java.security.ProtectionDomain Java Examples
The following examples show how to use
java.security.ProtectionDomain.
You can vote up the ones you like or vote down the ones you don't like,
and go to the original project or source file by following the links above each example. You may check out the related API usage on the sidebar.
Example #1
| Source File: TaskUtil.java From kite with Apache License 2.0 | 6 votes |
|
private static File findJarForClass(Class<?> requiredClass) {
ProtectionDomain domain = AccessController.doPrivileged(
new GetProtectionDomain(requiredClass));
CodeSource codeSource = domain.getCodeSource();
if (codeSource != null) {
try {
return new File(codeSource.getLocation().toURI());
} catch (URISyntaxException e) {
throw new DatasetException(
"Cannot locate " + requiredClass.getName() + " jar", e);
}
} else {
// this should only happen for system classes
throw new DatasetException(
"Cannot locate " + requiredClass.getName() + " jar");
}
}
Example #2
| Source File: CommonsDbcpPlugin.java From pinpoint with Apache License 2.0 | 6 votes |
|
@Override
public byte[] doInTransform(Instrumentor instrumentor, ClassLoader loader, String className, Class<?> classBeingRedefined, ProtectionDomain protectionDomain, byte[] classfileBuffer) throws InstrumentException {
InstrumentClass target = instrumentor.getInstrumentClass(loader, className, classfileBuffer);
if (isAvailableDataSourceMonitor(target)) {
target.addField(DataSourceMonitorAccessor.class);
// default constructor
InstrumentMethod defaultConstructor = InstrumentUtils.findConstructor(target);
defaultConstructor.addScopedInterceptor(DataSourceConstructorInterceptor.class, CommonsDbcpConstants.SCOPE);
// closeMethod
InstrumentMethod closeMethod = InstrumentUtils.findMethod(target, "close");
closeMethod.addScopedInterceptor(DataSourceCloseInterceptor.class, CommonsDbcpConstants.SCOPE);
}
// getConnectionMethod
InstrumentMethod getConnectionMethod1 = InstrumentUtils.findMethod(target, "getConnection");
getConnectionMethod1.addScopedInterceptor(DataSourceGetConnectionInterceptor.class, CommonsDbcpConstants.SCOPE);
InstrumentMethod getConnectionMethod2 = InstrumentUtils.findMethod(target, "getConnection", "java.lang.String", "java.lang.String");
getConnectionMethod2.addScopedInterceptor(DataSourceGetConnectionInterceptor.class, CommonsDbcpConstants.SCOPE);
return target.toBytecode();
}
Example #3
| Source File: CoverageTransformer.java From pitest with Apache License 2.0 | 6 votes |
|
@Override
public byte[] transform(final ClassLoader loader, final String className,
final Class<?> classBeingRedefined,
final ProtectionDomain protectionDomain, final byte[] classfileBuffer)
throws IllegalClassFormatException {
final boolean include = shouldInclude(className);
if (include) {
try {
return transformBytes(pickLoader(loader), className, classfileBuffer);
} catch (final RuntimeException t) {
System.err.println("RuntimeException while transforming " + className);
t.printStackTrace();
throw t;
}
} else {
return null;
}
}
Example #4
| Source File: HikariCpPlugin.java From pinpoint with Apache License 2.0 | 6 votes |
|
@Override
public byte[] doInTransform(Instrumentor instrumentor, ClassLoader loader, String className, Class<?> classBeingRedefined, ProtectionDomain protectionDomain, byte[] classfileBuffer) throws InstrumentException {
InstrumentClass target = instrumentor.getInstrumentClass(loader, className, classfileBuffer);
// constructor
InstrumentMethod constructor = target.getConstructor();
if (constructor != null) {
constructor.addScopedInterceptor(BasicMethodInterceptor.class, va(HikariCpConstants.SERVICE_TYPE), HikariCpConstants.SCOPE);
}
constructor = target.getConstructor("com.zaxxer.hikari.HikariConfig");
if (constructor != null) {
constructor.addScopedInterceptor(BasicMethodInterceptor.class, va(HikariCpConstants.SERVICE_TYPE), HikariCpConstants.SCOPE);
}
// getConnection method
InstrumentMethod getConnectionMethod = InstrumentUtils.findMethod(target, "getConnection");
getConnectionMethod.addScopedInterceptor(DataSourceGetConnectionInterceptor.class, HikariCpConstants.SCOPE);
getConnectionMethod = InstrumentUtils.findMethod(target, "getConnection", new String[]{"java.lang.String", "java.lang.String"});
getConnectionMethod.addScopedInterceptor(DataSourceGetConnectionInterceptor.class, HikariCpConstants.SCOPE_DEPRECATED);
return target.toBytecode();
}
Example #5
| Source File: RabbitMQClientPlugin.java From pinpoint with Apache License 2.0 | 6 votes |
|
@Override
public byte[] doInTransform(Instrumentor instrumentor, ClassLoader loader, String className, Class<?> classBeingRedefined, ProtectionDomain protectionDomain, byte[] classfileBuffer) throws InstrumentException {
InstrumentClass target = instrumentor.getInstrumentClass(loader, className, classfileBuffer);
if (RabbitMQUtils.addConsumerHandleDeliveryInterceptor(target)) {
InstrumentMethod nextDelivery = target.getDeclaredMethod("nextDelivery");
if (nextDelivery != null) {
nextDelivery.addScopedInterceptor(QueueingConsumerOnNextInterceptor.class, RabbitMQClientConstants.RABBITMQ_CONSUMER_SCOPE);
}
InstrumentMethod nextDeliveryTimeout = target.getDeclaredMethod("nextDelivery", "long");
if (nextDeliveryTimeout != null) {
nextDeliveryTimeout.addScopedInterceptor(QueueingConsumerOnNextInterceptor.class, RabbitMQClientConstants.RABBITMQ_CONSUMER_SCOPE);
}
InstrumentMethod handle = target.getDeclaredMethod("handle", "com.rabbitmq.client.QueueingConsumer$Delivery");
if (handle != null) {
handle.addInterceptor(QueueingConsumerHandleInterceptor.class);
}
return target.toBytecode();
}
return null;
}
Example #6
| Source File: DefaultMBeanServerInterceptor.java From jdk8u-jdk with GNU General Public License v2.0 | 6 votes |
|
private static void checkMBeanTrustPermission(final Class<?> theClass)
throws SecurityException {
SecurityManager sm = System.getSecurityManager();
if (sm != null) {
Permission perm = new MBeanTrustPermission("register");
PrivilegedAction<ProtectionDomain> act =
new PrivilegedAction<ProtectionDomain>() {
public ProtectionDomain run() {
return theClass.getProtectionDomain();
}
};
ProtectionDomain pd = AccessController.doPrivileged(act);
AccessControlContext acc =
new AccessControlContext(new ProtectionDomain[] { pd });
sm.checkPermission(perm, acc);
}
}
Example #7
| Source File: InstrumentationImpl.java From jdk8u-dev-jdk with GNU General Public License v2.0 | 6 votes |
|
private byte[]
transform( ClassLoader loader,
String classname,
Class<?> classBeingRedefined,
ProtectionDomain protectionDomain,
byte[] classfileBuffer,
boolean isRetransformer) {
TransformerManager mgr = isRetransformer?
mRetransfomableTransformerManager :
mTransformerManager;
if (mgr == null) {
return null; // no manager, no transform
} else {
return mgr.transform( loader,
classname,
classBeingRedefined,
protectionDomain,
classfileBuffer);
}
}
Example #8
| Source File: FrameworkPolicy.java From knopflerfish.org with BSD 3-Clause "New" or "Revised" License | 6 votes |
|
@Override
public PermissionCollection getPermissions(ProtectionDomain pd) {
if (null==pd)
return defaultPolicy.getPermissions(pd);
final CodeSource cs = pd.getCodeSource();
if (null==cs)
return defaultPolicy.getPermissions(pd);
final URL u = cs.getLocation();
if (u != null && BundleURLStreamHandler.PROTOCOL.equals(u.getProtocol())) {
return getPermissions(cs);
} else {
return defaultPolicy.getPermissions(pd);
}
}
Example #9
| Source File: TestLoggerBundleSync.java From openjdk-8 with GNU General Public License v2.0 | 6 votes |
|
/**
* This test will run both with and without a security manager.
*
* The test starts a number of threads that will attempt to concurrently
* set resource bundles on Logger, and verifies the consistency of the
* obtained results.
*
* This is a best effort test.
*
* @param args the command line arguments
*/
public static void main(String[] args) throws Exception {
try {
// test without security
System.out.println("No security");
test();
// test with security
System.out.println("\nWith security");
Policy.setPolicy(new Policy() {
@Override
public boolean implies(ProtectionDomain domain, Permission permission) {
if (super.implies(domain, permission)) return true;
// System.out.println("Granting " + permission);
return true; // all permissions
}
});
System.setSecurityManager(new SecurityManager());
test();
} finally {
SetRB.executor.shutdownNow();
SetRBName.executor.shutdownNow();
}
}
Example #10
| Source File: TransformerManagementThreadAddTests.java From jdk8u-dev-jdk with GNU General Public License v2.0 | 6 votes |
|
/**
*
*/
public byte[]
transform(
ClassLoader loader,
String className,
Class<?> classBeingRedefined,
ProtectionDomain domain,
byte[] classfileBuffer)
{
if ( className.equals(TransformerManagementThreadAddTests.this.fDummyClassName) ) {
checkInTransformer(ThreadTransformer.this);
}
return super.transform( loader,
className,
classBeingRedefined,
domain,
classfileBuffer);
}
Example #11
| Source File: ReactorPlugin.java From pinpoint with Apache License 2.0 | 5 votes |
|
@Override
public byte[] doInTransform(Instrumentor instrumentor, ClassLoader loader, String className, Class<?> classBeingRedefined, ProtectionDomain protectionDomain, byte[] classfileBuffer) throws InstrumentException {
final InstrumentClass target = instrumentor.getInstrumentClass(loader, className, classfileBuffer);
// Async Object
target.addField(AsyncContextAccessor.class);
addCorePublisherInterceptor(target);
addCoreSubscriberInterceptor(target);
return target.toBytecode();
}
Example #12
| Source File: CustomElementMatchersTest.java From apm-agent-java with Apache License 2.0 | 5 votes |
|
private void testSemVerLteMatcher(ProtectionDomain protectionDomain) {
assertThat(implementationVersionLte("3").matches(protectionDomain)).isFalse();
assertThat(implementationVersionLte("3.2").matches(protectionDomain)).isFalse();
assertThat(implementationVersionLte("3.15.10").matches(protectionDomain)).isFalse();
assertThat(implementationVersionLte("4.2.19").matches(protectionDomain)).isFalse();
assertThat(implementationVersionLte("4.5.5").matches(protectionDomain)).isFalse();
assertThat(implementationVersionLte("4.5.6").matches(protectionDomain)).isTrue();
assertThat(implementationVersionLte("4.5.5-SNAPSHOT").matches(protectionDomain)).isFalse();
assertThat(implementationVersionLte("4.5.6-SNAPSHOT").matches(protectionDomain)).isTrue();
assertThat(implementationVersionLte("4.5.7").matches(protectionDomain)).isTrue();
assertThat(implementationVersionLte("4.7.3").matches(protectionDomain)).isTrue();
assertThat(implementationVersionLte("5.7.3").matches(protectionDomain)).isTrue();
assertThat(implementationVersionLte("5.0").matches(protectionDomain)).isTrue();
assertThat(implementationVersionLte("5").matches(protectionDomain)).isTrue();
}
Example #13
| Source File: ReflectUtils.java From dubbox with Apache License 2.0 | 5 votes |
|
public static String getCodeBase(Class<?> cls) {
if (cls == null)
return null;
ProtectionDomain domain = cls.getProtectionDomain();
if (domain == null)
return null;
CodeSource source = domain.getCodeSource();
if (source == null)
return null;
URL location = source.getLocation();
if (location == null)
return null;
return location.getFile();
}
Example #14
| Source File: ReactorPlugin.java From pinpoint with Apache License 2.0 | 5 votes |
|
@Override
public byte[] doInTransform(Instrumentor instrumentor, ClassLoader loader, String className, Class<?> classBeingRedefined, ProtectionDomain protectionDomain, byte[] classfileBuffer) throws InstrumentException {
final InstrumentClass target = instrumentor.getInstrumentClass(loader, className, classfileBuffer);
target.addField(AsyncContextAccessor.class);
// Void call();
addSchedulerAndWorkerTaskRunMethodInterceptor(target, "call");
return target.toBytecode();
}
Example #15
| Source File: ReactorPlugin.java From pinpoint with Apache License 2.0 | 5 votes |
|
@Override
public byte[] doInTransform(Instrumentor instrumentor, ClassLoader loader, String className, Class<?> classBeingRedefined, ProtectionDomain protectionDomain, byte[] classfileBuffer) throws InstrumentException {
final InstrumentClass target = instrumentor.getInstrumentClass(loader, className, classfileBuffer);
// Async Object
target.addField(AsyncContextAccessor.class);
final InstrumentMethod subscribeMethod = target.getDeclaredMethod("subscribe", "reactor.core.CoreSubscriber[]");
if (subscribeMethod != null) {
subscribeMethod.addInterceptor(CorePublisherInterceptor.class);
}
return target.toBytecode();
}
Example #16
| Source File: SubjectDomainCombiner.java From Bytecoder with Apache License 2.0 | 5 votes |
|
private static String printDomain(final ProtectionDomain pd) {
if (pd == null) {
return "null";
}
return AccessController.doPrivileged(new PrivilegedAction<String>() {
public String run() {
return pd.toString();
}
});
}
Example #17
| Source File: JMXSubjectDomainCombiner.java From jdk8u-dev-jdk with GNU General Public License v2.0 | 5 votes |
|
/**
* Get the AccessControlContext of the domain combiner created with
* the supplied subject, i.e. an AccessControlContext with the domain
* combiner created with the supplied subject and where the caller's
* context has been removed.
*/
public static AccessControlContext
getDomainCombinerContext(Subject subject) {
return new AccessControlContext(
new AccessControlContext(new ProtectionDomain[0]),
new JMXSubjectDomainCombiner(subject));
}
Example #18
| Source File: CheckNullPermission.java From jdk8u-jdk with GNU General Public License v2.0 | 5 votes |
|
public static void main (String argv[]) throws Exception {
ProtectionDomain pd[] = new ProtectionDomain[1];
try {
(new AccessControlContext(pd)).checkPermission(null);
throw new Exception("Expected NullPointerException not thrown");
} catch (NullPointerException npe) {
}
}
Example #19
| Source File: RedefineAgent.java From hottub with GNU General Public License v2.0 | 5 votes |
|
public byte[] transform(ClassLoader loader,
String className,
Class<?> classBeingRedefined,
ProtectionDomain protectionDomain,
byte[] classfileBuffer) {
if (className.equals(targetNameSlashes)) {
if (classBeingRedefined == null) {
System.out.println("Got bytes for: " + className);
classfilebytes = Arrays.copyOf(classfileBuffer, classfileBuffer.length);
} else {
gotRedefineTransform = true;
}
}
return null;
}
Example #20
| Source File: AccController.java From netbeans with Apache License 2.0 | 5 votes |
|
static ProtectionDomain[] getDomains(AccessControlContext acc) throws Exception {
Object o = getContextField().get(acc);
if (o.getClass() == Object[].class) { // 1.2.1 fix
Object[] array = (Object[]) o;
ProtectionDomain[] domains = new ProtectionDomain[array.length];
for (int i = 0; i < array.length; i++) {
domains[i] = (ProtectionDomain) array[i];
}
return domains;
}
return (ProtectionDomain[]) o;
}
Example #21
| Source File: ClassLoader.java From jdk8u-jdk with GNU General Public License v2.0 | 5 votes |
|
private void postDefineClass(Class<?> c, ProtectionDomain pd)
{
if (pd.getCodeSource() != null) {
Certificate certs[] = pd.getCodeSource().getCertificates();
if (certs != null)
setSigners(c, certs);
}
}
Example #22
| Source File: ClassAndLoader.java From jdk8u60 with GNU General Public License v2.0 | 5 votes |
|
static AccessControlContext createPermAccCtxt(final String... permNames) {
final Permissions perms = new Permissions();
for (final String permName : permNames) {
perms.add(new RuntimePermission(permName));
}
return new AccessControlContext(new ProtectionDomain[] { new ProtectionDomain(null, perms) });
}
Example #23
| Source File: SubjectDomainCombiner.java From jdk1.8-source-analysis with Apache License 2.0 | 5 votes |
|
private static ProtectionDomain[] optimize(ProtectionDomain[] domains) {
if (domains == null || domains.length == 0)
return null;
ProtectionDomain[] optimized = new ProtectionDomain[domains.length];
ProtectionDomain pd;
int num = 0;
for (int i = 0; i < domains.length; i++) {
// skip domains with AllPermission
// XXX
//
// if (domains[i].implies(ALL_PERMISSION))
// continue;
// skip System Domains
if ((pd = domains[i]) != null) {
// remove duplicates
boolean found = false;
for (int j = 0; j < num && !found; j++) {
found = (optimized[j] == pd);
}
if (!found) {
optimized[num++] = pd;
}
}
}
// resize the array if necessary
if (num > 0 && num < domains.length) {
ProtectionDomain[] downSize = new ProtectionDomain[num];
System.arraycopy(optimized, 0, downSize, 0, downSize.length);
optimized = downSize;
}
return ((num == 0 || optimized.length == 0) ? null : optimized);
}
Example #24
| Source File: CombinationTestSupport.java From activemq-artemis with Apache License 2.0 | 5 votes |
|
static protected File basedir(Class<?> clazz) {
try {
ProtectionDomain protectionDomain = clazz.getProtectionDomain();
return new File(new File(protectionDomain.getCodeSource().getLocation().getPath()), "../..").getCanonicalFile();
} catch (IOException e) {
return new File(".");
}
}
Example #25
| Source File: Injector.java From openjdk-jdk9 with GNU General Public License v2.0 | 5 votes |
|
@Override
public Method run() throws Exception {
try {
return U.getClass().getMethod("defineClass",
new Class[]{String.class,
byte[].class,
Integer.TYPE,
Integer.TYPE,
ClassLoader.class,
ProtectionDomain.class});
} catch (NoSuchMethodException | SecurityException ex) {
throw ex;
}
}
Example #26
| Source File: CoroutinesAgent.java From coroutines with GNU Lesser General Public License v3.0 | 5 votes |
|
@Override
public byte[] transform(ClassLoader loader, String className, Class<?> classBeingRedefined, ProtectionDomain protectionDomain,
byte[] classfileBuffer) throws IllegalClassFormatException {
// ClassReader cr = new ClassReader(classfileBuffer);
// ClassNode classNode = new SimpleClassNode();
// cr.accept(classNode, 0);
// String classNameFromBytes = classNode.name;
// If class is internal to the coroutines user project, don't instrument them
// FYI: If the class being transformed is a lambda, className will show up as null.
if (className == null || className.startsWith("com/offbynull/coroutines/user/")) {
return null;
}
// If loader is null, don't attempt instrumentation (this is a core class?)
if (loader == null) {
return null;
}
// System.out.println(className + " " + (loader == null));
try {
InstrumentationSettings settings = new InstrumentationSettings(markerType, debugMode, autoSerializable);
Instrumenter instrumenter = new Instrumenter(new ClassResourceClassInformationRepository(loader));
InstrumentationResult result = instrumenter.instrument(classfileBuffer, settings);
return result.getInstrumentedClass();
} catch (Throwable e) {
System.err.println("FAILED TO INSTRUMENT: " + e);
return null;
}
}
Example #27
| Source File: NoCallStackClassLoader.java From openjdk-8 with GNU General Public License v2.0 | 5 votes |
|
/** Simplified constructor when this loader only defines one class. */
public NoCallStackClassLoader(String className,
byte[] byteCode,
String[] referencedClassNames,
ClassLoader referencedClassLoader,
ProtectionDomain protectionDomain) {
this(new String[] {className}, new byte[][] {byteCode},
referencedClassNames, referencedClassLoader, protectionDomain);
}
Example #28
| Source File: JavaAdapterFactory.java From TencentKona-8 with GNU General Public License v2.0 | 5 votes |
|
StaticClass getAdapterClass(final ScriptObject classOverrides, final ProtectionDomain protectionDomain) {
if(adaptationResult.getOutcome() != AdaptationResult.Outcome.SUCCESS) {
throw adaptationResult.typeError();
}
return classOverrides == null ? getInstanceAdapterClass(protectionDomain) :
getClassAdapterClass(classOverrides, protectionDomain);
}
Example #29
| Source File: RegistryImpl.java From TencentKona-8 with GNU General Public License v2.0 | 5 votes |
|
/**
* Generates an AccessControlContext with minimal permissions.
* The approach used here is taken from the similar method
* getAccessControlContext() in the sun.applet.AppletPanel class.
*/
private static AccessControlContext getAccessControlContext(int port) {
// begin with permissions granted to all code in current policy
PermissionCollection perms = AccessController.doPrivileged(
new java.security.PrivilegedAction<PermissionCollection>() {
public PermissionCollection run() {
CodeSource codesource = new CodeSource(null,
(java.security.cert.Certificate[]) null);
Policy p = java.security.Policy.getPolicy();
if (p != null) {
return p.getPermissions(codesource);
} else {
return new Permissions();
}
}
});
/*
* Anyone can connect to the registry and the registry can connect
* to and possibly download stubs from anywhere. Downloaded stubs and
* related classes themselves are more tightly limited by RMI.
*/
perms.add(new SocketPermission("*", "connect,accept"));
perms.add(new SocketPermission("localhost:"+port, "listen,accept"));
perms.add(new RuntimePermission("accessClassInPackage.sun.jvmstat.*"));
perms.add(new RuntimePermission("accessClassInPackage.sun.jvm.hotspot.*"));
perms.add(new FilePermission("<<ALL FILES>>", "read"));
/*
* Create an AccessControlContext that consists of a single
* protection domain with only the permissions calculated above.
*/
ProtectionDomain pd = new ProtectionDomain(
new CodeSource(null,
(java.security.cert.Certificate[]) null), perms);
return new AccessControlContext(new ProtectionDomain[] { pd });
}
Example #30
| Source File: TestDateTimeUtils.java From astor with GNU General Public License v2.0 | 5 votes |
|
public boolean implies(ProtectionDomain domain, Permission permission) {
if (permission instanceof JodaTimePermission) {
return false;
}
return true;
// return super.implies(domain, permission);
}
