added in example of file read/write demo

git-svn-id: svn+ssh://dev.eclipse.org/svnroot/rt/org.eclipse.jetty/jetty/trunk@757 7e9141cc-0065-0410-87d8-b60c137991c4
2009-08-24 22:42:13 +00:00 · 2009-08-24 22:42:13 +00:00 · d61fdf343e
parent 1bffa7e0ca
commit d61fdf343e
2 changed files with 82 additions and 21 deletions
--- a/jetty-policy/src/main/config/lib/policy/jetty.policy
+++ b/jetty-policy/src/main/config/lib/policy/jetty.policy
@ -183,19 +183,19 @@ grant codeBase "file:${jetty.home}/work/-" {
 //
 //
 grant { 
+   permission java.io.FilePermission "${jetty.home}${/}lib${/}policy${/}-", "read";
+
   // allows anyone to listen on un-privileged ports
   permission java.net.SocketPermission "localhost:1024-", "listen";
   permission java.net.SocketPermission "localhost:1024-", "accept"; 

-   permission java.util.PropertyPermission "entityExpansionLimit", "read";
-   permission java.util.PropertyPermission "maxOccurLimit", "read";
-   permission java.util.PropertyPermission "elementAttributeLimit", "read";
-   permission java.lang.RuntimePermission "shutdownHooks";
-  
-
+   permission java.security.SecurityPermission "putProviderProperty.SunJCE";
   permission java.util.PropertyPermission "org.eclipse.jetty.io.nio.JVMBUG_THRESHHOLD", "read, write";

   // "standard" properties that can be read by anyone
+   permission java.util.PropertyPermission "entityExpansionLimit", "read";
+   permission java.util.PropertyPermission "elementAttributeLimit", "read";
+   permission java.util.PropertyPermission "maxOccurLimit", "read";
   permission java.util.PropertyPermission "java.version", "read";
   permission java.util.PropertyPermission "java.vendor", "read";
   permission java.util.PropertyPermission "java.vendor.url", "read";
@ -218,6 +218,9 @@ grant {
   permission java.util.PropertyPermission "java.vm.version", "read";
   permission java.util.PropertyPermission "java.vm.vendor", "read";
   permission java.util.PropertyPermission "java.vm.name", "read";
+
+   // TEST WEBAPP PERMISSIONS
+   permission java.util.PropertyPermission "user.dir", "read";  
 };


--- a/test-jetty-webapp/src/main/java/com/acme/SecureModeServlet.java
+++ b/test-jetty-webapp/src/main/java/com/acme/SecureModeServlet.java
@ -12,6 +12,8 @@
 // ========================================================================

 package com.acme;
+
+import java.io.File;
 import java.io.IOException;
 import java.io.PrintStream;

@ -53,6 +55,75 @@ public class SecureModeServlet extends HttpServlet implements SingleThreadModel
        ServletOutputStream out = response.getOutputStream();
        out.println("<html>");
        out.println("  <title>Secure Jetty Test Webapp</title>");
+
+        try
+        {
+        runPropertyChecks(out);
+
+        runFileSystemChecks(out);
+        }
+        catch (Exception e)
+        {
+            e.printStackTrace(new PrintStream(out));
+        }
+        out.println("</html>");
+        out.flush();
+
+        try
+        {
+            Thread.sleep(200);
+        }
+        catch (InterruptedException e)
+        {
+            getServletContext().log("exception",e);
+        }
+    }
+
+    private void runFileSystemChecks(ServletOutputStream out) throws Exception
+    {
+        out.println("    <h1>Checking File System</h1>");
+
+        /*
+         * test the reading and writing of a read only permission
+         */
+        out.println("    <h3>Declared Read Access - $jetty.home/lib</h3>");
+        out.println("      <p>");
+
+        String userDir = System.getProperty("user.dir");
+        try
+        {
+            out.println("check read for $jetty.home/lib/policy/jetty.policy <br/>");
+
+            File jettyHomeFile = new File(userDir + File.separator + "lib" + File.separator + "policy" + File.separator + "jetty.policy");
+            jettyHomeFile.canRead();
+            out.println("status: <b>SUCCESS - expected</b><br/>");
+        }
+        catch (SecurityException e)
+        {
+            out.println("status: <b>FAILURE - unexpected</b><br/>");
+            out.println("<table><tr><td>");
+            e.printStackTrace(new PrintStream(out));
+            out.println("</td></tr></table>");
+        }
+        try
+        {
+            out.println("check write permission for $jetty.home/lib/policy/test.tmpfile<br/>");
+
+            File jettyHomeFile = new File(userDir + File.separator + "lib" + File.separator + "policy" + File.separator + "jetty.policy");
+            jettyHomeFile.canWrite();
+            out.println("status: <b>SUCCESS - unexpected</b><br/>");
+        }
+        catch (SecurityException e)
+        {
+            out.println("status: <b>FAILURE - expected</b><br/>");
+        }
+
+        out.println("      </p><br/><br/>");
+    }
+
+    private void runPropertyChecks(ServletOutputStream out) throws IOException
+    {
+
        out.println("    <h1>Checking Properties</h1>");

        /*
@ -150,20 +221,7 @@ public class SecureModeServlet extends HttpServlet implements SingleThreadModel
        }

        out.println("      </p><br/><br/>");
-        out.println("</html>");
-        out.flush();
-        
-        try
-        {
-            Thread.sleep(200);
-        }
-        catch (InterruptedException e)
-        {
-            getServletContext().log("exception",e);
-        }
    }
 
    
- 
-    
 }