Subset.java revision 2362
/*
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* under the terms of the GNU General Public License version 2 only, as
* published by the Free Software Foundation.
*
* This code is distributed in the hope that it will be useful, but WITHOUT
* ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
* FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
* version 2 for more details (a copy is included in the LICENSE file that
* accompanied this code).
*
* You should have received a copy of the GNU General Public License version
* 2 along with this work; if not, write to the Free Software Foundation,
* Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
*
* Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
* or visit www.oracle.com if you need additional information or have any
* questions.
*/
/*
* @test
* @author Ram Marti
* @bug 4326852
* @summary Retrive a subset of private credentials can be accessed
*/
/*
* Author : Ram Marti
* This is a test program to verify the fix for Bug 4326852
* (impossible to extract a subset of private credentials)
* The policy file used allows read access only to String classes.
* grant {
* permission javax.security.auth.AuthPermission \
* "modifyPrivateCredentials";
* permission javax.security.auth.PrivateCredentialPermission \
* "java.lang.String com.sun.security.auth.SolarisPrincipal \"user"", "read";
* };
* The test verifies the following:
* - String class creds can be retrieved by using
* getPrivateCredentials(String.class)
* - The above set is not backed internally
* - getPrivateCredentials(Boolean or Integer) returns an empty set
* - Set is returned by getPrivateCredentials() throws
* security exception when trying to access non-String
* class credentials
* - The above set is internally backed up and any changes in
* internal private creds are reflected in the set returned
* - When the above set throws security exception the iterator
* - is advanced to the next item in the list of creds.
* - equals,contains,containsAll,add,remove operations work correctly
*/
public class Subset {
int exceptionCounter =0;
new Subject(false, //readOnly
creds);
/* Test principals */
try {
throw new Exception ("Error: Contains the collection");
} else
} catch (SecurityException e) {
throw new Exception ("Error: Exception in containsAll (string coll)!!");
}
throw new Exception("Error:p1 size should have been 6 and was " +
}
new Subject(false, //readOnly
creds);
throw new Exception("Error: p2 size should have been 3 and was " +
}
try {
} catch (SecurityException e) {
}
}
if (exceptionCounter != 2) {
throw new Exception("Expected number of exceptions was 2 " +
"The actual number was " + exceptionCounter);
}
// Verify that remove op was successful
throw new RuntimeException("Error: p2 size should have been 2 and was " +
}
try {
throw new RuntimeException("Error in adding string");
}
throw new RuntimeException("Error in adding Integer");
}
throw new RuntimeException("Error in addAll");
}
} catch (Exception e){
e.printStackTrace();
throw new RuntimeException("Unexpected exception in add");
}
try {
} catch (SecurityException e) {
// System.out.println("Exception!!");
}
}
new Subject(false, //readOnly
creds1);
try {
} catch (SecurityException e) {
}
try {
"Size of ObjCred is " +
);
throw new RuntimeException("Error:Equals ObjCred *** ");
else
} catch (SecurityException e) {
throw new RuntimeException("Error:Should not get an Exception in equals of creds3");
}
try {
"Size of ObjCred is " +
);
throw new RuntimeException ("Error: Equals ObjCred");
else
throw new RuntimeException ("Error: Does not Equal Objcred");
} catch (SecurityException e) {
}
/* We can store only string types of creds
* Let us create a subject with only string type of creds
*/
new Subject(false, //readOnly
creds2);
try {
} catch (SecurityException e) {
throw new RuntimeException(" Error: Exception in ObjAr- String!!");
}
/*
* New subject scontain1, set p3, creds4
*/
new Subject(false, //readOnly
creds4);
try {
else
throw new RuntimeException ("Error Does not Contain the stringcred exists");
} catch (SecurityException e) {
throw new RuntimeException("Error:Exception!!");
}
try {
throw new RuntimeException ("Error:Equals ObjCred");
else
throw new RuntimeException ("Error:Does not Equal Objcred");
} catch (SecurityException e) {
}
try {
throw new RuntimeException ("Error:Contains integer cred");
else
throw new RuntimeException ("Error:Does not Contain integer cred");
} catch (SecurityException e) {
}
try {
throw new RuntimeException ("Error: Contains the collection");
else
} catch (SecurityException e) {
throw new RuntimeException("Error: Exception in containsAll (string coll)!!");
}
try {
else
throw new RuntimeException ("Error:Does not Contain the collection");
} catch (SecurityException e) {
throw new RuntimeException("Error: Exception in containsAll (string coll)!!");
}
try {
else
} catch (SecurityException e) {
}
try {
throw new RuntimeException ("Error: Contains the String does not exist");
else
} catch (SecurityException e) {
throw new RuntimeException("Error: Exception in Contains!!");
}
exceptionCounter =0;
{
try {
} catch (SecurityException e) {
}
}
try {
else
throw new RuntimeException ("Error: RetainAll did not succeed");
} catch (SecurityException e) {
e.printStackTrace();
throw new RuntimeException("Error: Unexpected Exception in retainAll!");
}
{
try {
} catch (SecurityException e) {
}
}
try {
} catch (SecurityException e) {
}
}
exceptionCounter =0;
try {
} catch (SecurityException e) {
}
}
// We added two integer creds so there must be two exceptions only
if (exceptionCounter != 2) {
throw new RuntimeException("Expected 2 Exceptions; received " +
exceptionCounter + "exceptions ");
}
try {
} catch (SecurityException e) {
throw new RuntimeException(" Error: removeAll Security Exception!!");
}
exceptionCounter = 0;
try {
} catch (SecurityException e) {
}
}
// We had two integer creds; removed one as a part of coll2; so
// only one exception must have been thrown
if (exceptionCounter != 1) {
throw new RuntimeException("Expected 1 Exceptions; received " +
exceptionCounter + "exceptions ");
}
try {
} catch (SecurityException e) {
throw new RuntimeException(" Error: Clear Security Exception!!");
}
/* New subject s with creds and privCredSet
*
*/
Subject s =
new Subject(false, //readOnly
creds);
try {
throw new RuntimeException("Error:String Privcred size should have been 0 and was " +
privCredSet.size());
}
} catch (Exception e) {
}
try {
throw new RuntimeException("Error:String Privcred size should have been 2 and was " +
privCredSet.size());
}
/*
* Since the privCredSet is not backed by internal private
* creds adding to it should not make any difference to
* privCredSet and theize should still be 3
*/
throw new RuntimeException("Error:String Privcred size should have been 2 and was " +
privCredSet.size());
}
/*
* Let us try to get the elements
* No exception should occur
*/
try {
} catch (SecurityException e) {
}
}
} catch (Exception e) {
e.printStackTrace();
throw new RuntimeException("Unexcpected Exception");
}
/*
* Can we add and remove the creds
*/
// We don't have permission to read Boolean creds
// SInce the creds have no boolean creds we should get an empty
// set
try {
throw new RuntimeException("Error:String PrivcredSet1 of Boolean size should have been 0 and was " +
privCredSet1.size());
}
} catch (SecurityException e) {
e.printStackTrace();
throw new RuntimeException("Unexcpected Exception");
}
/*
* We don't have permission to read Integer creds
* We should get an empty set even though the private creds
* has an integer cred. No security exception either !
*/
try {
throw new RuntimeException("Error:String PrivcredSet1 of Integer size should have been 0 and was " +
privCredSet1.size());
}
} catch (SecurityException e) {
}
throw new RuntimeException("Error:String PrivcredSet1 size should have been 4 and was " +
privCredSet2.size());
}
/*
* Since the returned privCredSet2 is internally backed by the
* private creds, any additions to it should be reflected in
* privcredSet2
*/
throw new RuntimeException("Error:String PrivcredSet1 size should have been 5 and was " +
privCredSet2.size());
}
throw new RuntimeException("String privCredSet2 size should have been 5 and was " +
privCredSet2.size());
}
/* Let us add a couple of Boolean creds */
exceptionCounter =0;
{
try {
} catch (SecurityException e) {
}
}
if (exceptionCounter != 3) {
throw new RuntimeException("Expected number of exception was 3 " +
"The actual number was " + exceptionCounter);
}
try {
} catch (SecurityException e) {
}
}
}