diff --git a/jdk/src/java.base/share/classes/java/net/Authenticator.java b/jdk/src/java.base/share/classes/java/net/Authenticator.java index 8b59db010f3..81a87c79987 100644 --- a/jdk/src/java.base/share/classes/java/net/Authenticator.java +++ b/jdk/src/java.base/share/classes/java/net/Authenticator.java @@ -1,5 +1,5 @@ /* - * Copyright (c) 1997, 2013, Oracle and/or its affiliates. All rights reserved. + * Copyright (c) 1997, 2016, Oracle and/or its affiliates. All rights reserved. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * * This code is free software; you can redistribute it and/or modify it @@ -130,6 +130,35 @@ class Authenticator { theAuthenticator = a; } + /** + * Gets the default authenticator. + * First, if there is a security manager, its {@code checkPermission} + * method is called with a + * {@code NetPermission("requestPasswordAuthentication")} permission. + * This may result in a java.lang.SecurityException. + * Then the default authenticator, if set, is returned. + * Otherwise, {@code null} is returned. + * + * @return The default authenticator, if set, {@code null} otherwise. + * + * @throws SecurityException + * if a security manager exists and its + * {@code checkPermission} method doesn't allow + * requesting password authentication. + * @since 9 + * @see SecurityManager#checkPermission + * @see java.net.NetPermission + */ + public static Authenticator getDefault() { + SecurityManager sm = System.getSecurityManager(); + if (sm != null) { + NetPermission requestPermission + = new NetPermission("requestPasswordAuthentication"); + sm.checkPermission(requestPermission); + } + return theAuthenticator; + } + /** * Ask the authenticator that has been registered with the system * for a password. diff --git a/jdk/test/java/net/Authenticator/GetAuthenticatorTest.java b/jdk/test/java/net/Authenticator/GetAuthenticatorTest.java new file mode 100644 index 00000000000..d36236ba32f --- /dev/null +++ b/jdk/test/java/net/Authenticator/GetAuthenticatorTest.java @@ -0,0 +1,76 @@ +/* + * Copyright (c) 2016, Oracle and/or its affiliates. All rights reserved. + * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. + * + * This code is free software; you can redistribute it and/or modify it + * under the terms of the GNU General Public License version 2 only, as + * published by the Free Software Foundation. + * + * This code is distributed in the hope that it will be useful, but WITHOUT + * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or + * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License + * version 2 for more details (a copy is included in the LICENSE file that + * accompanied this code). + * + * You should have received a copy of the GNU General Public License version + * 2 along with this work; if not, write to the Free Software Foundation, + * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. + * + * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA + * or visit www.oracle.com if you need additional information or have any + * questions. + */ +import java.lang.ref.Reference; +import java.net.Authenticator; +import java.net.NetPermission; +import java.net.PasswordAuthentication; +import java.security.AccessControlException; + +/** + * @test + * @bug 8169068 + * @summary Basic test for Authenticator.getDefault() + * @run main/othervm GetAuthenticatorTest + */ +public class GetAuthenticatorTest { + + static final class MyAuthenticator extends Authenticator { + + MyAuthenticator () { + super (); + } + + @Override + public PasswordAuthentication getPasswordAuthentication () { + System.out.println ("Auth called"); + return (new PasswordAuthentication ("user", + "passwordNotCheckedAnyway".toCharArray())); + } + + } + + public static void main (String args[]) throws Exception { + Authenticator defaultAuth = Authenticator.getDefault(); + if (defaultAuth != null) { + throw new RuntimeException("Unexpected authenticator: null expected"); + } + MyAuthenticator auth = new MyAuthenticator(); + Authenticator.setDefault(auth); + defaultAuth = Authenticator.getDefault(); + if (defaultAuth != auth) { + throw new RuntimeException("Unexpected authenticator: auth expected"); + } + System.setSecurityManager(new SecurityManager()); + try { + defaultAuth = Authenticator.getDefault(); + throw new RuntimeException("Expected security exception not raised"); + } catch (AccessControlException s) { + System.out.println("Got expected exception: " + s); + if (!s.getPermission().equals(new NetPermission("requestPasswordAuthentication"))) { + throw new RuntimeException("Unexpected permission check: " + s.getPermission()); + } + } + System.out.println("Test passed with default authenticator " + + defaultAuth); + } +}