[jbossws-commits] JBossWS SVN: r11266 - in stack/native/trunk/modules/testsuite/src/test/resources/securityMgr: jboss-5.0.1.GA and 2 other directories.
jbossws-commits at lists.jboss.org
jbossws-commits at lists.jboss.org
Thu Dec 10 04:41:02 EST 2009
Author: jim.ma
Date: 2009-12-10 04:41:01 -0500 (Thu, 10 Dec 2009)
New Revision: 11266
Added:
stack/native/trunk/modules/testsuite/src/test/resources/securityMgr/jboss-5.0.1.GA/
stack/native/trunk/modules/testsuite/src/test/resources/securityMgr/jboss-5.0.1.GA/server.policy
stack/native/trunk/modules/testsuite/src/test/resources/securityMgr/jboss-6.0.0.M1/
stack/native/trunk/modules/testsuite/src/test/resources/securityMgr/jboss-6.0.0.M1/server.policy
stack/native/trunk/modules/testsuite/src/test/resources/securityMgr/jboss-6.0.1.SNAPSHOT/
stack/native/trunk/modules/testsuite/src/test/resources/securityMgr/jboss-6.0.1.SNAPSHOT/server.policy
Log:
[JBWS-2692]:Add client server policies for As 5.0.1 and 6.x
Added: stack/native/trunk/modules/testsuite/src/test/resources/securityMgr/jboss-5.0.1.GA/server.policy
===================================================================
--- stack/native/trunk/modules/testsuite/src/test/resources/securityMgr/jboss-5.0.1.GA/server.policy (rev 0)
+++ stack/native/trunk/modules/testsuite/src/test/resources/securityMgr/jboss-5.0.1.GA/server.policy 2009-12-10 09:41:01 UTC (rev 11266)
@@ -0,0 +1,319 @@
+// The Java2 security policy for the securitymgr tests
+// Install with -Djava.security.policy==server.policy
+// and -Djboss.home.dir=path_to_jboss_distribution
+
+// ***************************************
+// Trusted core Java code
+//***************************************
+grant codeBase "file:${java.home}/lib/ext/-" {
+ permission java.security.AllPermission;
+};
+grant codeBase "file:${java.home}/lib/*" {
+ permission java.security.AllPermission;
+};
+// For java.home pointing to the JDK jre directory
+grant codeBase "file:${java.home}/../lib/*" {
+ permission java.security.AllPermission;
+};
+
+
+
+
+//********************************************
+// Trusted core JBoss code (REAL URL Version)
+//********************************************
+grant codeBase "file:${jboss.home.dir}/bin/-" {
+ permission java.security.AllPermission;
+};
+
+grant codeBase "file:${jboss.home.dir}/lib/-" {
+ permission java.security.AllPermission;
+};
+
+grant codeBase "file:${jboss.home.dir}/lib/-" {
+ permission java.security.AllPermission;
+};
+
+grant codeBase "file:${jboss.home.dir}/common/lib/-" {
+ permission java.security.AllPermission;
+};
+
+grant codeBase "file:${jboss.home.dir}/server/lib/-" {
+ permission java.security.AllPermission;
+};
+
+grant codeBase "file:${jboss.server.home.dir}/lib/-" {
+ permission java.security.AllPermission;
+};
+
+grant codeBase "file:${jboss.server.home.dir}/deployers/-" {
+ permission java.security.AllPermission;
+};
+
+grant codeBase "file:${jboss.server.home.dir}/work/-" {
+ permission java.security.AllPermission;
+};
+
+
+//********************************************
+// Trusted core JBoss code (VFS URL Version)
+//********************************************
+grant codeBase "vfszip:${jboss.home.dir}/lib/-" {
+ permission java.security.AllPermission;
+};
+
+grant codeBase "vfszip:${jboss.home.dir}/common/lib/-" {
+ permission java.security.AllPermission;
+};
+
+grant codeBase "vfszip:${jboss.home.dir}/server/lib/-" {
+ permission java.security.AllPermission;
+};
+
+grant codeBase "file:${jboss.server.home.dir}/lib/-" {
+ permission java.security.AllPermission;
+};
+
+grant codeBase "file:${jboss.server.home.dir}/deployers/-" {
+ permission java.security.AllPermission;
+};
+
+grant codeBase "file:${jboss.server.home.dir}/work/-" {
+ permission java.security.AllPermission;
+};
+
+
+//*******************************************************
+// Trusted Specific JBoss Code (REAL URL Version)
+//*******************************************************
+grant codeBase "file:${jboss.server.home.dir}/deploy/http-invoker.sar/invoker.war/-" {
+ permission javax.management.MBeanPermission "*", "addNotificationListener,getAttribute";
+ permission java.lang.RuntimePermission "getClassLoader";
+};
+
+grant codeBase "file:${jboss.server.home.dir}/deploy/jmx-console.war/-" {
+ permission java.security.AllPermission;
+};
+
+grant codeBase "file:${jboss.server.home.dir}/deploy/jmx-remoting.sar/-" {
+ permission javax.management.MBeanTrustPermission "register";
+ permission java.net.SocketPermission "*", "accept,listen,resolve";
+ permission java.lang.RuntimePermission "getClassLoader";
+};
+
+
+grant codeBase "file:${jboss.server.home.dir}/deploy/jbossweb.sar/jsf-libs/-" {
+ permission java.security.AllPermission;
+};
+
+grant codeBase "file:${jboss.server.home.dir}/deploy/jboss-local-jdbc.rar/-" {
+ permission java.lang.RuntimePermission "getClassLoader";
+};
+
+grant codeBase "jar:file:${jboss.server.home.dir}/deploy/jboss-local-jdbc.rar!/jboss-local-jdbc.jar" {
+ permission java.lang.RuntimePermission "getClassLoader";
+};
+
+grant codeBase "file:${jboss.server.home.dir}/deploy/management/console-mgr.sar/-" {
+ permission javax.management.MBeanTrustPermission "register";
+ permission javax.management.MBeanPermission "*", "addNotificationListener,getAttribute";
+ permission org.jboss.naming.JndiPermission "<<ALL BINDINGS>>","*";
+ permission java.io.FilePermission "<<ALL FILES>>", "read";
+ permission java.lang.RuntimePermission "getClassLoader";
+};
+
+grant codeBase "file:${jboss.server.home.dir}/deploy/uuid-key-generator.sar/-" {
+ permission javax.management.MBeanTrustPermission "register";
+ permission javax.management.MBeanPermission "*", "getAttribute";
+ permission org.jboss.naming.JndiPermission "<<ALL BINDINGS>>","lookup,rebind,unbind";
+ permission java.lang.RuntimePermission "getClassLoader";
+};
+
+grant codeBase "file:${jboss.server.home.dir}/deploy/jbossweb.sar/-" {
+ permission java.security.AllPermission;
+};
+
+grant codeBase "jar:file:${jboss.server.home.dir}/deploy/jms-ra.rar!/jms-ra.jar" {
+ permission java.lang.RuntimePermission "setContextClassLoader";
+ permission java.lang.RuntimePermission "getClassLoader";
+ permission org.jboss.naming.JndiPermission "<<ALL BINDINGS>>","lookup";
+ permission java.io.FilePermission "${jboss.home.dir}/lib/jboss-aop.jar", "read";
+ permission javax.management.MBeanPermission "*", "getAttribute,invoke,setAttribute";
+};
+
+grant codeBase "jar:file:${jboss.server.home.dir}/deploy/jms-ra.rar/jms-ra.jar!/" {
+ permission java.lang.RuntimePermission "setContextClassLoader";
+ permission java.lang.RuntimePermission "getClassLoader";
+ permission org.jboss.naming.JndiPermission "<<ALL BINDINGS>>","lookup";
+ permission java.io.FilePermission "${jboss.home.dir}/lib/jboss-aop.jar", "read";
+ permission javax.management.MBeanPermission "*", "getAttribute,invoke,setAttribute";
+};
+
+grant codeBase "jar:file:${jboss.server.home.dir}/deploy/quartz-ra.rar!/quartz-ra.jar" {
+ permission java.security.AllPermission;
+};
+
+grant codeBase "jar:file:${jboss.server.home.dir}/deploy/quartz-ra.rar/quartz-ra.jar!/" {
+ permission java.security.AllPermission;
+};
+
+
+
+//*******************************************************
+// Trusted Specific JBoss Code (VFS URL Version)
+//*******************************************************
+grant codeBase "vfszip:${jboss.server.home.dir}/deploy/http-invoker.sar/invoker.war/-" {
+ permission javax.management.MBeanPermission "*", "addNotificationListener,getAttribute";
+};
+
+grant codeBase "vfsfile:${jboss.server.home.dir}/deploy/http-invoker.sar/invoker.war/-" {
+ permission javax.management.MBeanPermission "*", "addNotificationListener,getAttribute";
+ permission java.lang.RuntimePermission "getClassLoader";
+};
+
+grant codeBase "vfszip:${jboss.server.home.dir}/deploy/jmx-console.war/-" {
+ permission java.security.AllPermission;
+};
+
+grant codeBase "vfsfile:${jboss.server.home.dir}/deploy/jmx-console.war/-" {
+ permission java.security.AllPermission;
+};
+
+grant codeBase "vfszip:${jboss.server.home.dir}/deploy/jmx-remoting.sar/-" {
+ permission javax.management.MBeanTrustPermission "register";
+ permission java.net.SocketPermission "*", "accept,listen,resolve";
+ permission java.lang.RuntimePermission "getClassLoader";
+};
+
+
+grant codeBase "vfszip:${jboss.server.home.dir}/deploy/jbossweb.sar/jboss-web-service.jar" {
+ permission java.security.AllPermission;
+};
+
+grant codeBase "vfszip:${jboss.server.home.dir}/deploy/jbossweb.sar/jbossweb.jar" {
+ permission java.security.AllPermission;
+};
+
+grant codeBase "vfsfile:${jboss.server.home.dir}/deploy/jbossweb.sar/jbossweb.jar/-" {
+ permission java.security.AllPermission;
+};
+
+grant codeBase "vfszip:${jboss.server.home.dir}/deploy/jbossweb.sar/jsf-libs/-" {
+ permission java.security.AllPermission;
+};
+
+grant codeBase "vfszip:${jboss.server.home.dir}/deploy/jbossweb.sar/jasper-jdt.jar" {
+ permission java.security.AllPermission;
+};
+
+grant codeBase "vfszip:${jboss.server.home.dir}/deploy/jbossweb.sar/jstl.jar" {
+ permission java.security.AllPermission;
+};
+
+grant codeBase "vfszip:${jboss.server.home.dir}/deploy/jboss-local-jdbc.rar/-" {
+ permission java.lang.RuntimePermission "getClassLoader";
+};
+
+grant codeBase "vfszip:${jboss.server.home.dir}/deploy/management/console-mgr.sar/-" {
+ permission javax.management.MBeanTrustPermission "register";
+ permission javax.management.MBeanPermission "*", "addNotificationListener,getAttribute";
+ permission org.jboss.naming.JndiPermission "<<ALL BINDINGS>>","*";
+ permission java.io.FilePermission "<<ALL FILES>>", "read";
+ permission java.lang.RuntimePermission "getClassLoader";
+};
+
+
+grant codeBase "vfszip:${jboss.server.home.dir}/deploy/uuid-key-generator.sar/-" {
+ permission javax.management.MBeanTrustPermission "register";
+ permission javax.management.MBeanPermission "*", "getAttribute";
+ permission org.jboss.naming.JndiPermission "<<ALL BINDINGS>>","lookup,rebind,unbind";
+ permission java.lang.RuntimePermission "getClassLoader";
+};
+
+grant codeBase "vfsfile:${jboss.server.home.dir}/deploy/uuid-key-generator.sar/-" {
+ permission javax.management.MBeanTrustPermission "register";
+ permission javax.management.MBeanPermission "*", "getAttribute";
+ permission org.jboss.naming.JndiPermission "<<ALL BINDINGS>>","lookup,rebind,unbind";
+ permission java.lang.RuntimePermission "getClassLoader";
+};
+
+grant codeBase "vfszip:${jboss.server.home.dir}/deploy/jms-ra.rar/jms-ra.jar" {
+ permission java.lang.RuntimePermission "setContextClassLoader";
+ permission java.lang.RuntimePermission "getClassLoader";
+ permission org.jboss.naming.JndiPermission "<<ALL BINDINGS>>","lookup";
+ permission java.io.FilePermission "${jboss.home.dir}/lib/jboss-aop.jar", "read";
+ permission javax.management.MBeanPermission "*", "getAttribute,invoke,setAttribute";
+};
+
+grant codeBase "vfszip:${jboss.server.home.dir}/deploy/quartz-ra.rar/quartz-ra.jar" {
+ permission java.security.AllPermission;
+};
+
+//****************************************************************
+// jbossws native permission
+//****************************************************************
+//for juddi deployment
+grant codeBase "file:${jboss.server.home.dir}/deploy/juddi-service.sar/-" {
+ permission javax.management.MBeanTrustPermission "register";
+ permission org.jboss.naming.JndiPermission "JAXR", "rebind";
+};
+
+
+
+//****************************************************************
+// Default block of permissions
+// Minimal permissions are allowed to everyone else
+//****************************************************************
+grant {
+ permission java.io.FilePermission "${jboss.server.home.dir}/tmp/-", "read";
+ permission java.io.FilePermission "${jboss.home.dir}/server/lib/quartz.jar/org/quartz/quartz.properties", "read";
+ permission org.jboss.naming.JndiPermission "<<ALL BINDINGS>>","lookup";
+ permission java.io.FilePermission "quartz.properties", "read";
+ permission java.util.PropertyPermission "*", "read";
+ permission java.lang.RuntimePermission "queuePrintJob";
+ permission java.net.SocketPermission "*", "connect";
+ permission java.security.SecurityPermission "getPolicy";
+ permission java.lang.RuntimePermission "accessClassInPackage.*";
+ permission java.lang.RuntimePermission "getProtectionDomain";
+ permission java.lang.RuntimePermission "org.jboss.security.SecurityAssociation.getSubject";
+ permission java.lang.RuntimePermission "org.jboss.security.plugins.JBossSecurityContext.getSubjectInfo";
+
+ permission javax.management.MBeanServerPermission "findMBeanServer";
+ permission javax.management.MBeanPermission "org.jboss.mx.modelmbean.XMBean#*[JMImplementation:type=MBeanRegistry]", "*";
+ permission javax.management.MBeanPermission "org.jboss.security.plugins.AuthorizationManagerService#*[jboss.security:service=AuthorizationManager]", "invoke";
+ permission javax.management.MBeanPermission "org.jboss.jms.server.jbosssx.JBossASSecurityMetadataStore#*[jboss.messaging:service=SecurityStore]", "invoke";
+ permission javax.management.MBeanPermission "org.jboss.security.auth.login.XMLLoginConfig#*[jboss.security:service=XMLLoginConfig]", "invoke";
+ permission javax.management.MBeanPermission "org.jboss.security.plugins.JaasSecurityManagerService#*[jboss.security:service=JaasSecurityManager]", "invoke";
+ permission javax.management.MBeanPermission "*", "getMBeanInfo";
+ permission javax.management.MBeanPermission "*", "getAttribute";
+
+ permission javax.security.auth.AuthPermission "createLoginContext.*";
+ permission javax.security.auth.AuthPermission "getLoginConfiguration";
+
+ permission java.io.FilePermission "<<ALL FILES>>", "read";
+
+ //admin-console
+ permission java.lang.RuntimePermission "getClassLoader";
+ permission org.jboss.naming.JndiPermission "<<ALL BINDINGS>>","rebind,createSubcontext";
+ permission java.util.logging.LoggingPermission "control";
+ permission javax.management.MBeanPermission "*", "addNotificationListener";
+
+ //specific tests
+ permission java.io.FilePermission "<<ALL FILES>>", "read,write,delete";
+ permission java.lang.RuntimePermission "accessDeclaredMembers";
+ permission java.lang.RuntimePermission "org.jboss.security.plugins.JBossSecurityContext.getData";
+ permission javax.xml.ws.WebServicePermission "publishEndpoint";
+ permission java.lang.reflect.ReflectPermission "suppressAccessChecks";
+ permission javax.management.MBeanPermission "*", "invoke,registerMBean,unregisterMBean,queryNames";
+ permission java.security.SecurityPermission "setPolicy";
+ permission java.net.NetPermission "specifyStreamHandler";
+
+
+ //add write permission to frameworktest : org.jboss.test.ws.jaxws.jbws2000.JBWS2000TestCase
+ permission java.io.FilePermission "/tmp/-", "write,delete";
+ //frameworktest : org.jboss.test.ws.jaxws.jbws1822.JBWS1822TestCase
+ permission java.lang.RuntimePermission "createClassLoader";
+ //Allow client to regiester MBean : org.jboss.test.ws.management.recording.CustomRecordProcessorTestCase.testAddCustomProcessor()
+ permission javax.management.MBeanTrustPermission "register";
+
+};
Added: stack/native/trunk/modules/testsuite/src/test/resources/securityMgr/jboss-6.0.0.M1/server.policy
===================================================================
--- stack/native/trunk/modules/testsuite/src/test/resources/securityMgr/jboss-6.0.0.M1/server.policy (rev 0)
+++ stack/native/trunk/modules/testsuite/src/test/resources/securityMgr/jboss-6.0.0.M1/server.policy 2009-12-10 09:41:01 UTC (rev 11266)
@@ -0,0 +1,335 @@
+// The Java2 security policy for the securitymgr tests
+// Install with -Djava.security.policy==server.policy
+// and -Djboss.home.dir=path_to_jboss_distribution
+
+// ***************************************
+// Trusted core Java code
+//***************************************
+grant codeBase "file:${java.home}/lib/ext/-" {
+ permission java.security.AllPermission;
+};
+grant codeBase "file:${java.home}/lib/*" {
+ permission java.security.AllPermission;
+};
+// For java.home pointing to the JDK jre directory
+grant codeBase "file:${java.home}/../lib/*" {
+ permission java.security.AllPermission;
+};
+
+
+
+
+//********************************************
+// Trusted core JBoss code (REAL URL Version)
+//********************************************
+grant codeBase "file:${jboss.home.dir}/bin/-" {
+ permission java.security.AllPermission;
+};
+
+grant codeBase "file:${jboss.home.dir}/lib/-" {
+ permission java.security.AllPermission;
+};
+
+grant codeBase "file:${jboss.home.dir}/lib/-" {
+ permission java.security.AllPermission;
+};
+
+grant codeBase "file:${jboss.home.dir}/common/lib/-" {
+ permission java.security.AllPermission;
+};
+
+grant codeBase "file:${jboss.home.dir}/server/lib/-" {
+ permission java.security.AllPermission;
+};
+
+grant codeBase "file:${jboss.server.home.dir}/lib/-" {
+ permission java.security.AllPermission;
+};
+
+grant codeBase "file:${jboss.server.home.dir}/deployers/-" {
+ permission java.security.AllPermission;
+};
+
+grant codeBase "file:${jboss.server.home.dir}/work/-" {
+ permission java.security.AllPermission;
+};
+
+grant codeBase "jar:file:${jboss.server.home.dir}/common/lib/log4j.jar!/" {
+ permission java.lang.RuntimePermission "getClassLoader";
+};
+grant codeBase "jar:file:${jboss.server.home.dir}/common/lib/servlet-api.jar!/" {
+ permission java.lang.RuntimePermission "getClassLoader";
+};
+
+//********************************************
+// Trusted core JBoss code (VFS URL Version)
+//********************************************
+grant codeBase "vfszip:${jboss.home.dir}/lib/-" {
+ permission java.security.AllPermission;
+};
+
+grant codeBase "vfszip:${jboss.home.dir}/common/lib/-" {
+ permission java.security.AllPermission;
+};
+
+grant codeBase "vfszip:${jboss.home.dir}/server/lib/-" {
+ permission java.security.AllPermission;
+};
+
+grant codeBase "file:${jboss.server.home.dir}/lib/-" {
+ permission java.security.AllPermission;
+};
+
+grant codeBase "file:${jboss.server.home.dir}/deployers/-" {
+ permission java.security.AllPermission;
+};
+
+grant codeBase "file:${jboss.server.home.dir}/work/-" {
+ permission java.security.AllPermission;
+};
+
+
+//*******************************************************
+// Trusted Specific JBoss Code (REAL URL Version)
+//*******************************************************
+grant codeBase "file:${jboss.server.home.dir}/conf/bindingservice.beans/jboss-bindingservice.jar/-"{
+ permission java.io.FilePermission "${jboss.home.dir}/deploy/jbossweb.sar/server.xml", "read";
+};
+
+grant codeBase "file:${jboss.server.home.dir}/deploy/http-invoker.sar/invoker.war/-" {
+ permission javax.management.MBeanPermission "*", "addNotificationListener,getAttribute";
+ permission java.lang.RuntimePermission "getClassLoader";
+};
+
+grant codeBase "file:${jboss.server.home.dir}/deploy/jmx-console.war/-" {
+ permission java.security.AllPermission;
+};
+
+grant codeBase "file:${jboss.server.home.dir}/deploy/jmx-remoting.sar/-" {
+ permission javax.management.MBeanTrustPermission "register";
+ permission java.net.SocketPermission "*", "accept,listen,resolve";
+ permission java.lang.RuntimePermission "getClassLoader";
+ permission java.util.logging.LoggingPermission "control";
+};
+
+
+grant codeBase "file:${jboss.server.home.dir}/deploy/jbossweb.sar/jsf-libs/-" {
+ permission java.security.AllPermission;
+};
+
+grant codeBase "file:${jboss.server.home.dir}/deploy/jboss-local-jdbc.rar/-" {
+ permission java.lang.RuntimePermission "getClassLoader";
+};
+
+grant codeBase "jar:file:${jboss.server.home.dir}/conf/bindingservice.beans/jboss-bindingservice.jar!/"{
+ permission java.util.PropertyPermission "*", "write";
+ permission java.io.FilePermission "${jboss.server.home.dir}/deploy/jbossweb.sar/server.xml", "read";
+ permission java.io.FilePermission "${jboss.server.home.dir}/tmp/-", "write,delete";
+};
+
+grant codeBase "jar:file:${jboss.server.home.dir}/deploy/jboss-local-jdbc.rar!/jboss-local-jdbc.jar" {
+ permission java.lang.RuntimePermission "getClassLoader";
+};
+
+grant codeBase "file:${jboss.server.home.dir}/deploy/management/console-mgr.sar/-" {
+ permission javax.management.MBeanTrustPermission "register";
+ permission javax.management.MBeanPermission "*", "addNotificationListener,getAttribute";
+ permission org.jboss.naming.JndiPermission "<<ALL BINDINGS>>","*";
+ permission java.io.FilePermission "<<ALL FILES>>", "read";
+ permission java.lang.RuntimePermission "getClassLoader";
+};
+
+grant codeBase "file:${jboss.server.home.dir}/deploy/uuid-key-generator.sar/-" {
+ permission javax.management.MBeanTrustPermission "register";
+ permission javax.management.MBeanPermission "*", "getAttribute";
+ permission org.jboss.naming.JndiPermission "<<ALL BINDINGS>>","lookup,rebind,unbind";
+ permission java.lang.RuntimePermission "getClassLoader";
+};
+
+grant codeBase "file:${jboss.server.home.dir}/deploy/jbossweb.sar/-" {
+ permission java.security.AllPermission;
+};
+
+grant codeBase "jar:file:${jboss.server.home.dir}/deploy/jms-ra.rar!/jms-ra.jar" {
+ permission java.lang.RuntimePermission "setContextClassLoader";
+ permission java.lang.RuntimePermission "getClassLoader";
+ permission org.jboss.naming.JndiPermission "<<ALL BINDINGS>>","lookup";
+ permission java.io.FilePermission "${jboss.home.dir}/lib/jboss-aop.jar", "read";
+ permission javax.management.MBeanPermission "*", "getAttribute,invoke,setAttribute";
+};
+
+grant codeBase "jar:file:${jboss.server.home.dir}/deploy/jms-ra.rar/jms-ra.jar!/" {
+ permission java.lang.RuntimePermission "setContextClassLoader";
+ permission java.lang.RuntimePermission "getClassLoader";
+ permission org.jboss.naming.JndiPermission "<<ALL BINDINGS>>","lookup";
+ permission java.io.FilePermission "${jboss.home.dir}/lib/jboss-aop.jar", "read";
+ permission javax.management.MBeanPermission "*", "getAttribute,invoke,setAttribute";
+};
+
+grant codeBase "jar:file:${jboss.server.home.dir}/deploy/quartz-ra.rar!/quartz-ra.jar" {
+ permission java.security.AllPermission;
+};
+
+grant codeBase "jar:file:${jboss.server.home.dir}/deploy/quartz-ra.rar/quartz-ra.jar!/" {
+ permission java.security.AllPermission;
+};
+
+
+
+//*******************************************************
+// Trusted Specific JBoss Code (VFS URL Version)
+//*******************************************************
+grant codeBase "vfszip:${jboss.server.home.dir}/deploy/http-invoker.sar/invoker.war/-" {
+ permission javax.management.MBeanPermission "*", "addNotificationListener,getAttribute";
+};
+
+grant codeBase "vfsfile:${jboss.server.home.dir}/deploy/http-invoker.sar/invoker.war/-" {
+ permission javax.management.MBeanPermission "*", "addNotificationListener,getAttribute";
+ permission java.lang.RuntimePermission "getClassLoader";
+};
+
+grant codeBase "vfszip:${jboss.server.home.dir}/deploy/jmx-console.war/-" {
+ permission java.security.AllPermission;
+};
+
+grant codeBase "vfsfile:${jboss.server.home.dir}/deploy/jmx-console.war/-" {
+ permission java.security.AllPermission;
+};
+
+grant codeBase "vfszip:${jboss.server.home.dir}/deploy/jmx-remoting.sar/-" {
+ permission javax.management.MBeanTrustPermission "register";
+ permission java.net.SocketPermission "*", "accept,listen,resolve";
+ permission java.lang.RuntimePermission "getClassLoader";
+};
+
+
+grant codeBase "vfszip:${jboss.server.home.dir}/deploy/jbossweb.sar/jboss-web-service.jar" {
+ permission java.security.AllPermission;
+};
+
+grant codeBase "vfszip:${jboss.server.home.dir}/deploy/jbossweb.sar/jbossweb.jar" {
+ permission java.security.AllPermission;
+};
+
+grant codeBase "vfsfile:${jboss.server.home.dir}/deploy/jbossweb.sar/jbossweb.jar/-" {
+ permission java.security.AllPermission;
+};
+
+grant codeBase "vfszip:${jboss.server.home.dir}/deploy/jbossweb.sar/jsf-libs/-" {
+ permission java.security.AllPermission;
+};
+
+grant codeBase "vfszip:${jboss.server.home.dir}/deploy/jbossweb.sar/jasper-jdt.jar" {
+ permission java.security.AllPermission;
+};
+
+grant codeBase "vfszip:${jboss.server.home.dir}/deploy/jbossweb.sar/jstl.jar" {
+ permission java.security.AllPermission;
+};
+
+grant codeBase "vfszip:${jboss.server.home.dir}/deploy/jboss-local-jdbc.rar/-" {
+ permission java.lang.RuntimePermission "getClassLoader";
+};
+
+grant codeBase "vfszip:${jboss.server.home.dir}/deploy/management/console-mgr.sar/-" {
+ permission javax.management.MBeanTrustPermission "register";
+ permission javax.management.MBeanPermission "*", "addNotificationListener,getAttribute";
+ permission org.jboss.naming.JndiPermission "<<ALL BINDINGS>>","*";
+ permission java.io.FilePermission "<<ALL FILES>>", "read";
+ permission java.lang.RuntimePermission "getClassLoader";
+};
+
+
+grant codeBase "vfszip:${jboss.server.home.dir}/deploy/uuid-key-generator.sar/-" {
+ permission javax.management.MBeanTrustPermission "register";
+ permission javax.management.MBeanPermission "*", "getAttribute";
+ permission org.jboss.naming.JndiPermission "<<ALL BINDINGS>>","lookup,rebind,unbind";
+ permission java.lang.RuntimePermission "getClassLoader";
+};
+
+grant codeBase "vfsfile:${jboss.server.home.dir}/deploy/uuid-key-generator.sar/-" {
+ permission javax.management.MBeanTrustPermission "register";
+ permission javax.management.MBeanPermission "*", "getAttribute";
+ permission org.jboss.naming.JndiPermission "<<ALL BINDINGS>>","lookup,rebind,unbind";
+ permission java.lang.RuntimePermission "getClassLoader";
+};
+
+grant codeBase "vfszip:${jboss.server.home.dir}/deploy/jms-ra.rar/jms-ra.jar" {
+ permission java.lang.RuntimePermission "setContextClassLoader";
+ permission java.lang.RuntimePermission "getClassLoader";
+ permission org.jboss.naming.JndiPermission "<<ALL BINDINGS>>","lookup";
+ permission java.io.FilePermission "${jboss.home.dir}/lib/jboss-aop.jar", "read";
+ permission javax.management.MBeanPermission "*", "getAttribute,invoke,setAttribute";
+};
+
+grant codeBase "vfszip:${jboss.server.home.dir}/deploy/quartz-ra.rar/quartz-ra.jar" {
+ permission java.security.AllPermission;
+};
+
+grant codeBase "vfsmemory://*" {
+ permission java.security.AllPermission;
+};
+
+//****************************************************************
+// jbossws native permission
+//****************************************************************
+//for juddi deployment
+grant codeBase "file:${jboss.server.home.dir}/deploy/juddi-service.sar/-" {
+ permission javax.management.MBeanTrustPermission "register";
+ permission org.jboss.naming.JndiPermission "JAXR", "rebind";
+};
+
+
+//****************************************************************
+// Default block of permissions
+// Minimal permissions are allowed to everyone else
+//****************************************************************
+grant {
+ permission java.io.FilePermission "${jboss.server.home.dir}/tmp/-", "read";
+ permission java.io.FilePermission "${jboss.home.dir}/server/lib/quartz.jar/org/quartz/quartz.properties", "read";
+ permission org.jboss.naming.JndiPermission "<<ALL BINDINGS>>","lookup";
+ permission java.io.FilePermission "quartz.properties", "read";
+ permission java.util.PropertyPermission "*", "read";
+ permission java.lang.RuntimePermission "queuePrintJob";
+ permission java.net.SocketPermission "*", "connect";
+ permission java.security.SecurityPermission "getPolicy";
+ permission java.lang.RuntimePermission "accessClassInPackage.*";
+ permission java.lang.RuntimePermission "getProtectionDomain";
+ permission java.lang.RuntimePermission "org.jboss.security.SecurityAssociation.getSubject";
+ permission java.lang.RuntimePermission "org.jboss.security.plugins.JBossSecurityContext.getSubjectInfo";
+
+ permission javax.management.MBeanServerPermission "findMBeanServer";
+ permission javax.management.MBeanPermission "org.jboss.mx.modelmbean.XMBean#*[JMImplementation:type=MBeanRegistry]", "*";
+ permission javax.management.MBeanPermission "org.jboss.security.plugins.AuthorizationManagerService#*[jboss.security:service=AuthorizationManager]", "invoke";
+ permission javax.management.MBeanPermission "org.jboss.jms.server.jbosssx.JBossASSecurityMetadataStore#*[jboss.messaging:service=SecurityStore]", "invoke";
+ permission javax.management.MBeanPermission "org.jboss.security.auth.login.XMLLoginConfig#*[jboss.security:service=XMLLoginConfig]", "invoke";
+ permission javax.management.MBeanPermission "org.jboss.security.plugins.JaasSecurityManagerService#*[jboss.security:service=JaasSecurityManager]", "invoke";
+ permission javax.management.MBeanPermission "*", "getMBeanInfo";
+ permission javax.management.MBeanPermission "*", "getAttribute";
+
+ permission javax.security.auth.AuthPermission "createLoginContext.*";
+ permission javax.security.auth.AuthPermission "getLoginConfiguration";
+ //admin-console
+ permission java.lang.RuntimePermission "getClassLoader";
+ permission org.jboss.naming.JndiPermission "<<ALL BINDINGS>>","rebind,createSubcontext";
+ permission java.util.logging.LoggingPermission "control";
+ permission javax.management.MBeanPermission "*", "addNotificationListener";
+
+ //specific tests
+ permission java.io.FilePermission "<<ALL FILES>>", "read,write,delete";
+ permission java.lang.RuntimePermission "accessDeclaredMembers";
+ permission java.lang.RuntimePermission "org.jboss.security.plugins.JBossSecurityContext.getData";
+ permission javax.xml.ws.WebServicePermission "publishEndpoint";
+ permission java.lang.reflect.ReflectPermission "suppressAccessChecks";
+ permission javax.management.MBeanPermission "*", "invoke,registerMBean,unregisterMBean,queryNames";
+ permission java.security.SecurityPermission "setPolicy";
+ permission java.net.NetPermission "specifyStreamHandler";
+
+
+ //add write permission to frameworktest : org.jboss.test.ws.jaxws.jbws2000.JBWS2000TestCase
+ permission java.io.FilePermission "/tmp/-", "write,delete";
+ //frameworktest : org.jboss.test.ws.jaxws.jbws1822.JBWS1822TestCase
+ permission java.lang.RuntimePermission "createClassLoader";
+ //Allow client to regiester MBean : org.jboss.test.ws.management.recording.CustomRecordProcessorTestCase.testAddCustomProcessor()
+ permission javax.management.MBeanTrustPermission "register";
+};
Added: stack/native/trunk/modules/testsuite/src/test/resources/securityMgr/jboss-6.0.1.SNAPSHOT/server.policy
===================================================================
--- stack/native/trunk/modules/testsuite/src/test/resources/securityMgr/jboss-6.0.1.SNAPSHOT/server.policy (rev 0)
+++ stack/native/trunk/modules/testsuite/src/test/resources/securityMgr/jboss-6.0.1.SNAPSHOT/server.policy 2009-12-10 09:41:01 UTC (rev 11266)
@@ -0,0 +1,342 @@
+// The Java2 security policy for the securitymgr tests
+// Install with -Djava.security.policy==server.policy
+// and -Djboss.home.dir=path_to_jboss_distribution
+
+// ***************************************
+// Trusted core Java code
+//***************************************
+grant codeBase "file:${java.home}/lib/ext/-" {
+ permission java.security.AllPermission;
+};
+grant codeBase "file:${java.home}/lib/*" {
+ permission java.security.AllPermission;
+};
+// For java.home pointing to the JDK jre directory
+grant codeBase "file:${java.home}/../lib/*" {
+ permission java.security.AllPermission;
+};
+
+
+
+
+//********************************************
+// Trusted core JBoss code (REAL URL Version)
+//********************************************
+grant codeBase "file:${jboss.home.dir}/bin/-" {
+ permission java.security.AllPermission;
+};
+
+grant codeBase "file:${jboss.home.dir}/lib/-" {
+ permission java.security.AllPermission;
+};
+
+grant codeBase "file:${jboss.home.dir}/lib/-" {
+ permission java.security.AllPermission;
+};
+
+grant codeBase "file:${jboss.home.dir}/common/lib/-" {
+ permission java.security.AllPermission;
+};
+
+grant codeBase "file:${jboss.home.dir}/server/lib/-" {
+ permission java.security.AllPermission;
+};
+
+grant codeBase "file:${jboss.server.home.dir}/lib/-" {
+ permission java.security.AllPermission;
+};
+
+grant codeBase "file:${jboss.server.home.dir}/deployers/-" {
+ permission java.security.AllPermission;
+};
+
+grant codeBase "file:${jboss.server.home.dir}/work/-" {
+ permission java.security.AllPermission;
+};
+
+grant codeBase "jar:file:${jboss.server.home.dir}/common/lib/log4j.jar!/" {
+ permission java.lang.RuntimePermission "getClassLoader";
+};
+grant codeBase "jar:file:${jboss.server.home.dir}/common/lib/servlet-api.jar!/" {
+ permission java.lang.RuntimePermission "getClassLoader";
+};
+
+//********************************************
+// Trusted core JBoss code (VFS URL Version)
+//********************************************
+grant codeBase "vfszip:${jboss.home.dir}/lib/-" {
+ permission java.security.AllPermission;
+};
+
+grant codeBase "vfszip:${jboss.home.dir}/common/lib/-" {
+ permission java.security.AllPermission;
+};
+
+grant codeBase "vfszip:${jboss.home.dir}/server/lib/-" {
+ permission java.security.AllPermission;
+};
+
+grant codeBase "file:${jboss.server.home.dir}/lib/-" {
+ permission java.security.AllPermission;
+};
+
+grant codeBase "file:${jboss.server.home.dir}/deployers/-" {
+ permission java.security.AllPermission;
+};
+
+grant codeBase "file:${jboss.server.home.dir}/work/-" {
+ permission java.security.AllPermission;
+};
+
+
+//*******************************************************
+// Trusted Specific JBoss Code (REAL URL Version)
+//*******************************************************
+grant codeBase "file:${jboss.server.home.dir}/conf/bindingservice.beans/jboss-bindingservice.jar/-"{
+ permission java.io.FilePermission "${jboss.home.dir}/deploy/jbossweb.sar/server.xml", "read";
+};
+
+grant codeBase "file:${jboss.server.home.dir}/deploy/http-invoker.sar/invoker.war/-" {
+ permission javax.management.MBeanPermission "*", "addNotificationListener,getAttribute";
+ permission java.lang.RuntimePermission "getClassLoader";
+};
+
+grant codeBase "file:${jboss.server.home.dir}/deploy/jmx-console.war/-" {
+ permission java.security.AllPermission;
+};
+
+grant codeBase "file:${jboss.server.home.dir}/deploy/jmx-remoting.sar/-" {
+ permission javax.management.MBeanTrustPermission "register";
+ permission java.net.SocketPermission "*", "accept,listen,resolve";
+ permission java.lang.RuntimePermission "getClassLoader";
+ permission java.util.logging.LoggingPermission "control";
+};
+
+
+grant codeBase "file:${jboss.server.home.dir}/deploy/jbossweb.sar/jsf-libs/-" {
+ permission java.security.AllPermission;
+};
+
+grant codeBase "file:${jboss.server.home.dir}/deploy/jboss-local-jdbc.rar/-" {
+ permission java.lang.RuntimePermission "getClassLoader";
+};
+
+grant codeBase "jar:file:${jboss.server.home.dir}/conf/bindingservice.beans/jboss-service-binding-core.jar!/"{
+ permission java.util.PropertyPermission "*", "write";
+ permission java.io.FilePermission "${jboss.server.home.dir}/deploy/jbossweb.sar/server.xml", "read";
+ permission java.io.FilePermission "${jboss.server.home.dir}/tmp/-", "write,delete";
+};
+
+grant codeBase "jar:file:${jboss.server.home.dir}/conf/bindingservice.beans/jboss-service-binding-mgmt.jar!/"{
+ permission java.util.PropertyPermission "*", "write";
+ permission java.io.FilePermission "${jboss.server.home.dir}/deploy/jbossweb.sar/server.xml", "read";
+ permission java.io.FilePermission "${jboss.server.home.dir}/tmp/-", "write,delete";
+};
+
+grant codeBase "jar:file:${jboss.server.home.dir}/deploy/jboss-local-jdbc.rar!/jboss-local-jdbc.jar" {
+ permission java.lang.RuntimePermission "getClassLoader";
+};
+
+grant codeBase "file:${jboss.server.home.dir}/deploy/management/console-mgr.sar/-" {
+ permission javax.management.MBeanTrustPermission "register";
+ permission javax.management.MBeanPermission "*", "addNotificationListener,getAttribute";
+ permission org.jboss.naming.JndiPermission "<<ALL BINDINGS>>","*";
+ permission java.io.FilePermission "<<ALL FILES>>", "read";
+ permission java.lang.RuntimePermission "getClassLoader";
+};
+
+grant codeBase "file:${jboss.server.home.dir}/deploy/uuid-key-generator.sar/-" {
+ permission javax.management.MBeanTrustPermission "register";
+ permission javax.management.MBeanPermission "*", "getAttribute";
+ permission org.jboss.naming.JndiPermission "<<ALL BINDINGS>>","lookup,rebind,unbind";
+ permission java.lang.RuntimePermission "getClassLoader";
+};
+
+grant codeBase "file:${jboss.server.home.dir}/deploy/jbossweb.sar/-" {
+ permission java.security.AllPermission;
+};
+
+grant codeBase "jar:file:${jboss.server.home.dir}/deploy/jms-ra.rar!/jms-ra.jar" {
+ permission java.lang.RuntimePermission "setContextClassLoader";
+ permission java.lang.RuntimePermission "getClassLoader";
+ permission org.jboss.naming.JndiPermission "<<ALL BINDINGS>>","lookup";
+ permission java.io.FilePermission "${jboss.home.dir}/lib/jboss-aop.jar", "read";
+ permission javax.management.MBeanPermission "*", "getAttribute,invoke,setAttribute";
+};
+
+grant codeBase "jar:file:${jboss.server.home.dir}/deploy/jms-ra.rar/jms-ra.jar!/" {
+ permission java.lang.RuntimePermission "setContextClassLoader";
+ permission java.lang.RuntimePermission "getClassLoader";
+ permission org.jboss.naming.JndiPermission "<<ALL BINDINGS>>","lookup";
+ permission java.io.FilePermission "${jboss.home.dir}/lib/jboss-aop.jar", "read";
+ permission javax.management.MBeanPermission "*", "getAttribute,invoke,setAttribute";
+};
+
+grant codeBase "jar:file:${jboss.server.home.dir}/deploy/quartz-ra.rar!/quartz-ra.jar" {
+ permission java.security.AllPermission;
+};
+
+grant codeBase "jar:file:${jboss.server.home.dir}/deploy/quartz-ra.rar/quartz-ra.jar!/" {
+ permission java.security.AllPermission;
+};
+
+
+
+//*******************************************************
+// Trusted Specific JBoss Code (VFS URL Version)
+//*******************************************************
+grant codeBase "vfszip:${jboss.server.home.dir}/deploy/http-invoker.sar/invoker.war/-" {
+ permission javax.management.MBeanPermission "*", "addNotificationListener,getAttribute";
+};
+
+grant codeBase "vfsfile:${jboss.server.home.dir}/deploy/http-invoker.sar/invoker.war/-" {
+ permission javax.management.MBeanPermission "*", "addNotificationListener,getAttribute";
+ permission java.lang.RuntimePermission "getClassLoader";
+};
+
+grant codeBase "vfszip:${jboss.server.home.dir}/deploy/jmx-console.war/-" {
+ permission java.security.AllPermission;
+};
+
+grant codeBase "vfsfile:${jboss.server.home.dir}/deploy/jmx-console.war/-" {
+ permission java.security.AllPermission;
+};
+
+grant codeBase "vfszip:${jboss.server.home.dir}/deploy/jmx-remoting.sar/-" {
+ permission javax.management.MBeanTrustPermission "register";
+ permission java.net.SocketPermission "*", "accept,listen,resolve";
+ permission java.lang.RuntimePermission "getClassLoader";
+};
+
+
+grant codeBase "vfszip:${jboss.server.home.dir}/deploy/jbossweb.sar/jboss-web-service.jar" {
+ permission java.security.AllPermission;
+};
+
+grant codeBase "vfszip:${jboss.server.home.dir}/deploy/jbossweb.sar/jbossweb.jar" {
+ permission java.security.AllPermission;
+};
+
+grant codeBase "vfsfile:${jboss.server.home.dir}/deploy/jbossweb.sar/jbossweb.jar/-" {
+ permission java.security.AllPermission;
+};
+
+grant codeBase "vfszip:${jboss.server.home.dir}/deploy/jbossweb.sar/jsf-libs/-" {
+ permission java.security.AllPermission;
+};
+
+grant codeBase "vfszip:${jboss.server.home.dir}/deploy/jbossweb.sar/jasper-jdt.jar" {
+ permission java.security.AllPermission;
+};
+
+grant codeBase "vfszip:${jboss.server.home.dir}/deploy/jbossweb.sar/jstl.jar" {
+ permission java.security.AllPermission;
+};
+
+grant codeBase "vfszip:${jboss.server.home.dir}/deploy/jboss-local-jdbc.rar/-" {
+ permission java.lang.RuntimePermission "getClassLoader";
+};
+
+grant codeBase "vfszip:${jboss.server.home.dir}/deploy/management/console-mgr.sar/-" {
+ permission javax.management.MBeanTrustPermission "register";
+ permission javax.management.MBeanPermission "*", "addNotificationListener,getAttribute";
+ permission org.jboss.naming.JndiPermission "<<ALL BINDINGS>>","*";
+ permission java.io.FilePermission "<<ALL FILES>>", "read";
+ permission java.lang.RuntimePermission "getClassLoader";
+};
+
+
+grant codeBase "vfszip:${jboss.server.home.dir}/deploy/uuid-key-generator.sar/-" {
+ permission javax.management.MBeanTrustPermission "register";
+ permission javax.management.MBeanPermission "*", "getAttribute";
+ permission org.jboss.naming.JndiPermission "<<ALL BINDINGS>>","lookup,rebind,unbind";
+ permission java.lang.RuntimePermission "getClassLoader";
+};
+
+grant codeBase "vfsfile:${jboss.server.home.dir}/deploy/uuid-key-generator.sar/-" {
+ permission javax.management.MBeanTrustPermission "register";
+ permission javax.management.MBeanPermission "*", "getAttribute";
+ permission org.jboss.naming.JndiPermission "<<ALL BINDINGS>>","lookup,rebind,unbind";
+ permission java.lang.RuntimePermission "getClassLoader";
+};
+
+grant codeBase "vfszip:${jboss.server.home.dir}/deploy/jms-ra.rar/jms-ra.jar" {
+ permission java.lang.RuntimePermission "setContextClassLoader";
+ permission java.lang.RuntimePermission "getClassLoader";
+ permission org.jboss.naming.JndiPermission "<<ALL BINDINGS>>","lookup";
+ permission java.io.FilePermission "${jboss.home.dir}/lib/jboss-aop.jar", "read";
+ permission javax.management.MBeanPermission "*", "getAttribute,invoke,setAttribute";
+};
+
+grant codeBase "vfszip:${jboss.server.home.dir}/deploy/quartz-ra.rar/quartz-ra.jar" {
+ permission java.security.AllPermission;
+};
+
+grant codeBase "vfsmemory://*" {
+ permission java.security.AllPermission;
+};
+
+//****************************************************************
+// jbossws native permission
+//****************************************************************
+//for juddi deployment
+grant codeBase "file:${jboss.server.home.dir}/deploy/juddi-service.sar/-" {
+ permission javax.management.MBeanTrustPermission "register";
+ permission org.jboss.naming.JndiPermission "JAXR", "rebind";
+};
+
+//****************************************************************
+// Default block of permissions
+// Minimal permissions are allowed to everyone else
+//****************************************************************
+grant {
+ permission java.io.FilePermission "${jboss.server.home.dir}/tmp/-", "read";
+ permission java.io.FilePermission "${jboss.home.dir}/server/lib/quartz.jar/org/quartz/quartz.properties", "read";
+ permission org.jboss.naming.JndiPermission "<<ALL BINDINGS>>","lookup";
+ permission java.io.FilePermission "quartz.properties", "read";
+ permission java.util.PropertyPermission "*", "read";
+ permission java.lang.RuntimePermission "queuePrintJob";
+ permission java.net.SocketPermission "*", "connect";
+ permission java.security.SecurityPermission "getPolicy";
+ permission java.lang.RuntimePermission "accessClassInPackage.*";
+ permission java.lang.RuntimePermission "getProtectionDomain";
+ permission java.lang.RuntimePermission "org.jboss.security.SecurityAssociation.getSubject";
+ permission java.lang.RuntimePermission "org.jboss.security.plugins.JBossSecurityContext.getSubjectInfo";
+
+ permission javax.management.MBeanServerPermission "findMBeanServer";
+ permission javax.management.MBeanPermission "org.jboss.mx.modelmbean.XMBean#*[JMImplementation:type=MBeanRegistry]", "*";
+ permission javax.management.MBeanPermission "org.jboss.security.plugins.AuthorizationManagerService#*[jboss.security:service=AuthorizationManager]", "invoke";
+ permission javax.management.MBeanPermission "org.jboss.jms.server.jbosssx.JBossASSecurityMetadataStore#*[jboss.messaging:service=SecurityStore]", "invoke";
+ permission javax.management.MBeanPermission "org.jboss.security.auth.login.XMLLoginConfig#*[jboss.security:service=XMLLoginConfig]", "invoke";
+ permission javax.management.MBeanPermission "org.jboss.security.plugins.JaasSecurityManagerService#*[jboss.security:service=JaasSecurityManager]", "invoke";
+ permission javax.management.MBeanPermission "*", "getMBeanInfo";
+ permission javax.management.MBeanPermission "*", "getAttribute";
+
+ permission javax.security.auth.AuthPermission "createLoginContext.*";
+ permission javax.security.auth.AuthPermission "getLoginConfiguration";
+
+ //admin-console
+ permission java.lang.RuntimePermission "getClassLoader";
+ permission org.jboss.naming.JndiPermission "<<ALL BINDINGS>>","rebind,createSubcontext";
+ permission java.util.logging.LoggingPermission "control";
+ permission javax.management.MBeanPermission "*", "addNotificationListener";
+
+ //specific tests
+ permission java.io.FilePermission "<<ALL FILES>>", "read,write,delete";
+ permission java.lang.RuntimePermission "accessDeclaredMembers";
+ permission java.lang.RuntimePermission "org.jboss.security.plugins.JBossSecurityContext.getData";
+ permission javax.xml.ws.WebServicePermission "publishEndpoint";
+ permission java.lang.reflect.ReflectPermission "suppressAccessChecks";
+ permission javax.management.MBeanPermission "*", "invoke,registerMBean,unregisterMBean,queryNames";
+ permission java.security.SecurityPermission "setPolicy";
+ permission java.net.NetPermission "specifyStreamHandler";
+
+
+ //add write permission to frameworktest : org.jboss.test.ws.jaxws.jbws2000.JBWS2000TestCase
+ permission java.io.FilePermission "/tmp/-", "write,delete";
+ //frameworktest : org.jboss.test.ws.jaxws.jbws1822.JBWS1822TestCase
+ permission java.lang.RuntimePermission "createClassLoader";
+ //Allow client to regiester MBean : org.jboss.test.ws.management.recording.CustomRecordProcessorTestCase.testAddCustomProcessor()
+ permission javax.management.MBeanTrustPermission "register";
+
+};
More information about the jbossws-commits
mailing list