private static void checkPDPermission(Class<?> clazz, Permission permission) { final ProtectionDomain protectionDomain; final ClassLoader classLoader; if (getSecurityManager() instanceof WildFlySecurityManager) { protectionDomain = clazz.getProtectionDomain(); classLoader = clazz.getClassLoader(); } else { protectionDomain = doPrivileged(new GetProtectionDomainAction(clazz)); classLoader = doPrivileged(new GetClassLoaderAction(clazz)); } if (protectionDomain.implies(permission)) { return; } access.accessCheckFailed(permission, protectionDomain.getCodeSource(), classLoader); if (! LOG_ONLY) { throw access.accessControlException(permission, permission, protectionDomain.getCodeSource(), classLoader); } }
throw access.secMgrChange(); final ProtectionDomain deniedDomain = findAccessDenial(perm, stack); if (deniedDomain != null) { throw access.accessControlException(perm, perm, deniedDomain.getCodeSource(), deniedDomain.getClassLoader());
/** * Perform a permission check. * * @param perm the permission to check * @param context the security context to use for the check (must be an {@link AccessControlContext} instance) * @throws SecurityException if the check fails */ public void checkPermission(final Permission perm, final Object context) throws SecurityException { if (context instanceof AccessControlContext) { checkPermission(perm, (AccessControlContext) context); } else { throw access.unknownContext(); } }
throw permission.unexpectedActionCharacter(c, i, actionString); throw permission.invalidAction(actionString.substring(start, i), start, actionString); throw permission.unexpectedActionCharacter(c, i, actionString);
void checkPermission(final Permission perm, final Class<?> clazz) throws SecurityException { if (perm.implies(SECURITY_MANAGER_PERMISSION)) { throw access.secMgrChange(); final Principal[] principals = protectionDomain.getPrincipals(); if (principals == null || principals.length == 0) { access.accessCheckFailed(perm, codeSource, classLoader); } else { access.accessCheckFailed(perm, codeSource, classLoader, Arrays.toString(principals)); throw access.accessControlException(perm, perm, codeSource, classLoader);
/** * Find the protection domain in the given list which denies a permission, or {@code null} if the permission * check would pass. * * @param permission the permission to test * @param domains the protection domains to try * @return the first denying protection domain, or {@code null} if there is none */ public static ProtectionDomain findAccessDenial(final Permission permission, final ProtectionDomain... domains) { ProtectionDomain deniedDomain = null; if (domains != null) for (ProtectionDomain domain : domains) { if (! domain.implies(permission)) { final CodeSource codeSource = domain.getCodeSource(); final ClassLoader classLoader = domain.getClassLoader(); final Principal[] principals = domain.getPrincipals(); if (principals == null || principals.length == 0) { access.accessCheckFailed(permission, codeSource, classLoader); } else { access.accessCheckFailed(permission, codeSource, classLoader, Arrays.toString(principals)); } if (deniedDomain == null && ! LOG_ONLY) { deniedDomain = domain; } } } return deniedDomain; }
public WildFlySecurityManagerPermission(final String name, final String actions) { this(name); if (actions != null && ! actions.isEmpty()) { throw SecurityMessages.permission.invalidAction(actions, 0, actions); } }
throw access.secMgrChange(); final Principal[] principals = deniedDomain.getPrincipals(); if (principals == null || principals.length == 0) { access.accessCheckFailed(perm, codeSource, classLoader); } else { access.accessCheckFailed(perm, codeSource, classLoader, Arrays.toString(principals)); throw access.accessControlException(perm, perm, codeSource, classLoader);
throw permission.unexpectedActionCharacter(c, i, actionString); throw permission.invalidAction(actionString.substring(start, i), start, actionString); throw permission.unexpectedActionCharacter(c, i, actionString);
/** * Find the protection domain in the given list which denies a permission, or {@code null} if the permission * check would pass. * * @param permission the permission to test * @param domains the protection domains to try * @return the first denying protection domain, or {@code null} if there is none */ public static ProtectionDomain findAccessDenial(final Permission permission, final ProtectionDomain... domains) { ProtectionDomain deniedDomain = null; if (domains != null) for (ProtectionDomain domain : domains) { if (! domain.implies(permission)) { final CodeSource codeSource = domain.getCodeSource(); final ClassLoader classLoader = domain.getClassLoader(); final Principal[] principals = domain.getPrincipals(); if (principals == null || principals.length == 0) { access.accessCheckFailed(permission, codeSource, classLoader); } else { access.accessCheckFailed(permission, codeSource, classLoader, Arrays.toString(principals)); } if (deniedDomain == null && ! LOG_ONLY) { deniedDomain = domain; } } } return deniedDomain; }
private static void checkPropertyReadPermission(Class<?> clazz, String propertyName) { final ProtectionDomain protectionDomain; final ClassLoader classLoader; if (getSecurityManager() instanceof WildFlySecurityManager) { protectionDomain = clazz.getProtectionDomain(); classLoader = clazz.getClassLoader(); } else { protectionDomain = doPrivileged(new GetProtectionDomainAction(clazz)); classLoader = doPrivileged(new GetClassLoaderAction(clazz)); } if (protectionDomain.implies(PROPERTIES_PERMISSION)) { return; } final PropertyPermission permission = new PropertyPermission(propertyName, "read"); if (protectionDomain.implies(permission)) { return; } access.accessCheckFailed(permission, protectionDomain.getCodeSource(), classLoader); if (! LOG_ONLY) { throw access.accessControlException(permission, permission, protectionDomain.getCodeSource(), classLoader); } }
throw access.secMgrChange(); final ProtectionDomain deniedDomain = findAccessDenial(perm, stack); if (deniedDomain != null) { throw access.accessControlException(perm, perm, deniedDomain.getCodeSource(), deniedDomain.getClassLoader());
throw permission.unexpectedActionCharacter(c, i, actionString); throw permission.invalidAction(actionString.substring(start, i), start, actionString); throw permission.unexpectedActionCharacter(c, i, actionString);
/** * Perform a permission check. * * @param perm the permission to check * @param context the security context to use for the check (must be an {@link AccessControlContext} instance) * @throws SecurityException if the check fails */ public void checkPermission(final Permission perm, final Object context) throws SecurityException { if (context instanceof AccessControlContext) { checkPermission(perm, (AccessControlContext) context); } else { throw access.unknownContext(); } }
final Principal[] principals = protectionDomain.getPrincipals(); if (principals == null || principals.length == 0) { access.accessCheckFailed(permission, codeSource, classLoader); } else { access.accessCheckFailed(permission, codeSource, classLoader, Arrays.toString(principals));
private static void checkPropertyWritePermission(Class<?> clazz, String propertyName) { final ProtectionDomain protectionDomain; final ClassLoader classLoader; if (getSecurityManager() instanceof WildFlySecurityManager) { protectionDomain = clazz.getProtectionDomain(); classLoader = clazz.getClassLoader(); } else { protectionDomain = doPrivileged(new GetProtectionDomainAction(clazz)); classLoader = doPrivileged(new GetClassLoaderAction(clazz)); } if (protectionDomain.implies(PROPERTIES_PERMISSION)) { return; } final PropertyPermission permission = new PropertyPermission(propertyName, "write"); if (protectionDomain.implies(permission)) { return; } access.accessCheckFailed(permission, protectionDomain.getCodeSource(), classLoader); if (! LOG_ONLY) { throw access.accessControlException(permission, permission, protectionDomain.getCodeSource(), classLoader); } }
throw access.secMgrChange(); final ProtectionDomain deniedDomain = findAccessDenial(perm, stack); if (deniedDomain != null) { throw access.accessControlException(perm, perm, deniedDomain.getCodeSource(), deniedDomain.getClassLoader());
throw permission.unexpectedActionCharacter(c, i, actionString); throw permission.invalidAction(actionString.substring(start, i), start, actionString); throw permission.unexpectedActionCharacter(c, i, actionString);
/** * Perform a permission check. * * @param perm the permission to check * @param context the security context to use for the check (must be an {@link AccessControlContext} instance) * @throws SecurityException if the check fails */ public void checkPermission(final Permission perm, final Object context) throws SecurityException { if (context instanceof AccessControlContext) { checkPermission(perm, (AccessControlContext) context); } else { throw access.unknownContext(); } }
/** * Find the protection domain in the given list which denies a permission, or {@code null} if the permission * check would pass. * * @param permission the permission to test * @param domains the protection domains to try * @return the first denying protection domain, or {@code null} if there is none */ public static ProtectionDomain findAccessDenial(final Permission permission, final ProtectionDomain... domains) { ProtectionDomain deniedDomain = null; if (domains != null) for (ProtectionDomain domain : domains) { if (! domain.implies(permission)) { final CodeSource codeSource = domain.getCodeSource(); final ClassLoader classLoader = domain.getClassLoader(); final Principal[] principals = domain.getPrincipals(); if (principals == null || principals.length == 0) { access.accessCheckFailed(permission, codeSource, classLoader); } else { access.accessCheckFailed(permission, codeSource, classLoader, Arrays.toString(principals)); } if (deniedDomain == null && ! LOG_ONLY) { deniedDomain = domain; } } } return deniedDomain; }