added in example of file read/write demo
git-svn-id: svn+ssh://dev.eclipse.org/svnroot/rt/org.eclipse.jetty/jetty/trunk@757 7e9141cc-0065-0410-87d8-b60c137991c4
This commit is contained in:
Jesse McConnell
parent
1bffa7e0ca
commit
d61fdf343e
|
|
@ -183,19 +183,19 @@ grant codeBase "file:${jetty.home}/work/-" {
|
|||
//
|
||||
//
|
||||
grant {
|
||||
permission java.io.FilePermission "${jetty.home}${/}lib${/}policy${/}-", "read";
|
||||
|
||||
// allows anyone to listen on un-privileged ports
|
||||
permission java.net.SocketPermission "localhost:1024-", "listen";
|
||||
permission java.net.SocketPermission "localhost:1024-", "accept";
|
||||
|
||||
permission java.util.PropertyPermission "entityExpansionLimit", "read";
|
||||
permission java.util.PropertyPermission "maxOccurLimit", "read";
|
||||
permission java.util.PropertyPermission "elementAttributeLimit", "read";
|
||||
permission java.lang.RuntimePermission "shutdownHooks";
|
||||
|
||||
permission java.net.SocketPermission "localhost:1024-", "accept";
|
||||
|
||||
permission java.security.SecurityPermission "putProviderProperty.SunJCE";
|
||||
permission java.util.PropertyPermission "org.eclipse.jetty.io.nio.JVMBUG_THRESHHOLD", "read, write";
|
||||
|
||||
// "standard" properties that can be read by anyone
|
||||
permission java.util.PropertyPermission "entityExpansionLimit", "read";
|
||||
permission java.util.PropertyPermission "elementAttributeLimit", "read";
|
||||
permission java.util.PropertyPermission "maxOccurLimit", "read";
|
||||
permission java.util.PropertyPermission "java.version", "read";
|
||||
permission java.util.PropertyPermission "java.vendor", "read";
|
||||
permission java.util.PropertyPermission "java.vendor.url", "read";
|
||||
|
|
@ -211,13 +211,16 @@ grant {
|
|||
permission java.util.PropertyPermission "java.specification.version", "read";
|
||||
permission java.util.PropertyPermission "java.specification.vendor", "read";
|
||||
permission java.util.PropertyPermission "java.specification.name", "read";
|
||||
|
||||
|
||||
permission java.util.PropertyPermission "java.vm.specification.version", "read";
|
||||
permission java.util.PropertyPermission "java.vm.specification.vendor", "read";
|
||||
permission java.util.PropertyPermission "java.vm.specification.name", "read";
|
||||
permission java.util.PropertyPermission "java.vm.version", "read";
|
||||
permission java.util.PropertyPermission "java.vm.vendor", "read";
|
||||
permission java.util.PropertyPermission "java.vm.name", "read";
|
||||
|
||||
// TEST WEBAPP PERMISSIONS
|
||||
permission java.util.PropertyPermission "user.dir", "read";
|
||||
};
|
||||
|
||||
|
||||
|
|
|
|||
|
|
@ -12,6 +12,8 @@
|
|||
// ========================================================================
|
||||
|
||||
package com.acme;
|
||||
|
||||
import java.io.File;
|
||||
import java.io.IOException;
|
||||
import java.io.PrintStream;
|
||||
|
||||
|
|
@ -53,6 +55,75 @@ public class SecureModeServlet extends HttpServlet implements SingleThreadModel
|
|||
ServletOutputStream out = response.getOutputStream();
|
||||
out.println("<html>");
|
||||
out.println(" <title>Secure Jetty Test Webapp</title>");
|
||||
|
||||
try
|
||||
{
|
||||
runPropertyChecks(out);
|
||||
|
||||
runFileSystemChecks(out);
|
||||
}
|
||||
catch (Exception e)
|
||||
{
|
||||
e.printStackTrace(new PrintStream(out));
|
||||
}
|
||||
out.println("</html>");
|
||||
out.flush();
|
||||
|
||||
try
|
||||
{
|
||||
Thread.sleep(200);
|
||||
}
|
||||
catch (InterruptedException e)
|
||||
{
|
||||
getServletContext().log("exception",e);
|
||||
}
|
||||
}
|
||||
|
||||
private void runFileSystemChecks(ServletOutputStream out) throws Exception
|
||||
{
|
||||
out.println(" <h1>Checking File System</h1>");
|
||||
|
||||
/*
|
||||
* test the reading and writing of a read only permission
|
||||
*/
|
||||
out.println(" <h3>Declared Read Access - $jetty.home/lib</h3>");
|
||||
out.println(" <p>");
|
||||
|
||||
String userDir = System.getProperty("user.dir");
|
||||
try
|
||||
{
|
||||
out.println("check read for $jetty.home/lib/policy/jetty.policy <br/>");
|
||||
|
||||
File jettyHomeFile = new File(userDir + File.separator + "lib" + File.separator + "policy" + File.separator + "jetty.policy");
|
||||
jettyHomeFile.canRead();
|
||||
out.println("status: <b>SUCCESS - expected</b><br/>");
|
||||
}
|
||||
catch (SecurityException e)
|
||||
{
|
||||
out.println("status: <b>FAILURE - unexpected</b><br/>");
|
||||
out.println("<table><tr><td>");
|
||||
e.printStackTrace(new PrintStream(out));
|
||||
out.println("</td></tr></table>");
|
||||
}
|
||||
try
|
||||
{
|
||||
out.println("check write permission for $jetty.home/lib/policy/test.tmpfile<br/>");
|
||||
|
||||
File jettyHomeFile = new File(userDir + File.separator + "lib" + File.separator + "policy" + File.separator + "jetty.policy");
|
||||
jettyHomeFile.canWrite();
|
||||
out.println("status: <b>SUCCESS - unexpected</b><br/>");
|
||||
}
|
||||
catch (SecurityException e)
|
||||
{
|
||||
out.println("status: <b>FAILURE - expected</b><br/>");
|
||||
}
|
||||
|
||||
out.println(" </p><br/><br/>");
|
||||
}
|
||||
|
||||
private void runPropertyChecks(ServletOutputStream out) throws IOException
|
||||
{
|
||||
|
||||
out.println(" <h1>Checking Properties</h1>");
|
||||
|
||||
/*
|
||||
|
|
@ -150,20 +221,7 @@ public class SecureModeServlet extends HttpServlet implements SingleThreadModel
|
|||
}
|
||||
|
||||
out.println(" </p><br/><br/>");
|
||||
out.println("</html>");
|
||||
out.flush();
|
||||
|
||||
try
|
||||
{
|
||||
Thread.sleep(200);
|
||||
}
|
||||
catch (InterruptedException e)
|
||||
{
|
||||
getServletContext().log("exception",e);
|
||||
}
|
||||
}
|
||||
|
||||
|
||||
|
||||
|
||||
}
|
||||
|
|
|
|||
Loading…
Reference in New Issue