[jboss-cvs] JBoss Messaging SVN: r5775 - in trunk/tests: src/org/jboss/messaging/tests/integration and 3 other directories.
jboss-cvs-commits at lists.jboss.org
jboss-cvs-commits at lists.jboss.org
Mon Feb 2 09:45:07 EST 2009
Author: jmesnil
Date: 2009-02-02 09:45:07 -0500 (Mon, 02 Feb 2009)
New Revision: 5775
Added:
trunk/tests/config/restricted-security-client.policy
trunk/tests/src/org/jboss/messaging/tests/integration/security/
trunk/tests/src/org/jboss/messaging/tests/integration/security/RestrictedSecurityClientTest.java
Modified:
trunk/tests/src/org/jboss/messaging/tests/integration/clientcrash/ClientExitTest.java
trunk/tests/src/org/jboss/messaging/tests/integration/clientcrash/GracefulClient.java
trunk/tests/src/org/jboss/messaging/tests/util/SpawnedVMSupport.java
Log:
JBMESSAGING-806: Allow JBM client to run in a jnlp (or other) sandbox
* added RestrictedSecurityClientTest to check the minimal set of permissions required to run a JBM client (which sends a message)
Added: trunk/tests/config/restricted-security-client.policy
===================================================================
--- trunk/tests/config/restricted-security-client.policy (rev 0)
+++ trunk/tests/config/restricted-security-client.policy 2009-02-02 14:45:07 UTC (rev 5775)
@@ -0,0 +1,36 @@
+grant {
+ // Allow everything for now
+ //permission java.security.AllPermission;
+
+ permission java.util.PropertyPermission "*", "read";
+ permission java.util.PropertyPermission "user.timezone", "write";
+
+ permission java.lang.RuntimePermission "accessDeclaredMembers";
+ permission java.lang.RuntimePermission "modifyThread";
+ permission java.lang.RuntimePermission "selectorProvider";
+ permission java.lang.RuntimePermission "loadLibrary.net";
+ permission java.lang.RuntimePermission "loadLibrary.nio";
+ permission java.lang.RuntimePermission "loadLibrary.management";
+ permission java.lang.RuntimePermission "accessClassInPackage.sun.security.provider";
+ permission java.lang.RuntimePermission "accessClassInPackage.sun.text.resources";
+
+ permission java.net.SocketPermission "*", "connect,resolve";
+
+ permission java.net.NetPermission "specifyStreamHandler";
+
+ permission java.io.FilePermission "/dev/random", "read, write";
+ permission java.io.FilePermission "/dev/urandom", "read";
+ permission java.io.FilePermission "${user.dir}/-", "read";
+ permission java.io.FilePermission "tests/-", "write";
+ permission java.io.FilePermission "${java.home}/-", "read";
+
+ permission java.security.SecurityPermission "getProperty.networkaddress.cache.*";
+ permission java.security.SecurityPermission "getProperty.security.provider.*";
+ permission java.security.SecurityPermission "getPolicy";
+ permission java.security.SecurityPermission "getProperty.securerandom.source";
+ permission java.security.SecurityPermission "putProviderProperty.SUN";
+
+ permission java.util.logging.LoggingPermission "control";
+
+ permission java.lang.reflect.ReflectPermission "suppressAccessChecks";
+};
\ No newline at end of file
Modified: trunk/tests/src/org/jboss/messaging/tests/integration/clientcrash/ClientExitTest.java
===================================================================
--- trunk/tests/src/org/jboss/messaging/tests/integration/clientcrash/ClientExitTest.java 2009-02-02 11:06:59 UTC (rev 5774)
+++ trunk/tests/src/org/jboss/messaging/tests/integration/clientcrash/ClientExitTest.java 2009-02-02 14:45:07 UTC (rev 5775)
@@ -22,6 +22,7 @@
package org.jboss.messaging.tests.integration.clientcrash;
+import static org.jboss.messaging.tests.util.RandomUtil.randomString;
import junit.framework.TestCase;
import org.jboss.messaging.core.client.ClientConsumer;
@@ -34,6 +35,8 @@
import org.jboss.messaging.core.message.Message;
import org.jboss.messaging.core.server.Messaging;
import org.jboss.messaging.core.server.MessagingService;
+import org.jboss.messaging.integration.transports.netty.NettyAcceptorFactory;
+import org.jboss.messaging.integration.transports.netty.NettyConnectorFactory;
import org.jboss.messaging.tests.util.SpawnedVMSupport;
import org.jboss.messaging.util.SimpleString;
@@ -53,9 +56,9 @@
{
// Constants ------------------------------------------------------------------------------------
- public static final String MESSAGE_TEXT = "kolowalu";
-
- public static final SimpleString QUEUE = new SimpleString("ClientExitTestQueue");
+ private static final String MESSAGE_TEXT = randomString();
+
+ private static final SimpleString QUEUE = new SimpleString("ClientExitTestQueue");
// Static ---------------------------------------------------------------------------------------
@@ -76,7 +79,7 @@
public void testGracefulClientExit() throws Exception
{
// spawn a JVM that creates a JMS client, which sends a test message
- Process p = SpawnedVMSupport.spawnVM(GracefulClient.class.getName());
+ Process p = SpawnedVMSupport.spawnVM(GracefulClient.class.getName(), QUEUE.toString(), MESSAGE_TEXT);
// read the message from the queue
@@ -100,11 +103,11 @@
{
ConfigurationImpl config = new ConfigurationImpl();
config.setSecurityEnabled(false);
- config.getAcceptorConfigurations().add(new TransportConfiguration("org.jboss.messaging.integration.transports.netty.NettyAcceptorFactory"));
+ config.getAcceptorConfigurations().add(new TransportConfiguration(NettyAcceptorFactory.class.getName()));
messagingService = Messaging.newNullStorageMessagingService(config);
messagingService.start();
- ClientSessionFactory sf = new ClientSessionFactoryImpl(new TransportConfiguration("org.jboss.messaging.integration.transports.netty.NettyConnectorFactory"));
+ ClientSessionFactory sf = new ClientSessionFactoryImpl(new TransportConfiguration(NettyConnectorFactory.class.getName()));
session = sf.createSession(false, true, true);
session.createQueue(QUEUE, QUEUE, null, false, false);
consumer = session.createConsumer(QUEUE);
Modified: trunk/tests/src/org/jboss/messaging/tests/integration/clientcrash/GracefulClient.java
===================================================================
--- trunk/tests/src/org/jboss/messaging/tests/integration/clientcrash/GracefulClient.java 2009-02-02 11:06:59 UTC (rev 5774)
+++ trunk/tests/src/org/jboss/messaging/tests/integration/clientcrash/GracefulClient.java 2009-02-02 14:45:07 UTC (rev 5775)
@@ -22,8 +22,6 @@
package org.jboss.messaging.tests.integration.clientcrash;
-import static org.jboss.messaging.tests.integration.clientcrash.ClientExitTest.QUEUE;
-
import org.jboss.messaging.core.client.ClientConsumer;
import org.jboss.messaging.core.client.ClientMessage;
import org.jboss.messaging.core.client.ClientProducer;
@@ -32,6 +30,7 @@
import org.jboss.messaging.core.client.impl.ClientSessionFactoryImpl;
import org.jboss.messaging.core.config.TransportConfiguration;
import org.jboss.messaging.core.logging.Logger;
+import org.jboss.messaging.integration.transports.netty.NettyConnectorFactory;
import org.jboss.messaging.jms.client.JBossTextMessage;
/**
@@ -54,16 +53,24 @@
public static void main(String[] args) throws Exception
{
+ if (args.length != 2)
+ {
+ throw new Exception("require 2 arguments: queue name + message text");
+ }
+ String queueName = args[0];
+ String messageText = args[1];
+
+
try
{
- ClientSessionFactory sf = new ClientSessionFactoryImpl(new TransportConfiguration("org.jboss.messaging.integration.transports.netty.NettyConnectorFactory"));
+ ClientSessionFactory sf = new ClientSessionFactoryImpl(new TransportConfiguration(NettyConnectorFactory.class.getName()));
ClientSession session = sf.createSession(false, true, true);
- ClientProducer producer = session.createProducer(QUEUE);
- ClientConsumer consumer = session.createConsumer(QUEUE);
+ ClientProducer producer = session.createProducer(queueName);
+ ClientConsumer consumer = session.createConsumer(queueName);
ClientMessage message = session.createClientMessage(JBossTextMessage.TYPE, false, 0,
System.currentTimeMillis(), (byte) 1);
- message.getBody().putString(ClientExitTest.MESSAGE_TEXT);
+ message.getBody().putString(messageText);
producer.send(message);
session.start();
Added: trunk/tests/src/org/jboss/messaging/tests/integration/security/RestrictedSecurityClientTest.java
===================================================================
--- trunk/tests/src/org/jboss/messaging/tests/integration/security/RestrictedSecurityClientTest.java (rev 0)
+++ trunk/tests/src/org/jboss/messaging/tests/integration/security/RestrictedSecurityClientTest.java 2009-02-02 14:45:07 UTC (rev 5775)
@@ -0,0 +1,135 @@
+/*
+ * JBoss, Home of Professional Open Source
+ * Copyright 2005-2008, Red Hat Middleware LLC, and individual contributors
+ * by the @authors tag. See the copyright.txt in the distribution for a
+ * full listing of individual contributors.
+ *
+ * This is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU Lesser General Public License as
+ * published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This software is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public
+ * License along with this software; if not, write to the Free
+ * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
+ * 02110-1301 USA, or see the FSF site: http://www.fsf.org.
+ */
+
+package org.jboss.messaging.tests.integration.security;
+
+import static org.jboss.messaging.tests.util.RandomUtil.randomSimpleString;
+import static org.jboss.messaging.tests.util.RandomUtil.randomString;
+
+import java.net.URL;
+
+import junit.framework.TestCase;
+
+import org.jboss.messaging.core.client.ClientConsumer;
+import org.jboss.messaging.core.client.ClientSession;
+import org.jboss.messaging.core.client.ClientSessionFactory;
+import org.jboss.messaging.core.client.impl.ClientSessionFactoryImpl;
+import org.jboss.messaging.core.config.TransportConfiguration;
+import org.jboss.messaging.core.config.impl.ConfigurationImpl;
+import org.jboss.messaging.core.logging.Logger;
+import org.jboss.messaging.core.message.Message;
+import org.jboss.messaging.core.server.Messaging;
+import org.jboss.messaging.core.server.MessagingService;
+import org.jboss.messaging.integration.transports.netty.NettyAcceptorFactory;
+import org.jboss.messaging.integration.transports.netty.NettyConnectorFactory;
+import org.jboss.messaging.tests.integration.clientcrash.GracefulClient;
+import org.jboss.messaging.tests.util.SpawnedVMSupport;
+import org.jboss.messaging.util.SimpleString;
+
+/**
+ * @author <a href="mailto:jmesnil at redhat.com">Jeff Mesnil</a>
+ */
+public class RestrictedSecurityClientTest extends TestCase
+{
+ // Constants ------------------------------------------------------------------------------------
+
+ private static final String MESSAGE_TEXT = randomString();
+
+ private static final SimpleString QUEUE = randomSimpleString();
+
+ // Static ---------------------------------------------------------------------------------------
+
+ private static final Logger log = Logger.getLogger(RestrictedSecurityClientTest.class);
+
+ // Attributes -----------------------------------------------------------------------------------
+
+ private MessagingService messagingService;
+
+ private ClientSession session;
+
+ private ClientConsumer consumer;
+
+ // Constructors ---------------------------------------------------------------------------------
+
+ // Public ---------------------------------------------------------------------------------------
+
+ public void testRestrictedSecurityClient() throws Exception
+ {
+ String policyFile = "restricted-security-client.policy";
+ URL policyFileURL = Thread.currentThread().getContextClassLoader().getResource(policyFile);
+ assertNotNull(policyFileURL);
+ // spawn a JVM that creates a client with a restrictive security manager which sends a test message
+ Process p = SpawnedVMSupport.spawnVM(GracefulClient.class.getName(),
+ new String[] {"-Djava.security.manager",
+ "-Djava.security.policy==" + policyFileURL.getPath()},
+ new String[] {QUEUE.toString(), MESSAGE_TEXT});
+
+ // read the message from the queue
+ Message message = consumer.receive(15000);
+
+ assertNotNull("did not receive message from the spawned client", message);
+ assertEquals(MESSAGE_TEXT, message.getBody().getString());
+
+ // the client VM should exit by itself. If it doesn't, that means we have a problem
+ // and the test will timeout
+ log.debug("waiting for the client VM to exit ...");
+ p.waitFor();
+
+ assertEquals(0, p.exitValue());
+ }
+
+ // Package protected ----------------------------------------------------------------------------
+
+ @Override
+ protected void setUp() throws Exception
+ {
+ ConfigurationImpl config = new ConfigurationImpl();
+ config.setSecurityEnabled(false);
+ config.getAcceptorConfigurations().add(new TransportConfiguration(NettyAcceptorFactory.class.getName()));
+ messagingService = Messaging.newNullStorageMessagingService(config);
+ messagingService.start();
+
+ ClientSessionFactory sf = new ClientSessionFactoryImpl(new TransportConfiguration(NettyConnectorFactory.class.getName()));
+ session = sf.createSession(false, true, true);
+ session.createQueue(QUEUE, QUEUE, null, false, false);
+ consumer = session.createConsumer(QUEUE);
+ session.start();
+ }
+
+ @Override
+ protected void tearDown() throws Exception
+ {
+ consumer.close();
+ session.close();
+
+ messagingService.stop();
+
+ super.tearDown();
+ }
+
+ // Protected ------------------------------------------------------------------------------------
+
+ // Private --------------------------------------------------------------------------------------
+
+ // Inner classes --------------------------------------------------------------------------------
+
+}
Modified: trunk/tests/src/org/jboss/messaging/tests/util/SpawnedVMSupport.java
===================================================================
--- trunk/tests/src/org/jboss/messaging/tests/util/SpawnedVMSupport.java 2009-02-02 11:06:59 UTC (rev 5774)
+++ trunk/tests/src/org/jboss/messaging/tests/util/SpawnedVMSupport.java 2009-02-02 14:45:07 UTC (rev 5775)
@@ -58,19 +58,31 @@
// Static --------------------------------------------------------
public static Process spawnVM(String className, String... args)
- throws Exception
+ throws Exception
{
+ return spawnVM(className, new String[0], args);
+ }
+
+ public static Process spawnVM(String className, String[] vmargs, String... args)
+ throws Exception
+ {
StringBuffer sb = new StringBuffer();
sb.append("java").append(' ');
-
+
sb.append("-Xms512m -Xmx512m ");
+ for (int i = 0; i < vmargs.length; i++)
+ {
+ String vmarg = vmargs[i];
+ sb.append(vmarg).append(' ');
+ }
+
String classPath = System.getProperty("java.class.path");
-
+
// I guess it'd be simpler to check if the OS is Windows...
if (System.getProperty("os.name").equals("Linux")
- || System.getProperty("os.name").equals("Mac OS X"))
+ || System.getProperty("os.name").equals("Mac OS X"))
{
sb.append("-cp").append(" ").append(classPath).append(" ");
} else
@@ -96,7 +108,7 @@
log.trace("process: " + process);
ProcessLogger outputLogger = new ProcessLogger(process.getInputStream(),
- className);
+ className);
outputLogger.start();
return process;
More information about the jboss-cvs-commits
mailing list