July 2010 - jboss-remoting-commits

JBoss Remoting SVN: r5895 - remoting2/branches/2.x/src/tests/org/jboss/test/remoting/transport/http.

by jboss-remoting-commits＠lists.jboss.org

Author: ron.sigal(a)jboss.com Date: 2010-07-03 15:01:00 -0400 (Sat, 03 Jul 2010) New Revision: 5895 Modified: remoting2/branches/2.x/src/tests/org/jboss/test/remoting/transport/http/EmptyURITestCase.java Log: JBREM-1231: Wrapped all state changing calls to InvokerRegistry in PrivilegedAction. Modified: remoting2/branches/2.x/src/tests/org/jboss/test/remoting/transport/http/EmptyURITestCase.java =================================================================== --- remoting2/branches/2.x/src/tests/org/jboss/test/remoting/transport/http/EmptyURITestCase.java 2010-07-03 19:00:36 UTC (rev 5894) +++ remoting2/branches/2.x/src/tests/org/jboss/test/remoting/transport/http/EmptyURITestCase.java 2010-07-03 19:01:00 UTC (rev 5895) @@ -24,6 +24,8 @@ import java.io.IOException; import java.net.InetAddress; +import java.security.AccessController; +import java.security.PrivilegedAction; import java.util.HashMap; import java.util.Map; @@ -85,7 +87,14 @@ ConsoleAppender consoleAppender = new ConsoleAppender(layout); Logger.getRootLogger().addAppender(consoleAppender); - InvokerRegistry.registerInvokerFactories("http", TransportClientFactory.class, TestCoyoteInvokerFactory.class); + AccessController.doPrivileged( new PrivilegedAction() + { + public Object run() + { + InvokerRegistry.registerInvokerFactories("http", TransportClientFactory.class, TestCoyoteInvokerFactory.class); + return null; + } + }); } }

13 years, 10 months

1
0
0 / 0

JBoss Remoting SVN: r5894 - remoting2/branches/2.x/src/tests/org/jboss/test/remoting/registry.

by jboss-remoting-commits＠lists.jboss.org

Author: ron.sigal(a)jboss.com Date: 2010-07-03 15:00:36 -0400 (Sat, 03 Jul 2010) New Revision: 5894 Modified: remoting2/branches/2.x/src/tests/org/jboss/test/remoting/registry/InvokerRegistryRaceTestCase.java Log: JBREM-1231: Wrapped all state changing calls to InvokerRegistry in PrivilegedAction. Modified: remoting2/branches/2.x/src/tests/org/jboss/test/remoting/registry/InvokerRegistryRaceTestCase.java =================================================================== --- remoting2/branches/2.x/src/tests/org/jboss/test/remoting/registry/InvokerRegistryRaceTestCase.java 2010-07-03 18:27:59 UTC (rev 5893) +++ remoting2/branches/2.x/src/tests/org/jboss/test/remoting/registry/InvokerRegistryRaceTestCase.java 2010-07-03 19:00:36 UTC (rev 5894) @@ -2,6 +2,8 @@ import java.net.InetAddress; import java.net.MalformedURLException; +import java.security.AccessController; +import java.security.PrivilegedAction; import java.util.HashMap; import java.util.Map; @@ -273,7 +275,14 @@ { try { - InvokerRegistry.updateServerInvokerLocator(locator, locator); + AccessController.doPrivileged( new PrivilegedAction() + { + public Object run() + { + InvokerRegistry.updateServerInvokerLocator(locator, locator); + return null; + } + }); if ((i + 1) % (counter / 5) == 0) { log.info(this + " updated locator: " + (i + 1));

13 years, 10 months

1
0
0 / 0

JBoss Remoting SVN: r5893 - remoting2/branches/2.x/src/tests/org/jboss/test/remoting/connection.

by jboss-remoting-commits＠lists.jboss.org

Author: ron.sigal(a)jboss.com Date: 2010-07-03 14:27:59 -0400 (Sat, 03 Jul 2010) New Revision: 5893 Modified: remoting2/branches/2.x/src/tests/org/jboss/test/remoting/connection/ConnectionValidatorDisconnectTimeoutTestCase.java Log: JBREM-1231: Wrapped all state changing calls to InvokerRegistry in PrivilegedAction. Modified: remoting2/branches/2.x/src/tests/org/jboss/test/remoting/connection/ConnectionValidatorDisconnectTimeoutTestCase.java =================================================================== --- remoting2/branches/2.x/src/tests/org/jboss/test/remoting/connection/ConnectionValidatorDisconnectTimeoutTestCase.java 2010-07-03 17:27:13 UTC (rev 5892) +++ remoting2/branches/2.x/src/tests/org/jboss/test/remoting/connection/ConnectionValidatorDisconnectTimeoutTestCase.java 2010-07-03 18:27:59 UTC (rev 5893) @@ -24,6 +24,8 @@ import java.io.IOException; import java.net.InetAddress; +import java.security.AccessController; +import java.security.PrivilegedAction; import java.util.HashMap; import java.util.Map; @@ -475,8 +477,16 @@ protected void setupServer() throws Exception - { - InvokerRegistry.registerInvokerFactories("socket", org.jboss.remoting.transport.socket.TransportClientFactory.class, TestServerInvokerFactory.class); + { + AccessController.doPrivileged( new PrivilegedAction() + { + public Object run() + { + InvokerRegistry.registerInvokerFactories("socket", org.jboss.remoting.transport.socket.TransportClientFactory.class, TestServerInvokerFactory.class); + return null; + } + }); + host = InetAddress.getLocalHost().getHostAddress(); port = PortUtil.findFreePort(host); locatorURI = getTransport() + "://" + host + ":" + port + "/?x=x";

13 years, 10 months

1
0
0 / 0

JBoss Remoting SVN: r5892 - remoting2/branches/2.x/src/tests/org/jboss/test/remoting/transport/http/ssl/config.

by jboss-remoting-commits＠lists.jboss.org

Author: ron.sigal(a)jboss.com Date: 2010-07-03 13:27:13 -0400 (Sat, 03 Jul 2010) New Revision: 5892 Modified: remoting2/branches/2.x/src/tests/org/jboss/test/remoting/transport/http/ssl/config/HostnameVerifierTestCase.java Log: JBREM-1231: Wrapped all state changing calls to InvokerRegistry in PrivilegedAction. Modified: remoting2/branches/2.x/src/tests/org/jboss/test/remoting/transport/http/ssl/config/HostnameVerifierTestCase.java =================================================================== --- remoting2/branches/2.x/src/tests/org/jboss/test/remoting/transport/http/ssl/config/HostnameVerifierTestCase.java 2010-07-03 17:25:15 UTC (rev 5891) +++ remoting2/branches/2.x/src/tests/org/jboss/test/remoting/transport/http/ssl/config/HostnameVerifierTestCase.java 2010-07-03 17:27:13 UTC (rev 5892) @@ -37,8 +37,10 @@ import org.jboss.remoting.transport.Connector; import org.jboss.remoting.transport.PortUtil; import org.jboss.remoting.transport.http.ssl.HTTPSClientInvoker; +import javax.management.MBeanServer; -import javax.management.MBeanServer; +import java.security.AccessController; +import java.security.PrivilegedAction; import java.util.ArrayList; import java.util.HashMap; @@ -63,9 +65,16 @@ if (connector == null) { // Register subclassed transport for test. - InvokerRegistry.registerInvokerFactories(getTransport(), - TestClientInvokerFactory.class, - TestServerInvokerFactory.class); + AccessController.doPrivileged( new PrivilegedAction() + { + public Object run() + { + InvokerRegistry.registerInvokerFactories(getTransport(), + TestClientInvokerFactory.class, + TestServerInvokerFactory.class); + return null; + } + }); HashMap config = new HashMap();

13 years, 10 months

1
0
0 / 0

JBoss Remoting SVN: r5891 - remoting2/branches/2.x/src/tests/org/jboss/test/remoting/ssl.

by jboss-remoting-commits＠lists.jboss.org

Author: ron.sigal(a)jboss.com Date: 2010-07-03 13:25:15 -0400 (Sat, 03 Jul 2010) New Revision: 5891 Modified: remoting2/branches/2.x/src/tests/org/jboss/test/remoting/ssl/SSLSupportedTransportTestCase.java Log: JBREM-1231: Wrapped all state changing calls to InvokerRegistry in PrivilegedAction. Modified: remoting2/branches/2.x/src/tests/org/jboss/test/remoting/ssl/SSLSupportedTransportTestCase.java =================================================================== --- remoting2/branches/2.x/src/tests/org/jboss/test/remoting/ssl/SSLSupportedTransportTestCase.java 2010-07-03 17:24:44 UTC (rev 5890) +++ remoting2/branches/2.x/src/tests/org/jboss/test/remoting/ssl/SSLSupportedTransportTestCase.java 2010-07-03 17:25:15 UTC (rev 5891) @@ -21,6 +21,10 @@ */ package org.jboss.test.remoting.ssl; +import java.security.AccessController; +import java.security.PrivilegedActionException; +import java.security.PrivilegedExceptionAction; + import junit.framework.TestCase; import org.jboss.remoting.InvokerRegistry; @@ -31,13 +35,29 @@ { public void testTransportSupportsSSL() throws Exception { - String[] transports = new String[] {"socket", "sslsocket", "multiplex", "sslmultiplex", "rmi", "sslrmi", "http", "https"}; + final String[] transports = new String[] {"socket", "sslsocket", "multiplex", "sslmultiplex", "rmi", "sslrmi", "http", "https"}; boolean[] expextedResult = new boolean[] {false, true, false, true, false, true, false, true}; for(int x = 0; x < transports.length; x++) { - boolean isSupported = InvokerRegistry.isSSLSupported(transports[x]); - assertEquals("transport " + transports[x] + " was supposed to be " + expextedResult[x] + " for supporting ssl.", expextedResult[x], isSupported); + Boolean isSupported = null; + final int finalX = x; + try + { + isSupported = (Boolean) AccessController.doPrivileged( new PrivilegedExceptionAction() + { + public Object run() throws Exception + { + return new Boolean(InvokerRegistry.isSSLSupported(transports[finalX])); + } + }); + } + catch (PrivilegedActionException pae) + { + throw pae.getException(); + } + + assertEquals("transport " + transports[x] + " was supposed to be " + expextedResult[x] + " for supporting ssl.", expextedResult[x], isSupported.booleanValue()); } } } \ No newline at end of file

13 years, 10 months

1
0
0 / 0

JBoss Remoting SVN: r5890 - remoting2/branches/2.x/src/tests/org/jboss/test/remoting/security.

by jboss-remoting-commits＠lists.jboss.org

Author: ron.sigal(a)jboss.com Date: 2010-07-03 13:24:44 -0400 (Sat, 03 Jul 2010) New Revision: 5890 Added: remoting2/branches/2.x/src/tests/org/jboss/test/remoting/security/InvokerRegistryCaller.java remoting2/branches/2.x/src/tests/org/jboss/test/remoting/security/InvokerRegistrySecurityTestCase.java Log: JBREM-1231: New unit tests. Added: remoting2/branches/2.x/src/tests/org/jboss/test/remoting/security/InvokerRegistryCaller.java =================================================================== --- remoting2/branches/2.x/src/tests/org/jboss/test/remoting/security/InvokerRegistryCaller.java (rev 0) +++ remoting2/branches/2.x/src/tests/org/jboss/test/remoting/security/InvokerRegistryCaller.java 2010-07-03 17:24:44 UTC (rev 5890) @@ -0,0 +1,96 @@ +/* + * JBoss, Home of Professional Open Source + * + * Copyright 2010, Red Hat Middleware LLC, and individual contributors + * by the @author tags. See the COPYRIGHT.txt in the distribution for a + * full listing of individual contributors. + * + * This is free software; you can redistribute it and/or modify it + * under the terms of the GNU Lesser General Public License as + * published by the Free Software Foundation; either version 2.1 of + * the License, or (at your option) any later version. + * + * This software is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + * Lesser General Public License for more details. + * + * You should have received a copy of the GNU Lesser General Public + * License along with this software; if not, write to the Free + * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA + * 02110-1301 USA, or see the FSF site: http://www.fsf.org. + */ + +package org.jboss.test.remoting.security; + +import java.util.Map; + +import org.jboss.remoting.InvokerLocator; +import org.jboss.remoting.InvokerRegistry; +import org.jboss.remoting.ServerInvoker; + +/** + * Used by InvokerRegistrySecurityTestCase. + * + * @author <a href="mailto:ron.sigal@jboss.com">Ron Sigal</a> + * @version $Rev$ + * <p> + * Copyright Jul 1, 2010 + * </p> + */ +public class InvokerRegistryCaller +{ + public static void registerInvokerFactories(String transport, Class clientFactory, Class serverFactory) + { + new Exception("InvokerRegistryCaller stacktrace").printStackTrace(); + InvokerRegistry.registerInvokerFactories(transport, clientFactory, serverFactory); + } + + public static void unregisterInvokerFactories(String transport) + { + new Exception("InvokerRegistryCaller stacktrace").printStackTrace(); + InvokerRegistry.unregisterInvokerFactories(transport); + } + + public static void unregisterLocator(InvokerLocator locator) + { + new Exception("InvokerRegistryCaller stacktrace").printStackTrace(); + InvokerRegistry.unregisterLocator(locator); + } + + public static void destroyClientInvoker(InvokerLocator locator, Map map) + { + new Exception("InvokerRegistryCaller stacktrace").printStackTrace(); + InvokerRegistry.destroyClientInvoker(locator, map); + } + + public static void createClientInvoker(InvokerLocator locator, Map map) throws Exception + { + new Exception("InvokerRegistryCaller stacktrace").printStackTrace(); + InvokerRegistry.createClientInvoker(locator, map); + } + + public static void createServerInvoker(InvokerLocator locator, Map map) throws Exception + { + new Exception("InvokerRegistryCaller stacktrace").printStackTrace(); + InvokerRegistry.createServerInvoker(locator, map); + } + + public static void destroyServerInvoker(ServerInvoker invoker) throws Exception + { + new Exception("InvokerRegistryCaller stacktrace").printStackTrace(); + InvokerRegistry.destroyServerInvoker(invoker); + } + + public static void updateServerInvokerLocator(InvokerLocator locator, InvokerLocator newLocator) + { + new Exception("InvokerRegistryCaller stacktrace").printStackTrace(); + InvokerRegistry.updateServerInvokerLocator(locator, newLocator); + } + + public static void isSSLSupported(String transport) throws Exception + { + new Exception("InvokerRegistryCaller stacktrace").printStackTrace(); + InvokerRegistry.isSSLSupported(transport); + } +} Added: remoting2/branches/2.x/src/tests/org/jboss/test/remoting/security/InvokerRegistrySecurityTestCase.java =================================================================== --- remoting2/branches/2.x/src/tests/org/jboss/test/remoting/security/InvokerRegistrySecurityTestCase.java (rev 0) +++ remoting2/branches/2.x/src/tests/org/jboss/test/remoting/security/InvokerRegistrySecurityTestCase.java 2010-07-03 17:24:44 UTC (rev 5890) @@ -0,0 +1,399 @@ +/* + * JBoss, Home of Professional Open Source + * Copyright 2010, JBoss Inc., and individual contributors as indicated + * by the @authors tag. See the copyright.txt in the distribution for a + * full listing of individual contributors. + * + * This is free software; you can redistribute it and/or modify it + * under the terms of the GNU Lesser General Public License as + * published by the Free Software Foundation; either version 2.1 of + * the License, or (at your option) any later version. + * + * This software is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + * Lesser General Public License for more details. + * + * You should have received a copy of the GNU Lesser General Public + * License along with this software; if not, write to the Free + * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA + * 02110-1301 USA, or see the FSF site: http://www.fsf.org. + */ +package org.jboss.test.remoting.security; + +import java.io.IOException; +import java.util.HashMap; +import java.util.Map; + +import junit.framework.TestCase; + +import org.apache.log4j.ConsoleAppender; +import org.apache.log4j.Level; +import org.apache.log4j.Logger; +import org.apache.log4j.PatternLayout; +import org.jboss.remoting.Client; +import org.jboss.remoting.InvokerLocator; +import org.jboss.remoting.InvokerRegistry; +import org.jboss.remoting.ServerInvoker; +import org.jboss.remoting.transport.ClientFactory; +import org.jboss.remoting.transport.ClientInvoker; +import org.jboss.remoting.transport.Connector; +import org.jboss.remoting.transport.ServerFactory; +import org.jboss.remoting.transport.socket.SocketClientInvoker; +import org.jboss.remoting.transport.socket.SocketServerInvoker; + + +public class InvokerRegistrySecurityTestCase extends TestCase +{ + private static Logger log = Logger.getLogger(InvokerRegistrySecurityTestCase.class); + private static boolean firstTime = true; + + public void setUp() throws Exception + { + if (firstTime) + { + firstTime = false; + Logger.getLogger("org.jboss.remoting").setLevel(Level.INFO); + Logger.getLogger("org.jboss.test.remoting").setLevel(Level.INFO); + String pattern = "[%d{ABSOLUTE}] [%t] %5p (%F:%L) - %m%n"; + PatternLayout layout = new PatternLayout(pattern); + ConsoleAppender consoleAppender = new ConsoleAppender(layout); + Logger.getRootLogger().addAppender(consoleAppender); + } + } + + + public void tearDown() + { + } + + + public void testRegisterUnregisterInvokerFactories() throws Throwable + { + log.info("entering " + getName()); + + // Call from code with proper privileges. + InvokerRegistry.registerInvokerFactories("test", TestClientFactory.class, TestServerFactory.class); + InvokerRegistry.unregisterInvokerFactories("test"); + + // Call from code without proper privileges. + if (System.getSecurityManager() == null) + { + InvokerRegistryCaller.registerInvokerFactories("test", TestClientFactory.class, TestServerFactory.class); + InvokerRegistryCaller.unregisterInvokerFactories("test"); + } + else + { + try + { + InvokerRegistryCaller.registerInvokerFactories("test", TestClientFactory.class, TestServerFactory.class); + fail("expected SecurityException"); + } + catch (SecurityException e) + { + log.info("got expected SecurityException"); + } + try + { + InvokerRegistryCaller.unregisterInvokerFactories("test"); + fail("expected SecurityException"); + } + catch (SecurityException e) + { + log.info("got expected SecurityException"); + } + } + + log.info(getName() + " PASSES"); + } + + public void testUnregisterLocator() throws Throwable + { + log.info("entering " + getName()); + Connector connector = null; + + try + { + // Create server, which stores InvokerLocator in InvokerRegistry. + InvokerLocator locator = new InvokerLocator("socket://localhost"); + connector = new Connector(locator); + connector.start(); + InvokerLocator updatedLocator = connector.getLocator(); + + // Call from code with proper privileges. + InvokerRegistry.unregisterLocator(updatedLocator); + + // Call from code without proper privileges. + if (System.getSecurityManager() == null) + { + InvokerRegistryCaller.unregisterLocator(updatedLocator); + } + else + { + try + { + InvokerRegistryCaller.unregisterLocator(updatedLocator); + fail("expected SecurityException"); + } + catch (SecurityException e) + { + log.info("got expected SecurityException"); + } + } + } + finally + { + if (connector != null) + { + connector.stop(); + } + } + + log.info(getName() + " PASSES"); + } + + public void testDestroyClientInvoker() throws Throwable + { + log.info("entering " + getName()); + Client client = null; + + try + { + // Create client. + InvokerLocator locator = new InvokerLocator("socket://localhost"); + client = new Client(locator); + client.connect(); + + // Call from code with proper privileges. + InvokerRegistry.destroyClientInvoker(locator, new HashMap()); + + // Call from code without proper privileges. + if (System.getSecurityManager() == null) + { + InvokerRegistryCaller.destroyClientInvoker(locator, new HashMap()); + } + else + { + try + { + InvokerRegistryCaller.destroyClientInvoker(locator, new HashMap()); + fail("expected SecurityException"); + } + catch (SecurityException e) + { + log.info("got expected SecurityException"); + } + } + } + finally + { + if (client != null) + { + client.disconnect(); + } + } + + log.info(getName() + " PASSES"); + } + + public void testCreateClientInvoker() throws Throwable + { + log.info("entering " + getName()); + InvokerLocator locator = new InvokerLocator("socket://localhost"); + + // Call from code with proper privileges. + ClientInvoker invoker = InvokerRegistry.createClientInvoker(locator, new HashMap());; + + try + { + // Call from code without proper privileges. + if (System.getSecurityManager() == null) + { + InvokerRegistryCaller.createClientInvoker(locator, new HashMap()); + } + else + { + try + { + InvokerRegistryCaller.createClientInvoker(locator, new HashMap()); + fail("expected SecurityException"); + } + catch (SecurityException e) + { + log.info("got expected SecurityException"); + } + } + } + finally + { + if (invoker != null) + { + InvokerRegistry.destroyClientInvoker(locator, new HashMap()); + } + } + + log.info(getName() + " PASSES"); + } + + public void testCreateServerInvoker() throws Throwable + { + log.info("entering " + getName()); + InvokerLocator locator = new InvokerLocator("socket://localhost"); + + // Call from code with proper privileges. + ServerInvoker invoker = InvokerRegistry.createServerInvoker(locator, new HashMap());; + + try + { + // Call from code without proper privileges. + if (System.getSecurityManager() == null) + { + InvokerRegistryCaller.createServerInvoker(locator, new HashMap()); + } + else + { + try + { + InvokerRegistryCaller.createServerInvoker(locator, new HashMap()); + fail("expected SecurityException"); + } + catch (SecurityException e) + { + log.info("got expected SecurityException"); + } + } + } + finally + { + if (invoker != null) + { + InvokerRegistry.destroyServerInvoker(invoker); + } + } + + log.info(getName() + " PASSES"); + } + + public void testDestroyServerInvoker() throws Throwable + { + log.info("entering " + getName()); + InvokerLocator locator = new InvokerLocator("socket://localhost"); + ServerInvoker invoker = InvokerRegistry.createServerInvoker(locator, new HashMap());; + + // Call from code with proper privileges. + InvokerRegistry.destroyServerInvoker(invoker); + + // Call from code without proper privileges. + if (System.getSecurityManager() == null) + { + InvokerRegistryCaller.destroyServerInvoker(invoker); + } + else + { + try + { + InvokerRegistryCaller.destroyServerInvoker(invoker); + fail("expected SecurityException"); + } + catch (SecurityException e) + { + log.info("got expected SecurityException"); + } + } + + log.info(getName() + " PASSES"); + } + + public void testUpdateServerInvokerLocator() throws Throwable + { + log.info("entering " + getName()); + InvokerLocator oldLocator = new InvokerLocator("socket://localhost"); + InvokerLocator newLocator = new InvokerLocator("socket://localhost"); + ServerInvoker invoker = InvokerRegistry.createServerInvoker(oldLocator, new HashMap());; + + try + { + // Call from code with proper privileges. + InvokerRegistry.updateServerInvokerLocator(oldLocator, newLocator); + + // Call from code without proper privileges. + if (System.getSecurityManager() == null) + { + InvokerRegistryCaller.updateServerInvokerLocator(oldLocator, newLocator); + } + else + { + try + { + InvokerRegistryCaller.updateServerInvokerLocator(oldLocator, newLocator); + fail("expected SecurityException"); + } + catch (SecurityException e) + { + log.info("got expected SecurityException"); + } + } + } + finally + { + if (invoker != null) + { + InvokerRegistry.destroyServerInvoker(invoker); + } + } + + log.info(getName() + " PASSES"); + } + + public void testIsSSLSupported() throws Throwable + { + log.info("entering " + getName()); + + // Call from code with proper privileges. + InvokerRegistry.isSSLSupported("bisocket"); + + // Call from code without proper privileges. + if (System.getSecurityManager() == null) + { + InvokerRegistryCaller.isSSLSupported("http"); + } + else + { + try + { + InvokerRegistryCaller.isSSLSupported("http"); + fail("expected SecurityException"); + } + catch (SecurityException e) + { + log.info("got expected SecurityException"); + } + } + + log.info(getName() + " PASSES"); + } + + static class TestServerFactory implements ServerFactory + { + public ServerInvoker createServerInvoker(InvokerLocator locator, Map config) + { + return new SocketServerInvoker(locator, config); + } + public boolean supportsSSL() + { + return false; + } + } + + static class TestClientFactory implements ClientFactory + { + public ClientInvoker createClientInvoker(InvokerLocator locator, Map config) throws IOException + { + return new SocketClientInvoker(locator, config); + } + public boolean supportsSSL() + { + return false; + } + } +} \ No newline at end of file Property changes on: remoting2/branches/2.x/src/tests/org/jboss/test/remoting/security/InvokerRegistrySecurityTestCase.java ___________________________________________________________________ Name: svn:executable + *

13 years, 10 months

1
0
0 / 0

JBoss Remoting SVN: r5889 - remoting2/branches/2.x/src/main/org/jboss/remoting/transport/multiplex.

by jboss-remoting-commits＠lists.jboss.org

Author: ron.sigal(a)jboss.com Date: 2010-07-03 13:20:36 -0400 (Sat, 03 Jul 2010) New Revision: 5889 Modified: remoting2/branches/2.x/src/main/org/jboss/remoting/transport/multiplex/MultiplexServerInvoker.java Log: JBREM-1231: Wrapped all state changing calls to InvokerRegistry in PrivilegedAction. Modified: remoting2/branches/2.x/src/main/org/jboss/remoting/transport/multiplex/MultiplexServerInvoker.java =================================================================== --- remoting2/branches/2.x/src/main/org/jboss/remoting/transport/multiplex/MultiplexServerInvoker.java 2010-07-03 17:19:32 UTC (rev 5888) +++ remoting2/branches/2.x/src/main/org/jboss/remoting/transport/multiplex/MultiplexServerInvoker.java 2010-07-03 17:20:36 UTC (rev 5889) @@ -30,6 +30,8 @@ import java.net.Socket; import java.net.SocketException; import java.net.SocketTimeoutException; +import java.security.AccessController; +import java.security.PrivilegedAction; import java.util.ArrayList; import java.util.Collection; import java.util.Collections; @@ -490,13 +492,21 @@ protected void resetLocator(int bindPort) { this.bindPort = bindPort; - InvokerLocator newLocator = new InvokerLocator(locator.getProtocol(), - locator.getHost(), - bindPort, - locator.getPath(), - locator.getParameters()); + final InvokerLocator newLocator = new InvokerLocator(locator.getProtocol(), + locator.getHost(), + bindPort, + locator.getPath(), + locator.getParameters()); - InvokerRegistry.updateServerInvokerLocator(locator, newLocator); + AccessController.doPrivileged( new PrivilegedAction() + { + public Object run() + { + InvokerRegistry.updateServerInvokerLocator(locator, newLocator); + return null; + } + }); + locator = newLocator; } @@ -918,9 +928,18 @@ } // re-write locator since the port is different - InvokerLocator newLocator = new InvokerLocator(locator.getProtocol(), locator.getHost(), bindPort, locator.getPath(), locator.getParameters()); + final InvokerLocator newLocator = new InvokerLocator(locator.getProtocol(), locator.getHost(), bindPort, locator.getPath(), locator.getParameters()); + // need to update the locator key used in the invoker registry - InvokerRegistry.updateServerInvokerLocator(locator, newLocator); + AccessController.doPrivileged( new PrivilegedAction() + { + public Object run() + { + InvokerRegistry.updateServerInvokerLocator(locator, newLocator); + return null; + } + }); + this.locator = newLocator; }

13 years, 10 months

1
0
0 / 0

JBoss Remoting SVN: r5888 - remoting2/branches/2.x/src/main/org/jboss/remoting/transport.

by jboss-remoting-commits＠lists.jboss.org

Author: ron.sigal(a)jboss.com Date: 2010-07-03 13:19:32 -0400 (Sat, 03 Jul 2010) New Revision: 5888 Modified: remoting2/branches/2.x/src/main/org/jboss/remoting/transport/Connector.java Log: JBREM-1231: Wrapped all state changing calls to InvokerRegistry in PrivilegedAction. Modified: remoting2/branches/2.x/src/main/org/jboss/remoting/transport/Connector.java =================================================================== --- remoting2/branches/2.x/src/main/org/jboss/remoting/transport/Connector.java 2010-07-03 17:18:54 UTC (rev 5887) +++ remoting2/branches/2.x/src/main/org/jboss/remoting/transport/Connector.java 2010-07-03 17:19:32 UTC (rev 5888) @@ -415,12 +415,26 @@ throw new IllegalStateException("Connector not configured with LocatorURI."); } - InvokerLocator locator = new InvokerLocator(locatorURI); + final InvokerLocator locator = new InvokerLocator(locatorURI); if (invoker == null) { // create the server invoker - invoker = InvokerRegistry.createServerInvoker(locator, configuration); + try + { + invoker = (ServerInvoker) AccessController.doPrivileged( new PrivilegedExceptionAction() + { + public Object run() throws Exception + { + return InvokerRegistry.createServerInvoker(locator, configuration); + } + }); + } + catch (PrivilegedActionException pae) + { + throw pae.getException(); + } + invoker.setMBeanServer(server); // set the server socket factory if has been already set on the connector @@ -1128,7 +1142,16 @@ log.trace(this + " shutting down server invoker"); invoker.stop(); invoker.destroy(); - InvokerRegistry.destroyServerInvoker(invoker); + + AccessController.doPrivileged( new PrivilegedAction() + { + public Object run() + { + InvokerRegistry.destroyServerInvoker(invoker); + return null; + } + }); + invoker = null; } if (marshallerLoaderConnector != null && marshallerLoaderConnector.isStarted) @@ -1164,7 +1187,16 @@ { invoker.stop(); invoker.destroy(); - InvokerRegistry.destroyServerInvoker(invoker); + + AccessController.doPrivileged( new PrivilegedAction() + { + public Object run() + { + InvokerRegistry.destroyServerInvoker(invoker); + return null; + } + }); + invoker = null; } isCreated = false; @@ -1188,7 +1220,16 @@ { invoker.stop(); invoker.destroy(); - InvokerRegistry.destroyServerInvoker(invoker); + + AccessController.doPrivileged( new PrivilegedAction() + { + public Object run() + { + InvokerRegistry.destroyServerInvoker(invoker); + return null; + } + }); + invoker = null; } isCreated = false;

13 years, 10 months

1
0
0 / 0

JBoss Remoting SVN: r5887 - remoting2/branches/2.x/src/main/org/jboss/remoting.

by jboss-remoting-commits＠lists.jboss.org

Author: ron.sigal(a)jboss.com Date: 2010-07-03 13:18:54 -0400 (Sat, 03 Jul 2010) New Revision: 5887 Modified: remoting2/branches/2.x/src/main/org/jboss/remoting/ServerInvoker.java Log: JBREM-1231: Wrapped all state changing calls to InvokerRegistry in PrivilegedAction. Modified: remoting2/branches/2.x/src/main/org/jboss/remoting/ServerInvoker.java =================================================================== --- remoting2/branches/2.x/src/main/org/jboss/remoting/ServerInvoker.java 2010-07-03 17:18:25 UTC (rev 5886) +++ remoting2/branches/2.x/src/main/org/jboss/remoting/ServerInvoker.java 2010-07-03 17:18:54 UTC (rev 5887) @@ -57,6 +57,7 @@ import java.net.InetAddress; import java.net.UnknownHostException; import java.security.AccessController; +import java.security.PrivilegedAction; import java.security.PrivilegedActionException; import java.security.PrivilegedExceptionAction; import java.util.ArrayList; @@ -1158,7 +1159,7 @@ createServerSocketFactory(); // need to check invoker locator to see if need to provide binding address (in the case 0.0.0.0 was used) - InvokerLocator originalLocator = locator; + final InvokerLocator originalLocator = locator; locator = InvokerLocator.validateLocator(locator); if (!locator.getLocatorURI().equals(originalLocator.getLocatorURI())) { log.debug(this + " original locator: " + originalLocator); @@ -1166,7 +1167,14 @@ } // need to update the locator key used in the invoker registry - InvokerRegistry.updateServerInvokerLocator(originalLocator, locator); + AccessController.doPrivileged( new PrivilegedAction() + { + public Object run() + { + InvokerRegistry.updateServerInvokerLocator(originalLocator, locator); + return null; + } + }); } protected void setupHomes(Map config) throws Exception @@ -1333,11 +1341,19 @@ port = PortUtil.findFreePort(locator.getHost()); // re-write locator since the port is different - InvokerLocator newLocator = new InvokerLocator(locator.getProtocol(), locator.getHost(), port, + final InvokerLocator newLocator = new InvokerLocator(locator.getProtocol(), locator.getHost(), port, locator.getPath(), locator.getParameters()); // need to update the locator key used in the invoker registry - InvokerRegistry.updateServerInvokerLocator(locator, newLocator); + AccessController.doPrivileged( new PrivilegedAction() + { + public Object run() + { + InvokerRegistry.updateServerInvokerLocator(locator, newLocator); + return null; + } + }); + this.locator = newLocator; return port; }

13 years, 10 months

1
0
0 / 0

JBoss Remoting SVN: r5886 - remoting2/branches/2.x/src/main/org/jboss/remoting.

by jboss-remoting-commits＠lists.jboss.org

Author: ron.sigal(a)jboss.com Date: 2010-07-03 13:18:25 -0400 (Sat, 03 Jul 2010) New Revision: 5886 Modified: remoting2/branches/2.x/src/main/org/jboss/remoting/InvokerRegistry.java Log: JBREM-1231: Added doSecurityCheck(). Modified: remoting2/branches/2.x/src/main/org/jboss/remoting/InvokerRegistry.java =================================================================== --- remoting2/branches/2.x/src/main/org/jboss/remoting/InvokerRegistry.java 2010-07-03 17:16:08 UTC (rev 5885) +++ remoting2/branches/2.x/src/main/org/jboss/remoting/InvokerRegistry.java 2010-07-03 17:18:25 UTC (rev 5886) @@ -22,7 +22,6 @@ package org.jboss.remoting; - import org.jboss.logging.Logger; import org.jboss.remoting.serialization.ClassLoaderUtility; import org.jboss.remoting.transport.ClientFactory; @@ -69,6 +68,8 @@ private static final Map transportClientFactoryClasses = new HashMap(); private static final Map transportServerFactoryClasses = new HashMap(); + + private static final RuntimePermission INVOKER_REGISTRY_UPDATE_PERMISSION = new RuntimePermission("invokerRegistryUpdate"); /** * return an array of InvokerLocators that are local to this VM (server invokers) @@ -174,6 +175,7 @@ */ public static void registerInvokerFactories(String transport, Class clientFactory, Class serverFactory) { + doSecurityCheck(); synchronized (clientLock) { transportClientFactoryClasses.put(transport, clientFactory); @@ -191,6 +193,7 @@ */ public static void unregisterInvokerFactories(String transport) { + doSecurityCheck(); synchronized (clientLock) { transportClientFactoryClasses.remove(transport); @@ -203,6 +206,7 @@ public static void unregisterLocator(InvokerLocator locator) { + doSecurityCheck(); synchronized (serverLock) { serverLocators.remove(locator); @@ -230,6 +234,7 @@ */ public static void destroyClientInvoker(InvokerLocator locator, Map configuration) { + doSecurityCheck(); synchronized(clientLock) { if (trace) @@ -276,6 +281,8 @@ public static ClientInvoker createClientInvoker(InvokerLocator locator, Map configuration) throws Exception { + doSecurityCheck(); + if(locator == null) { throw new NullPointerException("locator cannot be null"); @@ -545,7 +552,7 @@ public static ServerInvoker createServerInvoker(InvokerLocator locator, Map configuration) throws Exception { - + doSecurityCheck(); ServerInvoker invoker = null; synchronized(serverLock) { @@ -568,6 +575,7 @@ public static void destroyServerInvoker(ServerInvoker invoker) { + doSecurityCheck(); if(invoker != null) { InvokerLocator locator = invoker.getLocator(); @@ -648,6 +656,7 @@ */ public static void updateServerInvokerLocator(InvokerLocator locator, InvokerLocator newLocator) { + doSecurityCheck(); synchronized (serverLock) { Object si = serverLocators.get(locator); @@ -669,6 +678,7 @@ */ public static boolean isSSLSupported(String transport) throws Exception { + doSecurityCheck(); boolean isSSLSupported = false; Class transportFactoryClass = null; try @@ -810,4 +820,17 @@ throw (NoSuchMethodException) e.getCause(); } } + + static private void doSecurityCheck() + { + // If there is no Security Manager, the issue is moot. + final SecurityManager sm = System.getSecurityManager(); + if (sm == null) + { + return; + } + + // If the calling code is not verifiably in Remoting, then require it to have InvokerRegistryUpdatePermission. + sm.checkPermission(INVOKER_REGISTRY_UPDATE_PERMISSION); + } }

13 years, 10 months

1
0
0 / 0

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

2012

2011

2010

2009

2008

jboss-remoting-commits July 2010