javax.net.ssl.SSLPermission Java Examples

/**
 * For server sessions, this returns the set of sessions which
 * are currently valid in this process.  For client sessions,
 * this returns null.
 */
@Override
public SSLSessionContext getSessionContext() {
    /*
     * An interim security policy until we can do something
     * more specific in 1.2. Only allow trusted code (code which
     * can set system properties) to get an
     * SSLSessionContext. This is to limit the ability of code to
     * look up specific sessions or enumerate over them. Otherwise,
     * code can only get session objects from successful SSL
     * connections which implies that they must have had permission
     * to make the network connection in the first place.
     */
    SecurityManager sm;
    if ((sm = System.getSecurityManager()) != null) {
        sm.checkPermission(new SSLPermission("getSSLSessionContext"));
    }

    return context;
}
 

/**
 * For server sessions, this returns the set of sessions which
 * are currently valid in this process.  For client sessions,
 * this returns null.
 */
@Override
public SSLSessionContext getSessionContext() {
    /*
     * An interim security policy until we can do something
     * more specific in 1.2. Only allow trusted code (code which
     * can set system properties) to get an
     * SSLSessionContext. This is to limit the ability of code to
     * look up specific sessions or enumerate over them. Otherwise,
     * code can only get session objects from successful SSL
     * connections which implies that they must have had permission
     * to make the network connection in the first place.
     */
    SecurityManager sm;
    if ((sm = System.getSecurityManager()) != null) {
        sm.checkPermission(new SSLPermission("getSSLSessionContext"));
    }

    return context;
}
 

/**
 * For server sessions, this returns the set of sessions which
 * are currently valid in this process.  For client sessions,
 * this returns null.
 */
@Override
public SSLSessionContext getSessionContext() {
    /*
     * An interim security policy until we can do something
     * more specific in 1.2. Only allow trusted code (code which
     * can set system properties) to get an
     * SSLSessionContext. This is to limit the ability of code to
     * look up specific sessions or enumerate over them. Otherwise,
     * code can only get session objects from successful SSL
     * connections which implies that they must have had permission
     * to make the network connection in the first place.
     */
    SecurityManager sm;
    if ((sm = System.getSecurityManager()) != null) {
        sm.checkPermission(new SSLPermission("getSSLSessionContext"));
    }

    return context;
}
 

/**
 * For server sessions, this returns the set of sessions which
 * are currently valid in this process.  For client sessions,
 * this returns null.
 */
@Override
public SSLSessionContext getSessionContext() {
    /*
     * An interim security policy until we can do something
     * more specific in 1.2. Only allow trusted code (code which
     * can set system properties) to get an
     * SSLSessionContext. This is to limit the ability of code to
     * look up specific sessions or enumerate over them. Otherwise,
     * code can only get session objects from successful SSL
     * connections which implies that they must have had permission
     * to make the network connection in the first place.
     */
    SecurityManager sm;
    if ((sm = System.getSecurityManager()) != null) {
        sm.checkPermission(new SSLPermission("getSSLSessionContext"));
    }

    return context;
}
 

/**
 * For server sessions, this returns the set of sessions which
 * are currently valid in this process.  For client sessions,
 * this returns null.
 */
@Override
public SSLSessionContext getSessionContext() {
    /*
     * An interim security policy until we can do something
     * more specific in 1.2. Only allow trusted code (code which
     * can set system properties) to get an
     * SSLSessionContext. This is to limit the ability of code to
     * look up specific sessions or enumerate over them. Otherwise,
     * code can only get session objects from successful SSL
     * connections which implies that they must have had permission
     * to make the network connection in the first place.
     */
    SecurityManager sm;
    if ((sm = System.getSecurityManager()) != null) {
        sm.checkPermission(new SSLPermission("getSSLSessionContext"));
    }

    return context;
}
 

/**
 * For server sessions, this returns the set of sessions which
 * are currently valid in this process.  For client sessions,
 * this returns null.
 */
@Override
public SSLSessionContext getSessionContext() {
    /*
     * An interim security policy until we can do something
     * more specific in 1.2. Only allow trusted code (code which
     * can set system properties) to get an
     * SSLSessionContext. This is to limit the ability of code to
     * look up specific sessions or enumerate over them. Otherwise,
     * code can only get session objects from successful SSL
     * connections which implies that they must have had permission
     * to make the network connection in the first place.
     */
    SecurityManager sm;
    if ((sm = System.getSecurityManager()) != null) {
        sm.checkPermission(new SSLPermission("getSSLSessionContext"));
    }

    return context;
}
 

/**
 * For server sessions, this returns the set of sessions which
 * are currently valid in this process.  For client sessions,
 * this returns null.
 */
@Override
public SSLSessionContext getSessionContext() {
    /*
     * An interim security policy until we can do something
     * more specific in 1.2. Only allow trusted code (code which
     * can set system properties) to get an
     * SSLSessionContext. This is to limit the ability of code to
     * look up specific sessions or enumerate over them. Otherwise,
     * code can only get session objects from successful SSL
     * connections which implies that they must have had permission
     * to make the network connection in the first place.
     */
    SecurityManager sm;
    if ((sm = System.getSecurityManager()) != null) {
        sm.checkPermission(new SSLPermission("getSSLSessionContext"));
    }

    return context;
}
 

/**
 * For server sessions, this returns the set of sessions which
 * are currently valid in this process.  For client sessions,
 * this returns null.
 */
@Override
public SSLSessionContext getSessionContext() {
    /*
     * An interim security policy until we can do something
     * more specific in 1.2. Only allow trusted code (code which
     * can set system properties) to get an
     * SSLSessionContext. This is to limit the ability of code to
     * look up specific sessions or enumerate over them. Otherwise,
     * code can only get session objects from successful SSL
     * connections which implies that they must have had permission
     * to make the network connection in the first place.
     */
    SecurityManager sm;
    if ((sm = System.getSecurityManager()) != null) {
        sm.checkPermission(new SSLPermission("getSSLSessionContext"));
    }

    return context;
}
 

/**
 * For server sessions, this returns the set of sessions which
 * are currently valid in this process.  For client sessions,
 * this returns null.
 */
@Override
public SSLSessionContext getSessionContext() {
    /*
     * An interim security policy until we can do something
     * more specific in 1.2. Only allow trusted code (code which
     * can set system properties) to get an
     * SSLSessionContext. This is to limit the ability of code to
     * look up specific sessions or enumerate over them. Otherwise,
     * code can only get session objects from successful SSL
     * connections which implies that they must have had permission
     * to make the network connection in the first place.
     */
    SecurityManager sm;
    if ((sm = System.getSecurityManager()) != null) {
        sm.checkPermission(new SSLPermission("getSSLSessionContext"));
    }

    return context;
}
 

/**
 * For server sessions, this returns the set of sessions which
 * are currently valid in this process.  For client sessions,
 * this returns null.
 */
@Override
public SSLSessionContext getSessionContext() {
    /*
     * An interim security policy until we can do something
     * more specific in 1.2. Only allow trusted code (code which
     * can set system properties) to get an
     * SSLSessionContext. This is to limit the ability of code to
     * look up specific sessions or enumerate over them. Otherwise,
     * code can only get session objects from successful SSL
     * connections which implies that they must have had permission
     * to make the network connection in the first place.
     */
    SecurityManager sm;
    if ((sm = System.getSecurityManager()) != null) {
        sm.checkPermission(new SSLPermission("getSSLSessionContext"));
    }

    return context;
}
 

/**
 * For server sessions, this returns the set of sessions which
 * are currently valid in this process.  For client sessions,
 * this returns null.
 */
@Override
public SSLSessionContext getSessionContext() {
    /*
     * An interim security policy until we can do something
     * more specific in 1.2. Only allow trusted code (code which
     * can set system properties) to get an
     * SSLSessionContext. This is to limit the ability of code to
     * look up specific sessions or enumerate over them. Otherwise,
     * code can only get session objects from successful SSL
     * connections which implies that they must have had permission
     * to make the network connection in the first place.
     */
    SecurityManager sm;
    if ((sm = System.getSecurityManager()) != null) {
        sm.checkPermission(new SSLPermission("getSSLSessionContext"));
    }

    return context;
}
 

/**
 * For server sessions, this returns the set of sessions which
 * are currently valid in this process.  For client sessions,
 * this returns null.
 */
@Override
public SSLSessionContext getSessionContext() {
    /*
     * An interim security policy until we can do something
     * more specific in 1.2. Only allow trusted code (code which
     * can set system properties) to get an
     * SSLSessionContext. This is to limit the ability of code to
     * look up specific sessions or enumerate over them. Otherwise,
     * code can only get session objects from successful SSL
     * connections which implies that they must have had permission
     * to make the network connection in the first place.
     */
    SecurityManager sm;
    if ((sm = System.getSecurityManager()) != null) {
        sm.checkPermission(new SSLPermission("getSSLSessionContext"));
    }

    return context;
}
 

/**
 * For server sessions, this returns the set of sessions which
 * are currently valid in this process.  For client sessions,
 * this returns null.
 */
@Override
public SSLSessionContext getSessionContext() {
    /*
     * An interim security policy until we can do something
     * more specific in 1.2. Only allow trusted code (code which
     * can set system properties) to get an
     * SSLSessionContext. This is to limit the ability of code to
     * look up specific sessions or enumerate over them. Otherwise,
     * code can only get session objects from successful SSL
     * connections which implies that they must have had permission
     * to make the network connection in the first place.
     */
    SecurityManager sm;
    if ((sm = System.getSecurityManager()) != null) {
        sm.checkPermission(new SSLPermission("getSSLSessionContext"));
    }

    return context;
}
 

/**
 * For server sessions, this returns the set of sessions which
 * are currently valid in this process.  For client sessions,
 * this returns null.
 */
@Override
public SSLSessionContext getSessionContext() {
    /*
     * An interim security policy until we can do something
     * more specific in 1.2. Only allow trusted code (code which
     * can set system properties) to get an
     * SSLSessionContext. This is to limit the ability of code to
     * look up specific sessions or enumerate over them. Otherwise,
     * code can only get session objects from successful SSL
     * connections which implies that they must have had permission
     * to make the network connection in the first place.
     */
    SecurityManager sm;
    if ((sm = System.getSecurityManager()) != null) {
        sm.checkPermission(new SSLPermission("getSSLSessionContext"));
    }

    return context;
}
 

/**
 * For server sessions, this returns the set of sessions which
 * are currently valid in this process.  For client sessions,
 * this returns null.
 */
@Override
public SSLSessionContext getSessionContext() {
    /*
     * An interim security policy until we can do something
     * more specific in 1.2. Only allow trusted code (code which
     * can set system properties) to get an
     * SSLSessionContext. This is to limit the ability of code to
     * look up specific sessions or enumerate over them. Otherwise,
     * code can only get session objects from successful SSL
     * connections which implies that they must have had permission
     * to make the network connection in the first place.
     */
    SecurityManager sm;
    if ((sm = System.getSecurityManager()) != null) {
        sm.checkPermission(new SSLPermission("getSSLSessionContext"));
    }

    return context;
}
 

/** {@inheritDoc} */
@Override protected void beforeTestsStarted() throws Exception {
    if (System.getSecurityManager() == null) {
        Policy.setPolicy(new Policy() {
            @Override public PermissionCollection getPermissions(CodeSource cs) {
                Permissions res = new Permissions();

                res.add(new RuntimePermission("*"));
                res.add(new MBeanServerPermission("*"));
                res.add(new MBeanPermission("*", "*"));
                res.add(new MBeanTrustPermission("*"));
                res.add(new ReflectPermission("*"));
                res.add(new SSLPermission("*"));
                res.add(new ManagementPermission("monitor"));
                res.add(new ManagementPermission("control"));
                res.add(new SerializablePermission("*"));
                res.add(new SecurityPermission("*"));
                res.add(new SocketPermission("*", "connect,accept,listen,resolve"));
                res.add(new FilePermission("<<ALL FILES>>", "read,write,delete,execute,readlink"));
                res.add(new PropertyPermission("*", "read,write"));

                res.add(new TestPermission("common"));

                return res;
            }
        });

        System.setSecurityManager(new SecurityManager());

        setupSM = true;
    }
}
 

public static org.onosproject.security.Permission getOnosPermission(Permission permission) {
    if (permission instanceof AppPermission) {
        return new org.onosproject.security.Permission(AppPermission.class.getName(), permission.getName(), "");
    } else if (permission instanceof FilePermission) {
        return new org.onosproject.security.Permission(
                FilePermission.class.getName(), permission.getName(), permission.getActions());
    } else if (permission instanceof SerializablePermission) {
        return new org.onosproject.security.Permission(
                SerializablePermission.class.getName(), permission.getName(), permission.getActions());
    } else if (permission instanceof NetPermission) {
        return new org.onosproject.security.Permission(
                NetPermission.class.getName(), permission.getName(), permission.getActions());
    } else if (permission instanceof RuntimePermission) {
        return new org.onosproject.security.Permission(
                RuntimePermission.class.getName(), permission.getName(), permission.getActions());
    } else if (permission instanceof SocketPermission) {
        return new org.onosproject.security.Permission(
                SocketPermission.class.getName(), permission.getName(), permission.getActions());
    } else if (permission instanceof SQLPermission) {
        return new org.onosproject.security.Permission(
                SQLPermission.class.getName(), permission.getName(), permission.getActions());
    } else if (permission instanceof PropertyPermission) {
        return new org.onosproject.security.Permission(
                PropertyPermission.class.getName(), permission.getName(), permission.getActions());
    } else if (permission instanceof LoggingPermission) {
        return new org.onosproject.security.Permission(
                LoggingPermission.class.getName(), permission.getName(), permission.getActions());
    } else if (permission instanceof SSLPermission) {
        return new org.onosproject.security.Permission(
                SSLPermission.class.getName(), permission.getName(), permission.getActions());
    } else if (permission instanceof AuthPermission) {
        return new org.onosproject.security.Permission(
                AuthPermission.class.getName(), permission.getName(), permission.getActions());
    } else if (permission instanceof PrivateCredentialPermission) {
        return new org.onosproject.security.Permission(
                PrivateCredentialPermission.class.getName(), permission.getName(), permission.getActions());
    } else if (permission instanceof DelegationPermission) {
        return new org.onosproject.security.Permission(
                DelegationPermission.class.getName(), permission.getName(), permission.getActions());
    } else if (permission instanceof javax.security.auth.kerberos.ServicePermission) {
        return new org.onosproject.security.Permission(
                javax.security.auth.kerberos.ServicePermission.class.getName(), permission.getName(),
                permission.getActions());
    } else if (permission instanceof AudioPermission) {
        return new org.onosproject.security.Permission(
                AudioPermission.class.getName(), permission.getName(), permission.getActions());
    } else if (permission instanceof AdaptPermission) {
        return new org.onosproject.security.Permission(
                AdaptPermission.class.getName(), permission.getName(), permission.getActions());
    } else if (permission instanceof BundlePermission) {
        return new org.onosproject.security.Permission(
                BundlePermission.class.getName(), permission.getName(), permission.getActions());
    } else if (permission instanceof CapabilityPermission) {
        return new org.onosproject.security.Permission(
                CapabilityPermission.class.getName(), permission.getName(), permission.getActions());
    } else if (permission instanceof PackagePermission) {
        return new org.onosproject.security.Permission(
                PackagePermission.class.getName(), permission.getName(), permission.getActions());
    } else if (permission instanceof ServicePermission) {
        return new org.onosproject.security.Permission(
                ServicePermission.class.getName(), permission.getName(), permission.getActions());
    } else if (permission instanceof AdminPermission) {
        return new org.onosproject.security.Permission(
                AdminPermission.class.getName(), permission.getName(), permission.getActions());
    //} else if (permission instanceof ConfigurationPermission) {
    //    return new org.onosproject.security.Permission(
    //            ConfigurationPermission.class.getName(), permission.getName(), permission.getActions());
    }
    return null;
}
 

private static Permission getPermission(org.onosproject.security.Permission permission) {

        String classname = permission.getClassName();
        String name = permission.getName();
        String actions = permission.getActions();

        if (classname == null || name == null) {
            return null;
        }
        classname = classname.trim();
        name = name.trim();
        actions = actions.trim();

        if (AppPermission.class.getName().equals(classname)) {
            return new AppPermission(name);
        } else if (FilePermission.class.getName().equals(classname)) {
            return new FilePermission(name, actions);
        } else if (SerializablePermission.class.getName().equals(classname)) {
            return new SerializablePermission(name, actions);
        } else if (NetPermission.class.getName().equals(classname)) {
            return new NetPermission(name, actions);
        } else if (RuntimePermission.class.getName().equals(classname)) {
            return new RuntimePermission(name, actions);
        } else if (SocketPermission.class.getName().equals(classname)) {
            return new SocketPermission(name, actions);
        } else if (SQLPermission.class.getName().equals(classname)) {
            return new SQLPermission(name, actions);
        } else if (PropertyPermission.class.getName().equals(classname)) {
            return new PropertyPermission(name, actions);
        } else if (LoggingPermission.class.getName().equals(classname)) {
            return new LoggingPermission(name, actions);
        } else if (SSLPermission.class.getName().equals(classname)) {
            return new SSLPermission(name, actions);
        } else if (AuthPermission.class.getName().equals(classname)) {
            return new AuthPermission(name, actions);
        } else if (PrivateCredentialPermission.class.getName().equals(classname)) {
            return new PrivateCredentialPermission(name, actions);
        } else if (DelegationPermission.class.getName().equals(classname)) {
            return new DelegationPermission(name, actions);
        } else if (javax.security.auth.kerberos.ServicePermission.class.getName().equals(classname)) {
            return new javax.security.auth.kerberos.ServicePermission(name, actions);
        } else if (AudioPermission.class.getName().equals(classname)) {
            return new AudioPermission(name, actions);
        } else if (AdaptPermission.class.getName().equals(classname)) {
            return new AdaptPermission(name, actions);
        } else if (BundlePermission.class.getName().equals(classname)) {
            return new BundlePermission(name, actions);
        } else if (CapabilityPermission.class.getName().equals(classname)) {
            return new CapabilityPermission(name, actions);
        } else if (PackagePermission.class.getName().equals(classname)) {
            return new PackagePermission(name, actions);
        } else if (ServicePermission.class.getName().equals(classname)) {
            return new ServicePermission(name, actions);
        } else if (AdminPermission.class.getName().equals(classname)) {
            return new AdminPermission(name, actions);
        //} else if (ConfigurationPermission.class.getName().equals(classname)) {
        //    return new ConfigurationPermission(name, actions);
        } else if (ReflectPermission.class.getName().equals(classname)) {
            return new ReflectPermission(name, actions);
        }

        //AllPermission, SecurityPermission, UnresolvedPermission
        //AWTPermission,  ReflectPermission not allowed
        return null;

    }