1 /*
2 * Licensed to the Apache Software Foundation (ASF) under one
3 * or more contributor license agreements. See the NOTICE file
4 * distributed with this work for additional information
5 * regarding copyright ownership. The ASF licenses this file
6 * to you under the Apache License, Version 2.0 (the
7 * "License"); you may not use this file except in compliance
8 * with the License. You may obtain a copy of the License at
9 *
10 * http://www.apache.org/licenses/LICENSE-2.0
11 *
12 * Unless required by applicable law or agreed to in writing,
13 * software distributed under the License is distributed on an
14 * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
15 * KIND, either express or implied. See the License for the
16 * specific language governing permissions and limitations
17 * under the License.
18 */
19
20 package org.apache.commons.logging.security;
21
22 import java.io.PrintWriter;
23 import java.io.StringWriter;
24 import java.lang.reflect.Field;
25 import java.lang.reflect.Method;
26 import java.util.Hashtable;
27
28 import junit.framework.Test;
29 import junit.framework.TestCase;
30
31 import org.apache.commons.logging.Log;
32 import org.apache.commons.logging.LogFactory;
33 import org.apache.commons.logging.PathableClassLoader;
34 import org.apache.commons.logging.PathableTestSuite;
35
36 /**
37 * Tests for logging with a security policy that forbids JCL access to anything.
38 * <p>
39 * Performing tests with security permissions disabled is tricky, as building error
40 * messages on failure requires certain security permissions. If the security manager
41 * blocks these, then the test can fail without the error messages being output.
42 * <p>
43 * This class has only one unit test, as we are (in part) checking behaviour in
44 * the static block of the LogFactory class. As that class cannot be unloaded after
45 * being loaded into a classloader, the only workaround is to use the
46 * PathableClassLoader approach to ensure each test is run in its own
47 * classloader, and use a separate testcase class for each test.
48 */
49 public class SecurityForbiddenTestCase extends TestCase
50 {
51 private SecurityManager oldSecMgr;
52
53 // Dummy special hashtable, so we can tell JCL to use this instead of
54 // the standard one.
55 public static class CustomHashtable extends Hashtable {
56 }
57
58 /**
59 * Return the tests included in this test suite.
60 */
61 public static Test suite() throws Exception {
62 PathableClassLoader parent = new PathableClassLoader(null);
63 parent.useExplicitLoader("junit.", Test.class.getClassLoader());
64 parent.addLogicalLib("commons-logging");
65 parent.addLogicalLib("testclasses");
66
67 Class testClass = parent.loadClass(
68 "org.apache.commons.logging.security.SecurityForbiddenTestCase");
69 return new PathableTestSuite(testClass, parent);
70 }
71
72 public void setUp() {
73 // save security manager so it can be restored in tearDown
74 oldSecMgr = System.getSecurityManager();
75 }
76
77 public void tearDown() {
78 // Restore, so other tests don't get stuffed up if a test
79 // sets a custom security manager.
80 System.setSecurityManager(oldSecMgr);
81 }
82
83 /**
84 * Test what happens when JCL is run with absolutely no security
85 * priveleges at all, including reading system properties. Everything
86 * should fall back to the built-in defaults.
87 */
88 public void testAllForbidden() {
89 System.setProperty(
90 LogFactory.HASHTABLE_IMPLEMENTATION_PROPERTY,
91 CustomHashtable.class.getName());
92 MockSecurityManager mySecurityManager = new MockSecurityManager();
93 System.setSecurityManager(mySecurityManager);
94
95 try {
96 // Use reflection so that we can control exactly when the static
97 // initialiser for the LogFactory class is executed.
98 Class c = this.getClass().getClassLoader().loadClass(
99 "org.apache.commons.logging.LogFactory");
100 Method m = c.getMethod("getLog", new Class[] {Class.class});
101 Log log = (Log) m.invoke(null, new Object[] {this.getClass()});
102 log.info("testing");
103
104 // check that the default map implementation was loaded, as JCL was
105 // forbidden from reading the HASHTABLE_IMPLEMENTATION_PROPERTY property.
106 //
107 // The default is either the java Hashtable class (java < 1.2) or the
108 // JCL WeakHashtable (java >= 1.3).
109 System.setSecurityManager(oldSecMgr);
110 Field factoryField = c.getDeclaredField("factories");
111 factoryField.setAccessible(true);
112 Object factoryTable = factoryField.get(null);
113 assertNotNull(factoryTable);
114 String ftClassName = factoryTable.getClass().getName();
115 assertTrue("Custom hashtable unexpectedly used",
116 !CustomHashtable.class.getName().equals(ftClassName));
117
118 assertEquals(0, mySecurityManager.getUntrustedCodeCount());
119 } catch(Throwable t) {
120 // Restore original security manager so output can be generated; the
121 // PrintWriter constructor tries to read the line.separator
122 // system property.
123 System.setSecurityManager(oldSecMgr);
124 StringWriter sw = new StringWriter();
125 PrintWriter pw = new PrintWriter(sw);
126 t.printStackTrace(pw);
127 fail("Unexpected exception:" + t.getMessage() + ":" + sw.toString());
128 }
129 }
130 }