river-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From peter_firmst...@apache.org
Subject svn commit: r1290948 [2/4] - in /river/jtsk/merge: ./ asm/ qa/ qa/harness/policy/ qa/harness/trust/ qa/jtreg/certs/ qa/jtreg/certs/keys/ qa/jtreg/net/jini/jeri/ssl/UnitTests/ qa/jtreg/net/jini/jeri/tcp/localHostExposure/ qa/jtreg/net/jini/jeri/transpor...
Date Sun, 19 Feb 2012 04:51:25 GMT
Modified: river/jtsk/merge/qa/jtreg/net/jini/jeri/ssl/UnitTests/TestRMI.java
URL: http://svn.apache.org/viewvc/river/jtsk/merge/qa/jtreg/net/jini/jeri/ssl/UnitTests/TestRMI.java?rev=1290948&r1=1290947&r2=1290948&view=diff
==============================================================================
--- river/jtsk/merge/qa/jtreg/net/jini/jeri/ssl/UnitTests/TestRMI.java (original)
+++ river/jtsk/merge/qa/jtreg/net/jini/jeri/ssl/UnitTests/TestRMI.java Sun Feb 19 04:51:20 2012
@@ -306,39 +306,55 @@ public class TestRMI extends TestUtiliti
 
     /** Test timing out client and server SSL sessions. */
     public static class TestTimeout extends BasicTest {
+        static final String serverPropName = "com.sun.jini.jeri.ssl.maxServerSessionDuration";
+        static final String clientPropName = "com.sun.jini.jeri.ssl.maxClientSessionDuration";
+        static final String max = Long.toString(Long.MAX_VALUE);
 	/* Time needed to complete an initial call successfully */
 	static final long CALLTIME = 10 * 1000;
+        static final String calltime = Long.toString(CALLTIME);
 
 	static Test[] localtests = {
 	    new TestTimeout("client timeout", 2 * CALLTIME) {
 		public Object run() throws IOException {
-		    long old = setMaxClientSessionDuration(CALLTIME);
+                    String old = System.setProperty(clientPropName, calltime);
 		    try {
 			return super.run();
 		    } finally {
-			setMaxClientSessionDuration(old);
+                        if ( old != null ){
+                            System.setProperty(clientPropName, old );
+                        }else{
+                            System.clearProperty(clientPropName);
+                        }
 		    }
 		}
 	    },
 	    new TestTimeout("client timeout wraparound", CALLTIME) {
 		public Object run() throws IOException {
-		    long old = setMaxClientSessionDuration(Long.MAX_VALUE);
+                    String old = System.setProperty(clientPropName, max);
 		    try {
 			return super.run();
 		    } finally {
-			setMaxClientSessionDuration(old);
+                        if ( old != null ){
+                            System.setProperty(clientPropName, old );
+                        }else{
+                            System.clearProperty(clientPropName);
+                        }
 		    }
 		}
 	    },
 	    new TestTimeout("server timeout", 2 * CALLTIME) {
 		public Object run() throws IOException {
-		    long old = setMaxServerSessionDuration(CALLTIME);
+                    String old = System.setProperty(serverPropName, calltime);
 		    try {
 			return super.run();
 		    } catch (IOException e) {
 			return e;
 		    } finally {
-			setMaxServerSessionDuration(old);
+                        if ( old != null ){
+                            System.setProperty(serverPropName, old );
+                        }else{
+                            System.clearProperty(serverPropName);
+                        }
 		    }
 		}
 		public void check(Object result) {
@@ -350,20 +366,24 @@ public class TestRMI extends TestUtiliti
 	    },
 	    new TestTimeout("server timeout wraparound", CALLTIME) {
 		public Object run() throws IOException {
-		    long old = setMaxServerSessionDuration(Long.MAX_VALUE);
+                    String old = System.setProperty(serverPropName, max);
 		    try {
 			return super.run();
 		    } finally {
-			setMaxServerSessionDuration(old);
+                        if ( old != null ){
+                            System.setProperty(serverPropName, old );
+                        }else{
+                            System.clearProperty(serverPropName);
+                        }
 		    }
 		}
 	    }
 	};
 
-	Subject clientSubject = getClientSubject();
+	final Subject clientSubject = getClientSubject();
 
-	long timeout;
-	int calls;
+	final long timeout;
+	volatile int calls; //Ok cause only one thread increments.
 	IOException ioException;
 	boolean done;
 
@@ -374,6 +394,9 @@ public class TestRMI extends TestUtiliti
 	TestTimeout(String name, long timeout) {
 	    super(name);
 	    this.timeout = timeout;
+            calls = 0;
+            ioException = null;
+            done = false;
 	}
 
 	Subject getClientSubject() {
@@ -415,14 +438,14 @@ public class TestRMI extends TestUtiliti
 		    } catch (InterruptedException e) {
 		    }
 		} while (!done && System.currentTimeMillis() < stop);
-	    }
-	    if (calls == 0) {
- 		throw new FailedException("No calls made");
-	    } else if (ioException != null) {
-		throw ioException;
-	    } else {
-		return null;
-	    }
+                if (calls == 0) {
+                    throw new FailedException("No calls made");
+                } else if (ioException != null) {
+                    throw ioException;
+                } else {
+                    return null;
+                }
+            }
 	}
 
 	void runInThread() {
@@ -457,7 +480,9 @@ public class TestRMI extends TestUtiliti
 		}
 		server.unexport();
 	    } catch (IOException e) {
-		ioException = e;
+                synchronized (this){
+                    ioException = e;
+                }
 	    } finally {
 		synchronized (TestTimeout.this) {
 		    done = true;
@@ -475,7 +500,11 @@ public class TestRMI extends TestUtiliti
 
     /** Test with expired certificates. */
     public static class TestExpired extends BasicTest {
-	static Test[] localtests = { new TestExpired() };
+        static final String serverPropName = "com.sun.jini.jeri.ssl.maxServerSessionDuration";
+        static final String clientPropName = "com.sun.jini.jeri.ssl.maxClientSessionDuration";
+        static final String clientMax = Long.toString(23*60*60*1000);
+        static final String serverMax = Long.toString(24*60*60*1000);
+	static Test[] localtests = { new TestExpired()};
 
 	Subject clientSubject = new WithSubject() { {
 	    addX500Principal("clientDSA2", subject);
@@ -504,9 +533,9 @@ public class TestRMI extends TestUtiliti
 		    });
 	    } catch (PrivilegedActionException e) {
 		throw (IOException) e.getException();
-	    }
-	}
-
+            }
+        }
+                
 	public void check(Object result) { }
 
 	Object runInternal() throws IOException {

Modified: river/jtsk/merge/qa/jtreg/net/jini/jeri/ssl/UnitTests/TestUtilities.java
URL: http://svn.apache.org/viewvc/river/jtsk/merge/qa/jtreg/net/jini/jeri/ssl/UnitTests/TestUtilities.java?rev=1290948&r1=1290947&r2=1290948&view=diff
==============================================================================
--- river/jtsk/merge/qa/jtreg/net/jini/jeri/ssl/UnitTests/TestUtilities.java (original)
+++ river/jtsk/merge/qa/jtreg/net/jini/jeri/ssl/UnitTests/TestUtilities.java Sun Feb 19 04:51:20 2012
@@ -76,8 +76,8 @@ public class TestUtilities extends UnitT
     /* Reflection */
 
     /** The name of the package containing the classes */
-    static String PACKAGE = "net.jini.jeri.ssl";
-
+    static final String PACKAGE = "net.jini.jeri.ssl";
+    
     static final LazyMethod impliesConstraintConstraint = new LazyMethod(
 	"Utilities", "implies",
 	new Class[] { InvocationConstraint.class, InvocationConstraint.class });
@@ -179,11 +179,11 @@ public class TestUtilities extends UnitT
 
     /* Credentials */
 
-    private static KeyStore keyStore;
+    private static volatile KeyStore keyStore;
 
-    private static CertificateFactory certFactory;
+    private static volatile CertificateFactory certFactory;
 
-    static char[] keyStorePassword = "keypass".toCharArray();
+    static final char[] keyStorePassword = "keypass".toCharArray();
 
     static final String clientDSA = "CN=clientDSA";
     static final String clientRSA1 = "CN=clientRSA1, C=US";
@@ -402,10 +402,10 @@ public class TestUtilities extends UnitT
 
     /** Like Method, but resolves method when first invoked */
     static class LazyMethod {
-	private String className;
-	private String methodName;
-	private Class[] argumentTypes;
-	private Method method;
+	private final String className;
+	private final String methodName;
+	private final Class[] argumentTypes;
+	private volatile Method method;
 
 	LazyMethod(String className,
 		   String methodName,
@@ -430,7 +430,10 @@ public class TestUtilities extends UnitT
 	 */
 	Object invoke(Object object, Object[] arguments) {
 	    try {
-		return getMethod().invoke(object, arguments);
+                Method m = getMethod();
+                synchronized (m){
+                    return m.invoke(object, arguments);
+                }
 	    } catch (InvocationTargetException e) {
 		throw unexpectedException(e.getTargetException());
 	    } catch (Exception e) {
@@ -446,7 +449,10 @@ public class TestUtilities extends UnitT
 	    throws InvocationTargetException
 	{
 	    try {
-		return getMethod().invoke(object, arguments);
+                Method m = getMethod();
+                synchronized (m){
+                    return m.invoke(object, arguments);
+                }
 	    } catch (InvocationTargetException e) {
 		throw e;
 	    } catch (Exception e) {
@@ -457,13 +463,17 @@ public class TestUtilities extends UnitT
 	/** Returns the requested provider method */
 	private Method getMethod() {
 	    if (method == null) {
-		try {
-		    Class type = TestUtilities.getClass(className);
-		    method = type.getDeclaredMethod(methodName, argumentTypes);
-		    method.setAccessible(true);
-		} catch (NoSuchMethodException e) {
-		    throw unexpectedException(e);
-		}
+                synchronized (this){
+                    if (method == null){
+                        try {
+                            Class type = TestUtilities.getClass(className);
+                            method = type.getDeclaredMethod(methodName, argumentTypes);
+                            method.setAccessible(true);
+                        } catch (NoSuchMethodException e) {
+                            throw unexpectedException(e);
+                        }
+                    }
+                }
 	    }
 	    return method;
 	}
@@ -471,9 +481,9 @@ public class TestUtilities extends UnitT
 
     /** Like Constructor, but resolves constructor when first used */
     static class LazyConstructor {
-	private String className;
-	private Class[] argumentTypes;
-	private Constructor constructor;
+	private final String className;
+	private final Class[] argumentTypes;
+	private volatile Constructor constructor;
 
 	LazyConstructor(String className, Class[] argumentTypes) {
 	    this.className = className;
@@ -513,13 +523,17 @@ public class TestUtilities extends UnitT
 	/** Returns the requested provider constructor */
 	private Constructor getConstructor() {
 	    if (constructor == null) {
-		try {
-		    Class type = TestUtilities.getClass(className);
-		    constructor = type.getDeclaredConstructor(argumentTypes);
-		    constructor.setAccessible(true);
-		} catch (NoSuchMethodException e) {
-		    throw unexpectedException(e);
-		}
+                synchronized (this){
+                    if (constructor == null){
+                        try {
+                            Class type = TestUtilities.getClass(className);
+                            constructor = type.getDeclaredConstructor(argumentTypes);
+                            constructor.setAccessible(true);
+                        } catch (NoSuchMethodException e) {
+                            throw unexpectedException(e);
+                        }
+                    }
+                }
 	    }
 	    return constructor;
 	}
@@ -527,10 +541,10 @@ public class TestUtilities extends UnitT
 
     /** Like Field, but resolves field when first used */
     static class LazyField {
-	private String packageName;
-	private String className;
-	private String fieldName;
-	private Field field;
+	private final String packageName;
+	private final String className;
+	private final String fieldName;
+	private volatile Field field;
 
 	LazyField(String className, String fieldName) {
 	    this(PACKAGE, className, fieldName);
@@ -559,15 +573,19 @@ public class TestUtilities extends UnitT
 	/** Returns the requested provider field */
 	private Field getField() {
 	    if (field == null) {
-		try {
-		    Class type =
-			TestUtilities.getClass(packageName, className);
-		    field = type.getDeclaredField(fieldName);
-		    field.setAccessible(true);
-		} catch (NoSuchFieldException e) {
-		    throw unexpectedException(e);
-		}
-	    }
+                synchronized (this) {
+                    if (field == null){
+                        try {
+                            Class type =
+                                TestUtilities.getClass(packageName, className);
+                            field = type.getDeclaredField(fieldName);
+                            field.setAccessible(true);
+                        } catch (NoSuchFieldException e) {
+                            throw unexpectedException(e);
+                        }
+                    }
+                }
+            }
 	    return field;
 	}
 
@@ -579,7 +597,10 @@ public class TestUtilities extends UnitT
 	/** Sets a field */
 	void set(Object object, Object value) {
 	    try {
-		getField().set(object, value);
+                Field f = getField();
+                synchronized (f){
+                    f.set(object, value);
+                }
 	    } catch (Exception e) {
 		throw unexpectedException(e);
 	    }
@@ -660,8 +681,12 @@ public class TestUtilities extends UnitT
     /* -- Credentials -- */
 
     static class TestPrincipal implements Principal {
-	String name;
-	TestPrincipal(String name) { this.name = name; }
+	private final String name;
+        
+	TestPrincipal(String name) { 
+            this.name = name; 
+        }
+        
 	public String getName() { return name; }
 	public String toString() { return "TestPrincipal{" + name + "}"; }
 	public int hashCode() { return name.hashCode(); }

Modified: river/jtsk/merge/qa/jtreg/net/jini/jeri/ssl/UnitTests/keystore
URL: http://svn.apache.org/viewvc/river/jtsk/merge/qa/jtreg/net/jini/jeri/ssl/UnitTests/keystore?rev=1290948&r1=1290947&r2=1290948&view=diff
==============================================================================
Binary files - no diff available.

Modified: river/jtsk/merge/qa/jtreg/net/jini/jeri/ssl/UnitTests/keystore.sh
URL: http://svn.apache.org/viewvc/river/jtsk/merge/qa/jtreg/net/jini/jeri/ssl/UnitTests/keystore.sh?rev=1290948&r1=1290947&r2=1290948&view=diff
==============================================================================
--- river/jtsk/merge/qa/jtreg/net/jini/jeri/ssl/UnitTests/keystore.sh (original)
+++ river/jtsk/merge/qa/jtreg/net/jini/jeri/ssl/UnitTests/keystore.sh Sun Feb 19 04:51:20 2012
@@ -19,6 +19,11 @@
 # 
 # Create the keystore and truststore files
 # Usage: keystore.sh
+#
+# You must first compile CA.java in the qa/jtreg/certs directory by calling
+# make compile, in that directory.  When you've finished, run this script, 
+# to generate new certificates. 
+# This task needs to be performed once every ten years when certificates expire.
 
 if [ "${TESTJAVA}" ]; then
     JAVABIN=${TESTJAVA}/bin/;
@@ -34,6 +39,7 @@ TRUSTSTORE=${TESTSRC}/truststore
 
 KEYTOOL=${JAVABIN}keytool
 
+KEYSTORECMDEXP="${KEYTOOL} -keystore ${KEYSTORE} -storepass keypass -keypass keypass -validity 1"
 KEYSTORECMD="${KEYTOOL} -keystore ${KEYSTORE} -storepass keypass -keypass keypass -validity 3650"
 TRUSTSTORECMD="${KEYTOOL} -keystore ${TRUSTSTORE} -storepass keypass -keypass keypass -validity 3650"
 
@@ -60,21 +66,34 @@ ${KEYSTORECMD} -genkey -alias notTrusted
 ${KEYSTORECMD} -genkey -alias clientDSA2 -dname CN=clientDSA2 -keyalg DSA
 ${KEYSTORECMD} -certreq -alias clientDSA2 -file clientDSA2.request
 
-${KEYSTORECMD} -keyclone -alias clientDSA2 -dest clientDSA2expired -new keypass
-${KEYSTORECMD} -selfcert -alias clientDSA2expired
+${KEYSTORECMDEXP} -genkey -alias clientDSA2expired -dname CN=clientDSA2 -keyalg DSA
+${KEYSTORECMDEXP} -certreq -alias clientDSA2expired -file clientDSA2expired.request
 
 ${KEYSTORECMD} -genkey -alias serverRSA2 -dname CN=serverRSA2 -keyalg RSA
 ${KEYSTORECMD} -certreq -alias serverRSA2 -file serverRSA2.request
 
-${KEYSTORECMD} -keyclone -alias serverRSA2 -dest serverRSA2expired -new keypass
-${KEYSTORECMD} -selfcert -alias serverRSA2expired
+${KEYSTORECMDEXP} -genkey -alias serverRSA2expired -dname CN=serverRSA2 -keyalg RSA
+${KEYSTORECMDEXP} -certreq -alias serverRSA2expired -file serverRSA2expired.request
 
 set +x
+echo Sign clientDSA2.req, serverRSA2.req, clientDSA2expired.req and serverRSA2expired.req,\
+ then import them:
+echo expired certificates need one day to expire before testing.
 
-echo Sign clientDSA2.req and serverRSA2.req and then import them:
-echo ${TRUSTSTORECMD} -import -noprompt -alias ca -file ca.cert
-echo ${KEYSTORECMD} -import -noprompt -alias ca -file ca.cert
-echo ${KEYSTORECMD} -import -noprompt -alias clientDSA2 -file clientDSA2.cert
-echo ${KEYSTORECMD} -import -noprompt -alias clientDSA2expired -file clientDSA2expired.cert
-echo ${KEYSTORECMD} -import -noprompt -alias serverRSA2 -file serverRSA2.cert
-echo ${KEYSTORECMD} -import -noprompt -alias serverRSA2expired -file serverRSA2expired.cert
+set -x
+
+../../../../../certs/run-ca.sh -CA ./ca.properties
+../../../../../certs/run-ca.sh -CA ./ca1.properties
+../../../../../certs/run-ca.sh -CR ./ca.properties
+../../../../../certs/run-ca.sh -CR ./ca1.properties
+../../../../../certs/run-ca.sh -CR ./serverRSA2expired.properties
+../../../../../certs/run-ca.sh -CR ./clientDSA2expired.properties
+
+${TRUSTSTORECMD} -import -noprompt -alias ca -file ca.cert
+${TRUSTSTORECMD} -import -noprompt -alias ca1 -file ca1.cert
+${KEYSTORECMD} -import -noprompt -alias ca -file ca.cert
+${KEYSTORECMD} -import -noprompt -alias ca1 -file ca1.cert
+${KEYSTORECMD} -import -noprompt -alias clientDSA2 -file clientDSA2.chain
+${KEYSTORECMDEXP} -import -noprompt -alias clientDSA2expired -file clientDSA2expired.chain
+${KEYSTORECMD} -import -noprompt -alias serverRSA2 -file serverRSA2.chain
+${KEYSTORECMDEXP} -import -noprompt -alias serverRSA2expired -file serverRSA2expired.chain

Modified: river/jtsk/merge/qa/jtreg/net/jini/jeri/ssl/UnitTests/policy
URL: http://svn.apache.org/viewvc/river/jtsk/merge/qa/jtreg/net/jini/jeri/ssl/UnitTests/policy?rev=1290948&r1=1290947&r2=1290948&view=diff
==============================================================================
--- river/jtsk/merge/qa/jtreg/net/jini/jeri/ssl/UnitTests/policy (original)
+++ river/jtsk/merge/qa/jtreg/net/jini/jeri/ssl/UnitTests/policy Sun Feb 19 04:51:20 2012
@@ -48,6 +48,10 @@ grant {
     permission net.jini.security.AuthenticationPermission
 	"TestUtilities$TestPrincipal \"*\"", "connect,accept";
 
+//    permission net.jini.security.AuthenticationPermission 
+//        "javax.security.auth.x500.X500Principal \"CN=clientDSA2expired\" peer javax.security.auth.x500.X500Principal \"CN=serverRSA2\"", 
+//        "connect";
+
     permission java.security.SecurityPermission "insertProvider.*";
     permission java.security.SecurityPermission "putProviderProperty.*";
     permission java.security.SecurityPermission "getPolicy";

Modified: river/jtsk/merge/qa/jtreg/net/jini/jeri/ssl/UnitTests/truststore
URL: http://svn.apache.org/viewvc/river/jtsk/merge/qa/jtreg/net/jini/jeri/ssl/UnitTests/truststore?rev=1290948&r1=1290947&r2=1290948&view=diff
==============================================================================
Binary files - no diff available.

Modified: river/jtsk/merge/qa/jtreg/net/jini/jeri/tcp/localHostExposure/TestNameService.java
URL: http://svn.apache.org/viewvc/river/jtsk/merge/qa/jtreg/net/jini/jeri/tcp/localHostExposure/TestNameService.java?rev=1290948&r1=1290947&r2=1290948&view=diff
==============================================================================
--- river/jtsk/merge/qa/jtreg/net/jini/jeri/tcp/localHostExposure/TestNameService.java (original)
+++ river/jtsk/merge/qa/jtreg/net/jini/jeri/tcp/localHostExposure/TestNameService.java Sun Feb 19 04:51:20 2012
@@ -15,6 +15,7 @@
  * See the License for the specific language governing permissions and
  * limitations under the License.
  */
+import java.net.InetAddress;
 import java.net.UnknownHostException;
 import sun.net.spi.nameservice.NameService;
 
@@ -28,8 +29,19 @@ public class TestNameService implements 
 	    return lastNameLookup;
 	}
     }
+    
+    /* Java 6 version */
+    public InetAddress [] lookupAllHostAddr(String host) throws UnknownHostException{
+        byte [][] allHostAdd = lookAllHostAddr(host);
+        int l = allHostAdd.length;
+        InetAddress [] result = new InetAddress[l];
+        for (int i = 0; i<l; i++){
+            result[i] = InetAddress.getByAddress(allHostAdd[i]);
+        }
+        return result;
+    }
 
-    public byte[][] lookupAllHostAddr(String host)
+    private byte[][] lookAllHostAddr(String host)
 	throws UnknownHostException
     {
 	// System.err.println("FORWARD: " + host);

Modified: river/jtsk/merge/qa/jtreg/net/jini/jeri/transport/multihomed/TestNameService.java
URL: http://svn.apache.org/viewvc/river/jtsk/merge/qa/jtreg/net/jini/jeri/transport/multihomed/TestNameService.java?rev=1290948&r1=1290947&r2=1290948&view=diff
==============================================================================
--- river/jtsk/merge/qa/jtreg/net/jini/jeri/transport/multihomed/TestNameService.java (original)
+++ river/jtsk/merge/qa/jtreg/net/jini/jeri/transport/multihomed/TestNameService.java Sun Feb 19 04:51:20 2012
@@ -58,8 +58,20 @@ public class TestNameService implements 
 	    // do nothing
 	}
     }
+    
+    /* Java 6 version */
+    public InetAddress [] lookupAllHostAddr(String host) throws UnknownHostException{
+        byte [][] allHostAdd = lookAllHostAddr(host);
+        int l = allHostAdd.length;
+        InetAddress [] result = new InetAddress[l];
+        for (int i = 0; i<l; i++){
+            result[i] = InetAddress.getByAddress(allHostAdd[i]);
+        }
+        return result;
+    }
 
-    public byte[][] lookupAllHostAddr(String host)
+    /* Java 5 version of provider, renamed and privatised */
+    private byte[][] lookAllHostAddr(String host)
 	throws UnknownHostException
     {
 	// System.err.println("FORWARD: " + host);

Modified: river/jtsk/merge/qa/jtreg/net/jini/security/Security/implicitGrants/Test.java
URL: http://svn.apache.org/viewvc/river/jtsk/merge/qa/jtreg/net/jini/security/Security/implicitGrants/Test.java?rev=1290948&r1=1290947&r2=1290948&view=diff
==============================================================================
--- river/jtsk/merge/qa/jtreg/net/jini/security/Security/implicitGrants/Test.java (original)
+++ river/jtsk/merge/qa/jtreg/net/jini/security/Security/implicitGrants/Test.java Sun Feb 19 04:51:20 2012
@@ -49,6 +49,10 @@ public class Test {
 	    TestLibrary.installClassInCodebase("Foo", "cb2")});
 	cl1 = Class.forName("Foo", true, ldr1);
 	cl2 = Class.forName("Foo", true, ldr2);
+        ProtectionDomain pd2 = cl2.getProtectionDomain();
+	if (policy.implies(pd2, pA)) throw new Error();
+	if (policy.implies(pd2, pB)) throw new Error();
+	if (policy.implies(pd2, pC)) throw new Error();
 
 	ClassLoader ldr3 = new URLClassLoader(new URL[]{
 	    TestLibrary.installClassInCodebase("Setup", "cb3")});
@@ -62,13 +66,10 @@ public class Test {
 	{
 	    throw new Error();
 	}
-	ProtectionDomain pd2 = cl2.getProtectionDomain();
-	if (policy.implies(pd2, pA) ||
-	    policy.implies(pd2, pB) ||
-	    policy.implies(pd2, pC))
-	{
-	    throw new Error();
-	}
+	//ProtectionDomain pd2 = cl2.getProtectionDomain();
+	if (policy.implies(pd2, pA)) throw new Error();
+	if (policy.implies(pd2, pB)) throw new Error();
+	if (policy.implies(pd2, pC)) throw new Error();
 
 	final Principal prX = new StringPrincipal("X"),
 			prY = new StringPrincipal("Y"),

Modified: river/jtsk/merge/qa/jtreg/net/jini/security/Security/implicitGrants/policy
URL: http://svn.apache.org/viewvc/river/jtsk/merge/qa/jtreg/net/jini/security/Security/implicitGrants/policy?rev=1290948&r1=1290947&r2=1290948&view=diff
==============================================================================
--- river/jtsk/merge/qa/jtreg/net/jini/security/Security/implicitGrants/policy (original)
+++ river/jtsk/merge/qa/jtreg/net/jini/security/Security/implicitGrants/policy Sun Feb 19 04:51:20 2012
@@ -25,10 +25,11 @@ grant {
     permission java.lang.RuntimePermission "setSecurityManager";
     permission java.security.SecurityPermission "getProperty.*";
     permission java.security.SecurityPermission "setPolicy";
+    permission java.security.SecurityPermission "getPolicy";
     permission java.util.PropertyPermission "*", "read";
     permission javax.security.auth.AuthPermission "doAs";
 };
 
-grant codeBase "file:.${/}cb3${/}" {
+grant codeBase "file:${scratch.dir}${/}cb3${/}*" {
     permission java.security.AllPermission;
 };

Modified: river/jtsk/merge/qa/jtreg/net/jini/security/policy/DynamicPolicyProvider/basePolicyNotFound/policy
URL: http://svn.apache.org/viewvc/river/jtsk/merge/qa/jtreg/net/jini/security/policy/DynamicPolicyProvider/basePolicyNotFound/policy?rev=1290948&r1=1290947&r2=1290948&view=diff
==============================================================================
--- river/jtsk/merge/qa/jtreg/net/jini/security/policy/DynamicPolicyProvider/basePolicyNotFound/policy (original)
+++ river/jtsk/merge/qa/jtreg/net/jini/security/policy/DynamicPolicyProvider/basePolicyNotFound/policy Sun Feb 19 04:51:20 2012
@@ -15,4 +15,5 @@ grant {
     permission java.lang.RuntimePermission "setSecurityManager";
     permission java.security.SecurityPermission "getProperty.*";
     permission java.security.SecurityPermission "setProperty.*";
+    permission java.security.SecurityPermission "getPolicy";
 };

Modified: river/jtsk/merge/qa/jtreg/net/jini/security/policy/DynamicPolicyProvider/domainCaching/policy
URL: http://svn.apache.org/viewvc/river/jtsk/merge/qa/jtreg/net/jini/security/policy/DynamicPolicyProvider/domainCaching/policy?rev=1290948&r1=1290947&r2=1290948&view=diff
==============================================================================
--- river/jtsk/merge/qa/jtreg/net/jini/security/policy/DynamicPolicyProvider/domainCaching/policy (original)
+++ river/jtsk/merge/qa/jtreg/net/jini/security/policy/DynamicPolicyProvider/domainCaching/policy Sun Feb 19 04:51:20 2012
@@ -14,6 +14,7 @@ grant {
     permission java.lang.RuntimePermission "accessClassInPackage.*";
     permission java.util.PropertyPermission "*", "read";
     permission java.security.SecurityPermission "getProperty.*";
+    permission java.security.SecurityPermission "getPolicy";
     permission java.io.FilePermission ".", "read,write,delete";
     permission java.io.FilePermission ".${/}-", "read,write,delete";
     permission java.io.FilePermission "${test.classes}", "read,write,delete";

Modified: river/jtsk/merge/qa/jtreg/net/jini/security/policy/DynamicPolicyProvider/dynamicBasePolicy/Test.java
URL: http://svn.apache.org/viewvc/river/jtsk/merge/qa/jtreg/net/jini/security/policy/DynamicPolicyProvider/dynamicBasePolicy/Test.java?rev=1290948&r1=1290947&r2=1290948&view=diff
==============================================================================
--- river/jtsk/merge/qa/jtreg/net/jini/security/policy/DynamicPolicyProvider/dynamicBasePolicy/Test.java (original)
+++ river/jtsk/merge/qa/jtreg/net/jini/security/policy/DynamicPolicyProvider/dynamicBasePolicy/Test.java Sun Feb 19 04:51:20 2012
@@ -50,9 +50,9 @@ public class Test {
 	}
 
 	p = new RuntimePermission("C");
+        if (policy1.implies(pd, p)) throw new Error();
 	policy2.grant(cl, null, new Permission[]{ p });
-	if (policy1.implies(pd, p) || !policy2.implies(pd, p)) {
-	    throw new Error();
-	}
+	if (policy1.implies(pd, p)) throw new Error();
+        if (!policy2.implies(pd, p)) throw new Error();
     }
 }

Modified: river/jtsk/merge/qa/jtreg/net/jini/security/policy/DynamicPolicyProvider/dynamicBasePolicy/policy
URL: http://svn.apache.org/viewvc/river/jtsk/merge/qa/jtreg/net/jini/security/policy/DynamicPolicyProvider/dynamicBasePolicy/policy?rev=1290948&r1=1290947&r2=1290948&view=diff
==============================================================================
--- river/jtsk/merge/qa/jtreg/net/jini/security/policy/DynamicPolicyProvider/dynamicBasePolicy/policy (original)
+++ river/jtsk/merge/qa/jtreg/net/jini/security/policy/DynamicPolicyProvider/dynamicBasePolicy/policy Sun Feb 19 04:51:20 2012
@@ -16,4 +16,5 @@ grant {
     permission java.lang.RuntimePermission "accessClassInPackage.*";
     permission java.lang.RuntimePermission "getProtectionDomain";
     permission java.security.SecurityPermission "getProperty.*";
+    permission java.security.SecurityPermission "getPolicy";
 };

Modified: river/jtsk/merge/qa/jtreg/net/jini/security/policy/DynamicPolicyProvider/nullCases/policy
URL: http://svn.apache.org/viewvc/river/jtsk/merge/qa/jtreg/net/jini/security/policy/DynamicPolicyProvider/nullCases/policy?rev=1290948&r1=1290947&r2=1290948&view=diff
==============================================================================
--- river/jtsk/merge/qa/jtreg/net/jini/security/policy/DynamicPolicyProvider/nullCases/policy (original)
+++ river/jtsk/merge/qa/jtreg/net/jini/security/policy/DynamicPolicyProvider/nullCases/policy Sun Feb 19 04:51:20 2012
@@ -13,4 +13,5 @@ grant {
     permission java.lang.RuntimePermission "accessClassInPackage.*";
     permission java.lang.RuntimePermission "setSecurityManager";
     permission java.security.SecurityPermission "getProperty.*";
+    permission java.security.SecurityPermission "getPolicy";
 };

Modified: river/jtsk/merge/qa/jtreg/net/jini/security/policy/DynamicPolicyProvider/principalGrants/policy
URL: http://svn.apache.org/viewvc/river/jtsk/merge/qa/jtreg/net/jini/security/policy/DynamicPolicyProvider/principalGrants/policy?rev=1290948&r1=1290947&r2=1290948&view=diff
==============================================================================
--- river/jtsk/merge/qa/jtreg/net/jini/security/policy/DynamicPolicyProvider/principalGrants/policy (original)
+++ river/jtsk/merge/qa/jtreg/net/jini/security/policy/DynamicPolicyProvider/principalGrants/policy Sun Feb 19 04:51:20 2012
@@ -23,4 +23,5 @@ grant {
     permission java.lang.RuntimePermission "setSecurityManager";
     permission java.util.PropertyPermission "*", "read";
     permission java.security.SecurityPermission "getProperty.*";
+    permission java.security.SecurityPermission "getPolicy";
 };

Modified: river/jtsk/merge/qa/jtreg/net/jini/security/policy/DynamicPolicyProvider/selfGrants/policy.0
URL: http://svn.apache.org/viewvc/river/jtsk/merge/qa/jtreg/net/jini/security/policy/DynamicPolicyProvider/selfGrants/policy.0?rev=1290948&r1=1290947&r2=1290948&view=diff
==============================================================================
--- river/jtsk/merge/qa/jtreg/net/jini/security/policy/DynamicPolicyProvider/selfGrants/policy.0 (original)
+++ river/jtsk/merge/qa/jtreg/net/jini/security/policy/DynamicPolicyProvider/selfGrants/policy.0 Sun Feb 19 04:51:20 2012
@@ -20,4 +20,5 @@ grant {
     permission java.util.PropertyPermission "test.src", "read";
     permission java.security.SecurityPermission "getProperty.*";
     permission java.security.SecurityPermission "setPolicy";
+    permission java.security.SecurityPermission "getPolicy";
 };

Modified: river/jtsk/merge/qa/jtreg/net/jini/security/policy/PolicyFileProvider/basePolicyNotFound/policy
URL: http://svn.apache.org/viewvc/river/jtsk/merge/qa/jtreg/net/jini/security/policy/PolicyFileProvider/basePolicyNotFound/policy?rev=1290948&r1=1290947&r2=1290948&view=diff
==============================================================================
--- river/jtsk/merge/qa/jtreg/net/jini/security/policy/PolicyFileProvider/basePolicyNotFound/policy (original)
+++ river/jtsk/merge/qa/jtreg/net/jini/security/policy/PolicyFileProvider/basePolicyNotFound/policy Sun Feb 19 04:51:20 2012
@@ -15,4 +15,5 @@ grant {
     permission java.lang.RuntimePermission "setSecurityManager";
     permission java.security.SecurityPermission "getProperty.*";
     permission java.security.SecurityPermission "setProperty.*";
+    permission java.security.SecurityPermission "getPolicy";
 };

Modified: river/jtsk/merge/qa/jtreg/net/jini/security/policy/PolicyFileProvider/basicGrants/policy.0
URL: http://svn.apache.org/viewvc/river/jtsk/merge/qa/jtreg/net/jini/security/policy/PolicyFileProvider/basicGrants/policy.0?rev=1290948&r1=1290947&r2=1290948&view=diff
==============================================================================
--- river/jtsk/merge/qa/jtreg/net/jini/security/policy/PolicyFileProvider/basicGrants/policy.0 (original)
+++ river/jtsk/merge/qa/jtreg/net/jini/security/policy/PolicyFileProvider/basicGrants/policy.0 Sun Feb 19 04:51:20 2012
@@ -17,6 +17,7 @@ grant {
         "java.security.policy", "read,write";
     permission java.util.PropertyPermission "test.src", "read";
     permission java.security.SecurityPermission "getProperty.*";
+    permission java.security.SecurityPermission "getPolicy";
 };
 
 grant codeBase "file:/foo/*" {

Modified: river/jtsk/merge/qa/jtreg/net/jini/security/policy/PolicyFileProvider/nullCases/policy
URL: http://svn.apache.org/viewvc/river/jtsk/merge/qa/jtreg/net/jini/security/policy/PolicyFileProvider/nullCases/policy?rev=1290948&r1=1290947&r2=1290948&view=diff
==============================================================================
--- river/jtsk/merge/qa/jtreg/net/jini/security/policy/PolicyFileProvider/nullCases/policy (original)
+++ river/jtsk/merge/qa/jtreg/net/jini/security/policy/PolicyFileProvider/nullCases/policy Sun Feb 19 04:51:20 2012
@@ -13,4 +13,5 @@ grant {
     permission java.lang.RuntimePermission "accessClassInPackage.*";
     permission java.lang.RuntimePermission "setSecurityManager";
     permission java.security.SecurityPermission "getProperty.*";
+    permission java.security.SecurityPermission "getPolicy";
 };

Modified: river/jtsk/merge/qa/jtreg/net/jini/security/policy/PolicyFileProvider/umbrellaGrants/policy
URL: http://svn.apache.org/viewvc/river/jtsk/merge/qa/jtreg/net/jini/security/policy/PolicyFileProvider/umbrellaGrants/policy?rev=1290948&r1=1290947&r2=1290948&view=diff
==============================================================================
--- river/jtsk/merge/qa/jtreg/net/jini/security/policy/PolicyFileProvider/umbrellaGrants/policy (original)
+++ river/jtsk/merge/qa/jtreg/net/jini/security/policy/PolicyFileProvider/umbrellaGrants/policy Sun Feb 19 04:51:20 2012
@@ -1,7 +1,7 @@
 /* @summary Test PolicyFileProvider expansion of UmbrellaGrantPermissions
  */
 
-grant codeBase "file:${java.home}/lib/ext/*" {
+grant codeBase "file:${{java.ext.dirs}}/*" {
     permission java.security.AllPermission;
 };
 
@@ -13,6 +13,7 @@ grant {
     permission java.lang.RuntimePermission "accessClassInPackage.*";
     permission java.lang.RuntimePermission "setSecurityManager";
     permission java.security.SecurityPermission "getProperty.*";
+    permission java.security.SecurityPermission "getPolicy";
 };
 
 grant codeBase "file:/foo.jar" {

Modified: river/jtsk/merge/qa/jtreg/net/jini/security/porter/policy
URL: http://svn.apache.org/viewvc/river/jtsk/merge/qa/jtreg/net/jini/security/porter/policy?rev=1290948&r1=1290947&r2=1290948&view=diff
==============================================================================
--- river/jtsk/merge/qa/jtreg/net/jini/security/porter/policy (original)
+++ river/jtsk/merge/qa/jtreg/net/jini/security/porter/policy Sun Feb 19 04:51:20 2012
@@ -1,5 +1,5 @@
-grant codeBase "file:${java.home}/lib/ext/*" {
-	permission java.security.AllPermission;
+grant codeBase "file:${{java.ext.dirs}}/*" {
+    permission java.security.AllPermission;
 };
 
 grant codeBase "file:${jtlib.tmp}/*" {

Modified: river/jtsk/merge/qa/jtreg/unittestlib/BasicTest.java
URL: http://svn.apache.org/viewvc/river/jtsk/merge/qa/jtreg/unittestlib/BasicTest.java?rev=1290948&r1=1290947&r2=1290948&view=diff
==============================================================================
--- river/jtsk/merge/qa/jtreg/unittestlib/BasicTest.java (original)
+++ river/jtsk/merge/qa/jtreg/unittestlib/BasicTest.java Sun Feb 19 04:51:20 2012
@@ -39,16 +39,20 @@ public abstract class BasicTest extends 
 
     /** Set the value to compare to. */
     protected void setCompareTo(Object compareTo) {
-	this.compareTo = compareTo;
-	compareToSet = true;
+        synchronized (this){
+            this.compareTo = compareTo;
+            compareToSet = true;
+        }
     }
 
     /** Get the value to compare to.  Throws an exception if not set. */
     protected Object getCompareTo() {
-	if (!compareToSet) {
-	    throw new FailedException("Test error: compareTo not set");
-	}
-	return compareTo;
+        synchronized (this){
+            if (!compareToSet) {
+                throw new FailedException("Test error: compareTo not set");
+            }
+            return compareTo;
+        }
     }
 
     /**
@@ -64,8 +68,9 @@ public abstract class BasicTest extends 
     }
 
     public void check(Object result) throws Exception {
-	if (!safeEquals(getCompareTo(), result)) {
-	    throw new FailedException("Should be: " + compareTo);
+        Object compareToObj = getCompareTo();
+	if (!safeEquals(compareToObj, result)) {
+	    throw new FailedException("Should be: " + compareToObj);
 	}
     }
 }

Modified: river/jtsk/merge/qa/jtreg/unittestlib/UnitTestUtilities.java
URL: http://svn.apache.org/viewvc/river/jtsk/merge/qa/jtreg/unittestlib/UnitTestUtilities.java?rev=1290948&r1=1290947&r2=1290948&view=diff
==============================================================================
--- river/jtsk/merge/qa/jtreg/unittestlib/UnitTestUtilities.java (original)
+++ river/jtsk/merge/qa/jtreg/unittestlib/UnitTestUtilities.java Sun Feb 19 04:51:20 2012
@@ -62,7 +62,7 @@ public class UnitTestUtilities {
 	Integer.getInteger("lastTest", Integer.MAX_VALUE).intValue();
 
     /** The number of the current test */
-    public static int testNumber = 0;
+    public static volatile int testNumber = 0;
 
     /** If true, stop after first failure. */
     public static final boolean stopOnFail = Boolean.getBoolean("stopOnFail");
@@ -74,8 +74,8 @@ public class UnitTestUtilities {
 
     /** Holds test results */
     private static class TestResults {
-	int pass;
-	int fail;
+	volatile int pass;
+	volatile int fail;
     }
 
     /** Used to signal that lastTest has been done. */

Modified: river/jtsk/merge/qa/src/com/sun/jini/qa/harness/MasterTest.java
URL: http://svn.apache.org/viewvc/river/jtsk/merge/qa/src/com/sun/jini/qa/harness/MasterTest.java?rev=1290948&r1=1290947&r2=1290948&view=diff
==============================================================================
--- river/jtsk/merge/qa/src/com/sun/jini/qa/harness/MasterTest.java (original)
+++ river/jtsk/merge/qa/src/com/sun/jini/qa/harness/MasterTest.java Sun Feb 19 04:51:20 2012
@@ -36,6 +36,7 @@ import javax.security.auth.Subject;
 
 import net.jini.config.Configuration;
 import net.jini.config.ConfigurationException;
+import org.apache.river.api.security.DelegateCombinerSecurityManager;
 
 /**
  * A wrapper which drives the execution of a test on the master host.
@@ -82,9 +83,10 @@ class MasterTest {
 	origErr = System.err;
 	System.setErr(System.out);
 	logger.log(Level.FINE, "Starting MasterTest");
-	if (System.getSecurityManager() == null) {
-	    System.setSecurityManager(new java.rmi.RMISecurityManager());
+        if (System.getSecurityManager() == null) {
+//	    System.setSecurityManager(new java.rmi.RMISecurityManager());
 //            System.setSecurityManager(new ProfilingSecurityManager());
+            System.setSecurityManager(new DelegateCombinerSecurityManager());
 	}
 	if (args.length < 1) {
 	    exit(false, Test.ENV, "Arguments missing");

Modified: river/jtsk/merge/qa/src/com/sun/jini/qa/harness/MergedPolicyProvider.java
URL: http://svn.apache.org/viewvc/river/jtsk/merge/qa/src/com/sun/jini/qa/harness/MergedPolicyProvider.java?rev=1290948&r1=1290947&r2=1290948&view=diff
==============================================================================
--- river/jtsk/merge/qa/src/com/sun/jini/qa/harness/MergedPolicyProvider.java (original)
+++ river/jtsk/merge/qa/src/com/sun/jini/qa/harness/MergedPolicyProvider.java Sun Feb 19 04:51:20 2012
@@ -24,13 +24,21 @@ import java.security.Policy;
 import java.security.ProtectionDomain;
 
 import java.util.ArrayList;
+import java.util.Collection;
+import java.util.Collections;
 import java.util.Enumeration;
 import java.util.HashSet;
 import java.util.Iterator;
+import java.util.List;
 import java.util.StringTokenizer;
+import java.util.concurrent.locks.Lock;
+import java.util.concurrent.locks.ReentrantLock;
+import org.apache.river.api.security.ConcurrentPermissions;
+import org.apache.river.api.security.ConcurrentPolicy;
 
 import net.jini.security.policy.PolicyInitializationException;
 import net.jini.security.policy.PolicyFileProvider;
+import org.apache.river.api.security.PermissionGrant;
 
 /**
  * Security policy provider that delegates to a collection of underlying
@@ -40,12 +48,14 @@ import net.jini.security.policy.PolicyFi
  * access to the same file, a check for read,write access would still
  * fail.
  */
-public class MergedPolicyProvider extends Policy {
+public class MergedPolicyProvider extends Policy implements ConcurrentPolicy{
 
+    /** class state */
+//    private static final Lock lock = new ReentrantLock();; // protects first
+//    private static boolean first = false; // Why is first static?
+    
     /** the collection of underlying policies */
-    private ArrayList policies = new ArrayList();
-
-    private static boolean first = false;
+    private final Collection<Policy> policies ;
 
     /**
      * Creates a new <code>MergedPolicyProvider</code> instance that wraps a
@@ -74,6 +84,7 @@ public class MergedPolicyProvider extend
 	}
 	// no-arg semantics for 'default policy' necessary for correct behavior 
 	// of PolicyFileProvider.refresh
+        Collection<Policy> policies = new ArrayList<Policy>();
 	try {
 	    if (p1 != null) {
 		policies.add(new PolicyFileProvider());
@@ -93,6 +104,7 @@ public class MergedPolicyProvider extend
 	    throw new PolicyInitializationException(
 		"unable to construct base policy", e);
 	}
+        this.policies = Collections.unmodifiableCollection(policies);
     }
 
     /**
@@ -103,25 +115,37 @@ public class MergedPolicyProvider extend
      * @param source the <code>CodeSource</code>
      */
     public PermissionCollection getPermissions(CodeSource source) {
-	Iterator it = policies.iterator();
-	if (it.hasNext()) {
-	    PermissionCollection pc = 
-		((Policy) it.next()).getPermissions(source);
-	    while (it.hasNext()) {
-		PermissionCollection pc2 = 
-		    ((Policy) it.next()).getPermissions(source);
-		Enumeration en = pc2.elements();
-		while (en.hasMoreElements()) {
-		    Permission perm = (Permission) en.nextElement();
-		    if (!pc.implies(perm)) {
-			pc.add(perm);
-		    }
-		}
-	    }
-	    return  pc;
-	} else {
-	    throw new IllegalStateException("No policies in provider");
-	}
+        if (policies.isEmpty()) throw new IllegalStateException("No policies in provider");
+        PermissionCollection pc = new ConcurrentPermissions();
+        Iterator<Policy> it = policies.iterator();
+        while (it.hasNext()){
+            Policy policy = it.next();
+            PermissionCollection col = policy.getPermissions(source);
+            Enumeration<Permission> e = col.elements();
+            while(e.hasMoreElements()){
+                pc.add(e.nextElement());
+            }
+        }
+        return pc;
+//	Iterator it = policies.iterator();
+//	if (it.hasNext()) {
+//	    PermissionCollection pc = 
+//		((Policy) it.next()).getPermissions(source);
+//	    while (it.hasNext()) {
+//		PermissionCollection pc2 = 
+//		    ((Policy) it.next()).getPermissions(source);
+//		Enumeration en = pc2.elements();
+//		while (en.hasMoreElements()) {
+//		    Permission perm = (Permission) en.nextElement();
+//		    if (!pc.implies(perm)) {
+//			pc.add(perm);
+//		    }
+//		}
+//	    }
+//	    return  pc;
+//	} else {
+//	    throw new IllegalStateException("No policies in provider");
+//	}
     }
 
     /**
@@ -131,55 +155,76 @@ public class MergedPolicyProvider extend
      *
      * @param domain the <code>ProtectionDomain</code>
      */
+//    public PermissionCollection getPermissions(ProtectionDomain domain) {
+//	Iterator it = policies.iterator();
+//	ArrayList list = new ArrayList(64);
+//        boolean first = false;
+////        lock.lock();
+////        try {
+//            if (it.hasNext()) {
+//                PermissionCollection pc = 
+//                    ((Policy) it.next()).getPermissions(domain);
+//                    if (first) {
+//                        first = false;
+//                        Enumeration en = pc.elements();
+//                        list.add("BASE PERMISSIONS for domain " + domain);
+//                        while (en.hasMoreElements()) {
+//                            Permission perm = (Permission) en.nextElement();
+//                            list.add(perm.toString());
+//                        }
+//                        first = true;
+//                    }
+//                while (it.hasNext()) {
+//                    PermissionCollection pc2 = 
+//                        ((Policy) it.next()).getPermissions(domain);
+//                    Enumeration en = pc2.elements();
+//                    while (en.hasMoreElements()) {
+//                        Permission perm = (Permission) en.nextElement();
+//                        if (!pc.implies(perm)) {
+//                            if (first) {
+//                                first = false;
+//                                list.add("checking " + perm + " and adding");
+//                                first = true;
+//                            }
+//                            pc.add(perm);
+//                        } else {
+//                            if (first) {
+//                                first = false;
+//                                list.add("checking " + perm + " and not adding");
+//                                first = true;
+//                            }
+//                        }
+//                    }
+//                }
+//                if (first) {
+//                    first = false;
+//                    for (int i = 0; i < list.size(); i++) {
+//                        System.out.println((String) list.get(i));
+//                    }
+//                    first = true;
+//                }
+//                return pc;
+//            } else {
+//                throw new IllegalStateException("No policies in provider");
+//            }
+////        }finally{
+////            lock.unlock();
+////        }
+//    }
+    
     public PermissionCollection getPermissions(ProtectionDomain domain) {
-	Iterator it = policies.iterator();
-	ArrayList list = new ArrayList();
-	if (it.hasNext()) {
-	    PermissionCollection pc = 
-		((Policy) it.next()).getPermissions(domain);
-	    if (first) {
-		first = false;
-		Enumeration en = pc.elements();
-		list.add("BASE PERMISSIONS for domain " + domain);
-		while (en.hasMoreElements()) {
-		    Permission perm = (Permission) en.nextElement();
-		    list.add(perm.toString());
-		}
-		first = true;
-	    }
-	    while (it.hasNext()) {
-		PermissionCollection pc2 = 
-		    ((Policy) it.next()).getPermissions(domain);
-		Enumeration en = pc2.elements();
-		while (en.hasMoreElements()) {
-		    Permission perm = (Permission) en.nextElement();
-		    if (!pc.implies(perm)) {
-			if (first) {
-			    first = false;
-			    list.add("checking " + perm + " and adding");
-			    first = true;
-			}
-			pc.add(perm);
-		    } else {
-			if (first) {
-			    first = false;
-			    list.add("checking " + perm + " and not adding");
-			    first = true;
-			}
-		    }
-		}
-	    }
-	    if (first) {
-		first = false;
-		for (int i = 0; i < list.size(); i++) {
-		    System.out.println((String) list.get(i));
-		}
-		first = true;
-	    }
-	    return pc;
-	} else {
-	    throw new IllegalStateException("No policies in provider");
-	}
+        if (policies.isEmpty()) throw new IllegalStateException("No policies in provider");
+        PermissionCollection pc = new ConcurrentPermissions();
+        Iterator<Policy> it = policies.iterator();
+        while (it.hasNext()){
+            Policy policy = it.next();
+            PermissionCollection col = policy.getPermissions(domain);
+            Enumeration<Permission> e = col.elements();
+            while(e.hasMoreElements()){
+                pc.add(e.nextElement());
+            }
+        }
+        return pc;
     }
 
     /**
@@ -214,4 +259,70 @@ public class MergedPolicyProvider extend
 	    p.refresh();
 	}
     }
+
+    public boolean isConcurrent() {
+        if (policies.isEmpty()) throw new IllegalStateException("No policies in provider");
+        Iterator<Policy> it = policies.iterator();
+        while (it.hasNext()){
+            Policy p = it.next();
+            if (p instanceof ConcurrentPolicy){
+                if (!((ConcurrentPolicy)p).isConcurrent()) return false;
+            } else {
+                return false;
+            }
+        }
+        return true;
+    }
+
+    public PermissionGrant[] getPermissionGrants(ProtectionDomain domain) {
+        if (policies.isEmpty()) throw new IllegalStateException("No policies in provider");
+        List<PermissionGrant[]> perms = new ArrayList<PermissionGrant[]>(policies.size());
+        Iterator<Policy> it = policies.iterator();
+        int arrayLength = 0;
+        while (it.hasNext()){
+            Policy p = it.next();
+            if (p instanceof ConcurrentPolicy){
+                PermissionGrant [] g = ((ConcurrentPolicy)p).getPermissionGrants(domain);
+                arrayLength = arrayLength + g.length;
+                perms.add(g);
+            }
+        }
+        PermissionGrant [] result = new PermissionGrant[arrayLength];
+        int index = 0;
+        Iterator<PermissionGrant[]> grants = perms.iterator();
+        while (grants.hasNext()){
+            PermissionGrant [] g = grants.next();
+            int l = g.length;
+            for (int i = 0; i < l; i++, index++){
+                result[index] = g[i];
+            }
+        }
+        return result;
+    }
+    
+    public PermissionGrant[] getPermissionGrants() {
+        if (policies.isEmpty()) throw new IllegalStateException("No policies in provider");
+        List<PermissionGrant[]> perms = new ArrayList<PermissionGrant[]>(policies.size());
+        Iterator<Policy> it = policies.iterator();
+        int arrayLength = 0;
+        while (it.hasNext()){
+            Policy p = it.next();
+            if (p instanceof ConcurrentPolicy){
+                PermissionGrant [] g = ((ConcurrentPolicy)p).getPermissionGrants();
+                arrayLength = arrayLength + g.length;
+                perms.add(g);
+            }
+        }
+        PermissionGrant [] result = new PermissionGrant[arrayLength];
+        int index = 0;
+        Iterator<PermissionGrant[]> grants = perms.iterator();
+        while (grants.hasNext()){
+            PermissionGrant [] g = grants.next();
+            int l = g.length;
+            for (int i = 0; i < l; i++, index++){
+                result[index] = g[i];
+            }
+        }
+        return result;
+    }
 }

Modified: river/jtsk/merge/qa/src/com/sun/jini/qa/harness/QATest.java
URL: http://svn.apache.org/viewvc/river/jtsk/merge/qa/src/com/sun/jini/qa/harness/QATest.java?rev=1290948&r1=1290947&r2=1290948&view=diff
==============================================================================
--- river/jtsk/merge/qa/src/com/sun/jini/qa/harness/QATest.java (original)
+++ river/jtsk/merge/qa/src/com/sun/jini/qa/harness/QATest.java Sun Feb 19 04:51:20 2012
@@ -24,7 +24,10 @@ import java.io.PrintWriter;
 import java.io.File;
 import java.rmi.RemoteException;
 import java.util.ArrayList;
+import java.util.Collection;
+import java.util.Collections;
 import java.util.Iterator;
+import java.util.List;
 import java.util.logging.Logger;
 import java.util.logging.Level;
 
@@ -46,17 +49,17 @@ import net.jini.core.lease.UnknownLeaseE
 public abstract class QATest implements Test {
 
     /** the logger */
-    protected static Logger logger = 
+    protected static final Logger logger = 
 	Logger.getLogger("com.sun.jini.qa.harness");
 
     /** Keeps track of leases for automatic cancellation when test ends. */
-    private ArrayList leaseArray = new ArrayList();
+    private final Collection<Lease> leaseArray = new ArrayList<Lease>();
 
     /** The admin manager for managing services */
-    protected AdminManager manager;
+    protected volatile AdminManager manager;
 
     /** The config object for accessing the test environment */
-    protected QAConfig config;
+    protected volatile QAConfig config;
 
     /** 
      * Mostly mimics the behavior of the assert keyword. 

Modified: river/jtsk/merge/qa/src/com/sun/jini/qa/harness/TestDescription.java
URL: http://svn.apache.org/viewvc/river/jtsk/merge/qa/src/com/sun/jini/qa/harness/TestDescription.java?rev=1290948&r1=1290947&r2=1290948&view=diff
==============================================================================
--- river/jtsk/merge/qa/src/com/sun/jini/qa/harness/TestDescription.java (original)
+++ river/jtsk/merge/qa/src/com/sun/jini/qa/harness/TestDescription.java Sun Feb 19 04:51:20 2012
@@ -603,7 +603,9 @@ public class TestDescription implements 
 	ArrayList cmdList = new ArrayList(10);
 	cmdList.add(getJVM());
         // Uncomment the following line if you want to debug permission requests
-        //cmdList.add("-Djava.security.manager=com.sun.jini.tool.ProfilingSecurityManager");
+//        cmdList.add("-Djava.security.manager=com.sun.jini.tool.ProfilingSecurityManager");
+//        cmdList.add("-Djava.security.manager=java.lang.SecurityManager");
+        cmdList.add("-Djava.security.manager=org.apache.river.api.security.DelegateCombinerSecurityManager");
 	cmdList.add("-Djava.security.policy=" + getPolicyFile());
 	if (getCodebase() != null) {
 	    cmdList.add("-Djava.rmi.server.codebase=" + getCodebase());

Modified: river/jtsk/merge/qa/src/com/sun/jini/qa/resources/qaDefaults.properties
URL: http://svn.apache.org/viewvc/river/jtsk/merge/qa/src/com/sun/jini/qa/resources/qaDefaults.properties?rev=1290948&r1=1290947&r2=1290948&view=diff
==============================================================================
--- river/jtsk/merge/qa/src/com/sun/jini/qa/resources/qaDefaults.properties (original)
+++ river/jtsk/merge/qa/src/com/sun/jini/qa/resources/qaDefaults.properties Sun Feb 19 04:51:20 2012
@@ -210,11 +210,14 @@ com.sun.jini.qa.harness.actdeathdelay=5
 #   system property if that property is defined. The '-OD' marker flags this
 #   property as optional. If the property is not defined as a system property
 #   or in any configuration file, then the property will not be set on the VM.
-#
+#   
 #   You might find the following debugging options useful
 #       -Djava.security.debug=access:failure,\
 #       -Djava.security.manager=com.sun.jini.tool.ProfilingSecurityManager,\
+#       -Djava.security.manager=org.apache.river.api.security.DelegateCombinerSecurityManager,\
 #       -Dpolicy.provider=net.jini.security.policy.DynamicPolicyProvider,\
+#       -Djava.security.manager=java.rmi.RMISecurityManager,\
+
 
 # no cosmetic whitespace
 com.sun.jini.qa.harness.globalvmargs=\
@@ -249,7 +252,11 @@ testPolicyfile=<url:harness/policy/defau
 # The default classpath. This property must be defined, and must include
 # all Jini dependencies as components
 
-testClasspath=<harnessJar>$:<testJar>$:${com.sun.jini.jsk.home}$/lib$/jsk-platform.jar$:${com.sun.jini.jsk.home}$/lib$/jsk-lib.jar
+testClasspath=<harnessJar>$:<testJar>$:${com.sun.jini.jsk.home}$/lib$/jsk-platform.jar$:${com.sun.jini.jsk.home}$/lib$/jsk-lib.jar$:${com.sun.jini.jsk.home}$/lib$/high-scale-lib.jar
+
+# Alternate test classpath, for tests that don't use <testJar>
+#
+altClasspath=<harnessJar>$:${com.sun.jini.jsk.home}$/lib$/jsk-platform.jar$:${com.sun.jini.jsk.home}$/lib$/jsk-lib.jar$:${com.sun.jini.jsk.home}$/lib$/high-scale-lib.jar
 
 #
 # Services run with server vm; test runs with client vm

Modified: river/jtsk/merge/qa/src/com/sun/jini/test/impl/reggie/NameServiceImpl.java
URL: http://svn.apache.org/viewvc/river/jtsk/merge/qa/src/com/sun/jini/test/impl/reggie/NameServiceImpl.java?rev=1290948&r1=1290947&r2=1290948&view=diff
==============================================================================
--- river/jtsk/merge/qa/src/com/sun/jini/test/impl/reggie/NameServiceImpl.java (original)
+++ river/jtsk/merge/qa/src/com/sun/jini/test/impl/reggie/NameServiceImpl.java Sun Feb 19 04:51:20 2012
@@ -39,17 +39,25 @@ public class NameServiceImpl implements 
 
     }
 
-    public InetAddress[] lookupAllHostAddr(String host)
+//    public byte [][] lookupAllHostAddr(String host)
+    public InetAddress [] lookupAllHostAddr(String host)
 	throws UnknownHostException
     {
         if (host.equalsIgnoreCase(testClient)) {
-            return ( new InetAddress[] 
-                       { InetAddress.getByAddress(addr1),
-                         InetAddress.getByAddress(addr2),
-                         InetAddress.getByAddress(localhostAddr) } );
+//            return ( new byte [][] 
+//                       { InetAddress.getByAddress(addr1).getAddress(),
+//                         InetAddress.getByAddress(addr2).getAddress(),
+//                         InetAddress.getByAddress(localhostAddr).getAddress()
+            return (new InetAddress []{
+                InetAddress.getByAddress(addr1),
+                InetAddress.getByAddress(addr2),
+                InetAddress.getByAddress(localhostAddr)
+            });
         } else if (host.equalsIgnoreCase(localhost)) {
-            return ( new InetAddress[] 
-                       { InetAddress.getByAddress(localhostAddr) } );
+            return 
+//                    ( new byte[][] { InetAddress.getByAddress(localhostAddr).getAddress()
+                  (new InetAddress [] {  InetAddress.getByAddress(localhostAddr)
+            });
         } else {
 	    throw new UnknownHostException(host);
         }

Modified: river/jtsk/merge/qa/src/com/sun/jini/test/impl/start/ClassLoaderTest.td
URL: http://svn.apache.org/viewvc/river/jtsk/merge/qa/src/com/sun/jini/test/impl/start/ClassLoaderTest.td?rev=1290948&r1=1290947&r2=1290948&view=diff
==============================================================================
--- river/jtsk/merge/qa/src/com/sun/jini/test/impl/start/ClassLoaderTest.td (original)
+++ river/jtsk/merge/qa/src/com/sun/jini/test/impl/start/ClassLoaderTest.td Sun Feb 19 04:51:20 2012
@@ -2,7 +2,7 @@ testClass=ClassLoaderTest
 testCategories=start,start_impl
 #testClasspath=${com.sun.jini.qa.home}$/lib$/harness.jar$:${com.sun.jini.qa.home}$/lib$/qa1-start-tests.jar$:${com.sun.jini.qa.home}$/lib$/$qajinidep$:${com.sun.jini.jsk.home}$/lib$/jsk-platform.jar
 
-testClasspath=<harnessJar>$:<file:lib/qa1-start-tests.jar>$:${com.sun.jini.jsk.home}$/lib$/jsk-platform.jar$:${com.sun.jini.jsk.home}$/lib$/jsk-lib.jar
+testClasspath=${altClasspath}$:<file:lib/qa1-start-tests.jar>
 
 
 /*******************************************************************************

Modified: river/jtsk/merge/qa/src/com/sun/jini/test/impl/start/ClasspathTest.td
URL: http://svn.apache.org/viewvc/river/jtsk/merge/qa/src/com/sun/jini/test/impl/start/ClasspathTest.td?rev=1290948&r1=1290947&r2=1290948&view=diff
==============================================================================
--- river/jtsk/merge/qa/src/com/sun/jini/test/impl/start/ClasspathTest.td (original)
+++ river/jtsk/merge/qa/src/com/sun/jini/test/impl/start/ClasspathTest.td Sun Feb 19 04:51:20 2012
@@ -2,7 +2,7 @@ testClass=ClasspathTest
 testCategories=start,start_impl
 #testClasspath=${com.sun.jini.qa.home}$/lib$/harness.jar$:${com.sun.jini.qa.home}$/lib$/qa1-start-tests.jar$:${com.sun.jini.qa.home}$/lib$/$qajinidep$:${com.sun.jini.jsk.home}$/lib$/jsk-platform.jar
 
-testClasspath=<harnessJar>$:<file:lib/qa1-start-tests.jar>$:${com.sun.jini.jsk.home}$/lib$/jsk-platform.jar$:${com.sun.jini.jsk.home}$/lib$/jsk-lib.jar
+testClasspath=${altClasspath}$:<file:lib/qa1-start-tests.jar>
 
 
 /*******************************************************************************

Modified: river/jtsk/merge/qa/src/com/sun/jini/test/impl/start/CodebaseTest.td
URL: http://svn.apache.org/viewvc/river/jtsk/merge/qa/src/com/sun/jini/test/impl/start/CodebaseTest.td?rev=1290948&r1=1290947&r2=1290948&view=diff
==============================================================================
--- river/jtsk/merge/qa/src/com/sun/jini/test/impl/start/CodebaseTest.td (original)
+++ river/jtsk/merge/qa/src/com/sun/jini/test/impl/start/CodebaseTest.td Sun Feb 19 04:51:20 2012
@@ -2,7 +2,7 @@ testClass=CodebaseTest
 testCategories=start,start_impl
 #testClasspath=${com.sun.jini.qa.home}$/lib$/harness.jar$:${com.sun.jini.qa.home}$/lib$/qa1-start-tests.jar$:${com.sun.jini.qa.home}$/lib$/$qajinidep$:${com.sun.jini.jsk.home}$/lib$/jsk-platform.jar
 
-testClasspath=<harnessJar>$:<file:lib/qa1-start-tests.jar>$:${com.sun.jini.jsk.home}$/lib$/jsk-platform.jar$:${com.sun.jini.jsk.home}$/lib$/jsk-lib.jar
+testClasspath=${altClasspath}$:<file:lib/qa1-start-tests.jar>
 
 
 /*******************************************************************************

Modified: river/jtsk/merge/qa/src/com/sun/jini/test/impl/start/SecurityTest.td
URL: http://svn.apache.org/viewvc/river/jtsk/merge/qa/src/com/sun/jini/test/impl/start/SecurityTest.td?rev=1290948&r1=1290947&r2=1290948&view=diff
==============================================================================
--- river/jtsk/merge/qa/src/com/sun/jini/test/impl/start/SecurityTest.td (original)
+++ river/jtsk/merge/qa/src/com/sun/jini/test/impl/start/SecurityTest.td Sun Feb 19 04:51:20 2012
@@ -2,8 +2,11 @@ testClass=SecurityTest
 testCategories=start,start_impl
 #testClasspath=${com.sun.jini.qa.home}$/lib$/harness.jar$:${com.sun.jini.qa.home}$/lib$/qa1-start-tests.jar$:${com.sun.jini.qa.home}$/lib$/$qajinidep$:${com.sun.jini.jsk.home}$/lib$/jsk-platform.jar
 
-testClasspath=<harnessJar>$:<file:lib/qa1-start-tests.jar>$:${com.sun.jini.jsk.home}$/lib$/jsk-platform.jar$:${com.sun.jini.jsk.home}$/lib$/jsk-lib.jar
-
+testClasspath=${altClasspath}$:<file:lib/qa1-start-tests.jar>
+#testjvmargs=\
+#-Xdebug,\
+#-Xrunjdwp:transport=dt_socket+,address=8000+,server=y+,suspend=y,\
+#${testjvmargs}
 
 /*******************************************************************************
  * Test-specific property files
@@ -15,7 +18,8 @@ com.sun.jini.test.impl.start.SecurityTes
 com.sun.jini.test.impl.start.SecurityTest1.codebase=http://${HOST}:${com.sun.jini.test.port}/qa1-start-testservice1-dl.jar
 com.sun.jini.test.impl.start.SecurityTest1.policyfile=<url:securityTest.testservice1.policy>
 com.sun.jini.test.impl.start.SecurityTest1.log=none
-com.sun.jini.test.impl.start.SecurityTest1.serverjvmargs=
+com.sun.jini.test.impl.start.SecurityTest1.serverjvmargs=-Dnet.jini.security.policy.PolicyFileProvider.basePolicyClass=sun.security.provider.PolicyFile,\
+-Dnet.jini.security.policy.DynamicPolicyProvider.basePolicyClass=net.jini.security.policy.PolicyFileProvider
 com.sun.jini.test.impl.start.SecurityTest1.serviceConfiguration=<url:configs/<config>/testservice.config>
 com.sun.jini.test.impl.start.SecurityTest1.starterConfiguration=<url:configs/<config>/testservice.config>
 com.sun.jini.test.impl.start.SecurityTest1.host=master

Modified: river/jtsk/merge/qa/src/com/sun/jini/test/impl/start/SecurityTestNonActivatable.td
URL: http://svn.apache.org/viewvc/river/jtsk/merge/qa/src/com/sun/jini/test/impl/start/SecurityTestNonActivatable.td?rev=1290948&r1=1290947&r2=1290948&view=diff
==============================================================================
--- river/jtsk/merge/qa/src/com/sun/jini/test/impl/start/SecurityTestNonActivatable.td (original)
+++ river/jtsk/merge/qa/src/com/sun/jini/test/impl/start/SecurityTestNonActivatable.td Sun Feb 19 04:51:20 2012
@@ -3,7 +3,7 @@ testCategories=start,start_impl
 
 #testClasspath=${com.sun.jini.qa.home}$/lib$/harness.jar$:${com.sun.jini.qa.home}$/lib$/qa1-start-tests.jar$:${com.sun.jini.qa.home}$/lib$/$qajinidep$:${com.sun.jini.jsk.home}$/lib$/jsk-platform.jar
 
-testClasspath=<harnessJar>$:<file:lib/qa1-start-tests.jar>$:${com.sun.jini.jsk.home}$/lib$/jsk-platform.jar$:${com.sun.jini.jsk.home}$/lib$/jsk-lib.jar
+testClasspath=${altClasspath}$:<file:lib/qa1-start-tests.jar>
 
 
 /*******************************************************************************

Modified: river/jtsk/merge/qa/src/com/sun/jini/test/impl/start/ServiceStarterCreateBadTransientServiceTest.td
URL: http://svn.apache.org/viewvc/river/jtsk/merge/qa/src/com/sun/jini/test/impl/start/ServiceStarterCreateBadTransientServiceTest.td?rev=1290948&r1=1290947&r2=1290948&view=diff
==============================================================================
--- river/jtsk/merge/qa/src/com/sun/jini/test/impl/start/ServiceStarterCreateBadTransientServiceTest.td (original)
+++ river/jtsk/merge/qa/src/com/sun/jini/test/impl/start/ServiceStarterCreateBadTransientServiceTest.td Sun Feb 19 04:51:20 2012
@@ -1,3 +1,7 @@
 testClass=ServiceStarterCreateBadTransientServiceTest
 testCategories=start,start_impl
 include0=start.properties
+#testjvmargs=\
+#-Xdebug,\
+#-Xrunjdwp:transport=dt_socket+,address=8000+,server=y+,suspend=y,\
+#${testjvmargs}
\ No newline at end of file

Modified: river/jtsk/merge/qa/src/com/sun/jini/test/impl/start/aggregatepolicyprovider/GetContextTest.java
URL: http://svn.apache.org/viewvc/river/jtsk/merge/qa/src/com/sun/jini/test/impl/start/aggregatepolicyprovider/GetContextTest.java?rev=1290948&r1=1290947&r2=1290948&view=diff
==============================================================================
--- river/jtsk/merge/qa/src/com/sun/jini/test/impl/start/aggregatepolicyprovider/GetContextTest.java (original)
+++ river/jtsk/merge/qa/src/com/sun/jini/test/impl/start/aggregatepolicyprovider/GetContextTest.java Sun Feb 19 04:51:20 2012
@@ -43,20 +43,20 @@ import com.sun.jini.qa.harness.QAConfig;
  */
 public class GetContextTest extends QATest {
 
-    public static SecurityContext securityContext;
-    public static Permission[] passPermissions = {
+    public static volatile SecurityContext securityContext;
+    public static final Permission[] passPermissions = {
 	new RuntimePermission("A")
     };
-    public static Permission[] failPermissions = { 
+    public static final Permission[] failPermissions = { 
 	new RuntimePermission("B"),
 	new RuntimePermission("C"),
 	new RuntimePermission("D")
     };
-    public static PrivilegedAction checkContextAction;
-    public static ClassLoader contextClassLoader;
-    private String getContextJarFile;
-    private String restoreContextJarFile;
-    private String checkContextActionJarFile;
+    public static volatile PrivilegedAction checkContextAction;
+    public static volatile ClassLoader contextClassLoader;
+    private volatile String getContextJarFile;
+    private volatile String restoreContextJarFile;
+    private volatile String checkContextActionJarFile;
 
     public void setup(QAConfig sysConfig) throws Exception {
 	super.setup(sysConfig);

Modified: river/jtsk/merge/qa/src/com/sun/jini/test/impl/start/aggregatepolicyprovider/GetContextTest.policy
URL: http://svn.apache.org/viewvc/river/jtsk/merge/qa/src/com/sun/jini/test/impl/start/aggregatepolicyprovider/GetContextTest.policy?rev=1290948&r1=1290947&r2=1290948&view=diff
==============================================================================
--- river/jtsk/merge/qa/src/com/sun/jini/test/impl/start/aggregatepolicyprovider/GetContextTest.policy (original)
+++ river/jtsk/merge/qa/src/com/sun/jini/test/impl/start/aggregatepolicyprovider/GetContextTest.policy Sun Feb 19 04:51:20 2012
@@ -25,8 +25,14 @@ grant codebase "file:${com.sun.jini.qa.h
     permission java.security.AllPermission "", "";
 };
 
-grant codeBase "file:${java.home}/lib/ext/*" {
-    permission java.security.AllPermission;
+//grant codeBase "file:${java.home}/lib/ext/*" {
+//    permission java.security.AllPermission;
+//};
+
+// For SecurityManager used from command line
+grant codeBase "file:${com.sun.jini.qa.home}${/}lib${/}qa1-start-tests.jar" {
+    permission java.io.FilePermission "-", "read";
+    permission java.lang.RuntimePermission "getProtectionDomain";
 };
 
 grant {
@@ -39,6 +45,7 @@ grant {
     permission java.util.PropertyPermission "*", "read,write";
     permission java.security.SecurityPermission "getProperty.*";
     permission java.security.SecurityPermission "setPolicy";
+    permission java.security.SecurityPermission "getPolicy";
 };
 
 grant codeBase "file:${com.sun.jini.test.home}${/}lib${/}qa1-start-cb1.jar" {

Modified: river/jtsk/merge/qa/src/com/sun/jini/test/impl/start/aggregatepolicyprovider/GetContextTest.td
URL: http://svn.apache.org/viewvc/river/jtsk/merge/qa/src/com/sun/jini/test/impl/start/aggregatepolicyprovider/GetContextTest.td?rev=1290948&r1=1290947&r2=1290948&view=diff
==============================================================================
--- river/jtsk/merge/qa/src/com/sun/jini/test/impl/start/aggregatepolicyprovider/GetContextTest.td (original)
+++ river/jtsk/merge/qa/src/com/sun/jini/test/impl/start/aggregatepolicyprovider/GetContextTest.td Sun Feb 19 04:51:20 2012
@@ -2,9 +2,13 @@ testClass=GetContextTest
 testCategories=start,start_impl
 #testClasspath=<harnessJar>$:${com.sun.jini.qa.home}$/lib$/qa1-start-tests.jar$:${com.sun.jini.qa.home}$/lib$/$qajinidep$:${com.sun.jini.jsk.home}$/lib$/jsk-platform.jar
 
-testClasspath=<harnessJar>$:<file:lib/qa1-start-tests.jar>$:${com.sun.jini.jsk.home}$/lib$/jsk-platform.jar$:${com.sun.jini.jsk.home}$/lib$/jsk-lib.jar
+testClasspath=${altClasspath}$:<file:lib/qa1-start-tests.jar>
 testPolicyfile=GetContextTest.policy
 getContextJarFile=<file:lib/qa1-start-cb1.jar>
 restoreContextJarFile=<file:lib/qa1-start-cb2.jar>
 checkContextActionJarFile=<file:lib/qa1-start-cb3.jar>
 include0=../start.properties
+#testjvmargs=\
+#-Xdebug,\
+#-Xrunjdwp:transport=dt_socket+,address=8000+,server=y+,suspend=y,\
+#${testjvmargs}
\ No newline at end of file

Modified: river/jtsk/merge/qa/src/com/sun/jini/test/impl/start/aggregatepolicyprovider/SubPoliciesTest.0.policy
URL: http://svn.apache.org/viewvc/river/jtsk/merge/qa/src/com/sun/jini/test/impl/start/aggregatepolicyprovider/SubPoliciesTest.0.policy?rev=1290948&r1=1290947&r2=1290948&view=diff
==============================================================================
--- river/jtsk/merge/qa/src/com/sun/jini/test/impl/start/aggregatepolicyprovider/SubPoliciesTest.0.policy (original)
+++ river/jtsk/merge/qa/src/com/sun/jini/test/impl/start/aggregatepolicyprovider/SubPoliciesTest.0.policy Sun Feb 19 04:51:20 2012
@@ -25,8 +25,15 @@ grant codebase "file:${com.sun.jini.qa.h
     permission java.security.AllPermission "", "";
 };
 
-grant codeBase "file:${java.home}/lib/ext/*" {
-    permission java.security.AllPermission;
+grant codeBase "file:${{java.ext.dirs}}/*" {
+        permission java.security.AllPermission;
+};
+
+
+// For SecurityManager used from command line
+grant codeBase "file:${com.sun.jini.qa.home}${/}lib${/}qa1-start-tests.jar" {
+    //permission java.io.FilePermission "-", "read";
+    permission java.lang.RuntimePermission "getProtectionDomain";
 };
 
 grant {
@@ -39,10 +46,12 @@ grant {
     permission java.lang.RuntimePermission "createClassLoader";
     permission java.lang.RuntimePermission "setContextClassLoader";
     permission java.lang.RuntimePermission "setSecurityManager";
+    permission java.lang.RuntimePermission "getProtectionDomain";
     permission java.util.PropertyPermission
         "java.security.policy", "read,write";
     permission java.security.SecurityPermission "getProperty.*";
     permission java.security.SecurityPermission "setPolicy";
+    permission java.security.SecurityPermission "getPolicy";
     permission java.util.PropertyPermission "*", "read";
 };
 

Modified: river/jtsk/merge/qa/src/com/sun/jini/test/impl/start/aggregatepolicyprovider/SubPoliciesTest.td
URL: http://svn.apache.org/viewvc/river/jtsk/merge/qa/src/com/sun/jini/test/impl/start/aggregatepolicyprovider/SubPoliciesTest.td?rev=1290948&r1=1290947&r2=1290948&view=diff
==============================================================================
--- river/jtsk/merge/qa/src/com/sun/jini/test/impl/start/aggregatepolicyprovider/SubPoliciesTest.td (original)
+++ river/jtsk/merge/qa/src/com/sun/jini/test/impl/start/aggregatepolicyprovider/SubPoliciesTest.td Sun Feb 19 04:51:20 2012
@@ -2,7 +2,7 @@ testClass=SubPoliciesTest
 testCategories=start,start_impl
 #testClasspath=${com.sun.jini.qa.home}$/lib$/harness.jar$:${com.sun.jini.qa.home}$/lib$/qa1-start-tests.jar$:${com.sun.jini.qa.home}$/lib$/$qajinidep$:${com.sun.jini.jsk.home}$/lib$/jsk-platform.jar
 
-testClasspath=<harnessJar>$:<file:lib/qa1-start-tests.jar>$:${com.sun.jini.jsk.home}$/lib$/jsk-platform.jar$:${com.sun.jini.jsk.home}$/lib$/jsk-lib.jar
+testClasspath=${altClasspath}$:<file:lib/qa1-start-tests.jar>
 testPolicyfile=SubPoliciesTest.0.policy
 
 #!!!! the next two lines are wrong

Modified: river/jtsk/merge/qa/src/com/sun/jini/test/impl/start/loadersplitpolicyprovider/LoaderSplitPolicyProviderTest.java
URL: http://svn.apache.org/viewvc/river/jtsk/merge/qa/src/com/sun/jini/test/impl/start/loadersplitpolicyprovider/LoaderSplitPolicyProviderTest.java?rev=1290948&r1=1290947&r2=1290948&view=diff
==============================================================================
--- river/jtsk/merge/qa/src/com/sun/jini/test/impl/start/loadersplitpolicyprovider/LoaderSplitPolicyProviderTest.java (original)
+++ river/jtsk/merge/qa/src/com/sun/jini/test/impl/start/loadersplitpolicyprovider/LoaderSplitPolicyProviderTest.java Sun Feb 19 04:51:20 2012
@@ -28,10 +28,12 @@ import net.jini.security.policy.*;
 import java.io.File;
 import java.net.*;
 import java.security.*;
-import java.util.Collections;
 import com.sun.jini.qa.harness.QATest;
 import com.sun.jini.qa.harness.QAConfig;
 import com.sun.jini.qa.harness.TestException;
+import java.util.Enumeration;
+import java.util.HashSet;
+import java.util.Set;
 
 public class LoaderSplitPolicyProviderTest extends QATest {
     private String ldrPolicyFile;
@@ -146,7 +148,7 @@ public class LoaderSplitPolicyProviderTe
 	    throw new TestException("Does not satisfy implies conditions for "
                     + perm + ".");
 	}
-
+        
 	if (!contains(pol.getPermissions(myPd), perm) ||
 	    contains(pol.getPermissions(fooPd), perm) ||
 	    contains(pol.getPermissions(barPd), perm) ||
@@ -212,7 +214,22 @@ public class LoaderSplitPolicyProviderTe
 	}
     }
 
+    /*
+     * Dynamic policy no longer returns the permission directly, instead
+     * it encapsulates it in a container Permission that implies nothing,
+     * it is useful for debugging only since it delegates toString()
+     * to the encapsulated Permission.
+     * 
+     * Dynamic policy does this to prevent the Permission becoming merged
+     * in the ProtectionDomain.
+     */
     static boolean contains(PermissionCollection pc, Permission p) {
-	return Collections.list(pc.elements()).contains(p);
+//	return Collections.list(pc.elements()).contains(p);
+        Set<String> perms = new HashSet<String>();
+        Enumeration<Permission> e = pc.elements();
+        while (e.hasMoreElements()){
+            perms.add(e.nextElement().toString());
+        }
+        return perms.contains(p.toString());
     }
 }

Modified: river/jtsk/merge/qa/src/com/sun/jini/test/impl/start/loadersplitpolicyprovider/LoaderSplitPolicyProviderTest.td
URL: http://svn.apache.org/viewvc/river/jtsk/merge/qa/src/com/sun/jini/test/impl/start/loadersplitpolicyprovider/LoaderSplitPolicyProviderTest.td?rev=1290948&r1=1290947&r2=1290948&view=diff
==============================================================================
--- river/jtsk/merge/qa/src/com/sun/jini/test/impl/start/loadersplitpolicyprovider/LoaderSplitPolicyProviderTest.td (original)
+++ river/jtsk/merge/qa/src/com/sun/jini/test/impl/start/loadersplitpolicyprovider/LoaderSplitPolicyProviderTest.td Sun Feb 19 04:51:20 2012
@@ -1,6 +1,6 @@
 testClass=LoaderSplitPolicyProviderTest
 testCategories=start,start_impl
-testClasspath=<harnessJar>$:<file:lib/qa1-start-tests.jar>$:${com.sun.jini.jsk.home}$/lib$/jsk-platform.jar$:${com.sun.jini.jsk.home}$/lib$/jsk-lib.jar
+testClasspath=${altClasspath}$:<file:lib/qa1-start-tests.jar>
 testPolicyfile=<url:harness/policy/defaulttest.policy>
 ldrPolicyfile=<url:LoaderSplitPolicyProviderTest.loader.policy>
 defPolicyfile=<url:/LoaderSplitPolicyProviderTest.default.policy>

Modified: river/jtsk/merge/qa/src/com/sun/jini/test/impl/start/securityTest.sharedgroup.policy
URL: http://svn.apache.org/viewvc/river/jtsk/merge/qa/src/com/sun/jini/test/impl/start/securityTest.sharedgroup.policy?rev=1290948&r1=1290947&r2=1290948&view=diff
==============================================================================
--- river/jtsk/merge/qa/src/com/sun/jini/test/impl/start/securityTest.sharedgroup.policy (original)
+++ river/jtsk/merge/qa/src/com/sun/jini/test/impl/start/securityTest.sharedgroup.policy Sun Feb 19 04:51:20 2012
@@ -1,3 +1,11 @@
+/* Grants required for SecurityManager used a startup: */
+
+grant codebase "file:${com.sun.jini.jsk.home}${/}lib${/}jsk-platform.jar" {
+    permission java.security.AllPermission "", "";
+};
+
+/* end grants required for SecurityManager during startup. */
+
 grant {
     permission java.io.FilePermission "${java.io.tmpdir}${/}-", "read,write,delete";
     permission java.net.SocketPermission "*:*", "connect,resolve";

Modified: river/jtsk/merge/qa/src/com/sun/jini/test/impl/start/securityTest.testservice1.policy
URL: http://svn.apache.org/viewvc/river/jtsk/merge/qa/src/com/sun/jini/test/impl/start/securityTest.testservice1.policy?rev=1290948&r1=1290947&r2=1290948&view=diff
==============================================================================
--- river/jtsk/merge/qa/src/com/sun/jini/test/impl/start/securityTest.testservice1.policy (original)
+++ river/jtsk/merge/qa/src/com/sun/jini/test/impl/start/securityTest.testservice1.policy Sun Feb 19 04:51:20 2012
@@ -1,3 +1,11 @@
+/* Grants required for SecurityManager used a startup: */
+
+grant codebase "file:${com.sun.jini.jsk.home}${/}lib${/}jsk-platform.jar" {
+    permission java.security.AllPermission "", "";
+};
+
+/* end grants required for SecurityManager during startup. */
+
 grant {
     permission java.io.FilePermission
     "${java.io.tmpdir}${/}testservice1", "read";

Modified: river/jtsk/merge/qa/src/com/sun/jini/test/impl/start/securityTest.testservice2.policy
URL: http://svn.apache.org/viewvc/river/jtsk/merge/qa/src/com/sun/jini/test/impl/start/securityTest.testservice2.policy?rev=1290948&r1=1290947&r2=1290948&view=diff
==============================================================================
--- river/jtsk/merge/qa/src/com/sun/jini/test/impl/start/securityTest.testservice2.policy (original)
+++ river/jtsk/merge/qa/src/com/sun/jini/test/impl/start/securityTest.testservice2.policy Sun Feb 19 04:51:20 2012
@@ -1,3 +1,11 @@
+/* Grants required for SecurityManager used a startup: */
+
+grant codebase "file:${com.sun.jini.jsk.home}${/}lib${/}jsk-platform.jar" {
+    permission java.security.AllPermission "", "";
+};
+
+/* end grants required for SecurityManager during startup. */
+
 grant {
     permission java.io.FilePermission "${java.io.tmpdir}${/}testservice2", "read";
     permission java.io.FilePermission

Modified: river/jtsk/merge/qa/src/com/sun/jini/test/resources/jinitest.policy
URL: http://svn.apache.org/viewvc/river/jtsk/merge/qa/src/com/sun/jini/test/resources/jinitest.policy?rev=1290948&r1=1290947&r2=1290948&view=diff
==============================================================================
--- river/jtsk/merge/qa/src/com/sun/jini/test/resources/jinitest.policy (original)
+++ river/jtsk/merge/qa/src/com/sun/jini/test/resources/jinitest.policy Sun Feb 19 04:51:20 2012
@@ -8,10 +8,19 @@ grant codebase "file:${com.sun.jini.test
 };
 
 grant {
+        permission java.util.PropertyPermission "java.system.class.loader", "read";
 	permission java.io.FilePermission "${com.sun.jini.test.home}${/}lib${/}-", "read";
         permission java.util.PropertyPermission "com.sun.jini.reggie.enableImplToStubReplacement", "read";
 };
 
+grant {
+    permission com.sun.jini.phoenix.ExecOptionPermission "*";
+    // for a start test
+    permission com.sun.jini.phoenix.ExecPermission "/bin/javax";
+    permission java.util.PropertyPermission "FILEPOLICY02", "read";
+    permission java.security.SecurityPermission "getPolicy";
+};
+
 grant codebase "file:${com.sun.jini.test.home}${/}lib${/}qa1-start-tests.jar" {
     permission java.security.AllPermission "", "";
 };
@@ -46,6 +55,10 @@ grant codebase "file:${com.sun.jini.test
     permission java.security.AllPermission "", "";
 };
 
+// required for new PolicyFile provider.
+grant codeBase "file:${{java.ext.dirs}}/*" {
+        permission java.security.AllPermission;
+};
 
 grant codebase "file:${com.sun.jini.qa.harness.testJar}" {
     permission net.jini.security.GrantPermission

Modified: river/jtsk/merge/qa/src/com/sun/jini/test/spec/config/configurationfile/configurationfile.policy
URL: http://svn.apache.org/viewvc/river/jtsk/merge/qa/src/com/sun/jini/test/spec/config/configurationfile/configurationfile.policy?rev=1290948&r1=1290947&r2=1290948&view=diff
==============================================================================
--- river/jtsk/merge/qa/src/com/sun/jini/test/spec/config/configurationfile/configurationfile.policy (original)
+++ river/jtsk/merge/qa/src/com/sun/jini/test/spec/config/configurationfile/configurationfile.policy Sun Feb 19 04:51:20 2012
@@ -1,3 +1,12 @@
+/* Grants required for SecurityManager used a startup: */
+
+grant codebase "file:${com.sun.jini.jsk.home}${/}lib${/}jsk-platform.jar" {
+    permission java.security.AllPermission "", "";
+};
+
+/* end grants required for SecurityManager during startup. */
+
+
 grant {
     permission java.security.SecurityPermission "getDomainCombiner";
     permission java.security.SecurityPermission "createAccessControlContext";

Modified: river/jtsk/merge/qa/src/com/sun/jini/test/spec/export/servercontext/GetServerContextElement_NoContext.td
URL: http://svn.apache.org/viewvc/river/jtsk/merge/qa/src/com/sun/jini/test/spec/export/servercontext/GetServerContextElement_NoContext.td?rev=1290948&r1=1290947&r2=1290948&view=diff
==============================================================================
--- river/jtsk/merge/qa/src/com/sun/jini/test/spec/export/servercontext/GetServerContextElement_NoContext.td (original)
+++ river/jtsk/merge/qa/src/com/sun/jini/test/spec/export/servercontext/GetServerContextElement_NoContext.td Sun Feb 19 04:51:20 2012
@@ -1,5 +1,5 @@
 testClass=GetServerContextElement_NoContext
 testCategories=export_spec,spec
-testClasspath=<file:lib/qa1-export-servercontext-tests-null.jar>$:<harnessJar>$:<testJar>$:${com.sun.jini.jsk.home}$/lib$/jsk-platform.jar$:${com.sun.jini.jsk.home}$/lib$/jsk-lib.jar
+testClasspath=<file:lib/qa1-export-servercontext-tests-null.jar>$:${testClasspath}
 com.sun.jini.qa.harness.runkitserver=false 
 com.sun.jini.qa.harness.runjiniserver=false

Modified: river/jtsk/merge/qa/src/com/sun/jini/test/spec/export/servercontext/GetServerContext_NoContext.td
URL: http://svn.apache.org/viewvc/river/jtsk/merge/qa/src/com/sun/jini/test/spec/export/servercontext/GetServerContext_NoContext.td?rev=1290948&r1=1290947&r2=1290948&view=diff
==============================================================================
--- river/jtsk/merge/qa/src/com/sun/jini/test/spec/export/servercontext/GetServerContext_NoContext.td (original)
+++ river/jtsk/merge/qa/src/com/sun/jini/test/spec/export/servercontext/GetServerContext_NoContext.td Sun Feb 19 04:51:20 2012
@@ -1,5 +1,5 @@
 testClass=GetServerContext_NoContext
 testCategories=export_spec,spec
-testClasspath=<file:lib/qa1-export-servercontext-tests-null.jar>$:<harnessJar>$:<testJar>$:${com.sun.jini.jsk.home}$/lib$/jsk-platform.jar$:${com.sun.jini.jsk.home}$/lib$/jsk-lib.jar
+testClasspath=<file:lib/qa1-export-servercontext-tests-null.jar>$:${testClasspath}
 com.sun.jini.qa.harness.runkitserver=false 
 com.sun.jini.qa.harness.runjiniserver=false

Modified: river/jtsk/merge/qa/src/com/sun/jini/test/spec/export/servercontext/GetServerContext_ProvidersParsing.td
URL: http://svn.apache.org/viewvc/river/jtsk/merge/qa/src/com/sun/jini/test/spec/export/servercontext/GetServerContext_ProvidersParsing.td?rev=1290948&r1=1290947&r2=1290948&view=diff
==============================================================================
--- river/jtsk/merge/qa/src/com/sun/jini/test/spec/export/servercontext/GetServerContext_ProvidersParsing.td (original)
+++ river/jtsk/merge/qa/src/com/sun/jini/test/spec/export/servercontext/GetServerContext_ProvidersParsing.td Sun Feb 19 04:51:20 2012
@@ -1,5 +1,5 @@
 testClass=GetServerContext_ProvidersParsing
 testCategories=export_spec,spec
-testClasspath=<file:lib/qa1-export-servercontext-tests-providers-parsing.jar>$:<harnessJar>$:<testJar>$:${com.sun.jini.jsk.home}$/lib$/jsk-platform.jar$:${com.sun.jini.jsk.home}$/lib$/jsk-lib.jar
+testClasspath=<file:lib/qa1-export-servercontext-tests-providers-parsing.jar>$:${testClasspath}
 com.sun.jini.qa.harness.runkitserver=false 
 com.sun.jini.qa.harness.runjiniserver=false

Modified: river/jtsk/merge/qa/src/com/sun/jini/test/spec/export/servercontext/GetServerContext_Providers_NonNull.td
URL: http://svn.apache.org/viewvc/river/jtsk/merge/qa/src/com/sun/jini/test/spec/export/servercontext/GetServerContext_Providers_NonNull.td?rev=1290948&r1=1290947&r2=1290948&view=diff
==============================================================================
--- river/jtsk/merge/qa/src/com/sun/jini/test/spec/export/servercontext/GetServerContext_Providers_NonNull.td (original)
+++ river/jtsk/merge/qa/src/com/sun/jini/test/spec/export/servercontext/GetServerContext_Providers_NonNull.td Sun Feb 19 04:51:20 2012
@@ -1,5 +1,5 @@
 testClass=GetServerContext_Providers_NonNull
 testCategories=export_spec,spec
-testClasspath=<file:lib/qa1-export-servercontext-tests-non-null.jar>$:<harnessJar>$:<testJar>$:${com.sun.jini.jsk.home}$/lib$/jsk-platform.jar$:${com.sun.jini.jsk.home}$/lib$/jsk-lib.jar
+testClasspath=<file:lib/qa1-export-servercontext-tests-non-null.jar>$:${testClasspath}
 com.sun.jini.qa.harness.runkitserver=false 
 com.sun.jini.qa.harness.runjiniserver=false

Modified: river/jtsk/merge/qa/src/com/sun/jini/test/spec/id/uuid/ConstructorAccessorTest.td
URL: http://svn.apache.org/viewvc/river/jtsk/merge/qa/src/com/sun/jini/test/spec/id/uuid/ConstructorAccessorTest.td?rev=1290948&r1=1290947&r2=1290948&view=diff
==============================================================================
--- river/jtsk/merge/qa/src/com/sun/jini/test/spec/id/uuid/ConstructorAccessorTest.td (original)
+++ river/jtsk/merge/qa/src/com/sun/jini/test/spec/id/uuid/ConstructorAccessorTest.td Sun Feb 19 04:51:20 2012
@@ -2,3 +2,4 @@ testClass=ConstructorAccessorTest
 testCategories=id,id_spec
 com.sun.jini.qa.harness.runkitserver=false 
 com.sun.jini.qa.harness.runjiniserver=false
+#testjvmargs=-Djava.security.manager=com.sun.jini.tool.ProfilingSecurityManager

Modified: river/jtsk/merge/qa/src/com/sun/jini/test/spec/io/marshalinputstream/ConstructorAccessorTest.td
URL: http://svn.apache.org/viewvc/river/jtsk/merge/qa/src/com/sun/jini/test/spec/io/marshalinputstream/ConstructorAccessorTest.td?rev=1290948&r1=1290947&r2=1290948&view=diff
==============================================================================
--- river/jtsk/merge/qa/src/com/sun/jini/test/spec/io/marshalinputstream/ConstructorAccessorTest.td (original)
+++ river/jtsk/merge/qa/src/com/sun/jini/test/spec/io/marshalinputstream/ConstructorAccessorTest.td Sun Feb 19 04:51:20 2012
@@ -1,6 +1,6 @@
 testClass=ConstructorAccessorTest
 testCategories=io,io_spec
-testClasspath=<harnessJar>$:<file:lib/qa1-io-marshalinputstream-test.jar>$:${com.sun.jini.jsk.home}$/lib$/jsk-platform.jar$:${com.sun.jini.jsk.home}$/lib$/jsk-lib.jar
+testClasspath=${altClasspath}$:<file:lib/qa1-io-marshalinputstream-test.jar>
 com.sun.jini.qa.harness.runkitserver=false 
 com.sun.jini.qa.harness.runjiniserver=false
 include0=../io.properties



Mime
View raw message