下面列出了java.net.NetPermission#javax.net.ssl.SSLPermission 实例代码,或者点击链接到github查看源代码,也可以在右侧发表评论。
/**
* For server sessions, this returns the set of sessions which
* are currently valid in this process. For client sessions,
* this returns null.
*/
@Override
public SSLSessionContext getSessionContext() {
/*
* An interim security policy until we can do something
* more specific in 1.2. Only allow trusted code (code which
* can set system properties) to get an
* SSLSessionContext. This is to limit the ability of code to
* look up specific sessions or enumerate over them. Otherwise,
* code can only get session objects from successful SSL
* connections which implies that they must have had permission
* to make the network connection in the first place.
*/
SecurityManager sm;
if ((sm = System.getSecurityManager()) != null) {
sm.checkPermission(new SSLPermission("getSSLSessionContext"));
}
return context;
}
/**
* For server sessions, this returns the set of sessions which
* are currently valid in this process. For client sessions,
* this returns null.
*/
@Override
public SSLSessionContext getSessionContext() {
/*
* An interim security policy until we can do something
* more specific in 1.2. Only allow trusted code (code which
* can set system properties) to get an
* SSLSessionContext. This is to limit the ability of code to
* look up specific sessions or enumerate over them. Otherwise,
* code can only get session objects from successful SSL
* connections which implies that they must have had permission
* to make the network connection in the first place.
*/
SecurityManager sm;
if ((sm = System.getSecurityManager()) != null) {
sm.checkPermission(new SSLPermission("getSSLSessionContext"));
}
return context;
}
/**
* For server sessions, this returns the set of sessions which
* are currently valid in this process. For client sessions,
* this returns null.
*/
@Override
public SSLSessionContext getSessionContext() {
/*
* An interim security policy until we can do something
* more specific in 1.2. Only allow trusted code (code which
* can set system properties) to get an
* SSLSessionContext. This is to limit the ability of code to
* look up specific sessions or enumerate over them. Otherwise,
* code can only get session objects from successful SSL
* connections which implies that they must have had permission
* to make the network connection in the first place.
*/
SecurityManager sm;
if ((sm = System.getSecurityManager()) != null) {
sm.checkPermission(new SSLPermission("getSSLSessionContext"));
}
return context;
}
/**
* For server sessions, this returns the set of sessions which
* are currently valid in this process. For client sessions,
* this returns null.
*/
@Override
public SSLSessionContext getSessionContext() {
/*
* An interim security policy until we can do something
* more specific in 1.2. Only allow trusted code (code which
* can set system properties) to get an
* SSLSessionContext. This is to limit the ability of code to
* look up specific sessions or enumerate over them. Otherwise,
* code can only get session objects from successful SSL
* connections which implies that they must have had permission
* to make the network connection in the first place.
*/
SecurityManager sm;
if ((sm = System.getSecurityManager()) != null) {
sm.checkPermission(new SSLPermission("getSSLSessionContext"));
}
return context;
}
/**
* For server sessions, this returns the set of sessions which
* are currently valid in this process. For client sessions,
* this returns null.
*/
@Override
public SSLSessionContext getSessionContext() {
/*
* An interim security policy until we can do something
* more specific in 1.2. Only allow trusted code (code which
* can set system properties) to get an
* SSLSessionContext. This is to limit the ability of code to
* look up specific sessions or enumerate over them. Otherwise,
* code can only get session objects from successful SSL
* connections which implies that they must have had permission
* to make the network connection in the first place.
*/
SecurityManager sm;
if ((sm = System.getSecurityManager()) != null) {
sm.checkPermission(new SSLPermission("getSSLSessionContext"));
}
return context;
}
/**
* For server sessions, this returns the set of sessions which
* are currently valid in this process. For client sessions,
* this returns null.
*/
@Override
public SSLSessionContext getSessionContext() {
/*
* An interim security policy until we can do something
* more specific in 1.2. Only allow trusted code (code which
* can set system properties) to get an
* SSLSessionContext. This is to limit the ability of code to
* look up specific sessions or enumerate over them. Otherwise,
* code can only get session objects from successful SSL
* connections which implies that they must have had permission
* to make the network connection in the first place.
*/
SecurityManager sm;
if ((sm = System.getSecurityManager()) != null) {
sm.checkPermission(new SSLPermission("getSSLSessionContext"));
}
return context;
}
/**
* For server sessions, this returns the set of sessions which
* are currently valid in this process. For client sessions,
* this returns null.
*/
@Override
public SSLSessionContext getSessionContext() {
/*
* An interim security policy until we can do something
* more specific in 1.2. Only allow trusted code (code which
* can set system properties) to get an
* SSLSessionContext. This is to limit the ability of code to
* look up specific sessions or enumerate over them. Otherwise,
* code can only get session objects from successful SSL
* connections which implies that they must have had permission
* to make the network connection in the first place.
*/
SecurityManager sm;
if ((sm = System.getSecurityManager()) != null) {
sm.checkPermission(new SSLPermission("getSSLSessionContext"));
}
return context;
}
/**
* For server sessions, this returns the set of sessions which
* are currently valid in this process. For client sessions,
* this returns null.
*/
@Override
public SSLSessionContext getSessionContext() {
/*
* An interim security policy until we can do something
* more specific in 1.2. Only allow trusted code (code which
* can set system properties) to get an
* SSLSessionContext. This is to limit the ability of code to
* look up specific sessions or enumerate over them. Otherwise,
* code can only get session objects from successful SSL
* connections which implies that they must have had permission
* to make the network connection in the first place.
*/
SecurityManager sm;
if ((sm = System.getSecurityManager()) != null) {
sm.checkPermission(new SSLPermission("getSSLSessionContext"));
}
return context;
}
/**
* For server sessions, this returns the set of sessions which
* are currently valid in this process. For client sessions,
* this returns null.
*/
@Override
public SSLSessionContext getSessionContext() {
/*
* An interim security policy until we can do something
* more specific in 1.2. Only allow trusted code (code which
* can set system properties) to get an
* SSLSessionContext. This is to limit the ability of code to
* look up specific sessions or enumerate over them. Otherwise,
* code can only get session objects from successful SSL
* connections which implies that they must have had permission
* to make the network connection in the first place.
*/
SecurityManager sm;
if ((sm = System.getSecurityManager()) != null) {
sm.checkPermission(new SSLPermission("getSSLSessionContext"));
}
return context;
}
/**
* For server sessions, this returns the set of sessions which
* are currently valid in this process. For client sessions,
* this returns null.
*/
@Override
public SSLSessionContext getSessionContext() {
/*
* An interim security policy until we can do something
* more specific in 1.2. Only allow trusted code (code which
* can set system properties) to get an
* SSLSessionContext. This is to limit the ability of code to
* look up specific sessions or enumerate over them. Otherwise,
* code can only get session objects from successful SSL
* connections which implies that they must have had permission
* to make the network connection in the first place.
*/
SecurityManager sm;
if ((sm = System.getSecurityManager()) != null) {
sm.checkPermission(new SSLPermission("getSSLSessionContext"));
}
return context;
}
/**
* For server sessions, this returns the set of sessions which
* are currently valid in this process. For client sessions,
* this returns null.
*/
@Override
public SSLSessionContext getSessionContext() {
/*
* An interim security policy until we can do something
* more specific in 1.2. Only allow trusted code (code which
* can set system properties) to get an
* SSLSessionContext. This is to limit the ability of code to
* look up specific sessions or enumerate over them. Otherwise,
* code can only get session objects from successful SSL
* connections which implies that they must have had permission
* to make the network connection in the first place.
*/
SecurityManager sm;
if ((sm = System.getSecurityManager()) != null) {
sm.checkPermission(new SSLPermission("getSSLSessionContext"));
}
return context;
}
/**
* For server sessions, this returns the set of sessions which
* are currently valid in this process. For client sessions,
* this returns null.
*/
@Override
public SSLSessionContext getSessionContext() {
/*
* An interim security policy until we can do something
* more specific in 1.2. Only allow trusted code (code which
* can set system properties) to get an
* SSLSessionContext. This is to limit the ability of code to
* look up specific sessions or enumerate over them. Otherwise,
* code can only get session objects from successful SSL
* connections which implies that they must have had permission
* to make the network connection in the first place.
*/
SecurityManager sm;
if ((sm = System.getSecurityManager()) != null) {
sm.checkPermission(new SSLPermission("getSSLSessionContext"));
}
return context;
}
/**
* For server sessions, this returns the set of sessions which
* are currently valid in this process. For client sessions,
* this returns null.
*/
@Override
public SSLSessionContext getSessionContext() {
/*
* An interim security policy until we can do something
* more specific in 1.2. Only allow trusted code (code which
* can set system properties) to get an
* SSLSessionContext. This is to limit the ability of code to
* look up specific sessions or enumerate over them. Otherwise,
* code can only get session objects from successful SSL
* connections which implies that they must have had permission
* to make the network connection in the first place.
*/
SecurityManager sm;
if ((sm = System.getSecurityManager()) != null) {
sm.checkPermission(new SSLPermission("getSSLSessionContext"));
}
return context;
}
/**
* For server sessions, this returns the set of sessions which
* are currently valid in this process. For client sessions,
* this returns null.
*/
@Override
public SSLSessionContext getSessionContext() {
/*
* An interim security policy until we can do something
* more specific in 1.2. Only allow trusted code (code which
* can set system properties) to get an
* SSLSessionContext. This is to limit the ability of code to
* look up specific sessions or enumerate over them. Otherwise,
* code can only get session objects from successful SSL
* connections which implies that they must have had permission
* to make the network connection in the first place.
*/
SecurityManager sm;
if ((sm = System.getSecurityManager()) != null) {
sm.checkPermission(new SSLPermission("getSSLSessionContext"));
}
return context;
}
/**
* For server sessions, this returns the set of sessions which
* are currently valid in this process. For client sessions,
* this returns null.
*/
@Override
public SSLSessionContext getSessionContext() {
/*
* An interim security policy until we can do something
* more specific in 1.2. Only allow trusted code (code which
* can set system properties) to get an
* SSLSessionContext. This is to limit the ability of code to
* look up specific sessions or enumerate over them. Otherwise,
* code can only get session objects from successful SSL
* connections which implies that they must have had permission
* to make the network connection in the first place.
*/
SecurityManager sm;
if ((sm = System.getSecurityManager()) != null) {
sm.checkPermission(new SSLPermission("getSSLSessionContext"));
}
return context;
}
/** {@inheritDoc} */
@Override protected void beforeTestsStarted() throws Exception {
if (System.getSecurityManager() == null) {
Policy.setPolicy(new Policy() {
@Override public PermissionCollection getPermissions(CodeSource cs) {
Permissions res = new Permissions();
res.add(new RuntimePermission("*"));
res.add(new MBeanServerPermission("*"));
res.add(new MBeanPermission("*", "*"));
res.add(new MBeanTrustPermission("*"));
res.add(new ReflectPermission("*"));
res.add(new SSLPermission("*"));
res.add(new ManagementPermission("monitor"));
res.add(new ManagementPermission("control"));
res.add(new SerializablePermission("*"));
res.add(new SecurityPermission("*"));
res.add(new SocketPermission("*", "connect,accept,listen,resolve"));
res.add(new FilePermission("<<ALL FILES>>", "read,write,delete,execute,readlink"));
res.add(new PropertyPermission("*", "read,write"));
res.add(new TestPermission("common"));
return res;
}
});
System.setSecurityManager(new SecurityManager());
setupSM = true;
}
}
public static org.onosproject.security.Permission getOnosPermission(Permission permission) {
if (permission instanceof AppPermission) {
return new org.onosproject.security.Permission(AppPermission.class.getName(), permission.getName(), "");
} else if (permission instanceof FilePermission) {
return new org.onosproject.security.Permission(
FilePermission.class.getName(), permission.getName(), permission.getActions());
} else if (permission instanceof SerializablePermission) {
return new org.onosproject.security.Permission(
SerializablePermission.class.getName(), permission.getName(), permission.getActions());
} else if (permission instanceof NetPermission) {
return new org.onosproject.security.Permission(
NetPermission.class.getName(), permission.getName(), permission.getActions());
} else if (permission instanceof RuntimePermission) {
return new org.onosproject.security.Permission(
RuntimePermission.class.getName(), permission.getName(), permission.getActions());
} else if (permission instanceof SocketPermission) {
return new org.onosproject.security.Permission(
SocketPermission.class.getName(), permission.getName(), permission.getActions());
} else if (permission instanceof SQLPermission) {
return new org.onosproject.security.Permission(
SQLPermission.class.getName(), permission.getName(), permission.getActions());
} else if (permission instanceof PropertyPermission) {
return new org.onosproject.security.Permission(
PropertyPermission.class.getName(), permission.getName(), permission.getActions());
} else if (permission instanceof LoggingPermission) {
return new org.onosproject.security.Permission(
LoggingPermission.class.getName(), permission.getName(), permission.getActions());
} else if (permission instanceof SSLPermission) {
return new org.onosproject.security.Permission(
SSLPermission.class.getName(), permission.getName(), permission.getActions());
} else if (permission instanceof AuthPermission) {
return new org.onosproject.security.Permission(
AuthPermission.class.getName(), permission.getName(), permission.getActions());
} else if (permission instanceof PrivateCredentialPermission) {
return new org.onosproject.security.Permission(
PrivateCredentialPermission.class.getName(), permission.getName(), permission.getActions());
} else if (permission instanceof DelegationPermission) {
return new org.onosproject.security.Permission(
DelegationPermission.class.getName(), permission.getName(), permission.getActions());
} else if (permission instanceof javax.security.auth.kerberos.ServicePermission) {
return new org.onosproject.security.Permission(
javax.security.auth.kerberos.ServicePermission.class.getName(), permission.getName(),
permission.getActions());
} else if (permission instanceof AudioPermission) {
return new org.onosproject.security.Permission(
AudioPermission.class.getName(), permission.getName(), permission.getActions());
} else if (permission instanceof AdaptPermission) {
return new org.onosproject.security.Permission(
AdaptPermission.class.getName(), permission.getName(), permission.getActions());
} else if (permission instanceof BundlePermission) {
return new org.onosproject.security.Permission(
BundlePermission.class.getName(), permission.getName(), permission.getActions());
} else if (permission instanceof CapabilityPermission) {
return new org.onosproject.security.Permission(
CapabilityPermission.class.getName(), permission.getName(), permission.getActions());
} else if (permission instanceof PackagePermission) {
return new org.onosproject.security.Permission(
PackagePermission.class.getName(), permission.getName(), permission.getActions());
} else if (permission instanceof ServicePermission) {
return new org.onosproject.security.Permission(
ServicePermission.class.getName(), permission.getName(), permission.getActions());
} else if (permission instanceof AdminPermission) {
return new org.onosproject.security.Permission(
AdminPermission.class.getName(), permission.getName(), permission.getActions());
//} else if (permission instanceof ConfigurationPermission) {
// return new org.onosproject.security.Permission(
// ConfigurationPermission.class.getName(), permission.getName(), permission.getActions());
}
return null;
}
private static Permission getPermission(org.onosproject.security.Permission permission) {
String classname = permission.getClassName();
String name = permission.getName();
String actions = permission.getActions();
if (classname == null || name == null) {
return null;
}
classname = classname.trim();
name = name.trim();
actions = actions.trim();
if (AppPermission.class.getName().equals(classname)) {
return new AppPermission(name);
} else if (FilePermission.class.getName().equals(classname)) {
return new FilePermission(name, actions);
} else if (SerializablePermission.class.getName().equals(classname)) {
return new SerializablePermission(name, actions);
} else if (NetPermission.class.getName().equals(classname)) {
return new NetPermission(name, actions);
} else if (RuntimePermission.class.getName().equals(classname)) {
return new RuntimePermission(name, actions);
} else if (SocketPermission.class.getName().equals(classname)) {
return new SocketPermission(name, actions);
} else if (SQLPermission.class.getName().equals(classname)) {
return new SQLPermission(name, actions);
} else if (PropertyPermission.class.getName().equals(classname)) {
return new PropertyPermission(name, actions);
} else if (LoggingPermission.class.getName().equals(classname)) {
return new LoggingPermission(name, actions);
} else if (SSLPermission.class.getName().equals(classname)) {
return new SSLPermission(name, actions);
} else if (AuthPermission.class.getName().equals(classname)) {
return new AuthPermission(name, actions);
} else if (PrivateCredentialPermission.class.getName().equals(classname)) {
return new PrivateCredentialPermission(name, actions);
} else if (DelegationPermission.class.getName().equals(classname)) {
return new DelegationPermission(name, actions);
} else if (javax.security.auth.kerberos.ServicePermission.class.getName().equals(classname)) {
return new javax.security.auth.kerberos.ServicePermission(name, actions);
} else if (AudioPermission.class.getName().equals(classname)) {
return new AudioPermission(name, actions);
} else if (AdaptPermission.class.getName().equals(classname)) {
return new AdaptPermission(name, actions);
} else if (BundlePermission.class.getName().equals(classname)) {
return new BundlePermission(name, actions);
} else if (CapabilityPermission.class.getName().equals(classname)) {
return new CapabilityPermission(name, actions);
} else if (PackagePermission.class.getName().equals(classname)) {
return new PackagePermission(name, actions);
} else if (ServicePermission.class.getName().equals(classname)) {
return new ServicePermission(name, actions);
} else if (AdminPermission.class.getName().equals(classname)) {
return new AdminPermission(name, actions);
//} else if (ConfigurationPermission.class.getName().equals(classname)) {
// return new ConfigurationPermission(name, actions);
} else if (ReflectPermission.class.getName().equals(classname)) {
return new ReflectPermission(name, actions);
}
//AllPermission, SecurityPermission, UnresolvedPermission
//AWTPermission, ReflectPermission not allowed
return null;
}