Modules.java revision 13901:b2a69d66dc65
1/* 2 * Copyright (c) 2015, Oracle and/or its affiliates. All rights reserved. 3 * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. 4 * 5 * This code is free software; you can redistribute it and/or modify it 6 * under the terms of the GNU General Public License version 2 only, as 7 * published by the Free Software Foundation. 8 * 9 * This code is distributed in the hope that it will be useful, but WITHOUT 10 * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or 11 * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License 12 * version 2 for more details (a copy is included in the LICENSE file that 13 * accompanied this code). 14 * 15 * You should have received a copy of the GNU General Public License version 16 * 2 along with this work; if not, write to the Free Software Foundation, 17 * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. 18 * 19 * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA 20 * or visit www.oracle.com if you need additional information or have any 21 * questions. 22 */ 23 24/* 25 * @test 26 * @bug 8047771 27 * @summary check permissions and principals from various modules 28 * @run main/othervm/java.security.policy==modules.policy Modules 29 */ 30 31import java.security.AccessController; 32import java.security.Permission; 33import java.security.Principal; 34import java.security.PrivilegedAction; 35import java.util.Arrays; 36import java.util.Collections; 37import java.util.HashSet; 38import java.util.Set; 39import javax.security.auth.Subject; 40 41public class Modules { 42 43 private final static Permission[] perms = new Permission[] { 44 // java.base module 45 new java.io.SerializablePermission("enableSubstitution"), 46 new java.lang.reflect.ReflectPermission("suppressAccessChecks"), 47 new java.nio.file.LinkPermission("hard"), 48 new javax.net.ssl.SSLPermission("getSSLSessionContext"), 49 new javax.security.auth.AuthPermission("doAsPrivileged"), 50 new javax.security.auth.PrivateCredentialPermission("* * \"*\"", 51 "read"), 52 // java.base module (@jdk.Exported Permissions) 53 new jdk.net.NetworkPermission("setOption.SO_FLOW_SLA"), 54 // java.desktop module 55 new java.awt.AWTPermission("createRobot"), 56 new javax.sound.sampled.AudioPermission("play"), 57 // java.logging module 58 new java.util.logging.LoggingPermission("control", ""), 59 // java.management module 60 new java.lang.management.ManagementPermission("control"), 61 new javax.management.MBeanPermission("*", "getAttribute"), 62 new javax.management.MBeanServerPermission("createMBeanServer"), 63 new javax.management.MBeanTrustPermission("register"), 64 new javax.management.remote.SubjectDelegationPermission("*"), 65 // java.security.jgss module 66 new javax.security.auth.kerberos.DelegationPermission("\"*\" \"*\""), 67 new javax.security.auth.kerberos.ServicePermission("*", "accept"), 68 // java.sql module 69 new java.sql.SQLPermission("setLog"), 70 // java.xml.bind module 71 new javax.xml.bind.JAXBPermission("setDatatypeConverter"), 72 // java.xml.ws module 73 new javax.xml.ws.WebServicePermission("publishEndpoint"), 74 // java.smartcardio module 75 new javax.smartcardio.CardPermission("*", "*"), 76 // jdk.attach module (@jdk.Exported Permissions) 77 new com.sun.tools.attach.AttachPermission("attachVirtualMachine"), 78 // jdk.jdi module (@jdk.Exported Permissions) 79 new com.sun.jdi.JDIPermission("virtualMachineManager"), 80 // jdk.security.jgss module (@jdk.Exported Permissions) 81 new com.sun.security.jgss.InquireSecContextPermission("*"), 82 }; 83 84 private final static Principal[] princs = new Principal[] { 85 // java.base module 86 new javax.security.auth.x500.X500Principal("CN=Duke"), 87 // java.management module 88 new javax.management.remote.JMXPrincipal("Duke"), 89 // java.security.jgss module 90 new javax.security.auth.kerberos.KerberosPrincipal("duke@openjdk.org"), 91 new com.sun.security.auth.UserPrincipal("Duke"), 92 new com.sun.security.auth.NTDomainPrincipal("openjdk.org"), 93 new com.sun.security.auth.NTSid( 94 "S-1-5-21-3623811015-3361044348-30300820-1013"), 95 new com.sun.security.auth.NTUserPrincipal("Duke"), 96 new com.sun.security.auth.UnixNumericUserPrincipal("0"), 97 new com.sun.security.auth.UnixPrincipal("duke"), 98 }; 99 100 public static void main(String[] args) throws Exception { 101 102 for (Permission perm : perms) { 103 AccessController.checkPermission(perm); 104 } 105 106 Permission princPerm = new java.util.PropertyPermission("user.home", 107 "read"); 108 Set<Principal> princSet = new HashSet<>(Arrays.asList(princs)); 109 Subject subject = new Subject(true, princSet, Collections.emptySet(), 110 Collections.emptySet()); 111 PrivilegedAction<Void> pa = () -> { 112 AccessController.checkPermission(princPerm); 113 return null; 114 }; 115 Subject.doAsPrivileged(subject, pa, null); 116 } 117} 118