--- old/test/java/sql/util/BaseTest.java 2014-08-21 13:52:32.000000000 -0400 +++ new/test/java/sql/util/BaseTest.java 2014-08-21 13:52:31.000000000 -0400 @@ -27,6 +27,7 @@ import java.io.IOException; import java.io.ObjectInputStream; import java.io.ObjectOutputStream; +import java.security.Policy; import java.sql.SQLException; import org.testng.annotations.AfterClass; import org.testng.annotations.AfterMethod; @@ -88,4 +89,12 @@ } return o1; } + + /* + * Utility Method used to set the current Policy + */ + protected static void setPolicy(Policy p) { + Policy.setPolicy(p); + //System.out.println("\n" + Policy.getPolicy()); + } } --- old/test/javax/sql/testng/util/BaseTest.java 2014-08-21 13:52:33.000000000 -0400 +++ new/test/javax/sql/testng/util/BaseTest.java 2014-08-21 13:52:33.000000000 -0400 @@ -27,6 +27,7 @@ import java.io.IOException; import java.io.ObjectInputStream; import java.io.ObjectOutputStream; +import java.security.Policy; import java.sql.SQLException; import org.testng.annotations.AfterClass; import org.testng.annotations.AfterMethod; @@ -88,4 +89,12 @@ } return o1; } + + /* + * Utility Method used to set the current Policy + */ + protected static void setPolicy(Policy p) { + Policy.setPolicy(p); + //System.out.println("\n" + Policy.getPolicy()); + } } --- /dev/null 2014-08-21 13:52:34.000000000 -0400 +++ new/test/java/sql/test/sql/DriverManagerPermissionsTests.java 2014-08-21 13:52:34.000000000 -0400 @@ -0,0 +1,154 @@ +/* + * Copyright (c) 2014, Oracle and/or its affiliates. All rights reserved. + * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. + * + * This code is free software; you can redistribute it and/or modify it + * under the terms of the GNU General Public License version 2 only, as + * published by the Free Software Foundation. + * + * This code is distributed in the hope that it will be useful, but WITHOUT + * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or + * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License + * version 2 for more details (a copy is included in the LICENSE file that + * accompanied this code). + * + * You should have received a copy of the GNU General Public License version + * 2 along with this work; if not, write to the Free Software Foundation, + * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. + * + * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA + * or visit www.oracle.com if you need additional information or have any + * questions. + */ +package test.sql; + +import java.security.AccessControlException; +import java.security.Policy; +import java.sql.DriverManager; +import java.sql.SQLException; +import org.testng.annotations.AfterClass; +import org.testng.annotations.BeforeClass; +import org.testng.annotations.Test; +import util.BaseTest; +import util.StubDriver; +import util.TestPolicy; + +public class DriverManagerPermissionsTests extends BaseTest { + + private static Policy policy; + private static SecurityManager sm; + + /* + * Install a SecurityManager along with a base Policy to allow testNG to run + */ + @BeforeClass + public static void setUpClass() throws Exception { + setPolicy(new TestPolicy()); + System.setSecurityManager(new SecurityManager()); + } + + /* + * Install the original Policy and SecurityManager + */ + @AfterClass + public static void tearDownClass() throws Exception { + System.setSecurityManager(sm); + setPolicy(policy); + } + + /* + * Save off the original Policy and SecurityManager + */ + public DriverManagerPermissionsTests() { + policy = Policy.getPolicy(); + sm = System.getSecurityManager(); + } + + /* + * Validate that AccessControlException is thrown if SQLPermission("setLog") + * has not been granted + */ + @Test(expectedExceptions = AccessControlException.class) + public void test() { + setPolicy(new TestPolicy()); + DriverManager.setLogStream(null); + } + + /* + * Validate that setLogStream succeeds if SQLPermission("setLog") has been + * granted + */ + @Test + public void test1() { + Policy.setPolicy(new TestPolicy("setLog")); + DriverManager.setLogStream(null); + } + + /* + * Validate that setLogStream succeeds if AllPermissions has been granted + */ + @Test + public void test2() { + setPolicy(new TestPolicy("all")); + DriverManager.setLogStream(null); + } + + /* + * Validate that AccessControlException is thrown if SQLPermission("setLog") + * has not been granted + */ + @Test(expectedExceptions = AccessControlException.class) + public void test4() { + setPolicy(new TestPolicy()); + DriverManager.setLogWriter(null); + } + + /* + * Validate that setLogWriter succeeds if SQLPermission("setLog") has been + * granted + */ + @Test + public void test5() { + setPolicy(new TestPolicy("setLog")); + DriverManager.setLogWriter(null); + } + + /* + * Validate that setLogWriter succeeds if AllPermissions has been granted + */ + @Test + public void test6() { + setPolicy(new TestPolicy("all")); + DriverManager.setLogWriter(null); + } + + /* + * Validate that AccessControlException is thrown if + * SQLPermission("deregisterDriver") has not been granted + */ + @Test(expectedExceptions = AccessControlException.class) + public void test7() throws SQLException { + setPolicy(new TestPolicy()); + DriverManager.deregisterDriver(new StubDriver()); + } + + /* + * Validate that deregisterDriver succeeds if + * SQLPermission("deregisterDriver") has been granted + */ + @Test + public void test8() throws SQLException { + setPolicy(new TestPolicy("deregisterDriver")); + DriverManager.deregisterDriver(new StubDriver()); + } + + /* + * Validate that deregisterDriver succeeds if AllPermissions has been + * granted + */ + @Test + public void test9() throws SQLException { + setPolicy(new TestPolicy("all")); + DriverManager.deregisterDriver(new StubDriver()); + } +} --- /dev/null 2014-08-21 13:52:35.000000000 -0400 +++ new/test/java/sql/util/TestPolicy.java 2014-08-21 13:52:35.000000000 -0400 @@ -0,0 +1,135 @@ +/* + * Copyright (c) 2014, Oracle and/or its affiliates. All rights reserved. + * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. + * + * This code is free software; you can redistribute it and/or modify it + * under the terms of the GNU General Public License version 2 only, as + * published by the Free Software Foundation. + * + * This code is distributed in the hope that it will be useful, but WITHOUT + * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or + * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License + * version 2 for more details (a copy is included in the LICENSE file that + * accompanied this code). + * + * You should have received a copy of the GNU General Public License version + * 2 along with this work; if not, write to the Free Software Foundation, + * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. + * + * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA + * or visit www.oracle.com if you need additional information or have any + * questions. + */ +package util; + +import java.io.FilePermission; +import java.security.AllPermission; +import java.security.CodeSource; +import java.security.Permission; +import java.security.PermissionCollection; +import java.security.Permissions; +import java.security.Policy; +import java.security.ProtectionDomain; +import java.security.SecurityPermission; +import java.sql.SQLPermission; +import java.util.Enumeration; +import java.util.PropertyPermission; +import java.util.StringJoiner; + +/* + * Simple Policy class that supports the required Permissions to validate the + * JDBC concrete classes + */ +public class TestPolicy extends Policy { + + final PermissionCollection permissions = new Permissions(); + + /** + * Constructor which sets the minimum permissions allowing testNG to work + * with a SecurityManager + */ + public TestPolicy() { + setMinimalPermissions(); + } + + /* + * Constructor which determines which permissions are defined for this + * Policy used by the JDBC tests Possible values are: all (ALLPermissions), + * setLog (SQLPemission("setLog"), deregisterDriver + * (SQLPermission("deregisterDriver") (SQLPermission("deregisterDriver"), + * and setSyncFactory(SQLPermission(setSyncFactory), + * + * @param policy Permissions to set + */ + public TestPolicy(String policy) { + + switch (policy) { + case "all": + permissions.add(new AllPermission()); + break; + case "setLog": + setMinimalPermissions(); + permissions.add(new SQLPermission("setLog")); + break; + case "deregisterDriver": + setMinimalPermissions(); + permissions.add(new SQLPermission("deregisterDriver")); + break; + case "setSyncFactory": + setMinimalPermissions(); + permissions.add(new SQLPermission("setSyncFactory")); + break; + default: + setMinimalPermissions(); + } + } + + /* + * Defines the minimal permissions required by testNG when running these + * tests + */ + private void setMinimalPermissions() { + permissions.add(new SecurityPermission("getPolicy")); + permissions.add(new SecurityPermission("setPolicy")); + permissions.add(new RuntimePermission("getClassLoader")); + permissions.add(new RuntimePermission("setSecurityManager")); + permissions.add(new RuntimePermission("createSecurityManager")); + permissions.add(new PropertyPermission("testng.show.stack.frames", + "read")); + permissions.add(new PropertyPermission("line.separator", "read")); + permissions.add(new PropertyPermission("fileStringBuffer", "read")); + permissions.add(new PropertyPermission("dataproviderthreadcount", "read")); + permissions.add(new PropertyPermission("java.io.tmpdir", "read")); + permissions.add(new FilePermission("<>", + "read, write, delete")); + } + + /* + * Overloaded methods from the Policy class + */ + @Override + public String toString() { + StringJoiner sj = new StringJoiner("\n", "policy: ", ""); + Enumeration perms = permissions.elements(); + while (perms.hasMoreElements()) { + sj.add(perms.nextElement().toString()); + } + return sj.toString(); + + } + + @Override + public PermissionCollection getPermissions(ProtectionDomain domain) { + return permissions; + } + + @Override + public PermissionCollection getPermissions(CodeSource codesource) { + return permissions; + } + + @Override + public boolean implies(ProtectionDomain domain, Permission perm) { + return permissions.implies(perm); + } +} --- /dev/null 2014-08-21 13:52:36.000000000 -0400 +++ new/test/javax/sql/testng/test/rowset/spi/SyncFactoryPermissionsTests.java 2014-08-21 13:52:36.000000000 -0400 @@ -0,0 +1,107 @@ +/* + * Copyright (c) 2014, Oracle and/or its affiliates. All rights reserved. + * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. + * + * This code is free software; you can redistribute it and/or modify it + * under the terms of the GNU General Public License version 2 only, as + * published by the Free Software Foundation. + * + * This code is distributed in the hope that it will be useful, but WITHOUT + * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or + * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License + * version 2 for more details (a copy is included in the LICENSE file that + * accompanied this code). + * + * You should have received a copy of the GNU General Public License version + * 2 along with this work; if not, write to the Free Software Foundation, + * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. + * + * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA + * or visit www.oracle.com if you need additional information or have any + * questions. + */ +package test.rowset.spi; + +import java.security.AccessControlException; +import java.security.Policy; +import java.util.logging.Level; +import java.util.logging.Logger; +import javax.naming.Context; +import javax.naming.InitialContext; +import javax.naming.NamingException; +import javax.sql.rowset.spi.SyncFactory; +import org.testng.annotations.AfterClass; +import org.testng.annotations.BeforeClass; +import org.testng.annotations.Test; +import util.BaseTest; +import util.TestPolicy; + +public class SyncFactoryPermissionsTests extends BaseTest { + + Context ctx; + private static Policy policy; + private static SecurityManager sm; + + /* + * Install a SeeurityManager along with a base Policy to allow testNG to run + */ + @BeforeClass + public static void setUpClass() throws Exception { + setPolicy(new TestPolicy()); + System.setSecurityManager(new SecurityManager()); + } + + /* + * Install the original Policy and SecurityManager + */ + @AfterClass + public static void tearDownClass() throws Exception { + System.setSecurityManager(sm); + setPolicy(policy); + } + + /* + * Initialize a Context to be used in our tests. + * Save off the original Policy and SecurityManager + */ + public SyncFactoryPermissionsTests() { + policy = Policy.getPolicy(); + sm = System.getSecurityManager(); + + try { + ctx = new InitialContext(); + } catch (NamingException ex) { + Logger.getLogger(SyncFactoryPermissionsTests.class.getName()). + log(Level.SEVERE, null, ex); + } + } + + /* + * Validate that AccessControlException is thrown if + * SQLPermission("setSyncFactory") has not been granted + */ + @Test(expectedExceptions = AccessControlException.class) + public void test() throws Exception { + setPolicy(new TestPolicy()); + SyncFactory.setJNDIContext(ctx); + } + + /* + * Validate that setJNDIContext succeeds if SQLPermission("setSyncFactory") + * has been granted + */ + @Test + public void test1() throws Exception { + Policy.setPolicy(new TestPolicy("setSyncFactory")); + SyncFactory.setJNDIContext(ctx); + } + + /* + * Validate that setJNDIContext succeeds if AllPermissions has been granted + */ + @Test + public void test2() throws Exception { + setPolicy(new TestPolicy("all")); + SyncFactory.setJNDIContext(ctx); + } +} --- /dev/null 2014-08-21 13:52:37.000000000 -0400 +++ new/test/javax/sql/testng/util/TestPolicy.java 2014-08-21 13:52:37.000000000 -0400 @@ -0,0 +1,135 @@ +/* + * Copyright (c) 2014, Oracle and/or its affiliates. All rights reserved. + * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. + * + * This code is free software; you can redistribute it and/or modify it + * under the terms of the GNU General Public License version 2 only, as + * published by the Free Software Foundation. + * + * This code is distributed in the hope that it will be useful, but WITHOUT + * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or + * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License + * version 2 for more details (a copy is included in the LICENSE file that + * accompanied this code). + * + * You should have received a copy of the GNU General Public License version + * 2 along with this work; if not, write to the Free Software Foundation, + * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. + * + * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA + * or visit www.oracle.com if you need additional information or have any + * questions. + */ +package util; + +import java.io.FilePermission; +import java.security.AllPermission; +import java.security.CodeSource; +import java.security.Permission; +import java.security.PermissionCollection; +import java.security.Permissions; +import java.security.Policy; +import java.security.ProtectionDomain; +import java.security.SecurityPermission; +import java.sql.SQLPermission; +import java.util.Enumeration; +import java.util.PropertyPermission; +import java.util.StringJoiner; + +/* + * Simple Policy class that supports the required Permissions to validate the + * JDBC concrete classes + */ +public class TestPolicy extends Policy { + + final PermissionCollection permissions = new Permissions(); + + /** + * Constructor which sets the minimum permissions allowing testNG to work + * with a SecurityManager + */ + public TestPolicy() { + setMinimalPermissions(); + } + + /* + * Constructor which determines which permissions are defined for this + * Policy used by the JDBC tests Possible values are: all (ALLPermissions), + * setLog (SQLPemission("setLog"), deregisterDriver + * (SQLPermission("deregisterDriver") (SQLPermission("deregisterDriver"), + * and setSyncFactory(SQLPermission(setSyncFactory), + * + * @param policy Permissions to set + */ + public TestPolicy(String policy) { + + switch (policy) { + case "all": + permissions.add(new AllPermission()); + break; + case "setLog": + setMinimalPermissions(); + permissions.add(new SQLPermission("setLog")); + break; + case "deregisterDriver": + setMinimalPermissions(); + permissions.add(new SQLPermission("deregisterDriver")); + break; + case "setSyncFactory": + setMinimalPermissions(); + permissions.add(new SQLPermission("setSyncFactory")); + break; + default: + setMinimalPermissions(); + } + } + + /* + * Defines the minimal permissions required by testNG when running these + * tests + */ + private void setMinimalPermissions() { + permissions.add(new SecurityPermission("getPolicy")); + permissions.add(new SecurityPermission("setPolicy")); + permissions.add(new RuntimePermission("getClassLoader")); + permissions.add(new RuntimePermission("setSecurityManager")); + permissions.add(new RuntimePermission("createSecurityManager")); + permissions.add(new PropertyPermission("testng.show.stack.frames", + "read")); + permissions.add(new PropertyPermission("line.separator", "read")); + permissions.add(new PropertyPermission("fileStringBuffer", "read")); + permissions.add(new PropertyPermission("dataproviderthreadcount", "read")); + permissions.add(new PropertyPermission("java.io.tmpdir", "read")); + permissions.add(new FilePermission("<>", + "read, write, delete")); + } + + /* + * Overloaded methods from the Policy class + */ + @Override + public String toString() { + StringJoiner sj = new StringJoiner("\n", "policy: ", ""); + Enumeration perms = permissions.elements(); + while (perms.hasMoreElements()) { + sj.add(perms.nextElement().toString()); + } + return sj.toString(); + + } + + @Override + public PermissionCollection getPermissions(ProtectionDomain domain) { + return permissions; + } + + @Override + public PermissionCollection getPermissions(CodeSource codesource) { + return permissions; + } + + @Override + public boolean implies(ProtectionDomain domain, Permission perm) { + return permissions.implies(perm); + } +}