[jboss-cvs] Picketbox SVN: r511 - in branches/eap62: picketbox/src/main/java/org/picketbox/factories and 10 other directories.
jboss-cvs-commits at lists.jboss.org
jboss-cvs-commits at lists.jboss.org
Thu Feb 20 15:02:42 EST 2014
Author: sguilhen at redhat.com
Date: 2014-02-20 15:02:40 -0500 (Thu, 20 Feb 2014)
New Revision: 511
Modified:
branches/eap62/
branches/eap62/picketbox/src/main/java/org/picketbox/factories/SecurityFactory.java
branches/eap62/security-jboss-sx/identity/src/main/java/org/jboss/security/identity/plugins/IdentityFactory.java
branches/eap62/security-jboss-sx/jbosssx/src/main/java/org/jboss/security/AppPolicy.java
branches/eap62/security-jboss-sx/jbosssx/src/main/java/org/jboss/security/ExternalPasswordCache.java
branches/eap62/security-jboss-sx/jbosssx/src/main/java/org/jboss/security/SecurityRolesAssociation.java
branches/eap62/security-jboss-sx/jbosssx/src/main/java/org/jboss/security/Util.java
branches/eap62/security-jboss-sx/jbosssx/src/main/java/org/jboss/security/auth/login/XMLLoginConfigImpl.java
branches/eap62/security-jboss-sx/jbosssx/src/main/java/org/jboss/security/config/SecurityConfiguration.java
branches/eap62/security-jboss-sx/jbosssx/src/main/java/org/jboss/security/config/StandaloneConfiguration.java
branches/eap62/security-jboss-sx/jbosssx/src/main/java/org/jboss/security/plugins/ClassLoaderLocatorFactory.java
branches/eap62/security-jboss-sx/jbosssx/src/main/java/org/jboss/security/plugins/TransactionManagerLocator.java
branches/eap62/security-jboss-sx/jbosssx/src/main/java/org/jboss/security/plugins/audit/JBossAuditManager.java
branches/eap62/security-spi/identity/src/main/java/org/jboss/security/identity/RoleFactory.java
branches/eap62/security-spi/spi/src/main/java/org/jboss/security/SecurityContextAssociation.java
branches/eap62/security-spi/spi/src/main/java/org/jboss/security/SecurityContextFactory.java
branches/eap62/security-spi/spi/src/main/java/org/jboss/security/factories/AuthorizationManagerFactory.java
branches/eap62/security-spi/spi/src/main/java/org/jboss/security/vault/SecurityVaultFactory.java
Log:
[BZ1050058] Adding Java Security Manager checks.
Property changes on: branches/eap62
___________________________________________________________________
Modified: svn:mergeinfo
- /branches/4.0.16.Final_BZ_901138:413
/branches/embargo/4.0.14.Final-JBPAPP6-1704:377
/branches/embargo/4.0.16.Final-vault:408-449
/tags/4.0.16.Final:393-407
/trunk:458,462-464
+ /branches/4.0.16.Final_BZ_901138:413
/branches/embargo/4.0.14.Final-JBPAPP6-1704:377
/branches/embargo/4.0.16.Final-vault:408-449
/branches/embargo/BZ1050058-JSM-checks:497
/tags/4.0.16.Final:393-407
/trunk:458,462-464
Modified: branches/eap62/picketbox/src/main/java/org/picketbox/factories/SecurityFactory.java
===================================================================
--- branches/eap62/picketbox/src/main/java/org/picketbox/factories/SecurityFactory.java 2014-02-20 18:31:32 UTC (rev 510)
+++ branches/eap62/picketbox/src/main/java/org/picketbox/factories/SecurityFactory.java 2014-02-20 20:02:40 UTC (rev 511)
@@ -87,6 +87,10 @@
*/
public static AuthenticationManager getAuthenticationManager(String securityDomain)
{
+ SecurityManager sm = System.getSecurityManager();
+ if (sm != null) {
+ sm.checkPermission(new RuntimePermission(SecurityFactory.class.getName() + ".getAuthenticationManager"));
+ }
validate();
return securityManagement.getAuthenticationManager(securityDomain);
}
@@ -98,6 +102,10 @@
*/
public static AuthorizationManager getAuthorizationManager(String securityDomain)
{
+ SecurityManager sm = System.getSecurityManager();
+ if (sm != null) {
+ sm.checkPermission(new RuntimePermission(SecurityFactory.class.getName()+ ".getAuthorizationManager"));
+ }
validate();
return securityManagement.getAuthorizationManager(securityDomain);
}
@@ -109,6 +117,10 @@
*/
public static AuditManager getAuditManager(String securityDomain)
{
+ SecurityManager sm = System.getSecurityManager();
+ if (sm != null) {
+ sm.checkPermission(new RuntimePermission(SecurityFactory.class.getName() + ".getAuditManager"));
+ }
validate();
return securityManagement.getAuditManager(securityDomain);
}
@@ -120,6 +132,10 @@
*/
public static MappingManager getMappingManager(String securityDomain)
{
+ SecurityManager sm = System.getSecurityManager();
+ if (sm != null) {
+ sm.checkPermission(new RuntimePermission(SecurityFactory.class.getName() + ".getMappingManager"));
+ }
validate();
return securityManagement.getMappingManager(securityDomain);
}
@@ -130,6 +146,10 @@
*/
public static ISecurityManagement getSecurityManagement()
{
+ SecurityManager sm = System.getSecurityManager();
+ if (sm != null) {
+ sm.checkPermission(new RuntimePermission(SecurityFactory.class.getName() + ".getSecurityManagement"));
+ }
return securityManagement;
}
@@ -139,6 +159,10 @@
*/
public static void setSecurityManagement(ISecurityManagement iSecurityManagement)
{
+ SecurityManager sm = System.getSecurityManager();
+ if (sm != null) {
+ sm.checkPermission(new RuntimePermission(SecurityFactory.class.getName() + ".setSecurityManagement"));
+ }
securityManagement = iSecurityManagement;
}
@@ -150,6 +174,10 @@
*/
public static void prepare()
{
+ SecurityManager sm = System.getSecurityManager();
+ if (sm != null) {
+ sm.checkPermission(new RuntimePermission(SecurityFactory.class.getName() + ".prepare"));
+ }
if(Configuration.getConfiguration() instanceof ApplicationPolicyRegistration == false)
{
standaloneConfiguration.setParentConfig(parentConfiguration);
@@ -163,6 +191,10 @@
*/
public static SecurityContext establishSecurityContext(String securityDomainName)
{
+ SecurityManager sm = System.getSecurityManager();
+ if (sm != null) {
+ sm.checkPermission(new RuntimePermission(SecurityFactory.class.getName() + ".establishSecurityContext"));
+ }
SecurityContext securityContext = null;
try
{
@@ -181,6 +213,10 @@
*/
public static void release()
{
+ SecurityManager sm = System.getSecurityManager();
+ if (sm != null) {
+ sm.checkPermission(new RuntimePermission(SecurityFactory.class.getName() + ".release"));
+ }
Configuration config = Configuration.getConfiguration();
if(config == standaloneConfiguration)
{
@@ -190,6 +226,10 @@
private static void validate()
{
+ SecurityManager sm = System.getSecurityManager();
+ if (sm != null) {
+ sm.checkPermission(new RuntimePermission(SecurityFactory.class.getName() + ".validate"));
+ }
assert(securityManagement != null);
}
}
\ No newline at end of file
Modified: branches/eap62/security-jboss-sx/identity/src/main/java/org/jboss/security/identity/plugins/IdentityFactory.java
===================================================================
--- branches/eap62/security-jboss-sx/identity/src/main/java/org/jboss/security/identity/plugins/IdentityFactory.java 2014-02-20 18:31:32 UTC (rev 510)
+++ branches/eap62/security-jboss-sx/identity/src/main/java/org/jboss/security/identity/plugins/IdentityFactory.java 2014-02-20 20:02:40 UTC (rev 511)
@@ -86,6 +86,10 @@
private static Object loadClass(String className, String ctorArg) throws Exception
{
+ SecurityManager sm = System.getSecurityManager();
+ if (sm != null) {
+ sm.checkPermission(new RuntimePermission(IdentityFactory.class.getName() + ".loadClass"));
+ }
Class<?> clazz = SecurityActions.getClass(className);
Constructor<?> ctr = clazz.getConstructor(new Class[]
{String.class});
@@ -95,6 +99,10 @@
private static Object loadClass(String className, String ctorArg1, String ctorArg2) throws Exception
{
+ SecurityManager sm = System.getSecurityManager();
+ if (sm != null) {
+ sm.checkPermission(new RuntimePermission(IdentityFactory.class.getName() + ".loadClass"));
+ }
Class<?> clazz = SecurityActions.getClass(className);
Constructor<?> ctr = clazz.getConstructor(new Class[]
{String.class, String.class});
@@ -104,6 +112,10 @@
private static Object loadClass(String className, String ctorArg1, Role ctorArg2) throws Exception
{
+ SecurityManager sm = System.getSecurityManager();
+ if (sm != null) {
+ sm.checkPermission(new RuntimePermission(IdentityFactory.class.getName() + ".loadClass"));
+ }
Class<?> clazz = SecurityActions.getClass(className);
Constructor<?> ctr = clazz.getConstructor(new Class[]
{String.class, Role.class});
Modified: branches/eap62/security-jboss-sx/jbosssx/src/main/java/org/jboss/security/AppPolicy.java
===================================================================
--- branches/eap62/security-jboss-sx/jbosssx/src/main/java/org/jboss/security/AppPolicy.java 2014-02-20 18:31:32 UTC (rev 510)
+++ branches/eap62/security-jboss-sx/jbosssx/src/main/java/org/jboss/security/AppPolicy.java 2014-02-20 20:02:40 UTC (rev 511)
@@ -83,6 +83,10 @@
public static void setDefaultAppPolicy(AppPolicy policy)
{
+ SecurityManager sm = System.getSecurityManager();
+ if (sm != null) {
+ sm.checkPermission(new RuntimePermission(AppPolicy.class.getName() + ".setDefaultAppPolicy"));
+ }
if( policy == null )
throw PicketBoxMessages.MESSAGES.invalidNullArgument("policy");
defaultAppPolicy = policy;
Modified: branches/eap62/security-jboss-sx/jbosssx/src/main/java/org/jboss/security/ExternalPasswordCache.java
===================================================================
--- branches/eap62/security-jboss-sx/jbosssx/src/main/java/org/jboss/security/ExternalPasswordCache.java 2014-02-20 18:31:32 UTC (rev 510)
+++ branches/eap62/security-jboss-sx/jbosssx/src/main/java/org/jboss/security/ExternalPasswordCache.java 2014-02-20 20:02:40 UTC (rev 511)
@@ -54,6 +54,10 @@
}
public static ExternalPasswordCache getExternalPasswordCacheInstance() {
+ SecurityManager sm = System.getSecurityManager();
+ if (sm != null) {
+ sm.checkPermission(new RuntimePermission(ExternalPasswordCache.class.getName() + ".getExternalPasswordCacheInstance"));
+ }
return PASSWORD_CACHE;
}
Modified: branches/eap62/security-jboss-sx/jbosssx/src/main/java/org/jboss/security/SecurityRolesAssociation.java
===================================================================
--- branches/eap62/security-jboss-sx/jbosssx/src/main/java/org/jboss/security/SecurityRolesAssociation.java 2014-02-20 18:31:32 UTC (rev 510)
+++ branches/eap62/security-jboss-sx/jbosssx/src/main/java/org/jboss/security/SecurityRolesAssociation.java 2014-02-20 20:02:40 UTC (rev 511)
@@ -24,7 +24,6 @@
import java.util.Map;
import java.util.Set;
-import org.jboss.logging.Logger;
/**
* The SecurityRolesAssociation uses a ThreadLocal to associate the SecurityRoleMetaData
@@ -49,6 +48,10 @@
*/
public static Map<String,Set<String>> getSecurityRoles()
{
+ SecurityManager sm = System.getSecurityManager();
+ if (sm != null) {
+ sm.checkPermission(new RuntimePermission(SecurityRolesAssociation.class.getName() + ".getSecurityRoles"));
+ }
return (Map<String,Set<String>>) threadSecurityRoleMapping.get();
}
@@ -57,6 +60,10 @@
*/
public static void setSecurityRoles(Map<String,Set<String>> securityRoles)
{
+ SecurityManager sm = System.getSecurityManager();
+ if (sm != null) {
+ sm.checkPermission(new RuntimePermission(SecurityRolesAssociation.class.getName() + ".setSecurityRoles"));
+ }
PicketBoxLogger.LOGGER.traceSecRolesAssociationSetSecurityRoles(securityRoles);
if(securityRoles == null)
threadSecurityRoleMapping.remove();
Modified: branches/eap62/security-jboss-sx/jbosssx/src/main/java/org/jboss/security/Util.java
===================================================================
--- branches/eap62/security-jboss-sx/jbosssx/src/main/java/org/jboss/security/Util.java 2014-02-20 18:31:32 UTC (rev 510)
+++ branches/eap62/security-jboss-sx/jbosssx/src/main/java/org/jboss/security/Util.java 2014-02-20 20:02:40 UTC (rev 511)
@@ -33,6 +33,7 @@
import java.util.ArrayList;
import java.util.StringTokenizer;
+
/**
* Util.
*
@@ -68,6 +69,10 @@
public static char[] loadPassword(String passwordCmd)
throws Exception
{
+ SecurityManager sm = System.getSecurityManager();
+ if (sm != null) {
+ sm.checkPermission(new RuntimePermission(Util.class.getName() + ".loadPassword"));
+ }
char[] password = null;
String passwordCmdType = null;
Modified: branches/eap62/security-jboss-sx/jbosssx/src/main/java/org/jboss/security/auth/login/XMLLoginConfigImpl.java
===================================================================
--- branches/eap62/security-jboss-sx/jbosssx/src/main/java/org/jboss/security/auth/login/XMLLoginConfigImpl.java 2014-02-20 18:31:32 UTC (rev 510)
+++ branches/eap62/security-jboss-sx/jbosssx/src/main/java/org/jboss/security/auth/login/XMLLoginConfigImpl.java 2014-02-20 20:02:40 UTC (rev 511)
@@ -99,6 +99,10 @@
*/
public static XMLLoginConfigImpl getInstance()
{
+ SecurityManager sm = System.getSecurityManager();
+ if (sm != null) {
+ sm.checkPermission(new RuntimePermission(XMLLoginConfigImpl.class.getName() + ".getInstance"));
+ }
return instance;
}
Modified: branches/eap62/security-jboss-sx/jbosssx/src/main/java/org/jboss/security/config/SecurityConfiguration.java
===================================================================
--- branches/eap62/security-jboss-sx/jbosssx/src/main/java/org/jboss/security/config/SecurityConfiguration.java 2014-02-20 18:31:32 UTC (rev 510)
+++ branches/eap62/security-jboss-sx/jbosssx/src/main/java/org/jboss/security/config/SecurityConfiguration.java 2014-02-20 20:02:40 UTC (rev 511)
@@ -46,6 +46,10 @@
*/
public static void addApplicationPolicy(ApplicationPolicy applicationPolicy)
{
+ SecurityManager sm = System.getSecurityManager();
+ if (sm != null) {
+ sm.checkPermission(new RuntimePermission(SecurityConfiguration.class.getName() + ".addApplicationPolicy"));
+ }
if(applicationPolicy == null)
throw PicketBoxMessages.MESSAGES.invalidNullArgument("applicationPolicy");
appPolicies.put(applicationPolicy.getName(), applicationPolicy);
@@ -57,6 +61,10 @@
*/
public static void removeApplicationPolicy(String name)
{
+ SecurityManager sm = System.getSecurityManager();
+ if (sm != null) {
+ sm.checkPermission(new RuntimePermission(SecurityConfiguration.class.getName() + ".removeApplicationPolicy"));
+ }
appPolicies.remove(name);
}
@@ -67,41 +75,73 @@
*/
public static ApplicationPolicy getApplicationPolicy(String policyName)
{
+ SecurityManager sm = System.getSecurityManager();
+ if (sm != null) {
+ sm.checkPermission(new RuntimePermission(SecurityConfiguration.class.getName() + ".getApplicationPolicy"));
+ }
return (ApplicationPolicy)appPolicies.get(policyName);
}
public static String getCipherAlgorithm()
{
+ SecurityManager sm = System.getSecurityManager();
+ if (sm != null) {
+ sm.checkPermission(new RuntimePermission(SecurityConfiguration.class.getName() + ".getCipherAlgorithm"));
+ }
return cipherAlgorithm;
}
public static void setCipherAlgorithm(String ca)
{
+ SecurityManager sm = System.getSecurityManager();
+ if (sm != null) {
+ sm.checkPermission(new RuntimePermission(SecurityConfiguration.class.getName() + ".setCipherAlgorithm"));
+ }
cipherAlgorithm = ca;
}
public static Key getCipherKey()
{
+ SecurityManager sm = System.getSecurityManager();
+ if (sm != null) {
+ sm.checkPermission(new RuntimePermission(SecurityConfiguration.class.getName() + ".getCipherKey"));
+ }
return cipherKey;
}
public static void setCipherKey(Key ca)
{
+ SecurityManager sm = System.getSecurityManager();
+ if (sm != null) {
+ sm.checkPermission(new RuntimePermission(SecurityConfiguration.class.getName() + ".setCipherKey"));
+ }
cipherKey = ca;
}
public static AlgorithmParameterSpec getCipherSpec()
{
+ SecurityManager sm = System.getSecurityManager();
+ if (sm != null) {
+ sm.checkPermission(new RuntimePermission(SecurityConfiguration.class.getName() + ".getCipherSpec"));
+ }
return cipherSpec;
}
public static void setCipherSpec(AlgorithmParameterSpec aps)
{
+ SecurityManager sm = System.getSecurityManager();
+ if (sm != null) {
+ sm.checkPermission(new RuntimePermission(SecurityConfiguration.class.getName() + ".setCipherSpec"));
+ }
cipherSpec = aps;
}
public static int getIterationCount()
{
+ SecurityManager sm = System.getSecurityManager();
+ if (sm != null) {
+ sm.checkPermission(new RuntimePermission(SecurityConfiguration.class.getName() + ".getIterationCount"));
+ }
return iterationCount;
}
@@ -110,12 +150,20 @@
*/
public static void setIterationCount(int count)
{
+ SecurityManager sm = System.getSecurityManager();
+ if (sm != null) {
+ sm.checkPermission(new RuntimePermission(SecurityConfiguration.class.getName() + ".setIterationCount"));
+ }
iterationCount = count;
}
public static String getSalt()
{
+ SecurityManager sm = System.getSecurityManager();
+ if (sm != null) {
+ sm.checkPermission(new RuntimePermission(SecurityConfiguration.class.getName() + ".getSalt"));
+ }
return salt;
}
/** Set the salt used with PBE based on the keystore password.
@@ -123,6 +171,10 @@
*/
public static void setSalt(String s)
{
+ SecurityManager sm = System.getSecurityManager();
+ if (sm != null) {
+ sm.checkPermission(new RuntimePermission(SecurityConfiguration.class.getName() + ".setSalt"));
+ }
salt = s;
}
@@ -132,6 +184,10 @@
*/
public static String getKeyStoreType()
{
+ SecurityManager sm = System.getSecurityManager();
+ if (sm != null) {
+ sm.checkPermission(new RuntimePermission(SecurityConfiguration.class.getName() + ".getKeyStoreType"));
+ }
return keyStoreType;
}
/** Set the type of KeyStore implementation to use. This is
@@ -139,12 +195,20 @@
*/
public static void setKeyStoreType(String type)
{
+ SecurityManager sm = System.getSecurityManager();
+ if (sm != null) {
+ sm.checkPermission(new RuntimePermission(SecurityConfiguration.class.getName() + ".setKeyStoreType"));
+ }
keyStoreType = type;
}
/** Get the KeyStore database URL string.
*/
public static String getKeyStoreURL()
{
+ SecurityManager sm = System.getSecurityManager();
+ if (sm != null) {
+ sm.checkPermission(new RuntimePermission(SecurityConfiguration.class.getName() + ".getKeyStoreURL"));
+ }
return keyStoreURL;
}
/** Set the KeyStore database URL string. This is used to obtain
@@ -152,6 +216,10 @@
*/
public static void setKeyStoreURL(String storeURL)
{
+ SecurityManager sm = System.getSecurityManager();
+ if (sm != null) {
+ sm.checkPermission(new RuntimePermission(SecurityConfiguration.class.getName() + ".setKeyStoreURL"));
+ }
keyStoreURL = storeURL;
}
@@ -159,6 +227,10 @@
*/
public static String getKeyStorePass()
{
+ SecurityManager sm = System.getSecurityManager();
+ if (sm != null) {
+ sm.checkPermission(new RuntimePermission(SecurityConfiguration.class.getName() + ".getKeyStorePass"));
+ }
return keyStorePass ;
}
@@ -166,6 +238,10 @@
*/
public static void setKeyStorePass(String password)
{
+ SecurityManager sm = System.getSecurityManager();
+ if (sm != null) {
+ sm.checkPermission(new RuntimePermission(SecurityConfiguration.class.getName() + ".setKeyStorePass"));
+ }
keyStorePass = password;
}
@@ -174,6 +250,10 @@
*/
public static String getTrustStoreType()
{
+ SecurityManager sm = System.getSecurityManager();
+ if (sm != null) {
+ sm.checkPermission(new RuntimePermission(SecurityConfiguration.class.getName() + ".getTrustStoreType"));
+ }
return trustStoreType;
}
@@ -182,6 +262,10 @@
*/
public static void setTrustStoreType(String type)
{
+ SecurityManager sm = System.getSecurityManager();
+ if (sm != null) {
+ sm.checkPermission(new RuntimePermission(SecurityConfiguration.class.getName() + ".setTrustStoreType"));
+ }
trustStoreType = type;
}
@@ -189,6 +273,10 @@
*/
public static String getTrustStorePass()
{
+ SecurityManager sm = System.getSecurityManager();
+ if (sm != null) {
+ sm.checkPermission(new RuntimePermission(SecurityConfiguration.class.getName() + ".getTrustStorePass"));
+ }
return trustStorePass;
}
@@ -196,6 +284,10 @@
*/
public static void setTrustStorePass(String password)
{
+ SecurityManager sm = System.getSecurityManager();
+ if (sm != null) {
+ sm.checkPermission(new RuntimePermission(SecurityConfiguration.class.getName() + ".setTrustStorePass"));
+ }
trustStorePass = password;
}
@@ -203,6 +295,10 @@
*/
public static String getTrustStoreURL()
{
+ SecurityManager sm = System.getSecurityManager();
+ if (sm != null) {
+ sm.checkPermission(new RuntimePermission(SecurityConfiguration.class.getName() + ".getTrustStoreURL"));
+ }
return trustStoreURL;
}
@@ -211,16 +307,28 @@
*/
public static void setTrustStoreURL(String storeURL)
{
+ SecurityManager sm = System.getSecurityManager();
+ if (sm != null) {
+ sm.checkPermission(new RuntimePermission(SecurityConfiguration.class.getName() + ".setTrustStoreURL"));
+ }
trustStoreURL = storeURL;
}
public static boolean isDeepCopySubjectMode()
{
+ SecurityManager sm = System.getSecurityManager();
+ if (sm != null) {
+ sm.checkPermission(new RuntimePermission(SecurityConfiguration.class.getName() + ".isDeepCopySubjectMode"));
+ }
return deepCopySubjectMode;
}
public static void setDeepCopySubjectMode(boolean dcsm)
{
+ SecurityManager sm = System.getSecurityManager();
+ if (sm != null) {
+ sm.checkPermission(new RuntimePermission(SecurityConfiguration.class.getName() + ".setDeepCopySubjectMode"));
+ }
deepCopySubjectMode = dcsm;
}
}
\ No newline at end of file
Modified: branches/eap62/security-jboss-sx/jbosssx/src/main/java/org/jboss/security/config/StandaloneConfiguration.java
===================================================================
--- branches/eap62/security-jboss-sx/jbosssx/src/main/java/org/jboss/security/config/StandaloneConfiguration.java 2014-02-20 18:31:32 UTC (rev 510)
+++ branches/eap62/security-jboss-sx/jbosssx/src/main/java/org/jboss/security/config/StandaloneConfiguration.java 2014-02-20 20:02:40 UTC (rev 511)
@@ -60,7 +60,11 @@
public static StandaloneConfiguration getInstance()
{
- if(_instance == null)
+ SecurityManager sm = System.getSecurityManager();
+ if (sm != null) {
+ sm.checkPermission(new RuntimePermission(StandaloneConfiguration.class.getName() + ".getInstance"));
+ }
+ if(_instance == null)
_instance = new StandaloneConfiguration();
return _instance;
}
@@ -144,4 +148,4 @@
return entry;
}
-}
\ No newline at end of file
+}
Modified: branches/eap62/security-jboss-sx/jbosssx/src/main/java/org/jboss/security/plugins/ClassLoaderLocatorFactory.java
===================================================================
--- branches/eap62/security-jboss-sx/jbosssx/src/main/java/org/jboss/security/plugins/ClassLoaderLocatorFactory.java 2014-02-20 18:31:32 UTC (rev 510)
+++ branches/eap62/security-jboss-sx/jbosssx/src/main/java/org/jboss/security/plugins/ClassLoaderLocatorFactory.java 2014-02-20 20:02:40 UTC (rev 511)
@@ -21,6 +21,7 @@
*/
package org.jboss.security.plugins;
+
/**
* Simple factory for {@code ClassLoaderLocator}
* @author Anil Saldhana
@@ -36,11 +37,19 @@
*/
public static void set(ClassLoaderLocator cl)
{
+ SecurityManager sm = System.getSecurityManager();
+ if (sm != null) {
+ sm.checkPermission(new RuntimePermission(ClassLoaderLocatorFactory.class.getName() + ".set"));
+ }
theLocator = cl;
}
public static ClassLoaderLocator get()
{
+ SecurityManager sm = System.getSecurityManager();
+ if (sm != null) {
+ sm.checkPermission(new RuntimePermission(ClassLoaderLocatorFactory.class.getName() + ".get"));
+ }
return theLocator;
}
}
\ No newline at end of file
Modified: branches/eap62/security-jboss-sx/jbosssx/src/main/java/org/jboss/security/plugins/TransactionManagerLocator.java
===================================================================
--- branches/eap62/security-jboss-sx/jbosssx/src/main/java/org/jboss/security/plugins/TransactionManagerLocator.java 2014-02-20 18:31:32 UTC (rev 510)
+++ branches/eap62/security-jboss-sx/jbosssx/src/main/java/org/jboss/security/plugins/TransactionManagerLocator.java 2014-02-20 20:02:40 UTC (rev 511)
@@ -90,6 +90,10 @@
public static void setTransactionManager(TransactionManager transactionManager)
{
+ SecurityManager sm = System.getSecurityManager();
+ if (sm != null) {
+ sm.checkPermission(new RuntimePermission(TransactionManagerLocator.class.getName() + ".setTransactionManager"));
+ }
TransactionManagerLocator.transactionManager = transactionManager;
}
}
\ No newline at end of file
Modified: branches/eap62/security-jboss-sx/jbosssx/src/main/java/org/jboss/security/plugins/audit/JBossAuditManager.java
===================================================================
--- branches/eap62/security-jboss-sx/jbosssx/src/main/java/org/jboss/security/plugins/audit/JBossAuditManager.java 2014-02-20 18:31:32 UTC (rev 510)
+++ branches/eap62/security-jboss-sx/jbosssx/src/main/java/org/jboss/security/plugins/audit/JBossAuditManager.java 2014-02-20 20:02:40 UTC (rev 511)
@@ -86,6 +86,10 @@
public static AuditContext getAuditContext(String securityDomain)
{
+ SecurityManager sm = System.getSecurityManager();
+ if (sm != null) {
+ sm.checkPermission(new RuntimePermission(JBossAuditManager.class.getName() + ".getAuditContext"));
+ }
AuditContext ac = (AuditContext)contexts.get(securityDomain);
if(ac == null)
ac = defaultContext;
@@ -94,6 +98,10 @@
public static void addAuditContext(String securityDomain, AuditContext ac)
{
+ SecurityManager sm = System.getSecurityManager();
+ if (sm != null) {
+ sm.checkPermission(new RuntimePermission(JBossAuditManager.class.getName() + ".addAuditContext"));
+ }
contexts.put(securityDomain, ac);
}
Modified: branches/eap62/security-spi/identity/src/main/java/org/jboss/security/identity/RoleFactory.java
===================================================================
--- branches/eap62/security-spi/identity/src/main/java/org/jboss/security/identity/RoleFactory.java 2014-02-20 18:31:32 UTC (rev 510)
+++ branches/eap62/security-spi/identity/src/main/java/org/jboss/security/identity/RoleFactory.java 2014-02-20 20:02:40 UTC (rev 511)
@@ -26,6 +26,7 @@
import java.security.PrivilegedActionException;
import java.security.PrivilegedExceptionAction;
+
/**
* Factory to create roles
* @author Anil.Saldhana at redhat.com
@@ -85,11 +86,19 @@
public static void setSimpleRoleClass(String fqn)
{
+ SecurityManager sm = System.getSecurityManager();
+ if (sm != null) {
+ sm.checkPermission(new RuntimePermission(RoleFactory.class.getName() + ".setSimpleRoleClass"));
+ }
SIMPLE_ROLE_CLASS = fqn;
}
public static void setSimpleRoleGroupClass(String fqn)
{
+ SecurityManager sm = System.getSecurityManager();
+ if (sm != null) {
+ sm.checkPermission(new RuntimePermission(RoleFactory.class.getName() + ".setSimpleRoleGroupClass"));
+ }
SIMPLE_ROLEGROUP_CLASS = fqn;
}
}
Modified: branches/eap62/security-spi/spi/src/main/java/org/jboss/security/SecurityContextAssociation.java
===================================================================
--- branches/eap62/security-spi/spi/src/main/java/org/jboss/security/SecurityContextAssociation.java 2014-02-20 18:31:32 UTC (rev 510)
+++ branches/eap62/security-spi/spi/src/main/java/org/jboss/security/SecurityContextAssociation.java 2014-02-20 20:02:40 UTC (rev 511)
@@ -106,6 +106,10 @@
*/
public static void setClient()
{
+ SecurityManager sm = System.getSecurityManager();
+ if (sm != null) {
+ sm.checkPermission(new RuntimePermission(SecurityContextAssociation.class.getName() + ".setClient"));
+ }
SERVER = false;
}
@@ -205,6 +209,10 @@
*/
public static RunAs peekRunAsIdentity()
{
+ SecurityManager sm = System.getSecurityManager();
+ if (sm != null) {
+ sm.checkPermission(new RuntimePermission(SecurityContextAssociation.class.getName() + ".peekRunAsIdentity"));
+ }
RunAs ra = null;
SecurityContext sc = SecurityContextAssociation.getSecurityContext();
if (sc != null)
Modified: branches/eap62/security-spi/spi/src/main/java/org/jboss/security/SecurityContextFactory.java
===================================================================
--- branches/eap62/security-spi/spi/src/main/java/org/jboss/security/SecurityContextFactory.java 2014-02-20 18:31:32 UTC (rev 510)
+++ branches/eap62/security-spi/spi/src/main/java/org/jboss/security/SecurityContextFactory.java 2014-02-20 20:02:40 UTC (rev 511)
@@ -23,7 +23,6 @@
import java.lang.reflect.Constructor;
import java.security.Principal;
-
import javax.security.auth.Subject;
@@ -174,6 +173,10 @@
public static SecurityContext createSecurityContext(String securityDomain,
Class<? extends SecurityContext> clazz) throws Exception
{
+ SecurityManager sm = System.getSecurityManager();
+ if (sm != null) {
+ sm.checkPermission(new RuntimePermission(SecurityContextFactory.class.getName() + ".createSecurityContext"));
+ }
if(securityDomain == null)
throw PicketBoxMessages.MESSAGES.invalidNullArgument("security domain");
if(clazz == null)
@@ -185,6 +188,10 @@
private static SecurityContext createSecurityContext(String securityDomain, Constructor<SecurityContext> constructor) throws Exception
{
+ SecurityManager sm = System.getSecurityManager();
+ if (sm != null) {
+ sm.checkPermission(new RuntimePermission(SecurityContextFactory.class.getName() + ".createSecurityContext"));
+ }
if (securityDomain == null)
throw PicketBoxMessages.MESSAGES.invalidNullArgument("security domain");
if (constructor == null)
@@ -222,6 +229,10 @@
public static SecurityContext createSecurityContext(Principal p,
Object cred, Subject s, String securityDomain, ClassLoader classLoader) throws Exception
{
+ SecurityManager sm = System.getSecurityManager();
+ if (sm != null) {
+ sm.checkPermission(new RuntimePermission(SecurityContextFactory.class.getName() + ".createSecurityContext"));
+ }
SecurityContext jsc = createSecurityContext(securityDomain, classLoader);
jsc.getUtil().createSubjectInfo(p,cred,s);
return jsc;
@@ -266,6 +277,10 @@
*/
public static SecurityContextUtil createUtil(SecurityContext sc, ClassLoader classLoader) throws Exception
{
+ SecurityManager sm = System.getSecurityManager();
+ if (sm != null) {
+ sm.checkPermission(new RuntimePermission(SecurityContextFactory.class.getName() + ".createUtil"));
+ }
Constructor<SecurityContextUtil> ctr = defaultUtilConstructor;
if(ctr == null)
@@ -298,6 +313,10 @@
*/
public static SecurityContextUtil createUtil(SecurityContext sc, String utilFQN, ClassLoader classLoader) throws Exception
{
+ SecurityManager sm = System.getSecurityManager();
+ if (sm != null) {
+ sm.checkPermission(new RuntimePermission(SecurityContextFactory.class.getName() + ".createUtil"));
+ }
Class<?> clazz = loadClass(utilFQN, classLoader);
//Get the CTR
Constructor<? extends SecurityContextUtil> ctr =
@@ -313,6 +332,10 @@
public static SecurityContextUtil createUtil(SecurityContext sc,
Class<? extends SecurityContextUtil> utilClazz) throws Exception
{
+ SecurityManager sm = System.getSecurityManager();
+ if (sm != null) {
+ sm.checkPermission(new RuntimePermission(SecurityContextFactory.class.getName() + ".createUtil"));
+ }
//Get the CTR
Constructor<? extends SecurityContextUtil> ctr = utilClazz.getConstructor(new Class[]{SecurityContext.class});
return ctr.newInstance(new Object[]{sc});
@@ -324,6 +347,10 @@
*/
public static void setDefaultSecurityContextFQN(String fqn)
{
+ SecurityManager sm = System.getSecurityManager();
+ if (sm != null) {
+ sm.checkPermission(new RuntimePermission(SecurityContextFactory.class.getName() + ".setDefaultSecurityContextFQN"));
+ }
defaultFQN = fqn;
defaultSecurityContextClass = null;
defaultSecurityContextConstructor = null;
@@ -336,6 +363,10 @@
*/
public static void setDefaultSecurityContextUtilFQN(String fqn)
{
+ SecurityManager sm = System.getSecurityManager();
+ if (sm != null) {
+ sm.checkPermission(new RuntimePermission(SecurityContextFactory.class.getName() + ".setDefaultSecurityContextUtilFQN"));
+ }
defaultUtilClassFQN = fqn;
defaultUtilClass = null; //reset
defaultUtilConstructor = null;
Modified: branches/eap62/security-spi/spi/src/main/java/org/jboss/security/factories/AuthorizationManagerFactory.java
===================================================================
--- branches/eap62/security-spi/spi/src/main/java/org/jboss/security/factories/AuthorizationManagerFactory.java 2014-02-20 18:31:32 UTC (rev 510)
+++ branches/eap62/security-spi/spi/src/main/java/org/jboss/security/factories/AuthorizationManagerFactory.java 2014-02-20 20:02:40 UTC (rev 511)
@@ -41,6 +41,10 @@
public static AuthorizationManager getAuthorizationManager(String securityDomain)
throws Exception
{
+ SecurityManager sm = System.getSecurityManager();
+ if (sm != null) {
+ sm.checkPermission(new RuntimePermission(AuthorizationManagerFactory.class.getName() + ".getAuthorizationManager"));
+ }
Class clazz = SecurityActions.loadClass(fqn);
Constructor ctr = clazz.getConstructor(new Class[] { String.class} );
return (AuthorizationManager) ctr.newInstance(new Object[] {securityDomain});
@@ -48,6 +52,10 @@
public static void setFQN(String name)
{
+ SecurityManager sm = System.getSecurityManager();
+ if (sm != null) {
+ sm.checkPermission(new RuntimePermission(AuthorizationManagerFactory.class.getName() + ".setFQN"));
+ }
fqn = name;
}
}
\ No newline at end of file
Modified: branches/eap62/security-spi/spi/src/main/java/org/jboss/security/vault/SecurityVaultFactory.java
===================================================================
--- branches/eap62/security-spi/spi/src/main/java/org/jboss/security/vault/SecurityVaultFactory.java 2014-02-20 18:31:32 UTC (rev 510)
+++ branches/eap62/security-spi/spi/src/main/java/org/jboss/security/vault/SecurityVaultFactory.java 2014-02-20 20:02:40 UTC (rev 511)
@@ -53,6 +53,10 @@
*/
public static SecurityVault get(String fqn) throws SecurityVaultException
{
+ SecurityManager sm = System.getSecurityManager();
+ if (sm != null) {
+ sm.checkPermission(new RuntimePermission(SecurityVaultFactory.class.getName() + ".get"));
+ }
if(fqn == null)
return get();
More information about the jboss-cvs-commits
mailing list