1 /*
2 * Copyright (c) 2013, Oracle and/or its affiliates. All rights reserved.
3 * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
4 *
5 * This code is free software; you can redistribute it and/or modify it
6 * under the terms of the GNU General Public License version 2 only, as
7 * published by the Free Software Foundation.
8 *
9 * This code is distributed in the hope that it will be useful, but WITHOUT
10 * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
11 * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
12 * version 2 for more details (a copy is included in the LICENSE file that
13 * accompanied this code).
14 *
15 * You should have received a copy of the GNU General Public License version
16 * 2 along with this work; if not, write to the Free Software Foundation,
17 * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
18 *
19 * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
20 * or visit www.oracle.com if you need additional information or have any
21 * questions.
22 */
23 /**
24 * @test
25 * @bug 8004476
26 * @summary test XPath extension functions
27 * @run main/othervm XPathExFuncTest
28 */
29 import java.io.FileInputStream;
30 import java.io.InputStream;
31 import java.security.AllPermission;
32 import java.security.CodeSource;
33 import java.security.Permission;
34 import java.security.PermissionCollection;
35 import java.security.Permissions;
36 import java.security.Policy;
37 import java.security.ProtectionDomain;
38 import java.util.Iterator;
39 import java.util.List;
40 import javax.xml.XMLConstants;
41 import javax.xml.namespace.NamespaceContext;
42 import javax.xml.namespace.QName;
43 import javax.xml.parsers.DocumentBuilder;
44 import javax.xml.parsers.DocumentBuilderFactory;
45 import javax.xml.xpath.XPath;
46 import javax.xml.xpath.XPathExpressionException;
47 import javax.xml.xpath.XPathFactory;
48 import javax.xml.xpath.XPathFactoryConfigurationException;
49 import javax.xml.xpath.XPathFunction;
50 import javax.xml.xpath.XPathFunctionException;
51 import javax.xml.xpath.XPathFunctionResolver;
52 import org.w3c.dom.Document;
53
54 /**
55 * test XPath extension functions
56 *
57 * @author huizhe.wang@oracle.com
58 */
59 public class XPathExFuncTest extends TestBase {
60
61 final static String ENABLE_EXTENSION_FUNCTIONS = "http://www.oracle.com/xml/jaxp/properties/enableExtensionFunctions";
62 final static String CLASSNAME = "DocumentBuilderFactoryImpl";
63 final String XPATH_EXPRESSION = "ext:helloWorld()";
64
65 /**
66 * Creates a new instance of StreamReader
67 */
68 public XPathExFuncTest(String name) {
69 super(name);
70 }
71 boolean hasSM;
72 String xslFile, xslFileId;
73 String xmlFile, xmlFileId;
74
75 protected void setUp() {
76 super.setUp();
77 xmlFile = filepath + "/SecureProcessingTest.xml";
78
79 }
80
81 /**
82 * @param args the command line arguments
83 */
84 public static void main(String[] args) {
85 XPathExFuncTest test = new XPathExFuncTest("OneTest");
86 test.setUp();
87
88 test.testExtFunc();
89 test.testExtFuncNotAllowed();
90 test.testEnableExtFunc();
91 test.tearDown();
92
93 }
94
95 /**
96 * by default, extension function is enabled
97 */
98 public void testExtFunc() {
99
100 try {
101 evaluate(false);
102 System.out.println("testExtFunc: OK");
103 } catch (XPathFactoryConfigurationException e) {
104 fail(e.getMessage());
105 } catch (XPathExpressionException e) {
106 fail(e.getMessage());
107 }
108 }
109
110 /**
111 * Security is enabled, extension function not allowed
112 */
113 public void testExtFuncNotAllowed() {
114 Policy p = new SimplePolicy(new AllPermission());
115 Policy.setPolicy(p);
116 System.setSecurityManager(new SecurityManager());
117
118 try {
119 evaluate(false);
120 } catch (XPathFactoryConfigurationException e) {
121 fail(e.getMessage());
122 } catch (XPathExpressionException ex) {
123 //expected since extension function is disallowed
124 System.out.println("testExtFuncNotAllowed: OK");
125 } finally {
126 System.setSecurityManager(null);
127 }
128 }
129
130 /**
131 * Security is enabled, use new feature: enableExtensionFunctions
132 */
133 public void testEnableExtFunc() {
134 Policy p = new SimplePolicy(new AllPermission());
135 Policy.setPolicy(p);
136 System.setSecurityManager(new SecurityManager());
137
138
139 try {
140 evaluate(true);
141 System.out.println("testEnableExt: OK");
142 } catch (XPathFactoryConfigurationException e) {
143 fail(e.getMessage());
144 } catch (XPathExpressionException e) {
145 fail(e.getMessage());
146 } finally {
147 System.setSecurityManager(null);
148 }
149 }
150
151 Document getDocument() {
152 // the xml source
153 DocumentBuilderFactory documentBuilderFactory = DocumentBuilderFactory.newInstance();
154 DocumentBuilder documentBuilder = null;
155 Document document = null;
156
157 try {
158 documentBuilder = documentBuilderFactory.newDocumentBuilder();
159 InputStream xmlStream = new FileInputStream(xmlFile);
160 document = documentBuilder.parse(xmlStream);
161 } catch (Exception e) {
162 fail(e.toString());
163 }
164 return document;
165 }
166
167 void evaluate(boolean enableExt) throws XPathFactoryConfigurationException, XPathExpressionException {
168 Document document = getDocument();
169
170 XPathFactory xPathFactory = XPathFactory.newInstance();
171 /**
172 * Use of the extension function 'http://exslt.org/strings:tokenize' is
173 * not allowed when the secure processing feature is set to true.
174 * Attempt to use the new property to enable extension function
175 */
176 if (enableExt) {
177 boolean isExtensionSupported = enableExtensionFunction(xPathFactory);
178 }
179
180 xPathFactory.setXPathFunctionResolver(new MyXPathFunctionResolver());
181 if (System.getSecurityManager() == null) {
182 xPathFactory.setFeature(XMLConstants.FEATURE_SECURE_PROCESSING, false);
183 }
184
185 XPath xPath = xPathFactory.newXPath();
186 xPath.setNamespaceContext(new MyNamespaceContext());
187
188 String xPathResult = xPath.evaluate(XPATH_EXPRESSION, document);
189 System.out.println(
190 "XPath result (enableExtensionFunction == " + enableExt + ") = \""
191 + xPathResult
192 + "\"");
193 }
194
195 public class MyXPathFunctionResolver
196 implements XPathFunctionResolver {
197
198 public XPathFunction resolveFunction(QName functionName, int arity) {
199
200 // not a real ewsolver, always return a default XPathFunction
201 return new MyXPathFunction();
202 }
203 }
204
205 public class MyXPathFunction
206 implements XPathFunction {
207
208 public Object evaluate(List list) throws XPathFunctionException {
209
210 return "Hello World";
211 }
212 }
213
214 public class MyNamespaceContext implements NamespaceContext {
215
216 public String getNamespaceURI(String prefix) {
217 if (prefix == null) {
218 throw new IllegalArgumentException("The prefix cannot be null.");
219 }
220
221 if (prefix.equals("ext")) {
222 return "http://ext.com";
223 } else {
224 return null;
225 }
226 }
227
228 public String getPrefix(String namespace) {
229
230 if (namespace == null) {
231 throw new IllegalArgumentException("The namespace uri cannot be null.");
232 }
233
234 if (namespace.equals("http://ext.com")) {
235 return "ext";
236 } else {
237 return null;
238 }
239 }
240
241 public Iterator getPrefixes(String namespace) {
242 return null;
243 }
244 }
245
246 boolean enableExtensionFunction(XPathFactory factory) {
247 boolean isSupported = true;
248 try {
249 factory.setFeature(ENABLE_EXTENSION_FUNCTIONS, true);
250 } catch (XPathFactoryConfigurationException ex) {
251 isSupported = false;
252 }
253 return isSupported;
254 }
255
256 class SimplePolicy extends Policy {
257
258 private final Permissions perms;
259
260 public SimplePolicy(Permission... permissions) {
261 perms = new Permissions();
262 for (Permission permission : permissions) {
263 perms.add(permission);
264 }
265 }
266
267 @Override
268 public PermissionCollection getPermissions(CodeSource cs) {
269 return perms;
270 }
271
272 @Override
273 public PermissionCollection getPermissions(ProtectionDomain pd) {
274 return perms;
275 }
276
277 @Override
278 public boolean implies(ProtectionDomain pd, Permission p) {
279 return perms.implies(p);
280 }
281
282 //for older jdk
283 @Override
284 public void refresh() {
285 }
286 }
287 }