1 8 9 package test.javax.management; 10 11 import java.security.AllPermission ; 12 import java.security.CodeSource ; 13 import java.security.Permission ; 14 import java.security.PermissionCollection ; 15 import java.security.Permissions ; 16 import java.security.Policy ; 17 import java.security.ProtectionDomain ; 18 import java.security.SecurityPermission ; 19 import java.util.ArrayList ; 20 import java.util.HashMap ; 21 import java.util.Map ; 22 import javax.management.MBeanPermission ; 23 import javax.management.MBeanServer ; 24 import javax.management.MBeanServerDelegate ; 25 import javax.management.MBeanServerFactory ; 26 import javax.management.MBeanServerPermission ; 27 import javax.management.ObjectName ; 28 import javax.management.loading.ClassLoaderRepository ; 29 import javax.management.loading.MLet ; 30 31 import junit.framework.TestCase; 32 import mx4j.log.Log; 33 import mx4j.server.MX4JMBeanServer; 34 35 38 public class LocalSecurityManagerTest extends SecurityManagerTestCase 39 { 40 static 41 { 42 Policy.setPolicy(new LocalModifiablePolicy()); 44 System.setSecurityManager(new SecurityManager ()); 45 } 46 47 public LocalSecurityManagerTest(String s) 48 { 49 super(s); 50 } 51 52 protected void setUp() throws Exception 53 { 54 SecurityManager sm = System.getSecurityManager(); 56 if (sm == null) fail(); 57 Policy policy = Policy.getPolicy(); 58 if (!(policy instanceof LocalModifiablePolicy)) fail(); 59 ((LocalModifiablePolicy)policy).initialize(); 60 } 61 62 protected void addPermission(Permission p) 63 { 64 LocalModifiablePolicy policy = (LocalModifiablePolicy)Policy.getPolicy(); 65 policy.addPermission(p); 66 } 67 68 protected void resetPermissions() 69 { 70 LocalModifiablePolicy policy = (LocalModifiablePolicy)Policy.getPolicy(); 71 policy.initialize(); 72 } 73 74 public void testNewMBeanServer() throws Exception 75 { 76 try 77 { 78 MBeanServerFactory.newMBeanServer(); 79 fail(); 80 } 81 catch (SecurityException ignored) 82 { 83 } 84 85 addPermission(new MBeanServerPermission ("newMBeanServer")); 86 MBeanServerFactory.newMBeanServer(); 87 88 try 89 { 90 MBeanServerFactory.createMBeanServer(); 91 fail(); 92 } 93 catch (SecurityException ignored) 94 { 95 } 96 } 97 98 public void testCreateMBeanServer() throws Exception 99 { 100 try 101 { 102 MBeanServerFactory.createMBeanServer(); 103 fail(); 104 } 105 catch (SecurityException ignored) 106 { 107 } 108 109 addPermission(new MBeanServerPermission ("createMBeanServer")); 110 MBeanServer server = MBeanServerFactory.createMBeanServer(); 111 MBeanServerFactory.newMBeanServer(); 112 113 try 114 { 115 MBeanServerFactory.releaseMBeanServer(server); 116 fail(); 117 } 118 catch (SecurityException ignored) 119 { 120 } 121 122 addPermission(new MBeanServerPermission ("releaseMBeanServer")); 124 MBeanServerFactory.releaseMBeanServer(server); 125 } 126 127 public void testReleaseMBeanServer() throws Exception 128 { 129 addPermission(new MBeanServerPermission ("createMBeanServer")); 130 MBeanServer server = MBeanServerFactory.createMBeanServer(); 131 132 try 133 { 134 MBeanServerFactory.releaseMBeanServer(server); 135 fail(); 136 } 137 catch (SecurityException ignored) 138 { 139 } 140 141 addPermission(new MBeanServerPermission ("releaseMBeanServer")); 142 MBeanServerFactory.releaseMBeanServer(server); 143 } 144 145 public void testReleaseMBeanServer2() throws Exception 146 { 147 addPermission(new MBeanServerPermission ("createMBeanServer, releaseMBeanServer")); 148 MBeanServer server = MBeanServerFactory.createMBeanServer(); 149 MBeanServerFactory.releaseMBeanServer(server); 150 } 151 152 public void testFindMBeanServer() throws Exception 153 { 154 addPermission(new MBeanServerPermission ("createMBeanServer")); 155 MBeanServer server = MBeanServerFactory.createMBeanServer(); 156 157 try 158 { 159 MBeanServerFactory.findMBeanServer(null); 160 fail(); 161 } 162 catch (SecurityException ignored) 163 { 164 } 165 166 addPermission(new MBeanServerPermission ("findMBeanServer")); 167 ArrayList list = MBeanServerFactory.findMBeanServer(null); 168 if (!list.contains(server)) fail(); 169 170 addPermission(new MBeanServerPermission ("releaseMBeanServer")); 172 MBeanServerFactory.releaseMBeanServer(server); 173 } 174 175 public void testAddRemoveNotificationListener() throws Exception 176 { 177 addPermission(new MBeanServerPermission ("newMBeanServer")); 178 MBeanServer server = MBeanServerFactory.newMBeanServer(); 179 testAddRemoveNotificationListener(server); 180 } 181 182 public void testCreateMBean4Params() throws Exception 183 { 184 addPermission(new MBeanServerPermission ("newMBeanServer")); 185 MBeanServer server = MBeanServerFactory.newMBeanServer(); 186 testCreateMBean4Params(server); 187 } 188 189 public void testCreateMBean5Params() throws Exception 190 { 191 addPermission(new MBeanServerPermission ("newMBeanServer")); 192 MBeanServer server = MBeanServerFactory.newMBeanServer(); 193 testCreateMBean5Params(server); 194 } 195 196 public void testGetAttribute() throws Exception 197 { 198 addPermission(new MBeanServerPermission ("newMBeanServer")); 199 MBeanServer server = MBeanServerFactory.newMBeanServer(); 200 testGetAttribute(server); 201 } 202 203 public void testGetAttributes() throws Exception 204 { 205 addPermission(new MBeanServerPermission ("newMBeanServer")); 206 MBeanServer server = MBeanServerFactory.newMBeanServer(); 207 testGetAttributes(server); 208 } 209 210 public void testGetDefaultDomain() throws Exception 211 { 212 addPermission(new MBeanServerPermission ("newMBeanServer")); 213 String domain = "simon"; 214 MBeanServer server = MBeanServerFactory.newMBeanServer(domain); 215 testGetDefaultDomain(server, domain); 216 } 217 218 public void testGetDomains() throws Exception 219 { 220 addPermission(new MBeanServerPermission ("newMBeanServer")); 221 MBeanServer server = MBeanServerFactory.newMBeanServer(); 222 testGetDomains(server); 223 } 224 225 public void testGetMBeanCount() throws Exception 226 { 227 addPermission(new MBeanServerPermission ("newMBeanServer")); 228 MBeanServer server = MBeanServerFactory.newMBeanServer(); 229 testGetMBeanCount(server); 230 } 231 232 public void testGetMBeanInfo() throws Exception 233 { 234 addPermission(new MBeanServerPermission ("newMBeanServer")); 235 MBeanServer server = MBeanServerFactory.newMBeanServer(); 236 testGetMBeanInfo(server); 237 } 238 239 public void testGetObjectInstance() throws Exception 240 { 241 addPermission(new MBeanServerPermission ("newMBeanServer")); 242 MBeanServer server = MBeanServerFactory.newMBeanServer(); 243 testGetObjectInstance(server); 244 } 245 246 public void testInstantiate() throws Exception 247 { 248 addPermission(new MBeanServerPermission ("newMBeanServer")); 249 MBeanServer server = MBeanServerFactory.newMBeanServer(); 250 251 String className = "java.lang.String"; 252 253 try 254 { 255 server.instantiate(className, null); 256 fail(); 257 } 258 catch (SecurityException ignored) 259 { 260 } 261 262 addPermission(new MBeanPermission (className, "instantiate")); 263 server.instantiate(className, null); 264 265 String mletClassName = "javax.management.loading.MLet"; 267 ObjectName name = new ObjectName (server.getDefaultDomain(), "mbean", "mlet"); 268 resetPermissions(); 269 addPermission(new MBeanPermission (mletClassName, "instantiate, registerMBean")); 270 addPermission(new RuntimePermission ("createClassLoader")); 271 server.createMBean(mletClassName, name, null); 272 273 try 274 { 275 server.instantiate(className, null); 276 fail(); 277 } 278 catch (SecurityException ignored) 279 { 280 } 281 282 addPermission(new MBeanPermission (className, "instantiate")); 283 server.instantiate(className, null); 284 } 285 286 public void testInvoke() throws Exception 287 { 288 addPermission(new MBeanServerPermission ("newMBeanServer")); 289 MBeanServer server = MBeanServerFactory.newMBeanServer(); 290 testInvoke(server); 291 } 292 293 public void testIsInstanceOf() throws Exception 294 { 295 addPermission(new MBeanServerPermission ("newMBeanServer")); 296 MBeanServer server = MBeanServerFactory.newMBeanServer(); 297 testIsInstanceOf(server); 298 } 299 300 public void testIsRegistered() throws Exception 301 { 302 addPermission(new MBeanServerPermission ("newMBeanServer")); 303 MBeanServer server = MBeanServerFactory.newMBeanServer(); 304 testIsRegistered(server); 305 } 306 307 public void testQueryMBeans() throws Exception 308 { 309 addPermission(new MBeanServerPermission ("newMBeanServer")); 310 MBeanServer server = MBeanServerFactory.newMBeanServer(); 311 testQueryMBeans(server); 312 } 313 314 public void testQueryNames() throws Exception 315 { 316 addPermission(new MBeanServerPermission ("newMBeanServer")); 317 MBeanServer server = MBeanServerFactory.newMBeanServer(); 318 testQueryNames(server); 319 } 320 321 public void testRegisterMBean() throws Exception 322 { 323 addPermission(new MBeanServerPermission ("newMBeanServer")); 324 MBeanServer server = MBeanServerFactory.newMBeanServer(); 325 326 MBeanServerDelegate mbean = new MBeanServerDelegate (); 327 ObjectName name = new ObjectName (server.getDefaultDomain(), "name", "test"); 328 329 try 330 { 331 server.registerMBean(mbean, name); 332 fail(); 333 } 334 catch (SecurityException ignored) 335 { 336 } 337 338 addPermission(new MBeanPermission (mbean.getClass().getName() + "[" + name.getCanonicalName() + "]", "registerMBean")); 339 server.registerMBean(mbean, name); 340 } 341 342 public void testSetAttribute() throws Exception 343 { 344 addPermission(new MBeanServerPermission ("newMBeanServer")); 345 MBeanServer server = MBeanServerFactory.newMBeanServer(); 346 testSetAttribute(server); 347 } 348 349 public void testSetAttributes() throws Exception 350 { 351 addPermission(new MBeanServerPermission ("newMBeanServer")); 352 MBeanServer server = MBeanServerFactory.newMBeanServer(); 353 testSetAttributes(server); 354 } 355 356 public void testUnregisterMBean() throws Exception 357 { 358 addPermission(new MBeanServerPermission ("newMBeanServer")); 359 MBeanServer server = MBeanServerFactory.newMBeanServer(); 360 testUnregisterMBean(server); 361 } 362 363 public void testGetClassLoader() throws Exception 364 { 365 addPermission(new MBeanServerPermission ("newMBeanServer")); 366 MBeanServer server = MBeanServerFactory.newMBeanServer(); 367 368 addPermission(new RuntimePermission ("createClassLoader")); 370 ObjectName name = new ObjectName (server.getDefaultDomain(), "mbean", "mlet"); 371 MLet mlet = new MLet (); 372 addPermission(new MBeanPermission (mlet.getClass().getName(), "registerMBean")); 373 server.registerMBean(mlet, name); 374 375 try 376 { 377 server.getClassLoader(null); 378 fail(); 379 } 380 catch (SecurityException ignored) 381 { 382 } 383 384 addPermission(new MBeanPermission ("foo[" + name.getCanonicalName() + "]", "getClassLoader")); 386 387 try 388 { 389 server.getClassLoader(name); 390 fail(); 391 } 392 catch (SecurityException ignored) 393 { 394 } 395 396 addPermission(new MBeanPermission (mlet.getClass().getName() + "[" + name.getCanonicalName() + "]", "getClassLoader")); 397 ClassLoader result = server.getClassLoader(name); 398 assertSame(result, mlet); 399 } 400 401 public void testGetClassLoaderFor() throws Exception 402 { 403 addPermission(new MBeanServerPermission ("newMBeanServer")); 404 MBeanServer server = MBeanServerFactory.newMBeanServer(); 405 ObjectName delegate = ObjectName.getInstance("JMImplementation", "type", "MBeanServerDelegate"); 406 try 407 { 408 server.getClassLoaderFor(delegate); 409 fail(); 410 } 411 catch (SecurityException x) 412 { 413 } 414 addPermission(new MBeanPermission ("[" + delegate.getCanonicalName() + "]", "getClassLoaderFor")); 415 ClassLoader loader = server.getClassLoaderFor(delegate); 416 assertNotNull(loader); 417 } 418 419 public void testGetClassLoaderRepository() throws Exception 420 { 421 addPermission(new MBeanServerPermission ("newMBeanServer")); 422 MBeanServer server = MBeanServerFactory.newMBeanServer(); 423 try 424 { 425 server.getClassLoaderRepository(); 426 fail(); 427 } 428 catch (SecurityException x) 429 { 430 } 431 addPermission(new MBeanPermission ("*", "getClassLoaderRepository")); 432 ClassLoaderRepository loader = server.getClassLoaderRepository(); 433 assertNotNull(loader); 434 } 435 436 439 public static class LocalModifiablePolicy extends Policy 440 { 441 private final ProtectionDomain testDomain; 442 private final Map permissionsMap = new HashMap (); 443 444 public LocalModifiablePolicy() 445 { 446 testDomain = LocalModifiablePolicy.class.getProtectionDomain(); 448 449 CodeSource junitCodeSource = TestCase.class.getProtectionDomain().getCodeSource(); 451 permissionsMap.put(junitCodeSource, createAllPermissions()); 452 453 CodeSource mx4jCodeSource = MBeanServerFactory .class.getProtectionDomain().getCodeSource(); 454 permissionsMap.put(mx4jCodeSource, createAllPermissions()); 455 456 CodeSource implCodeSource = MX4JMBeanServer.class.getProtectionDomain().getCodeSource(); 457 permissionsMap.put(implCodeSource, createAllPermissions()); 458 459 CodeSource logCodeSource = Log.class.getProtectionDomain().getCodeSource(); 461 permissionsMap.put(logCodeSource, createAllPermissions()); 462 463 ClassLoader loader = getClass().getClassLoader(); 464 465 try 467 { 468 Class cls = loader.loadClass("org.apache.bcel.generic.Type"); 469 CodeSource bcelCodeSource = cls.getProtectionDomain().getCodeSource(); 470 permissionsMap.put(bcelCodeSource, createAllPermissions()); 471 } 472 catch (ClassNotFoundException ignored) 473 { 474 } 475 476 477 try 479 { 480 Class cls = loader.loadClass("org.apache.tools.ant.Task"); 481 CodeSource antCodeSource = cls.getProtectionDomain().getCodeSource(); 482 permissionsMap.put(antCodeSource, createAllPermissions()); 483 cls = loader.loadClass("org.apache.tools.ant.taskdefs.optional.junit.JUnitTask"); 484 antCodeSource = cls.getProtectionDomain().getCodeSource(); 485 permissionsMap.put(antCodeSource, createAllPermissions()); 486 } 487 catch (ClassNotFoundException ignored) 488 { 489 } 490 491 initialize(); 492 } 493 494 private Permissions createAllPermissions() 495 { 496 Permissions allPermissions = new Permissions (); 497 allPermissions.add(new AllPermission ()); 498 return allPermissions; 499 } 500 501 public PermissionCollection getPermissions(CodeSource codesource) 502 { 503 Permissions permissions = (Permissions )permissionsMap.get(codesource); 504 if (permissions == null) 505 { 506 permissions = new Permissions (); 507 permissionsMap.put(codesource, permissions); 508 } 509 return permissions; 510 } 511 512 public void refresh() 513 { 514 } 515 516 532 public boolean implies(ProtectionDomain domain, Permission permission) 533 { 534 PermissionCollection perms = getPermissions(domain.getCodeSource()); 535 return perms.implies(permission); 536 } 537 538 541 public void addPermission(Permission p) 542 { 543 Permissions permissions = (Permissions )getPermissions(testDomain.getCodeSource()); 544 permissions.add(p); 545 } 546 547 550 public synchronized void initialize() 551 { 552 Permissions permissions = new Permissions (); 553 permissions.add(new SecurityPermission ("getPolicy")); 554 permissionsMap.put(testDomain.getCodeSource(), permissions); 555 } 556 } 557 } 558 | Popular Tags |