Path: blob/aarch64-shenandoah-jdk8u272-b10/jdk/test/javax/security/auth/PrivateCredentialPermission/Subset.java
38854 views
/*1* Copyright (c) 2000, 2007, Oracle and/or its affiliates. All rights reserved.2* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.3*4* This code is free software; you can redistribute it and/or modify it5* under the terms of the GNU General Public License version 2 only, as6* published by the Free Software Foundation.7*8* This code is distributed in the hope that it will be useful, but WITHOUT9* ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or10* FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License11* version 2 for more details (a copy is included in the LICENSE file that12* accompanied this code).13*14* You should have received a copy of the GNU General Public License version15* 2 along with this work; if not, write to the Free Software Foundation,16* Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.17*18* Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA19* or visit www.oracle.com if you need additional information or have any20* questions.21*/2223/*24* @test25* @author Ram Marti26* @bug 432685227* @summary Retrive a subset of private credentials can be accessed28* @run main/othervm/policy=Subset.policy Subset29*/3031import java.util.*;32import com.sun.security.auth.SolarisPrincipal;33import javax.security.auth.Subject;3435/*36* Author : Ram Marti37* This is a test program to verify the fix for Bug 432685238* (impossible to extract a subset of private credentials)39* The policy file used allows read access only to String classes.40* grant {41* permission javax.security.auth.AuthPermission \42* "modifyPrivateCredentials";43* permission javax.security.auth.PrivateCredentialPermission \44* "java.lang.String com.sun.security.auth.SolarisPrincipal \"user"", "read";45* };4647* The test verifies the following:48* - String class creds can be retrieved by using49* getPrivateCredentials(String.class)50* - The above set is not backed internally51* - getPrivateCredentials(Boolean or Integer) returns an empty set52* - Set is returned by getPrivateCredentials() throws53* security exception when trying to access non-String54* class credentials55* - The above set is internally backed up and any changes in56* internal private creds are reflected in the set returned57* - When the above set throws security exception the iterator58* - is advanced to the next item in the list of creds.59* - equals,contains,containsAll,add,remove operations work correctly60*/6162public class Subset {63public static void main(String[] args) throws Exception {64int exceptionCounter =0;65Iterator iter1;66HashSet creds = new HashSet();67Subject emptys =68new Subject(false, //readOnly69Collections.singleton(new SolarisPrincipal("user")),70Collections.EMPTY_SET,71creds);72/* Test principals */7374Set princ= emptys.getPrincipals();75HashSet collp= new HashSet();76collp.add(new String("abc"));77collp.add(new String("def"));78collp.add(new String("Exists"));79collp.add(new String("Does not Exist"));80try {81if (princ.containsAll(collp)) {82throw new Exception ("Error: Contains the collection");83} else84System.out.println ("Does not Contain the collection");85} catch (SecurityException e) {86throw new Exception ("Error: Exception in containsAll (string coll)!!");87}888990Set p1 = emptys.getPrivateCredentials();9192if (p1.size() != 0) {93throw new Exception("Error:p1 size should have been 6 and was " +94p1.size());95}9697creds.add("abc");98creds.add(new Integer(3));99creds.add(Boolean.TRUE);100Subject sremove =101new Subject(false, //readOnly102Collections.singleton(new SolarisPrincipal("user")),103Collections.EMPTY_SET,104creds);105Set p2 = sremove.getPrivateCredentials();106107if (p2.size() !=3){108throw new Exception("Error: p2 size should have been 3 and was " +109p2.size());110}111iter1 = p2.iterator();112exceptionCounter=0;113while (iter1.hasNext()) {114try {115Object o = iter1.next();116System.out.println(" private creds of class " +117o.getClass() + "value is " + o.toString());118} catch (SecurityException e) {119System.out.println("Expected Exception occured");120exceptionCounter++;121}122}123if (exceptionCounter != 2) {124throw new Exception("Expected number of exceptions was 2 " +125"The actual number was " + exceptionCounter);126}127128// Verify that remove op was successful129130iter1.remove();131if (p2.size() !=2) {132throw new RuntimeException("Error: p2 size should have been 2 and was " +133p2.size());134}135System.out.println ("Checking the value after removal");136p2 = sremove.getPrivateCredentials();137try {138if (!p2.add(new String("XYZ"))) {139140throw new RuntimeException("Error in adding string");141}142if (!p2.add(new Integer(99))) {143144throw new RuntimeException("Error in adding Integer");145}146HashSet coll1 = new HashSet();147coll1.add(new String("RST"));148coll1.add(new Integer(1));149if (!p2.addAll(coll1)) {150151throw new RuntimeException("Error in addAll");152}153154} catch (Exception e){155e.printStackTrace();156throw new RuntimeException("Unexpected exception in add");157158}159iter1 = p2.iterator();160161while (iter1.hasNext()) {162try {163Object o = iter1.next();164System.out.println(" private creds of class " +165o.getClass() + "value is " + o.toString());166} catch (SecurityException e) {167// System.out.println("Exception!!");168}169}170iter1 = p2.iterator();171172System.out.println ("Checked the value after removal");173174HashSet creds1 = new HashSet();175creds1.add("abc");176creds1.add("def");177creds1.add(Boolean.TRUE);178creds1.add(new Integer(1));179creds1.add(new String("Exists"));180Subject scontain =181new Subject(false, //readOnly182Collections.singleton(new SolarisPrincipal("user")),183Collections.EMPTY_SET,184creds1);185p2 = scontain.getPrivateCredentials();186try {187Object ObjAr = p2.toArray();188} catch (SecurityException e) {189System.out.println("Should get an Exception in toArray()");190}191192HashSet creds3 = new HashSet();193creds3.add (new String("abc"));194p2 = scontain.getPrivateCredentials();195196try {197Object ObjCred = (Object)creds3.clone();198System.out.println ("Size of p2 is " + p2.size() +199"Size of ObjCred is " +200((HashSet)ObjCred).size()201);202if (p2.equals(ObjCred))203throw new RuntimeException("Error:Equals ObjCred *** ");204else205System.out.println ("Does not Equal Objcred");206} catch (SecurityException e) {207throw new RuntimeException("Error:Should not get an Exception in equals of creds3");208209210}211212try {213Object ObjCred = (Object)creds1.clone();214System.out.println ("Size of p2 is " + p2.size() +215"Size of ObjCred is " +216((HashSet)ObjCred).size()217);218if (p2.equals(ObjCred))219throw new RuntimeException ("Error: Equals ObjCred");220else221throw new RuntimeException ("Error: Does not Equal Objcred");222} catch (SecurityException e) {223System.out.println("Should get an Exception in equals of creds1");224}225/* We can store only string types of creds226* Let us create a subject with only string type of creds227*/228229HashSet creds2 = new HashSet();230creds2.add("abc");231creds2.add("def");232creds2.add("ghi");233Subject sstring =234new Subject(false, //readOnly235Collections.singleton(new SolarisPrincipal("user")),236Collections.EMPTY_SET,237creds2);238p2 = sstring.getPrivateCredentials();239try {240String[] selectArray = { "exits", "Does not exist"};241Object ObjAr = p2.toArray(selectArray);242System.out.println(" No Exception in ObjAr- String");243244} catch (SecurityException e) {245throw new RuntimeException(" Error: Exception in ObjAr- String!!");246}247/*248* New subject scontain1, set p3, creds4249*/250251252HashSet creds4 = new HashSet();253creds4.add("abc");254creds4.add("def");255creds4.add("ghi");256creds4.add(new Integer(1));257creds4.add("Exists");258Subject scontain1 =259new Subject(false, //readOnly260Collections.singleton(new SolarisPrincipal("user")),261Collections.EMPTY_SET,262creds4);263Set p3 = scontain1.getPrivateCredentials();264try {265Object Obj = new String("Exists");266if (p3.contains(Obj))267System.out.println ("Contains String cred");268else269throw new RuntimeException ("Error Does not Contain the stringcred exists");270} catch (SecurityException e) {271throw new RuntimeException("Error:Exception!!");272273}274try {275Object ObjCred = (Object)creds4.clone();276if (p3.equals(ObjCred))277throw new RuntimeException ("Error:Equals ObjCred");278else279throw new RuntimeException ("Error:Does not Equal Objcred");280} catch (SecurityException e) {281System.out.println("Should get an Exception in equals");282}283284try {285Object Obj = new Integer(1);286if (p3.contains(Obj))287throw new RuntimeException ("Error:Contains integer cred");288else289throw new RuntimeException ("Error:Does not Contain integer cred");290} catch (SecurityException e) {291System.out.println("Should get an Exception in contains Integer cred");292}293294295296HashSet coll = new HashSet();297coll.add(new String("abc"));298coll.add(new String("def"));299coll.add(new String("Exists"));300coll.add(new String("Does not Exist"));301try {302if (p3.containsAll(coll))303throw new RuntimeException ("Error: Contains the collection");304else305System.out.println ("Does not Contain the collection");306} catch (SecurityException e) {307throw new RuntimeException("Error: Exception in containsAll (string coll)!!");308309}310coll.remove(new String("Exists"));311coll.remove(new String("Does not Exist"));312try {313if (p3.containsAll(coll))314System.out.println ("Contains the collection");315else316throw new RuntimeException ("Error:Does not Contain the collection");317} catch (SecurityException e) {318throw new RuntimeException("Error: Exception in containsAll (string coll)!!");319}320321Object Obj = new String("Exists");322try {323if (p3.contains(Obj))324System.out.println ("Contains String cred exists");325else326System.out.println ("Does not Contain String cred exists");327} catch (SecurityException e) {328System.out.println("Exception in String cred!!");329}330331Obj = new String("Does not exist");332try {333if (p3.contains(Obj))334throw new RuntimeException ("Error: Contains the String does not exist");335else336System.out.println ("Does not Contain the String cred Does not exist");337} catch (SecurityException e) {338throw new RuntimeException("Error: Exception in Contains!!");339}340p3.add(new Integer(2));341coll.add(new Integer(2));342p3.add("XYZ");343344System.out.println ("Testing Retainall ");345exceptionCounter =0;346iter1 = p3.iterator();347while (iter1.hasNext())348{349try {350Object o = iter1.next();351System.out.println(" private creds of class " +352o.getClass() + "value is " + o.toString());353} catch (SecurityException e) {354System.out.println(" We should get exception");355System.out.println("Exception!!");356exceptionCounter++;357}358}359System.out.println(" After the retainall Operation");360try {361if (p3.retainAll(coll))362System.out.println ("Retained the collection");363else364throw new RuntimeException ("Error: RetainAll did not succeed");365} catch (SecurityException e) {366e.printStackTrace();367throw new RuntimeException("Error: Unexpected Exception in retainAll!");368}369iter1 = p3.iterator();370while (iter1.hasNext())371{372try {373Object o = iter1.next();374System.out.println(" private creds of class " +375o.getClass() + "value is " + o.toString());376} catch (SecurityException e) {377exceptionCounter++;378}379}380System.out.println ("Retainall collection");381p3.add(new Integer (3));382iter1 = p3.iterator();383while (iter1.hasNext()) {384try {385Object o = iter1.next();386System.out.println(" private creds of class " +387o.getClass() + "value is " + o.toString());388} catch (SecurityException e) {389System.out.println("Should get Exception ");390}391}392exceptionCounter=0;393HashSet coll2 = new HashSet();394coll2.add(new String("abc"));395coll2.add(new Integer (3));396System.out.println(" before removeall");397iter1 = p3.iterator();398exceptionCounter =0;399while (iter1.hasNext()) {400try {401Object o = iter1.next();402System.out.println(" private creds of class " +403o.getClass() + "value is " + o.toString());404} catch (SecurityException e) {405System.out.println("Expected Exception thrown ");406exceptionCounter++;407}408}409// We added two integer creds so there must be two exceptions only410411if (exceptionCounter != 2) {412throw new RuntimeException("Expected 2 Exceptions; received " +413exceptionCounter + "exceptions ");414}415416try {417p3.removeAll(coll2);418System.out.println(" removeall successful! ");419} catch (SecurityException e) {420throw new RuntimeException(" Error: removeAll Security Exception!!");421}422423iter1 = p3.iterator();424System.out.println(" After removeall");425exceptionCounter = 0;426while (iter1.hasNext()) {427try {428Object o = iter1.next();429System.out.println (" private creds of class " +430o.getClass() + "value is " + o.toString());431} catch (SecurityException e) {432System.out.println("Expected Exception thrown ");433exceptionCounter++;434}435}436// We had two integer creds; removed one as a part of coll2; so437// only one exception must have been thrown438if (exceptionCounter != 1) {439throw new RuntimeException("Expected 1 Exceptions; received " +440exceptionCounter + "exceptions ");441}442try {443p3.clear();444System.out.println(" Clear() successful! ");445} catch (SecurityException e) {446throw new RuntimeException(" Error: Clear Security Exception!!");447}448449450/* New subject s with creds and privCredSet451*452*/453creds.clear();454creds.add("abc");455creds.add("def");456creds.add("ghi");457creds.add(new Integer(1));458Subject s =459new Subject(false, //readOnly460Collections.singleton(new SolarisPrincipal("user")),461Collections.EMPTY_SET,462creds);463try {464Set privCredSet = s.getPrivateCredentials(char.class);465if (privCredSet.size() != 0) {466throw new RuntimeException("Error:String Privcred size should have been 0 and was " +467privCredSet.size());468}469470} catch (Exception e) {471throw new RuntimeException ("Error " + e.toString());472}473474475try {476Set privCredSet = s.getPrivateCredentials(String.class);477if (privCredSet.size() != 3) {478throw new RuntimeException("Error:String Privcred size should have been 2 and was " +479privCredSet.size());480}481s.getPrivateCredentials().add("XYZ");482/*483* Since the privCredSet is not backed by internal private484* creds adding to it should not make any difference to485* privCredSet and theize should still be 3486*/487488if (privCredSet.size() != 3) {489throw new RuntimeException("Error:String Privcred size should have been 2 and was " +490privCredSet.size());491}492s.getPrivateCredentials().remove("XYZ");493/*494* Let us try to get the elements495* No exception should occur496*/497498Iterator iter = privCredSet.iterator();499while (iter.hasNext()) {500try {501Object o = iter.next();502System.out.println(" private creds of class " +503o.getClass() + "value is " + o.toString());504} catch (SecurityException e) {505}506}507} catch (Exception e) {508e.printStackTrace();509throw new RuntimeException("Unexcpected Exception");510}511512/*513* Can we add and remove the creds514*/515s.getPrivateCredentials().add("XYZ");516s.getPrivateCredentials().remove("XYZ");517s.getPrivateCredentials().add(new Integer(2));518s.getPrivateCredentials().remove(new Integer(2));519520521// We don't have permission to read Boolean creds522// SInce the creds have no boolean creds we should get an empty523// set524try {525Set privCredSet1 = s.getPrivateCredentials(Boolean.class);526if (privCredSet1.size() != 0){527throw new RuntimeException("Error:String PrivcredSet1 of Boolean size should have been 0 and was " +528privCredSet1.size());529}530} catch (SecurityException e) {531e.printStackTrace();532throw new RuntimeException("Unexcpected Exception");533}534System.out.println ("Checked Boolean Creds ");535536/*537* We don't have permission to read Integer creds538* We should get an empty set even though the private creds539* has an integer cred. No security exception either !540*/541542try {543Set privCredSet1 = s.getPrivateCredentials(Integer.class);544if (privCredSet1.size() != 0){545throw new RuntimeException("Error:String PrivcredSet1 of Integer size should have been 0 and was " +546privCredSet1.size());547}548} catch (SecurityException e) {549System.out.println ("Expected exception");550}551System.out.println ("Checked Integer Creds ");552553Set privCredSet2 = s.getPrivateCredentials();554555if (privCredSet2.size() != 4){556throw new RuntimeException("Error:String PrivcredSet1 size should have been 4 and was " +557privCredSet2.size());558}559560/*561* Since the returned privCredSet2 is internally backed by the562* private creds, any additions to it should be reflected in563* privcredSet2564*/565s.getPrivateCredentials().add("XYZ");566if (privCredSet2.size() != 5) {567throw new RuntimeException("Error:String PrivcredSet1 size should have been 5 and was " +568privCredSet2.size());569}570s.getPrivateCredentials().remove("XYZ");571if (privCredSet2.size() != 4) {572throw new RuntimeException("String privCredSet2 size should have been 5 and was " +573privCredSet2.size());574}575System.out.println("Checked remove(String) operation");576/* Let us add a couple of Boolean creds */577s.getPrivateCredentials().add(Boolean.TRUE);578s.getPrivateCredentials().add(new Integer(2));579580exceptionCounter =0;581iter1 = privCredSet2.iterator();582while (iter1.hasNext())583{584try {585Object o = iter1.next();586System.out.println(" private creds of class " +587o.getClass() + "value is " + o.toString());588} catch (SecurityException e) {589System.out.println(" We should get exception");590System.out.println("Exception!!");591exceptionCounter++;592}593}594if (exceptionCounter != 3) {595throw new RuntimeException("Expected number of exception was 3 " +596"The actual number was " + exceptionCounter);597}598privCredSet2.add (new Integer(3));599try {600int hashCode = privCredSet2.hashCode();601} catch (SecurityException e) {602System.out.println ("hashCode Expected exception");603}604System.out.println ("Tests completed");605}606607}608609610