Old test/javax/xml/jaxp/unittest/validation/Bug6925531Test.java

   1 /*
   2  * Copyright (c) 2014, 2015, Oracle and/or its affiliates. All rights reserved.
   3  * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
   4  *
   5  * This code is free software; you can redistribute it and/or modify it
   6  * under the terms of the GNU General Public License version 2 only, as
   7  * published by the Free Software Foundation.
   8  *
   9  * This code is distributed in the hope that it will be useful, but WITHOUT
  10  * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
  11  * FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
  12  * version 2 for more details (a copy is included in the LICENSE file that
  13  * accompanied this code).
  14  *
  15  * You should have received a copy of the GNU General Public License version
  16  * 2 along with this work; if not, write to the Free Software Foundation,
  17  * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
  18  *
  19  * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
  20  * or visit www.oracle.com if you need additional information or have any
  21  * questions.
  22  */
  23 
  24 package validation;
  25 
  26 import java.io.ByteArrayInputStream;
  27 import java.io.IOException;
  28 import java.io.InputStreamReader;
  29 import java.security.AccessController;
  30 import java.security.AllPermission;
  31 import java.security.Permission;
  32 import java.security.Permissions;
  33 import java.security.PrivilegedAction;
  34 
  35 import javax.xml.XMLConstants;
  36 import javax.xml.transform.sax.SAXSource;
  37 import javax.xml.transform.stream.StreamSource;
  38 import javax.xml.validation.Schema;
  39 import javax.xml.validation.SchemaFactory;
  40 import javax.xml.validation.Validator;
  41 
  42 import org.testng.Assert;
  43 import org.testng.annotations.Test;
  44 import org.xml.sax.InputSource;
  45 import org.xml.sax.SAXException;
  46 import org.xml.sax.SAXNotRecognizedException;
  47 import org.xml.sax.SAXNotSupportedException;
  48 
  49 /*
  50  * @bug 6925531
  51  * @summary Test Validator can validate SAXSource when SecurityManager is set or FEATURE_SECURE_PROCESSING is on.
  52  */
  53 public class Bug6925531Test {
  54     static final String SCHEMA_LANGUAGE = "http://java.sun.com/xml/jaxp/properties/schemaLanguage";
  55     static final String SCHEMA_SOURCE = "http://java.sun.com/xml/jaxp/properties/schemaSource";
  56     String xsd = "<?xml version='1.0'?>\n" + "<schema xmlns='http://www.w3.org/2001/XMLSchema'\n" + "        xmlns:test='jaxp13_test'\n"
  57             + "        targetNamespace='jaxp13_test'\n" + "        elementFormDefault='qualified'>\n" + "    <element name='test' type='string'/>\n"
  58             + "</schema>\n";
  59 
  60     String xml = "<?xml version='1.0'?>\n" + "<ns:test xmlns:ns='jaxp13_test'>\n" + "    abc\n" + "</ns:test>\n";
  61 
  62     StreamSource xsdSource;
  63     SAXSource xmlSource;
  64 
  65     public void init() {
  66         InputStreamReader reader = new InputStreamReader(new ByteArrayInputStream(xsd.getBytes()));
  67         xsdSource = new StreamSource(reader);
  68         reader = new InputStreamReader(new ByteArrayInputStream(xml.getBytes()));
  69         InputSource inSource = new InputSource(reader);
  70         xmlSource = new SAXSource(inSource);
  71     }
  72 
  73     /**
  74      * when security manager is present, secure feature is on automatically
  75      */
  76     @Test
  77     public void test_SM() {
  78         init();
  79         Permissions granted = new java.security.Permissions();
  80         granted.add(new AllPermission());
  81 
  82         System.setSecurityManager(new MySM(granted));
  83 
  84         SchemaFactory schemaFactory = SchemaFactory.newInstance("http://www.w3.org/2001/XMLSchema");
  85 
  86         Schema schema = null;
  87         try {
  88             schema = schemaFactory.newSchema(xsdSource);
  89         } catch (SAXException e) {
  90             Assert.fail(e.toString());
  91         }
  92 
  93         Validator validator = schema.newValidator();
  94 
  95         try {
  96             validator.validate(xmlSource, null);
  97         } catch (SAXException e) {
  98             Assert.fail(e.toString());
  99         } catch (IOException e) {
 100             Assert.fail(e.toString());
 101         } finally {
 102             System.setSecurityManager(null);
 103         }
 104 
 105         System.out.println("OK");
 106     }
 107 
 108     /**
 109      * set secure feature on SchemaFactory
 110      */
 111     @Test
 112     public void test_SF() {
 113         init();
 114         AccessController.doPrivileged(new PrivilegedAction() {
 115             public Object run() {
 116                 System.setSecurityManager(null);
 117                 return null; // nothing to return
 118             }
 119         });
 120 
 121         SchemaFactory schemaFactory = SchemaFactory.newInstance("http://www.w3.org/2001/XMLSchema");
 122         try {
 123             schemaFactory.setFeature(XMLConstants.FEATURE_SECURE_PROCESSING, true);
 124         } catch (SAXNotRecognizedException ex) {
 125             System.out.println(ex.getMessage());
 126         } catch (SAXNotSupportedException ex) {
 127             System.out.println(ex.getMessage());
 128         }
 129 
 130         Schema schema = null;
 131         try {
 132             schema = schemaFactory.newSchema(xsdSource);
 133         } catch (SAXException e) {
 134             Assert.fail(e.toString());
 135         }
 136 
 137         Validator validator = schema.newValidator();
 138 
 139         try {
 140             validator.validate(xmlSource, null);
 141         } catch (SAXException e) {
 142             Assert.fail(e.toString());
 143         } catch (IOException e) {
 144             Assert.fail(e.toString());
 145         }
 146         System.out.println("OK");
 147     }
 148 
 149     /**
 150      * set secure feature on the Validator
 151      */
 152     @Test
 153     public void test_Val() {
 154         init();
 155         System.setSecurityManager(null);
 156         SchemaFactory schemaFactory = SchemaFactory.newInstance("http://www.w3.org/2001/XMLSchema");
 157 
 158         Schema schema = null;
 159         try {
 160             schema = schemaFactory.newSchema(xsdSource);
 161         } catch (SAXException e) {
 162             Assert.fail(e.toString());
 163         }
 164 
 165         Validator validator = schema.newValidator();
 166         try {
 167             validator.setFeature(XMLConstants.FEATURE_SECURE_PROCESSING, true);
 168         } catch (SAXNotRecognizedException ex) {
 169             System.out.println(ex.getMessage());
 170         } catch (SAXNotSupportedException ex) {
 171             System.out.println(ex.getMessage());
 172         }
 173 
 174         try {
 175             validator.validate(xmlSource, null);
 176         } catch (SAXException e) {
 177             Assert.fail(e.toString());
 178         } catch (IOException e) {
 179             Assert.fail(e.toString());
 180         }
 181         System.out.println("OK");
 182     }
 183 
 184     class MySM extends SecurityManager {
 185         Permissions granted;
 186 
 187         public MySM(Permissions perms) {
 188             granted = perms;
 189         }
 190 
 191         /**
 192          * The central point in checking permissions. Overridden from
 193          * java.lang.SecurityManager
 194          *
 195          * @param perm The permission requested.
 196          */
 197         @Override
 198         public void checkPermission(Permission perm) {
 199             if (granted.implies(perm)) {
 200                 return;
 201             }
 202             super.checkPermission(perm);
 203         }
 204 
 205     }
 206 }