+++ db/derby/code/branches/10.4/java/drda/org/apache/derby/impl/drda/NetworkServerControlImpl.java Fri Mar 14 15:23:20 2008
@@ -776,17 +776,17 @@
         ManagementService mgmtService = ((ManagementService)
                 Monitor.getSystemModule(Module.JMX));
         
-        Object versionMBean = mgmtService.registerMBean(
+        final Object versionMBean = mgmtService.registerMBean(
                            new Version(
                                    getNetProductVersionHolder(),
-                                   null /*SystemPermission.SERVER*/),
+                                   SystemPermission.SERVER),
                            VersionMBean.class,
                            "type=Version,jar=derbynet.jar");
-        Object networkServerMBean = mgmtService.registerMBean(
+        final Object networkServerMBean = mgmtService.registerMBean(
                             new NetworkServerMBeanImpl(this),
                             NetworkServerMBean.class,
                             "type=NetworkServer");
-        			
+                			
 		// wait until we are told to shutdown or someone sends an InterruptedException
         synchronized(shutdownSync) {
             try {
@@ -1078,8 +1078,8 @@
 
         // the check
         try {
-            final Permission sp
-                = new SystemPermission(SystemPermission.SHUTDOWN);
+            final Permission sp  = new SystemPermission(
+                  SystemPermission.SERVER, SystemPermission.SHUTDOWN);
             // For porting the network server to J2ME/CDC, consider calling
             // abstract method InternalDriver.checkShutdownPrivileges(user)
             // instead of static SecurityUtil.checkUserHasPermission().

Modified: db/derby/code/branches/10.4/java/drda/org/apache/derby/impl/drda/NetworkServerMBeanImpl.java
URL: http://svn.apache.org/viewvc/db/derby/code/branches/10.4/java/drda/org/apache/derby/impl/drda/NetworkServerMBeanImpl.java?rev=637294&r1=637293&r2=637294&view=diff
==============================================================================
--- db/derby/code/branches/10.4/java/drda/org/apache/derby/impl/drda/NetworkServerMBeanImpl.java (original)
+++ db/derby/code/branches/10.4/java/drda/org/apache/derby/impl/drda/NetworkServerMBeanImpl.java Fri Mar 14 15:23:20 2008
@@ -21,7 +21,11 @@
 
 package org.apache.derby.impl.drda;
 
+import java.security.AccessControlException;
+import java.security.AccessController;
+
 import org.apache.derby.mbeans.drda.NetworkServerMBean;
+import org.apache.derby.security.SystemPermission;
 import org.apache.derby.iapi.reference.Property;
 import org.apache.derby.iapi.services.monitor.Monitor;
 import org.apache.derby.drda.NetworkServerControl;
@@ -52,18 +56,38 @@
         startTime = System.currentTimeMillis();
     }
     
+    private static final SystemPermission CONTROL =
+        new SystemPermission(SystemPermission.SERVER,
+                SystemPermission.CONTROL);
+    private static final SystemPermission MONITOR =
+        new SystemPermission(SystemPermission.SERVER,
+                SystemPermission.MONITOR);
+    
     /**
      * Ensure the caller has permission to control the network server.
      */
-    private void checkControl() { 
-        // TODO: implement check
+    private static void checkControl() { 
+        checkPermission(CONTROL);
     }
 
     /**
      * Ensure the caller has permission to monitor the network server.
      */
-    private void checkMonitor() { 
-//      TODO: implement check
+    private static void checkMonitor() { 
+        checkPermission(MONITOR);
+    }
+    
+    private static void checkPermission(SystemPermission permission)
+    {
+        try {
+            if (System.getSecurityManager() != null)
+                AccessController.checkPermission(permission);
+        } catch (AccessControlException e) {
+            // Need to throw a simplified version as AccessControlException
+            // will have a reference to Derby's SystemPermission which most likely
+            // will not be available on the client.
+            throw new SecurityException(e.getMessage());
+        }  
     }
 
     // Some of the code is disabled (commented out) due to security concerns,
@@ -82,6 +106,7 @@
     }
     
     public boolean getDrdaKeepAlive() {
+        checkMonitor();
         String on = getServerProperty(Property.DRDA_PROP_KEEPALIVE);
         return ( "true".equals(on) ? true : false);
     }

Modified: db/derby/code/branches/10.4/java/drda/org/apache/derby/mbeans/drda/NetworkServerMBean.java
URL: http://svn.apache.org/viewvc/db/derby/code/branches/10.4/java/drda/org/apache/derby/mbeans/drda/NetworkServerMBean.java?rev=637294&r1=637293&r2=637294&view=diff
==============================================================================
--- db/derby/code/branches/10.4/java/drda/org/apache/derby/mbeans/drda/NetworkServerMBean.java (original)
+++ db/derby/code/branches/10.4/java/drda/org/apache/derby/mbeans/drda/NetworkServerMBean.java Fri Mar 14 15:23:20 2008
@@ -31,7 +31,7 @@
  * For more information on Managed Beans, refer to the JMX specification.
  *
  * @see org.apache.derby.drda.NetworkServerControl
- *
+ * @see org.apache.derby.security.SystemPermission
  */
 public interface NetworkServerMBean {
     
@@ -48,6 +48,10 @@
      * the Network Server is listening for connections. "<code>0.0.0.0</code>" 
      * means that the server allows connections from any host on the network.
      * 
+     * <P>
+     * Require <code>SystemPermission("server", "control")</code> if a security
+     * manager is installed.
+     *
      * @return the value of <code>derby.drda.host</code>
      */
     public String getDrdaHost();
@@ -56,6 +60,10 @@
      * Gets the value of the <code>derby.drda.keepAlive</code> network server
      * setting. 
      * 
+     * <P>
+     * Require <code>SystemPermission("server", "monitor")</code> if a security
+     * manager is installed.
+     *
      * @see <a href="http://db.apache.org/derby/docs/dev/adminguide/radmindrdakeepalive.html"><code>derby.drda.keepAlive</code> documentation</a>
      * @return the value of <code>derby.drda.keepAlive</code>
      */
@@ -64,6 +72,10 @@
     /**
      * Gets the value of the <code>derby.drda.maxThreads</code> network server 
      * setting.
+     * <P>
+     * Require <code>SystemPermission("server", "monitor")</code> if a security
+     * manager is installed.
+     *
      * @return the value of the <code>derby.drda.maxThreads</code> network 
      *         server setting
      */
@@ -75,6 +87,10 @@
      * setting. This is the port number on which the Network Server is listening
      * for client connections.
      * 
+     * <P>
+     * Require <code>SystemPermission("server", "control")</code> if a security
+     * manager is installed.
+     *
      * @return the port number on which the Network Server is listening
      *         for client connections.
      */
@@ -84,6 +100,10 @@
      * Gets the value of the <code>derby.drda.securityMechanism</code> network 
      * server setting. 
      * 
+     * <P>
+     * Require <code>SystemPermission("server", "control")</code> if a security
+     * manager is installed.
+     *
      * @return the value of the <code>derby.drda.securityMechanism</code> 
      *         network server setting.
      */
@@ -93,6 +113,10 @@
      * Gets the value of the <code>derby.drda.sslMode</code> network server 
      * setting. 
      * 
+     * <P>
+     * Require <code>SystemPermission("server", "control")</code> if a security
+     * manager is installed.
+     *
      * @return the value of the <code>derby.drda.sslMode</code> network server 
      *         setting.
      */
@@ -104,6 +128,10 @@
      * This setting is used to configure the size of the buffer used for 
      * streaming blob/clob from server to client.
      * 
+     * <P>
+     * Require <code>SystemPermission("server", "monitor")</code> if a security
+     * manager is installed.
+     *
      * @return the size of the buffer used for streaming blob/clob from server 
      *         to client
      */
@@ -112,6 +140,10 @@
     /**
      * Gets the value of the <code>derby.drda.timeSlice</code> network server 
      * setting.
+     * <P>
+     * Require <code>SystemPermission("server", "monitor")</code> if a security
+     * manager is installed.
+     *
      * @return the value of the <code>derby.drda.timeSlice</code> network 
      *         server setting
      */
@@ -121,6 +153,10 @@
     /**
      * Gets the value of the <code>derby.drda.traceAll</code> network server 
      * setting.
+     * <P>
+     * Require <code>SystemPermission("server", "monitor")</code> if a security
+     * manager is installed.
+     *
      * @return the value of the <code>derby.drda.traceAll</code> network 
      *         server setting
      */
@@ -133,11 +169,19 @@
      * network server administrator, the default value is returned.
      * @return the value of the <code>derby.drda.timeSlice</code> network 
      *         server setting
+     * <P>
+     * Require <code>SystemPermission("server", "control")</code> if a security
+     * manager is installed.
+     *
      */
     public String getDrdaTraceDirectory();
     //public void setDrdaTraceDirectory(String dir) throws Exception;
     /**
      * Get the number of connections.
+     * <P>
+     * Require <code>SystemPermission("server", "monitor")</code> if a security
+     * manager is installed.
+     *
      * @return number of connections.
      */
     public int getConnectionCount();
@@ -151,12 +195,20 @@
      * <p>
      * If drdaMaxThreads is > 0 and drdaTimeSlice > 0, connections will be alternating beetween active 
      * and waiting according to Derby's time slicing algorithm.
+     * <P>
+     * Require <code>SystemPermission("server", "monitor")</code> if a security
+     * manager is installed.
+     *
      * @return number of active connections
      */
     public int getActiveConnectionCount();
     
     /**
      * get the number of waiting connections. Always 0 if drdaMaxThreads is 0. 
+     * <P>
+     * Require <code>SystemPermission("server", "monitor")</code> if a security
+     * manager is installed.
+     *
      * @return number of waiting connections
      * @see NetworkServerMBean#getActiveConnectionCount
      */
@@ -164,24 +216,40 @@
     
     /**
      * Get the size of the thread pool.
+     * <P>
+     * Require <code>SystemPermission("server", "monitor")</code> if a security
+     * manager is installed.
+     *
      * @return size of thread pool
      */
     public int getConnectionThreadPoolSize();
     
     /**
      * Get the accumulated number of connections.
+     * <P>
+     * Require <code>SystemPermission("server", "monitor")</code> if a security
+     * manager is installed.
+     *
      * @return number of connections.
      */
     public int getAccumulatedConnectionCount();
     
     /**
      * Get the total number of bytes read
+     * <P>
+     * Require <code>SystemPermission("server", "monitor")</code> if a security
+     * manager is installed.
+     *
      * @return number of bytes
      */
     public long getBytesReceived();
     
     /** 
      * Get the total number of bytes written.
+     * <P>
+     * Require <code>SystemPermission("server", "monitor")</code> if a security
+     * manager is installed.
+     *
      * @return number of bytes
      */
     public long getBytesSent();
@@ -189,6 +257,10 @@
     /**
      * Get the number of bytes received pr second. 
      * Shortest interval measured is 1 second.
+     * <P>
+     * Require <code>SystemPermission("server", "monitor")</code> if a security
+     * manager is installed.
+     *
      * @return bytes per millisecond
      */
     
@@ -197,6 +269,10 @@
      /**
      * Get the number of bytes sent pr second. 
      * Shortest interval measured is 1 second.
+     * <P>
+     * Require <code>SystemPermission("server", "monitor")</code> if a security
+     * manager is installed.
+     *
      * @return bytes per millisecond
      */
     
@@ -204,6 +280,10 @@
     
     /**
      * Return the start time of the network server.
+     * <P>
+     * Require <code>SystemPermission("server", "monitor")</code> if a security
+     * manager is installed.
+     *
      * @return Time in milli-seconds since the epoch that the network server started.
      * @see System#currentTimeMillis()
      */
@@ -211,6 +291,10 @@
     
     /**
      * Return the time the network server has been running.
+     * <P>
+     * Require <code>SystemPermission("server", "monitor")</code> if a security
+     * manager is installed.
+     *
      * @return Time in milli-seconds the server has been running.
      */
     public long getUptime(); 
@@ -224,6 +308,10 @@
     /**
      * Executes the network server's <code>ping</code> command.
      * Returns without errors if the server was successfully pinged.
+     * <P>
+     * Require <code>SystemPermission("server", "monitor")</code> if a security
+     * manager is installed.
+     *
      * @throws java.lang.Exception if the ping attempt fails (an indication that
      *         the network server is not running properly)
      */

Modified: db/derby/code/branches/10.4/java/engine/org/apache/derby/iapi/services/info/Version.java
URL: http://svn.apache.org/viewvc/db/derby/code/branches/10.4/java/engine/org/apache/derby/iapi/services/info/Version.java?rev=637294&r1=637293&r2=637294&view=diff
==============================================================================
--- db/derby/code/branches/10.4/java/engine/org/apache/derby/iapi/services/info/Version.java (original)
+++ db/derby/code/branches/10.4/java/engine/org/apache/derby/iapi/services/info/Version.java Fri Mar 14 15:23:20 2008
@@ -21,7 +21,11 @@
 
 package org.apache.derby.iapi.services.info;
 
+import java.security.AccessControlException;
+import java.security.AccessController;
+
 import org.apache.derby.mbeans.VersionMBean;
+import org.apache.derby.security.SystemPermission;
 
 /**
  * This implementation of VersionMBean instruments a
@@ -35,7 +39,7 @@
     private final ProductVersionHolder versionInfo;
     
     /**
-     * Permission name for the object the version
+     * Permission target name for the object the version
      * information applies to.
      */
     private final String permissionName;
@@ -49,9 +53,22 @@
     ** Security checks(non-Javadoc)
     */
     
+    /**
+     * Ensure caller has permission to monitor Derby.
+     */
     private void checkMonitor() {
-        // TODO: Add actual check
-        //new SystemPermission(permissionName, SystemPermission.MONITOR);
+
+        try {
+            if (System.getSecurityManager() != null)
+                AccessController.checkPermission(
+                        new SystemPermission(permissionName,
+                                SystemPermission.MONITOR));
+        } catch (AccessControlException e) {
+            // Need to throw a simplified version as AccessControlException
+            // will have a reference to Derby's SystemPermission which most likely
+            // will not be available on the client.
+            throw new SecurityException(e.getMessage());
+        }
     }
     
     // ------------------------- MBEAN ATTRIBUTES  ----------------------------

Modified: db/derby/code/branches/10.4/java/engine/org/apache/derby/impl/services/jmx/JMXManagementService.java
URL: http://svn.apache.org/viewvc/db/derby/code/branches/10.4/java/engine/org/apache/derby/impl/services/jmx/JMXManagementService.java?rev=637294&r1=637293&r2=637294&view=diff
==============================================================================
--- db/derby/code/branches/10.4/java/engine/org/apache/derby/impl/services/jmx/JMXManagementService.java (original)
+++ db/derby/code/branches/10.4/java/engine/org/apache/derby/impl/services/jmx/JMXManagementService.java Fri Mar 14 15:23:20 2008
@@ -121,7 +121,7 @@
         registerMBean(
                 new Version(
                         Monitor.getMonitor().getEngineVersion(),
-                        null /* SystemPermission.ENGINE */),
+                        SystemPermission.ENGINE),
                 VersionMBean.class,
                 "type=Version,jar=derby.jar");
     }
@@ -175,9 +175,12 @@
                     });
             
         } catch (SecurityException se) {
-            // TODO: just ignoring inability to create or
-            // find the mbean server.
-            // or should an error or warning be raised?
+            // Ignoring inability to create or
+            // find the mbean server. MBeans can continue
+            // to be registered with this service and
+            // startMangement() can be called to get
+            // them registered with JMX if someone else
+            // starts the MBean server.
         }
     }
 
@@ -240,6 +243,11 @@
     private void jmxRegister(final StandardMBean standardMBean,
             final ObjectName beanName) throws JMException
     {
+        // Already registered? Can happen if we don't have permission
+        // to unregister the MBeans.
+        if (mbeanServer.isRegistered(beanName))
+            return;
+            
         try {
 
             AccessController
@@ -254,6 +262,10 @@
 
         } catch (PrivilegedActionException pae) {
             throw (JMException) pae.getException();
+        } catch (SecurityException se) {
+            // If we can't register the MBean then so be it.
+            // The application can later enabled the MBeans
+            // by using org.apache.derby.mbeans.Management
         }
     }
     
@@ -312,6 +324,10 @@
             // JMException jme = (JMException) pae.getException();
             //if (!(jme instanceof InstanceNotFoundException))
                 // throw StandardException.plainWrapException(jme);
+        } catch (SecurityException se) {
+            // Can't unregister the MBean we registered due to permission
+            // problems, oh-well just leave it there. We are fail-safe
+            // if we attempt to re-register it.
         }
     }
 
@@ -375,18 +391,28 @@
             mbeanServer = null;
         }
     }
+    
+    /**
+     * Control permission (permissions are immutable).
+     */
+    private final static SystemPermission CONTROL =
+        new SystemPermission(
+                SystemPermission.JMX, SystemPermission.CONTROL);
 
+    /**
+     * Require SystemPermission("jmx", "control") to change
+     * the management state.
+     */
     private void checkJMXControl() {
-        /* FUTURE DERBY-3462
         try {
-            AccessController.checkPermission(new SystemPermission("jmxControl"));
+            if (System.getSecurityManager() != null)
+                AccessController.checkPermission(CONTROL);
         } catch (AccessControlException e) {
             // Need to throw a simplified version as AccessControlException
             // will have a reference to Derby's SystemPermission which most likely
             // will not be available on the client.
             throw new SecurityException(e.getMessage());
         }
-        */
     }
 
     public synchronized String getSystemIdentifier() {

Modified: db/derby/code/branches/10.4/java/engine/org/apache/derby/jdbc/InternalDriver.java
URL: http://svn.apache.org/viewvc/db/derby/code/branches/10.4/java/engine/org/apache/derby/jdbc/InternalDriver.java?rev=637294&r1=637293&r2=637294&view=diff
==============================================================================
--- db/derby/code/branches/10.4/java/engine/org/apache/derby/jdbc/InternalDriver.java (original)
+++ db/derby/code/branches/10.4/java/engine/org/apache/derby/jdbc/InternalDriver.java Fri Mar 14 15:23:20 2008
@@ -302,8 +302,8 @@
 
         // the check
         try {
-            final Permission sp
-                = new SystemPermission(SystemPermission.SHUTDOWN);
+            final Permission sp = new SystemPermission(
+                SystemPermission.ENGINE, SystemPermission.SHUTDOWN);
             checkSystemPrivileges(user, sp);
         } catch (AccessControlException ace) {
             throw Util.generateCsSQLException(

Modified: db/derby/code/branches/10.4/java/engine/org/apache/derby/mbeans/ManagementMBean.java
URL: http://svn.apache.org/viewvc/db/derby/code/branches/10.4/java/engine/org/apache/derby/mbeans/ManagementMBean.java?rev=637294&r1=637293&r2=637294&view=diff
==============================================================================
--- db/derby/code/branches/10.4/java/engine/org/apache/derby/mbeans/ManagementMBean.java (original)
+++ db/derby/code/branches/10.4/java/engine/org/apache/derby/mbeans/ManagementMBean.java Fri Mar 14 15:23:20 2008
@@ -23,10 +23,9 @@
 
 /**
  * JMX MBean inteface to control visibility of Derby's MBeans.
- * When Derby boots it attempts to register an MBean
- * implementing ManagementMBean if derby.system.jmx is true.
+ * When Derby boots it attempts to register its MBeans.
  * It may fail due to lack of valid permissions.
- * If Derby does not register its ManagementMBean then an
+ * If Derby does not register its MBeans then an
  * application may register the Management implementation
  * of ManagementMBean itself and use it to start Derby's
  * JMX management.
@@ -55,6 +54,7 @@
      * The system identifier is a runtime value to disambiguate
      * multiple Derby systems in the same virtual machine but
      * different class loaders.
+     * 
      * @return Runtime identifier for the system, null if Derby is not running.
      */
     public String getSystemIdentifier();
@@ -63,12 +63,22 @@
      * Inform Derby to start its JMX management by registering
      * MBeans relevant to its current state. If Derby is not
      * booted then no action is taken.
+     * <P>
+     * Require <code>SystemPermission("jmx", "control")</code> if a security
+     * manager is installed.
+     * 
+     * @see org.apache.derby.security.SystemPermission
      */
     public void startManagement();
     
     /**
      * Inform Derby to stop its JMX management by unregistering
      * its MBeans. If Derby is not booted then no action is taken.
+     * <P>
+     * Require <code>SystemPermission("jmx", "control")</code> if a security
+     * manager is installed.
+     * 
+     * @see org.apache.derby.security.SystemPermission
      */
     public void stopManagement();
 }

Modified: db/derby/code/branches/10.4/java/engine/org/apache/derby/mbeans/VersionMBean.java
URL: http://svn.apache.org/viewvc/db/derby/code/branches/10.4/java/engine/org/apache/derby/mbeans/VersionMBean.java?rev=637294&r1=637293&r2=637294&view=diff
==============================================================================
--- db/derby/code/branches/10.4/java/engine/org/apache/derby/mbeans/VersionMBean.java (original)
+++ db/derby/code/branches/10.4/java/engine/org/apache/derby/mbeans/VersionMBean.java Fri Mar 14 15:23:20 2008
@@ -36,6 +36,15 @@
  * <LI> <code>jar={derby.jar|derbynet.jar}</code>
  * <LI> <code>system=</code><em>runtime system identifier</em> (see overview)
  * </UL>
+ * <P>
+ * If a security manager is installed these permissions are required:
+ * <UL>
+ * <LI> <code>SystemPermission("server", "monitor")</code> for version information
+ * specific to derbynet.jar
+ * <LI> <code>SystemPermission("engine", "monitor")</code> for version information
+ * specific to derby.jar
+ * </UL>
+ * @see org.apache.derby.security.SystemPermission
 */
 public interface VersionMBean {
     // attributes

Modified: db/derby/code/branches/10.4/java/engine/org/apache/derby/mbeans/package.html
URL: http://svn.apache.org/viewvc/db/derby/code/branches/10.4/java/engine/org/apache/derby/mbeans/package.html?rev=637294&r1=637293&r2=637294&view=diff
==============================================================================
--- db/derby/code/branches/10.4/java/engine/org/apache/derby/mbeans/package.html (original)
+++ db/derby/code/branches/10.4/java/engine/org/apache/derby/mbeans/package.html Fri Mar 14 15:23:20 2008
@@ -16,9 +16,8 @@
 -->
 <body>
 <h2> JMX MBeans. </h2>
-If <code>derby.system.jmx</code> is true then when Derby (the embedded engine)
-is booted it will attempt to connect to the PlatformMBeanServer and register
-a number of MBeans to monitor and manage Derby.
+When Derby (the embedded engine) is booted it will attempt to connect
+to the PlatformMBeanServer and register a number of MBeans to monitor and manage Derby.
 <P>
 Derby registers its JMX MBeans in the <code>org.apache.derby</code> domain and
 always includes values for <code>type</code> and <code>system</code> in the MBean's ObjectName's key

Modified: db/derby/code/branches/10.4/java/engine/org/apache/derby/security/SystemPermission.java
URL: http://svn.apache.org/viewvc/db/derby/code/branches/10.4/java/engine/org/apache/derby/security/SystemPermission.java?rev=637294&r1=637293&r2=637294&view=diff
==============================================================================
--- db/derby/code/branches/10.4/java/engine/org/apache/derby/security/SystemPermission.java (original)
+++ db/derby/code/branches/10.4/java/engine/org/apache/derby/security/SystemPermission.java Fri Mar 14 15:23:20 2008
@@ -22,46 +22,80 @@
 package org.apache.derby.security;
 
 import java.security.BasicPermission;
-import java.util.Set;
+import java.security.Permission;
+import java.util.ArrayList;
 import java.util.HashSet;
+import java.util.List;
+import java.util.Locale;
+import java.util.Set;
+import java.util.StringTokenizer;
 
 /**
  * This class represents access to system-wide Derby privileges.
  */
 final public class SystemPermission extends BasicPermission {
+    
+    /**
+     * Permission target name for actions applicable
+     * to the network server.
+     */
+    public static final String SERVER = "server";
+    /**
+     * Permission target name for actions applicable
+     * to the core database engine.
+     */
+    public static final String ENGINE = "engine";
+    /**
+     * Permission target name for actions applicable
+     * to management of Derby's JMX MBeans.
+     */
+    public static final String JMX = "jmx";
 
     /**
-     * The server and engine shutdown permission.
+     * The server and engine shutdown action.
      */
     static public final String SHUTDOWN = "shutdown";
+    
+    /**
+     * Permission to perform control actions through JMX
+     * on engine, server or jmx.
+     */
+    public static final String CONTROL = "control";
+    
+    /**
+     * Permission to perform monitoring actions through JMX
+     * on engine and server.
+     */
+    public static final String MONITOR = "monitor";
 
     /**
      * The legal system permission names.
      */
-    static protected final Set LEGAL_PERMISSIONS = new HashSet();    
+    static private final Set LEGAL_NAMES = new HashSet();    
     static {
         // when adding new permissions, check whether to override inherited
         // method: implies(Permission)
-        LEGAL_PERMISSIONS.add(SHUTDOWN);
+        LEGAL_NAMES.add(SERVER);
+        LEGAL_NAMES.add(ENGINE);
+        LEGAL_NAMES.add(JMX);
     };
-
+    
     /**
-     * Checks a name for denoting a legal SystemPermission.
-     *
-     * @param name the name of a SystemPermission
-     * @throws IllegalArgumentException if name is not a legal SystemPermission
+     * Set of legal actions in their canonical form.
      */
-    static protected void checkPermission(String name) {
-        // superclass BasicPermission has checked that name isn't null
-        // (NullPointerException) or empty (IllegalArgumentException)
-        //assert(name != null);
-        //assert(!name.equals(""));
-        if (!LEGAL_PERMISSIONS.contains(name)) {
-            throw new IllegalArgumentException("Unknown permission " + name);
-        }
+    static private final List LEGAL_ACTIONS = new ArrayList();
+    static {
+        LEGAL_ACTIONS.add(CONTROL);
+        LEGAL_ACTIONS.add(MONITOR);
+        LEGAL_ACTIONS.add(SHUTDOWN);
     }
     
     /**
+     * Actions for this permission.
+     */
+    private final String actions;
+    
+    /**
      * Creates a new SystemPermission with the specified name.
      *
      * @param name the name of the SystemPermission
@@ -69,8 +103,106 @@
      * @throws IllegalArgumentException if name is empty or not a legal SystemPermission
      * @see BasicPermission#BasicPermission(String)
      */
-    public SystemPermission(String name) {
+    public SystemPermission(String name, String actions) {
         super(name);
-        checkPermission(name);
+            
+        // superclass BasicPermission has checked that name isn't null
+        // (NullPointerException) or empty (IllegalArgumentException)
+
+        if (!LEGAL_NAMES.contains(name) ) {
+            throw new IllegalArgumentException("Unknown permission " + name);
+        }
+      
+        this.actions = getCanonicalForm(actions);   
+    }
+    
+    /**
+     * Return the permission's actions in a canonical form.
+     */
+    public String getActions() {
+        return actions;
+    }
+    
+    /**
+     * Return a canonical form of the passed in actions.
+     * Actions are lower-cased, in the order of LEGAL_ACTIONS
+     * and on;ly appear once.
+     */
+    private static String getCanonicalForm(String actions) {
+        actions = actions.trim().toLowerCase(Locale.ENGLISH);
+        
+        boolean[] seenAction = new boolean[LEGAL_ACTIONS.size()];
+        StringTokenizer st = new StringTokenizer(actions, ",");
+        while (st.hasMoreTokens()) {
+            String action = st.nextToken().trim().toLowerCase(Locale.ENGLISH);
+            int validAction = LEGAL_ACTIONS.indexOf(action);
+            if (validAction != -1)
+                seenAction[validAction] = true;
+        }
+        
+        StringBuffer sb = new StringBuffer();
+        for (int sa = 0; sa < seenAction.length; sa++)
+        {
+            if (seenAction[sa]) {
+                if (sb.length() != 0)
+                    sb.append(",");
+                sb.append(LEGAL_ACTIONS.get(sa));
+            }
+        }
+        
+        return sb.toString();
+    }
+
+    /**
+     * Does this permission equal another object.
+     * True if its and identical class with same
+     * name and (canonical) actions.
+     */
+    public boolean equals(Object other) {
+        
+        if (!super.equals(other))
+            return false;
+        
+        SystemPermission osp = (SystemPermission) other;
+        return getActions().equals(osp.getActions());
+    }
+    
+    /**
+     * Does this permission imply another. Only true
+     * if the other permission is a SystemPermission
+     * with the same name and all the actions
+     * of the permission are present in this.
+     * Note that none of the actions imply any other
+     * with this SystemPermission.
+     */
+    public boolean implies(Permission permission)
+    {
+        if (!super.implies(permission))
+            return false;
+        
+        int myActionMask = getActionMask(getActions());
+        int permissionMask = getActionMask(permission.getActions());
+        
+        return
+            (myActionMask & permissionMask) == permissionMask;
     }
+    
+    /**
+     * Get a mask of bits that represents the actions
+     * and can be used for the implies method.
+     */
+    private static int getActionMask(String actions) {
+        
+        int mask = 0;
+        StringTokenizer st = new StringTokenizer(actions, ",");
+        while (st.hasMoreTokens()) {
+            int validAction = LEGAL_ACTIONS.indexOf(st.nextElement());
+            if (validAction != -1)
+                mask |= 1 << validAction;
+        }
+        
+        return mask;
+    }
+    
+    
 }

Modified: db/derby/code/branches/10.4/java/testing/org/apache/derbyTesting/functionTests/tests/management/JDBCMBeanTest.java
URL: http://svn.apache.org/viewvc/db/derby/code/branches/10.4/java/testing/org/apache/derbyTesting/functionTests/tests/management/JDBCMBeanTest.java?rev=637294&r1=637293&r2=637294&view=diff
==============================================================================
--- db/derby/code/branches/10.4/java/testing/org/apache/derbyTesting/functionTests/tests/management/JDBCMBeanTest.java (original)
+++ db/derby/code/branches/10.4/java/testing/org/apache/derbyTesting/functionTests/tests/management/JDBCMBeanTest.java Fri Mar 14 15:23:20 2008
@@ -22,10 +22,13 @@
 package org.apache.derbyTesting.functionTests.tests.management;
 
 import java.io.BufferedReader;
-import java.sql.DatabaseMetaData;
+import java.sql.Driver;
 import java.util.Hashtable;
 import javax.management.ObjectName;
 import junit.framework.Test;
+import junit.framework.Test;
+import junit.framework.TestSuite;
+import org.apache.derbyTesting.junit.Utilities;
 
 
 /**
@@ -92,7 +95,7 @@
     public void testAttributeDriverLevel() throws Exception {
         String expected = "[Unable to get driver level from sysinfo]";
         // Get the expected value from sysinfo
-        BufferedReader sysinfoOutput = getSysinfoFromServer();
+        BufferedReader sysinfoOutput = Utilities.getSysinfoFromServer();
         String line = null;
         while ((line = sysinfoOutput.readLine()) != null) {
             /* Looking for:
@@ -109,15 +112,53 @@
         assertStringAttribute(expected,getJdbcMBeanObjectName(), "DriverLevel");
     }
     
+    /**
+     * <p>
+     * Tests the MajorVersion attribute of the JDBCMBean. Will test that there
+     * exists an attribute with that name that we are able to read, that it 
+     * returns the correct type, and that the return value is as expected.</p>
+     * <p>
+     * The expected value is retreived from the embedded driver that is directly
+     * accessible to this JVM, making the assumption that this driver's version
+     * information is the same as the version information of the embedded driver
+     * used in the JVM being instrumented using JMX (this may or may not be the
+     * same JVM).</p>
+     * 
+     * @throws java.lang.Exception if an error occurs, or if the test fails.
+     */
     public void testAttributeMajorVersion() throws Exception {
-        DatabaseMetaData dbmd = getConnection().getMetaData();
-        int expected = dbmd.getDriverMajorVersion();
+        /* since the JDBCMBean instruments the embedded driver (InternalDriver),
+         * we need to get expected values from the embedded driver even if
+         * this test configuration is client/server.
+         * Assuming that the embedded driver is available in the classpath.
+         */
+        Driver d = new org.apache.derby.jdbc.EmbeddedDriver();
+        int expected = d.getMajorVersion();
         assertIntAttribute(expected, getJdbcMBeanObjectName(), "MajorVersion");
     }
     
+    /**
+     * <p>
+     * Tests the MinorVersion attribute of the JDBCMBean. Will test that there
+     * exists an attribute with that name that we are able to read, that it 
+     * returns the correct type, and that the return value is as expected.</p>
+     * <p>
+     * The expected value is retreived from the embedded driver that is directly
+     * accessible to this JVM, making the assumption that this driver's version
+     * information is the same as the version information of the embedded driver
+     * used in the JVM being instrumented using JMX (this may or may not be the
+     * same JVM).</p>
+     * 
+     * @throws java.lang.Exception if an error occurs, or if the test fails.
+     */
     public void testAttributeMinorVersion() throws Exception {
-        DatabaseMetaData dbmd = getConnection().getMetaData();
-        int expected = dbmd.getDriverMinorVersion();
+        /* since the JDBCMBean instruments the embedded driver (InternalDriver),
+         * we need to get expected values from the embedded driver even if
+         * this test configuration is client/server.
+         * Assuming that DriverManager is available in the classpath.
+         */
+        Driver d = new org.apache.derby.jdbc.EmbeddedDriver();
+        int expected = d.getMinorVersion();
         assertIntAttribute(expected, getJdbcMBeanObjectName(), "MinorVersion");
     }
 

Modified: db/derby/code/branches/10.4/java/testing/org/apache/derbyTesting/functionTests/tests/management/MBeanTest.java
URL: http://svn.apache.org/viewvc/db/derby/code/branches/10.4/java/testing/org/apache/derbyTesting/functionTests/tests/management/MBeanTest.java?rev=637294&r1=637293&r2=637294&view=diff
==============================================================================
--- db/derby/code/branches/10.4/java/testing/org/apache/derbyTesting/functionTests/tests/management/MBeanTest.java (original)
+++ db/derby/code/branches/10.4/java/testing/org/apache/derbyTesting/functionTests/tests/management/MBeanTest.java Fri Mar 14 15:23:20 2008
@@ -21,13 +21,7 @@
 
 package org.apache.derbyTesting.functionTests.tests.management;
 
-import java.io.BufferedReader;
-import java.io.ByteArrayInputStream;
-import java.io.ByteArrayOutputStream;
 import java.io.IOException;
-import java.io.InputStreamReader;
-import java.io.PrintWriter;
-import java.io.StringReader;
 import java.security.AccessController;
 import java.security.PrivilegedExceptionAction;
 import java.util.ArrayList;
@@ -72,11 +66,7 @@
     }
     
     protected static Test suite(Class<? extends MBeanTest> testClass, String suiteName) {
-        
-        // TODO -
-        // Check for J2SE 5.0 or better? Or java.lang.management.ManagementFactory?
-        // Older VMs will get UnsupportedClassVersionError anyway...
-        
+                
         TestSuite outerSuite = new TestSuite(suiteName);
         
         Test platform = new TestSuite(testClass,  suiteName + ":platform");
@@ -86,10 +76,6 @@
         platform = TestConfiguration.clientServerDecorator(platform);
         platform = JMXConnectionDecorator.platformMBeanServer(platform);
                 
-        // TODO: Run with no security for the moment, requires changes in the
-        // test policy files that may clash with a couple of outstanding patches.
-        platform = SecurityManagerSetup.noSecurityManager(platform);
-
         // Set of tests that run within the same virtual machine using
         // the platform MBeanServer directly.
         outerSuite.addTest(platform);
@@ -245,8 +231,6 @@
         
         ObjectName mgmtObjName = getApplicationManagementMBean();
         
-        MBeanServerConnection serverConn = getMBeanServerConnection();
-
         // check the status of the management service
         Boolean active = (Boolean) 
                 getAttribute(mgmtObjName, "ManagementActive");
@@ -254,10 +238,8 @@
         if (!active.booleanValue()) {
             // JMX management is not active, so activate it by invoking the
             // startManagement operation.
-            serverConn.invoke(
-                    mgmtObjName, 
-                    "startManagement", 
-                    new Object[0], new String[0]); // no arguments
+            invokeOperation(mgmtObjName, "startManagement");
+
             active = (Boolean) 
                     getAttribute(mgmtObjName, "ManagementActive");
         }
@@ -498,46 +480,4 @@
         println(name + " = " + value); // for debugging
     }
     
-    
-    /**
-     * Calls the public method <code>getInfo</code> of the sysinfo tool within
-     * this JVM and returns a <code>BufferedReader</code> for reading its 
-     * output. This is useful for obtaining system information that could be 
-     * used to verify (for example) values returned by Derby MBeans.
-     * 
-     * @return a buffering character-input stream containing the output from
-     *         sysinfo
-     * @see org.apache.derby.tools.sysinfo#getInfo(java.io.PrintWriter out)
-     */
-    protected BufferedReader getSysinfoLocally() {
-        ByteArrayOutputStream byteStream = new ByteArrayOutputStream(20 * 1024);
-        PrintWriter pw = new PrintWriter(byteStream, true); // autoflush
-        org.apache.derby.tools.sysinfo.getInfo(pw);
-        pw.flush();
-        pw.close();
-        byte[] outBytes = byteStream.toByteArray();
-        BufferedReader sysinfoOutput = new BufferedReader(
-                    new InputStreamReader(
-                            new ByteArrayInputStream(outBytes)));
-        return sysinfoOutput;
-    }
-    
-    /**
-     * <p>Calls the public method <code>getSysInfo()</code> of the Network 
-     * Server instance associated with the current test configuration and 
-     * returns the result as a BufferedReader, making it easy to analyse the 
-     * output line by line.</p>
-     * 
-     * <p>This is useful for obtaining system information that could be 
-     * used to verify (for example) values returned by Derby MBeans.</p>
-     * 
-     * @return a buffering character-input stream containing the output from 
-     *         the server's sysinfo.
-     * @see org.apache.derby.drda.NetworkServerControl#getSysinfo()
-     */
-    protected BufferedReader getSysinfoFromServer() throws Exception {
-        
-        return new BufferedReader(new StringReader(
-                NetworkServerTestSetup.getNetworkServerControl().getSysinfo()));
-    }
 }

Modified: db/derby/code/branches/10.4/java/testing/org/apache/derbyTesting/functionTests/tests/management/build.xml
URL: http://svn.apache.org/viewvc/db/derby/code/branches/10.4/java/testing/org/apache/derbyTesting/functionTests/tests/management/build.xml?rev=637294&r1=637293&r2=637294&view=diff
==============================================================================
--- db/derby/code/branches/10.4/java/testing/org/apache/derbyTesting/functionTests/tests/management/build.xml (original)
+++ db/derby/code/branches/10.4/java/testing/org/apache/derbyTesting/functionTests/tests/management/build.xml Fri Mar 14 15:23:20 2008
@@ -57,6 +57,11 @@
             </classpath>
             <include name="${this.dir}/*.java"/>
         </javac>
+        <copy todir="${out.dir}/${derby.testing.functest.dir}/tests/management">
+          <fileset dir="${derby.testing.src.dir}/${derby.testing.functest.dir}/tests/management"
+        	 includes="jmx.*"/>
+        </copy>
+
     </target>
 
 </project>

Modified: db/derby/code/branches/10.4/java/testing/org/apache/derbyTesting/functionTests/util/derby_tests.policy
URL: http://svn.apache.org/viewvc/db/derby/code/branches/10.4/java/testing/org/apache/derbyTesting/functionTests/util/derby_tests.policy?rev=637294&r1=637293&r2=637294&view=diff
==============================================================================
--- db/derby/code/branches/10.4/java/testing/org/apache/derbyTesting/functionTests/util/derby_tests.policy (original)
+++ db/derby/code/branches/10.4/java/testing/org/apache/derbyTesting/functionTests/util/derby_tests.policy Fri Mar 14 15:23:20 2008
@@ -77,6 +77,34 @@
   // JDK14 has the JCE  preloaded
   permission java.security.SecurityPermission "insertProvider.SunJCE";
   permission java.security.SecurityPermission "insertProvider.IBMJCE";
+  
+//
+// Permissions needed for JMX based management and monitoring, which is only
+// available for JVMs supporting "platform management", that is J2SE 5.0 or better.
+//
+// Allows this code to create an MBeanServer:
+//
+  permission javax.management.MBeanServerPermission "createMBeanServer";
+//
+// Allows access to Derby's built-in MBeans, within the domain org.apache.derby.
+// Derby must be allowed to register and unregister these MBeans.
+// To fine tune this permission, see the javadoc of javax.management.MBeanPermission
+// or the JMX Instrumentation and Agent Specification.
+//
+  permission javax.management.MBeanPermission "org.apache.derby.*#[org.apache.derby:*]","registerMBean,unregisterMBean";
+//
+// Trusts Derby code to be a source of MBeans and to register these in the MBean server.
+//
+  permission javax.management.MBeanTrustPermission "register";
+
+  // Gives permission for jmx to be used against Derby but
+  // only if JMX authentication is not being used.
+  // In that case the application would need to create
+  // a whole set of fine-grained permissions to allow specific
+  // users access to MBeans and actions they perform.
+  permission org.apache.derby.security.SystemPermission "jmx", "control";
+  permission org.apache.derby.security.SystemPermission "engine", "monitor";
+  permission org.apache.derby.security.SystemPermission "server", "monitor";  
  
   // These permissions are needed when testing code instrumented with EMMA.
   // They will only be used if the emma.active system property property is set,
@@ -99,6 +127,9 @@
   permission java.net.SocketPermission "${derbyTesting.clienthost}", "accept,connect";
   permission java.net.SocketPermission "${derbyTesting.serverhost}", "accept,connect";
   
+    // Needed for NetworkServerMBean access (see JMX section above)
+  permission org.apache.derby.security.SystemPermission "server", "control,monitor";
+  
 };
 
 //
@@ -169,7 +200,25 @@
   // traces upon failure.
   permission java.lang.RuntimePermission "getStackTrace";
   permission java.lang.RuntimePermission "modifyThreadGroup";
-
+  
+  // Allow MBeanTest to register the application management MBean.
+  permission javax.management.MBeanServerPermission "createMBeanServer";
+  permission javax.management.MBeanPermission "org.apache.derby.mbeans.Management#[org.apache.derby:type=Management]","registerMBean,unregisterMBean";
+  permission javax.management.MBeanPermission "org.apache.derby.mbeans.Management#-[-]", "instantiate";
+  permission javax.management.MBeanTrustPermission "register";
+   
+  // And to find and use Derby's MBeans
+  permission javax.management.MBeanPermission "org.apache.derby.mbeans.*#[org.apache.derby:*]", "getAttribute,invoke";
+  permission javax.management.MBeanPermission "org.apache.derby.mbeans.*#-[org.apache.derby:*]", "getMBeanInfo";
+  permission javax.management.MBeanPermission "-#-[-]", "queryNames";
+  permission javax.management.MBeanPermission "org.apache.derby.mbeans.*#-[org.apache.derby:*]", "queryNames";
+  
+  // Test code needs this as well for the platform MBeanServer
+  // tests where the testing code is in the stack frame.
+  permission org.apache.derby.security.SystemPermission "jmx", "control";
+  permission org.apache.derby.security.SystemPermission "engine", "monitor";
+  permission org.apache.derby.security.SystemPermission "server", "control,monitor";
+  
   // These permissions are needed when testing code instrumented with EMMA.
   permission java.lang.RuntimePermission "${emma.active}writeFileDescriptor";
 };
@@ -215,7 +264,24 @@
   // traces upon failure.
   permission java.lang.RuntimePermission "getStackTrace";
   permission java.lang.RuntimePermission "modifyThreadGroup";
-
+  
+    // Allow MBeanTest to register the application management MBean.
+  permission javax.management.MBeanServerPermission "createMBeanServer";
+  permission javax.management.MBeanPermission "org.apache.derby.mbeans.Management#[org.apache.derby:type=Management]","registerMBean,unregisterMBean";
+  permission javax.management.MBeanPermission "org.apache.derby.mbeans.Management#-[-]", "instantiate";
+  permission javax.management.MBeanTrustPermission "register";
+  
+  // Allows access to Derby's built-in MBeans, within the domain org.apache.derby.
+  permission javax.management.MBeanPermission "org.apache.derby.*#[org.apache.derby:*]","registerMBean,unregisterMBean";
+  
+   
+  // And to find and use Derby's MBeans
+  permission javax.management.MBeanPermission "org.apache.derby.mbeans.*#[org.apache.derby:*]", "getAttribute,invoke";
+  permission javax.management.MBeanPermission "org.apache.derby.mbeans.*#-[org.apache.derby:*]", "getMBeanInfo";
+  permission javax.management.MBeanPermission "-#-[-]", "queryNames";
+  permission javax.management.MBeanPermission "org.apache.derby.mbeans.*#-[org.apache.derby:*]", "queryNames";
+  
+  permission org.apache.derby.security.SystemPermission "jmx", "control";
 };
 
 // JUnit jar file tries to read junit.properties in the user's

Modified: db/derby/code/branches/10.4/java/testing/org/apache/derbyTesting/junit/NetworkServerTestSetup.java
URL: http://svn.apache.org/viewvc/db/derby/code/branches/10.4/java/testing/org/apache/derbyTesting/junit/NetworkServerTestSetup.java?rev=637294&r1=637293&r2=637294&view=diff
==============================================================================
--- db/derby/code/branches/10.4/java/testing/org/apache/derbyTesting/junit/NetworkServerTestSetup.java (original)
+++ db/derby/code/branches/10.4/java/testing/org/apache/derbyTesting/junit/NetworkServerTestSetup.java Fri Mar 14 15:23:20 2008
@@ -83,13 +83,14 @@
     private SpawnedProcess spawnedServer;
     
     /**
-     * Decorator this test with the NetworkServerTestSetup.
+     * Decorates a test with the NetworkServerTestSetup.
      * 
      * Runs the server using the current configuration (at the time
      * of setup).
      * 
      * @param asCommand True to start using NetworkServerControl.main()
-     * within the same virtual machine, false to use NetworkServerControl.start.
+     * within the same virtual machine, false to use NetworkServerControl.start
+     * (also within the same JVM).
      * 
      * @see NetworkServerControl#main(String[])
      * @see NetworkServerControl#start(PrintWriter)
@@ -106,19 +107,25 @@
 }
 
     /**
-     * Decorator this test with the NetworkServerTestSetup.
+     * Decorates a test with the NetworkServerTestSetup.
      * 
-     * Sets up the server using the current configuration, but does not start.
+     * Sets up the server using the current configuration. Whether or not the
+     * server is actually started at setup time is determined by the value of 
+     * the passed parameters.
      * 
      * @param test the Test for which this setup is used
      * @param asCommand True to start using NetworkServerControl.main()
-     * within the same virtual machine, false to use NetworkServerControl.start.
-     * @param startServerAtSetup False to start using NetworkServerControl.main()
+     * within the same virtual machine, false to use NetworkServerControl.start()
+     * (also within the same virtual machine).
+     * @param startServerAtSetup True to start the Network Server at setup time,
+     *        False otherwise.
      * 
      * @see NetworkServerControl#main(String[])
      * @see NetworkServerControl#start(PrintWriter)
      */
-    public NetworkServerTestSetup(Test test, boolean asCommand, boolean startServerAtSetup) {
+    public NetworkServerTestSetup(  Test test, 
+                                    boolean asCommand, 
+                                    boolean startServerAtSetup) {
         super(test);
         this.asCommand = asCommand;
 

Modified: db/derby/code/branches/10.4/java/testing/org/apache/derbyTesting/junit/Utilities.java
URL: http://svn.apache.org/viewvc/db/derby/code/branches/10.4/java/testing/org/apache/derbyTesting/junit/Utilities.java?rev=637294&r1=637293&r2=637294&view=diff
==============================================================================
--- db/derby/code/branches/10.4/java/testing/org/apache/derbyTesting/junit/Utilities.java (original)
+++ db/derby/code/branches/10.4/java/testing/org/apache/derbyTesting/junit/Utilities.java Fri Mar 14 15:23:20 2008
@@ -19,18 +19,21 @@
  */
 package org.apache.derbyTesting.junit;
 
+import java.io.BufferedReader;
+import java.io.ByteArrayInputStream;
+import java.io.ByteArrayOutputStream;
 import java.io.IOException;
-import java.io.InputStream;
+import java.io.InputStreamReader;
+import java.io.PrintWriter;
+import java.io.StringReader;
 import java.io.UnsupportedEncodingException;
 import java.security.AccessController;
-import java.security.PrivilegedAction;
 import java.security.PrivilegedActionException;
 import java.security.PrivilegedExceptionAction;
 import java.sql.ResultSet;
 import java.sql.ResultSetMetaData;
 import java.sql.SQLException;
 
-import junit.framework.Assert;
 
 /**
  * General non-JDBC related utilities relocated from TestUtil
@@ -194,6 +197,48 @@
             }
             
             return pr;
-        }       
+        }
+        
+    /**
+     * Calls the public method <code>getInfo</code> of the sysinfo tool within
+     * this JVM and returns a <code>BufferedReader</code> for reading its 
+     * output. This is useful for obtaining system information that could be 
+     * used to verify, for example, values returned by Derby MBeans.
+     * 
+     * @return a buffering character-input stream containing the output from
+     *         sysinfo
+     * @see org.apache.derby.tools.sysinfo#getInfo(java.io.PrintWriter out)
+     */
+    public static BufferedReader getSysinfoLocally() {
+        ByteArrayOutputStream byteStream = new ByteArrayOutputStream(20 * 1024);
+        PrintWriter pw = new PrintWriter(byteStream, true); // autoflush
+        org.apache.derby.tools.sysinfo.getInfo(pw);
+        pw.flush();
+        pw.close();
+        byte[] outBytes = byteStream.toByteArray();
+        BufferedReader sysinfoOutput = new BufferedReader(
+                    new InputStreamReader(
+                            new ByteArrayInputStream(outBytes)));
+        return sysinfoOutput;
+    }
+    
+    /**
+     * <p>Calls the public method <code>getSysInfo()</code> of the Network 
+     * Server instance associated with the current test configuration and 
+     * returns the result as a BufferedReader, making it easy to analyse the 
+     * output line by line.</p>
+     * 
+     * <p>This is useful for obtaining system information that could be 
+     * used to verify, for example, values returned by Derby MBeans.</p>
+     * 
+     * @return a buffering character-input stream containing the output from 
+     *         the server's sysinfo.
+     * @see org.apache.derby.drda.NetworkServerControl#getSysinfo()
+     */
+    public static BufferedReader getSysinfoFromServer() throws Exception {
+        
+        return new BufferedReader(new StringReader(
+                NetworkServerTestSetup.getNetworkServerControl().getSysinfo()));
+    }
 
 }

Modified: db/derby/code/branches/10.4/java/testing/org/apache/derbyTesting/unitTests/junit/SystemPrivilegesPermissionTest.java
URL: http://svn.apache.org/viewvc/db/derby/code/branches/10.4/java/testing/org/apache/derbyTesting/unitTests/junit/SystemPrivilegesPermissionTest.java?rev=637294&r1=637293&r2=637294&view=diff
==============================================================================
--- db/derby/code/branches/10.4/java/testing/org/apache/derbyTesting/unitTests/junit/SystemPrivilegesPermissionTest.java (original)
+++ db/derby/code/branches/10.4/java/testing/org/apache/derbyTesting/unitTests/junit/SystemPrivilegesPermissionTest.java Fri Mar 14 15:23:20 2008
@@ -40,7 +40,7 @@
 
 import org.apache.derby.authentication.SystemPrincipal;
 import org.apache.derby.security.SystemPermission;
-import org.apache.derby.security.DatabasePermission;
+//import org.apache.derby.security.DatabasePermission;
 
 import org.apache.derby.iapi.util.IdUtil;
 import org.apache.derby.iapi.error.StandardException;
@@ -135,18 +135,6 @@
         { false, false, false, false, false, false, true, false },
         { false, false, false, false, false, false, false, true }
     };    
-    
-    /**
-     * Add decorators to a test run to establish a security manager
-     * with this test's policy file.
-     */
-    static private Test decorateTest(String method) {
-        final Test undecorated = new SystemPrivilegesPermissionTest(method);
-
-        // install a security manager using this test's policy file
-        return new SecurityManagerSetup(undecorated, POLICY_FILE_NAME);
-    }
-    
 
     /**
      * Create a test with the given name.
@@ -163,38 +151,24 @@
      * @throws Exception
      */
     public static Test suite() {
-        //final TestSuite ts
-        //    = new TestSuite("SystemPrivilegesPermissionTest suite");
-        //ts.addTest(decorateTest("testSystemPrivileges"));
-        //return ts;
-        return decorateTest("testSystemPrivileges");
+        TestSuite suite = new TestSuite(
+                SystemPrivilegesPermissionTest.class,
+                "SystemPrivilegesPermissionTest");
+         return new SecurityManagerSetup(suite, POLICY_FILE_NAME);
     }
 
     /**
      * Test case that does a check of the XXX
      */
-    public void testSystemPrivileges() throws IOException {
-        println("");
-        println("testing System Privileges ...");
+    public void testIsSecurityManager() {
         assertSecurityManager();
-        execute();
-        println("testing System Privileges: done.");
-        println("");
-    }
+     }
 
-    /**
-     * Tests SystemPermissions.
-     */
-    public void execute() throws IOException {
-        checkSystemPrincipal();
-        checkSystemPermission();
-        checkDatabasePermission();
-    }
     
     /**
      * Tests SystemPrincipal.
      */
-    private void checkSystemPrincipal() throws IOException {
+    public void testSystemPrincipal() {
         // test SystemPrincipal with null name argument
         try {
             new SystemPrincipal(null);
@@ -215,10 +189,10 @@
     /**
      * Tests SystemPermission.
      */
-    private void checkSystemPermission() throws IOException {
+    public void testSystemPermission() {
         // test SystemPermission with null name argument
         try {
-            new SystemPermission(null);
+            new SystemPermission(null, null);
             fail("expected NullPointerException");
         } catch (NullPointerException ex) {
             // expected exception
@@ -226,7 +200,7 @@
 
         // test SystemPermission with empty name argument
         try {
-            new SystemPermission("");
+            new SystemPermission("", null);
             fail("expected IllegalArgumentException");
         } catch (IllegalArgumentException ex) {
             // expected exception
@@ -234,49 +208,127 @@
         
         // test SystemPermission with illegal name argument
         try {
-            new SystemPermission("illegal_name");
+            new SystemPermission("illegal_name", null);
             fail("expected IllegalArgumentException");
         } catch (IllegalArgumentException ex) {
             // expected exception
         }
+        
+        String[] validNames = {
+            SystemPermission.ENGINE,
+            SystemPermission.JMX,
+            SystemPermission.SERVER
+        };
+        
+        // In order of the canonical actions expected
+        String[] validActions = {
+            SystemPermission.CONTROL,
+            SystemPermission.MONITOR,
+            SystemPermission.SHUTDOWN,
+        };
+        
+        // Check all valid combinations (which is all) with
+        // a single action
+        Permission[] all = new Permission[
+                        validNames.length * validActions.length];
+        
+        int c = 0;
+        for (int tn = 0; tn < validNames.length; tn++)
+        {
+            for (int a = 0; a < validActions.length; a++) {
+                Permission p = new SystemPermission(
+                        validNames[tn], validActions[a]);
+                
+                assertEquals(validNames[tn], p.getName());
+                assertEquals(validActions[a], p.getActions());
+                
+                // test SystemPermission.equals()
+                assertFalse(p.equals(null));
+                assertFalse(p.equals(new Object()));
+                
+                this.assertEquivalentPermissions(p, p);
 
-        // test SystemPermission with legal name argument
-        final Permission sp0 = new SystemPermission(SystemPermission.SHUTDOWN);
-        final Permission sp1 = new SystemPermission(SystemPermission.SHUTDOWN);
-
-        // test SystemPermission.getName()
-        assertEquals(sp0.getName(), SystemPermission.SHUTDOWN);
-
-        // test SystemPermission.getActions()
-        assertEquals(sp0.getActions(), "");
-
-        // test SystemPermission.hashCode()
-        assertTrue(sp0.hashCode() == sp1.hashCode());
-
-        // test SystemPermission.equals()
-        assertTrue(sp0.equals(sp1));
-        assertTrue(!sp0.equals(null));
-        assertTrue(!sp0.equals(new Object()));
-
-        // test SystemPermission.implies()
-        assertTrue(sp0.implies(sp1));
-        assertTrue(sp1.implies(sp0));
+                all[c++] = p;
+            }
+        }
+        // All the permissions are different.
+        checkDistinctPermissions(all);
+        
+        // Check two actions
+        for (int n = 0; n < validNames.length; n++)
+        {
+            for (int a = 0; a < validActions.length; a++)
+            {
+                Permission base = new SystemPermission(
+                        validNames[n], validActions[a]);
+                
+                // Two actions
+                for (int oa = 0; oa < validActions.length; oa++)
+                {
+                    Permission p = new SystemPermission(
+                            validNames[n],                           
+                            validActions[a] + "," + validActions[oa]);
+                    
+                    if (oa == a)
+                    {
+                        // Same action added twice
+                        assertEquivalentPermissions(base, p);
+                        // Canonical form should collapse into a single action
+                        assertEquals(validActions[a], p.getActions());
+                    }
+                    else
+                    {
+                        // Implies logic, the one with one permission
+                        // is implied by the other but not vice-versa.
+                        assertTrue(p.implies(base));
+                        assertFalse(base.implies(p));
+                        
+                        // Names in canonical form
+                        int f;
+                        int s;
+                        if (oa < a)
+                        {
+                            f = oa;
+                            s = a;
+                        }
+                        else
+                        {
+                            f = a;
+                            s = oa;
+                        }
+                        if (oa < a)
+                        assertEquals(validActions[f] + "," + validActions[s],
+                                p.getActions());
+                    }
+                }
+                
+                
+                
+            }
+        }
 
         // test SystemPermission for authorized user against policy file
+        
+        Permission shutdown = new SystemPermission(
+                SystemPermission.SERVER,
+                SystemPermission.SHUTDOWN);
+        
         final SystemPrincipal authorizedUser
             = new SystemPrincipal("authorizedSystemUser");
-        execute(authorizedUser, new ShutdownAction(sp0), true);
+        execute(authorizedUser, new ShutdownAction(shutdown), true);
         
         // test SystemPermission for unauthorized user against policy file
         final SystemPrincipal unAuthorizedUser
             = new SystemPrincipal("unAuthorizedSystemUser");
-        execute(unAuthorizedUser, new ShutdownAction(sp0), false);
+        execute(unAuthorizedUser, new ShutdownAction(shutdown), false);
     }
     
     /**
      * Tests DatabasePermission.
      */
-    private void checkDatabasePermission() throws IOException {
+   
+    public void XXtestDatabasePermission() throws IOException {
+ /*********************************************
         // test DatabasePermission with null url
         try {
             new DatabasePermission(null, DatabasePermission.CREATE);
@@ -300,7 +352,8 @@
         } catch (IllegalArgumentException ex) {
             // expected exception
         }
-
+***********************************************/
+        
         // this test's commented out because it's platform-dependent
         // (no reliable way to make it pass on Unix)
         // test DatabasePermission with non-canonicalizable URL
@@ -313,7 +366,7 @@
         //} catch (IOException ex) {
         //    // expected exception
         //}
-
+/**********************************************
         // test DatabasePermission with null actions
         try {
             new DatabasePermission("directory:dir", null);
@@ -460,6 +513,7 @@
                                      DatabasePermission.CREATE);
         execute(anyUser,
                 new CreateDatabaseAction(dbPerm), true);
+***********************************************/
     }
 
     /**
@@ -491,6 +545,7 @@
     /**
      * Tests DatabasePermission.getName() and .getActions().
      */
+/************88
     private void checkNameAndActions(DatabasePermission[] dbperm,
                                      String[] dbpath)
         throws IOException {
@@ -503,18 +558,19 @@
                          DatabasePermission.CREATE, dbp.getActions());
         }
     }
+***************/
 
     /**
      * Tests DatabasePermission.hashCode() and .equals().
      */
-    private void checkHashCodeAndEquals(DatabasePermission[] dbp0,
-                                        DatabasePermission[] dbp1)
+    private void checkHashCodeAndEquals(Permission[] dbp0,
+                                        Permission[] dbp1)
         throws IOException {
         //assert(dbp0.length == dbp1.length)
         for (int i = 0; i < dbp0.length; i++) {
-            final DatabasePermission p0 = dbp0[i];
+            final Permission p0 = dbp0[i];
             for (int j = 0; j < dbp0.length; j++) {
-                final DatabasePermission p1 = dbp1[j];
+                final Permission p1 = dbp1[j];
                 if (i == j) {
                     assertTrue(p0.hashCode() == p1.hashCode());
                     assertTrue(p0.equals(p1));
@@ -529,20 +585,61 @@
     /**
      * Tests DatabasePermission.implies().
      */
-    private void checkImplies(DatabasePermission[] dbp0,
-                              DatabasePermission[] dbp1,
+    private void checkImplies(Permission[] dbp0,
+                              Permission[] dbp1,
                               boolean[][] impls)
         throws IOException {
         for (int i = 0; i < dbp0.length; i++) {
-            final DatabasePermission p0 = dbp0[i];
+            final Permission p0 = dbp0[i];
             for (int j = 0; j < dbp1.length; j++) {
-                final DatabasePermission p1 = dbp1[j];
+                final Permission p1 = dbp1[j];
                 assertEquals("test: " + p0 + ".implies" + p1,
                              impls[i][j], p0.implies(p1));
                 //assertEquals("test: " + p1 + ".implies" + p0,
                 //             impls[j][i], p1.implies(p0));
             }
         }
+    }
+    
+    /**
+     * Check thet a set of Permission objects are distinct,
+     * do not equal or imply each other.
+     */
+    private void checkDistinctPermissions(Permission[] set)
+    {
+        for (int i = 0; i < set.length; i++)
+        {
+            Permission pi = set[i];
+            for (int j = 0; j < set.length; j++) {
+                
+                Permission pj = set[j];
+                
+                if (i == j)
+                {
+                    // Permission is itself
+                    assertEquivalentPermissions(pi, pj);
+                    continue;
+                }
+                
+                assertFalse(pi.equals(pj));
+                assertFalse(pj.equals(pi));
+                
+                assertFalse(pi.implies(pj));
+                assertFalse(pj.implies(pi));
+            }
+        }
+    }
+    
+    private void assertEquivalentPermissions(Permission p1,
+            Permission p2) {
+        assertTrue(p1.equals(p2));
+        assertTrue(p2.equals(p1));
+        
+        
+        assertEquals(p1.hashCode(), p2.hashCode());
+        
+        assertTrue(p1.implies(p2));
+        assertTrue(p1.implies(p2));
     }
     
     /**

Modified: db/derby/code/branches/10.4/java/testing/org/apache/derbyTesting/unitTests/junit/SystemPrivilegesPermissionTest.policy
URL: http://svn.apache.org/viewvc/db/derby/code/branches/10.4/java/testing/org/apache/derbyTesting/unitTests/junit/SystemPrivilegesPermissionTest.policy?rev=637294&r1=637293&r2=637294&view=diff
==============================================================================
--- db/derby/code/branches/10.4/java/testing/org/apache/derbyTesting/unitTests/junit/SystemPrivilegesPermissionTest.policy (original)
+++ db/derby/code/branches/10.4/java/testing/org/apache/derbyTesting/unitTests/junit/SystemPrivilegesPermissionTest.policy Fri Mar 14 15:23:20 2008
@@ -46,7 +46,7 @@
 
 // Specific test authorizations for System Privileges
 grant principal org.apache.derby.authentication.SystemPrincipal "AUTHORIZEDSYSTEMUSER" {
-  permission org.apache.derby.security.SystemPermission "shutdown";
+  permission org.apache.derby.security.SystemPermission "server", "shutdown";
   permission org.apache.derby.security.DatabasePermission "directory:*", "create";
   permission org.apache.derby.security.DatabasePermission "directory:level0/level1/-", "create";
   permission org.apache.derby.security.DatabasePermission "directory:/*", "create";
@@ -55,7 +55,7 @@
 
 // Specific test authorizations for System Privileges
 grant principal org.apache.derby.authentication.SystemPrincipal "SUPERUSER" {
-  permission org.apache.derby.security.SystemPermission "shutdown";
+  permission org.apache.derby.security.SystemPermission "server", "shutdown";
   permission org.apache.derby.security.DatabasePermission "directory:<<ALL FILES>>", "create";
 };
 
@@ -106,6 +106,9 @@
     permission java.util.PropertyPermission "user.home", "read";
     permission java.io.FilePermission "${user.home}${/}junit.properties", "read";
     permission java.io.FilePermission "${user.home}${/}.junitsession", "write";
+    
+    // This permission is needed when running the tests using ant 1.7
+    permission java.io.FilePermission "${user.dir}${/}*", "write";
 };
 
 // Due to a problem running tests/derbynet/CompatibilityTest in the old test
@@ -122,4 +125,7 @@
 // current one.
 grant codeBase "${derbyTesting.antjunit}" {
     permission java.lang.RuntimePermission "setIO";
+    
+    // This permission is needed when running the tests using ant 1.7
+    permission java.io.FilePermission "${user.dir}${/}*", "write";
 };

Modified: db/derby/code/branches/10.4/java/testing/org/apache/derbyTesting/unitTests/junit/_Suite.java
URL: http://svn.apache.org/viewvc/db/derby/code/branches/10.4/java/testing/org/apache/derbyTesting/unitTests/junit/_Suite.java?rev=637294&r1=637293&r2=637294&view=diff
==============================================================================
--- db/derby/code/branches/10.4/java/testing/org/apache/derbyTesting/unitTests/junit/_Suite.java (original)
+++ db/derby/code/branches/10.4/java/testing/org/apache/derbyTesting/unitTests/junit/_Suite.java Fri Mar 14 15:23:20 2008
@@ -47,7 +47,7 @@
         TestSuite suite = new TestSuite("JUnit unit tests");
 
         suite.addTest(FormatableBitSetTest.suite());
-        //suite.addTest(SystemPrivilegesPermissionTest.suite());
+        suite.addTest(SystemPrivilegesPermissionTest.suite());
         suite.addTest(UTF8UtilTest.suite());
 
         return suite;

Modified: db/derby/code/branches/10.4/tools/javadoc/publishedapi.ant
URL: http://svn.apache.org/viewvc/db/derby/code/branches/10.4/tools/javadoc/publishedapi.ant?rev=637294&r1=637293&r2=637294&view=diff
==============================================================================
--- db/derby/code/branches/10.4/tools/javadoc/publishedapi.ant (original)
+++ db/derby/code/branches/10.4/tools/javadoc/publishedapi.ant Fri Mar 14 15:23:20 2008
@@ -8,9 +8,6 @@
 # Add new files to the appropriate package section; add new sections
 # for new packages.
 #
-# IMPORTANT: if you are adding a new package, be sure to add it to
-#            the list of packages in the publishedapi target in
-#            the toplevel build.xml file.
 #
 # Please do not add whitespace in front of class names.
 # Blank lines and comments are allowed.
@@ -45,5 +42,9 @@
 
 org/apache/derby/mbeans/*.java
 org/apache/derby/mbeans/drda/*.java
+
+# package: org.apache.derby.security
+
+org/apache/derby/security/SystemPermission.java
 
 



Mime
View raw message