stan/jdk-24
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
3b9255eb66
jdk-24/test/jdk/java/security/AccessController/LimitedDoPrivilegedWithThread.java
Erik Joelsson 3789983e89 8187443: Forest Consolidation: Move files to unified layout 
Reviewed-by: darcy, ihse
2017-09-12 19:03:39 +02:00

109 lines
4.0 KiB
Java
Raw Blame History

/*
* Copyright (c) 2013, 2014, Oracle and/or its affiliates. All rights reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
* under the terms of the GNU General Public License version 2 only, as
* published by the Free Software Foundation.
*
* This code is distributed in the hope that it will be useful, but WITHOUT
* ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
* FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
* version 2 for more details (a copy is included in the LICENSE file that
* accompanied this code).
*
* You should have received a copy of the GNU General Public License version
* 2 along with this work; if not, write to the Free Software Foundation,
* Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
*
* Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
* or visit www.oracle.com if you need additional information or have any
* questions.
*/
/*
* @test
* @bug 8050281
* @summary Test limited doprivileged action with trhead calls.
* @run main/othervm/policy=policy LimitedDoPrivilegedWithThread
*/
import java.io.FilePermission;
import java.security.AccessControlContext;
import java.security.AccessControlException;
import java.security.AccessController;
import java.security.Permission;
import java.security.PrivilegedAction;
import java.security.ProtectionDomain;
import java.util.PropertyPermission;
public class LimitedDoPrivilegedWithThread {
private static final Permission PROPERTYPERM
= new PropertyPermission("user.name", "read");
private static final Permission FILEPERM
= new FilePermission("*", "read");
private static final AccessControlContext ACC
= new AccessControlContext(
new ProtectionDomain[]{new ProtectionDomain(null, null)});
public static void main(String args[]) {
//parent thread without any permission
AccessController.doPrivileged(
(PrivilegedAction) () -> {
Thread ct = new Thread(
new ChildThread(PROPERTYPERM, FILEPERM));
ct.start();
try {
ct.join();
} catch (InterruptedException ie) {
Thread.currentThread().interrupt();
ie.printStackTrace();
throw new RuntimeException("Unexpected InterruptedException");
}
return null;
}, ACC);
}
}
class ChildThread implements Runnable {
private final Permission P1;
private final Permission P2;
private boolean catchACE = false;
public ChildThread(Permission p1, Permission p2) {
this.P1 = p1;
this.P2 = p2;
}
@Override
public void run() {
//Verified that child thread has permission p1,
runTest(null, P1, false, 1);
//Verified that child thread inherits parent thread's access control context
AccessControlContext childAcc = AccessController.getContext();
runTest(childAcc, P1, true, 2);
//Verified that we can give permision p2 to limit the "privilege" of the
//class calling doprivileged action, stack walk will continue
runTest(null, P2, true, 3);
}
public void runTest(AccessControlContext acc, Permission perm,
boolean expectACE, int id) {
AccessController.doPrivileged(
(PrivilegedAction) () -> {
try {
AccessController.getContext().checkPermission(P1);
} catch (AccessControlException ace) {
catchACE = true;
}
if (catchACE ^ expectACE) {
throw new RuntimeException("test" + id + " failed");
}
return null;
}, acc, perm);
}
}
Reference in New Issue View Git Blame Copy Permalink