下面列出了java.util.logging.LoggingPermission#java.net.SocketPermission 实例代码,或者点击链接到github查看源代码,也可以在右侧发表评论。
static void trySockPC() throws Exception {
try {
SocketPermission p0= new SocketPermission("example.com","connect");
PermissionCollection pc = p0.newPermissionCollection();
pc.setReadOnly(); // this should lock out future adds
//
SocketPermission p1= new SocketPermission("example.net","connect");
pc.add(p1);
throw new
Exception("Failed...SocketPermission added to readonly SocketPermissionCollection.");
} catch (SecurityException se) {
System.out.println("SocketPermissionCollection passed");
}
}
@Override
public synchronized OutputStream getOutputStream() throws IOException {
connecting = true;
SocketPermission p = URLtoSocketPermission(this.url);
if (p != null) {
try {
return AccessController.doPrivilegedWithCombiner(
new PrivilegedExceptionAction<>() {
public OutputStream run() throws IOException {
return getOutputStream0();
}
}, null, p
);
} catch (PrivilegedActionException e) {
throw (IOException) e.getException();
}
} else {
return getOutputStream0();
}
}
/**
* Creates one of the well-known permissions directly instead of
* via reflection. Keep list short to not penalize non-JDK-defined
* permissions.
*/
private static final Permission getKnownInstance(Class<?> claz,
String name, String actions) {
if (claz.equals(FilePermission.class)) {
return new FilePermission(name, actions);
} else if (claz.equals(SocketPermission.class)) {
return new SocketPermission(name, actions);
} else if (claz.equals(RuntimePermission.class)) {
return new RuntimePermission(name, actions);
} else if (claz.equals(PropertyPermission.class)) {
return new PropertyPermission(name, actions);
} else if (claz.equals(NetPermission.class)) {
return new NetPermission(name, actions);
} else if (claz.equals(AllPermission.class)) {
return SecurityConstants.ALL_PERMISSION;
} else {
return null;
}
}
/**
* Return an enumeration of all the accessible
* applets on this page.
*/
@Override
public Enumeration getApplets() {
AppletSecurity security = (AppletSecurity)System.getSecurityManager();
Vector v = new Vector();
SocketPermission panelSp =
new SocketPermission(panel.getCodeBase().getHost(), "connect");
for (Enumeration e = appletPanels.elements() ; e.hasMoreElements() ;) {
AppletPanel p = (AppletPanel)e.nextElement();
if (p.getDocumentBase().equals(panel.getDocumentBase())) {
SocketPermission sp =
new SocketPermission(p.getCodeBase().getHost(), "connect");
if (panelSp.implies(sp)) {
v.addElement(p.applet);
}
}
}
return v.elements();
}
/**
* Creates one of the well-known permissions directly instead of
* via reflection. Keep list short to not penalize non-JDK-defined
* permissions.
*/
private static final Permission getKnownInstance(Class<?> claz,
String name, String actions) {
if (claz.equals(FilePermission.class)) {
return new FilePermission(name, actions);
} else if (claz.equals(SocketPermission.class)) {
return new SocketPermission(name, actions);
} else if (claz.equals(RuntimePermission.class)) {
return new RuntimePermission(name, actions);
} else if (claz.equals(PropertyPermission.class)) {
return new PropertyPermission(name, actions);
} else if (claz.equals(NetPermission.class)) {
return new NetPermission(name, actions);
} else if (claz.equals(AllPermission.class)) {
return SecurityConstants.ALL_PERMISSION;
} else {
return null;
}
}
private static SocketPermission getSocketPermissionFor(URI url) {
if (System.getSecurityManager() == null) {
return null;
}
StringBuilder sb = new StringBuilder();
String host = url.getHost();
sb.append(host);
int port = url.getPort();
if (port == -1) {
String scheme = url.getScheme();
if ("http".equals(scheme)) {
sb.append(":80");
} else { // scheme must be https
sb.append(":443");
}
} else {
sb.append(':')
.append(Integer.toString(port));
}
String target = sb.toString();
return new SocketPermission(target, "connect");
}
/**
* Creates one of the well-known permissions directly instead of
* via reflection. Keep list short to not penalize non-JDK-defined
* permissions.
*/
private static final Permission getKnownInstance(Class<?> claz,
String name, String actions) {
if (claz.equals(FilePermission.class)) {
return new FilePermission(name, actions);
} else if (claz.equals(SocketPermission.class)) {
return new SocketPermission(name, actions);
} else if (claz.equals(RuntimePermission.class)) {
return new RuntimePermission(name, actions);
} else if (claz.equals(PropertyPermission.class)) {
return new PropertyPermission(name, actions);
} else if (claz.equals(NetPermission.class)) {
return new NetPermission(name, actions);
} else if (claz.equals(AllPermission.class)) {
return SecurityConstants.ALL_PERMISSION;
} else {
return null;
}
}
/**
* Creates one of the well-known permissions directly instead of
* via reflection. Keep list short to not penalize non-JDK-defined
* permissions.
*/
private static final Permission getKnownInstance(Class<?> claz,
String name, String actions) {
if (claz.equals(FilePermission.class)) {
return new FilePermission(name, actions);
} else if (claz.equals(SocketPermission.class)) {
return new SocketPermission(name, actions);
} else if (claz.equals(RuntimePermission.class)) {
return new RuntimePermission(name, actions);
} else if (claz.equals(PropertyPermission.class)) {
return new PropertyPermission(name, actions);
} else if (claz.equals(NetPermission.class)) {
return new NetPermission(name, actions);
} else if (claz.equals(AllPermission.class)) {
return SecurityConstants.ALL_PERMISSION;
} else {
return null;
}
}
/**
* Return an enumeration of all the accessible
* applets on this page.
*/
@Override
public Enumeration getApplets() {
AppletSecurity security = (AppletSecurity)System.getSecurityManager();
Vector v = new Vector();
SocketPermission panelSp =
new SocketPermission(panel.getCodeBase().getHost(), "connect");
for (Enumeration e = appletPanels.elements() ; e.hasMoreElements() ;) {
AppletPanel p = (AppletPanel)e.nextElement();
if (p.getDocumentBase().equals(panel.getDocumentBase())) {
SocketPermission sp =
new SocketPermission(p.getCodeBase().getHost(), "connect");
if (panelSp.implies(sp)) {
v.addElement(p.applet);
}
}
}
return v.elements();
}
/**
* Get an applet by name.
*/
@Override
public Applet getApplet(String name) {
AppletSecurity security = (AppletSecurity)System.getSecurityManager();
name = name.toLowerCase();
SocketPermission panelSp =
new SocketPermission(panel.getCodeBase().getHost(), "connect");
for (Enumeration e = appletPanels.elements() ; e.hasMoreElements() ;) {
AppletPanel p = (AppletPanel)e.nextElement();
String param = p.getParameter("name");
if (param != null) {
param = param.toLowerCase();
}
if (name.equals(param) &&
p.getDocumentBase().equals(panel.getDocumentBase())) {
SocketPermission sp =
new SocketPermission(p.getCodeBase().getHost(), "connect");
if (panelSp.implies(sp)) {
return p.applet;
}
}
}
return null;
}
/**
* Return an enumeration of all the accessible
* applets on this page.
*/
@Override
public Enumeration getApplets() {
AppletSecurity security = (AppletSecurity)System.getSecurityManager();
Vector v = new Vector();
SocketPermission panelSp =
new SocketPermission(panel.getCodeBase().getHost(), "connect");
for (Enumeration e = appletPanels.elements() ; e.hasMoreElements() ;) {
AppletPanel p = (AppletPanel)e.nextElement();
if (p.getDocumentBase().equals(panel.getDocumentBase())) {
SocketPermission sp =
new SocketPermission(p.getCodeBase().getHost(), "connect");
if (panelSp.implies(sp)) {
v.addElement(p.applet);
}
}
}
return v.elements();
}
/**
* Get an applet by name.
*/
@Override
public Applet getApplet(String name) {
AppletSecurity security = (AppletSecurity)System.getSecurityManager();
name = name.toLowerCase();
SocketPermission panelSp =
new SocketPermission(panel.getCodeBase().getHost(), "connect");
for (Enumeration e = appletPanels.elements() ; e.hasMoreElements() ;) {
AppletPanel p = (AppletPanel)e.nextElement();
String param = p.getParameter("name");
if (param != null) {
param = param.toLowerCase();
}
if (name.equals(param) &&
p.getDocumentBase().equals(panel.getDocumentBase())) {
SocketPermission sp =
new SocketPermission(p.getCodeBase().getHost(), "connect");
if (panelSp.implies(sp)) {
return p.applet;
}
}
}
return null;
}
@Override
public synchronized OutputStream getOutputStream() throws IOException {
connecting = true;
SocketPermission p = URLtoSocketPermission(this.url);
if (p != null) {
try {
return AccessController.doPrivilegedWithCombiner(
new PrivilegedExceptionAction<OutputStream>() {
public OutputStream run() throws IOException {
return getOutputStream0();
}
}, null, p
);
} catch (PrivilegedActionException e) {
throw (IOException) e.getException();
}
} else {
return getOutputStream0();
}
}
protected void plainConnect() throws IOException {
synchronized (this) {
if (connected) {
return;
}
}
SocketPermission p = URLtoSocketPermission(this.url);
if (p != null) {
try {
AccessController.doPrivilegedWithCombiner(
new PrivilegedExceptionAction<Void>() {
public Void run() throws IOException {
plainConnect0();
return null;
}
}, null, p
);
} catch (PrivilegedActionException e) {
throw (IOException) e.getException();
}
} else {
// run without additional permission
plainConnect0();
}
}
@Override
public synchronized OutputStream getOutputStream() throws IOException {
connecting = true;
SocketPermission p = URLtoSocketPermission(this.url);
if (p != null) {
try {
return AccessController.doPrivilegedWithCombiner(
new PrivilegedExceptionAction<OutputStream>() {
public OutputStream run() throws IOException {
return getOutputStream0();
}
}, null, p
);
} catch (PrivilegedActionException e) {
throw (IOException) e.getException();
}
} else {
return getOutputStream0();
}
}
@Override
public synchronized InputStream getInputStream() throws IOException {
connecting = true;
SocketPermission p = URLtoSocketPermission(this.url);
if (p != null) {
try {
return AccessController.doPrivilegedWithCombiner(
new PrivilegedExceptionAction<InputStream>() {
public InputStream run() throws IOException {
return getInputStream0();
}
}, null, p
);
} catch (PrivilegedActionException e) {
throw (IOException) e.getException();
}
} else {
return getInputStream0();
}
}
@Override
public synchronized OutputStream getOutputStream() throws IOException {
connecting = true;
SocketPermission p = URLtoSocketPermission(this.url);
if (p != null) {
try {
return AccessController.doPrivilegedWithCombiner(
new PrivilegedExceptionAction<OutputStream>() {
public OutputStream run() throws IOException {
return getOutputStream0();
}
}, null, p
);
} catch (PrivilegedActionException e) {
throw (IOException) e.getException();
}
} else {
return getOutputStream0();
}
}
/**
* Creates one of the well-known permissions in the java.base module
* directly instead of via reflection. Keep list short to not penalize
* permissions from other modules.
*/
private static Permission getKnownPermission(Class<?> claz, String name,
String actions) {
if (claz.equals(FilePermission.class)) {
return new FilePermission(name, actions);
} else if (claz.equals(SocketPermission.class)) {
return new SocketPermission(name, actions);
} else if (claz.equals(RuntimePermission.class)) {
return new RuntimePermission(name, actions);
} else if (claz.equals(PropertyPermission.class)) {
return new PropertyPermission(name, actions);
} else if (claz.equals(NetPermission.class)) {
return new NetPermission(name, actions);
} else if (claz.equals(AllPermission.class)) {
return SecurityConstants.ALL_PERMISSION;
} else if (claz.equals(SecurityPermission.class)) {
return new SecurityPermission(name, actions);
} else {
return null;
}
}
static void trySockPC() throws Exception {
try {
SocketPermission p0= new SocketPermission("example.com","connect");
PermissionCollection pc = p0.newPermissionCollection();
pc.setReadOnly(); // this should lock out future adds
//
SocketPermission p1= new SocketPermission("example.net","connect");
pc.add(p1);
throw new
Exception("Failed...SocketPermission added to readonly SocketPermissionCollection.");
} catch (SecurityException se) {
System.out.println("SocketPermissionCollection passed");
}
}
/**
* Get an applet by name.
*/
public Applet getApplet(String name) {
AppletSecurity security = (AppletSecurity)System.getSecurityManager();
name = name.toLowerCase();
SocketPermission panelSp =
new SocketPermission(panel.getCodeBase().getHost(), "connect");
for (Enumeration e = appletPanels.elements() ; e.hasMoreElements() ;) {
AppletPanel p = (AppletPanel)e.nextElement();
String param = p.getParameter("name");
if (param != null) {
param = param.toLowerCase();
}
if (name.equals(param) &&
p.getDocumentBase().equals(panel.getDocumentBase())) {
SocketPermission sp =
new SocketPermission(p.getCodeBase().getHost(), "connect");
if (panelSp.implies(sp)) {
return p.applet;
}
}
}
return null;
}
/**
* if the caller has a URLPermission for connecting to the
* given URL, then return a SocketPermission which permits
* access to that destination. Return null otherwise. The permission
* is cached in a field (which can only be changed by redirects)
*/
SocketPermission URLtoSocketPermission(URL url) throws IOException {
if (socketPermission != null) {
return socketPermission;
}
SecurityManager sm = System.getSecurityManager();
if (sm == null) {
return null;
}
// the permission, which we might grant
SocketPermission newPerm = new SocketPermission(
getHostAndPort(url), "connect"
);
String actions = getRequestMethod()+":" +
getUserSetHeaders().getHeaderNamesInList();
String urlstring = url.getProtocol() + "://" + url.getAuthority()
+ url.getPath();
URLPermission p = new URLPermission(urlstring, actions);
try {
sm.checkPermission(p);
socketPermission = newPerm;
return socketPermission;
} catch (SecurityException e) {
// fall thru
}
return null;
}
public static JavaArchive createDeployment() throws Exception {
JavaArchive jar = ShrinkWrap.create(JavaArchive.class, WEB_SUSPEND_JAR);
jar.addPackage(SuspendResumeHandler.class.getPackage());
jar.addAsServiceProvider(ServiceActivator.class, TestSuspendServiceActivator.class);
jar.addAsResource(new StringAsset("Dependencies: org.jboss.dmr, org.jboss.as.controller, io.undertow.core, org.jboss.as.server,org.wildfly.extension.request-controller, org.jboss.as.network\n"), "META-INF/MANIFEST.MF");
jar.addAsManifestResource(PermissionUtils.createPermissionsXmlAsset(
new ReflectPermission("suppressAccessChecks"),
new RuntimePermission("createXnioWorker"),
new SocketPermission(TestSuiteEnvironment.getServerAddress() + ":8080", "listen,resolve"),
new SocketPermission("*", "accept,resolve")
), "permissions.xml");
return jar;
}
/**
* if the caller has a URLPermission for connecting to the
* given URL, then return a SocketPermission which permits
* access to that destination. Return null otherwise. The permission
* is cached in a field (which can only be changed by redirects)
*/
SocketPermission URLtoSocketPermission(URL url) throws IOException {
if (socketPermission != null) {
return socketPermission;
}
SecurityManager sm = System.getSecurityManager();
if (sm == null) {
return null;
}
// the permission, which we might grant
SocketPermission newPerm = new SocketPermission(
getHostAndPort(url), "connect"
);
String actions = getRequestMethod()+":" +
getUserSetHeaders().getHeaderNamesInList();
String urlstring = url.getProtocol() + "://" + url.getAuthority()
+ url.getPath();
URLPermission p = new URLPermission(urlstring, actions);
try {
sm.checkPermission(p);
socketPermission = newPerm;
return socketPermission;
} catch (SecurityException e) {
// fall thru
}
return null;
}
/**
* if the caller has a URLPermission for connecting to the
* given URL, then return a SocketPermission which permits
* access to that destination. Return null otherwise. The permission
* is cached in a field (which can only be changed by redirects)
*/
SocketPermission URLtoSocketPermission(URL url) throws IOException {
if (socketPermission != null) {
return socketPermission;
}
SecurityManager sm = System.getSecurityManager();
if (sm == null) {
return null;
}
// the permission, which we might grant
SocketPermission newPerm = new SocketPermission(
getHostAndPort(url), "connect"
);
String actions = getRequestMethod()+":" +
getUserSetHeaders().getHeaderNamesInList();
String urlstring = url.getProtocol() + "://" + url.getAuthority()
+ url.getPath();
URLPermission p = new URLPermission(urlstring, actions);
try {
sm.checkPermission(p);
socketPermission = newPerm;
return socketPermission;
} catch (SecurityException e) {
// fall thru
}
return null;
}
public static void main(String[] args) throws Exception {
SocketPermission star_All =
new SocketPermission("*.blabla.bla", "listen,accept,connect");
SocketPermission www_All =
new SocketPermission("bla.blabla.bla", "listen,accept,connect");
if (!star_All.implies(www_All)) {
throw new RuntimeException(
"Failed: " + star_All + " does not imply " + www_All);
}
}
private void initStaticPolicy(PermissionCollection perms) {
perms.add(new java.security.SecurityPermission("getPolicy"));
perms.add(new java.security.SecurityPermission("setPolicy"));
perms.add(new java.lang.RuntimePermission("stopThread"));
perms.add(new java.net.SocketPermission("localhost:1024-", "listen"));
perms.add(new PropertyPermission("java.version","read"));
perms.add(new PropertyPermission("java.vendor","read"));
perms.add(new PropertyPermission("java.vendor.url","read"));
perms.add(new PropertyPermission("java.class.version","read"));
perms.add(new PropertyPermission("os.name","read"));
perms.add(new PropertyPermission("os.version","read"));
perms.add(new PropertyPermission("os.arch","read"));
perms.add(new PropertyPermission("file.separator","read"));
perms.add(new PropertyPermission("path.separator","read"));
perms.add(new PropertyPermission("line.separator","read"));
perms.add(new PropertyPermission("java.specification.version", "read"));
perms.add(new PropertyPermission("java.specification.vendor", "read"));
perms.add(new PropertyPermission("java.specification.name", "read"));
perms.add(new PropertyPermission("java.vm.specification.version", "read"));
perms.add(new PropertyPermission("java.vm.specification.vendor", "read"));
perms.add(new PropertyPermission("java.vm.specification.name", "read"));
perms.add(new PropertyPermission("java.vm.version", "read"));
perms.add(new PropertyPermission("java.vm.vendor", "read"));
perms.add(new PropertyPermission("java.vm.name", "read"));
return;
}
@Test
public void joinGroupMulticastTest() throws Exception {
InetAddress group = InetAddress.getByName("229.227.226.221");
try (MulticastSocket s = new MulticastSocket(0)) {
int port = s.getLocalPort();
String addr = "localhost:" + port;
AccessControlContext acc = getAccessControlContext(
new SocketPermission(addr, "listen,resolve"),
new SocketPermission("229.227.226.221", "connect,accept"));
// Positive
AccessController.doPrivileged((PrivilegedExceptionAction<Void>) () -> {
s.joinGroup(group);
s.leaveGroup(group);
return null;
}, acc);
// Negative
try {
AccessController.doPrivileged((PrivilegedExceptionAction<Void>) () -> {
s.joinGroup(group);
s.leaveGroup(group);
fail("Expected SecurityException");
return null;
}, RESTRICTED_ACC);
} catch (SecurityException expected) { }
}
}
public static void main(String[] args) throws Exception {
SocketPermission star_All =
new SocketPermission("*.blabla.bla", "listen,accept,connect");
SocketPermission www_All =
new SocketPermission("bla.blabla.bla", "listen,accept,connect");
if (!star_All.implies(www_All)) {
throw new RuntimeException(
"Failed: " + star_All + " does not imply " + www_All);
}
}
/**
* if the caller has a URLPermission for connecting to the
* given URL, then return a SocketPermission which permits
* access to that destination. Return null otherwise. The permission
* is cached in a field (which can only be changed by redirects)
*/
SocketPermission URLtoSocketPermission(URL url) throws IOException {
if (socketPermission != null) {
return socketPermission;
}
SecurityManager sm = System.getSecurityManager();
if (sm == null) {
return null;
}
// the permission, which we might grant
SocketPermission newPerm = new SocketPermission(
getHostAndPort(url), "connect"
);
String actions = getRequestMethod()+":" +
getUserSetHeaders().getHeaderNamesInList();
String urlstring = url.getProtocol() + "://" + url.getAuthority()
+ url.getPath();
URLPermission p = new URLPermission(urlstring, actions);
try {
sm.checkPermission(p);
socketPermission = newPerm;
return socketPermission;
} catch (SecurityException e) {
// fall thru
}
return null;
}
@Override public final Permission getPermission() throws IOException {
String hostName = getURL().getHost();
int hostPort = Util.getEffectivePort(getURL());
if (usingProxy()) {
InetSocketAddress proxyAddress = (InetSocketAddress) client.getProxy().address();
hostName = proxyAddress.getHostName();
hostPort = proxyAddress.getPort();
}
return new SocketPermission(hostName + ":" + hostPort, "connect, resolve");
}