001: /* Licensed to the Apache Software Foundation (ASF) under one or more
002: * contributor license agreements. See the NOTICE file distributed with
003: * this work for additional information regarding copyright ownership.
004: * The ASF licenses this file to You under the Apache License, Version 2.0
005: * (the "License"); you may not use this file except in compliance with
006: * the License. You may obtain a copy of the License at
007: *
008: * http://www.apache.org/licenses/LICENSE-2.0
009: *
010: * Unless required by applicable law or agreed to in writing, software
011: * distributed under the License is distributed on an "AS IS" BASIS,
012: * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
013: * See the License for the specific language governing permissions and
014: * limitations under the License.
015: */
016:
017: package org.apache.harmony.luni.tests.java.lang;
018:
019: import java.io.File;
020: import java.io.FileDescriptor;
021: import java.io.FilePermission;
022: import java.net.InetAddress;
023: import java.net.SocketPermission;
024: import java.net.UnknownHostException;
025: import java.security.AccessControlContext;
026: import java.security.AllPermission;
027: import java.security.Permission;
028: import java.security.ProtectionDomain;
029: import java.security.Security;
030:
031: import junit.framework.TestCase;
032: import tests.support.Support_Exec;
033:
034: /**
035: * Test case for java.lang.SecurityManager
036: */
037: public class SecurityManagerTest extends TestCase {
038: MutableSecurityManager mutableSM = null;
039:
040: MockSecurityManager mockSM = null;
041:
042: SecurityManager originalSM = null;
043:
044: /**
045: * @tests java.lang.SecurityManager#checkPackageAccess(String)
046: */
047: public void test_checkPackageAccessLjava_lang_String() {
048: final String old = Security.getProperty("package.access");
049: Security.setProperty("package.access", "a.,bbb, c.d.");
050:
051: mutableSM.denyPermission(new RuntimePermission(
052: "accessClassInPackage.*"));
053:
054: try {
055: mutableSM.checkPackageAccess("z.z.z");
056: mutableSM.checkPackageAccess("aa");
057: mutableSM.checkPackageAccess("bb");
058: mutableSM.checkPackageAccess("c");
059:
060: try {
061: mutableSM.checkPackageAccess("a");
062: fail("This should throw a SecurityException.");
063: } catch (SecurityException ok) {
064: }
065:
066: try {
067: mutableSM.checkPackageAccess("bbb");
068: fail("This should throw a SecurityException.");
069: } catch (SecurityException ok) {
070: }
071:
072: try {
073: mutableSM.checkPackageAccess("c.d.e");
074: fail("This should throw a SecurityException.");
075: } catch (SecurityException ok) {
076: }
077:
078: Security.setProperty("package.access", "QWERTY");
079: mutableSM.checkPackageAccess("a");
080: mutableSM.checkPackageAccess("qwerty");
081: try {
082: mutableSM.checkPackageAccess("QWERTY");
083: fail("This should throw a SecurityException.");
084: } catch (SecurityException ok) {
085: }
086:
087: } finally {
088: Security.setProperty("package.access", old == null ? ""
089: : old);
090: }
091: }
092:
093: /**
094: * @tests java.lang.SecurityManager#checkPackageDefinition(String)
095: */
096: public void test_checkPackageDefinitionLjava_lang_String() {
097: final String old = Security.getProperty("package.definition");
098: Security.setProperty("package.definition", "a.,bbb, c.d.");
099:
100: mutableSM.denyPermission(new RuntimePermission(
101: "defineClassInPackage.*"));
102:
103: try {
104: mutableSM.checkPackageDefinition("z.z.z");
105: mutableSM.checkPackageDefinition("aa");
106: mutableSM.checkPackageDefinition("bb");
107: mutableSM.checkPackageDefinition("c");
108:
109: try {
110: mutableSM.checkPackageDefinition("a");
111: fail("This should throw a SecurityException.");
112: } catch (SecurityException ok) {
113: }
114:
115: try {
116: mutableSM.checkPackageDefinition("bbb");
117: fail("This should throw a SecurityException.");
118: } catch (SecurityException ok) {
119: }
120:
121: try {
122: mutableSM.checkPackageDefinition("c.d.e");
123: fail("This should throw a SecurityException.");
124: } catch (SecurityException ok) {
125: }
126:
127: Security.setProperty("package.definition", "QWERTY");
128: mutableSM.checkPackageDefinition("a");
129: mutableSM.checkPackageDefinition("qwerty");
130: try {
131: mutableSM.checkPackageDefinition("QWERTY");
132: fail("This should throw a SecurityException.");
133: } catch (SecurityException ok) {
134: }
135:
136: } finally {
137: Security.setProperty("package.definition", old == null ? ""
138: : old);
139: }
140: }
141:
142: /**
143: * @tests java.lang.SecurityManager#checkMemberAccess(java.lang.Class, int)
144: */
145: public void test_checkMemberAccessLjava_lang_ClassI() {
146: // enable all but one check
147: mutableSM.addPermission(new AllPermission());
148: mutableSM.denyPermission(new RuntimePermission(
149: "accessDeclaredMembers"));
150: System.setSecurityManager(mutableSM);
151: try {
152: getClass().getDeclaredFields();
153:
154: try {
155: Object.class.getDeclaredFields();
156: fail("This should throw a SecurityException.");
157: } catch (SecurityException e) {
158: }
159:
160: } finally {
161: System.setSecurityManager(null);
162: }
163: }
164:
165: /**
166: * @tests java.lang.SecurityManager#checkPermission(java.security.Permission)
167: */
168: public void test_checkPermissionLjava_security_Permission()
169: throws Exception {
170:
171: // tmp user home to avoid presence of ${user.home}/.java.policy
172: String tmpUserHome = System.getProperty("java.io.tmpdir")
173: + File.separatorChar
174: + "tmpUserHomeForSecurityManagerTest";
175: File dir = new File(tmpUserHome);
176: if (!dir.exists()) {
177: dir.mkdirs();
178: dir.deleteOnExit();
179: }
180: String javaPolycy = tmpUserHome + File.separatorChar
181: + ".java.policy";
182: assertFalse("There should be no java policy file: "
183: + javaPolycy, new File(javaPolycy).exists());
184:
185: String[] arg = new String[] {
186: "-Duser.home=" + tmpUserHome,
187: checkPermissionLjava_security_PermissionTesting.class
188: .getName() };
189:
190: Support_Exec.execJava(arg, null, true);
191: }
192:
193: private static class checkPermissionLjava_security_PermissionTesting {
194: public static void main(String[] args) {
195: MutableSecurityManager sm = new MutableSecurityManager();
196: sm
197: .addPermission(MutableSecurityManager.SET_SECURITY_MANAGER);
198: System.setSecurityManager(sm);
199: try {
200: try {
201: System.getSecurityManager().checkPermission(
202: new RuntimePermission("createClassLoader"));
203: fail("This should throw a SecurityException");
204: } catch (SecurityException e) {
205: }
206: } finally {
207: System.setSecurityManager(null);
208: }
209: }
210: }
211:
212: /**
213: * @tests java.lang.SecurityManager#checkAccess(java.lang.Thread)
214: */
215: public void test_checkAccessLjava_lang_Thread()
216: throws InterruptedException {
217: // Regression for HARMONY-66
218: Thread t = new Thread() {
219: @Override
220: public void run() {
221: };
222: };
223: t.start();
224: t.join();
225: new SecurityManager().checkAccess(t);
226: }
227:
228: /**
229: * @tests {@link java.lang.SecurityManager#checkAccept(String, int)}
230: */
231: @SuppressWarnings("nls")
232: public void test_checkAcceptLjava_lang_String_int() {
233: // enable all but one check
234: mutableSM.addPermission(new AllPermission());
235: mutableSM.denyPermission(new SocketPermission(
236: "localhost:1024-", "accept, connect, listen"));
237: System.setSecurityManager(mutableSM);
238: try {
239: mutableSM.checkAccept("localhost", 1024);
240: fail("This should throw a SecurityException.");
241: } catch (SecurityException e) {
242: // expected
243: }
244: }
245:
246: /**
247: * @tests {@link java.lang.SecurityManager#checkConnect(String, int, Object)}
248: */
249: @SuppressWarnings("nls")
250: public void test_checkConnectLjava_lang_String_int_Ljava_lang_Object() {
251: // enable all but one check
252: mutableSM.addPermission(new AllPermission());
253: mutableSM.denyPermission(new SocketPermission(
254: "localhost:1024-", "accept, connect, listen"));
255: System.setSecurityManager(mutableSM);
256: ProtectionDomain pDomain = this .getClass()
257: .getProtectionDomain();
258: ProtectionDomain[] pd = { pDomain };
259: AccessControlContext acc = new AccessControlContext(pd);
260: try {
261: mutableSM.checkConnect("localhost", 1024, acc);
262: fail("This should throw a SecurityException.");
263: } catch (SecurityException e) {
264: // expected
265: }
266: }
267:
268: /**
269: * @tests {@link java.lang.SecurityManager#checkExec(String)}
270: */
271: @SuppressWarnings("nls")
272: public void test_checkExecLjava_lang_String() {
273: // enable all but one check
274: mutableSM.addPermission(new AllPermission());
275: mutableSM.denyPermission(new FilePermission("<<ALL FILES>>",
276: "execute"));
277: System.setSecurityManager(mutableSM);
278: try {
279: mutableSM.checkExec("java");
280: fail("This should throw a SecurityException.");
281: } catch (SecurityException e) {
282: // expected
283: }
284: }
285:
286: /**
287: * @tests {@link java.lang.SecurityManager#checkExit(int)}
288: */
289: @SuppressWarnings("nls")
290: public void test_checkExit_int() {
291: // enable all but one check
292: mutableSM.addPermission(new AllPermission());
293: mutableSM.denyPermission(new RuntimePermission("exitVM"));
294: System.setSecurityManager(mutableSM);
295: try {
296: mutableSM.checkExit(0);
297: fail("This should throw a SecurityException.");
298: } catch (SecurityException e) {
299: // expected
300: }
301: }
302:
303: /**
304: * @tests {@link java.lang.SecurityManager#checkLink(String)}
305: */
306: @SuppressWarnings("nls")
307: public void test_checkLinkLjava_lang_String() {
308: // enable all but one check
309: mutableSM.addPermission(new AllPermission());
310: mutableSM.denyPermission(new RuntimePermission(
311: "loadLibrary.harmony"));
312: System.setSecurityManager(mutableSM);
313: try {
314: mutableSM.checkLink("harmony");
315: fail("This should throw a SecurityException.");
316: } catch (SecurityException e) {
317: // expected
318: }
319: }
320:
321: /**
322: * @tests {@link java.lang.SecurityManager#checkListen(int)}
323: */
324: @SuppressWarnings("nls")
325: public void test_checkListen_int() {
326: // enable all but one check
327: mutableSM.addPermission(new AllPermission());
328: mutableSM.denyPermission(new SocketPermission("localhost:80",
329: "listen"));
330: System.setSecurityManager(mutableSM);
331:
332: try {
333: mutableSM.checkListen(80);
334: fail("This should throw a SecurityException.");
335: } catch (SecurityException e) {
336: // expected
337: }
338: mutableSM.addPermission(new AllPermission());
339: mutableSM.denyPermission(new SocketPermission(
340: "localhost:1024-", "listen"));
341: System.setSecurityManager(mutableSM);
342: try {
343: mutableSM.checkListen(0);
344: fail("This should throw a SecurityException.");
345: } catch (SecurityException e) {
346: // expected
347: }
348: }
349:
350: /**
351: * @throws UnknownHostException
352: * @tests {@link java.lang.SecurityManager#checkMulticast(java.net.InetAddress)}
353: */
354: @SuppressWarnings("nls")
355: public void test_checkMulticastLjava_net_InetAddress()
356: throws UnknownHostException {
357: // enable all but one check
358: mutableSM.addPermission(new AllPermission());
359: mutableSM.denyPermission(new SocketPermission(InetAddress
360: .getByName("localhost").getHostAddress(),
361: "accept,connect"));
362: System.setSecurityManager(mutableSM);
363: try {
364: mutableSM
365: .checkMulticast(InetAddress.getByName("localhost"));
366: fail("This should throw a SecurityException.");
367: } catch (SecurityException e) {
368: // expected
369: }
370: }
371:
372: /**
373: * @throws UnknownHostException
374: * @tests {@link java.lang.SecurityManager#checkMulticast(java.net.InetAddress,byte)}
375: */
376: @SuppressWarnings({"nls","deprecation"})
377: public void test_checkMulticastLjava_net_InetAddress_int()
378: throws UnknownHostException {
379: // enable all but one check
380: mutableSM.addPermission(new AllPermission());
381: mutableSM.denyPermission(new SocketPermission(InetAddress
382: .getByName("localhost").getHostAddress(),
383: "accept,connect"));
384: System.setSecurityManager(mutableSM);
385: try {
386: // the second parameter is the TTL(time to live)
387: mutableSM.checkMulticast(
388: InetAddress.getByName("localhost"), (byte) 0);
389: fail("This should throw a SecurityException.");
390: } catch (SecurityException e) {
391: // expected
392: }
393: }
394:
395: /**
396: *
397: * @tests {@link java.lang.SecurityManager#checkPermission(Permission, Object)}
398: */
399: @SuppressWarnings("nls")
400: public void test_checkPermissionLjava_security_PermissionLjava_lang_Object() {
401: // enable all but one check
402: mutableSM.addPermission(new AllPermission());
403: Permission denyp = new SocketPermission("localhost:1024-",
404: "accept, connect, listen");
405: mutableSM.denyPermission(denyp);
406: System.setSecurityManager(mutableSM);
407: ProtectionDomain pDomain = this .getClass()
408: .getProtectionDomain();
409: ProtectionDomain[] pd = { pDomain };
410: AccessControlContext acc = new AccessControlContext(pd);
411: try {
412: mutableSM.checkPermission(denyp, acc);
413: fail("This should throw a SecurityException.");
414: } catch (SecurityException e) {
415: // expected
416: }
417: }
418:
419: /**
420: * @tests {@link java.lang.SecurityManager#checkPrintJobAccess()}
421: */
422: @SuppressWarnings("nls")
423: public void test_checkPrintJobAccess() {
424: // enable all but one check
425: mutableSM.addPermission(new AllPermission());
426: mutableSM
427: .denyPermission(new RuntimePermission("queuePrintJob"));
428: System.setSecurityManager(mutableSM);
429: try {
430: mutableSM.checkPrintJobAccess();
431: fail("This should throw a SecurityException.");
432: } catch (SecurityException e) {
433: // expected
434: }
435: }
436:
437: /**
438: * @tests {@link java.lang.SecurityManager#checkRead(FileDescriptor)}
439: */
440: @SuppressWarnings("nls")
441: public void test_checkReadLjava_io_FileDescriptor() {
442: // enable all but one check
443: mutableSM.addPermission(new AllPermission());
444: mutableSM.denyPermission(new RuntimePermission(
445: "readFileDescriptor"));
446: System.setSecurityManager(mutableSM);
447: try {
448: mutableSM.checkRead(new FileDescriptor());
449: fail("This should throw a SecurityException.");
450: } catch (SecurityException e) {
451: // expected
452: }
453: }
454:
455: /**
456: * @tests {@link java.lang.SecurityManager#checkRead(String,Object)}
457: */
458: @SuppressWarnings("nls")
459: public void test_checkReadLjava_lang_StringLjava_lang_Object() {
460: // enable all but one check
461: mutableSM.addPermission(new AllPermission());
462: mutableSM.denyPermission(new FilePermission("<<ALL FILES>>",
463: "read"));
464: ProtectionDomain pDomain = this .getClass()
465: .getProtectionDomain();
466: ProtectionDomain[] pd = { pDomain };
467: AccessControlContext acc = new AccessControlContext(pd);
468: System.setSecurityManager(mutableSM);
469: try {
470: mutableSM.checkRead("aa", acc);
471: fail("This should throw a SecurityException.");
472: } catch (SecurityException e) {
473: // expected
474: }
475: }
476:
477: /**
478: * @tests {@link java.lang.SecurityManager#checkSetFactory()}
479: */
480: @SuppressWarnings("nls")
481: public void test_checkSetFactory() {
482: // enable all but one check
483: mutableSM.addPermission(new AllPermission());
484: mutableSM.denyPermission(new RuntimePermission("setFactory"));
485: System.setSecurityManager(mutableSM);
486: try {
487: mutableSM.checkSetFactory();
488: fail("This should throw a SecurityException.");
489: } catch (SecurityException e) {
490: // expected
491: }
492: }
493:
494: /**
495: * @tests {@link java.lang.SecurityManager#getInCheck()}
496: */
497: public void test_getIncheck() {
498: mockSM.setInCheck(false);
499: assertFalse(mockSM.getInCheck());
500: mockSM.setInCheck(true);
501: assertTrue(mockSM.getInCheck());
502: }
503:
504: /**
505: * @tests {@link java.lang.SecurityManager#getSecurityContext()}
506: */
507: @SuppressWarnings("nls")
508: public void test_getSecurityContext() {
509: // enable all but one check
510: mutableSM.addPermission(new AllPermission());
511: mutableSM.denyPermission(new FilePermission("<<ALL FILES>>",
512: "read"));
513: System.setSecurityManager(mutableSM);
514: try {
515: mutableSM.checkRead("aa", mutableSM.getSecurityContext());
516: fail("This should throw a SecurityException.");
517: } catch (SecurityException e) {
518: // expected
519: }
520: }
521:
522: /**
523: * @tests {@link java.lang.SecurityManager#classDepth(String)}
524: */
525: @SuppressWarnings("nls")
526: public void test_classDepthLjava_lang_String() {
527: assertEquals(-1, mockSM.classDepth("nothing"));
528: }
529:
530: /**
531: * @tests {@link java.lang.SecurityManager#classLoaderDepth()}
532: */
533: public void test_classLoaderDepth() {
534: assertEquals(-1, mockSM.classLoaderDepth());
535: }
536:
537: /**
538: * @tests {@link java.lang.SecurityManager#currentClassLoader()}
539: */
540: public void test_currentClassLoader() {
541: assertNull(mockSM.currentClassLoader());
542: }
543:
544: /**
545: * @tests {@link java.lang.SecurityManager#currentLoadedClass()}
546: */
547: public void test_currentLoadedClass() {
548: assertNull(mockSM.currentLoadedClass());
549: }
550:
551: /**
552: * @tests {@link java.lang.SecurityManager#inClass(String)}
553: */
554: @SuppressWarnings("nls")
555: public void test_inClassLjava_lang_String() {
556: assertFalse(mockSM.inClass("nothing"));
557: assertTrue(mockSM.inClass(MockSecurityManager.class.getName()));
558: }
559:
560: /**
561: * @tests {@link java.lang.SecurityManager#inClassLoader()}
562: */
563: public void test_inClassLoader() {
564: assertFalse(mockSM.inClassLoader());
565: }
566:
567: /**
568: * @tests {@link java.lang.SecurityManager#inClassLoader()}
569: */
570: public void test_getClassContext() {
571: assertEquals(
572: "MockSecurityManager should be the first in the classes stack",
573: mockSM.getClassContext()[0], MockSecurityManager.class);
574: }
575:
576: // set some protected method to public for testing
577: class MockSecurityManager extends SecurityManager {
578:
579: public void setInCheck(boolean inCheck) {
580: super .inCheck = inCheck;
581: }
582:
583: @Override
584: public int classDepth(String name) {
585: return super .classDepth(name);
586: }
587:
588: @Override
589: public int classLoaderDepth() {
590: return super .classLoaderDepth();
591: }
592:
593: @Override
594: public ClassLoader currentClassLoader() {
595: return super .currentClassLoader();
596: }
597:
598: @Override
599: public Class<?> currentLoadedClass() {
600: return super .currentLoadedClass();
601: }
602:
603: @Override
604: public Class[] getClassContext() {
605: return super .getClassContext();
606: }
607:
608: @Override
609: public boolean inClass(String name) {
610: return super .inClass(name);
611: }
612:
613: @Override
614: public boolean inClassLoader() {
615: return super .inClassLoader();
616: }
617: }
618:
619: @Override
620: protected void setUp() throws Exception {
621: super .setUp();
622: mutableSM = new MutableSecurityManager();
623: mockSM = new MockSecurityManager();
624: originalSM = System.getSecurityManager();
625: }
626:
627: @Override
628: protected void tearDown() throws Exception {
629: super.tearDown();
630: System.setSecurityManager(originalSM);
631: }
632: }
|