Java Code Examples for java.security.AccessController#checkPermission()
The following examples show how to use
java.security.AccessController#checkPermission() .
You can vote up the ones you like or vote down the ones you don't like,
and go to the original project or source file by following the links above each example. You may check out the related API usage on the sidebar.
Example 1
| Source File: SubjectDelegator.java From jdk1.8-source-analysis with Apache License 2.0 | 6 votes |
|
/**
* Check if the connector server creator can assume the identity of each
* principal in the authenticated subject, i.e. check if the connector
* server creator codebase contains a subject delegation permission for
* each principal present in the authenticated subject.
*
* @return {@code true} if the connector server creator can delegate to all
* the authenticated principals in the subject. Otherwise, {@code false}.
*/
public static synchronized boolean
checkRemoveCallerContext(Subject subject) {
try {
for (Principal p : getSubjectPrincipals(subject)) {
final String pname =
p.getClass().getName() + "." + p.getName();
final Permission sdp =
new SubjectDelegationPermission(pname);
AccessController.checkPermission(sdp);
}
} catch (SecurityException e) {
return false;
}
return true;
}
Example 2
| Source File: SubjectDelegator.java From JDKSourceCode1.8 with MIT License | 6 votes |
|
/**
* Check if the connector server creator can assume the identity of each
* principal in the authenticated subject, i.e. check if the connector
* server creator codebase contains a subject delegation permission for
* each principal present in the authenticated subject.
*
* @return {@code true} if the connector server creator can delegate to all
* the authenticated principals in the subject. Otherwise, {@code false}.
*/
public static synchronized boolean
checkRemoveCallerContext(Subject subject) {
try {
for (Principal p : getSubjectPrincipals(subject)) {
final String pname =
p.getClass().getName() + "." + p.getName();
final Permission sdp =
new SubjectDelegationPermission(pname);
AccessController.checkPermission(sdp);
}
} catch (SecurityException e) {
return false;
}
return true;
}
Example 3
| Source File: ExtensiblePolicyTest.java From openjdk-jdk8u with GNU General Public License v2.0 | 6 votes |
|
public static void main(String args[]) throws Throwable {
// ExtensiblePolicyTest1.policy: policy file grants permission to
// watch TVChannel 3-6
// ExtensiblePolicyTest2.policy: policy file grants permission to
// watch TVChanel 4
// ExtensiblePolicyTest3.policy: policy file grants permission signed
// by duke2 to watch TVChanel 5
TVPermission perm = new TVPermission("channel:5", "watch");
boolean getException = false;
String exceptionMessage = null;
boolean expectException = Boolean.parseBoolean(args[0]);
try {
AccessController.checkPermission(perm);
} catch (SecurityException se) {
getException = true;
exceptionMessage = se.getMessage();
}
if (expectException ^ getException) {
throw new RuntimeException("Test Failed: expectException = "
+ expectException + " getException = " + getException
+ "\n" + exceptionMessage);
}
}
Example 4
| Source File: SubjectDelegator.java From jdk8u60 with GNU General Public License v2.0 | 6 votes |
|
/**
* Check if the connector server creator can assume the identity of each
* principal in the authenticated subject, i.e. check if the connector
* server creator codebase contains a subject delegation permission for
* each principal present in the authenticated subject.
*
* @return {@code true} if the connector server creator can delegate to all
* the authenticated principals in the subject. Otherwise, {@code false}.
*/
public static synchronized boolean
checkRemoveCallerContext(Subject subject) {
try {
for (Principal p : getSubjectPrincipals(subject)) {
final String pname =
p.getClass().getName() + "." + p.getName();
final Permission sdp =
new SubjectDelegationPermission(pname);
AccessController.checkPermission(sdp);
}
} catch (SecurityException e) {
return false;
}
return true;
}
Example 5
| Source File: ExtensiblePolicyTest.java From TencentKona-8 with GNU General Public License v2.0 | 6 votes |
|
public static void main(String args[]) throws Throwable {
// ExtensiblePolicyTest1.policy: policy file grants permission to
// watch TVChannel 3-6
// ExtensiblePolicyTest2.policy: policy file grants permission to
// watch TVChanel 4
// ExtensiblePolicyTest3.policy: policy file grants permission signed
// by duke2 to watch TVChanel 5
TVPermission perm = new TVPermission("channel:5", "watch");
boolean getException = false;
String exceptionMessage = null;
boolean expectException = Boolean.parseBoolean(args[0]);
try {
AccessController.checkPermission(perm);
} catch (SecurityException se) {
getException = true;
exceptionMessage = se.getMessage();
}
if (expectException ^ getException) {
throw new RuntimeException("Test Failed: expectException = "
+ expectException + " getException = " + getException
+ "\n" + exceptionMessage);
}
}
Example 6
| Source File: SubjectDelegator.java From TencentKona-8 with GNU General Public License v2.0 | 6 votes |
|
/**
* Check if the connector server creator can assume the identity of each
* principal in the authenticated subject, i.e. check if the connector
* server creator codebase contains a subject delegation permission for
* each principal present in the authenticated subject.
*
* @return {@code true} if the connector server creator can delegate to all
* the authenticated principals in the subject. Otherwise, {@code false}.
*/
public static synchronized boolean
checkRemoveCallerContext(Subject subject) {
try {
for (Principal p : getSubjectPrincipals(subject)) {
final String pname =
p.getClass().getName() + "." + p.getName();
final Permission sdp =
new SubjectDelegationPermission(pname);
AccessController.checkPermission(sdp);
}
} catch (SecurityException e) {
return false;
}
return true;
}
Example 7
| Source File: ExtensiblePolicyTest.java From dragonwell8_jdk with GNU General Public License v2.0 | 6 votes |
|
public static void main(String args[]) throws Throwable {
// ExtensiblePolicyTest1.policy: policy file grants permission to
// watch TVChannel 3-6
// ExtensiblePolicyTest2.policy: policy file grants permission to
// watch TVChanel 4
// ExtensiblePolicyTest3.policy: policy file grants permission signed
// by duke2 to watch TVChanel 5
TVPermission perm = new TVPermission("channel:5", "watch");
boolean getException = false;
String exceptionMessage = null;
boolean expectException = Boolean.parseBoolean(args[0]);
try {
AccessController.checkPermission(perm);
} catch (SecurityException se) {
getException = true;
exceptionMessage = se.getMessage();
}
if (expectException ^ getException) {
throw new RuntimeException("Test Failed: expectException = "
+ expectException + " getException = " + getException
+ "\n" + exceptionMessage);
}
}
Example 8
| Source File: SubjectDelegator.java From dragonwell8_jdk with GNU General Public License v2.0 | 6 votes |
|
/**
* Check if the connector server creator can assume the identity of each
* principal in the authenticated subject, i.e. check if the connector
* server creator codebase contains a subject delegation permission for
* each principal present in the authenticated subject.
*
* @return {@code true} if the connector server creator can delegate to all
* the authenticated principals in the subject. Otherwise, {@code false}.
*/
public static synchronized boolean
checkRemoveCallerContext(Subject subject) {
try {
for (Principal p : getSubjectPrincipals(subject)) {
final String pname =
p.getClass().getName() + "." + p.getName();
final Permission sdp =
new SubjectDelegationPermission(pname);
AccessController.checkPermission(sdp);
}
} catch (SecurityException e) {
return false;
}
return true;
}
Example 9
| Source File: FailureDebugOption.java From dragonwell8_jdk with GNU General Public License v2.0 | 5 votes |
|
public static void main (String argv[]) throws Exception {
try {
AccessController.checkPermission(
new BasicPermission("no such permission"){});
} catch (NullPointerException npe) {
throw new Exception("Unexpected NullPointerException for security" +
" debug option, -Djava.security.debug=failure");
} catch (AccessControlException ace) {
}
}
Example 10
| Source File: SubjectDelegator.java From openjdk-jdk8u with GNU General Public License v2.0 | 5 votes |
|
public AccessControlContext
delegatedContext(AccessControlContext authenticatedACC,
Subject delegatedSubject,
boolean removeCallerContext)
throws SecurityException {
if (System.getSecurityManager() != null && authenticatedACC == null) {
throw new SecurityException("Illegal AccessControlContext: null");
}
// Check if the subject delegation permission allows the
// authenticated subject to assume the identity of each
// principal in the delegated subject
//
Collection<Principal> ps = getSubjectPrincipals(delegatedSubject);
final Collection<Permission> permissions = new ArrayList<>(ps.size());
for(Principal p : ps) {
final String pname = p.getClass().getName() + "." + p.getName();
permissions.add(new SubjectDelegationPermission(pname));
}
PrivilegedAction<Void> action =
new PrivilegedAction<Void>() {
public Void run() {
for (Permission sdp : permissions) {
AccessController.checkPermission(sdp);
}
return null;
}
};
AccessController.doPrivileged(action, authenticatedACC);
return getDelegatedAcc(delegatedSubject, removeCallerContext);
}
Example 11
| Source File: ExtensiblePolicyWithJarTest.java From TencentKona-8 with GNU General Public License v2.0 | 5 votes |
|
public static void main(String args[]) {
TVPermission perm = new TVPermission("channel:5", "watch");
try {
AccessController.checkPermission(perm);
} catch (SecurityException se) {
throw new RuntimeException(se);
}
}
Example 12
| Source File: ExtensiblePolicyWithJarTest.java From dragonwell8_jdk with GNU General Public License v2.0 | 5 votes |
|
public static void main(String args[]) {
TVPermission perm = new TVPermission("channel:5", "watch");
try {
AccessController.checkPermission(perm);
} catch (SecurityException se) {
throw new RuntimeException(se);
}
}
Example 13
| Source File: FailureDebugOption.java From TencentKona-8 with GNU General Public License v2.0 | 5 votes |
|
public static void main (String argv[]) throws Exception {
try {
AccessController.checkPermission(
new BasicPermission("no such permission"){});
} catch (NullPointerException npe) {
throw new Exception("Unexpected NullPointerException for security" +
" debug option, -Djava.security.debug=failure");
} catch (AccessControlException ace) {
}
}
Example 14
| Source File: ExtensiblePolicyWithJarTest.java From openjdk-jdk8u with GNU General Public License v2.0 | 5 votes |
|
public static void main(String args[]) {
TVPermission perm = new TVPermission("channel:5", "watch");
try {
AccessController.checkPermission(perm);
} catch (SecurityException se) {
throw new RuntimeException(se);
}
}
Example 15
| Source File: FailureDebugOption.java From jdk8u60 with GNU General Public License v2.0 | 5 votes |
|
public static void main (String argv[]) throws Exception {
try {
AccessController.checkPermission(
new BasicPermission("no such permission"){});
} catch (NullPointerException npe) {
throw new Exception("Unexpected NullPointerException for security" +
" debug option, -Djava.security.debug=failure");
} catch (AccessControlException ace) {
}
}
Example 16
| Source File: SubjectDelegator.java From dragonwell8_jdk with GNU General Public License v2.0 | 5 votes |
|
public AccessControlContext
delegatedContext(AccessControlContext authenticatedACC,
Subject delegatedSubject,
boolean removeCallerContext)
throws SecurityException {
if (System.getSecurityManager() != null && authenticatedACC == null) {
throw new SecurityException("Illegal AccessControlContext: null");
}
// Check if the subject delegation permission allows the
// authenticated subject to assume the identity of each
// principal in the delegated subject
//
Collection<Principal> ps = getSubjectPrincipals(delegatedSubject);
final Collection<Permission> permissions = new ArrayList<>(ps.size());
for(Principal p : ps) {
final String pname = p.getClass().getName() + "." + p.getName();
permissions.add(new SubjectDelegationPermission(pname));
}
PrivilegedAction<Void> action =
new PrivilegedAction<Void>() {
public Void run() {
for (Permission sdp : permissions) {
AccessController.checkPermission(sdp);
}
return null;
}
};
AccessController.doPrivileged(action, authenticatedACC);
return getDelegatedAcc(delegatedSubject, removeCallerContext);
}
Example 17
| Source File: FailureDebugOption.java From openjdk-jdk8u with GNU General Public License v2.0 | 5 votes |
|
public static void main (String argv[]) throws Exception {
try {
AccessController.checkPermission(
new BasicPermission("no such permission"){});
} catch (NullPointerException npe) {
throw new Exception("Unexpected NullPointerException for security" +
" debug option, -Djava.security.debug=failure");
} catch (AccessControlException ace) {
}
}
Example 18
| Source File: WildcardPrincipalName.java From openjdk-jdk8u with GNU General Public License v2.0 | 4 votes |
|
@Override public Void run() {
AccessController.checkPermission(permission);
return null;
}
Example 19
| Source File: WildcardPrincipalName.java From TencentKona-8 with GNU General Public License v2.0 | 4 votes |
|
@Override public Void run() {
AccessController.checkPermission(permission);
return null;
}
Example 20
| Source File: WildcardPrincipalName.java From jdk8u60 with GNU General Public License v2.0 | 4 votes |
|
@Override public Void run() {
AccessController.checkPermission(permission);
return null;
}
