bit of work related to expanding on the existing test cases and starting on some minor code clean up
git-svn-id: svn+ssh://dev.eclipse.org/svnroot/rt/org.eclipse.jetty/jetty/trunk@2661 7e9141cc-0065-0410-87d8-b60c137991c4
This commit is contained in:
Jesse McConnell
parent
0c4f457208
commit
5a5e3ad482
|
|
@ -46,13 +46,19 @@ import org.eclipse.jetty.util.Scanner;
|
|||
*
|
||||
* The reason I created this class and added this mechanism are:
|
||||
*
|
||||
* 1) I wanted a way to be able to follow the startup mechanic that jetty uses with jetty-start using OPTIONS=policy,default to be able to startup a security manager and policy implementation without have to rely on the existing JVM cli options 2)
|
||||
* establish a starting point to add on further functionality to permissions based security with jetty like jmx enabled permission tweaking or runtime creation and specification of policies for specific webapps 3) I wanted to have support for specifying
|
||||
* multiple policy files to source permissions from
|
||||
* 1) I wanted a way to be able to follow the startup mechanic that jetty uses with jetty-start using OPTIONS=policy,default to be able to startup a security manager and policy implementation without have to rely on the existing JVM cli options
|
||||
* 2) establish a starting point to add on further functionality to permissions based security with jetty like jmx enabled permission tweaking or runtime creation and specification of policies for specific webapps
|
||||
* 3) I wanted to have support for specifying multiple policy files to source permissions from
|
||||
*
|
||||
* Possible additions are: - directories of policy file support - jmx enabled a la #2 above - proxying of system security policy where we can proxy access to the system policy should the jvm have been started with one, I had support for this but ripped it
|
||||
* out to add in again later - merging of protection domains if process multiple policy files that declare permissions for the same codebase - an xml policy file parser, had originally added this using modello but tore it out since it would have been a
|
||||
* nightmare to get its dependencies through IP validation, could do this with jvm xml parser instead sometime - check performance of the synch'd map I am using for the protection domain mapping
|
||||
* Possible additions are:
|
||||
* - directories of policy file support
|
||||
* - jmx enabled a la #2 above
|
||||
* - proxying of system security policy where we can proxy access to the system policy should the jvm have been started with one, I had support for this but ripped it
|
||||
* out to add in again later
|
||||
* - merging of protection domains if process multiple policy files that declare permissions for the same codebase
|
||||
* - an xml policy file parser, had originally added this using modello but tore it out since it would have been a
|
||||
* nightmare to get its dependencies through IP validation, could do this with jvm xml parser instead sometime
|
||||
* - check performance of the synch'd map I am using for the protection domain mapping
|
||||
*/
|
||||
public class JettyPolicy extends Policy
|
||||
{
|
||||
|
|
@ -76,7 +82,6 @@ public class JettyPolicy extends Policy
|
|||
{
|
||||
try
|
||||
{
|
||||
|
||||
__RELOAD = Boolean.getBoolean("org.eclipse.jetty.policy.RELOAD");
|
||||
__DEBUG = Boolean.getBoolean("org.eclipse.jetty.policy.DEBUG");
|
||||
}
|
||||
|
|
@ -355,7 +360,7 @@ public class JettyPolicy extends Policy
|
|||
PermissionCollection out = new Permissions();
|
||||
synchronized (in)
|
||||
{
|
||||
for (Enumeration el = in.elements() ; el.hasMoreElements() ;)
|
||||
for (Enumeration<Permission> el = in.elements() ; el.hasMoreElements() ;)
|
||||
{
|
||||
out.add((Permission)el.nextElement());
|
||||
}
|
||||
|
|
|
|||
|
|
@ -39,16 +39,7 @@ public class PolicyBlock
|
|||
{
|
||||
if ( protectionDomain == null )
|
||||
{
|
||||
// if ( codesource == null )
|
||||
// {
|
||||
// protectionDomain = new ProtectionDomain( null, permissions );
|
||||
// }
|
||||
// else
|
||||
// {
|
||||
protectionDomain = new ProtectionDomain(codesource,null,Thread.currentThread().getContextClassLoader(),principals);
|
||||
|
||||
// protectionDomain = new ProtectionDomain( codesource, permissions, Thread.currentThread().getContextClassLoader(), principals );
|
||||
// }
|
||||
}
|
||||
|
||||
return protectionDomain;
|
||||
|
|
|
|||
|
|
@ -75,17 +75,13 @@ public class PolicyContext
|
|||
|
||||
while (s!=null)
|
||||
{
|
||||
//System.out.println("Reviewing: " + s );
|
||||
//i1=s.indexOf("${",i2);
|
||||
i1=s.indexOf("${");
|
||||
//System.out.println("i1:" + i1);
|
||||
if (i1<0)
|
||||
{
|
||||
break;
|
||||
}
|
||||
|
||||
i2=s.indexOf("}",i1+2);
|
||||
//System.out.println("i2:" + i2);
|
||||
if (i2<0)
|
||||
{
|
||||
break;
|
||||
|
|
@ -93,9 +89,7 @@ public class PolicyContext
|
|||
|
||||
String property=getProperty(s.substring(i1+2,i2));
|
||||
|
||||
s=s.substring(0,i1)+property+s.substring(i2+1);
|
||||
|
||||
//System.out.println("expanded to: " + s);
|
||||
s=s.substring(0,i1)+property+s.substring(i2+1);
|
||||
}
|
||||
|
||||
return s;
|
||||
|
|
@ -152,7 +146,8 @@ public class PolicyContext
|
|||
private String resolve( String protocol, String data ) throws PolicyException
|
||||
{
|
||||
|
||||
if ( "self".equals( protocol ) ) { //$NON-NLS-1$
|
||||
if ( "self".equals( protocol ) )
|
||||
{
|
||||
// need expanding to list of principals in grant clause
|
||||
if ( principals != null && principals.length != 0 )
|
||||
{
|
||||
|
|
|
|||
|
|
@ -53,7 +53,8 @@ public class PrincipalEntry extends AbstractEntry
|
|||
return principal;
|
||||
}
|
||||
|
||||
// if there is no keystore, there is no way to obtain a principal object // TODO validate we need this check
|
||||
// if there is no keystore, there is no way to obtain a principal object
|
||||
// TODO validate we need this check
|
||||
if ( context.getKeystore() == null )
|
||||
{
|
||||
return null;
|
||||
|
|
|
|||
|
|
@ -27,6 +27,7 @@ import java.util.Collections;
|
|||
import java.util.Enumeration;
|
||||
import java.util.HashMap;
|
||||
import java.util.HashSet;
|
||||
import java.util.PropertyPermission;
|
||||
import java.util.Set;
|
||||
|
||||
import org.junit.Before;
|
||||
|
|
@ -47,6 +48,11 @@ public class JettyPolicyTest
|
|||
evaluator.put("basedir",MavenTestingUtils.getBaseURI().toASCIIString());
|
||||
}
|
||||
|
||||
|
||||
/**
|
||||
* Simple test for loading a policy file and validating that the AllPermission
|
||||
* was granted successfully.
|
||||
*/
|
||||
@Test
|
||||
public void testGlobalAllPermissionLoader() throws Exception
|
||||
{
|
||||
|
|
@ -62,12 +68,16 @@ public class JettyPolicyTest
|
|||
|
||||
assertTrue( pc.implies( testPerm ) );
|
||||
|
||||
for ( Enumeration<Permission> e = pc.elements(); e.hasMoreElements(); )
|
||||
{
|
||||
System.out.println( "Permission: " + e.nextElement().getClass().getName() );
|
||||
}
|
||||
// for ( Enumeration<Permission> e = pc.elements(); e.hasMoreElements(); )
|
||||
// {
|
||||
// System.out.println( "Permission: " + e.nextElement().getClass().getName() );
|
||||
// }
|
||||
}
|
||||
|
||||
/**
|
||||
* Simple test of loading a policy file with a single codebase defined that grants specific
|
||||
* FilePermission. Then test that read and write were granted but delete was not.
|
||||
*/
|
||||
@Test
|
||||
public void testSingleCodebaseFilePermissionLoader() throws Exception
|
||||
{
|
||||
|
|
@ -83,11 +93,21 @@ public class JettyPolicyTest
|
|||
|
||||
assertNotNull( pc );
|
||||
|
||||
Permission testPerm = new FilePermission( "/tmp/*", "read" );
|
||||
Permission testReadPerm = new FilePermission( "/tmp/*", "read" );
|
||||
Permission testWritePerm = new FilePermission( "/tmp/*", "write" );
|
||||
Permission testDeletePerm = new FilePermission( "/tmp/*", "delete" );
|
||||
|
||||
assertTrue( pc.implies( testPerm ) );
|
||||
assertTrue( pc.implies( testReadPerm ) );
|
||||
assertTrue( pc.implies( testWritePerm ) );
|
||||
assertFalse(pc.implies( testDeletePerm ) );
|
||||
}
|
||||
|
||||
/**
|
||||
* Tests multiple codebases in a single policy file are loaded correctly and that the various
|
||||
* grants do indeed work accordingly
|
||||
*
|
||||
* @throws Exception
|
||||
*/
|
||||
@Test
|
||||
public void testMultipleCodebaseFilePermissionLoader() throws Exception
|
||||
{
|
||||
|
|
@ -96,21 +116,51 @@ public class JettyPolicyTest
|
|||
+ "/src/test/resources/multiple-codebase-file-permission.policy" ), evaluator );
|
||||
|
||||
ap.refresh();
|
||||
|
||||
// ap.dump(System.out);
|
||||
|
||||
|
||||
// test the bar.jar codebase grant
|
||||
URL url = new URL( "file:///bar.jar" );
|
||||
CodeSource cs = new CodeSource( url, new Certificate[0]);
|
||||
|
||||
PermissionCollection pc = ap.getPermissions( cs );
|
||||
PermissionCollection barPermissionCollection = ap.getPermissions( cs );
|
||||
|
||||
assertNotNull( pc );
|
||||
assertNotNull( barPermissionCollection );
|
||||
|
||||
Permission testPerm = new FilePermission( "/tmp/*", "read,write" );
|
||||
Permission testPerm2 = new FilePermission( "/usr/*", "write" ); // only read was granted
|
||||
Permission testBarPerm = new FilePermission( "/tmp/*", "read,write" );
|
||||
Permission testBarPerm2 = new FilePermission( "/usr/*", "read" ); // only read was granted
|
||||
Permission testBarPerm3 = new FilePermission( "/usr/*", "write" ); // only read was granted
|
||||
|
||||
assertTrue( pc.implies( testPerm ) );
|
||||
assertFalse( pc.implies( testPerm2 ) );
|
||||
assertTrue( barPermissionCollection.implies( testBarPerm ) );
|
||||
assertTrue( barPermissionCollection.implies( testBarPerm2 ) );
|
||||
assertFalse( barPermissionCollection.implies( testBarPerm3 ) );
|
||||
|
||||
// test the global permission grant
|
||||
PermissionCollection globalPermissionCollection = ap.getPermissions( new ProtectionDomain( null, null ) );
|
||||
|
||||
assertNotNull( globalPermissionCollection );
|
||||
|
||||
Permission testPropertyPermission = new PropertyPermission("main.class","read");
|
||||
assertTrue( globalPermissionCollection.implies(testPropertyPermission));
|
||||
// its global so it ought to be global, double check that
|
||||
assertTrue( barPermissionCollection.implies(testPropertyPermission));
|
||||
|
||||
// test the foo.jar codebase grant
|
||||
URL fooUrl = new URL( "file:///foo.jar" );
|
||||
CodeSource fooCodeSource = new CodeSource( fooUrl, new Certificate[0]);
|
||||
|
||||
PermissionCollection fooPermissionCollection = ap.getPermissions( fooCodeSource );
|
||||
|
||||
assertNotNull( fooPermissionCollection );
|
||||
|
||||
Permission testFooPerm = new FilePermission( "/tmp/*", "read,write" );
|
||||
Permission testFooPerm2 = new FilePermission( "/tmp/*", "read,write,delete" );
|
||||
|
||||
assertTrue( fooPermissionCollection.implies(testFooPerm) );
|
||||
assertFalse( fooPermissionCollection.implies(testFooPerm2) );
|
||||
|
||||
// make sure that the foo codebase isn't getting bar permissions
|
||||
assertFalse( fooPermissionCollection.implies(testBarPerm2) );
|
||||
// but make sure that foo codebase is getting global
|
||||
assertTrue( fooPermissionCollection.implies(testPropertyPermission));
|
||||
}
|
||||
|
||||
@Test
|
||||
|
|
@ -122,18 +172,69 @@ public class JettyPolicyTest
|
|||
|
||||
ap.refresh();
|
||||
|
||||
// ap.dump(System.out);
|
||||
// test the bar.jar codebase grant
|
||||
URL url = new URL( "file:///bar.jar" );
|
||||
CodeSource cs = new CodeSource( url, new Certificate[0]);
|
||||
|
||||
PermissionCollection barPermissionCollection = ap.getPermissions( cs );
|
||||
|
||||
assertNotNull( barPermissionCollection );
|
||||
|
||||
Permission testBarPerm = new FilePermission( "/tmp/*", "read,write" );
|
||||
Permission testBarPerm2 = new FilePermission( "/usr/*", "read" );
|
||||
|
||||
assertTrue( barPermissionCollection.implies( testBarPerm ) );
|
||||
assertTrue( barPermissionCollection.implies( testBarPerm2 ) );
|
||||
|
||||
// test the global permission grant
|
||||
PermissionCollection globalPermissionCollection = ap.getPermissions( new ProtectionDomain( null, null ) );
|
||||
|
||||
assertNotNull( globalPermissionCollection );
|
||||
|
||||
Permission testPropertyPermission = new PropertyPermission("main.class","read");
|
||||
assertTrue( globalPermissionCollection.implies(testPropertyPermission));
|
||||
// its global so it ought to be global, double check that
|
||||
assertTrue( barPermissionCollection.implies(testPropertyPermission));
|
||||
|
||||
// test the foo.jar codebase grant
|
||||
URL fooUrl = new URL( "file:///foo.jar" );
|
||||
CodeSource fooCodeSource = new CodeSource( fooUrl, new Certificate[0]);
|
||||
|
||||
PermissionCollection fooPermissionCollection = ap.getPermissions( fooCodeSource );
|
||||
|
||||
assertNotNull( fooPermissionCollection );
|
||||
|
||||
Permission testFooPerm = new FilePermission( "/tmp/*", "read,write" );
|
||||
Permission testFooPerm2 = new FilePermission( "/tmp/*", "read,write,delete" );
|
||||
|
||||
assertTrue( fooPermissionCollection.implies(testFooPerm) );
|
||||
assertFalse( fooPermissionCollection.implies(testFooPerm2) );
|
||||
|
||||
// make sure that the foo codebase isn't getting bar permissions
|
||||
assertFalse( fooPermissionCollection.implies(testBarPerm2) );
|
||||
// but make sure that foo codebase is getting global
|
||||
assertTrue( fooPermissionCollection.implies(testPropertyPermission));
|
||||
}
|
||||
|
||||
/**
|
||||
* Sanity check that jetty policy file parses
|
||||
*
|
||||
* TODO insert typical jetty requirements in here to test
|
||||
*
|
||||
* @throws Exception
|
||||
*/
|
||||
@Test
|
||||
public void testSCLoader() throws Exception
|
||||
{
|
||||
JettyPolicy ap = new JettyPolicy(Collections.singleton(MavenTestingUtils.getBasedir().getAbsolutePath() + "/src/main/config/lib/policy/jetty.policy"),evaluator);
|
||||
|
||||
ap.refresh();
|
||||
ap.dump(System.out);
|
||||
}
|
||||
|
||||
/**
|
||||
* Test the simple loading of multiple files with no overlapping of security permission code sources
|
||||
* @throws Exception
|
||||
*/
|
||||
@Test
|
||||
public void testMultipleFilePermissionLoader() throws Exception
|
||||
{
|
||||
|
|
|
|||
Loading…
Reference in New Issue