alvinalexander.com | career | drupal | java | mac | mysql | perl | scala | uml | unix  

Axis 2 example source code file (Java2SecTest.java)

This example Axis 2 source code file (Java2SecTest.java) is included in the DevDaily.com "Java Source Code Warehouse" project. The intent of this project is to help you "Learn Java by Example" TM.

Java - Axis 2 tags/keywords

action, action, exception, exception, it, lesspermission, lesspermissionprivilegedexceptionaction, morepermission, morepermissionprivilegedexceptionaction, security, securitymanager, securitymanager, string, string, this, util

The Axis 2 Java2SecTest.java source code

/*
 * Licensed to the Apache Software Foundation (ASF) under one
 * or more contributor license agreements. See the NOTICE file
 * distributed with this work for additional information
 * regarding copyright ownership. The ASF licenses this file
 * to you under the Apache License, Version 2.0 (the
 * "License"); you may not use this file except in compliance
 * with the License. You may obtain a copy of the License at
 *
 * http://www.apache.org/licenses/LICENSE-2.0
 *
 * Unless required by applicable law or agreed to in writing,
 * software distributed under the License is distributed on an
 * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
 * KIND, either express or implied. See the License for the
 * specific language governing permissions and limitations
 * under the License.
 */

package org.apache.axis2.java.security.driver;

import junit.framework.Test;
import junit.framework.TestCase;
import junit.framework.TestSuite;
import junit.textui.TestRunner;
import org.apache.axis2.java.security.AccessController;
import org.apache.axis2.java.security.action.Action;
import org.apache.axis2.java.security.less.LessPermission;
import org.apache.axis2.java.security.less.LessPermissionAccessControlContext;
import org.apache.axis2.java.security.less.LessPermissionPrivilegedExceptionAction;
import org.apache.axis2.java.security.more.MorePermission;
import org.apache.axis2.java.security.more.MorePermissionAccessControlContext;
import org.apache.axis2.java.security.more.MorePermissionPrivilegedExceptionAction;
import org.apache.axis2.AbstractTestCase;

import java.security.AccessControlException;
import java.security.Permission;
import java.util.Calendar;
import java.util.TimeZone;

/**
 * Java2SecTest demostrates the usages of AccessController class and Policy file(s) while Security Manager is enabled:
 * 1. testNoPrivilegePassed shows the usage of no AccessController but it still work fine
 * because it has all the permissions.
 * 2. testNoPrivilegeFailure shows the usage of AccessController with LessPermission.java,
 * which is not right approach.
 * 3. testDoPrivilegePassed shows the correct practice of java 2 security by granting the appropriate
 * permission in the policy file(s0 and wrapping the AccessController calls with MorePermission.java.
 * 4. testDoPrivilegeFailure shows the reverse call order of MorePermission and LessPermission
 * from testDoPrivilegedPassed.
 * 5. testAccessControlContextFailure shows the AccessContext which contains a no-permission class
 * on the stack can cause a failure. In our case, the no-permission class is
 * LessPermissionAccessControlContext.
 */

public class Java2SecTest extends TestCase {
    // Static variable to keep the test result 
    public static String testResult = "";

    // Default constructor
    public Java2SecTest() {
        super();
        System.out.println("\nJava2SecTest ctor 1");
        Calendar cal = Calendar.getInstance(TimeZone.getDefault());
        String DATE_FORMAT = "yyyy-MM-dd HH:mm:ss";
        java.text.SimpleDateFormat sdf = new java.text.SimpleDateFormat(DATE_FORMAT);
        sdf.setTimeZone(TimeZone.getDefault());
        System.out.println("Current time => " + sdf.format(cal.getTime()) + "\n");
    }

    // Constructor
    public Java2SecTest(String arg) {
        super(arg);
        System.out.println("\nJava2SecTest ctor 2");
        Calendar cal = Calendar.getInstance(TimeZone.getDefault());
        String DATE_FORMAT = "yyyy-MM-dd HH:mm:ss";
        java.text.SimpleDateFormat sdf = new java.text.SimpleDateFormat(DATE_FORMAT);
        sdf.setTimeZone(TimeZone.getDefault());
        System.out.println("Current time => " + sdf.format(cal.getTime()) + "\n");
    }

    // This method is added for running this test as a pure junit test
    public static void main(String[] args) {
        TestRunner.run(suite());

    }

    // This method is added for running this test as a pure junit test
    public static Test suite() {
        TestSuite suite = new TestSuite(Java2SecTest.class);

        return suite;

    }


    /**
     * testNoPrivilegedSuccessed
     */

    public void testNoPrivilegeSuccessed() throws Exception {
        Java2SecTest.testResult = "testNoPrivilegeSuccessed failed.";
        SecurityManager oldSM = null;
        String expectedString = "This line is from public.txt.";

        System.out.println("\ntestNoPrivilegedSuccessed() begins");
        // Check whether the security manager is enabled or not.
        // If not, turn it on
        oldSM = System.getSecurityManager();
        if (oldSM != null) {
            System.out.println("\nSecurity Manager is enabled.");
        } else {
            System.out.println("\nSecurity Manager is disabled.");
            System.out.println("Enabling the default Java Security Manager");
            System.setSecurityManager(new SecurityManager());
        }

        // Run test WITHOUT AccessController.doPrivileged wrapper
        Action dp = new Action("public/public.txt");
        MorePermission mp = new MorePermission(dp, false);
        LessPermission lp = new LessPermission(mp, false);
        lp.takeAction();

        // Disable security manager if it is enabled by this testcsae
        if (System.getSecurityManager() != null && oldSM == null) {
            System.setSecurityManager(null);
            if (System.getSecurityManager() == null) {
                System.out.println("Security Manager is successfully disabled.");
            } else {
                System.out.println("Security Manager is still enabled");
            }
        }
        // Remove extra characters within the result string
        testResult = testResult.replaceAll("\\r", "");
        testResult = testResult.replaceAll("\\n", "");
        System.out.println("Resulting string is " + testResult);

        // Verify the test result by comparing the test result with expected string
        assertTrue("The string contents do not match.",
                   expectedString.equalsIgnoreCase(testResult));

        System.out.println("\ntestNoPrivilegedSuccessed() ends\n\n");
    }


    /**
     * testNoPrivilegedFailure
     */

    public void testNoPrivilegeFailure() throws Exception {
        Java2SecTest.testResult = "testNoPrivilegeFailure failed.";
        SecurityManager oldSM = null;

        System.out.println("\ntestNoPrivilegedFailured() begins");
        // Check whether the security is enable or not.
        // if it is not enabled, turn it on
        oldSM = System.getSecurityManager();
        if (oldSM != null) {
            System.out.println("\nSecurity Manager is enabled.");
        } else {
            System.out.println("\nSecurity Manager is disabled.");
            System.out.println("Enabling the default Security Manager");
            System.setSecurityManager(new SecurityManager());
        }
        // Run test with AccessController.doPrivilege wrapper
        Action dp = new Action("private/private.txt");
        MorePermission mp = new MorePermission(dp, false);
        LessPermission lp = new LessPermission(mp, false);
        try {
            lp.takeAction();
        } catch (Exception e) {
            // verify the test result
            assertTrue("It is not the security exception.",
                       (e instanceof java.security.AccessControlException));
        } finally {
            // Disable security manager if it is enabled by this testcsae
            if (System.getSecurityManager() != null && oldSM == null) {
                System.setSecurityManager(null);
                if (System.getSecurityManager() == null) {
                    System.out.println("Security Manager is successfully disabled.");
                } else {
                    System.out.println("Security Manager is still enabled");
                }
            }
            System.out.println("\ntesNoPrivilegedFailure() ends\n\n");
        }
    }


    /**
     * testDoPrivilegedSuccessed
     */

    public void testDoPrivilegeSuccessed() throws Exception {
        Java2SecTest.testResult = "testDoPrivilegeSuccessed failed.";
        SecurityManager oldSM = null;
        String expectedString = "This line is from private.txt.";

        System.out.println("\ntestDoPrivilegedSuccessed() begins");
        // Check whether the security is enable or not.
        // If it is not enabled, turn it on
        oldSM = System.getSecurityManager();
        if (oldSM != null) {
            System.out.println("\nSecurity Manager is enabled.");
        } else {
            System.out.println("\nSecurity Manager is disabled.");
            System.out.println("Enabling the default Java Security Manager");
            System.setSecurityManager(new SecurityManager());
        }

        // Run test with AccessController.doPrivilege
        Action dp = new Action("private/private.txt");
        MorePermission mp = new MorePermission(dp, true);
        LessPermission lp = new LessPermission(mp, false);
        lp.takeAction();

        // Disable security manager if it is enabled by this testcsae
        if (System.getSecurityManager() != null && oldSM == null) {
            System.setSecurityManager(null);
            if (System.getSecurityManager() == null) {
                System.out.println("Security Manager is successfully disabled.");
            } else {
                System.out.println("Security Manager is still enabled");
            }
        }

        // Remove extra characters within the result string
        testResult = testResult.replaceAll("\\r", "");
        testResult = testResult.replaceAll("\\n", "");
        System.out.println("Resulting string is " + testResult);

        // Verify the test result by comparing the test result with expected string               
        assertTrue("The string contents do not match.",
                   expectedString.equalsIgnoreCase(testResult));
        System.out.println("\ntestDoPrivilegedSuccessed() ends\n\n");
    }


    /**
     * testDoPrivilegedFailure
     */

    public void testDoPrivilegeFailure() throws Exception {
        Java2SecTest.testResult = "testDoPrivilegeFailure failed.";
        SecurityManager oldSM = null;
        String expectedString = "This line is from private.txt.";

        System.out.println("\ntestDoPrivilegedFailure() begins");
        // Check whether the security is enable or not.
        // If it is not enabled, turn it on
        oldSM = System.getSecurityManager();
        if (oldSM != null) {
            System.out.println("\nSecurity Manager is enabled.");
        } else {
            System.out.println("\nSecurity Manager is disabled.");
            System.out.println("Enabling the default Java Security Manager");
            System.setSecurityManager(new SecurityManager());
        }

        // Run test with AccessController.doPrivilege
        Action dp = new Action("private/private.txt");
        MorePermission mp = new MorePermission(dp, false);
        LessPermission lp = new LessPermission(mp, true);
        try {
            mp.takeAction();
        } catch (Exception e) {
            // Verify the test result
            assertTrue("It is not the security exception.",
                       (e instanceof java.security.AccessControlException));

        } finally {
            // Disable security manager if it is enabled by this testcsae
            if (System.getSecurityManager() != null && oldSM == null) {
                System.setSecurityManager(null);
                if (System.getSecurityManager() == null) {
                    System.out.println("Security Manager is successfully disabled.");
                } else {
                    System.out.println("Security Manager is still enabled");
                }
            }
            System.out.println("\ntestDoPrivilegedFailure() ends\n\n");
        }
    }


    /**
     * testAccessControlContextFailure
     */

    public void testAccessControlContextFailure() throws Exception {
        Java2SecTest.testResult = "testAccessControlContextFailure failed.";
        SecurityManager oldSM = null;
        String expectedString = "This line is from private.txt.";

        System.out.println("\ntestAccessControlContextFailure() begins");
        // Check whether the security is enable or not.
        // If it is not enabled, turn it on
        oldSM = System.getSecurityManager();
        if (oldSM != null) {
            System.out.println("\nSecurity Manager is enabled.");
        } else {
            System.out.println("\nSecurity Manager is disabled.");
            System.out.println("Enabling the default Java Security Manager");
            System.setSecurityManager(new SecurityManager());
        }

        // Run test with AccessController.doPrivilege
        Action dp = new Action("private/private.txt");
        MorePermissionAccessControlContext mp = new MorePermissionAccessControlContext(dp, false);
        LessPermissionAccessControlContext lp = new LessPermissionAccessControlContext(mp, true);
        try {
            lp.takeAction();
        } catch (Exception e) {
            // Verify the test result
            assertTrue("It is not the security exception.",
                       (e instanceof java.security.AccessControlException));

        } finally {
            // Disable security manager if it is enabled by this testcsae
            if (System.getSecurityManager() != null && oldSM == null) {
                System.setSecurityManager(null);
                if (System.getSecurityManager() == null) {
                    System.out.println("Security Manager is successfully disabled.");
                } else {
                    System.out.println("Security Manager is still enabled");
                }
            }
            System.out.println("\ntestAccessControlContextFailure() ends\n\n");
        }
    }

    // 2 begins

    /**
     * testPrivilegedExceptionActionSuccessed
     */

    public void testPrivilegedExceptionSuccessed() throws Exception {
        Java2SecTest.testResult = "testPrivielgedExceptionSuccessed failed";
        SecurityManager oldSM = null;
        String expectedString = "This line is from private.txt.";

        System.out.println("\ntestPrivilegedExceptionActionSuccessed() begins");
        // Check whether the security is enable or not.
        // If it is not enabled, turn it on
        oldSM = System.getSecurityManager();
        if (oldSM != null) {
            System.out.println("\nSecurity Manager is enabled.");
        } else {
            System.out.println("\nSecurity Manager is disabled.");
            System.out.println("Enabling the default Java Security Manager");
            System.setSecurityManager(new SecurityManager());
        }

        // Run test with AccessController.doPrivilege
        Action dp = new Action("private/private.txt");
        MorePermissionPrivilegedExceptionAction mp =
                new MorePermissionPrivilegedExceptionAction(dp, true);
        LessPermissionPrivilegedExceptionAction lp =
                new LessPermissionPrivilegedExceptionAction(mp, false);
        lp.takeAction();

        // Disable security manager if it is enabled by this testcsae
        if (System.getSecurityManager() != null && oldSM == null) {
            System.setSecurityManager(null);
            if (System.getSecurityManager() == null) {
                System.out.println("Security Manager is successfully disabled.");
            } else {
                System.out.println("Security Manager is still enabled");
            }
        }

        // Remove extra characters within the result string
        testResult = testResult.replaceAll("\\r", "");
        testResult = testResult.replaceAll("\\n", "");
        System.out.println("testDoPrivilege's result string is " + testResult);

        // Verify the test result by comparing the test result with expected string               
        assertTrue("The string contents do not match.",
                   expectedString.equalsIgnoreCase(testResult));
        System.out.println("\ntestDoPrivilegeSuccessed() ends\n\n");
    }


    /**
     * testPrivilegedExceptionActionFailure
     */

    public void testPrivilegedExceptionActionFailure() throws Exception {
        Java2SecTest.testResult = "testPrivilegedExceptionActionFailure failed.";
        SecurityManager oldSM = null;
        String expectedString = "This line is from private.txt.";

        System.out.println("\ntestPrivilegedExceptionActionFailure() begins");
        // Check whether the security is enable or not.
        // If it is not enabled, turn it on
        oldSM = System.getSecurityManager();
        if (oldSM != null) {
            System.out.println("\nSecurity Manager is enabled.");
        } else {
            System.out.println("\nSecurity Manager is disabled.");
            System.out.println("Enabling the default Java Security Manager");
            System.setSecurityManager(new SecurityManager());
        }

        // Run test with AccessController.doPrivilege
        Action dp = new Action("private/private.txt");
        MorePermissionPrivilegedExceptionAction mp =
                new MorePermissionPrivilegedExceptionAction(dp, false);
        LessPermissionPrivilegedExceptionAction lp =
                new LessPermissionPrivilegedExceptionAction(mp, true);
        try {
            mp.takeAction();
        } catch (Exception e) {
            // Verify the test result
            assertTrue("It is not the security exception.",
                       (e instanceof java.security.PrivilegedActionException));
        } finally {
            // Disable security manager if it is enabled by this testcsae
            if (System.getSecurityManager() != null && oldSM == null) {
                System.setSecurityManager(null);
                if (System.getSecurityManager() == null) {
                    System.out.println("Security Manager is successfully disabled.");
                } else {
                    System.out.println("Security Manager is still enabled");
                }
            }
            System.out.println("\ntestPrivilegedExceptionActionFailure() ends\n\n");
        }
    }

    /**
     * testCheckPermissionAllowed
     */

    public void testCheckPermissionAllowed() throws Exception {
        Java2SecTest.testResult = "testCheckPermissionAllowed failed.";
        SecurityManager oldSM = null;

        System.out.println("\ntestCheckPermissionAllowed() begins.\n");
        boolean allowed = false;
        String fileName = "public/public.txt";

        oldSM = System.getSecurityManager();
        if (oldSM != null) {
            System.out.println("\nSecurity Manager is enabled.");
        } else {
            System.out.println("\nSecurity Manager is disabled.");
            System.out.println("Enabling the default Java Security Manager");
            System.setSecurityManager(new SecurityManager());
        }

        try {
            // Print out maven's base,build, and test direcotories
            String baseDir = AbstractTestCase.basedir;
            System.out.println("basedir => " + baseDir);
            // Convert the \ (back slash) to / (forward slash)
            String baseDirM = baseDir.replace('\\', '/');
            System.out.println("baseDirM => " + baseDirM);
            String fs = "/";

            // Build the file URL
            String fileURL = baseDirM + fs + "test-resources" + fs + "java2sec" + fs + fileName;
            Permission perm = new java.io.FilePermission(fileURL, "read");
            AccessController.checkPermission(perm);
            allowed = true;
        } catch (Exception e) {
            if (e instanceof AccessControlException) {
                e.printStackTrace(System.out);
            }
        } finally {
            assertTrue("Accessing to public.txt file is denied; Test failed.", allowed);
            // Disable security manager if it is enabled by this testcsae
            if (System.getSecurityManager() != null && oldSM == null) {
                System.setSecurityManager(null);
                if (System.getSecurityManager() == null) {
                    System.out.println("Security Manager is successfully disabled.");
                } else {
                    System.out.println("Security Manager is still enabled");
                }
            }
            System.out.println("\ntestCheckPermissionAllowed() ends.\n");
        }

    }


    /**
     * testCheckPermissionDenied
     */

    public void testCheckPermissionDenied() throws Exception {
        Java2SecTest.testResult = "testCheckPermissionDenied failed";
        SecurityManager oldSM = null;

        System.out.println("\ntestCheckPermissionDenied() begins.\n");
        boolean denied = true;
        String fileName = "private/private.txt";

        oldSM = System.getSecurityManager();
        if (oldSM != null) {
            System.out.println("\nSecurity Manager is enabled.");
        } else {
            System.out.println("\nSecurity Manager is disabled.");
            System.out.println("Enabling the default Java Security Manager");
            System.setSecurityManager(new SecurityManager());
        }

        try {
            // Print out maven's base,build, and test direcotories
            String baseDir = AbstractTestCase.basedir;
            System.out.println("basedir => " + baseDir);

            // Convert the \ (back slash) to / (forward slash)
            String baseDirM = baseDir.replace('\\', '/');
            System.out.println("baseDirM => " + baseDirM);

            String fs = "/";

            // Build the file URL
            String fileURL = baseDirM + fs + "test-resources" + fs + "java2sec" + fs + fileName;
            Permission perm = new java.io.FilePermission(fileURL, "read");
            AccessController.checkPermission(perm);
            denied = false;
        } catch (Exception e) {
            if (!(e instanceof AccessControlException)) {
                denied = false;
            }
            e.printStackTrace(System.out);
        } finally {
            assertTrue("Accessing to private.txt file is allowed; Test failed.", denied);

            // Disable security manager if it is enabled by this testcsae
            if (System.getSecurityManager() != null && oldSM == null) {
                System.setSecurityManager(null);
                if (System.getSecurityManager() == null) {
                    System.out.println("Security Manager is successfully disabled.");
                } else {
                    System.out.println("Security Manager is still enabled");
                }
            }
            System.out.println("\ntestCheckPermissionDenied() ends.\n");
        }
    }
}

Other Axis 2 examples (source code examples)

Here is a short list of links related to this Axis 2 Java2SecTest.java source code file:

... this post is sponsored by my books ...

#1 New Release!

FP Best Seller

 

new blog posts

 

Copyright 1998-2021 Alvin Alexander, alvinalexander.com
All Rights Reserved.

A percentage of advertising revenue from
pages under the /java/jwarehouse URI on this website is
paid back to open source projects.