1/* 2 * Licensed to the Apache Software Foundation (ASF) under one or more 3 * contributor license agreements. See the NOTICE file distributed with 4 * this work for additional information regarding copyright ownership. 5 * The ASF licenses this file to You under the Apache License, Version 2.0 6 * (the "License"); you may not use this file except in compliance with 7 * the License. You may obtain a copy of the License at 8 * 9 * http://www.apache.org/licenses/LICENSE-2.0 10 * 11 * Unless required by applicable law or agreed to in writing, software 12 * distributed under the License is distributed on an "AS IS" BASIS, 13 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 14 * See the License for the specific language governing permissions and 15 * limitations under the License. 16 */ 17 18/** 19* @author Stepan M. Mishura 20*/ 21 22package javax.security.auth; 23 24import java.io.ByteArrayInputStream; 25import java.io.ByteArrayOutputStream; 26import java.io.NotSerializableException; 27import java.io.ObjectInputStream; 28import java.io.ObjectOutputStream; 29import java.io.Serializable; 30import java.security.AccessControlContext; 31import java.security.AccessControlException; 32import java.security.AccessController; 33import java.security.Principal; 34import java.security.PrivilegedAction; 35import java.security.PrivilegedActionException; 36import java.security.PrivilegedExceptionAction; 37import java.security.SecurityPermission; 38import java.util.HashSet; 39import java.util.Iterator; 40import java.util.NoSuchElementException; 41import java.util.Set; 42 43import org.apache.harmony.auth.internal.SecurityTest; 44 45import junit.framework.Test; 46import junit.framework.TestSuite; 47 48 49/** 50 * Tests Subject and its inner classes implementation. 51 */ 52 53public class SubjectTest extends SecurityTest { 54 55 private static final Principal principal = new Principal() { 56 public String getName() { 57 return "name"; 58 } 59 }; 60 61 PrivilegedAction<Object> emptyPAction = new PrivilegedAction<Object>() { 62 public Object run() { 63 return null; 64 } 65 }; 66 67 PrivilegedExceptionAction<Object> emptyPEAction = new PrivilegedExceptionAction<Object> 68 () { 69 public Object run() { 70 return null; 71 } 72 }; 73 74 PrivilegedAction<AccessControlContext> contextPAction = new PrivilegedAction<AccessControlContext>() { 75 public AccessControlContext run() { 76 return AccessController.getContext(); 77 } 78 }; 79 80 PrivilegedExceptionAction<AccessControlContext> contextPEAction = new PrivilegedExceptionAction<AccessControlContext>() { 81 public AccessControlContext run() { 82 return AccessController.getContext(); 83 } 84 }; 85 86 PrivilegedAction<Subject> subjectPAction = new PrivilegedAction<Subject>() { 87 public Subject run() { 88 return Subject.getSubject(AccessController.getContext()); 89 } 90 }; 91 92 PrivilegedExceptionAction<Subject> subjectPEAction = new PrivilegedExceptionAction<Subject>() { 93 public Subject run() { 94 return Subject.getSubject(AccessController.getContext()); 95 } 96 }; 97 98 private final HashSet<Principal> h1 = new HashSet<Principal>(); // principals 99 100 private final HashSet<Object> h2 = new HashSet<Object>(); // public credentials 101 102 private final HashSet<Object> h3 = new HashSet<Object>(); // private credentials 103 104 public static Test suite() throws Exception { 105 106 TestSuite setSuite = new TestSuite("SubjectSets"); 107 108 setSuite.addTest(new PrincipalTestSuite()); 109 setSuite.addTest(new PrivateCredentialTestSuite()); 110 setSuite.addTest(new PublicCredentialTestSuite()); 111 112 setSuite.addTest(new PrincipalClassTestSuite()); 113 setSuite.addTest(new PrivateCredentialClassTestSuite()); 114 setSuite.addTest(new PublicCredentialClassTestSuite()); 115 116 TestSuite suite = new TestSuite("Subject"); 117 118 suite.addTestSuite(javax.security.auth.SubjectTest.class); 119 suite.addTest(setSuite); 120 121 return suite; 122 } 123 124 public SubjectTest() { 125 super(); 126 127 h1.add(principal); 128 129 h2.add(new Object()); 130 h2.add(new Object()); 131 132 h3.add(new Object()); 133 h3.add(new Object()); 134 h3.add(new Object()); 135 } 136 137 /** 138 * Testing Subject() constructor 139 */ 140 public final void testSubject() { 141 Subject subject = new Subject(); 142 143 assertFalse("Read only state", subject.isReadOnly()); 144 assertEquals("Principals set", 0, subject.getPrincipals().size()); 145 146 assertEquals("Private credential set", 0, subject 147 .getPrivateCredentials().size()); 148 149 assertEquals("Public credential set", 0, subject.getPublicCredentials() 150 .size()); 151 } 152 153 /** 154 * Testing Subject(boolean,Set,Set,Set) constructor 155 */ 156 public final void testSubject_3Set() { 157 158 Subject subject = new Subject(false, h1, h2, h3); 159 160 assertFalse("Read only state", subject.isReadOnly()); 161 assertEquals("Principals set", h1, subject.getPrincipals()); 162 163 assertEquals("Private credential set", h3, subject 164 .getPrivateCredentials()); 165 166 assertEquals("Public credential set", h2, subject 167 .getPublicCredentials()); 168 169 // the same but for read only subject 170 subject = new Subject(true, h1, h2, h3); 171 172 assertTrue("Read only state", subject.isReadOnly()); 173 174 assertEquals("Principals set", 1, subject.getPrincipals().size()); 175 176 assertEquals("Private credential set", 3, subject 177 .getPrivateCredentials().size()); 178 179 assertEquals("Public credential set", 2, subject.getPublicCredentials() 180 .size()); 181 } 182 183 /** 184 * Testing Subject(boolean,Set,Set,Set) constructor 185 * in restricted security context 186 */ 187 public final void testSubject_3Set_NoPermissions() { 188 189 // all sets modifications are denied 190 denyPermission(new AuthPermission("*")); 191 192 new Subject(true, h1, h2, h3); 193 } 194 195 /** 196 * Testing Subject(boolean,Set,Set,Set) constructor 197 * Checks NullPointerException if one of passed set is null 198 */ 199 @SuppressWarnings("unchecked") 200 public final void testSubject_3Set_NPE() { 201 202 try { 203 new Subject(false, null, new HashSet(), new HashSet()); 204 fail("No expected NullPointerException"); 205 } catch (NullPointerException e) { 206 } 207 208 try { 209 new Subject(false, new HashSet(), null, new HashSet()); 210 fail("No expected NullPointerException"); 211 } catch (NullPointerException e) { 212 } 213 214 try { 215 new Subject(false, new HashSet(), new HashSet(), null); 216 fail("No expected NullPointerException"); 217 } catch (NullPointerException e) { 218 } 219 } 220 221 /** 222 * Testing Subject(boolean,Set,Set,Set) constructor. 223 * Parameter set contains an invalid element. 224 */ 225 @SuppressWarnings("unchecked") 226 public final void testSubject_3Set_InvalidSet() { 227 HashSet hash = new HashSet(); 228 229 hash.add(null); 230 231 try { 232 new Subject(false, hash, new HashSet(), new HashSet()); 233 234 if (!testing) { 235 // possible to add 'null' principal via constructor 236 fail("No expected NullPointerException"); 237 } 238 } catch (NullPointerException e) { 239 } 240 241 try { 242 new Subject(false, new HashSet(), hash, new HashSet()); 243 244 if (!testing) { 245 fail("No expected NullPointerException"); 246 } 247 } catch (NullPointerException e) { 248 } 249 250 try { 251 new Subject(false, new HashSet(), new HashSet(), hash); 252 253 if (!testing) { 254 fail("No expected NullPointerException"); 255 } 256 } catch (NullPointerException e) { 257 } 258 259 hash.clear(); 260 hash.add(new Object()); 261 try { 262 new Subject(false, hash, new HashSet(), new HashSet()); 263 264 if (!testing) { 265 // possible to add 'null' principal via constructor 266 fail("No expected IllegalArgumentException"); 267 } 268 } catch (IllegalArgumentException e) { 269 } 270 } 271 272 /** 273 * Tests SecurityException for Subject.doAs(Subject,PrivilegedAction) 274 */ 275 public final void testACE_doAs_A() throws Exception { 276 277 denyPermission(new AuthPermission("doAs")); 278 try { 279 Subject.doAs(new Subject(), emptyPAction); 280 fail("No expected AccessControlException"); 281 } catch (AccessControlException e) { 282 assertEquals(e, AuthPermission.class); 283 } 284 } 285 286 /** 287 * Tests SecurityException for Subject.doAs(Subject,PrivilegedExceptionAction) 288 */ 289 public final void testACE_doAs_EA() throws Exception { 290 291 denyPermission(new AuthPermission("doAs")); 292 try { 293 Subject.doAs(new Subject(), emptyPEAction); 294 fail("No expected AccessControlException"); 295 } catch (AccessControlException e) { 296 assertEquals(e, AuthPermission.class); 297 } catch (PrivilegedActionException e) { 298 fail("Unexpected PrivilegedActionException"); 299 } 300 } 301 302 /** 303 * Tests SecurityException for Subject.doAsPrivileged( 304 * Subject,PrivilegedAction,AccessControlContext) 305 */ 306 public final void testACE_doAsPrivileged_A() throws Exception { 307 308 denyPermission(new AuthPermission("doAsPrivileged")); 309 try { 310 Subject.doAsPrivileged(new Subject(), emptyPAction, null); 311 fail("No expected AccessControlException"); 312 } catch (AccessControlException e) { 313 assertEquals(e, AuthPermission.class); 314 } 315 } 316 317 /** 318 * Tests SecurityException for Subject.doAsPrivileged( 319 * Subject,PrivilegedExceptionAction,AccessControlContext) 320 */ 321 public final void testACE_doAsPrivileged_EA() throws Exception { 322 323 denyPermission(new AuthPermission("doAsPrivileged")); 324 try { 325 Subject.doAsPrivileged(new Subject(), emptyPEAction, null); 326 fail("No expected AccessControlException"); 327 } catch (AccessControlException e) { 328 assertEquals(e, AuthPermission.class); 329 } 330 } 331 332 /** 333 * Tests SecurityException for Subject.getSubject() 334 */ 335 public final void testACE_getSubject() { 336 337 denyPermission(new AuthPermission("getSubject")); 338 try { 339 Subject.getSubject(AccessController.getContext()); 340 fail("No expected AccessControlException"); 341 } catch (AccessControlException e) { 342 assertEquals(e, AuthPermission.class); 343 } 344 } 345 346 /** 347 * Tests SecurityException for Subject.setReadOnly() 348 */ 349 public final void testACE_setReadOnly() { 350 351 denyPermission(new AuthPermission("setReadOnly")); 352 try { 353 (new Subject()).setReadOnly(); 354 fail("No expected AccessControlException"); 355 } catch (AccessControlException e) { 356 assertEquals(e, AuthPermission.class); 357 } 358 } 359 360 /** 361 * Tests Subject.doAs(Subject, PrivilegedAction) 362 */ 363 public final void testDoAs() { 364 365 Subject subject = new Subject(); 366 367 Subject contextSubject = (Subject) Subject 368 .doAs(subject, subjectPAction); 369 370 assertTrue("Returned subject", subject == contextSubject); 371 372 // null subject 373 contextSubject = (Subject) Subject.doAs(null, subjectPAction); 374 375 assertNull("Subject is null", contextSubject); 376 377 // null subject: check combiner (must be null) 378 AccessControlContext context = (AccessControlContext) Subject.doAs( 379 null, contextPAction); 380 381 assertNull("Combiner for null subject", context.getDomainCombiner()); 382 } 383 384 /** 385 * Tests Subject.doAs(Subject, PrivilegedExceptionAction) 386 */ 387 public final void testDoAs_PEA() throws Exception { 388 389 Subject subject = new Subject(); 390 391 Subject contextSubject = (Subject) Subject.doAs(subject, 392 subjectPEAction); 393 394 assertTrue("Returned subject", subject == contextSubject); 395 396 // null subject 397 contextSubject = (Subject) Subject.doAs(null, subjectPEAction); 398 399 assertNull("Subject is null", contextSubject); 400 401 // null subject: check combiner (must be null) 402 AccessControlContext context = (AccessControlContext) Subject.doAs( 403 null, contextPEAction); 404 405 assertNull("Combiner for null subject", context.getDomainCombiner()); 406 407 } 408 409 /** 410 * Tests Subject.doAsPrivileged(Subject, PrivilegedAction, ACContext) 411 */ 412 public final void testDoAsPrivileged() { 413 414 Subject subject = new Subject(); 415 416 Subject contextSubject = (Subject) Subject.doAsPrivileged(subject, 417 subjectPAction, null); 418 419 assertTrue("Returned subject", subject == contextSubject); 420 421 // null subject 422 contextSubject = (Subject) Subject.doAsPrivileged(null, subjectPAction, 423 null); 424 425 assertNull("Subject is null", contextSubject); 426 427 // null subject: check combiner (must be null) 428 AccessControlContext context = (AccessControlContext) Subject 429 .doAsPrivileged(null, contextPAction, null); 430 431 assertNull("Combiner for null subject", context.getDomainCombiner()); 432 } 433 434 /** 435 * Tests Subject.doAsPrivileged(Subject, PEAction, ACContext) 436 */ 437 public final void testDoAsPrivileged_PEA() throws Exception { 438 439 Subject subject = new Subject(); 440 441 Subject contextSubject = (Subject) Subject.doAsPrivileged(subject, 442 subjectPEAction, null); 443 444 assertTrue("Returned subject", subject == contextSubject); 445 446 // null subject 447 contextSubject = (Subject) Subject.doAsPrivileged(null, 448 subjectPEAction, null); 449 450 assertNull("Subject is null", contextSubject); 451 452 // null subject: check combiner (must be null) 453 AccessControlContext context = (AccessControlContext) Subject 454 .doAsPrivileged(null, contextPEAction, null); 455 456 assertNull("Combiner for null subject", context.getDomainCombiner()); 457 } 458 459 /** 460 * Tests Subject.doAs* methods for creating new context 461 * 462 * Expected: no SecurityException 463 */ 464 public final void testDoAs_newACC() throws Exception { 465 466 Subject subject = new Subject(); 467 468 Subject.doAs(subject, emptyPAction); 469 Subject.doAs(subject, emptyPEAction); 470 Subject.doAsPrivileged(subject, emptyPAction, null); 471 Subject.doAsPrivileged(subject, emptyPEAction, null); 472 473 // each doAs* creates new ACContext 474 denyPermission(new SecurityPermission("createAccessControlContext")); 475 476 try { 477 Subject.doAs(subject, emptyPAction); 478 fail("No expected AccessControlException"); 479 } catch (AccessControlException e) { 480 } 481 482 try { 483 Subject.doAs(subject, emptyPEAction); 484 fail("No expected AccessControlException"); 485 } catch (AccessControlException e) { 486 } 487 488 try { 489 Subject.doAsPrivileged(subject, emptyPAction, null); 490 fail("No expected AccessControlException"); 491 } catch (AccessControlException e) { 492 } 493 494 try { 495 Subject.doAsPrivileged(subject, emptyPEAction, null); 496 fail("No expected AccessControlException"); 497 } catch (AccessControlException e) { 498 } 499 } 500 501 /** 502 * Tests Subject.equals() method 503 */ 504 @SuppressWarnings("unchecked") 505 public final void testEquals() { 506 507 // empty sets 508 Subject s1 = new Subject(); 509 Subject s2 = new Subject(false, new HashSet(), new HashSet(), 510 new HashSet()); 511 Subject s3 = new Subject(true, new HashSet(), new HashSet(), 512 new HashSet()); 513 514 equalsTest(s1, s2, s3); 515 516 // non empty sets 517 518 s1 = new Subject(false, h1, h2, h3); 519 s3 = new Subject(true, h1, h2, h3); 520 521 s2 = new Subject(); 522 s2.getPrincipals().addAll(h1); 523 s2.getPublicCredentials().addAll(h2); 524 s2.getPrivateCredentials().addAll(h3); 525 526 equalsTest(s1, s2, s3); 527 528 // not equal subjects 529 s1 = new Subject(); 530 s2 = new Subject(true, h1, new HashSet(), h3); 531 s3 = new Subject(true, h1, h2, h3); 532 533 assertFalse(s1.equals(s2)); 534 assertFalse(s1.equals(s3)); 535 assertFalse(s2.equals(s3)); 536 } 537 538 private void equalsTest(Object obj1, Object obj2, Object obj3) { 539 540 // Check passed parameters. 541 // Because we don't verify Object.equals() method 542 if (obj1 == obj2 || obj1 == obj3 || obj2 == obj3) { 543 throw new AssertionError("References MUST be different"); 544 } 545 546 // reflexivity 547 assertTrue(obj1.equals(obj1)); 548 549 // symmetry 550 assertTrue(obj1.equals(obj2)); 551 assertTrue(obj2.equals(obj1)); 552 553 // transitivity 554 assertTrue(obj1.equals(obj2)); 555 assertTrue(obj2.equals(obj3)); 556 assertTrue(obj1.equals(obj3)); 557 558 // consistency 559 assertTrue(obj3.equals(obj1)); 560 assertTrue(obj3.equals(obj1)); 561 562 // null value 563 assertFalse(obj1.equals(null)); 564 } 565 566 /** 567 * Verifies that Subject.equals() has defined comparison algorism. 568 * 569 * The sequence of checks is following: 570 * 1)principal set 571 * 2)public credential set 572 * 3)private credential set 573 */ 574 @SuppressWarnings("unchecked") 575 public final void testEquals_VerifyCheckSequence() { 576 577 grantMode(); // no permissions 578 579 HashSet hash = new HashSet(); 580 hash.add(principal); 581 582 Subject subject1 = new Subject(false, new HashSet(), new HashSet(), 583 hash); 584 585 //doesn't verify private credential permissions on itself 586 assertTrue(subject1.equals(subject1)); 587 588 // principals comparison goes before 589 // no SecurityException expected 590 Subject subject2 = new Subject(false, hash, new HashSet(), hash); 591 592 assertFalse(subject1.equals(subject2)); 593 594 // public credential comparison goes before 595 // no SecurityException expected 596 subject2 = new Subject(false, new HashSet(), hash, hash); 597 598 assertFalse(subject1.equals(subject2)); 599 600 // principal and public credentials sets are equal 601 // Expected: SecurityException 602 subject2 = new Subject(false, new HashSet(), new HashSet(), hash); 603 try { 604 subject1.equals(subject2); 605 fail("No expected AccessControlException"); 606 } catch (AccessControlException e) { 607 assertEquals(e, PrivateCredentialPermission.class); 608 } 609 } 610 611 /** 612 * Verifies no PrivateCredentialPermission 613 * for 'this' subject and provided subject 614 */ 615 public final void testEquals_NoPCP() { 616 617 Subject subThis = new Subject(); 618 Subject subThat = new Subject(); 619 620 subThis.getPrivateCredentials().add(new MyClass1()); 621 subThat.getPrivateCredentials().add(new Object()); 622 623 grantMode(); // no permissions 624 grantPermission(new PrivateCredentialPermission( 625 "java.lang.Object * \"*\"", "read")); 626 627 // verify permissions 628 try { 629 subThis.getPrivateCredentials().iterator().next(); 630 fail("No expected AccessControlException"); 631 } catch (AccessControlException e) { 632 assertEquals(e, PrivateCredentialPermission.class); 633 } 634 subThat.getPrivateCredentials().iterator().next(); 635 636 // 'this' subject doesn't have permission 637 try { 638 subThis.equals(subThat); 639 fail("No expected AccessControlException"); 640 } catch (AccessControlException e) { 641 assertEquals(e, PrivateCredentialPermission.class); 642 } 643 644 // provided subject doesn't have permission 645 try { 646 subThat.equals(subThis); 647 fail("No expected AccessControlException"); 648 } catch (AccessControlException e) { 649 assertEquals(e, PrivateCredentialPermission.class); 650 } 651 } 652 653 /** 654 * Tests Subject.get<set>(Class) methods 655 */ 656 @SuppressWarnings("unchecked") 657 public final void testGetSetClass() { 658 HashSet hash = new HashSet(); 659 660 MyClass1 p1 = new MyClass1(); 661 MyClass1 p2 = new MyClass1(); 662 663 hash.add(p1); 664 hash.add(p2); 665 666 HashSet h = new HashSet(); 667 668 h.add(principal); 669 h.addAll(hash); 670 h.add(new MyClass2()); 671 672 Subject subject = new Subject(true, h, h, h); 673 674 assertEquals("Principal", hash, subject.getPrincipals(MyClass1.class)); 675 assertEquals("Private Credentials", hash, subject 676 .getPrivateCredentials(MyClass1.class)); 677 assertEquals("Public Credentials", hash, subject 678 .getPublicCredentials(MyClass1.class)); 679 } 680 681 /** 682 * Tests Subject.get<set>(Class) methods for null parameter 683 */ 684 public final void testGetClass_NullParameter() { 685 686 Subject subject = new Subject(); 687 688 try { 689 subject.getPrincipals(null); 690 fail("No expected NullPointerException"); 691 } catch (NullPointerException e) { 692 } 693 694 try { 695 subject.getPrivateCredentials(null); 696 fail("No expected NullPointerException"); 697 } catch (NullPointerException e) { 698 } 699 700 try { 701 subject.getPublicCredentials(null); 702 fail("No expected NullPointerException"); 703 } catch (NullPointerException e) { 704 } 705 } 706 707 /** 708 * Tests Subject.getSubject() for null parameter 709 */ 710 public final void test_getSubject_NPE() { 711 try { 712 Subject.getSubject(null); 713 fail("No expected NullPointerException"); 714 } catch (NullPointerException e) { 715 } 716 } 717 718 /** 719 * Tests Subject.getSubject() for current context 720 */ 721 public final void test_getSubject() { 722 assertNull("Current context", Subject.getSubject(AccessController 723 .getContext())); 724 725 try { 726 Subject.getSubject(null); 727 fail("No expected NullPointerException"); 728 } catch (NullPointerException e) { 729 } 730 } 731 732 /** 733 * Tests Subject.getSubject() for associated context 734 */ 735 public final void test_getSubject_SameSubject() { 736 737 Subject subject = new Subject(); 738 739 Subject contextSubject = (Subject) Subject 740 .doAs(subject, subjectPAction); 741 742 assertTrue("Subject: ", subject == contextSubject); 743 } 744 745 /** 746 * Tests Subject.getSubject() for associated context (2 subjects) 747 */ 748 @SuppressWarnings("unchecked") 749 public final void test_getSubject_NotSameSubject() { 750 751 final HashSet hash = new HashSet(); 752 hash.add(new MyClass1()); 753 754 PrivilegedAction<Object> action = new PrivilegedAction<Object>() { 755 public Object run() { 756 757 return Subject.doAs(new Subject(false, hash, hash, hash), 758 subjectPAction); 759 } 760 }; 761 762 Subject subject = new Subject(); 763 764 Subject contextSubject = (Subject) Subject.doAs(subject, action); 765 766 assertNotNull("Context subject: ", contextSubject); 767 assertFalse("Subject: ", subject == contextSubject); 768 assertTrue("Principals: ", hash.equals(contextSubject.getPrincipals())); 769 assertTrue("Private Credentials: ", hash.equals(contextSubject 770 .getPrivateCredentials())); 771 assertTrue("Public Credentials: ", hash.equals(contextSubject 772 .getPublicCredentials())); 773 } 774 775 /** 776 * Tests Subject.getSubject() for privileged action in associated context 777 */ 778 public final void test_getSubject_PrivilegedAction() { 779 780 PrivilegedAction<Object> action = new PrivilegedAction<Object>() { 781 public Object run() { 782 return AccessController.doPrivileged(subjectPAction); 783 } 784 }; 785 786 Subject subject = new Subject(); 787 788 Subject contextSubject = (Subject) Subject.doAs(subject, action); 789 790 assertNull("Context subject: ", contextSubject); 791 } 792 793 /** 794 * Tests Subject.hashCode() 795 */ 796 public final void testHashCode() { 797 Subject subject1 = new Subject(false, h1, h2, h3); 798 Subject subject2 = new Subject(true, h1, h2, h3); 799 800 assertTrue(subject1.equals(subject2)); 801 assertTrue(subject1.hashCode() == subject2.hashCode()); 802 } 803 804 /** 805 * Tests Subject.hashCode() for SecurityException 806 */ 807 public final void testHashCode_ACE() { 808 809 grantMode(); 810 try { 811 (new Subject(false, h1, h2, h3)).hashCode(); 812 813 if (!testing) { 814 fail("No expected AccessControlException"); 815 } 816 } catch (AccessControlException e) { 817 assertEquals(e, PrivateCredentialPermission.class); 818 } 819 } 820 821 /** 822 * Tests Subject.isReadOnly() and Subject.setReadOnly() 823 */ 824 public final void testSetReadOnly_isReadOnly() { 825 Subject subject = new Subject(); 826 827 // check initialized value 828 assertFalse("Read only state", subject.isReadOnly()); 829 830 // set the subject as read only 831 subject.setReadOnly(); 832 assertTrue("Read only state", subject.isReadOnly()); 833 834 // anyway invoke it again to verify subject's state 835 subject.setReadOnly(); 836 assertTrue("Read only state", subject.isReadOnly()); 837 } 838 839 public final void testToString() { 840 //FIXME grantMode(); 841 //denyPermission(new PrivateCredentialPermission("* * \"*\"", "read")); 842 //System.out.println((new Subject(false, h1, h2, h3)).toString()); 843 } 844 845 public final void testSerialization() throws Exception { 846 847 Subject subject = new Subject(); 848 849 subject.getPrincipals().add(new MyClass2()); 850 851 ByteArrayOutputStream out = new ByteArrayOutputStream(); 852 ObjectOutputStream sOut = new ObjectOutputStream(out); 853 854 try { 855 sOut.writeObject(subject); 856 fail("No expected NotSerializableException"); 857 } catch (NotSerializableException e) { 858 } finally { 859 sOut.close(); 860 } 861 862 subject = new Subject(); 863 864 subject.getPrincipals().add(new MyClass1()); 865 subject.getPublicCredentials().add(new MyClass1()); 866 subject.getPrivateCredentials().add(new MyClass1()); 867 868 subject.setReadOnly(); 869 870 out = new ByteArrayOutputStream(); 871 sOut = new ObjectOutputStream(out); 872 873 sOut.writeObject(subject); 874 875 sOut.flush(); 876 sOut.close(); 877 878 ByteArrayInputStream in = new ByteArrayInputStream(out.toByteArray()); 879 ObjectInputStream sIn = new ObjectInputStream(in); 880 881 Subject ss = (Subject) sIn.readObject(); 882 883 assertTrue(ss.isReadOnly()); 884 assertEquals(1, ss.getPrincipals().size()); 885 assertTrue(ss.getPrincipals().iterator().next() instanceof MyClass1); 886 assertEquals(0, ss.getPublicCredentials().size()); 887 assertEquals(0, ss.getPrivateCredentials().size()); 888 889 try { 890 ss.getPrincipals().add(new MyClass1()); 891 fail("No expected IllegalStateException"); 892 } catch (IllegalStateException e) { 893 } 894 } 895 896 /** 897 * Test subject's deserialization in case of invalid('null') principals 898 * 899 * Serialization byte array contains null element in principal set 900 * The array is invalid because it is not possible to add null element 901 * to principal set via public API methods. 902 */ 903 public final void testSerialization_NullPrincipal() throws Exception { 904 905 // The array was produced in the following way: 906 // 1) A check that verifies a passed principal object for null 907 // value was disabled in Subject class. 908 // 2) Subject object was created 909 // 3) A null was added to subject's principal set by invoking 910 // getPrincipals().add(null); 911 // 4) ByteArrayOutputStream class was used to write subject object 912 // and to get resulting array of bytes 913 byte[] nullPrincipal = new byte[] { (byte) 0xac, (byte) 0xed, 914 (byte) 0x00, (byte) 0x05, (byte) 0x73, (byte) 0x72, 915 (byte) 0x00, (byte) 0x1b, (byte) 0x6a, (byte) 0x61, 916 (byte) 0x76, (byte) 0x61, (byte) 0x78, (byte) 0x2e, 917 (byte) 0x73, (byte) 0x65, (byte) 0x63, (byte) 0x75, 918 (byte) 0x72, (byte) 0x69, (byte) 0x74, (byte) 0x79, 919 (byte) 0x2e, (byte) 0x61, (byte) 0x75, (byte) 0x74, 920 (byte) 0x68, (byte) 0x2e, (byte) 0x53, (byte) 0x75, 921 (byte) 0x62, (byte) 0x6a, (byte) 0x65, (byte) 0x63, 922 (byte) 0x74, (byte) 0x8c, (byte) 0xb2, (byte) 0x32, 923 (byte) 0x93, (byte) 0x00, (byte) 0x33, (byte) 0xfa, 924 (byte) 0x68, (byte) 0x03, (byte) 0x00, (byte) 0x02, 925 (byte) 0x5a, (byte) 0x00, (byte) 0x0a, (byte) 0x69, 926 (byte) 0x73, (byte) 0x52, (byte) 0x65, (byte) 0x61, 927 (byte) 0x64, (byte) 0x4f, (byte) 0x6e, (byte) 0x6c, 928 (byte) 0x79, (byte) 0x4c, (byte) 0x00, (byte) 0x0a, 929 (byte) 0x70, (byte) 0x72, (byte) 0x69, (byte) 0x6e, 930 (byte) 0x63, (byte) 0x69, (byte) 0x70, (byte) 0x61, 931 (byte) 0x6c, (byte) 0x73, (byte) 0x74, (byte) 0x00, 932 (byte) 0x0f, (byte) 0x4c, (byte) 0x6a, (byte) 0x61, 933 (byte) 0x76, (byte) 0x61, (byte) 0x2f, (byte) 0x75, 934 (byte) 0x74, (byte) 0x69, (byte) 0x6c, (byte) 0x2f, 935 (byte) 0x53, (byte) 0x65, (byte) 0x74, (byte) 0x3b, 936 (byte) 0x78, (byte) 0x70, (byte) 0x00, (byte) 0x73, 937 (byte) 0x72, (byte) 0x00, (byte) 0x25, (byte) 0x6a, 938 (byte) 0x61, (byte) 0x76, (byte) 0x61, (byte) 0x78, 939 (byte) 0x2e, (byte) 0x73, (byte) 0x65, (byte) 0x63, 940 (byte) 0x75, (byte) 0x72, (byte) 0x69, (byte) 0x74, 941 (byte) 0x79, (byte) 0x2e, (byte) 0x61, (byte) 0x75, 942 (byte) 0x74, (byte) 0x68, (byte) 0x2e, (byte) 0x53, 943 (byte) 0x75, (byte) 0x62, (byte) 0x6a, (byte) 0x65, 944 (byte) 0x63, (byte) 0x74, (byte) 0x24, (byte) 0x53, 945 (byte) 0x65, (byte) 0x63, (byte) 0x75, (byte) 0x72, 946 (byte) 0x65, (byte) 0x53, (byte) 0x65, (byte) 0x74, 947 (byte) 0x6d, (byte) 0xcc, (byte) 0x32, (byte) 0x80, 948 (byte) 0x17, (byte) 0x55, (byte) 0x7e, (byte) 0x27, 949 (byte) 0x03, (byte) 0x00, (byte) 0x03, (byte) 0x49, 950 (byte) 0x00, (byte) 0x07, (byte) 0x73, (byte) 0x65, 951 (byte) 0x74, (byte) 0x54, (byte) 0x79, (byte) 0x70, 952 (byte) 0x65, (byte) 0x4c, (byte) 0x00, (byte) 0x08, 953 (byte) 0x65, (byte) 0x6c, (byte) 0x65, (byte) 0x6d, 954 (byte) 0x65, (byte) 0x6e, (byte) 0x74, (byte) 0x73, 955 (byte) 0x74, (byte) 0x00, (byte) 0x16, (byte) 0x4c, 956 (byte) 0x6a, (byte) 0x61, (byte) 0x76, (byte) 0x61, 957 (byte) 0x2f, (byte) 0x75, (byte) 0x74, (byte) 0x69, 958 (byte) 0x6c, (byte) 0x2f, (byte) 0x4c, (byte) 0x69, 959 (byte) 0x6e, (byte) 0x6b, (byte) 0x65, (byte) 0x64, 960 (byte) 0x4c, (byte) 0x69, (byte) 0x73, (byte) 0x74, 961 (byte) 0x3b, (byte) 0x4c, (byte) 0x00, (byte) 0x06, 962 (byte) 0x74, (byte) 0x68, (byte) 0x69, (byte) 0x73, 963 (byte) 0x24, (byte) 0x30, (byte) 0x74, (byte) 0x00, 964 (byte) 0x1d, (byte) 0x4c, (byte) 0x6a, (byte) 0x61, 965 (byte) 0x76, (byte) 0x61, (byte) 0x78, (byte) 0x2f, 966 (byte) 0x73, (byte) 0x65, (byte) 0x63, (byte) 0x75, 967 (byte) 0x72, (byte) 0x69, (byte) 0x74, (byte) 0x79, 968 (byte) 0x2f, (byte) 0x61, (byte) 0x75, (byte) 0x74, 969 (byte) 0x68, (byte) 0x2f, (byte) 0x53, (byte) 0x75, 970 (byte) 0x62, (byte) 0x6a, (byte) 0x65, (byte) 0x63, 971 (byte) 0x74, (byte) 0x3b, (byte) 0x78, (byte) 0x70, 972 (byte) 0x00, (byte) 0x00, (byte) 0x00, (byte) 0x00, 973 (byte) 0x73, (byte) 0x72, (byte) 0x00, (byte) 0x14, 974 (byte) 0x6a, (byte) 0x61, (byte) 0x76, (byte) 0x61, 975 (byte) 0x2e, (byte) 0x75, (byte) 0x74, (byte) 0x69, 976 (byte) 0x6c, (byte) 0x2e, (byte) 0x4c, (byte) 0x69, 977 (byte) 0x6e, (byte) 0x6b, (byte) 0x65, (byte) 0x64, 978 (byte) 0x4c, (byte) 0x69, (byte) 0x73, (byte) 0x74, 979 (byte) 0x0c, (byte) 0x29, (byte) 0x53, (byte) 0x5d, 980 (byte) 0x4a, (byte) 0x60, (byte) 0x88, (byte) 0x22, 981 (byte) 0x03, (byte) 0x00, (byte) 0x00, (byte) 0x78, 982 (byte) 0x70, (byte) 0x77, (byte) 0x04, (byte) 0x00, 983 (byte) 0x00, (byte) 0x00, (byte) 0x01, (byte) 0x70, 984 (byte) 0x78, (byte) 0x71, (byte) 0x00, (byte) 0x7e, 985 (byte) 0x00, (byte) 0x02, (byte) 0x78, (byte) 0x78 }; 986 987 ByteArrayInputStream in = new ByteArrayInputStream(nullPrincipal); 988 ObjectInputStream sIn = new ObjectInputStream(in); 989 990 try { 991 sIn.readObject(); 992 if (!testing) { 993 fail("No expected NullPointerException"); 994 } 995 } catch (NullPointerException e) { 996 } 997 } 998 999 /** 1000 * Test subject's deserialization in case of invalid principals 1001 * Byte stream contains object in principal set that doesn't 1002 * implement Principal interface. 1003 * The array is invalid because it is not possible to add such object 1004 * to principal set via public API methods. 1005 */ 1006 public final void testSerialization_IllegalPrincipal() throws Exception { 1007 1008 // The array was produced in the following way: 1009 // 1) A check for verifying that passed principal object 1010 // implements Principal interface was disabled in Subject class. 1011 // 2) Subject object was created 1012 // 3) A serializable object was added to subject's principal 1013 // set by invoking: getPrincipals().add(object); 1014 // 4) ByteArrayOutputStream class was used to write subject object 1015 // and to get resulting array of bytes 1016 byte[] objectPrincipal = new byte[] { (byte) 0xac, (byte) 0xed, 1017 (byte) 0x00, (byte) 0x05, (byte) 0x73, (byte) 0x72, 1018 (byte) 0x00, (byte) 0x1b, (byte) 0x6a, (byte) 0x61, 1019 (byte) 0x76, (byte) 0x61, (byte) 0x78, (byte) 0x2e, 1020 (byte) 0x73, (byte) 0x65, (byte) 0x63, (byte) 0x75, 1021 (byte) 0x72, (byte) 0x69, (byte) 0x74, (byte) 0x79, 1022 (byte) 0x2e, (byte) 0x61, (byte) 0x75, (byte) 0x74, 1023 (byte) 0x68, (byte) 0x2e, (byte) 0x53, (byte) 0x75, 1024 (byte) 0x62, (byte) 0x6a, (byte) 0x65, (byte) 0x63, 1025 (byte) 0x74, (byte) 0x8c, (byte) 0xb2, (byte) 0x32, 1026 (byte) 0x93, (byte) 0x00, (byte) 0x33, (byte) 0xfa, 1027 (byte) 0x68, (byte) 0x03, (byte) 0x00, (byte) 0x02, 1028 (byte) 0x5a, (byte) 0x00, (byte) 0x0a, (byte) 0x69, 1029 (byte) 0x73, (byte) 0x52, (byte) 0x65, (byte) 0x61, 1030 (byte) 0x64, (byte) 0x4f, (byte) 0x6e, (byte) 0x6c, 1031 (byte) 0x79, (byte) 0x4c, (byte) 0x00, (byte) 0x0a, 1032 (byte) 0x70, (byte) 0x72, (byte) 0x69, (byte) 0x6e, 1033 (byte) 0x63, (byte) 0x69, (byte) 0x70, (byte) 0x61, 1034 (byte) 0x6c, (byte) 0x73, (byte) 0x74, (byte) 0x00, 1035 (byte) 0x0f, (byte) 0x4c, (byte) 0x6a, (byte) 0x61, 1036 (byte) 0x76, (byte) 0x61, (byte) 0x2f, (byte) 0x75, 1037 (byte) 0x74, (byte) 0x69, (byte) 0x6c, (byte) 0x2f, 1038 (byte) 0x53, (byte) 0x65, (byte) 0x74, (byte) 0x3b, 1039 (byte) 0x78, (byte) 0x70, (byte) 0x00, (byte) 0x73, 1040 (byte) 0x72, (byte) 0x00, (byte) 0x25, (byte) 0x6a, 1041 (byte) 0x61, (byte) 0x76, (byte) 0x61, (byte) 0x78, 1042 (byte) 0x2e, (byte) 0x73, (byte) 0x65, (byte) 0x63, 1043 (byte) 0x75, (byte) 0x72, (byte) 0x69, (byte) 0x74, 1044 (byte) 0x79, (byte) 0x2e, (byte) 0x61, (byte) 0x75, 1045 (byte) 0x74, (byte) 0x68, (byte) 0x2e, (byte) 0x53, 1046 (byte) 0x75, (byte) 0x62, (byte) 0x6a, (byte) 0x65, 1047 (byte) 0x63, (byte) 0x74, (byte) 0x24, (byte) 0x53, 1048 (byte) 0x65, (byte) 0x63, (byte) 0x75, (byte) 0x72, 1049 (byte) 0x65, (byte) 0x53, (byte) 0x65, (byte) 0x74, 1050 (byte) 0x6d, (byte) 0xcc, (byte) 0x32, (byte) 0x80, 1051 (byte) 0x17, (byte) 0x55, (byte) 0x7e, (byte) 0x27, 1052 (byte) 0x03, (byte) 0x00, (byte) 0x03, (byte) 0x49, 1053 (byte) 0x00, (byte) 0x07, (byte) 0x73, (byte) 0x65, 1054 (byte) 0x74, (byte) 0x54, (byte) 0x79, (byte) 0x70, 1055 (byte) 0x65, (byte) 0x4c, (byte) 0x00, (byte) 0x08, 1056 (byte) 0x65, (byte) 0x6c, (byte) 0x65, (byte) 0x6d, 1057 (byte) 0x65, (byte) 0x6e, (byte) 0x74, (byte) 0x73, 1058 (byte) 0x74, (byte) 0x00, (byte) 0x16, (byte) 0x4c, 1059 (byte) 0x6a, (byte) 0x61, (byte) 0x76, (byte) 0x61, 1060 (byte) 0x2f, (byte) 0x75, (byte) 0x74, (byte) 0x69, 1061 (byte) 0x6c, (byte) 0x2f, (byte) 0x4c, (byte) 0x69, 1062 (byte) 0x6e, (byte) 0x6b, (byte) 0x65, (byte) 0x64, 1063 (byte) 0x4c, (byte) 0x69, (byte) 0x73, (byte) 0x74, 1064 (byte) 0x3b, (byte) 0x4c, (byte) 0x00, (byte) 0x06, 1065 (byte) 0x74, (byte) 0x68, (byte) 0x69, (byte) 0x73, 1066 (byte) 0x24, (byte) 0x30, (byte) 0x74, (byte) 0x00, 1067 (byte) 0x1d, (byte) 0x4c, (byte) 0x6a, (byte) 0x61, 1068 (byte) 0x76, (byte) 0x61, (byte) 0x78, (byte) 0x2f, 1069 (byte) 0x73, (byte) 0x65, (byte) 0x63, (byte) 0x75, 1070 (byte) 0x72, (byte) 0x69, (byte) 0x74, (byte) 0x79, 1071 (byte) 0x2f, (byte) 0x61, (byte) 0x75, (byte) 0x74, 1072 (byte) 0x68, (byte) 0x2f, (byte) 0x53, (byte) 0x75, 1073 (byte) 0x62, (byte) 0x6a, (byte) 0x65, (byte) 0x63, 1074 (byte) 0x74, (byte) 0x3b, (byte) 0x78, (byte) 0x70, 1075 (byte) 0x00, (byte) 0x00, (byte) 0x00, (byte) 0x00, 1076 (byte) 0x73, (byte) 0x72, (byte) 0x00, (byte) 0x14, 1077 (byte) 0x6a, (byte) 0x61, (byte) 0x76, (byte) 0x61, 1078 (byte) 0x2e, (byte) 0x75, (byte) 0x74, (byte) 0x69, 1079 (byte) 0x6c, (byte) 0x2e, (byte) 0x4c, (byte) 0x69, 1080 (byte) 0x6e, (byte) 0x6b, (byte) 0x65, (byte) 0x64, 1081 (byte) 0x4c, (byte) 0x69, (byte) 0x73, (byte) 0x74, 1082 (byte) 0x0c, (byte) 0x29, (byte) 0x53, (byte) 0x5d, 1083 (byte) 0x4a, (byte) 0x60, (byte) 0x88, (byte) 0x22, 1084 (byte) 0x03, (byte) 0x00, (byte) 0x00, (byte) 0x78, 1085 (byte) 0x70, (byte) 0x77, (byte) 0x04, (byte) 0x00, 1086 (byte) 0x00, (byte) 0x00, (byte) 0x01, (byte) 0x73, 1087 (byte) 0x72, (byte) 0x00, (byte) 0x28, (byte) 0x6a, 1088 (byte) 0x61, (byte) 0x76, (byte) 0x61, (byte) 0x78, 1089 (byte) 0x2e, (byte) 0x73, (byte) 0x65, (byte) 0x63, 1090 (byte) 0x75, (byte) 0x72, (byte) 0x69, (byte) 0x74, 1091 (byte) 0x79, (byte) 0x2e, (byte) 0x61, (byte) 0x75, 1092 (byte) 0x74, (byte) 0x68, (byte) 0x2e, (byte) 0x53, 1093 (byte) 0x75, (byte) 0x62, (byte) 0x6a, (byte) 0x65, 1094 (byte) 0x63, (byte) 0x74, (byte) 0x54, (byte) 0x65, 1095 (byte) 0x73, (byte) 0x74, (byte) 0x24, (byte) 0x4d, 1096 (byte) 0x79, (byte) 0x4f, (byte) 0x62, (byte) 0x6a, 1097 (byte) 0x65, (byte) 0x63, (byte) 0x74, (byte) 0xf7, 1098 (byte) 0xbc, (byte) 0xdc, (byte) 0x95, (byte) 0xb2, 1099 (byte) 0x33, (byte) 0x3a, (byte) 0x0f, (byte) 0x02, 1100 (byte) 0x00, (byte) 0x00, (byte) 0x78, (byte) 0x70, 1101 (byte) 0x78, (byte) 0x71, (byte) 0x00, (byte) 0x7e, 1102 (byte) 0x00, (byte) 0x02, (byte) 0x78, (byte) 0x78 }; 1103 1104 ByteArrayInputStream in = new ByteArrayInputStream(objectPrincipal); 1105 ObjectInputStream sIn = new ObjectInputStream(in); 1106 1107 try { 1108 sIn.readObject(); 1109 if (!testing) { 1110 fail("No expected IllegalArgumentException"); 1111 } 1112 } catch (IllegalArgumentException e) { 1113 } 1114 } 1115 1116 /** 1117 * Test subject's principal set deserialization in case 1118 * of invalid principal set's elements. Two cases are tested: 1119 * 1) null object 1120 * 2) an object in principal set that doesn't implement Principal interface. 1121 */ 1122 public void test_PrincipalSetInvalidSerForm() throws Exception { 1123 1124 // The array was produced in the following way: 1125 // 1) A check that verifies a passed principal object for null 1126 // value was disabled in Subject class. 1127 // 2) Subject object was created 1128 // 3) A null was added to subject's principal set by invoking 1129 // getPrincipals().add(null); 1130 // 4) ByteArrayOutputStream class was used to write 1131 // subject's principal set object and to get resulting array of bytes 1132 byte[] nullElement = new byte[] { (byte) 0xac, (byte) 0xed, 1133 (byte) 0x00, (byte) 0x05, (byte) 0x73, (byte) 0x72, 1134 (byte) 0x00, (byte) 0x25, (byte) 0x6a, (byte) 0x61, 1135 (byte) 0x76, (byte) 0x61, (byte) 0x78, (byte) 0x2e, 1136 (byte) 0x73, (byte) 0x65, (byte) 0x63, (byte) 0x75, 1137 (byte) 0x72, (byte) 0x69, (byte) 0x74, (byte) 0x79, 1138 (byte) 0x2e, (byte) 0x61, (byte) 0x75, (byte) 0x74, 1139 (byte) 0x68, (byte) 0x2e, (byte) 0x53, (byte) 0x75, 1140 (byte) 0x62, (byte) 0x6a, (byte) 0x65, (byte) 0x63, 1141 (byte) 0x74, (byte) 0x24, (byte) 0x53, (byte) 0x65, 1142 (byte) 0x63, (byte) 0x75, (byte) 0x72, (byte) 0x65, 1143 (byte) 0x53, (byte) 0x65, (byte) 0x74, (byte) 0x6d, 1144 (byte) 0xcc, (byte) 0x32, (byte) 0x80, (byte) 0x17, 1145 (byte) 0x55, (byte) 0x7e, (byte) 0x27, (byte) 0x03, 1146 (byte) 0x00, (byte) 0x02, (byte) 0x4c, (byte) 0x00, 1147 (byte) 0x08, (byte) 0x65, (byte) 0x6c, (byte) 0x65, 1148 (byte) 0x6d, (byte) 0x65, (byte) 0x6e, (byte) 0x74, 1149 (byte) 0x73, (byte) 0x74, (byte) 0x00, (byte) 0x16, 1150 (byte) 0x4c, (byte) 0x6a, (byte) 0x61, (byte) 0x76, 1151 (byte) 0x61, (byte) 0x2f, (byte) 0x75, (byte) 0x74, 1152 (byte) 0x69, (byte) 0x6c, (byte) 0x2f, (byte) 0x4c, 1153 (byte) 0x69, (byte) 0x6e, (byte) 0x6b, (byte) 0x65, 1154 (byte) 0x64, (byte) 0x4c, (byte) 0x69, (byte) 0x73, 1155 (byte) 0x74, (byte) 0x3b, (byte) 0x4c, (byte) 0x00, 1156 (byte) 0x06, (byte) 0x74, (byte) 0x68, (byte) 0x69, 1157 (byte) 0x73, (byte) 0x24, (byte) 0x30, (byte) 0x74, 1158 (byte) 0x00, (byte) 0x1d, (byte) 0x4c, (byte) 0x6a, 1159 (byte) 0x61, (byte) 0x76, (byte) 0x61, (byte) 0x78, 1160 (byte) 0x2f, (byte) 0x73, (byte) 0x65, (byte) 0x63, 1161 (byte) 0x75, (byte) 0x72, (byte) 0x69, (byte) 0x74, 1162 (byte) 0x79, (byte) 0x2f, (byte) 0x61, (byte) 0x75, 1163 (byte) 0x74, (byte) 0x68, (byte) 0x2f, (byte) 0x53, 1164 (byte) 0x75, (byte) 0x62, (byte) 0x6a, (byte) 0x65, 1165 (byte) 0x63, (byte) 0x74, (byte) 0x3b, (byte) 0x78, 1166 (byte) 0x70, (byte) 0x73, (byte) 0x72, (byte) 0x00, 1167 (byte) 0x14, (byte) 0x6a, (byte) 0x61, (byte) 0x76, 1168 (byte) 0x61, (byte) 0x2e, (byte) 0x75, (byte) 0x74, 1169 (byte) 0x69, (byte) 0x6c, (byte) 0x2e, (byte) 0x4c, 1170 (byte) 0x69, (byte) 0x6e, (byte) 0x6b, (byte) 0x65, 1171 (byte) 0x64, (byte) 0x4c, (byte) 0x69, (byte) 0x73, 1172 (byte) 0x74, (byte) 0x0c, (byte) 0x29, (byte) 0x53, 1173 (byte) 0x5d, (byte) 0x4a, (byte) 0x60, (byte) 0x88, 1174 (byte) 0x22, (byte) 0x03, (byte) 0x00, (byte) 0x00, 1175 (byte) 0x78, (byte) 0x70, (byte) 0x77, (byte) 0x04, 1176 (byte) 0x00, (byte) 0x00, (byte) 0x00, (byte) 0x01, 1177 (byte) 0x70, (byte) 0x78, (byte) 0x73, (byte) 0x72, 1178 (byte) 0x00, (byte) 0x1b, (byte) 0x6a, (byte) 0x61, 1179 (byte) 0x76, (byte) 0x61, (byte) 0x78, (byte) 0x2e, 1180 (byte) 0x73, (byte) 0x65, (byte) 0x63, (byte) 0x75, 1181 (byte) 0x72, (byte) 0x69, (byte) 0x74, (byte) 0x79, 1182 (byte) 0x2e, (byte) 0x61, (byte) 0x75, (byte) 0x74, 1183 (byte) 0x68, (byte) 0x2e, (byte) 0x53, (byte) 0x75, 1184 (byte) 0x62, (byte) 0x6a, (byte) 0x65, (byte) 0x63, 1185 (byte) 0x74, (byte) 0x8c, (byte) 0xb2, (byte) 0x32, 1186 (byte) 0x93, (byte) 0x00, (byte) 0x33, (byte) 0xfa, 1187 (byte) 0x68, (byte) 0x03, (byte) 0x00, (byte) 0x02, 1188 (byte) 0x5a, (byte) 0x00, (byte) 0x0a, (byte) 0x69, 1189 (byte) 0x73, (byte) 0x52, (byte) 0x65, (byte) 0x61, 1190 (byte) 0x64, (byte) 0x4f, (byte) 0x6e, (byte) 0x6c, 1191 (byte) 0x79, (byte) 0x4c, (byte) 0x00, (byte) 0x0a, 1192 (byte) 0x70, (byte) 0x72, (byte) 0x69, (byte) 0x6e, 1193 (byte) 0x63, (byte) 0x69, (byte) 0x70, (byte) 0x61, 1194 (byte) 0x6c, (byte) 0x73, (byte) 0x74, (byte) 0x00, 1195 (byte) 0x0f, (byte) 0x4c, (byte) 0x6a, (byte) 0x61, 1196 (byte) 0x76, (byte) 0x61, (byte) 0x2f, (byte) 0x75, 1197 (byte) 0x74, (byte) 0x69, (byte) 0x6c, (byte) 0x2f, 1198 (byte) 0x53, (byte) 0x65, (byte) 0x74, (byte) 0x3b, 1199 (byte) 0x78, (byte) 0x70, (byte) 0x00, (byte) 0x71, 1200 (byte) 0x00, (byte) 0x7e, (byte) 0x00, (byte) 0x03, 1201 (byte) 0x78, (byte) 0x78 }; 1202 1203 // The array was produced in the following way: 1204 // 1) A check for verifying that passed principal object 1205 // implements Principal interface was disabled in Subject class. 1206 // 2) Subject object was created 1207 // 3) A serializable object was added to subject's principal 1208 // set by invoking: getPrincipals().add(object); 1209 // 4) ByteArrayOutputStream class was used to write 1210 // subject's principal set object and to get resulting array of bytes 1211 byte[] notPrincipalElement = new byte[] { (byte) 0xac, (byte) 0xed, 1212 (byte) 0x00, (byte) 0x05, (byte) 0x73, (byte) 0x72, 1213 (byte) 0x00, (byte) 0x25, (byte) 0x6a, (byte) 0x61, 1214 (byte) 0x76, (byte) 0x61, (byte) 0x78, (byte) 0x2e, 1215 (byte) 0x73, (byte) 0x65, (byte) 0x63, (byte) 0x75, 1216 (byte) 0x72, (byte) 0x69, (byte) 0x74, (byte) 0x79, 1217 (byte) 0x2e, (byte) 0x61, (byte) 0x75, (byte) 0x74, 1218 (byte) 0x68, (byte) 0x2e, (byte) 0x53, (byte) 0x75, 1219 (byte) 0x62, (byte) 0x6a, (byte) 0x65, (byte) 0x63, 1220 (byte) 0x74, (byte) 0x24, (byte) 0x53, (byte) 0x65, 1221 (byte) 0x63, (byte) 0x75, (byte) 0x72, (byte) 0x65, 1222 (byte) 0x53, (byte) 0x65, (byte) 0x74, (byte) 0x6d, 1223 (byte) 0xcc, (byte) 0x32, (byte) 0x80, (byte) 0x17, 1224 (byte) 0x55, (byte) 0x7e, (byte) 0x27, (byte) 0x03, 1225 (byte) 0x00, (byte) 0x02, (byte) 0x4c, (byte) 0x00, 1226 (byte) 0x08, (byte) 0x65, (byte) 0x6c, (byte) 0x65, 1227 (byte) 0x6d, (byte) 0x65, (byte) 0x6e, (byte) 0x74, 1228 (byte) 0x73, (byte) 0x74, (byte) 0x00, (byte) 0x16, 1229 (byte) 0x4c, (byte) 0x6a, (byte) 0x61, (byte) 0x76, 1230 (byte) 0x61, (byte) 0x2f, (byte) 0x75, (byte) 0x74, 1231 (byte) 0x69, (byte) 0x6c, (byte) 0x2f, (byte) 0x4c, 1232 (byte) 0x69, (byte) 0x6e, (byte) 0x6b, (byte) 0x65, 1233 (byte) 0x64, (byte) 0x4c, (byte) 0x69, (byte) 0x73, 1234 (byte) 0x74, (byte) 0x3b, (byte) 0x4c, (byte) 0x00, 1235 (byte) 0x06, (byte) 0x74, (byte) 0x68, (byte) 0x69, 1236 (byte) 0x73, (byte) 0x24, (byte) 0x30, (byte) 0x74, 1237 (byte) 0x00, (byte) 0x1d, (byte) 0x4c, (byte) 0x6a, 1238 (byte) 0x61, (byte) 0x76, (byte) 0x61, (byte) 0x78, 1239 (byte) 0x2f, (byte) 0x73, (byte) 0x65, (byte) 0x63, 1240 (byte) 0x75, (byte) 0x72, (byte) 0x69, (byte) 0x74, 1241 (byte) 0x79, (byte) 0x2f, (byte) 0x61, (byte) 0x75, 1242 (byte) 0x74, (byte) 0x68, (byte) 0x2f, (byte) 0x53, 1243 (byte) 0x75, (byte) 0x62, (byte) 0x6a, (byte) 0x65, 1244 (byte) 0x63, (byte) 0x74, (byte) 0x3b, (byte) 0x78, 1245 (byte) 0x70, (byte) 0x73, (byte) 0x72, (byte) 0x00, 1246 (byte) 0x14, (byte) 0x6a, (byte) 0x61, (byte) 0x76, 1247 (byte) 0x61, (byte) 0x2e, (byte) 0x75, (byte) 0x74, 1248 (byte) 0x69, (byte) 0x6c, (byte) 0x2e, (byte) 0x4c, 1249 (byte) 0x69, (byte) 0x6e, (byte) 0x6b, (byte) 0x65, 1250 (byte) 0x64, (byte) 0x4c, (byte) 0x69, (byte) 0x73, 1251 (byte) 0x74, (byte) 0x0c, (byte) 0x29, (byte) 0x53, 1252 (byte) 0x5d, (byte) 0x4a, (byte) 0x60, (byte) 0x88, 1253 (byte) 0x22, (byte) 0x03, (byte) 0x00, (byte) 0x00, 1254 (byte) 0x78, (byte) 0x70, (byte) 0x77, (byte) 0x04, 1255 (byte) 0x00, (byte) 0x00, (byte) 0x00, (byte) 0x01, 1256 (byte) 0x73, (byte) 0x72, (byte) 0x00, (byte) 0x28, 1257 (byte) 0x6a, (byte) 0x61, (byte) 0x76, (byte) 0x61, 1258 (byte) 0x78, (byte) 0x2e, (byte) 0x73, (byte) 0x65, 1259 (byte) 0x63, (byte) 0x75, (byte) 0x72, (byte) 0x69, 1260 (byte) 0x74, (byte) 0x79, (byte) 0x2e, (byte) 0x61, 1261 (byte) 0x75, (byte) 0x74, (byte) 0x68, (byte) 0x2e, 1262 (byte) 0x53, (byte) 0x75, (byte) 0x62, (byte) 0x6a, 1263 (byte) 0x65, (byte) 0x63, (byte) 0x74, (byte) 0x54, 1264 (byte) 0x65, (byte) 0x73, (byte) 0x74, (byte) 0x24, 1265 (byte) 0x4d, (byte) 0x79, (byte) 0x4f, (byte) 0x62, 1266 (byte) 0x6a, (byte) 0x65, (byte) 0x63, (byte) 0x74, 1267 (byte) 0xf7, (byte) 0xbc, (byte) 0xdc, (byte) 0x95, 1268 (byte) 0xb2, (byte) 0x33, (byte) 0x3a, (byte) 0x0f, 1269 (byte) 0x02, (byte) 0x00, (byte) 0x00, (byte) 0x78, 1270 (byte) 0x70, (byte) 0x78, (byte) 0x73, (byte) 0x72, 1271 (byte) 0x00, (byte) 0x1b, (byte) 0x6a, (byte) 0x61, 1272 (byte) 0x76, (byte) 0x61, (byte) 0x78, (byte) 0x2e, 1273 (byte) 0x73, (byte) 0x65, (byte) 0x63, (byte) 0x75, 1274 (byte) 0x72, (byte) 0x69, (byte) 0x74, (byte) 0x79, 1275 (byte) 0x2e, (byte) 0x61, (byte) 0x75, (byte) 0x74, 1276 (byte) 0x68, (byte) 0x2e, (byte) 0x53, (byte) 0x75, 1277 (byte) 0x62, (byte) 0x6a, (byte) 0x65, (byte) 0x63, 1278 (byte) 0x74, (byte) 0x8c, (byte) 0xb2, (byte) 0x32, 1279 (byte) 0x93, (byte) 0x00, (byte) 0x33, (byte) 0xfa, 1280 (byte) 0x68, (byte) 0x03, (byte) 0x00, (byte) 0x02, 1281 (byte) 0x5a, (byte) 0x00, (byte) 0x0a, (byte) 0x69, 1282 (byte) 0x73, (byte) 0x52, (byte) 0x65, (byte) 0x61, 1283 (byte) 0x64, (byte) 0x4f, (byte) 0x6e, (byte) 0x6c, 1284 (byte) 0x79, (byte) 0x4c, (byte) 0x00, (byte) 0x0a, 1285 (byte) 0x70, (byte) 0x72, (byte) 0x69, (byte) 0x6e, 1286 (byte) 0x63, (byte) 0x69, (byte) 0x70, (byte) 0x61, 1287 (byte) 0x6c, (byte) 0x73, (byte) 0x74, (byte) 0x00, 1288 (byte) 0x0f, (byte) 0x4c, (byte) 0x6a, (byte) 0x61, 1289 (byte) 0x76, (byte) 0x61, (byte) 0x2f, (byte) 0x75, 1290 (byte) 0x74, (byte) 0x69, (byte) 0x6c, (byte) 0x2f, 1291 (byte) 0x53, (byte) 0x65, (byte) 0x74, (byte) 0x3b, 1292 (byte) 0x78, (byte) 0x70, (byte) 0x00, (byte) 0x71, 1293 (byte) 0x00, (byte) 0x7e, (byte) 0x00, (byte) 0x03, 1294 (byte) 0x78, (byte) 0x78 }; 1295 1296 ByteArrayInputStream in = new ByteArrayInputStream(nullElement); 1297 ObjectInputStream sIn = new ObjectInputStream(in); 1298 1299 try { 1300 sIn.readObject(); 1301 if (!testing) { 1302 fail("No expected NullPointerException"); 1303 } 1304 } catch (NullPointerException e) { 1305 } finally { 1306 sIn.close(); 1307 } 1308 1309 in = new ByteArrayInputStream(notPrincipalElement); 1310 sIn = new ObjectInputStream(in); 1311 1312 try { 1313 sIn.readObject(); 1314 if (!testing) { 1315 fail("No expected IllegalArgumentException"); 1316 } 1317 } catch (IllegalArgumentException e) { 1318 } finally { 1319 sIn.close(); 1320 } 1321 } 1322 1323 /** 1324 * Test subject's private credential set deserialization in case 1325 * of invalid null element. 1326 */ 1327 public void test_PrivateCredentialSetInvalidSerForm() throws Exception { 1328 1329 // The array was produced in the following way: 1330 // 1) A check that verifies a passed private credential object for null 1331 // value was disabled in Subject class. 1332 // 2) Subject object was created 1333 // 3) A null was added to subject's private credential set by invoking 1334 // getPrivateCredentials().add(null); 1335 // 4) ByteArrayOutputStream class was used to write 1336 // subject's private credential set object 1337 // and to get resulting array of bytes 1338 byte[] nullElement = new byte[] { (byte) 0xac, (byte) 0xed, 1339 (byte) 0x00, (byte) 0x05, (byte) 0x73, (byte) 0x72, 1340 (byte) 0x00, (byte) 0x25, (byte) 0x6a, (byte) 0x61, 1341 (byte) 0x76, (byte) 0x61, (byte) 0x78, (byte) 0x2e, 1342 (byte) 0x73, (byte) 0x65, (byte) 0x63, (byte) 0x75, 1343 (byte) 0x72, (byte) 0x69, (byte) 0x74, (byte) 0x79, 1344 (byte) 0x2e, (byte) 0x61, (byte) 0x75, (byte) 0x74, 1345 (byte) 0x68, (byte) 0x2e, (byte) 0x53, (byte) 0x75, 1346 (byte) 0x62, (byte) 0x6a, (byte) 0x65, (byte) 0x63, 1347 (byte) 0x74, (byte) 0x24, (byte) 0x53, (byte) 0x65, 1348 (byte) 0x63, (byte) 0x75, (byte) 0x72, (byte) 0x65, 1349 (byte) 0x53, (byte) 0x65, (byte) 0x74, (byte) 0x6d, 1350 (byte) 0xcc, (byte) 0x32, (byte) 0x80, (byte) 0x17, 1351 (byte) 0x55, (byte) 0x7e, (byte) 0x27, (byte) 0x03, 1352 (byte) 0x00, (byte) 0x03, (byte) 0x49, (byte) 0x00, 1353 (byte) 0x07, (byte) 0x73, (byte) 0x65, (byte) 0x74, 1354 (byte) 0x54, (byte) 0x79, (byte) 0x70, (byte) 0x65, 1355 (byte) 0x4c, (byte) 0x00, (byte) 0x08, (byte) 0x65, 1356 (byte) 0x6c, (byte) 0x65, (byte) 0x6d, (byte) 0x65, 1357 (byte) 0x6e, (byte) 0x74, (byte) 0x73, (byte) 0x74, 1358 (byte) 0x00, (byte) 0x16, (byte) 0x4c, (byte) 0x6a, 1359 (byte) 0x61, (byte) 0x76, (byte) 0x61, (byte) 0x2f, 1360 (byte) 0x75, (byte) 0x74, (byte) 0x69, (byte) 0x6c, 1361 (byte) 0x2f, (byte) 0x4c, (byte) 0x69, (byte) 0x6e, 1362 (byte) 0x6b, (byte) 0x65, (byte) 0x64, (byte) 0x4c, 1363 (byte) 0x69, (byte) 0x73, (byte) 0x74, (byte) 0x3b, 1364 (byte) 0x4c, (byte) 0x00, (byte) 0x06, (byte) 0x74, 1365 (byte) 0x68, (byte) 0x69, (byte) 0x73, (byte) 0x24, 1366 (byte) 0x30, (byte) 0x74, (byte) 0x00, (byte) 0x1d, 1367 (byte) 0x4c, (byte) 0x6a, (byte) 0x61, (byte) 0x76, 1368 (byte) 0x61, (byte) 0x78, (byte) 0x2f, (byte) 0x73, 1369 (byte) 0x65, (byte) 0x63, (byte) 0x75, (byte) 0x72, 1370 (byte) 0x69, (byte) 0x74, (byte) 0x79, (byte) 0x2f, 1371 (byte) 0x61, (byte) 0x75, (byte) 0x74, (byte) 0x68, 1372 (byte) 0x2f, (byte) 0x53, (byte) 0x75, (byte) 0x62, 1373 (byte) 0x6a, (byte) 0x65, (byte) 0x63, (byte) 0x74, 1374 (byte) 0x3b, (byte) 0x78, (byte) 0x70, (byte) 0x00, 1375 (byte) 0x00, (byte) 0x00, (byte) 0x01, (byte) 0x73, 1376 (byte) 0x72, (byte) 0x00, (byte) 0x14, (byte) 0x6a, 1377 (byte) 0x61, (byte) 0x76, (byte) 0x61, (byte) 0x2e, 1378 (byte) 0x75, (byte) 0x74, (byte) 0x69, (byte) 0x6c, 1379 (byte) 0x2e, (byte) 0x4c, (byte) 0x69, (byte) 0x6e, 1380 (byte) 0x6b, (byte) 0x65, (byte) 0x64, (byte) 0x4c, 1381 (byte) 0x69, (byte) 0x73, (byte) 0x74, (byte) 0x0c, 1382 (byte) 0x29, (byte) 0x53, (byte) 0x5d, (byte) 0x4a, 1383 (byte) 0x60, (byte) 0x88, (byte) 0x22, (byte) 0x03, 1384 (byte) 0x00, (byte) 0x00, (byte) 0x78, (byte) 0x70, 1385 (byte) 0x77, (byte) 0x04, (byte) 0x00, (byte) 0x00, 1386 (byte) 0x00, (byte) 0x01, (byte) 0x70, (byte) 0x78, 1387 (byte) 0x73, (byte) 0x72, (byte) 0x00, (byte) 0x1b, 1388 (byte) 0x6a, (byte) 0x61, (byte) 0x76, (byte) 0x61, 1389 (byte) 0x78, (byte) 0x2e, (byte) 0x73, (byte) 0x65, 1390 (byte) 0x63, (byte) 0x75, (byte) 0x72, (byte) 0x69, 1391 (byte) 0x74, (byte) 0x79, (byte) 0x2e, (byte) 0x61, 1392 (byte) 0x75, (byte) 0x74, (byte) 0x68, (byte) 0x2e, 1393 (byte) 0x53, (byte) 0x75, (byte) 0x62, (byte) 0x6a, 1394 (byte) 0x65, (byte) 0x63, (byte) 0x74, (byte) 0x8c, 1395 (byte) 0xb2, (byte) 0x32, (byte) 0x93, (byte) 0x00, 1396 (byte) 0x33, (byte) 0xfa, (byte) 0x68, (byte) 0x03, 1397 (byte) 0x00, (byte) 0x02, (byte) 0x5a, (byte) 0x00, 1398 (byte) 0x0a, (byte) 0x69, (byte) 0x73, (byte) 0x52, 1399 (byte) 0x65, (byte) 0x61, (byte) 0x64, (byte) 0x4f, 1400 (byte) 0x6e, (byte) 0x6c, (byte) 0x79, (byte) 0x4c, 1401 (byte) 0x00, (byte) 0x0a, (byte) 0x70, (byte) 0x72, 1402 (byte) 0x69, (byte) 0x6e, (byte) 0x63, (byte) 0x69, 1403 (byte) 0x70, (byte) 0x61, (byte) 0x6c, (byte) 0x73, 1404 (byte) 0x74, (byte) 0x00, (byte) 0x0f, (byte) 0x4c, 1405 (byte) 0x6a, (byte) 0x61, (byte) 0x76, (byte) 0x61, 1406 (byte) 0x2f, (byte) 0x75, (byte) 0x74, (byte) 0x69, 1407 (byte) 0x6c, (byte) 0x2f, (byte) 0x53, (byte) 0x65, 1408 (byte) 0x74, (byte) 0x3b, (byte) 0x78, (byte) 0x70, 1409 (byte) 0x00, (byte) 0x73, (byte) 0x71, (byte) 0x00, 1410 (byte) 0x7e, (byte) 0x00, (byte) 0x00, (byte) 0x00, 1411 (byte) 0x00, (byte) 0x00, (byte) 0x00, (byte) 0x73, 1412 (byte) 0x71, (byte) 0x00, (byte) 0x7e, (byte) 0x00, 1413 (byte) 0x04, (byte) 0x77, (byte) 0x04, (byte) 0x00, 1414 (byte) 0x00, (byte) 0x00, (byte) 0x00, (byte) 0x78, 1415 (byte) 0x71, (byte) 0x00, (byte) 0x7e, (byte) 0x00, 1416 (byte) 0x08, (byte) 0x78, (byte) 0x78, (byte) 0x78 }; 1417 1418 ByteArrayInputStream in = new ByteArrayInputStream(nullElement); 1419 ObjectInputStream sIn = new ObjectInputStream(in); 1420 1421 try { 1422 sIn.readObject(); 1423 if (!testing) { 1424 fail("No expected NullPointerException"); 1425 } 1426 } catch (NullPointerException e) { 1427 } finally { 1428 sIn.close(); 1429 } 1430 } 1431 1432 public static class PermissionTest extends SecurityTest { 1433 1434 private final Subject subject = new Subject(); 1435 1436 /* 1437 * FIXME??? presence of unaccessible element 1438 * forbids all operations except adding new elements 1439 */ 1440 public void testForbiddenElement() { 1441 1442 grantMode(); // no permissions 1443 grantPermission(new AuthPermission("modifyPrivateCredentials")); 1444 1445 Principal privCr1 = new MyClass1(); 1446 Object privCr2 = new Object(); 1447 1448 HashSet<Object> hash = new HashSet<Object>(); 1449 hash.add(privCr1); 1450 hash.add(new Object()); 1451 1452 Set<Object> set = subject.getPrivateCredentials(); 1453 1454 // Adding is not prohibited 1455 set.add(privCr1); 1456 1457 set.add(privCr2); 1458 1459 try { 1460 set.clear(); 1461 fail("No expected AccessControlException"); 1462 } catch (AccessControlException e) { 1463 // PrivateCredentialPermission check goes first 1464 assertEquals(e, PrivateCredentialPermission.class); 1465 } 1466 1467 try { 1468 set.contains(privCr1); 1469 fail("No expected AccessControlException"); 1470 } catch (AccessControlException e) { 1471 assertEquals(e, PrivateCredentialPermission.class); 1472 } 1473 1474 try { 1475 set.contains(new Object()); 1476 fail("No expected AccessControlException"); 1477 } catch (AccessControlException e) { 1478 assertEquals(e, PrivateCredentialPermission.class); 1479 } 1480 1481 assertTrue(set.equals(set)); 1482 assertFalse(set.equals(new HashSet<Object>())); 1483 try { 1484 // set with equal size initiates iteration 1485 set.equals(hash); 1486 fail("No expected AccessControlException"); 1487 } catch (AccessControlException e) { 1488 assertEquals(e, PrivateCredentialPermission.class); 1489 } 1490 1491 set.isEmpty(); 1492 1493 try { 1494 set.hashCode(); 1495 fail("No expected AccessControlException"); 1496 } catch (AccessControlException e) { 1497 assertEquals(e, PrivateCredentialPermission.class); 1498 } 1499 1500 try { 1501 set.remove(privCr1); 1502 fail("No expected AccessControlException"); 1503 } catch (AccessControlException e) { 1504 // PrivateCredentialPermission check goes first 1505 assertEquals(e, PrivateCredentialPermission.class); 1506 } 1507 1508 try { 1509 set.remove(new Object()); 1510 fail("No expected AccessControlException"); 1511 } catch (AccessControlException e) { 1512 // PrivateCredentialPermission check goes first 1513 assertEquals(e, PrivateCredentialPermission.class); 1514 } 1515 1516 try { 1517 set.retainAll(new HashSet<Object>()); 1518 fail("No expected AccessControlException"); 1519 } catch (AccessControlException e) { 1520 // PrivateCredentialPermission check goes first 1521 assertEquals(e, PrivateCredentialPermission.class); 1522 } 1523 1524 try { 1525 set.toArray(); 1526 fail("No expected AccessControlException"); 1527 } catch (AccessControlException e) { 1528 assertEquals(e, PrivateCredentialPermission.class); 1529 } 1530 1531 try { 1532 set.toArray(new Object[5]); 1533 fail("No expected AccessControlException"); 1534 } catch (AccessControlException e) { 1535 assertEquals(e, PrivateCredentialPermission.class); 1536 } 1537 } 1538 1539 public void testIteratorNext_EmptySet() { 1540 1541 grantMode(); // no permissions 1542 try { 1543 (new Subject()).getPrivateCredentials().iterator().next(); 1544 fail("No expected NoSuchElementException"); 1545 } catch (NoSuchElementException e) { 1546 } catch (IndexOutOfBoundsException e) { 1547 if (!testing) { 1548 throw e; 1549 } 1550 } 1551 } 1552 1553 public void testIteratorNext() { 1554 1555 subject.getPrincipals().add(new MyClass1()); 1556 1557 Set<Object> set = subject.getPrivateCredentials(); 1558 1559 Object obj1 = new Object(); 1560 Object obj2 = new Object(); 1561 Object obj3 = new Object(); 1562 1563 set.add(obj1); 1564 set.add(new HashSet<Object>()); 1565 set.add(obj2); 1566 set.add(new HashSet<Object>()); 1567 set.add(obj3); 1568 1569 grantMode(); // no permissions 1570 1571 HashSet<Object> hash = new HashSet<Object>(); 1572 1573 grantPermission(new PrivateCredentialPermission( 1574 "java.lang.Object * \"*\"", "read")); 1575 1576 Iterator<Object> it = set.iterator(); 1577 while (it.hasNext()) { 1578 try { 1579 hash.add(it.next()); 1580 } catch (AccessControlException e) { 1581 assertEquals(e, PrivateCredentialPermission.class); 1582 } 1583 } 1584 1585 assertEquals("Size: ", 3, hash.size()); 1586 assertTrue("1 element", hash.contains(obj1)); 1587 assertTrue("2 element", hash.contains(obj2)); 1588 assertTrue("3 element", hash.contains(obj3)); 1589 } 1590 1591 public void test_Remove_NotExistingElement_EmptySet() { 1592 1593 denyPermission(new PrivateCredentialPermission("* * \"*\"", "read")); 1594 1595 subject.getPrivateCredentials().remove(new Object()); 1596 } 1597 1598 public void test_PrivateCredentialPermission() { 1599 1600 if (!testing) { 1601 class P implements Principal { 1602 public String getName() { 1603 return "name"; 1604 } 1605 } 1606 1607 P p = new P(); 1608 HashSet<Principal> hash = new HashSet<Principal>(); 1609 hash.add(p); 1610 1611 PrivateCredentialPermission p1 = new PrivateCredentialPermission( 1612 "java.lang.Object", hash); 1613 1614 PrivateCredentialPermission p2 = new PrivateCredentialPermission( 1615 "java.lang.Object " + P.class.getName() + " \"name\"", 1616 "read"); 1617 1618 assertTrue(p1.implies(p2)); 1619 assertTrue(p2.implies(p1)); 1620 } 1621 1622 PrivateCredentialPermission p3 = new PrivateCredentialPermission( 1623 "java.lang.Object * \"*\"", "read"); 1624 PrivateCredentialPermission p4 = new PrivateCredentialPermission( 1625 "java.lang.Object", new HashSet<Principal>()); 1626 1627 assertTrue(p3.implies(p4)); 1628 } 1629 1630 public void test_Principal() { 1631 1632 Principal p1 = new MyClass1(); 1633 Principal p2 = new MyClass2(); 1634 1635 HashSet<Principal> hash = new HashSet<Principal>(); 1636 hash.add(p2); 1637 1638 Set<Object> set = subject.getPrivateCredentials(); 1639 1640 set.add(new Object()); 1641 1642 grantMode(); // no permissions 1643 1644 grantPermission(new AuthPermission("modifyPrincipals")); 1645 grantPermission(getPermission("java.lang.Object", hash)); 1646 1647 Iterator<Object> it = set.iterator(); 1648 it.next(); 1649 1650 subject.getPrincipals().add(p1); 1651 it = set.iterator(); 1652 try { 1653 it.next(); 1654 fail("No expected AccessControlException"); 1655 } catch (AccessControlException e) { 1656 assertEquals(e, PrivateCredentialPermission.class); 1657 } 1658 1659 subject.getPrincipals().add(p2); 1660 1661 it = set.iterator(); 1662 it.next(); 1663 } 1664 1665 public void test_Serialization() throws Exception { 1666 1667 subject.getPrivateCredentials().add(new MyClass1()); 1668 1669 denyPermission(new PrivateCredentialPermission("* * \"*\"", "read")); 1670 1671 ByteArrayOutputStream out = new ByteArrayOutputStream(); 1672 ObjectOutputStream sOut = new ObjectOutputStream(out); 1673 1674 try { 1675 sOut.writeObject(subject.getPrivateCredentials()); 1676 fail("No expected AccessControlException"); 1677 } catch (AccessControlException e) { 1678 assertEquals(e, PrivateCredentialPermission.class); 1679 } finally { 1680 sOut.close(); 1681 } 1682 } 1683 1684 @SuppressWarnings("unchecked") 1685 public void testGetClass() { 1686 1687 HashSet hash = new HashSet(); 1688 hash.add(new MyClass1()); 1689 1690 subject.getPrincipals().add(new MyClass1()); 1691 1692 subject.getPrivateCredentials().add(new MyClass1()); 1693 subject.getPrivateCredentials().add(new MyClass2()); 1694 1695 grantMode(); // no permissions 1696 1697 try { 1698 subject.getPrivateCredentials(MyClass1.class); 1699 fail("No expected AccessControlException"); 1700 } catch (AccessControlException e) { 1701 assertEquals(e, PrivateCredentialPermission.class); 1702 } 1703 1704 try { 1705 subject.getPrivateCredentials(MyClass2.class); 1706 fail("No expected AccessControlException"); 1707 } catch (AccessControlException e) { 1708 assertEquals(e, PrivateCredentialPermission.class); 1709 } 1710 1711 // subject hash partial permissions (only for MyClass1 class) 1712 grantPermission(getPermission(MyClass1.class.getName(), hash)); 1713 1714 // FIXME why security exception is thrown? 1715 // the spec. require permissions for requested class only 1716 try { 1717 subject.getPrivateCredentials(MyClass1.class); 1718 fail("No expected AccessControlException"); 1719 } catch (AccessControlException e) { 1720 assertEquals(e, PrivateCredentialPermission.class); 1721 } 1722 1723 try { 1724 subject.getPrivateCredentials(MyClass2.class); 1725 fail("No expected AccessControlException"); 1726 } catch (AccessControlException e) { 1727 assertEquals(e, PrivateCredentialPermission.class); 1728 } 1729 1730 // now subject has all permissions 1731 grantPermission(getPermission(MyClass2.class.getName(), hash)); 1732 1733 subject.getPrivateCredentials(MyClass1.class); 1734 subject.getPrivateCredentials(MyClass2.class); 1735 } 1736 1737 public PrivateCredentialPermission getPermission(String c, Set<? extends Principal> p) { 1738 StringBuffer buf = new StringBuffer(c); 1739 1740 for (Iterator<? extends Principal> it = p.iterator(); it.hasNext();) { 1741 Object o = it.next(); 1742 buf.append(" "); 1743 buf.append(o.getClass().getName()); 1744 buf.append(" \""); 1745 buf.append(((Principal) o).getName()); 1746 buf.append("\""); 1747 } 1748 return new PrivateCredentialPermission(buf.toString(), "read"); 1749 } 1750 } 1751 1752 /** 1753 * Test subject's public credential set deserialization in case 1754 * of invalid null element. 1755 */ 1756 public void test_PublicCredentialInvalidSerForm() throws Exception { 1757 1758 // The array was produced in the following way: 1759 // 1) A check that verifies a passed public credential object for null 1760 // value was disabled in Subject class. 1761 // 2) Subject object was created 1762 // 3) A null was added to subject's public credential set by invoking 1763 // getPublicCredentials().add(null); 1764 // 4) ByteArrayOutputStream class was used to write 1765 // subject's public credential set object 1766 // and to get resulting array of bytes 1767 byte[] nullElement = new byte[] { (byte) 0xac, (byte) 0xed, 1768 (byte) 0x00, (byte) 0x05, (byte) 0x73, (byte) 0x72, 1769 (byte) 0x00, (byte) 0x25, (byte) 0x6a, (byte) 0x61, 1770 (byte) 0x76, (byte) 0x61, (byte) 0x78, (byte) 0x2e, 1771 (byte) 0x73, (byte) 0x65, (byte) 0x63, (byte) 0x75, 1772 (byte) 0x72, (byte) 0x69, (byte) 0x74, (byte) 0x79, 1773 (byte) 0x2e, (byte) 0x61, (byte) 0x75, (byte) 0x74, 1774 (byte) 0x68, (byte) 0x2e, (byte) 0x53, (byte) 0x75, 1775 (byte) 0x62, (byte) 0x6a, (byte) 0x65, (byte) 0x63, 1776 (byte) 0x74, (byte) 0x24, (byte) 0x53, (byte) 0x65, 1777 (byte) 0x63, (byte) 0x75, (byte) 0x72, (byte) 0x65, 1778 (byte) 0x53, (byte) 0x65, (byte) 0x74, (byte) 0x6d, 1779 (byte) 0xcc, (byte) 0x32, (byte) 0x80, (byte) 0x17, 1780 (byte) 0x55, (byte) 0x7e, (byte) 0x27, (byte) 0x03, 1781 (byte) 0x00, (byte) 0x03, (byte) 0x49, (byte) 0x00, 1782 (byte) 0x07, (byte) 0x73, (byte) 0x65, (byte) 0x74, 1783 (byte) 0x54, (byte) 0x79, (byte) 0x70, (byte) 0x65, 1784 (byte) 0x4c, (byte) 0x00, (byte) 0x08, (byte) 0x65, 1785 (byte) 0x6c, (byte) 0x65, (byte) 0x6d, (byte) 0x65, 1786 (byte) 0x6e, (byte) 0x74, (byte) 0x73, (byte) 0x74, 1787 (byte) 0x00, (byte) 0x16, (byte) 0x4c, (byte) 0x6a, 1788 (byte) 0x61, (byte) 0x76, (byte) 0x61, (byte) 0x2f, 1789 (byte) 0x75, (byte) 0x74, (byte) 0x69, (byte) 0x6c, 1790 (byte) 0x2f, (byte) 0x4c, (byte) 0x69, (byte) 0x6e, 1791 (byte) 0x6b, (byte) 0x65, (byte) 0x64, (byte) 0x4c, 1792 (byte) 0x69, (byte) 0x73, (byte) 0x74, (byte) 0x3b, 1793 (byte) 0x4c, (byte) 0x00, (byte) 0x06, (byte) 0x74, 1794 (byte) 0x68, (byte) 0x69, (byte) 0x73, (byte) 0x24, 1795 (byte) 0x30, (byte) 0x74, (byte) 0x00, (byte) 0x1d, 1796 (byte) 0x4c, (byte) 0x6a, (byte) 0x61, (byte) 0x76, 1797 (byte) 0x61, (byte) 0x78, (byte) 0x2f, (byte) 0x73, 1798 (byte) 0x65, (byte) 0x63, (byte) 0x75, (byte) 0x72, 1799 (byte) 0x69, (byte) 0x74, (byte) 0x79, (byte) 0x2f, 1800 (byte) 0x61, (byte) 0x75, (byte) 0x74, (byte) 0x68, 1801 (byte) 0x2f, (byte) 0x53, (byte) 0x75, (byte) 0x62, 1802 (byte) 0x6a, (byte) 0x65, (byte) 0x63, (byte) 0x74, 1803 (byte) 0x3b, (byte) 0x78, (byte) 0x70, (byte) 0x00, 1804 (byte) 0x00, (byte) 0x00, (byte) 0x02, (byte) 0x73, 1805 (byte) 0x72, (byte) 0x00, (byte) 0x14, (byte) 0x6a, 1806 (byte) 0x61, (byte) 0x76, (byte) 0x61, (byte) 0x2e, 1807 (byte) 0x75, (byte) 0x74, (byte) 0x69, (byte) 0x6c, 1808 (byte) 0x2e, (byte) 0x4c, (byte) 0x69, (byte) 0x6e, 1809 (byte) 0x6b, (byte) 0x65, (byte) 0x64, (byte) 0x4c, 1810 (byte) 0x69, (byte) 0x73, (byte) 0x74, (byte) 0x0c, 1811 (byte) 0x29, (byte) 0x53, (byte) 0x5d, (byte) 0x4a, 1812 (byte) 0x60, (byte) 0x88, (byte) 0x22, (byte) 0x03, 1813 (byte) 0x00, (byte) 0x00, (byte) 0x78, (byte) 0x70, 1814 (byte) 0x77, (byte) 0x04, (byte) 0x00, (byte) 0x00, 1815 (byte) 0x00, (byte) 0x01, (byte) 0x70, (byte) 0x78, 1816 (byte) 0x73, (byte) 0x72, (byte) 0x00, (byte) 0x1b, 1817 (byte) 0x6a, (byte) 0x61, (byte) 0x76, (byte) 0x61, 1818 (byte) 0x78, (byte) 0x2e, (byte) 0x73, (byte) 0x65, 1819 (byte) 0x63, (byte) 0x75, (byte) 0x72, (byte) 0x69, 1820 (byte) 0x74, (byte) 0x79, (byte) 0x2e, (byte) 0x61, 1821 (byte) 0x75, (byte) 0x74, (byte) 0x68, (byte) 0x2e, 1822 (byte) 0x53, (byte) 0x75, (byte) 0x62, (byte) 0x6a, 1823 (byte) 0x65, (byte) 0x63, (byte) 0x74, (byte) 0x8c, 1824 (byte) 0xb2, (byte) 0x32, (byte) 0x93, (byte) 0x00, 1825 (byte) 0x33, (byte) 0xfa, (byte) 0x68, (byte) 0x03, 1826 (byte) 0x00, (byte) 0x02, (byte) 0x5a, (byte) 0x00, 1827 (byte) 0x0a, (byte) 0x69, (byte) 0x73, (byte) 0x52, 1828 (byte) 0x65, (byte) 0x61, (byte) 0x64, (byte) 0x4f, 1829 (byte) 0x6e, (byte) 0x6c, (byte) 0x79, (byte) 0x4c, 1830 (byte) 0x00, (byte) 0x0a, (byte) 0x70, (byte) 0x72, 1831 (byte) 0x69, (byte) 0x6e, (byte) 0x63, (byte) 0x69, 1832 (byte) 0x70, (byte) 0x61, (byte) 0x6c, (byte) 0x73, 1833 (byte) 0x74, (byte) 0x00, (byte) 0x0f, (byte) 0x4c, 1834 (byte) 0x6a, (byte) 0x61, (byte) 0x76, (byte) 0x61, 1835 (byte) 0x2f, (byte) 0x75, (byte) 0x74, (byte) 0x69, 1836 (byte) 0x6c, (byte) 0x2f, (byte) 0x53, (byte) 0x65, 1837 (byte) 0x74, (byte) 0x3b, (byte) 0x78, (byte) 0x70, 1838 (byte) 0x00, (byte) 0x73, (byte) 0x71, (byte) 0x00, 1839 (byte) 0x7e, (byte) 0x00, (byte) 0x00, (byte) 0x00, 1840 (byte) 0x00, (byte) 0x00, (byte) 0x00, (byte) 0x73, 1841 (byte) 0x71, (byte) 0x00, (byte) 0x7e, (byte) 0x00, 1842 (byte) 0x04, (byte) 0x77, (byte) 0x04, (byte) 0x00, 1843 (byte) 0x00, (byte) 0x00, (byte) 0x00, (byte) 0x78, 1844 (byte) 0x71, (byte) 0x00, (byte) 0x7e, (byte) 0x00, 1845 (byte) 0x08, (byte) 0x78, (byte) 0x78, (byte) 0x78 }; 1846 1847 ByteArrayInputStream in = new ByteArrayInputStream(nullElement); 1848 ObjectInputStream sIn = new ObjectInputStream(in); 1849 1850 try { 1851 sIn.readObject(); 1852 if (!testing) { 1853 fail("No expected NullPointerException"); 1854 } 1855 } catch (NullPointerException e) { 1856 } finally { 1857 sIn.close(); 1858 } 1859 } 1860 1861 @SuppressWarnings("serial") 1862 public static class MyClass1 implements Principal, Serializable { 1863 public String getName() { 1864 return "MyClass1"; 1865 } 1866 } 1867 1868 public static class MyClass2 implements Principal { 1869 public String getName() { 1870 return "MyClass2"; 1871 } 1872 } 1873 1874 @SuppressWarnings("serial") 1875 public static class MyObject implements Serializable { 1876 } 1877 1878 public static class PrincipalTestSuite extends TestSuite { 1879 1880 public PrincipalTestSuite() { 1881 super("Principal"); 1882 1883 TestSuite iterator = new TestSuite("Iterator"); 1884 1885 iterator 1886 .addTest(new TestSuite(IteratorInterface.class, "Interface")); 1887 iterator.addTest(new TestSuite(IteratorReadOnly.class, "ReadOnly")); 1888 iterator.addTest(new TestSuite(IteratorSecure.class, "Secure")); 1889 1890 TestSuite set = new TestSuite("Set"); 1891 set.addTest(new TestSuite(SetInterface.class, "Interface")); 1892 set 1893 .addTest(new TestSuite(UnsupportedNull.class, 1894 "UnsupportedNull")); 1895 set.addTest(new TestSuite(IneligibleElement.class, 1896 "IneligibleElement")); 1897 set.addTest(new TestSuite(ReadOnlySet.class, "ReadOnly")); 1898 set.addTest(new TestSuite(SecureSet.class, "Secure")); 1899 1900 TestSuite object = new TestSuite("Object"); 1901 object.addTest(new TestSuite(SObjectTest.class, "Object")); 1902 1903 addTest(iterator); 1904 addTest(set); 1905 addTest(object); 1906 } 1907 1908 public static class IteratorInterface extends SecurityTest.IteratorTest { 1909 public IteratorInterface() { 1910 set = (new Subject()).getPrincipals(); 1911 element = principal; 1912 } 1913 } 1914 1915 public static class IteratorReadOnly extends 1916 SecurityTest.ReadOnlyIteratorTest { 1917 1918 private final Subject subject = new Subject(); 1919 1920 public IteratorReadOnly() { 1921 set = subject.getPrincipals(); 1922 element = principal; 1923 } 1924 1925 @Override 1926 public void setReadOnly() { 1927 subject.setReadOnly(); 1928 } 1929 } 1930 1931 public static class IteratorSecure extends 1932 SecurityTest.SecureIteratorTest { 1933 1934 public IteratorSecure() { 1935 set = (new Subject()).getPrincipals(); 1936 element = principal; 1937 } 1938 1939 @Override 1940 public void setSecure() { 1941 denyPermission(new AuthPermission("modifyPrincipals")); 1942 } 1943 } 1944 1945 public static class SetInterface extends SecurityTest.SetTest { 1946 public SetInterface() { 1947 set = (new Subject()).getPrincipals(); 1948 element = principal; 1949 } 1950 } 1951 1952 public static class UnsupportedNull extends 1953 SecurityTest.UnsupportedNullTest { 1954 1955 public UnsupportedNull() { 1956 set = (new Subject()).getPrincipals(); 1957 element = principal; 1958 } 1959 } 1960 1961 public static class IneligibleElement extends 1962 SecurityTest.IneligibleElementTest { 1963 1964 public IneligibleElement() { 1965 set = (new Subject()).getPrincipals(); 1966 element = principal; 1967 iElement = new Object(); 1968 } 1969 } 1970 1971 public static class ReadOnlySet extends SecurityTest.ReadOnlySetTest { 1972 private final Subject subject = new Subject(); 1973 1974 public ReadOnlySet() { 1975 set = subject.getPrincipals(); 1976 element = principal; 1977 } 1978 1979 @Override 1980 public void setReadOnly() { 1981 subject.setReadOnly(); 1982 } 1983 } 1984 1985 public static class SecureSet extends SecurityTest.SecureSetTest { 1986 1987 public SecureSet() { 1988 set = (new Subject()).getPrincipals(); 1989 element = principal; 1990 } 1991 1992 @Override 1993 public void setSecure() { 1994 denyPermission(new AuthPermission("modifyPrincipals")); 1995 } 1996 } 1997 1998 public static class SObjectTest extends 1999 SecurityTest.SubjectSetObjectTest { 2000 public SObjectTest() { 2001 obj1 = subject.getPrincipals(); 2002 2003 //intentionally another set 2004 obj2 = subject.getPrivateCredentials(); 2005 } 2006 } 2007 } 2008 2009 public static class PrivateCredentialTestSuite extends TestSuite { 2010 2011 public PrivateCredentialTestSuite() { 2012 super("PrivateCredential"); 2013 2014 TestSuite iterator = new TestSuite("Iterator"); 2015 2016 iterator 2017 .addTest(new TestSuite(IteratorInterface.class, "Interface")); 2018 iterator.addTest(new TestSuite(IteratorReadOnly.class, "ReadOnly")); 2019 iterator.addTest(new TestSuite(IteratorSecure.class, "Secure")); 2020 2021 TestSuite set = new TestSuite("Set"); 2022 set.addTest(new TestSuite(SetInterface.class, "Interface")); 2023 set 2024 .addTest(new TestSuite(UnsupportedNull.class, 2025 "UnsupportedNull")); 2026 set.addTest(new TestSuite(ReadOnlySet.class, "ReadOnly")); 2027 set.addTest(new TestSuite(SecureSet.class, "Secure")); 2028 set.addTest(new TestSuite(PermissionTest.class, "PermissionTest")); 2029 2030 TestSuite object = new TestSuite("Object"); 2031 object.addTest(new TestSuite(SObjectTest.class, "Object")); 2032 2033 addTest(iterator); 2034 addTest(set); 2035 addTest(object); 2036 } 2037 2038 public static class IteratorInterface extends SecurityTest.IteratorTest { 2039 public IteratorInterface() { 2040 set = (new Subject()).getPrivateCredentials(); 2041 element = principal; 2042 } 2043 2044 @Override 2045 public void testNext_EmptySet_NoSuchElementException() { 2046 2047 if (testing) { 2048 //Unexpected: IndexOutOfBoundsException 2049 try { 2050 super.testNext_EmptySet_NoSuchElementException(); 2051 } catch (IndexOutOfBoundsException e) { 2052 } 2053 } else { 2054 super.testNext_EmptySet_NoSuchElementException(); 2055 } 2056 } 2057 2058 @Override 2059 public void testNext_NoSuchElementException() { 2060 if (testing) { 2061 //Unexpected: IndexOutOfBoundsException 2062 try { 2063 super.testNext_NoSuchElementException(); 2064 } catch (IndexOutOfBoundsException e) { 2065 } 2066 } else { 2067 super.testNext_NoSuchElementException(); 2068 } 2069 } 2070 } 2071 2072 public static class IteratorReadOnly extends 2073 SecurityTest.ReadOnlyIteratorTest { 2074 2075 private final Subject subject = new Subject(); 2076 2077 public IteratorReadOnly() { 2078 set = subject.getPrivateCredentials(); 2079 element = principal; 2080 } 2081 2082 @Override 2083 public void setReadOnly() { 2084 subject.setReadOnly(); 2085 } 2086 2087 @Override 2088 public void testNext_EmptySet_NoSuchElementException() { 2089 2090 if (testing) { 2091 //Unexpected: IndexOutOfBoundsException 2092 try { 2093 super.testNext_EmptySet_NoSuchElementException(); 2094 } catch (IndexOutOfBoundsException e) { 2095 } 2096 } else { 2097 super.testNext_EmptySet_NoSuchElementException(); 2098 } 2099 } 2100 2101 @Override 2102 public void testNext_NoSuchElementException() { 2103 if (testing) { 2104 //Unexpected: IndexOutOfBoundsException 2105 try { 2106 super.testNext_NoSuchElementException(); 2107 } catch (IndexOutOfBoundsException e) { 2108 } 2109 } else { 2110 super.testNext_NoSuchElementException(); 2111 } 2112 } 2113 } 2114 2115 public static class IteratorSecure extends 2116 SecurityTest.SecureIteratorTest { 2117 2118 public IteratorSecure() { 2119 set = (new Subject()).getPrivateCredentials(); 2120 element = principal; 2121 } 2122 2123 @Override 2124 public void setSecure() { 2125 denyPermission(new AuthPermission("modifyPrivateCredentials")); 2126 } 2127 2128 @Override 2129 public void testNext_EmptySet_NoSuchElementException() { 2130 2131 if (testing) { 2132 //Unexpected: IndexOutOfBoundsException 2133 try { 2134 super.testNext_EmptySet_NoSuchElementException(); 2135 } catch (IndexOutOfBoundsException e) { 2136 } 2137 } else { 2138 super.testNext_EmptySet_NoSuchElementException(); 2139 } 2140 } 2141 2142 @Override 2143 public void testNext_NoSuchElementException() { 2144 if (testing) { 2145 //Unexpected: IndexOutOfBoundsException 2146 try { 2147 super.testNext_NoSuchElementException(); 2148 } catch (IndexOutOfBoundsException e) { 2149 } 2150 } else { 2151 super.testNext_NoSuchElementException(); 2152 } 2153 } 2154 } 2155 2156 public static class SetInterface extends SecurityTest.SetTest { 2157 public SetInterface() { 2158 set = (new Subject()).getPrivateCredentials(); 2159 element = principal; 2160 } 2161 } 2162 2163 public static class UnsupportedNull extends 2164 SecurityTest.UnsupportedNullTest { 2165 2166 public UnsupportedNull() { 2167 set = (new Subject()).getPrivateCredentials(); 2168 element = principal; 2169 } 2170 } 2171 2172 public static class ReadOnlySet extends SecurityTest.ReadOnlySetTest { 2173 private final Subject subject = new Subject(); 2174 2175 public ReadOnlySet() { 2176 set = subject.getPrivateCredentials(); 2177 element = principal; 2178 } 2179 2180 @Override 2181 public void setReadOnly() { 2182 subject.setReadOnly(); 2183 } 2184 } 2185 2186 public static class SecureSet extends SecurityTest.SecureSetTest { 2187 2188 public SecureSet() { 2189 set = (new Subject()).getPrivateCredentials(); 2190 element = principal; 2191 } 2192 2193 @Override 2194 public void setSecure() { 2195 denyPermission(new AuthPermission("modifyPrivateCredentials")); 2196 } 2197 } 2198 2199 public static class SObjectTest extends 2200 SecurityTest.SubjectSetObjectTest { 2201 public SObjectTest() { 2202 obj1 = subject.getPrivateCredentials(); 2203 2204 //intentionally another set 2205 obj2 = subject.getPublicCredentials(); 2206 } 2207 } 2208 } 2209 2210 public static class PublicCredentialTestSuite extends TestSuite { 2211 2212 public PublicCredentialTestSuite() { 2213 super("PublicCredential"); 2214 2215 TestSuite iterator = new TestSuite("Iterator"); 2216 2217 iterator 2218 .addTest(new TestSuite(IteratorInterface.class, "Interface")); 2219 iterator.addTest(new TestSuite(IteratorReadOnly.class, "ReadOnly")); 2220 iterator.addTest(new TestSuite(IteratorSecure.class, "Secure")); 2221 2222 TestSuite set = new TestSuite("Set"); 2223 set.addTest(new TestSuite(SetInterface.class, "Interface")); 2224 set 2225 .addTest(new TestSuite(UnsupportedNull.class, 2226 "UnsupportedNull")); 2227 set.addTest(new TestSuite(ReadOnlySet.class, "ReadOnly")); 2228 set.addTest(new TestSuite(SecureSet.class, "Secure")); 2229 2230 TestSuite object = new TestSuite("Object"); 2231 object.addTest(new TestSuite(SObjectTest.class, "Object")); 2232 2233 addTest(iterator); 2234 addTest(set); 2235 addTest(object); 2236 } 2237 2238 public static class IteratorInterface extends SecurityTest.IteratorTest { 2239 public IteratorInterface() { 2240 set = (new Subject()).getPublicCredentials(); 2241 element = principal; 2242 } 2243 } 2244 2245 public static class IteratorReadOnly extends 2246 SecurityTest.ReadOnlyIteratorTest { 2247 2248 private final Subject subject = new Subject(); 2249 2250 public IteratorReadOnly() { 2251 set = subject.getPublicCredentials(); 2252 element = principal; 2253 } 2254 2255 @Override 2256 public void setReadOnly() { 2257 subject.setReadOnly(); 2258 } 2259 } 2260 2261 public static class IteratorSecure extends 2262 SecurityTest.SecureIteratorTest { 2263 2264 public IteratorSecure() { 2265 set = (new Subject()).getPublicCredentials(); 2266 element = principal; 2267 } 2268 2269 @Override 2270 public void setSecure() { 2271 denyPermission(new AuthPermission("modifyPublicCredentials")); 2272 } 2273 } 2274 2275 public static class SetInterface extends SecurityTest.SetTest { 2276 public SetInterface() { 2277 set = (new Subject()).getPublicCredentials(); 2278 element = principal; 2279 } 2280 } 2281 2282 public static class UnsupportedNull extends 2283 SecurityTest.UnsupportedNullTest { 2284 2285 public UnsupportedNull() { 2286 set = (new Subject()).getPublicCredentials(); 2287 element = principal; 2288 } 2289 } 2290 2291 public static class ReadOnlySet extends SecurityTest.ReadOnlySetTest { 2292 private final Subject subject = new Subject(); 2293 2294 public ReadOnlySet() { 2295 set = subject.getPublicCredentials(); 2296 element = principal; 2297 } 2298 2299 @Override 2300 public void setReadOnly() { 2301 subject.setReadOnly(); 2302 } 2303 } 2304 2305 public static class SecureSet extends SecurityTest.SecureSetTest { 2306 2307 public SecureSet() { 2308 set = (new Subject()).getPublicCredentials(); 2309 element = principal; 2310 } 2311 2312 @Override 2313 public void setSecure() { 2314 denyPermission(new AuthPermission("modifyPublicCredentials")); 2315 } 2316 } 2317 2318 public static class SObjectTest extends 2319 SecurityTest.SubjectSetObjectTest { 2320 public SObjectTest() { 2321 obj1 = subject.getPublicCredentials(); 2322 2323 //intentionally another set 2324 obj2 = subject.getPrincipals(); 2325 } 2326 } 2327 } 2328 2329 public static class PrincipalClassTestSuite extends TestSuite { 2330 2331 public PrincipalClassTestSuite() { 2332 super("PrincipalClass"); 2333 2334 TestSuite set = new TestSuite("Set"); 2335 set.addTest(new TestSuite(SetInterface.class, "Interface")); 2336 set 2337 .addTest(new TestSuite(UnsupportedNull.class, 2338 "UnsupportedNull")); 2339 set.addTest(new TestSuite(IneligibleElement.class, 2340 "IneligibleElement")); 2341 2342 TestSuite object = new TestSuite("Object"); 2343 object.addTest(new TestSuite(SObjectTest.class, "Object")); 2344 2345 addTest(set); 2346 addTest(object); 2347 } 2348 2349 public static class SetInterface extends SecurityTest.SetTest { 2350 public SetInterface() { 2351 set = (new Subject()).getPrincipals(MyClass1.class); 2352 element = new MyClass1(); 2353 } 2354 } 2355 2356 public static class UnsupportedNull extends 2357 SecurityTest.UnsupportedNullTest { 2358 2359 public UnsupportedNull() { 2360 set = (new Subject()).getPrincipals(MyClass1.class); 2361 element = new MyClass1(); 2362 } 2363 } 2364 2365 public static class IneligibleElement extends 2366 SecurityTest.IneligibleElementTest { 2367 2368 public IneligibleElement() { 2369 set = (new Subject()).getPrincipals(MyClass1.class); 2370 element = new MyClass1(); 2371 iElement = new MyClass2(); 2372 } 2373 } 2374 2375 public static class SObjectTest extends 2376 SecurityTest.SubjectSetObjectTest { 2377 public SObjectTest() { 2378 obj1 = subject.getPrincipals(MyClass1.class); 2379 2380 //intentionally another set 2381 obj2 = subject.getPrivateCredentials(MyClass1.class); 2382 } 2383 } 2384 } 2385 2386 public static class PrivateCredentialClassTestSuite extends TestSuite { 2387 2388 public PrivateCredentialClassTestSuite() { 2389 super("PrivateCredentialClass"); 2390 2391 TestSuite set = new TestSuite("Set"); 2392 set.addTest(new TestSuite(SetInterface.class, "Interface")); 2393 set 2394 .addTest(new TestSuite(UnsupportedNull.class, 2395 "UnsupportedNull")); 2396 set.addTest(new TestSuite(IneligibleElement.class, 2397 "IneligibleElement")); 2398 2399 TestSuite object = new TestSuite("Object"); 2400 object.addTest(new TestSuite(SObjectTest.class, "Object")); 2401 2402 addTest(set); 2403 addTest(object); 2404 } 2405 2406 public static class SetInterface extends SecurityTest.SetTest { 2407 public SetInterface() { 2408 set = (new Subject()).getPrivateCredentials(MyClass1.class); 2409 element = new MyClass1(); 2410 } 2411 } 2412 2413 public static class UnsupportedNull extends 2414 SecurityTest.UnsupportedNullTest { 2415 2416 public UnsupportedNull() { 2417 set = (new Subject()).getPrivateCredentials(MyClass1.class); 2418 element = new MyClass1(); 2419 } 2420 } 2421 2422 public static class IneligibleElement extends 2423 SecurityTest.IneligibleElementTest { 2424 2425 public IneligibleElement() { 2426 set = (new Subject()).getPrivateCredentials(MyClass1.class); 2427 element = new MyClass1(); 2428 iElement = new MyClass2(); 2429 } 2430 } 2431 2432 public static class SObjectTest extends 2433 SecurityTest.SubjectSetObjectTest { 2434 public SObjectTest() { 2435 obj1 = subject.getPrivateCredentials(MyClass1.class); 2436 2437 //intentionally another set 2438 obj2 = subject.getPublicCredentials(MyClass1.class); 2439 } 2440 } 2441 } 2442 2443 public static class PublicCredentialClassTestSuite extends TestSuite { 2444 2445 public PublicCredentialClassTestSuite() { 2446 super("PublicCredentialClass"); 2447 2448 TestSuite set = new TestSuite("Set"); 2449 set.addTest(new TestSuite(SetInterface.class, "Interface")); 2450 set 2451 .addTest(new TestSuite(UnsupportedNull.class, 2452 "UnsupportedNull")); 2453 set.addTest(new TestSuite(IneligibleElement.class, 2454 "IneligibleElement")); 2455 2456 TestSuite object = new TestSuite("Object"); 2457 object.addTest(new TestSuite(SObjectTest.class, "Object")); 2458 2459 addTest(set); 2460 addTest(object); 2461 } 2462 2463 public static class SetInterface extends SecurityTest.SetTest { 2464 public SetInterface() { 2465 set = (new Subject()).getPublicCredentials(MyClass1.class); 2466 element = new MyClass1(); 2467 } 2468 } 2469 2470 public static class UnsupportedNull extends 2471 SecurityTest.UnsupportedNullTest { 2472 2473 public UnsupportedNull() { 2474 set = (new Subject()).getPublicCredentials(MyClass1.class); 2475 element = new MyClass1(); 2476 } 2477 } 2478 2479 public static class IneligibleElement extends 2480 SecurityTest.IneligibleElementTest { 2481 2482 public IneligibleElement() { 2483 set = (new Subject()).getPublicCredentials(MyClass1.class); 2484 element = new MyClass1(); 2485 iElement = new MyClass2(); 2486 } 2487 } 2488 2489 public static class SObjectTest extends 2490 SecurityTest.SubjectSetObjectTest { 2491 public SObjectTest() { 2492 obj1 = subject.getPublicCredentials(MyClass1.class); 2493 2494 //intentionally another set 2495 obj2 = subject.getPrincipals(MyClass1.class); 2496 } 2497 } 2498 } 2499}