Java > Open Source Codes > test > javax > management > LocalSecurityManagerTest


1 /*
2  * Copyright (C) The MX4J Contributors.
3  * All rights reserved.
4  *
5  * This software is distributed under the terms of the MX4J License version 1.0.
6  * See the terms of the MX4J License in the documentation provided with this software.
7  */
8
9 package test.javax.management;
10
11 import java.security.AllPermission ;
12 import java.security.CodeSource ;
13 import java.security.Permission ;
14 import java.security.PermissionCollection ;
15 import java.security.Permissions ;
16 import java.security.Policy ;
17 import java.security.ProtectionDomain ;
18 import java.security.SecurityPermission ;
19 import java.util.ArrayList ;
20 import java.util.HashMap ;
21 import java.util.Map ;
22 import javax.management.MBeanPermission ;
23 import javax.management.MBeanServer ;
24 import javax.management.MBeanServerDelegate ;
25 import javax.management.MBeanServerFactory ;
26 import javax.management.MBeanServerPermission ;
27 import javax.management.ObjectName ;
28 import javax.management.loading.ClassLoaderRepository ;
29 import javax.management.loading.MLet ;
30
31 import junit.framework.TestCase;
32 import mx4j.log.Log;
33 import mx4j.server.MX4JMBeanServer;
34
35 /**
36  * @version $Revision: 1.5 $
37  */
38 public class LocalSecurityManagerTest extends SecurityManagerTestCase
39 {
40    static
41    {
42       // For the way JUnit works, we have one JVM per test class
43 Policy.setPolicy(new LocalModifiablePolicy());
44       System.setSecurityManager(new SecurityManager ());
45    }
46
47    public LocalSecurityManagerTest(String s)
48    {
49       super(s);
50    }
51
52    protected void setUp() throws Exception
53    {
54       // Be sure we have a security manager and the right policy
55 SecurityManager sm = System.getSecurityManager();
56       if (sm == null) fail();
57       Policy policy = Policy.getPolicy();
58       if (!(policy instanceof LocalModifiablePolicy)) fail();
59       ((LocalModifiablePolicy)policy).initialize();
60    }
61
62    protected void addPermission(Permission p)
63    {
64       LocalModifiablePolicy policy = (LocalModifiablePolicy)Policy.getPolicy();
65       policy.addPermission(p);
66    }
67
68    protected void resetPermissions()
69    {
70       LocalModifiablePolicy policy = (LocalModifiablePolicy)Policy.getPolicy();
71       policy.initialize();
72    }
73
74    public void testNewMBeanServer() throws Exception
75    {
76       try
77       {
78          MBeanServerFactory.newMBeanServer();
79          fail();
80       }
81       catch (SecurityException ignored)
82       {
83       }
84
85       addPermission(new MBeanServerPermission ("newMBeanServer"));
86       MBeanServerFactory.newMBeanServer();
87
88       try
89       {
90          MBeanServerFactory.createMBeanServer();
91          fail();
92       }
93       catch (SecurityException ignored)
94       {
95       }
96    }
97
98    public void testCreateMBeanServer() throws Exception
99    {
100       try
101       {
102          MBeanServerFactory.createMBeanServer();
103          fail();
104       }
105       catch (SecurityException ignored)
106       {
107       }
108
109       addPermission(new MBeanServerPermission ("createMBeanServer"));
110       MBeanServer server = MBeanServerFactory.createMBeanServer();
111       MBeanServerFactory.newMBeanServer();
112
113       try
114       {
115          MBeanServerFactory.releaseMBeanServer(server);
116          fail();
117       }
118       catch (SecurityException ignored)
119       {
120       }
121
122       // Clean up
123 addPermission(new MBeanServerPermission ("releaseMBeanServer"));
124       MBeanServerFactory.releaseMBeanServer(server);
125    }
126
127    public void testReleaseMBeanServer() throws Exception
128    {
129       addPermission(new MBeanServerPermission ("createMBeanServer"));
130       MBeanServer server = MBeanServerFactory.createMBeanServer();
131
132       try
133       {
134          MBeanServerFactory.releaseMBeanServer(server);
135          fail();
136       }
137       catch (SecurityException ignored)
138       {
139       }
140
141       addPermission(new MBeanServerPermission ("releaseMBeanServer"));
142       MBeanServerFactory.releaseMBeanServer(server);
143    }
144
145    public void testReleaseMBeanServer2() throws Exception
146    {
147       addPermission(new MBeanServerPermission ("createMBeanServer, releaseMBeanServer"));
148       MBeanServer server = MBeanServerFactory.createMBeanServer();
149       MBeanServerFactory.releaseMBeanServer(server);
150    }
151
152    public void testFindMBeanServer() throws Exception
153    {
154       addPermission(new MBeanServerPermission ("createMBeanServer"));
155       MBeanServer server = MBeanServerFactory.createMBeanServer();
156
157       try
158       {
159          MBeanServerFactory.findMBeanServer(null);
160          fail();
161       }
162       catch (SecurityException ignored)
163       {
164       }
165
166       addPermission(new MBeanServerPermission ("findMBeanServer"));
167       ArrayList list = MBeanServerFactory.findMBeanServer(null);
168       if (!list.contains(server)) fail();
169
170       // Clean up
171 addPermission(new MBeanServerPermission ("releaseMBeanServer"));
172       MBeanServerFactory.releaseMBeanServer(server);
173    }
174
175    public void testAddRemoveNotificationListener() throws Exception
176    {
177       addPermission(new MBeanServerPermission ("newMBeanServer"));
178       MBeanServer server = MBeanServerFactory.newMBeanServer();
179       testAddRemoveNotificationListener(server);
180    }
181
182    public void testCreateMBean4Params() throws Exception
183    {
184       addPermission(new MBeanServerPermission ("newMBeanServer"));
185       MBeanServer server = MBeanServerFactory.newMBeanServer();
186       testCreateMBean4Params(server);
187    }
188
189    public void testCreateMBean5Params() throws Exception
190    {
191       addPermission(new MBeanServerPermission ("newMBeanServer"));
192       MBeanServer server = MBeanServerFactory.newMBeanServer();
193       testCreateMBean5Params(server);
194    }
195
196    public void testGetAttribute() throws Exception
197    {
198       addPermission(new MBeanServerPermission ("newMBeanServer"));
199       MBeanServer server = MBeanServerFactory.newMBeanServer();
200       testGetAttribute(server);
201    }
202
203    public void testGetAttributes() throws Exception
204    {
205       addPermission(new MBeanServerPermission ("newMBeanServer"));
206       MBeanServer server = MBeanServerFactory.newMBeanServer();
207       testGetAttributes(server);
208    }
209
210    public void testGetDefaultDomain() throws Exception
211    {
212       addPermission(new MBeanServerPermission ("newMBeanServer"));
213       String domain = "simon";
214       MBeanServer server = MBeanServerFactory.newMBeanServer(domain);
215       testGetDefaultDomain(server, domain);
216    }
217
218    public void testGetDomains() throws Exception
219    {
220       addPermission(new MBeanServerPermission ("newMBeanServer"));
221       MBeanServer server = MBeanServerFactory.newMBeanServer();
222       testGetDomains(server);
223    }
224
225    public void testGetMBeanCount() throws Exception
226    {
227       addPermission(new MBeanServerPermission ("newMBeanServer"));
228       MBeanServer server = MBeanServerFactory.newMBeanServer();
229       testGetMBeanCount(server);
230    }
231
232    public void testGetMBeanInfo() throws Exception
233    {
234       addPermission(new MBeanServerPermission ("newMBeanServer"));
235       MBeanServer server = MBeanServerFactory.newMBeanServer();
236       testGetMBeanInfo(server);
237    }
238
239    public void testGetObjectInstance() throws Exception
240    {
241       addPermission(new MBeanServerPermission ("newMBeanServer"));
242       MBeanServer server = MBeanServerFactory.newMBeanServer();
243       testGetObjectInstance(server);
244    }
245
246    public void testInstantiate() throws Exception
247    {
248       addPermission(new MBeanServerPermission ("newMBeanServer"));
249       MBeanServer server = MBeanServerFactory.newMBeanServer();
250
251       String className = "java.lang.String";
252
253       try
254       {
255          server.instantiate(className, null);
256          fail();
257       }
258       catch (SecurityException ignored)
259       {
260       }
261
262       addPermission(new MBeanPermission (className, "instantiate"));
263       server.instantiate(className, null);
264
265       // Check also the overloaded version, we need an MLet
266 String mletClassName = "javax.management.loading.MLet";
267       ObjectName name = new ObjectName (server.getDefaultDomain(), "mbean", "mlet");
268       resetPermissions();
269       addPermission(new MBeanPermission (mletClassName, "instantiate, registerMBean"));
270       addPermission(new RuntimePermission ("createClassLoader"));
271       server.createMBean(mletClassName, name, null);
272
273       try
274       {
275          server.instantiate(className, null);
276          fail();
277       }
278       catch (SecurityException ignored)
279       {
280       }
281
282       addPermission(new MBeanPermission (className, "instantiate"));
283       server.instantiate(className, null);
284    }
285
286    public void testInvoke() throws Exception
287    {
288       addPermission(new MBeanServerPermission ("newMBeanServer"));
289       MBeanServer server = MBeanServerFactory.newMBeanServer();
290       testInvoke(server);
291    }
292
293    public void testIsInstanceOf() throws Exception
294    {
295       addPermission(new MBeanServerPermission ("newMBeanServer"));
296       MBeanServer server = MBeanServerFactory.newMBeanServer();
297       testIsInstanceOf(server);
298    }
299
300    public void testIsRegistered() throws Exception
301    {
302       addPermission(new MBeanServerPermission ("newMBeanServer"));
303       MBeanServer server = MBeanServerFactory.newMBeanServer();
304       testIsRegistered(server);
305    }
306
307    public void testQueryMBeans() throws Exception
308    {
309       addPermission(new MBeanServerPermission ("newMBeanServer"));
310       MBeanServer server = MBeanServerFactory.newMBeanServer();
311       testQueryMBeans(server);
312    }
313
314    public void testQueryNames() throws Exception
315    {
316       addPermission(new MBeanServerPermission ("newMBeanServer"));
317       MBeanServer server = MBeanServerFactory.newMBeanServer();
318       testQueryNames(server);
319    }
320
321    public void testRegisterMBean() throws Exception
322    {
323       addPermission(new MBeanServerPermission ("newMBeanServer"));
324       MBeanServer server = MBeanServerFactory.newMBeanServer();
325
326       MBeanServerDelegate mbean = new MBeanServerDelegate ();
327       ObjectName name = new ObjectName (server.getDefaultDomain(), "name", "test");
328
329       try
330       {
331          server.registerMBean(mbean, name);
332          fail();
333       }
334       catch (SecurityException ignored)
335       {
336       }
337
338       addPermission(new MBeanPermission (mbean.getClass().getName() + "[" + name.getCanonicalName() + "]", "registerMBean"));
339       server.registerMBean(mbean, name);
340    }
341
342    public void testSetAttribute() throws Exception
343    {
344       addPermission(new MBeanServerPermission ("newMBeanServer"));
345       MBeanServer server = MBeanServerFactory.newMBeanServer();
346       testSetAttribute(server);
347    }
348
349    public void testSetAttributes() throws Exception
350    {
351       addPermission(new MBeanServerPermission ("newMBeanServer"));
352       MBeanServer server = MBeanServerFactory.newMBeanServer();
353       testSetAttributes(server);
354    }
355
356    public void testUnregisterMBean() throws Exception
357    {
358       addPermission(new MBeanServerPermission ("newMBeanServer"));
359       MBeanServer server = MBeanServerFactory.newMBeanServer();
360       testUnregisterMBean(server);
361    }
362
363    public void testGetClassLoader() throws Exception
364    {
365       addPermission(new MBeanServerPermission ("newMBeanServer"));
366       MBeanServer server = MBeanServerFactory.newMBeanServer();
367
368       // Needed to create an MLet, which is a ClassLoader
369 addPermission(new RuntimePermission ("createClassLoader"));
370       ObjectName name = new ObjectName (server.getDefaultDomain(), "mbean", "mlet");
371       MLet mlet = new MLet ();
372       addPermission(new MBeanPermission (mlet.getClass().getName(), "registerMBean"));
373       server.registerMBean(mlet, name);
374
375       try
376       {
377          server.getClassLoader(null);
378          fail();
379       }
380       catch (SecurityException ignored)
381       {
382       }
383
384       // Dummy class
385 addPermission(new MBeanPermission ("foo[" + name.getCanonicalName() + "]", "getClassLoader"));
386
387       try
388       {
389          server.getClassLoader(name);
390          fail();
391       }
392       catch (SecurityException ignored)
393       {
394       }
395
396       addPermission(new MBeanPermission (mlet.getClass().getName() + "[" + name.getCanonicalName() + "]", "getClassLoader"));
397       ClassLoader result = server.getClassLoader(name);
398       assertSame(result, mlet);
399    }
400
401    public void testGetClassLoaderFor() throws Exception
402    {
403       addPermission(new MBeanServerPermission ("newMBeanServer"));
404       MBeanServer server = MBeanServerFactory.newMBeanServer();
405       ObjectName delegate = ObjectName.getInstance("JMImplementation", "type", "MBeanServerDelegate");
406       try
407       {
408          server.getClassLoaderFor(delegate);
409          fail();
410       }
411       catch (SecurityException x)
412       {
413       }
414       addPermission(new MBeanPermission ("[" + delegate.getCanonicalName() + "]", "getClassLoaderFor"));
415       ClassLoader loader = server.getClassLoaderFor(delegate);
416       assertNotNull(loader);
417    }
418
419    public void testGetClassLoaderRepository() throws Exception
420    {
421       addPermission(new MBeanServerPermission ("newMBeanServer"));
422       MBeanServer server = MBeanServerFactory.newMBeanServer();
423       try
424       {
425          server.getClassLoaderRepository();
426          fail();
427       }
428       catch (SecurityException x)
429       {
430       }
431       addPermission(new MBeanPermission ("*", "getClassLoaderRepository"));
432       ClassLoaderRepository loader = server.getClassLoaderRepository();
433       assertNotNull(loader);
434    }
435
436    /**
437     * A modifiable policy that allow permissions to be added at runtime, used for tests purposes only.
438     */
439    public static class LocalModifiablePolicy extends Policy
440    {
441       private final ProtectionDomain testDomain;
442       private final Map permissionsMap = new HashMap ();
443
444       public LocalModifiablePolicy()
445       {
446          // Here we still have no security manager installed
447 testDomain = LocalModifiablePolicy.class.getProtectionDomain();
448
449          // Add the permissions needed to run the tests
450 CodeSource junitCodeSource = TestCase.class.getProtectionDomain().getCodeSource();
451          permissionsMap.put(junitCodeSource, createAllPermissions());
452
453          CodeSource mx4jCodeSource = MBeanServerFactory .class.getProtectionDomain().getCodeSource();
454          permissionsMap.put(mx4jCodeSource, createAllPermissions());
455
456          CodeSource implCodeSource = MX4JMBeanServer.class.getProtectionDomain().getCodeSource();
457          permissionsMap.put(implCodeSource, createAllPermissions());
458
459          // In the automated tests, the log classes may be taken from the JSR 160 jars.
460 CodeSource logCodeSource = Log.class.getProtectionDomain().getCodeSource();
461          permissionsMap.put(logCodeSource, createAllPermissions());
462
463          ClassLoader loader = getClass().getClassLoader();
464
465          // BCEL
466 try
467          {
468             Class cls = loader.loadClass("org.apache.bcel.generic.Type");
469             CodeSource bcelCodeSource = cls.getProtectionDomain().getCodeSource();
470             permissionsMap.put(bcelCodeSource, createAllPermissions());
471          }
472          catch (ClassNotFoundException ignored)
473          {
474          }
475
476
477          // When we run automated, we need also permissions for Ant jars
478 try
479          {
480             Class cls = loader.loadClass("org.apache.tools.ant.Task");
481             CodeSource antCodeSource = cls.getProtectionDomain().getCodeSource();
482             permissionsMap.put(antCodeSource, createAllPermissions());
483             cls = loader.loadClass("org.apache.tools.ant.taskdefs.optional.junit.JUnitTask");
484             antCodeSource = cls.getProtectionDomain().getCodeSource();
485             permissionsMap.put(antCodeSource, createAllPermissions());
486          }
487          catch (ClassNotFoundException ignored)
488          {
489          }
490
491          initialize();
492       }
493
494       private Permissions createAllPermissions()
495       {
496          Permissions allPermissions = new Permissions ();
497          allPermissions.add(new AllPermission ());
498          return allPermissions;
499       }
500
501       public PermissionCollection getPermissions(CodeSource codesource)
502       {
503          Permissions permissions = (Permissions )permissionsMap.get(codesource);
504          if (permissions == null)
505          {
506             permissions = new Permissions ();
507             permissionsMap.put(codesource, permissions);
508          }
509          return permissions;
510       }
511
512       public void refresh()
513       {
514       }
515
516       /**
517        * For JDK 1.4 overriding this method disables caching of Permissions done by the
518        * standard Policy implementation.
519        * This is done because we install this policy *before* installing the security manager.
520        * By doing so, in JDK 1.4 the permissions granted at the moment of policy installation
521        * (no security manager == AllPermission) are cached and will invalidate all tests, since
522        * they will become unmodifiable.
523        * <p/>
524        * The stack trace is when checking a permission is:
525        * <p/>
526        * SecurityManager.checkPermission()
527        * AccessController.checkPermission()
528        * AccessControlContext.checkPermission()
529        * ProtectionDomain.implies()
530        * LocalModifiablePolicy.implies()
531        */
532       public boolean implies(ProtectionDomain domain, Permission permission)
533       {
534          PermissionCollection perms = getPermissions(domain.getCodeSource());
535          return perms.implies(permission);
536       }
537
538       /**
539        * Adds the given permission to the client (the test in this case) codesource
540        */
541       public void addPermission(Permission p)
542       {
543          Permissions permissions = (Permissions )getPermissions(testDomain.getCodeSource());
544          permissions.add(p);
545       }
546
547       /**
548        * Initializes the permissions for the client (the test in this case) codesource
549        */
550       public synchronized void initialize()
551       {
552          Permissions permissions = new Permissions ();
553          permissions.add(new SecurityPermission ("getPolicy"));
554          permissionsMap.put(testDomain.getCodeSource(), permissions);
555       }
556    }
557 }
558

A to Z: JavaDoc & Examples

---

Daily Java News & Articles

---

Open Source Projects

---

Open Source Codes

---

Free Computer Books

---

Remove Frame

---

Popular Tags