Eclipse
/
jetty.project
mirror of https://github.com/jetty/jetty.project.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

remove jetty-policy from jetty9

This commit is contained in:
Jesse McConnell 2012-10-17 17:37:41 -05:00
parent a6f564e8da
commit 7a676b1c85
55 changed files with 0 additions and 4109 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

138
jetty-policy/pom.xml
View File

@ -1,138 +0,0 @@
<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/maven-v4_0_0.xsd">
<modelVersion>4.0.0</modelVersion>
<parent>
<groupId>org.eclipse.jetty</groupId>
<artifactId>jetty-project</artifactId>
<version>9.0.0-SNAPSHOT</version>
</parent>
<artifactId>jetty-policy</artifactId>
<name>Jetty :: Policy Tool</name>
<packaging>jar</packaging>
<properties>
<jetty.test.policy.loc>target/test-policy</jetty.test.policy.loc>
<bundle-symbolic-name>${project.groupId}.policy</bundle-symbolic-name>
</properties>
<build>
<plugins>
<plugin>
<groupId>org.apache.felix</groupId>
<artifactId>maven-bundle-plugin</artifactId>
<extensions>true</extensions>
<executions>
<execution>
<id>generate-manifest</id>
<goals>
<goal>manifest</goal>
</goals>
<configuration>
<instructions>
<Export-Package>org.eclipse.jetty.policy.*;version="${parsedVersion.osgiVersion}"</Export-Package>
</instructions>
</configuration>
</execution>
</executions>
</plugin>
<plugin>
<!--
Required for OSGI
-->
<groupId>org.apache.maven.plugins</groupId>
<artifactId>maven-jar-plugin</artifactId>
<configuration>
<archive>
<manifestFile>${project.build.outputDirectory}/META-INF/MANIFEST.MF</manifestFile>
</archive>
</configuration>
</plugin>
<plugin>
<groupId>org.apache.maven.plugins</groupId>
<artifactId>maven-assembly-plugin</artifactId>
<executions>
<execution>
<phase>package</phase>
<goals>
<goal>single</goal>
</goals>
<configuration>
<descriptorRefs>
<descriptorRef>config</descriptorRef>
</descriptorRefs>
</configuration>
</execution>
</executions>
</plugin>
<plugin>
<groupId>org.apache.maven.plugins</groupId>
<artifactId>maven-dependency-plugin</artifactId>
<executions>
<execution>
<id>unpack</id>
<phase>generate-test-resources</phase>
<goals>
<goal>unpack</goal>
</goals>
<configuration>
<artifactItems>
<artifactItem>
<groupId>org.eclipse.jetty.toolchain</groupId>
<artifactId>jetty-test-policy</artifactId>
<version>${jetty-test-policy-version}</version>
<type>jar</type>
<overWrite>true</overWrite>
<includes>**/*.keystore</includes>
<outputDirectory>${jetty.test.policy.loc}</outputDirectory>
</artifactItem>
</artifactItems>
</configuration>
</execution>
<execution>
<id>copy</id>
<phase>generate-test-resources</phase>
<goals>
<goal>copy</goal>
</goals>
<configuration>
<artifactItems>
<artifactItem>
<groupId>org.eclipse.jetty.toolchain</groupId>
<artifactId>jetty-test-policy</artifactId>
<version>${jetty-test-policy-version}</version>
<type>jar</type>
<overWrite>true</overWrite>
<includes>**</includes>
<outputDirectory>${jetty.test.policy.loc}</outputDirectory>
<destFileName>jetty-test-policy.jar</destFileName>
</artifactItem>
</artifactItems>
</configuration>
</execution>
</executions>
</plugin>
<plugin>
<groupId>org.codehaus.mojo</groupId>
<artifactId>findbugs-maven-plugin</artifactId>
<configuration>
<onlyAnalyze>org.eclipse.jetty.policy.*</onlyAnalyze>
</configuration>
</plugin>
</plugins>
</build>
<dependencies>
<dependency>
<groupId>org.eclipse.jetty</groupId>
<artifactId>jetty-util</artifactId>
<version>${project.version}</version>
</dependency>
<dependency>
<groupId>org.eclipse.jetty</groupId>
<artifactId>jetty-jmx</artifactId>
<version>${project.version}</version>
<optional>true</optional>
</dependency>
<dependency>
<groupId>org.eclipse.jetty.toolchain</groupId>
<artifactId>jetty-test-helper</artifactId>
<scope>test</scope>
</dependency>
</dependencies>
</project>

23
jetty-policy/src/main/config/etc/jetty-policy.xml
View File

@ -1,23 +0,0 @@
<?xml version="1.0"?>
<!DOCTYPE Configure PUBLIC "-//Jetty//Configure//EN" "http://www.eclipse.org/jetty/configure.dtd">
<!-- =============================================================== -->
<!-- mechanic for starting jetty policy -->
<!-- -->
<!-- =============================================================== -->
<Configure id="Policy" class="org.eclipse.jetty.policy.JettyPolicyConfigurator">
<Call name="setPolicyDirectory">
<Arg><Property name="jetty.home"/>/lib/policy</Arg>
</Call>
<Call name="addProperty">
<Arg>jetty.home</Arg>
<Arg><Property name="jetty.home"/></Arg>
</Call>
<Call name="initialize"/>
</Configure>

43
jetty-policy/src/main/config/lib/policy/global.policy
View File

@ -1,43 +0,0 @@
//
// These permissions are granted to all codebases whilst a security
// manager is installed and JettyPolicy is in play.
//
// Note the lack of codebase declared.
grant {
// allows anyone to listen on un-privileged ports
permission java.net.SocketPermission "localhost:1024-", "listen";
permission java.net.SocketPermission "localhost:1024-", "accept";
permission java.security.SecurityPermission "putProviderProperty.SunJCE";
permission java.util.PropertyPermission "org.eclipse.jetty.io.nio.JVMBUG_THRESHHOLD", "read, write";
// "standard" properties that can be read by anyone
permission java.util.PropertyPermission "entityExpansionLimit", "read";
permission java.util.PropertyPermission "elementAttributeLimit", "read";
permission java.util.PropertyPermission "maxOccurLimit", "read";
permission java.util.PropertyPermission "java.version", "read";
permission java.util.PropertyPermission "java.vendor", "read";
permission java.util.PropertyPermission "java.vendor.url", "read";
permission java.util.PropertyPermission "java.class.version", "read";
permission java.util.PropertyPermission "os.name", "read";
permission java.util.PropertyPermission "os.version", "read";
permission java.util.PropertyPermission "os.arch", "read";
permission java.util.PropertyPermission "file.separator", "read";
permission java.util.PropertyPermission "path.separator", "read";
permission java.util.PropertyPermission "line.separator", "read";
permission java.util.PropertyPermission "java.io.tmpdir", "read";
permission java.util.PropertyPermission "java.specification.version", "read";
permission java.util.PropertyPermission "java.specification.vendor", "read";
permission java.util.PropertyPermission "java.specification.name", "read";
permission java.util.PropertyPermission "java.vm.specification.version", "read";
permission java.util.PropertyPermission "java.vm.specification.vendor", "read";
permission java.util.PropertyPermission "java.vm.specification.name", "read";
permission java.util.PropertyPermission "java.vm.version", "read";
permission java.util.PropertyPermission "java.vm.vendor", "read";
permission java.util.PropertyPermission "java.vm.name", "read";
};

54
jetty-policy/src/main/config/lib/policy/jetty-jmx.policy
View File

@ -1,54 +0,0 @@
// This file contains permissions related to jmx support
grant codeBase "file:${jetty.home}${/}lib${/}-" {
// related to using JMX
permission javax.management.MBeanTrustPermission "register";
permission javax.management.MBeanPermission "org.eclipse.jetty.client.HttpClient#-[org.eclipse.jetty.client:*,type=httpclient]", "registerMBean,unregisterMBean";
permission javax.management.MBeanPermission "org.eclipse.jetty.deploy.ContextDeployer#-[org.eclipse.jetty.deploy:id=0,type=contextdeployer]", "registerMBean,unregisterMBean";
permission javax.management.MBeanPermission "org.eclipse.jetty.deploy.DeploymentManager#-[org.eclipse.jetty.deploy:id=0,type=deploymentmanager]", "registerMBean,unregisterMBean";
permission javax.management.MBeanPermission "org.eclipse.jetty.deploy.WebAppDeployer#-[org.eclipse.jetty.deploy:id=0,type=webappdeployer]", "registerMBean,unregisterMBean";
permission javax.management.MBeanPermission "org.eclipse.jetty.deploy.providers.ContextProvider#-[org.eclipse.jetty.deploy.providers:id=0,type=contextprovider]", "registerMBean,unregisterMBean";
permission javax.management.MBeanPermission "org.eclipse.jetty.jmx.MBeanContainer#-[org.eclipse.jetty.jmx:id=0,type=mbeancontainer]", "registerMBean,unregisterMBean";
permission javax.management.MBeanPermission "org.eclipse.jetty.server.handler.ContextHandler#-[org.eclipse.jetty.server.handler:*]", "registerMBean,unregisterMBean";
permission javax.management.MBeanPermission "org.eclipse.jetty.server.handler.ResourceHandler#-[org.eclipse.jetty.server.handler:*]", "registerMBean,unregisterMBean";
permission javax.management.MBeanPermission "org.eclipse.jetty.server.handler.ContextHandlerCollection#-[org.eclipse.jetty.server.handler:*]", "registerMBean,unregisterMBean";
permission javax.management.MBeanPermission "org.eclipse.jetty.server.handler.DefaultHandler#-[org.eclipse.jetty.server.handler:*]", "registerMBean,unregisterMBean";
permission javax.management.MBeanPermission "org.eclipse.jetty.server.handler.ErrorHandler#-[org.eclipse.jetty.server.handler:*]", "registerMBean,unregisterMBean";
permission javax.management.MBeanPermission "org.eclipse.jetty.server.handler.HandlerCollection#-[org.eclipse.jetty.server.handler:*]", "registerMBean,unregisterMBean";
permission javax.management.MBeanPermission "org.eclipse.jetty.server.handler.MovedContextHandler#-[org.eclipse.jetty.server.handler:*]", "registerMBean,unregisterMBean";
permission javax.management.MBeanPermission "org.eclipse.jetty.server.handler.MovedContextHandler$Redirector#-[org.eclipse.jetty.server.handler:*]", "registerMBean,unregisterMBean";
permission javax.management.MBeanPermission "org.eclipse.jetty.server.handler.RequestLogHandler#-[org.eclipse.jetty.server.handler:*]", "registerMBean,unregisterMBean";
permission javax.management.MBeanPermission "org.eclipse.jetty.server.NCSARequestLog#-[org.eclipse.jetty.server:id=0,type=ncsarequestlog]", "registerMBean,unregisterMBean";
permission javax.management.MBeanPermission "org.eclipse.jetty.server.session.HashSessionIdManager#-[org.eclipse.jetty.server.session:*]", "registerMBean,unregisterMBean";
permission javax.management.MBeanPermission "org.eclipse.jetty.server.session.HashSessionManager#-[org.eclipse.jetty.server.session:*]", "registerMBean,unregisterMBean";
permission javax.management.MBeanPermission "org.eclipse.jetty.server.session.SessionHandler#-[org.eclipse.jetty.server.session:*]", "registerMBean,unregisterMBean";
permission javax.management.MBeanPermission "org.eclipse.jetty.server.Server#-[org.eclipse.jetty.server:*]", "registerMBean,unregisterMBean";
permission javax.management.MBeanPermission "org.eclipse.jetty.server.ssl.SslSelectChannelConnector#-[org.eclipse.jetty.server.ssl:id=0,type=sslselectchannelconnector]", "registerMBean,unregisterMBean";
permission javax.management.MBeanPermission "org.eclipse.jetty.servlet.ServletMapping#-[org.eclipse.jetty.servlet:*]", "registerMBean,unregisterMBean";
permission javax.management.MBeanPermission "org.eclipse.jetty.servlet.ServletHolder#-[org.eclipse.jetty.servlet:*]", "registerMBean,unregisterMBean";
permission javax.management.MBeanPermission "org.eclipse.jetty.servlet.ServletHandler#-[org.eclipse.jetty.servlet:*]", "registerMBean,unregisterMBean";
permission javax.management.MBeanPermission "org.eclipse.jetty.security.ConstraintSecurityHandler#-[org.eclipse.jetty.security:*]", "registerMBean,unregisterMBean";
permission javax.management.MBeanPermission "org.eclipse.jetty.security.HashLoginService#-[org.eclipse.jetty.security:*]", "registerMBean,unregisterMBean";
permission javax.management.MBeanPermission "org.eclipse.jetty.servlet.ErrorPageErrorHandler#-[org.eclipse.jetty.servlet:*]", "registerMBean,unregisterMBean";
permission javax.management.MBeanPermission "org.eclipse.jetty.servlet.FilterHolder#-[org.eclipse.jetty.servlet:*]", "registerMBean,unregisterMBean";
permission javax.management.MBeanPermission "org.eclipse.jetty.servlet.FilterMapping#-[org.eclipse.jetty.servlet:*]", "registerMBean,unregisterMBean";
permission javax.management.MBeanPermission "org.eclipse.jetty.util.log.Slf4jLog#-[org.eclipse.jetty.util.log:*]", "registerMBean,unregisterMBean";
permission javax.management.MBeanPermission "org.eclipse.jetty.util.log.StdErrLog#-[org.eclipse.jetty.util.log:*]", "registerMBean,unregisterMBean";
permission javax.management.MBeanPermission "org.eclipse.jetty.util.Scanner#-[org.eclipse.jetty.util:*]", "registerMBean,unregisterMBean";
permission javax.management.MBeanPermission "org.eclipse.jetty.util.thread.QueuedThreadPool#-[org.eclipse.jetty.util.thread:*]", "registerMBean,unregisterMBean";
permission javax.management.MBeanPermission "org.eclipse.jetty.webapp.WebAppContext#-[org.eclipse.jetty.webapp:*]", "registerMBean,unregisterMBean";
permission javax.management.MBeanPermission "org.eclipse.jetty.policy.JettyPolicy#-[org.eclipse.jetty.policy:*]", "registerMBean,unregisterMBean";
}

40
jetty-policy/src/main/config/lib/policy/jetty-start.policy
View File

@ -1,40 +0,0 @@
// This file contains permissions necessary for jetty-start to operate and to
// bootstrap jetty
//
// Once the required processing in jetty-start has completed jetty itself
// is started via XmlConfiguration which executes under AccessController
// doPrivledged freeing any further permissions being required to this
// module.
grant codeBase "file:${jetty.home}${/}start.jar" {
permission java.io.FilePermission "${jetty.home}${/}-", "read";
permission java.lang.RuntimePermission "createClassLoader";
permission java.lang.RuntimePermission "setContextClassLoader";
permission java.security.SecurityPermission "getPolicy";
permission java.lang.RuntimePermission "accessDeclaredMembers";
permission java.util.PropertyPermission "jetty.home", "read, write";
permission java.util.PropertyPermission "user.home", "read";
permission java.util.PropertyPermission "jetty.class.path", "read, write";
permission java.util.PropertyPermission "java.class.path", "read, write";
permission java.util.PropertyPermission "repository", "read, write";
permission java.util.PropertyPermission "jetty.lib", "read";
permission java.util.PropertyPermission "jetty.server", "read";
permission java.util.PropertyPermission "jetty.host", "read";
permission java.util.PropertyPermission "jetty.port", "read";
permission java.util.PropertyPermission "start.class", "read";
permission java.util.PropertyPermission "main.class", "read";
permission java.util.PropertyPermission "ISO_8859_1", "read";
permission javax.security.auth.AuthPermission "modifyPrincipals";
permission javax.security.auth.AuthPermission "modifyPrivateCredentials";
permission javax.security.auth.AuthPermission "setReadOnly";
permission java.lang.RuntimePermission "getClassLoader";
}

19
jetty-policy/src/main/config/lib/policy/jetty-work.policy
View File

@ -1,19 +0,0 @@
//
// This file contains permissions for the work directory of jetty.
//
// Typical usage of secured jetty implies usage of a standard work
// style directory that web applications are unpacked into. These specific
// web applications should have their own policy files however this
// file exists to provide a codebase that all webapps under a certain code
// base can be given should there not be a more exclusive policy file
// provided.
grant codeBase "file:${jetty.home${/}work${/}-" {
permission java.io.FilePermission "${jetty.home}${/}webapps${/}-", "read"; // Ought to go up a specific codebase
permission java.io.FilePermission "${jetty.home}${/}work${/}-", "read";
permission java.util.PropertyPermission "org.eclipse.jetty.util.log.class", "read";
permission java.util.PropertyPermission "org.eclipse.jetty.util.log.stderr.DEBUG", "read";
permission java.util.PropertyPermission "org.eclipse.jetty.util.log.IGNORED", "read";
};

96
jetty-policy/src/main/config/lib/policy/jetty.policy
View File

@ -1,96 +0,0 @@
// This file governs the permissions directly granted to all jar files
// listed under the jetty.home/lib directory.
//
// Review of this file is recommended and possible tweaking of the codeBase
// is likely in the future.
grant codeBase "file:${jetty.home}${/}lib${/}-" {
permission java.lang.RuntimePermission "getClassLoader";
permission java.util.PropertyPermission "org.eclipse.jetty.webapp.WebAppClassLoader.extensions", "read";
permission java.util.PropertyPermission "org.eclipse.jetty.ajp.PathMap.separators", "read";
permission java.util.PropertyPermission "ROLLOVERFILE_BACKUP_FORMAT", "read";
permission java.util.PropertyPermission "org.eclipse.jetty.server.webapp.parentLoaderPriority", "read";
permission java.util.PropertyPermission "org.eclipse.jetty.server.Request.maxFormContentSize", "read";
permission javax.security.auth.AuthPermission "modifyPrincipals";
permission javax.security.auth.AuthPermission "modifyPrivateCredentials";
permission javax.security.auth.AuthPermission "setReadOnly";
permission java.io.FilePermission "${jetty.home}${/}-", "read";
permission java.io.FilePermission "${java.io.tmpdir}", "read, write";
permission java.io.FilePermission "${java.io.tmpdir}${/}-", "read, write";
permission java.io.FilePermission "${/}private${/}${java.io.tmpdir}", "read, write";
permission java.io.FilePermission "${/}private${/}${java.io.tmpdir}${/}-", "read, write";
permission java.io.FilePermission "${jetty.home}${/}lib${/}policy${/}-", "read";
permission java.io.FilePermission "${java.io.tmpdir}${/}-", "delete";
permission java.io.FilePermission "${jetty.home}${/}logs", "read, write";
permission java.io.FilePermission "${jetty.home}${/}logs${/}*", "read, write";
permission java.lang.RuntimePermission "createClassLoader";
permission java.lang.RuntimePermission "setContextClassLoader";
permission java.security.SecurityPermission "getPolicy";
permission java.lang.RuntimePermission "accessDeclaredMembers";
// jetty specific properties
permission java.util.PropertyPermission "org.eclipse.jetty.util.log.class", "read";
permission java.util.PropertyPermission "org.eclipse.jetty.util.log.stderr.DEBUG", "read";
permission java.util.PropertyPermission "org.eclipse.jetty.util.log.DEBUG", "read";
permission java.util.PropertyPermission "START", "read";
permission java.util.PropertyPermission "STOP.PORT", "read";
permission java.util.PropertyPermission "STOP.KEY", "read";
permission java.util.PropertyPermission "org.eclipse.jetty.util.log.IGNORED", "read";
permission java.util.PropertyPermission "CLASSPATH", "read";
permission java.util.PropertyPermission "OPTIONS", "read";
permission java.util.PropertyPermission "JETTY_NO_SHUTDOWN_HOOK", "read";
permission java.util.PropertyPermission "ISO_8859_1", "read";
permission java.util.PropertyPermission "jetty.home", "read, write";
permission java.util.PropertyPermission "user.home", "read";
permission java.util.PropertyPermission "user.dir", "read";
permission java.util.PropertyPermission "jetty.class.path", "read, write";
permission java.util.PropertyPermission "java.class.path", "read, write";
permission java.util.PropertyPermission "jetty.lib", "read";
permission java.util.PropertyPermission "jetty.server", "read";
permission java.util.PropertyPermission "jetty.host", "read";
permission java.util.PropertyPermission "jetty.port", "read";
permission java.util.PropertyPermission "org.eclipse.jetty.util.log.stderr.class", "read";
permission java.util.PropertyPermission "org.eclipse.jetty.util.URI.charset", "read";
permission java.util.PropertyPermission "org.eclipse.jetty.util.FileResource.checkAliases", "read";
permission java.util.PropertyPermission "org.eclipse.jetty.xml.XmlParser.Validating", "read";
permission java.util.PropertyPermission "org.eclipse.jetty.io.nio.JVMBUG_THRESHHOLD", "read, write";
permission java.util.PropertyPermission "org.eclipse.jetty.util.TypeUtil.IntegerCacheSize", "read, write";
permission java.util.PropertyPermission "org.eclipse.jetty.util.TypeUtil.LongCacheSize", "read";
permission java.util.PropertyPermission "org.eclipse.jetty.io.AbstractBuffer.boundsChecking", "read";
// provides access to webapps
permission java.io.FilePermission "${jetty.home}${/}webapps${/}-", "read"; // Ought to go up a specific codebase
// Allows any thread to stop itself using the java.lang.Thread.stop()
// method that takes no argument.
permission java.lang.RuntimePermission "stopThread";
// jsp support
permission java.net.SocketPermission "java.sun.com:80", "connect,resolve";
};

30
jetty-policy/src/main/config/lib/policy/temp-dirs.policy
View File

@ -1,30 +0,0 @@
// This file contains permissions for various temporary directories that
// jetty might operate under.
//
// Careful auditing of this file is recommended for your particular use case
//
// the tmp directory is where webapps are unpacked by default so setup their restricted permissions
//
grant codeBase "file:${java.io.tmpdir}${/}" {
permission java.io.FilePermission "${jetty.home}${/}webapps${/}-", "read"; // Ought to go up a specific codebases
permission java.io.FilePermission "${java.io.tmpdir}${/}-", "read";
permission java.util.PropertyPermission "org.eclipse.jetty.util.log.class", "read";
permission java.util.PropertyPermission "org.eclipse.jetty.util.log.IGNORED", "read";
permission java.util.PropertyPermission "org.eclipse.jetty.util.log.stderr.DEBUG", "read";
};
//
// some operating systems have tmp as a symbolic link to /private/tmp
//
grant codeBase "file:/private${java.io.tmpdir}${/}-" {
permission java.io.FilePermission "${jetty.home}${/}webapps${/}-", "read"; // Ought to go up a specific codebase
permission java.io.FilePermission "/private/${java.io.tmpdir}${/}-", "read";
permission java.util.PropertyPermission "org.eclipse.jetty.util.log.class", "read";
permission java.util.PropertyPermission "org.eclipse.jetty.util.log.stderr.DEBUG", "read";
permission java.util.PropertyPermission "org.eclipse.jetty.util.log.IGNORED", "read";
};

462
jetty-policy/src/main/java/org/eclipse/jetty/policy/JettyPolicy.java
View File

@ -1,462 +0,0 @@
//
// ========================================================================
// Copyright (c) 1995-2012 Mort Bay Consulting Pty. Ltd.
// ------------------------------------------------------------------------
// All rights reserved. This program and the accompanying materials
// are made available under the terms of the Eclipse Public License v1.0
// and Apache License v2.0 which accompanies this distribution.
//
// The Eclipse Public License is available at
// http://www.eclipse.org/legal/epl-v10.html
//
// The Apache License v2.0 is available at
// http://www.opensource.org/licenses/apache2.0.php
//
// You may elect to redistribute this code under either of these licenses.
// ========================================================================
//
package org.eclipse.jetty.policy;
import java.io.PrintStream;
import java.io.PrintWriter;
import java.security.AccessControlException;
import java.security.CodeSource;
import java.security.Permission;
import java.security.PermissionCollection;
import java.security.Permissions;
import java.security.Policy;
import java.security.Principal;
import java.security.ProtectionDomain;
import java.security.cert.Certificate;
import java.security.cert.CertificateException;
import java.util.Enumeration;
import java.util.HashSet;
import java.util.Iterator;
import java.util.Map;
import java.util.Set;
import java.util.concurrent.ConcurrentHashMap;
import org.eclipse.jetty.util.log.Log;
import org.eclipse.jetty.util.log.Logger;
import org.eclipse.jetty.util.security.CertificateValidator;
/**
* Policy implementation that will load a set of policy files and manage the mapping of permissions and protection domains
*
* Features of JettyPolicy are:
*
* - we are able to follow the startup mechanic that jetty uses with jetty-start using OPTIONS=policy,default to be able to startup a security manager and policy implementation without have to rely on the existing JVM cli options
* - support for specifying multiple policy files to source permissions from
* - support for merging protection domains across multiple policy files for the same codesource
* - support for directories of policy files, just specify directory and all *.policy files will be loaded.
* Possible additions are:
* - scan policy directory for new policy files being added
* - jmx reporting
* - proxying of system security policy where we can proxy access to the system policy should the jvm have been started with one, I had support for this but ripped it
* out to add in again later
* - an xml policy file parser, had originally added this using modello but tore it out since it would have been a
* nightmare to get its dependencies through IP validation, could do this with jvm xml parser instead sometime
* - check performance of the synch'd map I am using for the protection domain mapping
*/
public class JettyPolicy extends Policy
{
private static final Logger LOG = Log.getLogger(JettyPolicy.class);
private static boolean __DEBUG = false;
private static boolean __RELOAD = false;
private boolean _STARTED = false;
private String _policyDirectory;
private final Set<PolicyBlock> _grants = new HashSet<PolicyBlock>();
/*
* TODO: make into a proper cache
*/
private final Map<Object, PermissionCollection> _cache = new ConcurrentHashMap<Object, PermissionCollection>();
private final static PolicyContext _context = new PolicyContext();
private CertificateValidator _validator = null;
private PolicyMonitor _policyMonitor = new PolicyMonitor()
{
@Override
public void onPolicyChange(PolicyBlock grant)
{
boolean setGrant = true;
if ( _validator != null )
{
if (grant.getCertificates() != null)
{
for ( Certificate cert : grant.getCertificates() )
{
try
{
_validator.validate(_context.getKeystore(), cert);
}
catch ( CertificateException ce )
{
setGrant = false;
}
}
}
}
if ( setGrant )
{
_grants.add( grant );
_cache.clear();
}
}
};
public JettyPolicy(String policyDirectory, Map<String, String> properties)
{
try
{
__RELOAD = Boolean.getBoolean("org.eclipse.jetty.policy.RELOAD");
__DEBUG = Boolean.getBoolean("org.eclipse.jetty.policy.DEBUG");
}
catch (AccessControlException ace)
{
__RELOAD = false;
__DEBUG = false;
}
_policyDirectory = policyDirectory;
_context.setProperties(properties);
try
{
_policyMonitor.setPolicyDirectory(_policyDirectory);
//_policyMonitor.setReload( __RELOAD );
}
catch ( Exception e)
{
throw new PolicyException(e);
}
}
@Override
public void refresh()
{
if ( !_STARTED )
{
initialize();
}
}
/**
* required for the jetty policy to start function, initializes the
* policy monitor and blocks for a full cycle of policy grant updates
*/
public void initialize()
{
if ( _STARTED )
{
return;
}
try
{
_policyMonitor.start();
_policyMonitor.waitForScan();
}
catch (Exception e)
{
e.printStackTrace();
throw new PolicyException(e);
}
_STARTED = true;
}
@Override
public PermissionCollection getPermissions(ProtectionDomain domain)
{
if (!_STARTED)
{
throw new PolicyException("JettyPolicy must be started.");
}
synchronized (_cache)
{
if (_cache.containsKey(domain))
{
return copyOf(_cache.get(domain));
}
PermissionCollection perms = new Permissions();
for (Iterator<PolicyBlock> i = _grants.iterator(); i.hasNext();)
{
PolicyBlock policyBlock = i.next();
ProtectionDomain grantPD = policyBlock.toProtectionDomain();
if (__DEBUG)
{
debug("----START----");
debug("PDCS: " + policyBlock.getCodeSource());
debug("CS: " + domain.getCodeSource());
}
// 1) if protection domain codesource is null, it is the global permissions (grant {})
// 2) if protection domain codesource implies target codesource and there are no prinicpals
if (grantPD.getCodeSource() == null
||
grantPD.getCodeSource().implies(domain.getCodeSource())
&&
grantPD.getPrincipals() == null
||
grantPD.getCodeSource().implies(domain.getCodeSource())
&&
validate(grantPD.getPrincipals(),domain.getPrincipals()))
{
for (Enumeration<Permission> e = policyBlock.getPermissions().elements(); e.hasMoreElements();)
{
Permission perm = e.nextElement();
if (__DEBUG)
{
debug("D: " + perm);
}
perms.add(perm);
}
}
if (__DEBUG)
{
debug("----STOP----");
}
}
_cache.put(domain,perms);
return copyOf(perms);
}
}
@Override
public PermissionCollection getPermissions(CodeSource codesource)
{
if (!_STARTED)
{
throw new PolicyException("JettyPolicy must be started.");
}
synchronized (_cache)
{
if (_cache.containsKey(codesource))
{
return copyOf(_cache.get(codesource));
}
PermissionCollection perms = new Permissions();
for (Iterator<PolicyBlock> i = _grants.iterator(); i.hasNext();)
{
PolicyBlock policyBlock = i.next();
ProtectionDomain grantPD = policyBlock.toProtectionDomain();
if (grantPD.getCodeSource() == null
||
grantPD.getCodeSource().implies(codesource))
{
if (__DEBUG)
{
debug("----START----");
debug("PDCS: " + grantPD.getCodeSource());
debug("CS: " + codesource);
}
for (Enumeration<Permission> e = policyBlock.getPermissions().elements(); e.hasMoreElements();)
{
Permission perm = e.nextElement();
if (__DEBUG)
{
debug("D: " + perm);
}
perms.add(perm);
}
if (__DEBUG)
{
debug("----STOP----");
}
}
}
_cache.put(codesource,perms);
return copyOf(perms);
}
}
@Override
public boolean implies(ProtectionDomain domain, Permission permission)
{
if (!_STARTED)
{
throw new PolicyException("JettyPolicy must be started.");
}
PermissionCollection pc = getPermissions(domain);
return (pc == null ? false : pc.implies(permission));
}
private static boolean validate(Principal[] permCerts, Principal[] classCerts)
{
if (classCerts == null)
{
return false;
}
for (int i = 0; i < permCerts.length; ++i)
{
boolean found = false;
for (int j = 0; j < classCerts.length; ++j)
{
if (permCerts[i].equals(classCerts[j]))
{
found = true;
break;
}
}
// if we didn't find the permCert in the classCerts then we don't match up
if (found == false)
{
return false;
}
}
return true;
}
/**
* returns the policy context which contains the map of properties that
* can be referenced in policy files and the keystore for validation
*
* @return the policy context
*/
public static PolicyContext getContext()
{
return _context;
}
/**
* Try and log to normal logging channels and should that not be allowed
* debug to system.out
*
* @param message
*/
private void debug( String message )
{
try
{
LOG.info(message);
}
catch ( AccessControlException ace )
{
System.out.println( "[DEBUG] " + message );
}
catch ( NoClassDefFoundError ace )
{
System.out.println( "[DEBUG] " + message );
//ace.printStackTrace();
}
}
/**
* Try and log to normal logging channels and should that not be allowed
* log to system.out
*
* @param message
*/
private void log( String message )
{
log( message, null );
}
/**
* Try and log to normal logging channels and should that not be allowed
* log to system.out
*
* @param message
*/
private void log( String message, Throwable t )
{
try
{
LOG.info(message, t);
}
catch ( AccessControlException ace )
{
System.out.println( message );
t.printStackTrace();
}
catch ( NoClassDefFoundError ace )
{
System.out.println( message );
t.printStackTrace();
}
}
public void dump(PrintStream out)
{
PrintWriter write = new PrintWriter(out);
write.println("JettyPolicy: policy settings dump");
synchronized (_cache)
{
for (Iterator<Object> i = _cache.keySet().iterator(); i.hasNext();)
{
Object o = i.next();
write.println(o.toString());
}
}
write.flush();
}
private PermissionCollection copyOf(final PermissionCollection in)
{
PermissionCollection out = new Permissions();
synchronized (in)
{
for (Enumeration<Permission> el = in.elements() ; el.hasMoreElements() ;)
{
out.add((Permission)el.nextElement());
}
}
return out;
}
public CertificateValidator getCertificateValidator()
{
return _validator;
}
public void setCertificateValidator(CertificateValidator validator)
{
if (_STARTED)
{
throw new PolicyException("JettyPolicy already started, unable to set validator on running policy");
}
_validator = validator;
}
}

58
jetty-policy/src/main/java/org/eclipse/jetty/policy/JettyPolicyConfigurator.java
View File

@ -1,58 +0,0 @@
//
// ========================================================================
// Copyright (c) 1995-2012 Mort Bay Consulting Pty. Ltd.
// ------------------------------------------------------------------------
// All rights reserved. This program and the accompanying materials
// are made available under the terms of the Eclipse Public License v1.0
// and Apache License v2.0 which accompanies this distribution.
//
// The Eclipse Public License is available at
// http://www.eclipse.org/legal/epl-v10.html
//
// The Apache License v2.0 is available at
// http://www.opensource.org/licenses/apache2.0.php
//
// You may elect to redistribute this code under either of these licenses.
// ========================================================================
//
package org.eclipse.jetty.policy;
import java.security.Policy;
import java.util.HashMap;
import java.util.Map;
/**
*
*
*/
public class JettyPolicyConfigurator
{
String _policyDirectory;
Map<String, String> _properties = new HashMap<String,String>();
public JettyPolicyConfigurator()
{
}
public void setPolicyDirectory( String policyDirectory )
{
_policyDirectory = policyDirectory;
}
public void addProperty( String name, String value )
{
_properties.put(name,value);
}
public void initialize()
{
JettyPolicy jpolicy = new JettyPolicy(_policyDirectory,_properties);
jpolicy.refresh();
Policy.setPolicy(jpolicy);
System.setSecurityManager(new SecurityManager());
}
}

102
jetty-policy/src/main/java/org/eclipse/jetty/policy/PolicyBlock.java
View File

@ -1,102 +0,0 @@
//
// ========================================================================
// Copyright (c) 1995-2012 Mort Bay Consulting Pty. Ltd.
// ------------------------------------------------------------------------
// All rights reserved. This program and the accompanying materials
// are made available under the terms of the Eclipse Public License v1.0
// and Apache License v2.0 which accompanies this distribution.
//
// The Eclipse Public License is available at
// http://www.eclipse.org/legal/epl-v10.html
//
// The Apache License v2.0 is available at
// http://www.opensource.org/licenses/apache2.0.php
//
// You may elect to redistribute this code under either of these licenses.
// ========================================================================
//
package org.eclipse.jetty.policy;
import java.security.CodeSource;
import java.security.KeyStore;
import java.security.PermissionCollection;
import java.security.Principal;
import java.security.ProtectionDomain;
import java.security.cert.Certificate;
import java.util.Set;
public class PolicyBlock
{
public CodeSource codesource;
public KeyStore keyStore;
public Set<Certificate> certificates;
public Principal[] principals;
public PermissionCollection permissions;
private ProtectionDomain protectionDomain;
public ProtectionDomain toProtectionDomain()
{
if ( protectionDomain == null )
{
protectionDomain = new ProtectionDomain(codesource,null,Thread.currentThread().getContextClassLoader(),principals);
}
return protectionDomain;
}
public KeyStore getKeyStore()
{
return keyStore;
}
public void setKeyStore(KeyStore keyStore)
{
this.keyStore = keyStore;
}
public CodeSource getCodeSource()
{
return codesource;
}
public void setCodeSource( CodeSource codesource )
{
this.codesource = codesource;
}
public Set<Certificate> getCertificates()
{
return certificates;
}
public void setCertificates( Set<Certificate> certificates )
{
this.certificates = certificates;
}
public Principal[] getPrincipals()
{
return principals;
}
public void setPrincipals( Principal[] principals )
{
this.principals = principals;
}
public PermissionCollection getPermissions()
{
return permissions;
}
public void setPermissions( PermissionCollection permissions )
{
this.permissions = permissions;
}
}

200
jetty-policy/src/main/java/org/eclipse/jetty/policy/PolicyContext.java
View File

@ -1,200 +0,0 @@
//
// ========================================================================
// Copyright (c) 1995-2012 Mort Bay Consulting Pty. Ltd.
// ------------------------------------------------------------------------
// All rights reserved. This program and the accompanying materials
// are made available under the terms of the Eclipse Public License v1.0
// and Apache License v2.0 which accompanies this distribution.
//
// The Eclipse Public License is available at
// http://www.eclipse.org/legal/epl-v10.html
//
// The Apache License v2.0 is available at
// http://www.opensource.org/licenses/apache2.0.php
//
// You may elect to redistribute this code under either of these licenses.
// ========================================================================
//
package org.eclipse.jetty.policy;
import java.io.File;
import java.security.KeyStore;
import java.security.Principal;
import java.security.cert.Certificate;
import java.security.cert.X509Certificate;
import java.util.HashMap;
import java.util.Map;
public class PolicyContext
{
private Map<String, String> properties = new HashMap<String, String>();
private Principal[] principals;
private KeyStore keystore;
public PolicyContext()
{
// special property case for resolving ${/} to native separator
properties.put( "/", File.separator );
}
public void addProperty( String name, String value )
{
this.properties.put( name, value );
}
public void setProperties( Map<String,String> properties )
{
this.properties.putAll( properties );
}
public KeyStore getKeystore()
{
return keystore;
}
public void setKeystore( KeyStore keystore )
{
this.keystore = keystore;
}
public Principal[] getPrincipals()
{
return principals;
}
public void setPrincipals( Principal[] principals )
{
this.principals = principals;
}
public String evaluate(String s) throws PolicyException
{
s = processProtocols( s );
int i1=0;
int i2=0;
while (s!=null)
{
i1=s.indexOf("${");
if (i1<0)
{
break;
}
i2=s.indexOf("}",i1+2);
if (i2<0)
{
break;
}
String property=getProperty(s.substring(i1+2,i2));
s=s.substring(0,i1)+property+s.substring(i2+1);
}
return s;
}
private String processProtocols( String s ) throws PolicyException
{
int i1=0;
int i2=0;
while (s!=null)
{
i1=s.indexOf("${{");
if (i1<0)
{
break;
}
i2=s.indexOf("}}",i1+2);
if (i2<0)
{
break;
}
String property;
String target = s.substring(i1+3,i2);
if ( target.indexOf( ":" ) >= 0 )
{
String[] resolve = target.split( ":" );
property = resolve(resolve[0], resolve[1] );
}
else
{
property = resolve( target, null );
}
s=s.substring(0,i1)+property+s.substring(i2+2);
}
return s;
}
public String getProperty(String name)
{
if (properties.containsKey(name))
{
return properties.get(name);
}
return System.getProperty(name);
}
private String resolve( String protocol, String data ) throws PolicyException
{
if ( "self".equals( protocol ) )
{
// need expanding to list of principals in grant clause
if ( principals != null && principals.length != 0 )
{
StringBuilder sb = new StringBuilder();
for ( int i = 0; i < principals.length; ++i )
{
sb.append( principals[i].getClass().getName() );
sb.append( " \"" );
sb.append( principals[i].getName() );
sb.append( "\" " );
}
return sb.toString();
}
else
{
throw new PolicyException( "self can not be expanded, missing principals" );
}
}
if ( "alias".equals( protocol ) )
{
try
{
Certificate cert = keystore.getCertificate(data);
if ( cert instanceof X509Certificate )
{
Principal principal = ((X509Certificate) cert).getSubjectX500Principal();
StringBuilder sb = new StringBuilder();
sb.append( principal.getClass().getName() );
sb.append( " \"" );
sb.append( principal.getName() );
sb.append( "\" " );
return sb.toString();
}
else
{
throw new PolicyException( "alias can not be expanded, bad cert" );
}
}
catch ( Exception e )
{
throw new PolicyException( "alias can not be expanded: " + data );
}
}
throw new PolicyException( "unknown protocol: " + protocol );
}
}

45
jetty-policy/src/main/java/org/eclipse/jetty/policy/PolicyException.java
View File

@ -1,45 +0,0 @@
//
// ========================================================================
// Copyright (c) 1995-2012 Mort Bay Consulting Pty. Ltd.
// ------------------------------------------------------------------------
// All rights reserved. This program and the accompanying materials
// are made available under the terms of the Eclipse Public License v1.0
// and Apache License v2.0 which accompanies this distribution.
//
// The Eclipse Public License is available at
// http://www.eclipse.org/legal/epl-v10.html
//
// The Apache License v2.0 is available at
// http://www.opensource.org/licenses/apache2.0.php
//
// You may elect to redistribute this code under either of these licenses.
// ========================================================================
//
package org.eclipse.jetty.policy;
@SuppressWarnings("serial")
public class PolicyException extends RuntimeException
{
public PolicyException()
{
super();
}
public PolicyException( final String message, final Throwable cause)
{
super( message, cause );
}
public PolicyException( final String message )
{
super( message );
}
public PolicyException( final Throwable cause )
{
super( cause );
}
}

328
jetty-policy/src/main/java/org/eclipse/jetty/policy/PolicyMonitor.java
View File

@ -1,328 +0,0 @@
//
// ========================================================================
// Copyright (c) 1995-2012 Mort Bay Consulting Pty. Ltd.
// ------------------------------------------------------------------------
// All rights reserved. This program and the accompanying materials
// are made available under the terms of the Eclipse Public License v1.0
// and Apache License v2.0 which accompanies this distribution.
//
// The Eclipse Public License is available at
// http://www.eclipse.org/legal/epl-v10.html
//
// The Apache License v2.0 is available at
// http://www.opensource.org/licenses/apache2.0.php
//
// You may elect to redistribute this code under either of these licenses.
// ========================================================================
//
package org.eclipse.jetty.policy;
import java.io.File;
import java.io.FileInputStream;
import java.util.ArrayList;
import java.util.List;
import java.util.Set;
import java.util.concurrent.CountDownLatch;
import java.util.concurrent.atomic.AtomicInteger;
import org.eclipse.jetty.policy.loader.DefaultPolicyLoader;
import org.eclipse.jetty.util.Scanner;
import org.eclipse.jetty.util.component.AbstractLifeCycle;
/**
* PolicyMonitor watches a directory for files ending in the *.policy extension,
* loads them and detects when they change. PolicyGrants are peeped out the
* onPolicyChange method to whoever is using this monitor.
*
*/
public abstract class PolicyMonitor extends AbstractLifeCycle
{
/**
* the directory to be scanned for policy files.
*/
private String _policyDirectory;
/**
* instance of the scanner that detects policy files
*/
private Scanner _scanner;
/**
* true if updates to policy grants will be pushed through the
* onPolicyChange() method
*/
private boolean _reload = true;
/**
* scan interval in seconds for policy file changes
*/
private int _scanInterval = 1;
/**
* specialized listener enabling waitForScan() functionality
*/
private LatchScannerListener _scanningListener;
/**
* true if the scanner has completed one cycle.
*/
private boolean _initialized = false;
/**
* record of the number of scans that have been made
*/
private AtomicInteger _scanCount = new AtomicInteger(0);
/**
* empty constructor
*/
public PolicyMonitor()
{
}
/**
* construtor with a predetermined directory to monitor
*
* @param directory
*/
public PolicyMonitor( String directory )
{
this();
_policyDirectory = directory;
}
/**
* set the policy directory to scan on a non-running monitor
*
* @param directory
*/
public void setPolicyDirectory( String directory )
{
if (isRunning())
{
throw new PolicyException("policy monitor is running, unable to set policy directory");
}
_policyDirectory = directory;
}
/**
* gets the scanner interval
*
* @return the scan interval
*/
public int getScanInterval()
{
return _scanInterval;
}
/**
* sets the scanner interval on a non-running instance of the monitor
*
* @param scanInterval in seconds
* @see Scanner#setScanInterval(int)
*/
public void setScanInterval( int scanInterval )
{
if (isRunning())
{
throw new PolicyException("policy monitor is running, unable to set scan interval");
}
_scanInterval = scanInterval;
}
/**
* true of the monitor is initialized, meaning that at least one
* scan cycle has completed and any policy grants found have been chirped
*
* @return true if initialized
*/
public boolean isInitialized()
{
return _initialized;
}
/**
* gets the number of times the scan has been run
*
* @return scan count
*/
public int getScanCount()
{
return _scanCount.get();
}
/**
* initiates a scan and blocks until it has been completed
*
* @throws Exception
*/
public synchronized void waitForScan() throws Exception
{
// wait for 2 scans for stable files
CountDownLatch latch = new CountDownLatch(2);
_scanningListener.setScanningLatch(latch);
_scanner.scan();
latch.await();
}
/**
* true of reload is enabled, false otherwise
*
* @return true if reload is enabled
*/
public boolean isReloadEnabled()
{
return _reload;
}
/**
* sets the monitor to reload or not, but only if the monitor isn't already running
*
* TODO this doesn't really _have_ to be on a non-running monitor
*
* @param reload
*/
public void setReload(boolean reload)
{
if (isRunning())
{
throw new PolicyException("policy monitor is running, unable to set reload at this time");
}
_reload = reload;
}
/**
* processes a policy file via the default policy loader and chirps
* changes to the onPolicyChange() abstract method
*
* @param filename
*/
private void processPolicyFile(String filename)
{
try
{
File policyFile = new File(filename);
Set<PolicyBlock> policyBlocks = DefaultPolicyLoader.load(new FileInputStream(policyFile),JettyPolicy.getContext());
for (PolicyBlock policy : policyBlocks)
{
onPolicyChange(policy);
}
}
catch (Exception e)
{
e.printStackTrace();
}
}
/**
* called by the abstract lifecycle to start the monitor
*/
@Override
protected void doStart() throws Exception
{
super.doStart();
_scanner = new Scanner();
List<File> scanDirs = new ArrayList<File>();
scanDirs.add(new File( _policyDirectory ) );
//System.out.println("Scanning: " + _policyDirectory );
_scanner.addListener(new Scanner.DiscreteListener()
{
public void fileRemoved(String filename) throws Exception
{
}
/* will trigger when files are changed, not on load time, just when changed */
public void fileChanged(String filename) throws Exception
{
if (_reload && filename.endsWith("policy"))
{
// System.out.println("PolicyMonitor: policy file");
processPolicyFile(filename);
}
}
public void fileAdded(String filename) throws Exception
{
if (filename.endsWith("policy"))
{
// System.out.println("PolicyMonitor: added policy file");
processPolicyFile(filename);
}
}
});
_scanningListener = new LatchScannerListener();
_scanner.addListener(_scanningListener);
_scanner.setScanDirs(scanDirs);
_scanner.setReportExistingFilesOnStartup(true);
_scanner.start();
_scanner.setScanInterval(_scanInterval);
}
/**
* called by the abstract life cycle to turn off the monitor
*/
@Override
protected void doStop() throws Exception
{
super.doStop();
_scanner.stop();
}
/**
* latch listener that can taken in a countdownlatch and notify other
* blocking threads that the scan has been completed
*
*/
private class LatchScannerListener implements Scanner.ScanCycleListener
{
CountDownLatch _latch;
public void scanStarted(int cycle) throws Exception
{
}
public void scanEnded(int cycle) throws Exception
{
_initialized = true; // just really needed the first time
_scanCount.incrementAndGet();
if ( _latch != null )
{
_latch.countDown();
}
}
public void setScanningLatch( CountDownLatch latch )
{
_latch = latch;
}
}
/**
* implemented by the user of the policy monitor to handle custom logic
* related to the usage of the policy grant instance/s.
*
* @param grant
*/
public abstract void onPolicyChange(PolicyBlock grant);
}

52
jetty-policy/src/main/java/org/eclipse/jetty/policy/entry/AbstractEntry.java
View File

@ -1,52 +0,0 @@
//
// ========================================================================
// Copyright (c) 1995-2012 Mort Bay Consulting Pty. Ltd.
// ------------------------------------------------------------------------
// All rights reserved. This program and the accompanying materials
// are made available under the terms of the Eclipse Public License v1.0
// and Apache License v2.0 which accompanies this distribution.
//
// The Eclipse Public License is available at
// http://www.eclipse.org/legal/epl-v10.html
//
// The Apache License v2.0 is available at
// http://www.opensource.org/licenses/apache2.0.php
//
// You may elect to redistribute this code under either of these licenses.
// ========================================================================
//
package org.eclipse.jetty.policy.entry;
import org.eclipse.jetty.policy.PolicyContext;
import org.eclipse.jetty.policy.PolicyException;
public abstract class AbstractEntry
{
private boolean isDirty = false;
private boolean isExpanded = false;
public abstract void expand( PolicyContext context ) throws PolicyException;
public boolean isDirty()
{
return isDirty;
}
public void setDirty( boolean isDirty )
{
this.isDirty = isDirty;
}
public boolean isExpanded()
{
return isExpanded;
}
public void setExpanded( boolean isExpanded )
{
this.isExpanded = isExpanded;
}
}

209
jetty-policy/src/main/java/org/eclipse/jetty/policy/entry/GrantEntry.java
View File

@ -1,209 +0,0 @@
//
// ========================================================================
// Copyright (c) 1995-2012 Mort Bay Consulting Pty. Ltd.
// ------------------------------------------------------------------------
// All rights reserved. This program and the accompanying materials
// are made available under the terms of the Eclipse Public License v1.0
// and Apache License v2.0 which accompanies this distribution.
//
// The Eclipse Public License is available at
// http://www.eclipse.org/legal/epl-v10.html
//
// The Apache License v2.0 is available at
// http://www.opensource.org/licenses/apache2.0.php
//
// You may elect to redistribute this code under either of these licenses.
// ========================================================================
//
package org.eclipse.jetty.policy.entry;
import java.net.URI;
import java.net.URL;
import java.security.CodeSource;
import java.security.KeyStore;
import java.security.KeyStoreException;
import java.security.PermissionCollection;
import java.security.Permissions;
import java.security.Principal;
import java.security.cert.Certificate;
import java.util.Collection;
import java.util.HashSet;
import java.util.Iterator;
import java.util.Set;
import java.util.StringTokenizer;
import org.eclipse.jetty.policy.PolicyContext;
import org.eclipse.jetty.policy.PolicyException;
public class GrantEntry extends AbstractEntry
{
/**
* The signers part of grant clause. This is a comma-separated list of certificate aliases.
*/
private String signers;
/**
* The codebase part of grant clause. This is an URL from which code originates.
*/
private String codebase;
/**
* Collection of PrincipalEntries of grant clause.
*/
private Collection<PrincipalEntry> principalNodes;
/**
* Collection of PermissionEntries of grant clause.
*/
private Collection<PermissionEntry> permissionNodes;
// cached permissions
private PermissionCollection permissions;
private Certificate[] signerArray;
private CodeSource codesource;
private Principal[] principals;
/**
* Adds specified element to the <code>principals</code> collection. If collection does not exist yet, creates a
* new one.
*/
public void addPrincipal( PrincipalEntry pe )
{
if ( principalNodes == null )
{
principalNodes = new HashSet<PrincipalEntry>();
}
principalNodes.add( pe );
}
public void expand( PolicyContext context ) throws PolicyException
{
if ( signers != null )
{
signerArray = resolveToCertificates( context.getKeystore(), signers ); // TODO alter to support self:: etc
}
codebase = context.evaluate( codebase );
if ( principalNodes != null )
{
Set<Principal> principalSet = new HashSet<Principal>();
for ( Iterator<PrincipalEntry> i = principalNodes.iterator(); i.hasNext(); )
{
PrincipalEntry node = i.next();
node.expand( context );
principalSet.add( node.toPrincipal( context ) );
}
principals = principalSet.toArray( new Principal[principalSet.size()] );
}
context.setPrincipals( principals );
permissions = new Permissions();
for ( Iterator<PermissionEntry> i = permissionNodes.iterator(); i.hasNext(); )
{
PermissionEntry node = i.next();
node.expand( context );
permissions.add( node.toPermission() );
}
context.setPrincipals( null );
setExpanded( true );
}
public PermissionCollection getPermissions() throws PolicyException
{
return permissions;
}
public Principal[] getPrincipals() throws PolicyException
{
return principals;
}
public CodeSource getCodeSource() throws PolicyException
{
if ( !isExpanded() )
{
throw new PolicyException("GrantNode needs to be expanded.");
}
try
{
if ( codesource == null && codebase != null )
{
URL url = new URI( codebase ).toURL();
codesource = new CodeSource( url, signerArray );
}
return codesource;
}
catch ( Exception e )
{
throw new PolicyException( e );
}
}
/**
* resolve signers into an array of certificates using a given keystore
*
* @param keyStore
* @param signers
* @return
* @throws Exception
*/
private Certificate[] resolveToCertificates( KeyStore keyStore, String signers ) throws PolicyException
{
if ( keyStore == null )
{
Certificate[] certs = null;
return certs;
}
Set<Certificate> certificateSet = new HashSet<Certificate>();
StringTokenizer strTok = new StringTokenizer( signers, ",");
for ( int i = 0; strTok.hasMoreTokens(); ++i )
{
try
{
Certificate certificate = keyStore.getCertificate( strTok.nextToken().trim() );
if ( certificate != null )
{
certificateSet.add( certificate );
}
}
catch ( KeyStoreException kse )
{
throw new PolicyException( kse );
}
}
return certificateSet.toArray( new Certificate[certificateSet.size()] );
}
public void setSigners( String signers )
{
this.signers = signers;
}
public void setCodebase( String codebase )
{
this.codebase = codebase;
}
public void setPrincipals( Collection<PrincipalEntry> principals )
{
this.principalNodes = principals;
}
public void setPermissions( Collection<PermissionEntry> permissions )
{
this.permissionNodes = permissions;
}
}

98
jetty-policy/src/main/java/org/eclipse/jetty/policy/entry/KeystoreEntry.java
View File

@ -1,98 +0,0 @@
//
// ========================================================================
// Copyright (c) 1995-2012 Mort Bay Consulting Pty. Ltd.
// ------------------------------------------------------------------------
// All rights reserved. This program and the accompanying materials
// are made available under the terms of the Eclipse Public License v1.0
// and Apache License v2.0 which accompanies this distribution.
//
// The Eclipse Public License is available at
// http://www.eclipse.org/legal/epl-v10.html
//
// The Apache License v2.0 is available at
// http://www.opensource.org/licenses/apache2.0.php
//
// You may elect to redistribute this code under either of these licenses.
// ========================================================================
//
package org.eclipse.jetty.policy.entry;
import java.io.InputStream;
import java.net.URL;
import java.security.KeyStore;
import org.eclipse.jetty.policy.PolicyContext;
import org.eclipse.jetty.policy.PolicyException;
import org.eclipse.jetty.util.resource.Resource;
public class KeystoreEntry extends AbstractEntry
{
/**
* The URL part of keystore clause.
*/
private String url;
/**
* The typename part of keystore clause.
*/
private String type;
// cached value
private KeyStore keystore;
public KeyStore toKeyStore() throws PolicyException
{
if ( keystore != null && !isDirty() )
{
return keystore;
}
try
{
keystore = KeyStore.getInstance( type );
URL keyStoreLocation = new URL ( url );
Resource r = Resource.newResource(keyStoreLocation);
InputStream istream = r.getInputStream();
keystore.load( istream, null );
}
catch ( Exception e )
{
throw new PolicyException( e );
}
return keystore;
}
@Override
public void expand( PolicyContext context ) throws PolicyException
{
url = context.evaluate( url );
setExpanded( true );
}
public String getUrl()
{
return url;
}
public void setUrl( String url )
{
this.url = url;
}
public String getType()
{
return type;
}
public void setType( String type )
{
this.type = type;
}
}

226
jetty-policy/src/main/java/org/eclipse/jetty/policy/entry/PermissionEntry.java
View File

@ -1,226 +0,0 @@
//
// ========================================================================
// Copyright (c) 1995-2012 Mort Bay Consulting Pty. Ltd.
// ------------------------------------------------------------------------
// All rights reserved. This program and the accompanying materials
// are made available under the terms of the Eclipse Public License v1.0
// and Apache License v2.0 which accompanies this distribution.
//
// The Eclipse Public License is available at
// http://www.eclipse.org/legal/epl-v10.html
//
// The Apache License v2.0 is available at
// http://www.opensource.org/licenses/apache2.0.php
//
// You may elect to redistribute this code under either of these licenses.
// ========================================================================
//
package org.eclipse.jetty.policy.entry;
import java.lang.reflect.Constructor;
import java.security.KeyStore;
import java.security.KeyStoreException;
import java.security.Permission;
import java.security.cert.Certificate;
import java.util.HashSet;
import java.util.Set;
import java.util.StringTokenizer;
import org.eclipse.jetty.policy.PolicyContext;
import org.eclipse.jetty.policy.PolicyException;
public class PermissionEntry extends AbstractEntry
{
/**
* The classname part of permission clause.
*/
private String klass;
/**
* The name part of permission clause.
*/
private String name;
/**
* The actions part of permission clause.
*/
private String actions;
/**
* The signers part of permission clause. This is a comma-separated list of certificate aliases.
*/
private String signers;
private Certificate[] signerArray;
public Permission toPermission() throws PolicyException
{
try
{
Class<?> clazz = Class.forName(klass);
if ( signerArray != null && !validate( signerArray, (Certificate[])clazz.getSigners() ) )
{
throw new PolicyException( "Unvalidated Permissions: " + klass + "/" + name );
}
Permission permission = null;
if ( name == null && actions == null )
{
permission = (Permission) clazz.newInstance();
}
else if ( name != null && actions == null )
{
Constructor<?> c = clazz.getConstructor(new Class[]
{ String.class });
permission = (Permission) c.newInstance( name );
}
else if ( name != null && actions != null )
{
Constructor<?> c = clazz.getConstructor(new Class[]
{ String.class, String.class });
permission = (Permission) c.newInstance( name, actions );
}
return permission;
}
catch ( Exception e )
{
throw new PolicyException( e );
}
}
@Override
public void expand( PolicyContext context ) throws PolicyException
{
if ( name != null )
{
name = context.evaluate( name ).trim();
}
if ( actions != null )
{
actions = context.evaluate( actions ).trim();
}
if ( signers != null )
{
signerArray = resolveCertificates( context.getKeystore(), signers );
}
setExpanded( true );
}
/**
* validate that all permission certs are present in the class certs
*
* @param permCerts
* @param classCerts
* @return true if the permissions match up
*/
private static boolean validate( Certificate[] permCerts, Certificate[] classCerts )
{
if ( classCerts == null )
{
return false;
}
for ( int i = 0; i < permCerts.length; ++i )
{
boolean found = false;
for ( int j = 0; j < classCerts.length; ++j )
{
if ( permCerts[i].equals( classCerts[j] ) )
{
found = true;
break;
}
}
// if we didn't find the permCert in the classCerts then we don't match up
if ( found == false )
{
return false;
}
}
// we found all the permCerts in classCerts so return true
return true;
}
private static Certificate[] resolveCertificates( KeyStore keyStore, String signers ) throws PolicyException
{
if ( keyStore == null )
{
Certificate[] certs = null;
return certs;
}
Set<Certificate> certificateSet = new HashSet<Certificate>();
StringTokenizer strTok = new StringTokenizer( signers, ",");
for ( int i = 0; strTok.hasMoreTokens(); ++i )
{
try
{
Certificate certificate = keyStore.getCertificate( strTok.nextToken().trim() );
if ( certificate != null )
{
certificateSet.add( certificate );
}
}
catch ( KeyStoreException kse )
{
throw new PolicyException( kse );
}
}
return certificateSet.toArray( new Certificate[certificateSet.size()]);
}
public String getKlass()
{
return klass;
}
public void setKlass( String klass )
{
this.klass = klass;
}
public String getName()
{
return name;
}
public void setName( String name )
{
this.name = name;
}
public String getActions()
{
return actions;
}
public void setActions( String actions )
{
this.actions = actions;
}
public String getSigners()
{
return signers;
}
public void setSigners( String signers )
{
this.signers = signers;
}
}

115
jetty-policy/src/main/java/org/eclipse/jetty/policy/entry/PrincipalEntry.java
View File

@ -1,115 +0,0 @@
//
// ========================================================================
// Copyright (c) 1995-2012 Mort Bay Consulting Pty. Ltd.
// ------------------------------------------------------------------------
// All rights reserved. This program and the accompanying materials
// are made available under the terms of the Eclipse Public License v1.0
// and Apache License v2.0 which accompanies this distribution.
//
// The Eclipse Public License is available at
// http://www.eclipse.org/legal/epl-v10.html
//
// The Apache License v2.0 is available at
// http://www.opensource.org/licenses/apache2.0.php
//
// You may elect to redistribute this code under either of these licenses.
// ========================================================================
//
package org.eclipse.jetty.policy.entry;
import java.security.KeyStoreException;
import java.security.Principal;
import java.security.cert.Certificate;
import java.security.cert.X509Certificate;
import org.eclipse.jetty.policy.PolicyContext;
import org.eclipse.jetty.policy.PolicyException;
public class PrincipalEntry extends AbstractEntry
{
/**
* Wildcard value denotes any class and/or any name. Must be asterisk, for proper general expansion and
* PrivateCredentialsPermission wildcarding
*/
public static final String WILDCARD = "*"; //$NON-NLS-1$
/**
* The classname part of principal clause.
*/
private String klass;
/**
* The name part of principal clause.
*/
private String name;
/**
* cached principal if already computed
*/
private Principal principal;
public Principal toPrincipal( PolicyContext context ) throws PolicyException
{
if ( principal != null && !isDirty() )
{
return principal;
}
// if there is no keystore, there is no way to obtain a principal object
// TODO validate we need this check
if ( context.getKeystore() == null )
{
return null;
}
try
{
Certificate certificate = context.getKeystore().getCertificate( name );
if ( certificate instanceof X509Certificate )
{
principal = ( (X509Certificate) certificate ).getSubjectX500Principal();
return principal;
}
else
{
throw new PolicyException( "Unknown Certificate, unable to obtain Principal: " + certificate.getType() );
}
}
catch ( KeyStoreException kse )
{
throw new PolicyException( kse );
}
}
public void expand( PolicyContext context )
throws PolicyException
{
name = context.evaluate( name );
setExpanded(true);
}
public String getKlass()
{
return klass;
}
public void setKlass( String klass )
{
this.klass = klass;
}
public String getName()
{
return name;
}
public void setName( String name )
{
this.name = name;
}
}

102
jetty-policy/src/main/java/org/eclipse/jetty/policy/loader/DefaultPolicyLoader.java
View File

@ -1,102 +0,0 @@
//
// ========================================================================
// Copyright (c) 1995-2012 Mort Bay Consulting Pty. Ltd.
// ------------------------------------------------------------------------
// All rights reserved. This program and the accompanying materials
// are made available under the terms of the Eclipse Public License v1.0
// and Apache License v2.0 which accompanies this distribution.
//
// The Eclipse Public License is available at
// http://www.eclipse.org/legal/epl-v10.html
//
// The Apache License v2.0 is available at
// http://www.opensource.org/licenses/apache2.0.php
//
// You may elect to redistribute this code under either of these licenses.
// ========================================================================
// Portions of this file adapted for use from Apache Harmony code by written
// and contributed to that project by Alexey V. Varlamov under the ASL
// ========================================================================
//
package org.eclipse.jetty.policy.loader;
import java.io.InputStream;
import java.io.InputStreamReader;
import java.security.KeyStore;
import java.util.ArrayList;
import java.util.Collection;
import java.util.HashSet;
import java.util.Iterator;
import java.util.List;
import java.util.Set;
import org.eclipse.jetty.policy.PolicyBlock;
import org.eclipse.jetty.policy.PolicyContext;
import org.eclipse.jetty.policy.PolicyException;
import org.eclipse.jetty.policy.entry.GrantEntry;
import org.eclipse.jetty.policy.entry.KeystoreEntry;
/**
* Load the policies within the stream and resolve into protection domains and permission collections
*
*/
public class DefaultPolicyLoader
{
public static Set<PolicyBlock> load( InputStream policyStream, PolicyContext context ) throws PolicyException
{
Set<PolicyBlock> policies = new HashSet<PolicyBlock>();
KeyStore keystore = null;
try
{
PolicyFileScanner loader = new PolicyFileScanner();
Collection<GrantEntry> grantEntries = new ArrayList<GrantEntry>();
List<KeystoreEntry> keystoreEntries = new ArrayList<KeystoreEntry>();
loader.scanStream( new InputStreamReader(policyStream), grantEntries, keystoreEntries );
for ( Iterator<KeystoreEntry> i = keystoreEntries.iterator(); i.hasNext();)
{
KeystoreEntry node = i.next();
node.expand( context );
keystore = node.toKeyStore();
if ( keystore != null )
{
// we only process the first valid keystore
context.setKeystore( keystore );
break;
}
}
for ( Iterator<GrantEntry> i = grantEntries.iterator(); i.hasNext(); )
{
GrantEntry grant = i.next();
grant.expand( context );
PolicyBlock policy = new PolicyBlock();
policy.setCodeSource( grant.getCodeSource() );
policy.setPrincipals( grant.getPrincipals() );
policy.setPermissions( grant.getPermissions() );
policies.add(policy);
}
return policies;
}
catch ( Exception e )
{
throw new PolicyException( e );
}
}
}

459
jetty-policy/src/main/java/org/eclipse/jetty/policy/loader/PolicyFileScanner.java
View File

@ -1,459 +0,0 @@
//
// ========================================================================
// Copyright (c) 1995-2012 Mort Bay Consulting Pty. Ltd.
// ------------------------------------------------------------------------
// All rights reserved. This program and the accompanying materials
// are made available under the terms of the Eclipse Public License v1.0
// and Apache License v2.0 which accompanies this distribution.
//
// The Eclipse Public License is available at
// http://www.eclipse.org/legal/epl-v10.html
//
// The Apache License v2.0 is available at
// http://www.opensource.org/licenses/apache2.0.php
//
// You may elect to redistribute this code under either of these licenses.
// ========================================================================
// This file adapted for use from Apache Harmony code by written and contributed
// to that project by Alexey V. Varlamov under the ASL-2.0
// See CQ3380
// ========================================================================
package org.eclipse.jetty.policy.loader;
import java.io.IOException;
import java.io.Reader;
import java.io.StreamTokenizer;
import java.util.Collection;
import java.util.HashSet;
import java.util.List;
import org.eclipse.jetty.policy.entry.GrantEntry;
import org.eclipse.jetty.policy.entry.KeystoreEntry;
import org.eclipse.jetty.policy.entry.PermissionEntry;
import org.eclipse.jetty.policy.entry.PrincipalEntry;
/**
* This is a basic high-level tokenizer of policy files. It takes in a stream, analyzes data read from it and returns a
* set of structured tokens. <br>
* This implementation recognizes text files, consisting of clauses with the following syntax:
*
* <pre>
*
* keystore &quot;some_keystore_url&quot;, &quot;keystore_type&quot;;
*
* </pre>
*
* <pre>
*
* grant [SignedBy &quot;signer_names&quot;] [, CodeBase &quot;URL&quot;]
* [, Principal [principal_class_name] &quot;principal_name&quot;]
* [, Principal [principal_class_name] &quot;principal_name&quot;] ... {
* permission permission_class_name [ &quot;target_name&quot; ] [, &quot;action&quot;]
* [, SignedBy &quot;signer_names&quot;];
* permission ...
* };
*
* </pre>
*
* For semantical details of this format, see org.apache.harmony.security.DefaultPolicy javadoc. <br>
*
* Keywords are case-insensitive in contrast to quoted string literals. Comma-separation rule is quite forgiving, most
* commas may be just omitted. Whitespaces, line- and block comments are ignored. Symbol-level tokenization is delegated
* to java.io.StreamTokenizer. <br>
* <br>
* This implementation is effectively thread-safe, as it has no field references to data being processed (that is,
* passes all the data as method parameters).
*
* This implementation is a bit more strict in enforcing format then the default policy scanner as implemented in the sun jdk.
*/
public class PolicyFileScanner
{
/**
* Specific exception class to signal policy file syntax error.
*/
public static class InvalidFormatException
extends Exception
{
/**
* @serial
*/
private static final long serialVersionUID = 5789786270390222184L;
/**
* Constructor with detailed message parameter.
*/
public InvalidFormatException( String arg0 )
{
super( arg0 );
}
}
/**
* Configures passed tokenizer accordingly to supported syntax.
*/
protected StreamTokenizer configure( StreamTokenizer st )
{
st.slashSlashComments( true );
st.slashStarComments( true );
st.wordChars( '_', '_' );
st.wordChars( '$', '$' );
return st;
}
/**
* Performs the main parsing loop. Starts with creating and configuring a StreamTokenizer instance; then tries to
* recognize <i>keystore </i> or <i>grant </i> keyword. When found, invokes read method corresponding to the clause
* and collects result to the passed collection.
*
* @param r policy stream reader
* @param grantEntries a collection to accumulate parsed GrantEntries
* @param keystoreEntries a collection to accumulate parsed KeystoreEntries
* @throws IOException if stream reading failed
* @throws InvalidFormatException if unexpected or unknown token encountered
*/
public void scanStream( Reader r, Collection<GrantEntry> grantEntries, List<KeystoreEntry> keystoreEntries )
throws IOException, InvalidFormatException
{
StreamTokenizer st = configure( new StreamTokenizer( r ) );
// main parsing loop
parsing: while ( true )
{
switch ( st.nextToken() )
{
case StreamTokenizer.TT_EOF: // we've done the job
break parsing;
case StreamTokenizer.TT_WORD:
if ( Util.equalsIgnoreCase( "keystore", st.sval ) ) { //$NON-NLS-1$
keystoreEntries.add( readKeystoreNode( st ) );
}
else if ( Util.equalsIgnoreCase( "grant", st.sval ) ) { //$NON-NLS-1$
grantEntries.add( readGrantNode( st ) );
}
else
{
handleUnexpectedToken( st, "Expected entries are : \"grant\" or \"keystore\"" ); //$NON-NLS-1$
}
break;
case ';': // just delimiter of entries
break;
default:
handleUnexpectedToken( st );
break;
}
}
}
/**
* Tries to read <i>keystore </i> clause fields. The expected syntax is
*
* <pre>
*
* &quot;some_keystore_url&quot;[, &quot;keystore_type&quot;];
*
* </pre>
*
* @return successfully parsed KeystoreNode
* @throws IOException if stream reading failed
* @throws InvalidFormatException if unexpected or unknown token encountered
*/
protected KeystoreEntry readKeystoreNode( StreamTokenizer st )
throws IOException, InvalidFormatException
{
KeystoreEntry ke = new KeystoreEntry();
if ( st.nextToken() == '"' )
{
ke.setUrl( st.sval );
if ( ( st.nextToken() == '"' ) || ( ( st.ttype == ',' ) && ( st.nextToken() == '"' ) ) )
{
ke.setType( st.sval );
}
else
{ // handle token in the main loop
st.pushBack();
}
}
else
{
handleUnexpectedToken( st, "Expected syntax is : keystore \"url\"[, \"type\"]" ); //$NON-NLS-1$
}
return ke;
}
/**
* Tries to read <i>grant </i> clause. <br>
* First, it reads <i>codebase </i>, <i>signedby </i>, <i>principal </i> entries till the '{' (opening curly brace)
* symbol. Then it calls readPermissionEntries() method to read the permissions of this clause. <br>
* Principal entries (if any) are read by invoking readPrincipalNode() method, obtained PrincipalEntries are
* accumulated. <br>
* The expected syntax is
*
* <pre>
*
* [ [codebase &quot;url&quot;] | [signedby &quot;name1,...,nameN&quot;] |
* principal ...] ]* { ... }
*
* </pre>
*
* @return successfully parsed GrantNode
* @throws IOException if stream reading failed
* @throws InvalidFormatException if unexpected or unknown token encountered
*/
protected GrantEntry readGrantNode( StreamTokenizer st )
throws IOException, InvalidFormatException
{
GrantEntry ge = new GrantEntry();
parsing: while ( true )
{
switch ( st.nextToken() )
{
case StreamTokenizer.TT_WORD:
if ( Util.equalsIgnoreCase( "signedby", st.sval ) ) { //$NON-NLS-1$
if ( st.nextToken() == '"' )
{
ge.setSigners( st.sval );
}
else
{
handleUnexpectedToken( st, "Expected syntax is : signedby \"name1,...,nameN\"" ); //$NON-NLS-1$
}
}
else if ( Util.equalsIgnoreCase( "codebase", st.sval ) ) { //$NON-NLS-1$
if ( st.nextToken() == '"' )
{
ge.setCodebase( st.sval );
}
else
{
handleUnexpectedToken( st, "Expected syntax is : codebase \"url\"" ); //$NON-NLS-1$
}
}
else if ( Util.equalsIgnoreCase( "principal", st.sval ) ) { //$NON-NLS-1$
ge.addPrincipal( readPrincipalNode( st ) );
}
else
{
handleUnexpectedToken( st );
}
break;
case ',': // just delimiter of entries
break;
case '{':
ge.setPermissions( readPermissionEntries( st ) );
break parsing;
default: // handle token in the main loop
st.pushBack();
break parsing;
}
}
return ge;
}
/**
* Tries to read <i>Principal </i> Node fields. The expected syntax is
*
* <pre>
*
* [ principal_class_name ] &quot;principal_name&quot;
*
* </pre>
*
* Both class and name may be wildcards, wildcard names should not surrounded by quotes.
*
* @return successfully parsed PrincipalNode
* @throws IOException if stream reading failed
* @throws InvalidFormatException if unexpected or unknown token encountered
*/
protected PrincipalEntry readPrincipalNode( StreamTokenizer st )
throws IOException, InvalidFormatException
{
PrincipalEntry pe = new PrincipalEntry();
if ( st.nextToken() == StreamTokenizer.TT_WORD )
{
pe.setKlass( st.sval );
st.nextToken();
}
else if ( st.ttype == '*' )
{
pe.setKlass( PrincipalEntry.WILDCARD );
st.nextToken();
}
if ( st.ttype == '"' )
{
pe.setName( st.sval );
}
else if ( st.ttype == '*' )
{
pe.setName( PrincipalEntry.WILDCARD );
}
else
{
handleUnexpectedToken( st, "Expected syntax is : principal [class_name] \"principal_name\"" ); //$NON-NLS-1$
}
return pe;
}
/**
* Tries to read a list of <i>permission </i> entries. The expected syntax is
*
* <pre>
*
* permission permission_class_name
* [ &quot;target_name&quot; ] [, &quot;action_list&quot;]
* [, signedby &quot;name1,name2,...&quot;];
*
* </pre>
*
* List is terminated by '}' (closing curly brace) symbol.
*
* @return collection of successfully parsed PermissionEntries
* @throws IOException if stream reading failed
* @throws InvalidFormatException if unexpected or unknown token encountered
*/
protected Collection<PermissionEntry> readPermissionEntries( StreamTokenizer st )
throws IOException, InvalidFormatException
{
Collection<PermissionEntry> permissions = new HashSet<PermissionEntry>();
parsing: while ( true )
{
switch ( st.nextToken() )
{
case StreamTokenizer.TT_WORD:
if ( Util.equalsIgnoreCase( "permission", st.sval ) ) { //$NON-NLS-1$
PermissionEntry pe = new PermissionEntry();
if ( st.nextToken() == StreamTokenizer.TT_WORD )
{
pe.setKlass( st.sval );
if ( st.nextToken() == '"' )
{
pe.setName( st.sval );
st.nextToken();
}
if ( st.ttype == ',' )
{
st.nextToken();
}
if ( st.ttype == '"' )
{
pe.setActions( st.sval );
if ( st.nextToken() == ',' )
{
st.nextToken();
}
}
if ( st.ttype == StreamTokenizer.TT_WORD && Util.equalsIgnoreCase( "signedby", st.sval ) ) { //$NON-NLS-1$
if ( st.nextToken() == '"' )
{
pe.setSigners( st.sval );
}
else
{
handleUnexpectedToken( st );
}
}
else
{ // handle token in the next iteration
st.pushBack();
}
permissions.add( pe );
continue parsing;
}
}
handleUnexpectedToken(
st,
"Expected syntax is : permission permission_class_name [\"target_name\"] [, \"action_list\"] [, signedby \"name1,...,nameN\"]" ); //$NON-NLS-1$
break;
case ';': // just delimiter of entries
break;
case '}': // end of list
break parsing;
default: // invalid token
handleUnexpectedToken( st );
break;
}
}
return permissions;
}
/**
* Formats a detailed description of tokenizer status: current token, current line number, etc.
*/
protected String composeStatus( StreamTokenizer st )
{
return st.toString();
}
/**
* Throws InvalidFormatException with detailed diagnostics.
*
* @param st a tokenizer holding the erroneous token
* @param message a user-friendly comment, probably explaining expected syntax. Should not be <code>null</code>- use
* the overloaded single-parameter method instead.
*/
protected final void handleUnexpectedToken( StreamTokenizer st, String message )
throws InvalidFormatException
{
throw new InvalidFormatException( "Unexpected token encountered: " + composeStatus( st ) + ". " + message );
}
/**
* Throws InvalidFormatException with error status: which token is unexpected on which line.
*
* @param st a tokenizer holding the erroneous token
*/
protected final void handleUnexpectedToken( StreamTokenizer st )
throws InvalidFormatException
{
throw new InvalidFormatException( "Unexpected token encountered: " + composeStatus( st ) );
}
private static class Util
{
public static String toUpperCase( String s )
{
int len = s.length();
StringBuilder buffer = new StringBuilder( len );
for ( int i = 0; i < len; i++ )
{
char c = s.charAt( i );
if ( 'a' <= c && c <= 'z' )
{
buffer.append( (char) ( c - ( 'a' - 'A' ) ) );
}
else
{
buffer.append( c );
}
}
return buffer.toString();
}
public static boolean equalsIgnoreCase( String s1, String s2 )
{
s1 = toUpperCase( s1 );
s2 = toUpperCase( s2 );
return s1.equals( s2 );
}
}
}

265
jetty-policy/src/test/java/org/eclipse/jetty/policy/JettyPolicyRuntimeTest.java
View File

@ -1,265 +0,0 @@
//
// ========================================================================
// Copyright (c) 1995-2012 Mort Bay Consulting Pty. Ltd.
// ------------------------------------------------------------------------
// All rights reserved. This program and the accompanying materials
// are made available under the terms of the Eclipse Public License v1.0
// and Apache License v2.0 which accompanies this distribution.
//
// The Eclipse Public License is available at
// http://www.eclipse.org/legal/epl-v10.html
//
// The Apache License v2.0 is available at
// http://www.opensource.org/licenses/apache2.0.php
//
// You may elect to redistribute this code under either of these licenses.
// ========================================================================
//
package org.eclipse.jetty.policy;
import static org.junit.Assert.assertEquals;
import static org.junit.Assert.assertTrue;
import static org.junit.Assert.fail;
import java.io.File;
import java.lang.reflect.InvocationTargetException;
import java.lang.reflect.Method;
import java.net.URL;
import java.net.URLClassLoader;
import java.security.AccessControlException;
import java.security.Policy;
import java.util.Collections;
import java.util.HashMap;
import java.util.Set;
import org.eclipse.jetty.toolchain.test.MavenTestingUtils;
import org.eclipse.jetty.toolchain.test.OS;
import org.eclipse.jetty.util.IO;
import org.junit.After;
import org.junit.Assume;
import org.junit.Before;
import org.junit.Test;
public class JettyPolicyRuntimeTest
{
private HashMap<String, String> evaluator = new HashMap<String, String>();
@Before
public void init() throws Exception
{
System.setSecurityManager(null);
Policy.setPolicy(null);
evaluator.put("jetty.home",MavenTestingUtils.getBaseURI().toASCIIString());
evaluator.put("basedir",MavenTestingUtils.getBaseURI().toASCIIString());
}
@After
public void destroy() throws Exception
{
System.setSecurityManager(null);
Policy.setPolicy(null);
IO.delete(new File ("/tmp", "foo"));
}
@Test
public void testSimplePolicyReplacement() throws Exception
{
Assume.assumeTrue(!OS.IS_WINDOWS); // Ignore test if running under windows.
JettyPolicy ap = new JettyPolicy(MavenTestingUtils.getTestResourceDir("runtime-test-1").getAbsolutePath(), evaluator);
ap.refresh();
Policy.setPolicy( ap );
System.setSecurityManager( new SecurityManager() );
File test = new File( "/tmp" );
assertTrue( test.canRead() );
}
@Test
public void testRepeatedPolicyReplacement() throws Exception
{
Assume.assumeTrue(!OS.IS_WINDOWS); // Ignore test if running under windows.
JettyPolicy ap = new JettyPolicy(MavenTestingUtils.getTestResourceDir("runtime-test-2/a").getAbsolutePath(),evaluator);
ap.refresh();
Policy.setPolicy( ap );
System.setSecurityManager( new SecurityManager() );
// Test that the all permission policy allows us to do this
try
{
File test3 = new File( "/tmp/foo/bar/do" );
test3.mkdirs();
test3.delete();
}
catch ( AccessControlException ace )
{
ace.printStackTrace(System.err);
fail("Should NOT have thrown an AccessControlException");
}
JettyPolicy ap2 = new JettyPolicy(MavenTestingUtils.getTestResourceDir("runtime-test-2/b").getAbsolutePath(),evaluator);
ap2.refresh();
Policy.setPolicy( ap2 );
// Test that the new policy does replace the old one and we are now not allowed
try
{
File test3 = new File( "/tmp/foo/bar/do" );
test3.mkdirs();
fail("Should have thrown an AccessControlException");
}
catch ( AccessControlException ace )
{
// Expected Path
}
}
@Test
public void testPolicyRestrictive() throws Exception
{
// TODO - temporary, create alternate file to load for windows
Assume.assumeTrue(!OS.IS_WINDOWS); // Ignore test if running under windows.
JettyPolicy ap = new JettyPolicy(MavenTestingUtils.getTestResourceDir("runtime-test-3").getAbsolutePath(),evaluator);
ap.refresh();
Policy.setPolicy( ap );
System.setSecurityManager( new SecurityManager() );
File test = new File( "/tmp" );
assertTrue ( test.canRead() );
File test2 = new File( "/tmp/foo" );
test2.mkdirs();
assertTrue ( test2.canRead() );
try
{
File test3 = new File("/tmp/foo/bar/do");
test3.mkdirs();
fail("Should have thrown an AccessControlException");
}
catch (AccessControlException ace)
{
// Expected Path
}
}
@Test
public void testCertificateLoader() throws Exception
{
// TODO - temporary, create alternate file to load for windows
Assume.assumeTrue(!OS.IS_WINDOWS); // Ignore test if running under windows.
JettyPolicy ap = new JettyPolicy(MavenTestingUtils.getTestResourceDir("runtime-test-4").getAbsolutePath(),evaluator);
ap.refresh();
URL url = MavenTestingUtils.getTargetURL("test-policy/jetty-test-policy.jar");
//System.out.println(url.toURI().toASCIIString());
//System.out.println(MavenTestingUtils.getBaseURI().toASCIIString());
URLClassLoader loader ;
if (Thread.currentThread().getContextClassLoader() != null )
{
loader = new URLClassLoader( new URL[]{ url }, Thread.currentThread().getContextClassLoader() );
}
else
{
loader = new URLClassLoader( new URL[]{ url }, ClassLoader.getSystemClassLoader() );
}
Thread.currentThread().setContextClassLoader(loader);
Policy.setPolicy( ap );
System.setSecurityManager( new SecurityManager() );
ap.refresh();
ap.dump(System.out);
Class<?> clazz = loader.loadClass("org.eclipse.jetty.toolchain.test.policy.Tester");
Method m = clazz.getMethod("testEcho",new Class[]
{ String.class });
String foo = (String)m.invoke(clazz.newInstance(), "foo");
assertEquals("foo",foo);
Method m2 = clazz.getMethod("testReadSystemProperty",new Class[]
{ String.class });
m2.invoke(clazz.newInstance(), "foo");
assertTrue("system property access was granted",true);
// ap.dump(System.out);
}
@Test
public void testBadCertificateLoader() throws Exception
{
// TODO - temporary, create alternate file to load for windows
Assume.assumeTrue(!OS.IS_WINDOWS); // Ignore test if running under windows.
JettyPolicy ap = new JettyPolicy(MavenTestingUtils.getTestResourceDir("runtime-test-5").getAbsolutePath(),evaluator);
ap.refresh();
Policy.setPolicy( ap );
System.setSecurityManager( new SecurityManager() );
URL url = MavenTestingUtils.getTargetURL("test-policy/jetty-test-policy.jar");
URLClassLoader loader ;
if (Thread.currentThread().getContextClassLoader() != null )
{
loader = new URLClassLoader( new URL[]{ url }, Thread.currentThread().getContextClassLoader() );
}
else
{
loader = new URLClassLoader( new URL[]{ url }, ClassLoader.getSystemClassLoader() );
}
Thread.currentThread().setContextClassLoader(loader);
ap.refresh();
try
{
Class<?> clazz = loader.loadClass("org.eclipse.jetty.toolchain.test.policy.Tester");
Method m = clazz.getMethod( "testEcho", new Class[] {String.class} );
String foo = (String)m.invoke( clazz.newInstance(), "foo");
assertEquals("foo", foo );
Method m2 = clazz.getMethod( "testReadSystemProperty", new Class[] {String.class} );
m2.invoke(clazz.newInstance(), "foobar");
fail("Should have thrown an InvocationTargetException");
}
catch ( InvocationTargetException e )
{
assertTrue(e.getCause().getMessage().contains( "access denied" ));
}
}
private Set<String> getSinglePolicy(String name)
{
return Collections.singleton(MavenTestingUtils.getTestResourceFile(name).getAbsolutePath());
}
}

424
jetty-policy/src/test/java/org/eclipse/jetty/policy/JettyPolicyTest.java
View File

@ -1,424 +0,0 @@
//
// ========================================================================
// Copyright (c) 1995-2012 Mort Bay Consulting Pty. Ltd.
// ------------------------------------------------------------------------
// All rights reserved. This program and the accompanying materials
// are made available under the terms of the Eclipse Public License v1.0
// and Apache License v2.0 which accompanies this distribution.
//
// The Eclipse Public License is available at
// http://www.eclipse.org/legal/epl-v10.html
//
// The Apache License v2.0 is available at
// http://www.opensource.org/licenses/apache2.0.php
//
// You may elect to redistribute this code under either of these licenses.
// ========================================================================
//
package org.eclipse.jetty.policy;
import static org.junit.Assert.assertFalse;
import static org.junit.Assert.assertNotNull;
import static org.junit.Assert.assertTrue;
import java.io.FilePermission;
import java.net.URL;
import java.security.CodeSource;
import java.security.Permission;
import java.security.PermissionCollection;
import java.security.ProtectionDomain;
import java.security.cert.Certificate;
import java.util.HashMap;
import java.util.PropertyPermission;
import org.eclipse.jetty.toolchain.test.MavenTestingUtils;
import org.junit.Before;
import org.junit.Test;
public class JettyPolicyTest
{
private HashMap<String, String> evaluator = new HashMap<String, String>();
@Before
public void setUp() throws Exception
{
evaluator.put("jetty.home",MavenTestingUtils.getBaseURI().toASCIIString());
evaluator.put("basedir",MavenTestingUtils.getBaseURI().toASCIIString());
}
/**
* Simple test for loading a policy file and validating that the AllPermission
* was granted successfully.
*/
@Test
public void testGlobalAllPermissionLoader() throws Exception
{
JettyPolicy ap = new JettyPolicy( MavenTestingUtils.getTestResourceDir("policy-test-1").getAbsolutePath(), evaluator );
ap.refresh();
PermissionCollection pc = ap.getPermissions(new ProtectionDomain(null,null));
assertNotNull(pc);
Permission testPerm = new FilePermission("/tmp","read");
assertTrue(pc.implies(testPerm));
}
/**
* Simple test of loading a policy file with a single codebase defined that grants specific
* FilePermission. Then test that read and write were granted but delete was not.
*/
@Test
public void testSingleCodebaseFilePermissionLoader() throws Exception
{
JettyPolicy ap = new JettyPolicy( MavenTestingUtils.getTestResourceDir("policy-test-2").getAbsolutePath(), evaluator );
ap.refresh();
URL url = new URL("file:///foo.jar");
CodeSource cs = new CodeSource(url,new Certificate[0]);
PermissionCollection pc = ap.getPermissions(cs);
assertNotNull(pc);
Permission testReadPerm = new FilePermission( "/tmp/*", "read" );
Permission testWritePerm = new FilePermission( "/tmp/*", "write" );
Permission testDeletePerm = new FilePermission( "/tmp/*", "delete" );
assertTrue( pc.implies( testReadPerm ) );
assertTrue( pc.implies( testWritePerm ) );
assertFalse(pc.implies( testDeletePerm ) );
}
/**
* Tests multiple codebases in a single policy file are loaded correctly and that the various
* grants do indeed work accordingly
*
* @throws Exception
*/
@Test
public void testMultipleCodebaseFilePermissionLoader() throws Exception
{
JettyPolicy ap = new JettyPolicy( MavenTestingUtils.getTestResourceDir("policy-test-3").getAbsolutePath(), evaluator );
ap.refresh();
// test the bar.jar codebase grant
URL url = new URL("file:///bar.jar");
CodeSource cs = new CodeSource(url,new Certificate[0]);
PermissionCollection barPermissionCollection = ap.getPermissions(cs);
assertNotNull( barPermissionCollection );
Permission testBarPerm = new FilePermission("/tmp/*","read,write");
Permission testBarPerm2 = new FilePermission("/usr/*","read"); // only read was granted
Permission testBarPerm3 = new FilePermission("/usr/*","write"); // only read was granted
assertTrue( barPermissionCollection.implies( testBarPerm ) );
assertTrue( barPermissionCollection.implies( testBarPerm2 ) );
assertFalse( barPermissionCollection.implies( testBarPerm3 ) );
// test the global permission grant
PermissionCollection globalPermissionCollection = ap.getPermissions( new ProtectionDomain( null, null ) );
assertNotNull( globalPermissionCollection );
Permission testPropertyPermission = new PropertyPermission("main.class","read");
assertTrue( globalPermissionCollection.implies(testPropertyPermission));
// its global so it ought to be global, double check that
assertTrue( barPermissionCollection.implies(testPropertyPermission));
// test the foo.jar codebase grant
URL fooUrl = new URL( "file:///foo.jar" );
CodeSource fooCodeSource = new CodeSource( fooUrl, new Certificate[0]);
PermissionCollection fooPermissionCollection = ap.getPermissions( fooCodeSource );
assertNotNull( fooPermissionCollection );
Permission testFooPerm = new FilePermission( "/tmp/*", "read,write" );
Permission testFooPerm2 = new FilePermission( "/tmp/*", "read,write,delete" );
assertTrue( fooPermissionCollection.implies(testFooPerm) );
assertFalse( fooPermissionCollection.implies(testFooPerm2) );
// make sure that the foo codebase isn't getting bar permissions
assertFalse( fooPermissionCollection.implies(testBarPerm2) );
// but make sure that foo codebase is getting global
assertTrue( fooPermissionCollection.implies(testPropertyPermission));
}
@Test
public void testMultipleCodebaseMixedPermissionLoader() throws Exception
{
JettyPolicy ap = new JettyPolicy( MavenTestingUtils.getTestResourceDir("policy-test-4").getAbsolutePath(), evaluator );
ap.refresh();
// test the bar.jar codebase grant
URL url = new URL( "file:///bar.jar" );
CodeSource cs = new CodeSource( url, new Certificate[0]);
PermissionCollection barPermissionCollection = ap.getPermissions( cs );
assertNotNull( barPermissionCollection );
Permission testBarPerm = new FilePermission( "/tmp/*", "read,write" );
Permission testBarPerm2 = new FilePermission( "/usr/*", "read" );
assertTrue( barPermissionCollection.implies( testBarPerm ) );
assertTrue( barPermissionCollection.implies( testBarPerm2 ) );
// test the global permission grant
PermissionCollection globalPermissionCollection = ap.getPermissions( new ProtectionDomain( null, null ) );
assertNotNull( globalPermissionCollection );
Permission testPropertyPermission = new PropertyPermission("main.class","read");
assertTrue( globalPermissionCollection.implies(testPropertyPermission));
// its global so it ought to be global, double check that
assertTrue( barPermissionCollection.implies(testPropertyPermission));
// test the foo.jar codebase grant
URL fooUrl = new URL( "file:///foo.jar" );
CodeSource fooCodeSource = new CodeSource( fooUrl, new Certificate[0]);
PermissionCollection fooPermissionCollection = ap.getPermissions( fooCodeSource );
assertNotNull( fooPermissionCollection );
Permission testFooPerm = new FilePermission( "/tmp/*", "read,write" );
Permission testFooPerm2 = new FilePermission( "/tmp/*", "read,write,delete" );
assertTrue( fooPermissionCollection.implies(testFooPerm) );
assertFalse( fooPermissionCollection.implies(testFooPerm2) );
// make sure that the foo codebase isn't getting bar permissions
assertFalse( fooPermissionCollection.implies(testBarPerm2) );
// but make sure that foo codebase is getting global
assertTrue( fooPermissionCollection.implies(testPropertyPermission));
}
/**
* Sanity check that jetty policy file parses
*
* TODO insert typical jetty requirements in here to test
*
* @throws Exception
*/
@Test
public void testSCLoader() throws Exception
{
JettyPolicy ap = new JettyPolicy(MavenTestingUtils.getProjectDir("src/main/config/lib/policy").getAbsolutePath(),evaluator);
ap.refresh();
}
/**
* Test the simple loading of multiple files with no overlapping of security permission code sources
* @throws Exception
*/
@Test
public void testMultipleFilePermissionLoader() throws Exception
{
JettyPolicy ap = new JettyPolicy( MavenTestingUtils.getTestResourceDir("policy-test-5").getAbsolutePath(), evaluator );
ap.refresh();
URL url = new URL("file:///bar.jar");
CodeSource cs = new CodeSource(url,new Certificate[0]);
PermissionCollection pc = ap.getPermissions(cs);
assertNotNull(pc);
Permission testPerm = new FilePermission("/tmp/*","read");
Permission testPerm2 = new FilePermission("/usr/*","write"); //
assertTrue(pc.implies(testPerm));
assertFalse(pc.implies(testPerm2));
}
/**
* Tests the aggregation of multiple policy files into the same protection
* domain of a granted codesource
*
* @throws Exception
*/
@Test
public void testAggregateMultipleFilePermissionLoader() throws Exception
{
JettyPolicy ap = new JettyPolicy( MavenTestingUtils.getTestResourceDir("policy-test-6").getAbsolutePath(), evaluator );
ap.refresh();
URL url = new URL( "file:///bar.jar" );
CodeSource cs = new CodeSource( url, new Certificate[0]);
PermissionCollection pc = ap.getPermissions( cs );
assertNotNull( pc );
Permission testPerm = new FilePermission( "/tmp/*", "read, write" );
Permission testPerm2 = new FilePermission( "/usr/*", "write" );
// this tests that two policy files granting to the same codebase aggregate
// together their permissions, /tmp/* should be read, write after loading policy 2 and 3
assertTrue( pc.implies( testPerm ) );
assertFalse( pc.implies( testPerm2 ) );
}
/**
* test the resolution of the loading of the policy files
*
* @throws Exception
*/
// @Test
// public void testPolicyDirectories() throws Exception
// {
// Set<String> files = new HashSet<String>();
//
// files.add( MavenTestingUtils.getTestResourceFile("single-codebase-file-permission.policy").getAbsolutePath() );
// files.add( MavenTestingUtils.getTestResourceDir("context").getAbsolutePath() );
//
// JettyPolicy ap = new JettyPolicy( files, evaluator );
//
// Assert.assertEquals(3, ap.getKnownPolicyFiles().size());
//
// }
// /**
// * test the discovery and loading of template files
// *
// * @throws Exception
// */
// @Test
// public void testTemplateDirectories() throws Exception
// {
// Set<String> policyFiles = new HashSet<String>();
// Set<String> templateFiles = new HashSet<String>();
//
// policyFiles.add(MavenTestingUtils.getTestResourceFile("single-codebase-file-permission.policy").getAbsolutePath());
// policyFiles.add(MavenTestingUtils.getTestResourceDir("context").getAbsolutePath());
//
// templateFiles.add(MavenTestingUtils.getTestResourceDir("template").getAbsolutePath());
//
// JettyPolicy ap = new JettyPolicy(policyFiles,templateFiles,evaluator);
//
// Assert.assertEquals(3,ap.getKnownPolicyFiles().size());
//
// Assert.assertEquals(2,ap.getKnownTemplateFiles().size());
//
// }
//
// /**
// * tests the assigning of a template to a codesource
// *
// * @throws Exception
// */
// @Test
// public void testTemplateAssign() throws Exception
// {
// Set<String> policyFiles = new HashSet<String>();
// Set<String> templateFiles = new HashSet<String>();
//
// policyFiles.add(MavenTestingUtils.getTestResourceFile("single-codebase-file-permission.policy").getAbsolutePath());
// policyFiles.add(MavenTestingUtils.getTestResourceDir("context").getAbsolutePath());
//
// templateFiles.add(MavenTestingUtils.getTestResourceDir("template").getAbsolutePath());
//
// JettyPolicy ap = new JettyPolicy(policyFiles,templateFiles,evaluator);
//
// ap.assignTemplate("file:///template.jar",new String[]
// { "template1", "template2" });
//
// Assert.assertEquals(2,ap.getAssignedTemplates("file:///template.jar").length);
//
// }
//
// /**
// * tests the assigning of a template to a codesource
// *
// * @throws Exception
// */
// @Test
// public void testTemplateRemove() throws Exception
// {
// Set<String> policyFiles = new HashSet<String>();
// Set<String> templateFiles = new HashSet<String>();
//
// policyFiles.add(MavenTestingUtils.getTestResourceFile("single-codebase-file-permission.policy").getAbsolutePath());
// policyFiles.add(MavenTestingUtils.getTestResourceDir("context").getAbsolutePath());
//
// templateFiles.add(MavenTestingUtils.getTestResourceDir("template").getAbsolutePath());
//
// JettyPolicy ap = new JettyPolicy(policyFiles,templateFiles,evaluator);
//
// ap.assignTemplate("file:///template.jar",new String[]
// { "template1", "template2" });
//
// Assert.assertEquals(2,ap.getAssignedTemplates("file:///template.jar").length);
//
// ap.unassignTemplates("file:///template.jar");
//
// Assert.assertEquals(0,ap.getAssignedTemplates("file:///template.jar").length);
//
// }
//
// @Test
// public void testTemplatePermissions() throws Exception
// {
// Set<String> policyFiles = new HashSet<String>();
// Set<String> templateFiles = new HashSet<String>();
//
// policyFiles.add(MavenTestingUtils.getTestResourceFile("single-codebase-file-permission.policy").getAbsolutePath());
// policyFiles.add(MavenTestingUtils.getTestResourceDir("context").getAbsolutePath());
//
// templateFiles.add(MavenTestingUtils.getTestResourceDir("template").getAbsolutePath());
//
// JettyPolicy ap = new JettyPolicy(policyFiles,templateFiles,evaluator);
//
// URL url = new URL("file:///template.jar");
// CodeSource cs = new CodeSource(url,new Certificate[0]);
//
// PermissionCollection pc = ap.getPermissions(cs);
//
// assertNotNull(pc);
//
// Permission testPerm = new FilePermission("/tmp/*","read");
// Permission testPerm2 = new FilePermission("/tmp/*","write");
//
// // no templates have been assigned
// assertFalse(pc.implies(testPerm));
//
// ap.assignTemplate("file:///template.jar",new String[] {"template1"});
//
// PermissionCollection pc2 = ap.getPermissions(cs);
//
// assertNotNull(pc2);
//
// assertTrue(pc2.implies(testPerm));
// assertFalse(pc2.implies(testPerm2));
//
//
// ap.assignTemplate("file:///template.jar",new String[] {"template1", "template2"});
//
// PermissionCollection pc3 = ap.getPermissions(cs);
//
// assertNotNull(pc3);
//
// assertTrue(pc3.implies(testPerm));
// assertTrue(pc3.implies(testPerm2));
// }
}

120
jetty-policy/src/test/java/org/eclipse/jetty/policy/PolicyContextTest.java
View File

@ -1,120 +0,0 @@
//
// ========================================================================
// Copyright (c) 1995-2012 Mort Bay Consulting Pty. Ltd.
// ------------------------------------------------------------------------
// All rights reserved. This program and the accompanying materials
// are made available under the terms of the Eclipse Public License v1.0
// and Apache License v2.0 which accompanies this distribution.
//
// The Eclipse Public License is available at
// http://www.eclipse.org/legal/epl-v10.html
//
// The Apache License v2.0 is available at
// http://www.opensource.org/licenses/apache2.0.php
//
// You may elect to redistribute this code under either of these licenses.
// ========================================================================
//
package org.eclipse.jetty.policy;
import static org.junit.Assert.assertEquals;
import java.io.File;
import java.io.FileInputStream;
import java.io.InputStreamReader;
import java.security.Permission;
import java.util.ArrayList;
import java.util.List;
import org.eclipse.jetty.policy.entry.GrantEntry;
import org.eclipse.jetty.policy.entry.KeystoreEntry;
import org.eclipse.jetty.policy.loader.PolicyFileScanner;
import org.eclipse.jetty.toolchain.test.MavenTestingUtils;
import org.eclipse.jetty.toolchain.test.OS;
import org.junit.Before;
import org.junit.Test;
public class PolicyContextTest
{
public static final String __PRINCIPAL = "javax.security.auth.x500.X500Principal \"CN=Jetty Policy,OU=Artifact,O=Jetty Project,L=Earth,ST=Internet,C=US\"";
@Before
public void init() throws Exception
{
System.setProperty( "basedir", MavenTestingUtils.getBaseURI().toASCIIString() );
}
@Test
public void testSelfPropertyExpansion() throws Exception
{
PolicyContext context = new PolicyContext();
PolicyFileScanner loader = new PolicyFileScanner();
List<GrantEntry> grantEntries = new ArrayList<GrantEntry>();
List<KeystoreEntry> keystoreEntries = new ArrayList<KeystoreEntry>();
File policyFile = MavenTestingUtils.getTestResourceFile("context/jetty-certificate.policy");
loader.scanStream( new InputStreamReader( new FileInputStream( policyFile ) ), grantEntries, keystoreEntries );
if ( !OS.IS_WINDOWS ) //temporary, create alternate file to load for windows
{
for (KeystoreEntry node : keystoreEntries)
{
node.expand(context);
context.setKeystore(node.toKeyStore());
}
GrantEntry grant = grantEntries.get( 0 );
grant.expand( context );
Permission perm = grant.getPermissions().elements().nextElement();
assertEquals( __PRINCIPAL, perm.getName() );
}
}
@Test
public void testAliasPropertyExpansion() throws Exception
{
PolicyContext context = new PolicyContext();
PolicyFileScanner loader = new PolicyFileScanner();
List<GrantEntry> grantEntries = new ArrayList<GrantEntry>();
List<KeystoreEntry> keystoreEntries = new ArrayList<KeystoreEntry>();
File policyFile = MavenTestingUtils.getTestResourceFile("context/jetty-certificate-alias.policy");
loader.scanStream( new InputStreamReader( new FileInputStream( policyFile ) ), grantEntries, keystoreEntries );
if ( !OS.IS_WINDOWS ) //temporary, create alternate file to load for windows
{
for (KeystoreEntry node : keystoreEntries)
{
node.expand(context);
context.setKeystore(node.toKeyStore());
}
GrantEntry grant = grantEntries.get( 0 );
grant.expand( context );
Permission perm = grant.getPermissions().elements().nextElement();
assertEquals( __PRINCIPAL, perm.getName() );
}
}
@Test
public void testFileSeparatorExpansion() throws Exception
{
PolicyContext context = new PolicyContext();
context.addProperty( "foo", "bar" );
assertEquals(File.separator, context.evaluate( "${/}" ) );
assertEquals(File.separator + "bar" + File.separator, context.evaluate( "${/}${foo}${/}" ) );
assertEquals(File.separator + File.separator, context.evaluate( "${/}${/}" ) );
}
}

138
jetty-policy/src/test/java/org/eclipse/jetty/policy/PolicyMonitorTest.java
View File

@ -1,138 +0,0 @@
//
// ========================================================================
// Copyright (c) 1995-2012 Mort Bay Consulting Pty. Ltd.
// ------------------------------------------------------------------------
// All rights reserved. This program and the accompanying materials
// are made available under the terms of the Eclipse Public License v1.0
// and Apache License v2.0 which accompanies this distribution.
//
// The Eclipse Public License is available at
// http://www.eclipse.org/legal/epl-v10.html
//
// The Apache License v2.0 is available at
// http://www.opensource.org/licenses/apache2.0.php
//
// You may elect to redistribute this code under either of these licenses.
// ========================================================================
//
package org.eclipse.jetty.policy;
import java.io.File;
import java.util.HashMap;
import java.util.concurrent.atomic.AtomicInteger;
import junit.framework.Assert;
import org.eclipse.jetty.toolchain.test.MavenTestingUtils;
import org.eclipse.jetty.toolchain.test.OS;
import org.junit.Before;
import org.junit.Test;
public class PolicyMonitorTest
{
private HashMap<String, String> evaluator = new HashMap<String, String>();
@Before
public void init() throws Exception
{
System.setProperty( "basedir", MavenTestingUtils.getBaseURI().toASCIIString() );
}
@Test
public void testSimpleLoading() throws Exception
{
final AtomicInteger count = new AtomicInteger(0);
PolicyMonitor monitor = new PolicyMonitor(new File(MavenTestingUtils.getTargetDir(),
"test-classes/monitor-test-1").getAbsolutePath())
{
@Override
public void onPolicyChange(PolicyBlock grant)
{
count.incrementAndGet();
}
};
monitor.setScanInterval(1);
monitor.start();
while (!monitor.isInitialized() )
{
Thread.sleep(100);
}
Assert.assertEquals(1,count.get());
monitor.stop();
}
@Test
public void testSimpleReloading() throws Exception
{
if (OS.IS_WINDOWS)
{
return;
}
final AtomicInteger count = new AtomicInteger(0);
PolicyMonitor monitor = new PolicyMonitor(new File(MavenTestingUtils.getTargetDir(),
"test-classes/monitor-test-2").getAbsolutePath())
{
@Override
public void onPolicyChange(PolicyBlock grant)
{
count.incrementAndGet();
}
};
monitor.setScanInterval(1);
monitor.start();
monitor.waitForScan();
monitor.waitForScan();
File permFile =new File(MavenTestingUtils.getTargetDir(),
"test-classes/monitor-test-2/global-all-permission.policy");
// Wait so that time is definitely different
monitor.waitForScan();
permFile.setLastModified(System.currentTimeMillis());
monitor.waitForScan();
monitor.waitForScan();
Assert.assertEquals(2,count.get());
monitor.stop();
}
@Test
public void testLoading() throws Exception
{
final AtomicInteger count = new AtomicInteger(0);
PolicyMonitor monitor = new PolicyMonitor(new File(MavenTestingUtils.getTargetDir(),
"test-classes/monitor-test-3").getAbsolutePath())
{
@Override
public void onPolicyChange(PolicyBlock grant)
{
count.incrementAndGet();
}
};
monitor.setScanInterval(1);
monitor.start();
while (! monitor.isInitialized() )
{
Thread.sleep(100);
}
Assert.assertEquals(16,count.get());
monitor.stop();
}
}

6
jetty-policy/src/test/resources/context/jetty-certificate-alias.policy
View File

@ -1,6 +0,0 @@
keystore "${basedir}/target/test-policy/jetty-policy.keystore", "jks";
grant signedBy "jetty-policy-bad", codeBase "${basedir}/target/test-policy/jetty-test-policy-1.0-SNAPSHOT.jar"
{
permission java.util.PropertyPermission "${{alias:jetty-policy}}", "read";
};

6
jetty-policy/src/test/resources/context/jetty-certificate.policy
View File

@ -1,6 +0,0 @@
keystore "${basedir}/target/test-policy/jetty-policy.keystore", "jks";
grant principal "jetty-policy"
{
permission java.util.PropertyPermission "${{self}}", "read";
};

3
jetty-policy/src/test/resources/monitor-test-1/global-all-permission.policy
View File

@ -1,3 +0,0 @@
grant {
permission java.security.AllPermission;
}

3
jetty-policy/src/test/resources/monitor-test-2/global-all-permission.policy
View File

@ -1,3 +0,0 @@
grant {
permission java.security.AllPermission;
}

3
jetty-policy/src/test/resources/monitor-test-2/template1.template
View File

@ -1,3 +0,0 @@
grant codeBase "TEMPLATE" {
permission java.io.FilePermission "/tmp/*", "read";
}

3
jetty-policy/src/test/resources/monitor-test-3/global-all-permission.policy
View File

@ -1,3 +0,0 @@
grant {
permission java.security.AllPermission;
}

10
jetty-policy/src/test/resources/monitor-test-3/global-file-read-only-tmp-permission.policy
View File

@ -1,10 +0,0 @@
grant {
permission java.lang.RuntimePermission "setContextClassLoader";
permission java.lang.RuntimePermission "setIO";
permission java.lang.RuntimePermission "setSecurityManager";
permission java.security.SecurityPermission "getPolicy";
permission java.io.FilePermission "/tmp", "read,write";
permission java.io.FilePermission "/tmp/*", "read,write";
permission java.io.FilePermission "/tmp/foo/bar/*", "read";
}

25
jetty-policy/src/test/resources/monitor-test-3/jetty-bad-certificate.policy
View File

@ -1,25 +0,0 @@
keystore "${basedir}target/test-policy/jetty-policy-nobody.keystore", "jks";
grant signedBy "jetty-policy-bad", codeBase "${basedir}target/test-policy/jetty-test-policy.jar"
{
permission java.util.PropertyPermission "foo", "read";
}
grant {
permission java.io.FilePermission "/-", "read, write";
permission java.lang.RuntimePermission "setContextClassLoader";
permission java.lang.RuntimePermission "setSecurityManager";
permission java.security.SecurityPermission "getPolicy";
permission java.lang.RuntimePermission "createClassLoader";
permission java.lang.RuntimePermission "setIO";
permission java.util.PropertyPermission "java.class.path", "read,write";
permission java.util.PropertyPermission "basedir", "read";
}

31
jetty-policy/src/test/resources/monitor-test-3/jetty-certificate.policy
View File

@ -1,31 +0,0 @@
keystore "${basedir}target/test-policy/jetty-policy.keystore", "jks";
grant signedBy "jetty-policy", codeBase "${basedir}target/test-policy/jetty-test-policy.jar"
{
permission java.util.PropertyPermission "foo", "read";
};
grant {
permission java.io.FilePermission "/-", "read, write";
permission java.lang.RuntimePermission "setContextClassLoader";
permission java.lang.RuntimePermission "setSecurityManager";
permission java.security.SecurityPermission "getPolicy";
permission java.lang.RuntimePermission "createClassLoader";
permission java.lang.RuntimePermission "setIO";
permission java.util.PropertyPermission "java.class.path", "read,write";
permission java.util.PropertyPermission "org.eclipse.jetty.policy.DEBUG", "read";
permission java.util.PropertyPermission "org.eclipse.jetty.util.log.stderr.DEBUG", "read";
permission java.util.PropertyPermission "org.eclipse.jetty.util.log.stderr.SOURCE", "read";
permission java.util.PropertyPermission "org.eclipse.jetty.util.log.DEBUG", "read";
permission java.util.PropertyPermission "org.eclipse.jetty.util.log.SOURCE", "read";
permission java.util.PropertyPermission "org.eclipse.jetty.util.log.class", "read";
permission java.util.PropertyPermission "org.eclipse.jetty.util.log.IGNORED", "read";
permission java.util.PropertyPermission "basedir", "read";
};

13
jetty-policy/src/test/resources/monitor-test-3/multiple-codebase-file-permission.policy
View File

@ -1,13 +0,0 @@
grant codeBase "file:///foo.jar" {
permission java.io.FilePermission "/tmp/*", "read,write";
}
grant codeBase "file:///bar.jar" {
permission java.io.FilePermission "/tmp/*", "read,write";
permission java.io.FilePermission "/usr/*", "read";
}
grant {
permission java.util.PropertyPermission "main.class", "read";
}

16
jetty-policy/src/test/resources/monitor-test-3/multiple-codebase-mixed-permission.policy
View File

@ -1,16 +0,0 @@
grant codeBase "file:///foo.jar" {
permission java.io.FilePermission "/tmp/*", "read,write";
}
grant codeBase "file:///bar.jar" {
permission java.security.AllPermission;
}
grant codeBase "file:///snap.jar" {
permission java.io.FilePermission "/tmp/*", "read,write";
permission java.io.FilePermission "/usr/*", "read,write";
}
grant {
permission java.util.PropertyPermission "main.class", "read";
}

3
jetty-policy/src/test/resources/monitor-test-3/single-codebase-file-permission-2.policy
View File

@ -1,3 +0,0 @@
grant codeBase "file:///bar.jar" {
permission java.io.FilePermission "/tmp/*", "read";
}

3
jetty-policy/src/test/resources/monitor-test-3/single-codebase-file-permission-3.policy
View File

@ -1,3 +0,0 @@
grant codeBase "file:///bar.jar" {
permission java.io.FilePermission "/tmp/*", "write";
}

3
jetty-policy/src/test/resources/monitor-test-3/single-codebase-file-permission.policy
View File

@ -1,3 +0,0 @@
grant codeBase "file:///foo.jar" {
permission java.io.FilePermission "/tmp/*", "read,write";
}

3
jetty-policy/src/test/resources/monitor-test-3/template1.template
View File

@ -1,3 +0,0 @@
grant codeBase "TEMPLATE" {
permission java.io.FilePermission "/tmp/*", "read";
}

3
jetty-policy/src/test/resources/policy-test-1/global-all-permission.policy
View File

@ -1,3 +0,0 @@
grant {
permission java.security.AllPermission;
}

3
jetty-policy/src/test/resources/policy-test-2/single-codebase-file-permission.policy
View File

@ -1,3 +0,0 @@
grant codeBase "file:///foo.jar" {
permission java.io.FilePermission "/tmp/*", "read,write";
}

13
jetty-policy/src/test/resources/policy-test-3/multiple-codebase-file-permission.policy
View File

@ -1,13 +0,0 @@
grant codeBase "file:///foo.jar" {
permission java.io.FilePermission "/tmp/*", "read,write";
}
grant codeBase "file:///bar.jar" {
permission java.io.FilePermission "/tmp/*", "read,write";
permission java.io.FilePermission "/usr/*", "read";
}
grant {
permission java.util.PropertyPermission "main.class", "read";
}

16
jetty-policy/src/test/resources/policy-test-4/multiple-codebase-mixed-permission.policy
View File

@ -1,16 +0,0 @@
grant codeBase "file:///foo.jar" {
permission java.io.FilePermission "/tmp/*", "read,write";
}
grant codeBase "file:///bar.jar" {
permission java.security.AllPermission;
}
grant codeBase "file:///snap.jar" {
permission java.io.FilePermission "/tmp/*", "read,write";
permission java.io.FilePermission "/usr/*", "read,write";
}
grant {
permission java.util.PropertyPermission "main.class", "read";
}

3
jetty-policy/src/test/resources/policy-test-5/single-codebase-file-permission-2.policy
View File

@ -1,3 +0,0 @@
grant codeBase "file:///bar.jar" {
permission java.io.FilePermission "/tmp/*", "read";
}

3
jetty-policy/src/test/resources/policy-test-5/single-codebase-file-permission.policy
View File

@ -1,3 +0,0 @@
grant codeBase "file:///foo.jar" {
permission java.io.FilePermission "/tmp/*", "read,write";
}

3
jetty-policy/src/test/resources/policy-test-6/single-codebase-file-permission-2.policy
View File

@ -1,3 +0,0 @@
grant codeBase "file:///bar.jar" {
permission java.io.FilePermission "/tmp/*", "read";
}

3
jetty-policy/src/test/resources/policy-test-6/single-codebase-file-permission-3.policy
View File

@ -1,3 +0,0 @@
grant codeBase "file:///bar.jar" {
permission java.io.FilePermission "/tmp/*", "write";
}

3
jetty-policy/src/test/resources/policy-test-6/single-codebase-file-permission.policy
View File

@ -1,3 +0,0 @@
grant codeBase "file:///foo.jar" {
permission java.io.FilePermission "/tmp/*", "read,write";
}

3
jetty-policy/src/test/resources/runtime-test-1/global-all-permission.policy
View File

@ -1,3 +0,0 @@
grant {
permission java.security.AllPermission;
}

3
jetty-policy/src/test/resources/runtime-test-2/a/global-all-permission.policy
View File

@ -1,3 +0,0 @@
grant {
permission java.security.AllPermission;
}

10
jetty-policy/src/test/resources/runtime-test-2/b/global-file-read-only-tmp-permission.policy
View File

@ -1,10 +0,0 @@
grant {
permission java.lang.RuntimePermission "setContextClassLoader";
permission java.lang.RuntimePermission "setIO";
permission java.lang.RuntimePermission "setSecurityManager";
permission java.security.SecurityPermission "getPolicy";
permission java.io.FilePermission "/tmp", "read,write";
permission java.io.FilePermission "/tmp/*", "read,write";
permission java.io.FilePermission "/tmp/foo/bar/*", "read";
}

10
jetty-policy/src/test/resources/runtime-test-3/global-file-read-only-tmp-permission.policy
View File

@ -1,10 +0,0 @@
grant {
permission java.lang.RuntimePermission "setContextClassLoader";
permission java.lang.RuntimePermission "setIO";
permission java.lang.RuntimePermission "setSecurityManager";
permission java.security.SecurityPermission "getPolicy";
permission java.io.FilePermission "/tmp", "read,write";
permission java.io.FilePermission "/tmp/*", "read,write";
permission java.io.FilePermission "/tmp/foo/bar/*", "read";
}

31
jetty-policy/src/test/resources/runtime-test-4/jetty-certificate.policy
View File

@ -1,31 +0,0 @@
keystore "${basedir}target/test-policy/jetty-policy.keystore", "jks";
grant signedBy "jetty-policy", codeBase "${basedir}target/test-policy/jetty-test-policy.jar"
{
permission java.util.PropertyPermission "foo", "read";
};
grant {
permission java.io.FilePermission "/-", "read, write";
permission java.lang.RuntimePermission "setContextClassLoader";
permission java.lang.RuntimePermission "setSecurityManager";
permission java.security.SecurityPermission "getPolicy";
permission java.lang.RuntimePermission "createClassLoader";
permission java.lang.RuntimePermission "setIO";
permission java.util.PropertyPermission "java.class.path", "read,write";
permission java.util.PropertyPermission "org.eclipse.jetty.policy.DEBUG", "read";
permission java.util.PropertyPermission "org.eclipse.jetty.util.log.stderr.DEBUG", "read";
permission java.util.PropertyPermission "org.eclipse.jetty.util.log.stderr.SOURCE", "read";
permission java.util.PropertyPermission "org.eclipse.jetty.util.log.DEBUG", "read";
permission java.util.PropertyPermission "org.eclipse.jetty.util.log.SOURCE", "read";
permission java.util.PropertyPermission "org.eclipse.jetty.util.log.class", "read";
permission java.util.PropertyPermission "org.eclipse.jetty.util.log.IGNORED", "read";
permission java.util.PropertyPermission "basedir", "read";
};

25
jetty-policy/src/test/resources/runtime-test-5/jetty-bad-certificate.policy
View File

@ -1,25 +0,0 @@
keystore "${basedir}target/test-policy/jetty-policy-nobody.keystore", "jks";
grant signedBy "jetty-policy-bad", codeBase "${basedir}target/test-policy/jetty-test-policy.jar"
{
permission java.util.PropertyPermission "foo", "read";
}
grant {
permission java.io.FilePermission "/-", "read, write";
permission java.lang.RuntimePermission "setContextClassLoader";
permission java.lang.RuntimePermission "setSecurityManager";
permission java.security.SecurityPermission "getPolicy";
permission java.lang.RuntimePermission "createClassLoader";
permission java.lang.RuntimePermission "setIO";
permission java.util.PropertyPermission "java.class.path", "read,write";
permission java.util.PropertyPermission "basedir", "read";
}