/* * Licensed to the Apache Software Foundation (ASF) under one * or more contributor license agreements. See the NOTICE file * distributed with this work for additional information * regarding copyright ownership. The ASF licenses this file * to you under the Apache License, Version 2.0 (the * "License"); you may not use this file except in compliance * with the License. You may obtain a copy of the License at * * http://www.apache.org/licenses/LICENSE-2.0 * * Unless required by applicable law or agreed to in writing, software * distributed under the License is distributed on an "AS IS" BASIS, * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. * See the License for the specific language governing permissions and * limitations under the License. */ /* * Java policy file for running tests in this directory. */ grant codebase "file:${extdir}/*" { permission java.security.AllPermission; }; grant codeBase "file:${java.home}/lib/ext/*" { permission java.security.AllPermission; }; grant codeBase "file:${jtlib.tmp}/*" { permission java.security.AllPermission; }; grant { permission java.io.FilePermission "<>", "read"; permission java.lang.RuntimePermission "accessDeclaredMembers"; permission java.lang.RuntimePermission "getClassLoader"; permission java.lang.reflect.ReflectPermission "suppressAccessChecks"; permission java.lang.reflect.ReflectPermission "newProxyInPackage."; permission java.net.SocketPermission "localhost", "connect,accept,resolve"; permission java.net.SocketPermission "*", "listen,accept,resolve"; // Limit these permissions so that I can do tests for principals for which // I don't have permission. permission net.jini.security.AuthenticationPermission "javax.security.auth.x500.X500Principal \"CN=clientRSA1,C=US\" javax.security.auth.x500.X500Principal \"CN=clientRSA2\" javax.security.auth.x500.X500Principal \"CN=clientDSA\" javax.security.auth.x500.X500Principal \"CN=clientDSA2\" peer javax.security.auth.x500.X500Principal \"CN=serverDSA,C=US\"", "connect"; permission net.jini.security.AuthenticationPermission "javax.security.auth.x500.X500Principal \"CN=clientRSA1,C=US\" javax.security.auth.x500.X500Principal \"CN=clientRSA2\" javax.security.auth.x500.X500Principal \"CN=clientDSA\" javax.security.auth.x500.X500Principal \"CN=clientDSA2\" peer javax.security.auth.x500.X500Principal \"CN=serverRSA\"", "connect"; permission net.jini.security.AuthenticationPermission "javax.security.auth.x500.X500Principal \"CN=clientRSA1,C=US\" javax.security.auth.x500.X500Principal \"CN=clientRSA2\" javax.security.auth.x500.X500Principal \"CN=clientDSA\" javax.security.auth.x500.X500Principal \"CN=clientDSA2\" peer javax.security.auth.x500.X500Principal \"CN=serverRSA2\"", "connect"; permission net.jini.security.AuthenticationPermission "javax.security.auth.x500.X500Principal \"*\"", "accept"; permission net.jini.security.AuthenticationPermission "javax.security.auth.x500.X500Principal \"CN=serverDSA,C=US\"", "connect"; permission net.jini.security.AuthenticationPermission "javax.security.auth.x500.X500Principal \"CN=serverRSA\"", "connect"; permission net.jini.security.AuthenticationPermission "javax.security.auth.x500.X500Principal \"CN=serverRSA2\"", "connect"; permission net.jini.security.AuthenticationPermission "TestUtilities$TestPrincipal \"*\"", "connect,accept"; // permission net.jini.security.AuthenticationPermission // "javax.security.auth.x500.X500Principal \"CN=clientDSA2expired\" peer javax.security.auth.x500.X500Principal \"CN=serverRSA2\"", // "connect"; permission java.security.SecurityPermission "insertProvider.*"; permission java.security.SecurityPermission "putProviderProperty.*"; permission java.security.SecurityPermission "getPolicy"; permission java.security.SecurityPermission "createAccessControlContext"; permission java.util.PropertyPermission "*", "read,write"; permission javax.security.auth.AuthPermission "modifyPrincipals"; permission javax.security.auth.AuthPermission "modifyPrivateCredentials"; permission javax.security.auth.AuthPermission "modifyPublicCredentials"; permission javax.security.auth.AuthPermission "setReadOnly"; permission javax.security.auth.AuthPermission "doAs"; permission javax.security.auth.AuthPermission "doAsPrivileged"; permission javax.security.auth.AuthPermission "getSubject"; permission javax.security.auth.PrivateCredentialPermission "* * \"*\"", "read"; permission java.lang.RuntimePermission "getProtectionDomain"; permission java.lang.RuntimePermission "modifyThread"; permission java.lang.RuntimePermission "modifyThreadGroup"; permission net.jini.io.context.ContextPermission "net.jini.io.context.ClientSubject.getClientSubject"; permission net.jini.export.ExportPermission "exportRemoteInterface.*"; };