001: /*
002:
003: Licensed to the Apache Software Foundation (ASF) under one or more
004: contributor license agreements. See the NOTICE file distributed with
005: this work for additional information regarding copyright ownership.
006: The ASF licenses this file to You under the Apache License, Version 2.0
007: (the "License"); you may not use this file except in compliance with
008: the License. You may obtain a copy of the License at
009:
010: http://www.apache.org/licenses/LICENSE-2.0
011:
012: Unless required by applicable law or agreed to in writing, software
013: distributed under the License is distributed on an "AS IS" BASIS,
014: WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
015: See the License for the specific language governing permissions and
016: limitations under the License.
017:
018: */
019: package org.apache.batik.util;
020:
021: import org.apache.batik.test.*;
022:
023: /**
024: * Validates the operation of the security enforcer class.
025: *
026: * @author <a mailto="vincent.hardy@sun.com">Vincent Hardy</a>
027: * @version $Id: ApplicationSecurityEnforcerTest.java 482121 2006-12-04 10:00:39Z dvholten $
028: */
029: public class ApplicationSecurityEnforcerTest extends DefaultTestSuite {
030: static final Class APP_MAIN_CLASS = org.apache.batik.apps.svgbrowser.Main.class;
031: static final String APP_SECURITY_POLICY = "org/apache/batik/apps/svgbrowser/resources/svgbrowser.policy";
032:
033: /**
034: * In the constructor, append atomic tests
035: */
036: public ApplicationSecurityEnforcerTest() {
037: addTest(new CheckNoSecurityManagerOverride());
038: addTest(new CheckSecurityEnforcement());
039: addTest(new CheckSecurityRemoval());
040: addTest(new CheckNoPolicyFile());
041: }
042:
043: static ApplicationSecurityEnforcer buildTestTarget() {
044: return new ApplicationSecurityEnforcer(APP_MAIN_CLASS,
045: APP_SECURITY_POLICY);
046: }
047:
048: static class CheckNoSecurityManagerOverride extends AbstractTest {
049: public boolean runImplBasic() {
050: ApplicationSecurityEnforcer aseA = buildTestTarget();
051:
052: aseA.enforceSecurity(true);
053:
054: ApplicationSecurityEnforcer aseB = buildTestTarget();
055:
056: boolean passed = false;
057: try {
058: // This should throw a SecurityException
059: aseB.enforceSecurity(true);
060: } catch (SecurityException se) {
061: System.out
062: .println(">>>>>>>>>>>>> got expected SecurityException A");
063: try {
064: System.out
065: .println(">>>>>>>>>>>>> got expected SecurityException B");
066: aseB.enforceSecurity(false);
067: } catch (SecurityException se2) {
068: passed = true;
069: }
070: }
071:
072: aseA.enforceSecurity(false);
073:
074: return passed;
075: }
076: }
077:
078: static class CheckSecurityEnforcement extends AbstractTest {
079: public boolean runImplBasic() {
080: ApplicationSecurityEnforcer ase = buildTestTarget();
081:
082: try {
083: ase.enforceSecurity(true);
084: SecurityManager sm = System.getSecurityManager();
085: if (sm == ase.lastSecurityManagerInstalled) {
086: return true;
087: }
088: } finally {
089: System.setSecurityManager(null);
090: }
091:
092: return false;
093: }
094: }
095:
096: static class CheckSecurityRemoval extends AbstractTest {
097: public boolean runImplBasic() {
098: ApplicationSecurityEnforcer ase = buildTestTarget();
099:
100: try {
101: ase.enforceSecurity(true);
102: ase.enforceSecurity(false);
103: SecurityManager sm = System.getSecurityManager();
104: if (sm == null
105: && ase.lastSecurityManagerInstalled == null) {
106: return true;
107: }
108: } finally {
109: System.setSecurityManager(null);
110: }
111:
112: return false;
113: }
114: }
115:
116: static class CheckNoPolicyFile extends AbstractTest {
117: public boolean runImplBasic() {
118: ApplicationSecurityEnforcer ase = new ApplicationSecurityEnforcer(
119: APP_MAIN_CLASS, "dont.exist.policy");
120:
121: try {
122: ase.enforceSecurity(true);
123: } catch (NullPointerException se) {
124: return true;
125: } finally {
126: ase.enforceSecurity(false);
127: }
128: return false;
129: }
130: }
131:
132: }
|