test/javax/xml/jaxp/unittest/xpath/SecureProcessingTest.java

@@ -1,7 +1,7 @@
 /*
- * Copyright (c) 2014, 2015, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 2014, 2016, Oracle and/or its affiliates. All rights reserved.
  * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
  *
  * This code is free software; you can redistribute it and/or modify it
  * under the terms of the GNU General Public License version 2 only, as
  * published by the Free Software Foundation.

@@ -21,10 +21,11 @@
  * questions.
  */
 
 package xpath;
 
+import java.io.FilePermission;
 import java.io.IOException;
 import java.io.InputStream;
 import java.util.Iterator;
 import java.util.List;
 

@@ -40,31 +41,33 @@
 import javax.xml.xpath.XPathFactoryConfigurationException;
 import javax.xml.xpath.XPathFunction;
 import javax.xml.xpath.XPathFunctionException;
 import javax.xml.xpath.XPathFunctionResolver;
 
+import jaxp.library.JAXPTestUtilities;
+
 import org.testng.Assert;
 import org.testng.annotations.Test;
 import org.w3c.dom.Document;
 import org.xml.sax.SAXException;
 
 /*
  * @summary Test when FEATURE_SECURE_PROCESSING is true, calling an external function will cause XPathFunctionException.
  */
+@Test(singleThreaded = true)
 public class SecureProcessingTest {
-    static boolean _isSecureMode = false;
-    static {
-        if (System.getSecurityManager() != null) {
-            _isSecureMode = true;
-            System.out.println("Security Manager is present");
-        } else {
-            System.out.println("Security Manager is NOT present");
+    public void runWithSecurityManager() throws Exception {
+        JAXPTestUtilities.tryRunWithPolicyManager(() -> testSecureProcessing(),
+                new FilePermission(System.getProperty("test.src") + "/-", "read"));
         }
+
+    public void runWithoutSecurityManager() throws Exception {
+        testSecureProcessing();
     }
 
-    @Test
-    public final void testSecureProcessing() {
+    private final void testSecureProcessing() {
+        boolean _isSecureMode = System.getSecurityManager() != null;
 
         final String XPATH_EXPRESSION = "ext:helloWorld()";
 
         // the xml source
         InputStream xmlStream = this.getClass().getResourceAsStream("SecureProcessingTest.xml");

@@ -148,28 +151,28 @@
         if (!securityException) {
             Assert.fail("XPath result (SECURE_PROCESSING == true) = \"" + xPathResult + "\"");
         }
     }
 
-    public class MyXPathFunctionResolver implements XPathFunctionResolver {
+    private class MyXPathFunctionResolver implements XPathFunctionResolver {
 
         public XPathFunction resolveFunction(QName functionName, int arity) {
 
             // not a real ewsolver, always return a default XPathFunction
             return new MyXPathFunction();
         }
     }
 
-    public class MyXPathFunction implements XPathFunction {
+    private class MyXPathFunction implements XPathFunction {
 
         public Object evaluate(List list) throws XPathFunctionException {
 
             return "Hello World";
         }
     }
 
-    public class MyNamespaceContext implements NamespaceContext {
+    private class MyNamespaceContext implements NamespaceContext {
 
         public String getNamespaceURI(String prefix) {
             if (prefix == null) {
                 throw new IllegalArgumentException("The prefix cannot be null.");
             }