[JBoss-dev] CVS update: jbosstest/src/main/org/jboss/test/securitymgr/ejb IOStatelessSessionBean.java

[Scott M Stark]

  User: starksm 
  Date: 02/02/28 18:21:43

  Modified:src/main/org/jboss/test/securitymgr/ejb
IOStatelessSessionBean.java
  Log:
  Add additional tests
  
  Revision  ChangesPath
  1.3   +49 -7 
jbosstest/src/main/org/jboss/test/securitymgr/ejb/IOStatelessSessionBean.java
  
  Index: IOStatelessSessionBean.java
  ===
  RCS file: 
/cvsroot/jboss/jbosstest/src/main/org/jboss/test/securitymgr/ejb/IOStatelessSessionBean.java,v
  retrieving revision 1.2
  retrieving revision 1.3
  diff -u -r1.2 -r1.3
  --- IOStatelessSessionBean.java   28 Feb 2002 08:43:20 -  1.2
  +++ IOStatelessSessionBean.java   1 Mar 2002 02:21:43 -   1.3
  @@ -3,10 +3,9 @@
   import java.io.File;
   import java.io.IOException;
   import java.lang.SecurityManager;
  +import java.lang.reflect.Field;
   import java.net.ServerSocket;
   import java.net.Socket;
  -import java.net.URL;
  -import java.net.URLClassLoader;
   import java.security.Permission;
   import java.security.Principal;
   import javax.ejb.CreateException;
  @@ -16,11 +15,13 @@
   
   import org.apache.log4j.Category;
   
  +import org.jboss.security.SecurityAssociation;
  +
   /** A session bean that attempts operations not allowed by the EJB 2.0
spec as a test of running JBoss with a security manager.

   @author [EMAIL PROTECTED]
  -@version $Revision: 1.2 $
  +@version $Revision: 1.3 $
*/
   public class IOStatelessSessionBean implements SessionBean
   {
  @@ -83,9 +84,11 @@
  public void createClassLoader()
  {
 log.debug(createClassLoader);
  -  URL[] empty = {};
  -  ClassLoader cl = URLClassLoader.newInstance(empty);
  -  log.debug(Created URLClassLoader);
  +  // Can't use URLClassLoader.newInstance as this uses a privaledged block
  +  ClassLoader cl = new ClassLoader()
  + {
  + };
  +  log.debug(Created ClassLoader);
  }
  public void getContextClassLoader()
  {
  @@ -97,7 +100,7 @@
  public void setContextClassLoader()
  {
 log.debug(Begin setContextClassLoader);
  -  URLClassLoader cl = null;
  +  ClassLoader cl = null;
 Thread.currentThread().setContextClassLoader(cl);
 log.debug(End setContextClassLoader);
  }
  @@ -111,6 +114,45 @@
}
 };
 System.setSecurityManager(secmgr);
  +   }
  +
  +   /** This will only be disallowed if the current thread belongs to the
  +root thread group and this is rarely true as even the thread that
  +starts main() is not in this group.
  +*/
  +   public void renameThread()
  +   {
  +  log.debug(renameThread);
  +  Thread t = Thread.currentThread();
  +  t.setName(Hijacked name);
  +  log.debug(Renamed current thread);
  +   }
  +
  +   /** This test will only fail if reflection is used on a class that
  +has not been loaded by the same class loader as the IOStatelessSessionBean
  +*/
  +   public void useReflection()
  +   {
  +  log.debug(useReflection);
  +  try
  +  {
  + Field secret = System.class.getDeclaredField(secret);
  + Object value = secret.get(null);
  +  }
  +  catch(NoSuchFieldException e)
  +  {
  +  }
  +  catch(IllegalAccessException e)
  +  {
  +  }
  +  log.debug(Search for System.secret did not fail with a SecurityException);
  +   }
  +
  +   public void loadLibrary()
  +   {
  +  log.debug(loadLibrary);
  +  System.loadLibrary(jdwp);
  +  log.debug(Called System.loadLibrary);
  }
   
  public void changeSystemOut()
  
  
  

___
Jboss-development mailing list
[EMAIL PROTECTED]
https://lists.sourceforge.net/lists/listinfo/jboss-development

[JBoss-dev] CVS update: jbosstest/src/main/org/jboss/test/securitymgr/ejb IOStatelessSessionBean.java

[Scott M Stark]

  User: starksm 
  Date: 02/02/25 00:11:21

  Added:   src/main/org/jboss/test/securitymgr/ejb
IOStatelessSessionBean.java
  Log:
  Unit tests for running JBoss under a security manager
  
  Revision  ChangesPath
  1.1  
jbosstest/src/main/org/jboss/test/securitymgr/ejb/IOStatelessSessionBean.java
  
  Index: IOStatelessSessionBean.java
  ===
  package org.jboss.test.securitymgr.ejb;
  
  import java.io.File;
  import java.io.IOException;
  import java.security.Principal;
  import javax.ejb.CreateException;
  import javax.ejb.EJBException;
  import javax.ejb.SessionBean;
  import javax.ejb.SessionContext;
  
  import org.apache.log4j.Category;
  
  /** A session bean that attempts I/O operations not allowed by the EJB 2.0
   spec as a test of running JBoss with a security manager.
   
  @author [EMAIL PROTECTED]
  @version $Revision: 1.1 $
   */
  public class IOStatelessSessionBean implements SessionBean
  {
 Category log = Category.getInstance(getClass());
  
 private SessionContext sessionContext;
  
 public void ejbCreate() throws CreateException
 {
 }
 public void ejbActivate()
 {
 }
 public void ejbPassivate()
 {
 }
 public void ejbRemove()
 {
 }
  
 public void setSessionContext(SessionContext context)
 {
sessionContext = context;
 }
  
 /**
  */
 public String read(String path) throws IOException
 {
log.debug(read, path=+path);
File tstPath = new File(path);
if( tstPath.exists() == false )
   path = null;
return path;
 }
  
 public void write(String path) throws IOException
 {
log.debug(write, path=+path);
File tstPath = new File(path);
tstPath.createNewFile();
 }
  }
  
  
  

___
Jboss-development mailing list
[EMAIL PROTECTED]
https://lists.sourceforge.net/lists/listinfo/jboss-development