User: starksm
Date: 02/02/28 00:43:20
Modified: src/main/org/jboss/test/securitymgr/ejb
IOStatelessSessionBean.java
Added: src/main/org/jboss/test/securitymgr/ejb BadBean.java
Log:
Add additional permission violation checks
Revision Changes Path
1.2 +76 -3
jbosstest/src/main/org/jboss/test/securitymgr/ejb/IOStatelessSessionBean.java
Index: IOStatelessSessionBean.java
===================================================================
RCS file:
/cvsroot/jboss/jbosstest/src/main/org/jboss/test/securitymgr/ejb/IOStatelessSessionBean.java,v
retrieving revision 1.1
retrieving revision 1.2
diff -u -r1.1 -r1.2
--- IOStatelessSessionBean.java 25 Feb 2002 08:11:21 -0000 1.1
+++ IOStatelessSessionBean.java 28 Feb 2002 08:43:20 -0000 1.2
@@ -2,6 +2,12 @@
import java.io.File;
import java.io.IOException;
+import java.lang.SecurityManager;
+import java.net.ServerSocket;
+import java.net.Socket;
+import java.net.URL;
+import java.net.URLClassLoader;
+import java.security.Permission;
import java.security.Principal;
import javax.ejb.CreateException;
import javax.ejb.EJBException;
@@ -10,15 +16,15 @@
import org.apache.log4j.Category;
-/** A session bean that attempts I/O operations not allowed by the EJB 2.0
+/** A session bean that attempts operations not allowed by the EJB 2.0
spec as a test of running JBoss with a security manager.
@author [EMAIL PROTECTED]
-@version $Revision: 1.1 $
+@version $Revision: 1.2 $
*/
public class IOStatelessSessionBean implements SessionBean
{
- Category log = Category.getInstance(getClass());
+ static final Category log = Category.getInstance(IOStatelessSessionBean.class);
private SessionContext sessionContext;
@@ -57,4 +63,71 @@
File tstPath = new File(path);
tstPath.createNewFile();
}
+
+ public void listen(int port) throws IOException
+ {
+ log.debug("Creating server listening port: "+port);
+ ServerSocket ss = new ServerSocket(port);
+ log.debug("Listening");
+ ss.close();
+ }
+
+ public void connect(String host, int port) throws IOException
+ {
+ log.debug("connect, host: "+host+", port: "+port);
+ Socket s = new Socket(host, port);
+ log.debug("Connected");
+ s.close();
+ }
+
+ public void createClassLoader()
+ {
+ log.debug("createClassLoader");
+ URL[] empty = {};
+ ClassLoader cl = URLClassLoader.newInstance(empty);
+ log.debug("Created URLClassLoader");
+ }
+ public void getContextClassLoader()
+ {
+ // This will be allowed because the our class loader is an ancestor of the TCL
+ log.debug("Begin getContextClassLoader");
+ ClassLoader cl = Thread.currentThread().getContextClassLoader();
+ log.debug("End getContextClassLoader");
+ }
+ public void setContextClassLoader()
+ {
+ log.debug("Begin setContextClassLoader");
+ URLClassLoader cl = null;
+ Thread.currentThread().setContextClassLoader(cl);
+ log.debug("End setContextClassLoader");
+ }
+ public void createSecurityMgr()
+ {
+ log.debug("createSecurityMgr");
+ SecurityManager secmgr = new SecurityManager()
+ {
+ public void checkPermission(Permission p)
+ {
+ }
+ };
+ System.setSecurityManager(secmgr);
+ }
+
+ public void changeSystemOut()
+ {
+ log.debug("changeSystemOut");
+ System.setOut(null);
+ }
+ public void changeSystemErr()
+ {
+ log.debug("changeSystemErr");
+ System.setErr(null);
+ }
+
+ public void systemExit(int status)
+ {
+ log.debug("systemExit");
+ System.exit(status);
+ }
+
}
1.1 jbosstest/src/main/org/jboss/test/securitymgr/ejb/BadBean.java
Index: BadBean.java
===================================================================
package org.jboss.test.securitymgr.ejb;
import java.security.Principal;
import javax.ejb.SessionBean;
import javax.ejb.SessionContext;
import org.apache.log4j.Category;
import org.jboss.security.SecurityAssociation;
/** A session bean that attempts things that should not be allowed
when running JBoss with a security manager.
@author [EMAIL PROTECTED]
@version $Revision: 1.1 $
*/
public class BadBean implements SessionBean
{
static final Category log = Category.getInstance(BadBean.class);
private SessionContext sessionContext;
public void ejbCreate()
{
}
public void ejbActivate()
{
}
public void ejbPassivate()
{
}
public void ejbRemove()
{
}
public void setSessionContext(SessionContext context)
{
sessionContext = context;
}
/** Creates a new instance of BadBean */
public BadBean()
{
}
public void accessSystemProperties()
{
System.getProperty("java.home");
System.setProperty("java.home","tjo");
}
public Principal getSecurityAssociationPrincipal()
{
return SecurityAssociation.getPrincipal();
}
public Object getSecurityAssociationCredential()
{
return SecurityAssociation.getCredential();
}
public void setSecurityAssociationPrincipal(Principal user)
{
SecurityAssociation.setPrincipal(user);
}
public void setSecurityAssociationCredential(char[] password)
{
SecurityAssociation.setCredential(password);
}
}
_______________________________________________
Jboss-development mailing list
[EMAIL PROTECTED]
https://lists.sourceforge.net/lists/listinfo/jboss-development
