001: /*
002: * Licensed to the Apache Software Foundation (ASF) under one
003: * or more contributor license agreements. See the NOTICE file
004: * distributed with this work for additional information
005: * regarding copyright ownership. The ASF licenses this file
006: * to you under the Apache License, Version 2.0 (the
007: * "License"); you may not use this file except in compliance
008: * with the License. You may obtain a copy of the License at
009: *
010: * http://www.apache.org/licenses/LICENSE-2.0
011: *
012: * Unless required by applicable law or agreed to in writing,
013: * software distributed under the License is distributed on an
014: * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
015: * KIND, either express or implied. See the License for the
016: * specific language governing permissions and limitations
017: * under the License.
018: */
019:
020: package org.apache.axis2.java.security.driver;
021:
022: import junit.framework.Test;
023: import junit.framework.TestCase;
024: import junit.framework.TestSuite;
025: import junit.textui.TestRunner;
026: import org.apache.axis2.java.security.AccessController;
027: import org.apache.axis2.java.security.action.Action;
028: import org.apache.axis2.java.security.less.LessPermission;
029: import org.apache.axis2.java.security.less.LessPermissionAccessControlContext;
030: import org.apache.axis2.java.security.less.LessPermissionPrivilegedExceptionAction;
031: import org.apache.axis2.java.security.more.MorePermission;
032: import org.apache.axis2.java.security.more.MorePermissionAccessControlContext;
033: import org.apache.axis2.java.security.more.MorePermissionPrivilegedExceptionAction;
034: import org.apache.axis2.AbstractTestCase;
035:
036: import java.security.AccessControlException;
037: import java.security.Permission;
038: import java.util.Calendar;
039: import java.util.TimeZone;
040:
041: /**
042: * Java2SecTest demostrates the usages of AccessController class and Policy file(s) while Security Manager is enabled:
043: * 1. testNoPrivilegePassed shows the usage of no AccessController but it still work fine
044: * because it has all the permissions.
045: * 2. testNoPrivilegeFailure shows the usage of AccessController with LessPermission.java,
046: * which is not right approach.
047: * 3. testDoPrivilegePassed shows the correct practice of java 2 security by granting the appropriate
048: * permission in the policy file(s0 and wrapping the AccessController calls with MorePermission.java.
049: * 4. testDoPrivilegeFailure shows the reverse call order of MorePermission and LessPermission
050: * from testDoPrivilegedPassed.
051: * 5. testAccessControlContextFailure shows the AccessContext which contains a no-permission class
052: * on the stack can cause a failure. In our case, the no-permission class is
053: * LessPermissionAccessControlContext.
054: */
055:
056: public class Java2SecTest extends TestCase {
057: // Static variable to keep the test result
058: public static String testResult = "";
059:
060: // Default constructor
061: public Java2SecTest() {
062: super ();
063: System.out.println("\nJava2SecTest ctor 1");
064: Calendar cal = Calendar.getInstance(TimeZone.getDefault());
065: String DATE_FORMAT = "yyyy-MM-dd HH:mm:ss";
066: java.text.SimpleDateFormat sdf = new java.text.SimpleDateFormat(
067: DATE_FORMAT);
068: sdf.setTimeZone(TimeZone.getDefault());
069: System.out.println("Current time => "
070: + sdf.format(cal.getTime()) + "\n");
071: }
072:
073: // Constructor
074: public Java2SecTest(String arg) {
075: super (arg);
076: System.out.println("\nJava2SecTest ctor 2");
077: Calendar cal = Calendar.getInstance(TimeZone.getDefault());
078: String DATE_FORMAT = "yyyy-MM-dd HH:mm:ss";
079: java.text.SimpleDateFormat sdf = new java.text.SimpleDateFormat(
080: DATE_FORMAT);
081: sdf.setTimeZone(TimeZone.getDefault());
082: System.out.println("Current time => "
083: + sdf.format(cal.getTime()) + "\n");
084: }
085:
086: // This method is added for running this test as a pure junit test
087: public static void main(String[] args) {
088: TestRunner.run(suite());
089:
090: }
091:
092: // This method is added for running this test as a pure junit test
093: public static Test suite() {
094: TestSuite suite = new TestSuite(Java2SecTest.class);
095:
096: return suite;
097:
098: }
099:
100: /**
101: * testNoPrivilegedSuccessed
102: */
103:
104: public void testNoPrivilegeSuccessed() throws Exception {
105: Java2SecTest.testResult = "testNoPrivilegeSuccessed failed.";
106: SecurityManager oldSM = null;
107: String expectedString = "This line is from public.txt.";
108:
109: System.out.println("\ntestNoPrivilegedSuccessed() begins");
110: // Check whether the security manager is enabled or not.
111: // If not, turn it on
112: oldSM = System.getSecurityManager();
113: if (oldSM != null) {
114: System.out.println("\nSecurity Manager is enabled.");
115: } else {
116: System.out.println("\nSecurity Manager is disabled.");
117: System.out
118: .println("Enabling the default Java Security Manager");
119: System.setSecurityManager(new SecurityManager());
120: }
121:
122: // Run test WITHOUT AccessController.doPrivileged wrapper
123: Action dp = new Action("public/public.txt");
124: MorePermission mp = new MorePermission(dp, false);
125: LessPermission lp = new LessPermission(mp, false);
126: lp.takeAction();
127:
128: // Disable security manager if it is enabled by this testcsae
129: if (System.getSecurityManager() != null && oldSM == null) {
130: System.setSecurityManager(null);
131: if (System.getSecurityManager() == null) {
132: System.out
133: .println("Security Manager is successfully disabled.");
134: } else {
135: System.out.println("Security Manager is still enabled");
136: }
137: }
138: // Remove extra characters within the result string
139: testResult = testResult.replaceAll("\\r", "");
140: testResult = testResult.replaceAll("\\n", "");
141: System.out.println("Resulting string is " + testResult);
142:
143: // Verify the test result by comparing the test result with expected string
144: assertTrue("The string contents do not match.", expectedString
145: .equalsIgnoreCase(testResult));
146:
147: System.out.println("\ntestNoPrivilegedSuccessed() ends\n\n");
148: }
149:
150: /**
151: * testNoPrivilegedFailure
152: */
153:
154: public void testNoPrivilegeFailure() throws Exception {
155: Java2SecTest.testResult = "testNoPrivilegeFailure failed.";
156: SecurityManager oldSM = null;
157:
158: System.out.println("\ntestNoPrivilegedFailured() begins");
159: // Check whether the security is enable or not.
160: // if it is not enabled, turn it on
161: oldSM = System.getSecurityManager();
162: if (oldSM != null) {
163: System.out.println("\nSecurity Manager is enabled.");
164: } else {
165: System.out.println("\nSecurity Manager is disabled.");
166: System.out.println("Enabling the default Security Manager");
167: System.setSecurityManager(new SecurityManager());
168: }
169: // Run test with AccessController.doPrivilege wrapper
170: Action dp = new Action("private/private.txt");
171: MorePermission mp = new MorePermission(dp, false);
172: LessPermission lp = new LessPermission(mp, false);
173: try {
174: lp.takeAction();
175: } catch (Exception e) {
176: // verify the test result
177: assertTrue("It is not the security exception.",
178: (e instanceof java.security.AccessControlException));
179: } finally {
180: // Disable security manager if it is enabled by this testcsae
181: if (System.getSecurityManager() != null && oldSM == null) {
182: System.setSecurityManager(null);
183: if (System.getSecurityManager() == null) {
184: System.out
185: .println("Security Manager is successfully disabled.");
186: } else {
187: System.out
188: .println("Security Manager is still enabled");
189: }
190: }
191: System.out.println("\ntesNoPrivilegedFailure() ends\n\n");
192: }
193: }
194:
195: /**
196: * testDoPrivilegedSuccessed
197: */
198:
199: public void testDoPrivilegeSuccessed() throws Exception {
200: Java2SecTest.testResult = "testDoPrivilegeSuccessed failed.";
201: SecurityManager oldSM = null;
202: String expectedString = "This line is from private.txt.";
203:
204: System.out.println("\ntestDoPrivilegedSuccessed() begins");
205: // Check whether the security is enable or not.
206: // If it is not enabled, turn it on
207: oldSM = System.getSecurityManager();
208: if (oldSM != null) {
209: System.out.println("\nSecurity Manager is enabled.");
210: } else {
211: System.out.println("\nSecurity Manager is disabled.");
212: System.out
213: .println("Enabling the default Java Security Manager");
214: System.setSecurityManager(new SecurityManager());
215: }
216:
217: // Run test with AccessController.doPrivilege
218: Action dp = new Action("private/private.txt");
219: MorePermission mp = new MorePermission(dp, true);
220: LessPermission lp = new LessPermission(mp, false);
221: lp.takeAction();
222:
223: // Disable security manager if it is enabled by this testcsae
224: if (System.getSecurityManager() != null && oldSM == null) {
225: System.setSecurityManager(null);
226: if (System.getSecurityManager() == null) {
227: System.out
228: .println("Security Manager is successfully disabled.");
229: } else {
230: System.out.println("Security Manager is still enabled");
231: }
232: }
233:
234: // Remove extra characters within the result string
235: testResult = testResult.replaceAll("\\r", "");
236: testResult = testResult.replaceAll("\\n", "");
237: System.out.println("Resulting string is " + testResult);
238:
239: // Verify the test result by comparing the test result with expected string
240: assertTrue("The string contents do not match.", expectedString
241: .equalsIgnoreCase(testResult));
242: System.out.println("\ntestDoPrivilegedSuccessed() ends\n\n");
243: }
244:
245: /**
246: * testDoPrivilegedFailure
247: */
248:
249: public void testDoPrivilegeFailure() throws Exception {
250: Java2SecTest.testResult = "testDoPrivilegeFailure failed.";
251: SecurityManager oldSM = null;
252: String expectedString = "This line is from private.txt.";
253:
254: System.out.println("\ntestDoPrivilegedFailure() begins");
255: // Check whether the security is enable or not.
256: // If it is not enabled, turn it on
257: oldSM = System.getSecurityManager();
258: if (oldSM != null) {
259: System.out.println("\nSecurity Manager is enabled.");
260: } else {
261: System.out.println("\nSecurity Manager is disabled.");
262: System.out
263: .println("Enabling the default Java Security Manager");
264: System.setSecurityManager(new SecurityManager());
265: }
266:
267: // Run test with AccessController.doPrivilege
268: Action dp = new Action("private/private.txt");
269: MorePermission mp = new MorePermission(dp, false);
270: LessPermission lp = new LessPermission(mp, true);
271: try {
272: mp.takeAction();
273: } catch (Exception e) {
274: // Verify the test result
275: assertTrue("It is not the security exception.",
276: (e instanceof java.security.AccessControlException));
277:
278: } finally {
279: // Disable security manager if it is enabled by this testcsae
280: if (System.getSecurityManager() != null && oldSM == null) {
281: System.setSecurityManager(null);
282: if (System.getSecurityManager() == null) {
283: System.out
284: .println("Security Manager is successfully disabled.");
285: } else {
286: System.out
287: .println("Security Manager is still enabled");
288: }
289: }
290: System.out.println("\ntestDoPrivilegedFailure() ends\n\n");
291: }
292: }
293:
294: /**
295: * testAccessControlContextFailure
296: */
297:
298: public void testAccessControlContextFailure() throws Exception {
299: Java2SecTest.testResult = "testAccessControlContextFailure failed.";
300: SecurityManager oldSM = null;
301: String expectedString = "This line is from private.txt.";
302:
303: System.out
304: .println("\ntestAccessControlContextFailure() begins");
305: // Check whether the security is enable or not.
306: // If it is not enabled, turn it on
307: oldSM = System.getSecurityManager();
308: if (oldSM != null) {
309: System.out.println("\nSecurity Manager is enabled.");
310: } else {
311: System.out.println("\nSecurity Manager is disabled.");
312: System.out
313: .println("Enabling the default Java Security Manager");
314: System.setSecurityManager(new SecurityManager());
315: }
316:
317: // Run test with AccessController.doPrivilege
318: Action dp = new Action("private/private.txt");
319: MorePermissionAccessControlContext mp = new MorePermissionAccessControlContext(
320: dp, false);
321: LessPermissionAccessControlContext lp = new LessPermissionAccessControlContext(
322: mp, true);
323: try {
324: lp.takeAction();
325: } catch (Exception e) {
326: // Verify the test result
327: assertTrue("It is not the security exception.",
328: (e instanceof java.security.AccessControlException));
329:
330: } finally {
331: // Disable security manager if it is enabled by this testcsae
332: if (System.getSecurityManager() != null && oldSM == null) {
333: System.setSecurityManager(null);
334: if (System.getSecurityManager() == null) {
335: System.out
336: .println("Security Manager is successfully disabled.");
337: } else {
338: System.out
339: .println("Security Manager is still enabled");
340: }
341: }
342: System.out
343: .println("\ntestAccessControlContextFailure() ends\n\n");
344: }
345: }
346:
347: // 2 begins
348:
349: /**
350: * testPrivilegedExceptionActionSuccessed
351: */
352:
353: public void testPrivilegedExceptionSuccessed() throws Exception {
354: Java2SecTest.testResult = "testPrivielgedExceptionSuccessed failed";
355: SecurityManager oldSM = null;
356: String expectedString = "This line is from private.txt.";
357:
358: System.out
359: .println("\ntestPrivilegedExceptionActionSuccessed() begins");
360: // Check whether the security is enable or not.
361: // If it is not enabled, turn it on
362: oldSM = System.getSecurityManager();
363: if (oldSM != null) {
364: System.out.println("\nSecurity Manager is enabled.");
365: } else {
366: System.out.println("\nSecurity Manager is disabled.");
367: System.out
368: .println("Enabling the default Java Security Manager");
369: System.setSecurityManager(new SecurityManager());
370: }
371:
372: // Run test with AccessController.doPrivilege
373: Action dp = new Action("private/private.txt");
374: MorePermissionPrivilegedExceptionAction mp = new MorePermissionPrivilegedExceptionAction(
375: dp, true);
376: LessPermissionPrivilegedExceptionAction lp = new LessPermissionPrivilegedExceptionAction(
377: mp, false);
378: lp.takeAction();
379:
380: // Disable security manager if it is enabled by this testcsae
381: if (System.getSecurityManager() != null && oldSM == null) {
382: System.setSecurityManager(null);
383: if (System.getSecurityManager() == null) {
384: System.out
385: .println("Security Manager is successfully disabled.");
386: } else {
387: System.out.println("Security Manager is still enabled");
388: }
389: }
390:
391: // Remove extra characters within the result string
392: testResult = testResult.replaceAll("\\r", "");
393: testResult = testResult.replaceAll("\\n", "");
394: System.out.println("testDoPrivilege's result string is "
395: + testResult);
396:
397: // Verify the test result by comparing the test result with expected string
398: assertTrue("The string contents do not match.", expectedString
399: .equalsIgnoreCase(testResult));
400: System.out.println("\ntestDoPrivilegeSuccessed() ends\n\n");
401: }
402:
403: /**
404: * testPrivilegedExceptionActionFailure
405: */
406:
407: public void testPrivilegedExceptionActionFailure() throws Exception {
408: Java2SecTest.testResult = "testPrivilegedExceptionActionFailure failed.";
409: SecurityManager oldSM = null;
410: String expectedString = "This line is from private.txt.";
411:
412: System.out
413: .println("\ntestPrivilegedExceptionActionFailure() begins");
414: // Check whether the security is enable or not.
415: // If it is not enabled, turn it on
416: oldSM = System.getSecurityManager();
417: if (oldSM != null) {
418: System.out.println("\nSecurity Manager is enabled.");
419: } else {
420: System.out.println("\nSecurity Manager is disabled.");
421: System.out
422: .println("Enabling the default Java Security Manager");
423: System.setSecurityManager(new SecurityManager());
424: }
425:
426: // Run test with AccessController.doPrivilege
427: Action dp = new Action("private/private.txt");
428: MorePermissionPrivilegedExceptionAction mp = new MorePermissionPrivilegedExceptionAction(
429: dp, false);
430: LessPermissionPrivilegedExceptionAction lp = new LessPermissionPrivilegedExceptionAction(
431: mp, true);
432: try {
433: mp.takeAction();
434: } catch (Exception e) {
435: // Verify the test result
436: assertTrue(
437: "It is not the security exception.",
438: (e instanceof java.security.PrivilegedActionException));
439: } finally {
440: // Disable security manager if it is enabled by this testcsae
441: if (System.getSecurityManager() != null && oldSM == null) {
442: System.setSecurityManager(null);
443: if (System.getSecurityManager() == null) {
444: System.out
445: .println("Security Manager is successfully disabled.");
446: } else {
447: System.out
448: .println("Security Manager is still enabled");
449: }
450: }
451: System.out
452: .println("\ntestPrivilegedExceptionActionFailure() ends\n\n");
453: }
454: }
455:
456: /**
457: * testCheckPermissionAllowed
458: */
459:
460: public void testCheckPermissionAllowed() throws Exception {
461: Java2SecTest.testResult = "testCheckPermissionAllowed failed.";
462: SecurityManager oldSM = null;
463:
464: System.out.println("\ntestCheckPermissionAllowed() begins.\n");
465: boolean allowed = false;
466: String fileName = "public/public.txt";
467:
468: oldSM = System.getSecurityManager();
469: if (oldSM != null) {
470: System.out.println("\nSecurity Manager is enabled.");
471: } else {
472: System.out.println("\nSecurity Manager is disabled.");
473: System.out
474: .println("Enabling the default Java Security Manager");
475: System.setSecurityManager(new SecurityManager());
476: }
477:
478: try {
479: // Print out maven's base,build, and test direcotories
480: String baseDir = AbstractTestCase.basedir;
481: System.out.println("basedir => " + baseDir);
482: // Convert the \ (back slash) to / (forward slash)
483: String baseDirM = baseDir.replace('\\', '/');
484: System.out.println("baseDirM => " + baseDirM);
485: String fs = "/";
486:
487: // Build the file URL
488: String fileURL = baseDirM + fs + "test-resources" + fs
489: + "java2javaec" + fs + fileName;
490: Permission perm = new java.io.FilePermission(fileURL,
491: "read");
492: AccessController.checkPermission(perm);
493: allowed = true;
494: } catch (Exception e) {
495: if (e instanceof AccessControlException) {
496: e.printStackTrace(System.out);
497: }
498: } finally {
499: assertTrue(
500: "Accessing to public.txt file is denied; Test failed.",
501: allowed);
502: // Disable security manager if it is enabled by this testcsae
503: if (System.getSecurityManager() != null && oldSM == null) {
504: System.setSecurityManager(null);
505: if (System.getSecurityManager() == null) {
506: System.out
507: .println("Security Manager is successfully disabled.");
508: } else {
509: System.out
510: .println("Security Manager is still enabled");
511: }
512: }
513: System.out
514: .println("\ntestCheckPermissionAllowed() ends.\n");
515: }
516:
517: }
518:
519: /**
520: * testCheckPermissionDenied
521: */
522:
523: public void testCheckPermissionDenied() throws Exception {
524: Java2SecTest.testResult = "testCheckPermissionDenied failed";
525: SecurityManager oldSM = null;
526:
527: System.out.println("\ntestCheckPermissionDenied() begins.\n");
528: boolean denied = true;
529: String fileName = "private/private.txt";
530:
531: oldSM = System.getSecurityManager();
532: if (oldSM != null) {
533: System.out.println("\nSecurity Manager is enabled.");
534: } else {
535: System.out.println("\nSecurity Manager is disabled.");
536: System.out
537: .println("Enabling the default Java Security Manager");
538: System.setSecurityManager(new SecurityManager());
539: }
540:
541: try {
542: // Print out maven's base,build, and test direcotories
543: String baseDir = AbstractTestCase.basedir;
544: System.out.println("basedir => " + baseDir);
545:
546: // Convert the \ (back slash) to / (forward slash)
547: String baseDirM = baseDir.replace('\\', '/');
548: System.out.println("baseDirM => " + baseDirM);
549:
550: String fs = "/";
551:
552: // Build the file URL
553: String fileURL = baseDirM + fs + "test-resources" + fs
554: + "java2javaec" + fs + fileName;
555: Permission perm = new java.io.FilePermission(fileURL,
556: "read");
557: AccessController.checkPermission(perm);
558: denied = false;
559: } catch (Exception e) {
560: if (!(e instanceof AccessControlException)) {
561: denied = false;
562: }
563: e.printStackTrace(System.out);
564: } finally {
565: assertTrue(
566: "Accessing to private.txt file is allowed; Test failed.",
567: denied);
568:
569: // Disable security manager if it is enabled by this testcsae
570: if (System.getSecurityManager() != null && oldSM == null) {
571: System.setSecurityManager(null);
572: if (System.getSecurityManager() == null) {
573: System.out
574: .println("Security Manager is successfully disabled.");
575: } else {
576: System.out
577: .println("Security Manager is still enabled");
578: }
579: }
580: System.out.println("\ntestCheckPermissionDenied() ends.\n");
581: }
582: }
583: }
|