Modules.java revision 14606:bc3775e25b52
1/* 2 * Copyright (c) 2015, 2016, Oracle and/or its affiliates. All rights reserved. 3 * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. 4 * 5 * This code is free software; you can redistribute it and/or modify it 6 * under the terms of the GNU General Public License version 2 only, as 7 * published by the Free Software Foundation. 8 * 9 * This code is distributed in the hope that it will be useful, but WITHOUT 10 * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or 11 * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License 12 * version 2 for more details (a copy is included in the LICENSE file that 13 * accompanied this code). 14 * 15 * You should have received a copy of the GNU General Public License version 16 * 2 along with this work; if not, write to the Free Software Foundation, 17 * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. 18 * 19 * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA 20 * or visit www.oracle.com if you need additional information or have any 21 * questions. 22 */ 23 24/* 25 * @test 26 * @bug 8047771 27 * @summary check permissions and principals from various modules 28 * @modules java.desktop 29 * java.logging 30 * java.management 31 * java.security.jgss 32 * java.smartcardio 33 * java.sql 34 * java.xml 35 * java.xml.bind 36 * jdk.attach 37 * jdk.jdi 38 * jdk.net 39 * jdk.security.auth 40 * jdk.security.jgss 41 * @compile -addmods java.xml.ws,java.smartcardio Modules.java 42 * @run main/othervm/java.security.policy==modules.policy 43 * -addmods java.xml.ws,java.smartcardio Modules 44 */ 45 46import java.security.AccessController; 47import java.security.Permission; 48import java.security.Principal; 49import java.security.PrivilegedAction; 50import java.util.Arrays; 51import java.util.Collections; 52import java.util.HashSet; 53import java.util.Set; 54import javax.security.auth.Subject; 55 56public class Modules { 57 58 private final static Permission[] perms = new Permission[] { 59 // java.base module 60 new java.io.SerializablePermission("enableSubstitution"), 61 new java.lang.reflect.ReflectPermission("suppressAccessChecks"), 62 new java.nio.file.LinkPermission("hard"), 63 new javax.net.ssl.SSLPermission("getSSLSessionContext"), 64 new javax.security.auth.AuthPermission("doAsPrivileged"), 65 new javax.security.auth.PrivateCredentialPermission("* * \"*\"", 66 "read"), 67 // java.base module (@jdk.Exported Permissions) 68 new jdk.net.NetworkPermission("setOption.SO_FLOW_SLA"), 69 // java.desktop module 70 new java.awt.AWTPermission("createRobot"), 71 new javax.sound.sampled.AudioPermission("play"), 72 // java.logging module 73 new java.util.logging.LoggingPermission("control", ""), 74 // java.management module 75 new java.lang.management.ManagementPermission("control"), 76 new javax.management.MBeanPermission("*", "getAttribute"), 77 new javax.management.MBeanServerPermission("createMBeanServer"), 78 new javax.management.MBeanTrustPermission("register"), 79 new javax.management.remote.SubjectDelegationPermission("*"), 80 // java.security.jgss module 81 new javax.security.auth.kerberos.DelegationPermission("\"*\" \"*\""), 82 new javax.security.auth.kerberos.ServicePermission("*", "accept"), 83 // java.sql module 84 new java.sql.SQLPermission("setLog"), 85 // java.xml.bind module 86 new javax.xml.bind.JAXBPermission("setDatatypeConverter"), 87 // java.xml.ws module 88 new javax.xml.ws.WebServicePermission("publishEndpoint"), 89 // java.smartcardio module 90 new javax.smartcardio.CardPermission("*", "*"), 91 // jdk.attach module (@jdk.Exported Permissions) 92 new com.sun.tools.attach.AttachPermission("attachVirtualMachine"), 93 // jdk.jdi module (@jdk.Exported Permissions) 94 new com.sun.jdi.JDIPermission("virtualMachineManager"), 95 // jdk.security.jgss module (@jdk.Exported Permissions) 96 new com.sun.security.jgss.InquireSecContextPermission("*"), 97 }; 98 99 private final static Principal[] princs = new Principal[] { 100 // java.base module 101 new javax.security.auth.x500.X500Principal("CN=Duke"), 102 // java.management module 103 new javax.management.remote.JMXPrincipal("Duke"), 104 // java.security.jgss module 105 new javax.security.auth.kerberos.KerberosPrincipal("duke@openjdk.org"), 106 new com.sun.security.auth.UserPrincipal("Duke"), 107 new com.sun.security.auth.NTDomainPrincipal("openjdk.org"), 108 new com.sun.security.auth.NTSid( 109 "S-1-5-21-3623811015-3361044348-30300820-1013"), 110 new com.sun.security.auth.NTUserPrincipal("Duke"), 111 new com.sun.security.auth.UnixNumericUserPrincipal("0"), 112 new com.sun.security.auth.UnixPrincipal("duke"), 113 }; 114 115 public static void main(String[] args) throws Exception { 116 117 for (Permission perm : perms) { 118 AccessController.checkPermission(perm); 119 } 120 121 Permission princPerm = new java.util.PropertyPermission("user.home", 122 "read"); 123 Set<Principal> princSet = new HashSet<>(Arrays.asList(princs)); 124 Subject subject = new Subject(true, princSet, Collections.emptySet(), 125 Collections.emptySet()); 126 PrivilegedAction<Void> pa = () -> { 127 AccessController.checkPermission(princPerm); 128 return null; 129 }; 130 Subject.doAsPrivileged(subject, pa, null); 131 } 132} 133