stan/jdk-24
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
0bcf17674e
jdk-24/test/jdk/com/sun/net/httpserver/simpleserver/SecurityManagerTest.java

202 lines
8.0 KiB
Java
Raw Normal View History

8245095: Implementation of JEP 408: Simple Web Server Co-authored-by: Julia Boes <jboes@openjdk.org> Co-authored-by: Chris Hegarty <chegar@openjdk.org> Co-authored-by: Michael McMahon <michaelm@openjdk.org> Co-authored-by: Daniel Fuchs <dfuchs@openjdk.org> Co-authored-by: Jan Lahoda <jlahoda@openjdk.org> Co-authored-by: Ivan Šipka <isipka@openjdk.org> Reviewed-by: ihse, jlaskey, michaelm, chegar, dfuchs
2021-10-19 10:19:15 +00:00
/*
* Copyright (c) 2021, Oracle and/or its affiliates. All rights reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
* under the terms of the GNU General Public License version 2 only, as
* published by the Free Software Foundation.
*
* This code is distributed in the hope that it will be useful, but WITHOUT
* ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
* FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
* version 2 for more details (a copy is included in the LICENSE file that
* accompanied this code).
*
* You should have received a copy of the GNU General Public License version
* 2 along with this work; if not, write to the Free Software Foundation,
* Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
*
* Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
* or visit www.oracle.com if you need additional information or have any
* questions.
*/
/*
* @test
* @summary Tests for FileServerHandler with SecurityManager
* @library /test/lib
* @build jdk.test.lib.net.URIBuilder
* @run main/othervm/java.security.policy=SecurityManagerTestRead.policy -ea SecurityManagerTest true
* @run main/othervm/java.security.policy=SecurityManagerTestNoRead.policy -ea SecurityManagerTest false
* @run main/othervm -ea SecurityManagerTest true
*/
import java.io.IOException;
import java.net.InetAddress;
import java.net.InetSocketAddress;
import java.net.URI;
import java.net.http.HttpClient;
import java.net.http.HttpRequest;
import java.net.http.HttpResponse.BodyHandlers;
import java.nio.file.Files;
import java.nio.file.Path;
import java.security.AccessControlException;
import java.time.ZoneId;
import java.time.format.DateTimeFormatter;
import java.util.logging.ConsoleHandler;
import java.util.logging.Level;
import java.util.logging.Logger;
import com.sun.net.httpserver.HttpServer;
import com.sun.net.httpserver.SimpleFileServer;
import com.sun.net.httpserver.SimpleFileServer.OutputLevel;
import jdk.test.lib.net.URIBuilder;
import jdk.test.lib.util.FileUtils;
import static java.net.http.HttpClient.Builder.NO_PROXY;
import static java.nio.charset.StandardCharsets.UTF_8;
import static java.nio.file.StandardOpenOption.CREATE;
/**
* Tests the permission checks during the creation of a FileServerHandler.
*
* A FileServerHandler can only be created if a "read" FilePermission is
* granted for the root directory passed. The test consists of 3 runs:
* 1) security manager enabled and "read" FilePermission granted
* 2) security manager enabled and "read" FilePermission NOT granted
* 3) security manager NOT enabled
* 2) misses the required permissions to call many of the java.nio.file methods,
* the test works around this by reusing the test directory created in the
* previous run.
* */
public class SecurityManagerTest {
static final Path CWD = Path.of(".").toAbsolutePath().normalize();
static final Path TEST_DIR = CWD.resolve("SecurityManagerTest");
static final InetSocketAddress LOOPBACK_ADDR =
new InetSocketAddress(InetAddress.getLoopbackAddress(), 0);
static final boolean ENABLE_LOGGING = true;
static final Logger LOGGER = Logger.getLogger("com.sun.net.httpserver");
static boolean readPermitted;
static String lastModifiedDir;
static String lastModifiedFile;
public static void main(String[] args) throws Exception {
setupLogging();
readPermitted = Boolean.parseBoolean(args[0]);
if (readPermitted) {
createTestDir();
testDirectoryGET();
testFileGET();
} else { // no FilePermission "read" for TEST_DIR granted,
// assert handler cannot be created
testCreateHandler();
}
}
private static void setupLogging() {
if (ENABLE_LOGGING) {
ConsoleHandler ch = new ConsoleHandler();
LOGGER.setLevel(Level.ALL);
ch.setLevel(Level.ALL);
LOGGER.addHandler(ch);
}
}
private static void createTestDir() throws IOException {
if (Files.exists(TEST_DIR)) {
FileUtils.deleteFileTreeWithRetry(TEST_DIR);
}
Files.createDirectories(TEST_DIR);
var file = Files.writeString(TEST_DIR.resolve("aFile.txt"), "some text", CREATE);
lastModifiedDir = getLastModified(TEST_DIR);
lastModifiedFile = getLastModified(file);
}
private static void testDirectoryGET() throws Exception {
var expectedBody = openHTML + """
<h1>Directory listing for &#x2F;</h1>
<ul>
<li><a href="aFile.txt">aFile.txt</a></li>
</ul>
""" + closeHTML;
var expectedLength = Integer.toString(expectedBody.getBytes(UTF_8).length);
var server = SimpleFileServer.createFileServer(LOOPBACK_ADDR, TEST_DIR, OutputLevel.VERBOSE);
server.start();
try {
var client = HttpClient.newBuilder().proxy(NO_PROXY).build();
var request = HttpRequest.newBuilder(uri(server, "")).build();
var response = client.send(request, BodyHandlers.ofString());
assert response.statusCode() == 200;
assert response.body().equals(expectedBody);
assert response.headers().firstValue("content-type").get().equals("text/html; charset=UTF-8");
assert response.headers().firstValue("content-length").get().equals(expectedLength);
assert response.headers().firstValue("last-modified").get().equals(lastModifiedDir);
} finally {
server.stop(0);
}
}
private static void testFileGET() throws Exception {
var expectedBody = "some text";
var expectedLength = Integer.toString(expectedBody.getBytes(UTF_8).length);
var server = SimpleFileServer.createFileServer(LOOPBACK_ADDR, TEST_DIR, OutputLevel.VERBOSE);
server.start();
try {
var client = HttpClient.newBuilder().proxy(NO_PROXY).build();
var request = HttpRequest.newBuilder(uri(server, "aFile.txt")).build();
var response = client.send(request, BodyHandlers.ofString());
assert response.statusCode() == 200;
assert response.body().equals("some text");
assert response.headers().firstValue("content-type").get().equals("text/plain");
assert response.headers().firstValue("content-length").get().equals(expectedLength);
assert response.headers().firstValue("last-modified").get().equals(lastModifiedFile);
} finally {
server.stop(0);
}
}
@SuppressWarnings("removal")
private static void testCreateHandler(){
try {
SimpleFileServer.createFileServer(LOOPBACK_ADDR, TEST_DIR, OutputLevel.NONE);
throw new RuntimeException("Handler creation expected to fail");
} catch (AccessControlException expected) { }
try {
SimpleFileServer.createFileHandler(TEST_DIR);
throw new RuntimeException("Handler creation expected to fail");
} catch (AccessControlException expected) { }
}
static final String openHTML = """
<!DOCTYPE html>
<html>
<head>
<meta charset="utf-8"/>
</head>
<body>
""";
static final String closeHTML = """
</body>
</html>
""";
static URI uri(HttpServer server, String path) {
return URIBuilder.newBuilder()
.host("localhost")
.port(server.getAddress().getPort())
.scheme("http")
.path("/" + path)
.buildUnchecked();
}
static String getLastModified(Path path) throws IOException {
return Files.getLastModifiedTime(path).toInstant().atZone(ZoneId.of("GMT"))
.format(DateTimeFormatter.RFC_1123_DATE_TIME);
}
}
Reference in New Issue Copy Permalink