1 /* 2 * Copyright (c) 2006, 2015, Oracle and/or its affiliates. All rights reserved. 3 * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. 4 * 5 * This code is free software; you can redistribute it and/or modify it 6 * under the terms of the GNU General Public License version 2 only, as 7 * published by the Free Software Foundation. 8 * 9 * This code is distributed in the hope that it will be useful, but WITHOUT 10 * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or 11 * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License 12 * version 2 for more details (a copy is included in the LICENSE file that 13 * accompanied this code). 14 * 15 * You should have received a copy of the GNU General Public License version 16 * 2 along with this work; if not, write to the Free Software Foundation, 17 * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. 18 * 19 * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA 20 * or visit www.oracle.com if you need additional information or have any 21 * questions. 22 */ 23 24 /* 25 * @test AnnotationSecurityTest.java 26 * @bug 6366543 6370080 27 * @summary Test that having a security manager doesn't trigger a 28 * NotCompliantMBeanException 29 * @author Daniel Fuchs, Yves Joan 30 * @modules java.desktop 31 * java.management 32 * @run clean AnnotationSecurityTest Described UnDescribed DescribedMBean 33 * UnDescribedMBean SqeDescriptorKey DescribedMX DescribedMXBean 34 * @run build AnnotationSecurityTest Described UnDescribed DescribedMBean 35 * UnDescribedMBean SqeDescriptorKey DescribedMX DescribedMXBean 36 * @run main/othervm AnnotationSecurityTest 37 */ 38 // -Djava.security.debug=access,domain,policy 39 40 import java.io.File; 41 import java.io.IOException; 42 43 import java.lang.annotation.Annotation; 44 import java.lang.management.ManagementFactory; 45 import java.lang.reflect.AnnotatedElement; 46 import java.lang.reflect.Method; 47 import java.lang.reflect.UndeclaredThrowableException; 48 49 import javax.management.JMException; 50 import javax.management.MBeanServer; 51 import javax.management.ObjectName; 52 /** 53 * 54 * @author Sun Microsystems, 2005 - All rights reserved. 55 */ 56 57 public class AnnotationSecurityTest { 58 59 /** Creates a new instance of AnnotationSecurityTest */ 60 public AnnotationSecurityTest() { 61 } 62 63 public static void main(String[] argv) { 64 AnnotationSecurityTest test = new AnnotationSecurityTest(); 65 test.run(); 66 } 67 68 69 public void run() { 70 try { 71 final String testSrc = System.getProperty("test.src"); 72 final String codeBase = System.getProperty("test.classes"); 73 final String policy = testSrc + File.separator + 74 "AnnotationSecurityTest.policy"; 75 final MBeanServer mbs = ManagementFactory.getPlatformMBeanServer(); 76 final File pf = new File(policy); 77 if (!pf.exists()) 78 throw new IOException("policy file not found: " + policy); 79 if (!pf.canRead()) 80 throw new IOException("policy file not readable: " + policy); 81 82 System.out.println("Policy="+policy); 83 System.setProperty("java.security.policy",policy); 84 System.setSecurityManager(new SecurityManager()); 85 86 // We check that 6370080 is fixed. 87 // 88 try { 89 final Method m1 = 90 DescribedMBean.class.getMethod("getStringProp"); 91 final Method m2 = 92 DescribedMBean.class.getMethod("setStringProp", 93 String.class); 94 m1.getAnnotations(); 95 m2.getAnnotations(); 96 } catch (SecurityException x) { 97 System.err.println("ERROR: 6370080 not fixed."); 98 throw new IllegalStateException("ERROR: 6370080 not fixed.",x); 99 } 100 101 // Do the test: we should be able to register these 3 MBeans.... 102 // We now test that the behaviour described in 6366543 does no 103 // longer appears now that 6370080 is fixed. 104 // 105 106 final ObjectName name1 = 107 new ObjectName("defaultDomain:class=UnDescribed"); 108 UnDescribed unDescribedMBean = new UnDescribed(); 109 System.out.println("\nWe register an MBean where DescriptorKey is " + 110 "not used at all"); 111 mbs.registerMBean(unDescribedMBean, name1); 112 System.out.println("\n\tOK - The MBean " 113 + name1 + " is registered = " + mbs.isRegistered(name1)); 114 115 final ObjectName name2 = 116 new ObjectName("defaultDomain:class=Described"); 117 final Described describedMBean = new Described(); 118 119 System.out.println("\nWe register an MBean with exactly the " + 120 "same management" 121 + " interface as above and where DescriptorKey is used."); 122 mbs.registerMBean(describedMBean, name2); 123 System.out.println("\n\tOK - The MBean " 124 + name2 + " is registered = " + mbs.isRegistered(name2)); 125 126 final ObjectName name3 = 127 new ObjectName("defaultDomain:class=DescribedMX"); 128 final DescribedMX describedMXBean = new DescribedMX(); 129 130 System.out.println("\nWe register an MXBean with exactly the " + 131 "same management" 132 + " interface as above and where DescriptorKey is used."); 133 mbs.registerMBean(describedMXBean, name3); 134 System.out.println("\n\tOK - The MXBean " 135 + name3 + " is registered = " + mbs.isRegistered(name3)); 136 137 System.out.println("\nAll three MBeans correctly registered..."); 138 139 140 // We check that we don't have getAttribute() permission - as 141 // it's been voluntarily omitted from our policy file. 142 // If we don't get the Security Exception there is probably 143 // a security configuration pb... 144 // 145 try { 146 // We don't have getAttribute() permission, so this must fail. 147 System.err.println("Trying getStringProp() - should fail"); 148 mbs.getAttribute(name1,"StringProp"); 149 System.err.println("ERROR: didn't get expected SecurityException" 150 +"\n\t check security configuration & policy file: "+ 151 policy); 152 throw new RuntimeException("getStringProp() did not get a " + 153 "SecurityException!"); 154 } catch (SecurityException x) { 155 // OK! 156 System.err.println("getStringProp() - failed"); 157 } 158 159 } catch (Exception t) { 160 t.printStackTrace(); 161 if (t instanceof RuntimeException) 162 throw (RuntimeException)t; 163 else throw new RuntimeException(t); 164 } 165 } 166 167 }