Fix security testcases for IBM JVM.

git-svn-id: https://svn.apache.org/repos/asf/commons/proper/logging/trunk@1456669 13f79535-47bb-0310-9956-ffa450edef68
2013-03-14 20:48:10 +00:00
parent 611c7156d0
commit 9d9273ac23
3 changed files with 28 additions and 19 deletions
--- a/src/test/java/org/apache/commons/logging/security/MockSecurityManager.java
+++ b/src/test/java/org/apache/commons/logging/security/MockSecurityManager.java
@@ -31,7 +31,7 @@ public class MockSecurityManager extends SecurityManager {
    private final Permissions permissions = new Permissions();
    private static final Permission setSecurityManagerPerm =
        new RuntimePermission("setSecurityManager");
-    
+
    private int untrustedCodeCount = 0;

    public MockSecurityManager() {
@@ -52,7 +52,7 @@ public class MockSecurityManager extends SecurityManager {
     * value indicates a bug in JCL, ie a situation where code was not
     * correctly wrapped in an AccessController block. The result of such a
     * bug is that signing JCL is not sufficient to allow JCL to perform
-     * the operation; the caller would need to be signed too. 
+     * the operation; the caller would need to be signed too.
     */
    public int getUntrustedCodeCount() {
        return untrustedCodeCount;
@@ -81,13 +81,19 @@ public class MockSecurityManager extends SecurityManager {
        Exception e = new Exception();
        e.fillInStackTrace();
        StackTraceElement[] stack = e.getStackTrace();
-        
+
        // scan the call stack from most recent to oldest.
        // start at 1 to skip the entry in the stack for this method
        for(int i=1; i<stack.length; ++i) {
            String cname = stack[i].getClassName();
-            System.out.println("" + i + ":" + stack[i].getClassName() + 
-              "." + stack[i].getMethodName());
+            System.out.println("" + i + ":" + stack[i].getClassName() +
+              "." + stack[i].getMethodName() + stack[i].getLineNumber());
+
+            if (cname.equals("java.util.logging.Handler") && stack[i].getMethodName().equals("setLevel")) {
+                // LOGGING CODE CAUSES ACCESSCONTROLEXCEPTION
+                // http://www-01.ibm.com/support/docview.wss?uid=swg1IZ51152
+                return;
+            }

            if (cname.equals("java.security.AccessController")) {
                // Presumably method name equals "doPrivileged"
@@ -102,9 +108,9 @@ public class MockSecurityManager extends SecurityManager {
                // the call stack.
                System.out.println("Access controller found: returning");
                return;
-            } else if (cname.startsWith("java.") 
-                || cname.startsWith("javax.") 
-                || cname.startsWith("junit.") 
+            } else if (cname.startsWith("java.")
+                || cname.startsWith("javax.")
+                || cname.startsWith("junit.")
                || cname.startsWith("org.apache.tools.ant.")
                || cname.startsWith("sun.")) {
                // Code in these packages is trusted if the caller is trusted.
--- a/src/test/java/org/apache/commons/logging/security/SecurityAllowedTestCase.java
+++ b/src/test/java/org/apache/commons/logging/security/SecurityAllowedTestCase.java
@@ -73,7 +73,7 @@ public class SecurityAllowedTestCase extends TestCase
        // save security manager so it can be restored in tearDown
        oldSecMgr = System.getSecurityManager();
    }
-    
+
    public void tearDown() {
        // Restore, so other tests don't get stuffed up if a test
        // sets a custom security manager.
@@ -110,20 +110,22 @@ public class SecurityAllowedTestCase extends TestCase
            // requires permission accessClassInPackage. JCL explicitly does not
            // wrap calls to log methods in AccessControllers because writes to
            // a log file *should* only be permitted if the original caller is
-            // trusted to access that file. 
+            // trusted to access that file.
            int untrustedCodeCount = mySecurityManager.getUntrustedCodeCount();
            log.info("testing");
-            
+
            // check that the default map implementation was loaded, as JCL was
            // forbidden from reading the HASHTABLE_IMPLEMENTATION_PROPERTY property.
            System.setSecurityManager(null);
            Field factoryField = c.getDeclaredField("factories");
            factoryField.setAccessible(true);
-            Object factoryTable = factoryField.get(null); 
+            Object factoryTable = factoryField.get(null);
            assertNotNull(factoryTable);
            assertEquals(CustomHashtable.class.getName(), factoryTable.getClass().getName());
-            
-            assertEquals(0, untrustedCodeCount);
+
+            // we better compare that we have no security exception during the call to log
+            // IBM JVM tries to load bundles during the invoke call, which increase the count
+            assertEquals(untrustedCodeCount, mySecurityManager.getUntrustedCodeCount());
        } catch(Throwable t) {
            // Restore original security manager so output can be generated; the
            // PrintWriter constructor tries to read the line.separator
--- a/src/test/java/org/apache/commons/logging/security/SecurityForbiddenTestCase.java
+++ b/src/test/java/org/apache/commons/logging/security/SecurityForbiddenTestCase.java
@@ -76,7 +76,7 @@ public class SecurityForbiddenTestCase extends TestCase
        // save security manager so it can be restored in tearDown
        oldSecMgr = System.getSecurityManager();
    }
-    
+
    public void tearDown() {
        // Restore, so other tests don't get stuffed up if a test
        // sets a custom security manager.
@@ -85,7 +85,7 @@ public class SecurityForbiddenTestCase extends TestCase

    /**
     * Test what happens when JCL is run with absolutely no security
-     * priveleges at all, including reading system properties. Everything
+     * privileges at all, including reading system properties. Everything
     * should fall back to the built-in defaults.
     */
    public void testAllForbidden() {
@@ -93,6 +93,7 @@ public class SecurityForbiddenTestCase extends TestCase
                LogFactory.HASHTABLE_IMPLEMENTATION_PROPERTY,
                CustomHashtable.class.getName());
        MockSecurityManager mySecurityManager = new MockSecurityManager();
+
        System.setSecurityManager(mySecurityManager);

        try {
@@ -103,7 +104,7 @@ public class SecurityForbiddenTestCase extends TestCase
            Method m = c.getMethod("getLog", new Class[] {Class.class});
            Log log = (Log) m.invoke(null, new Object[] {this.getClass()});
            log.info("testing");
-            
+
            // check that the default map implementation was loaded, as JCL was
            // forbidden from reading the HASHTABLE_IMPLEMENTATION_PROPERTY property.
            //
@@ -112,10 +113,10 @@ public class SecurityForbiddenTestCase extends TestCase
            System.setSecurityManager(oldSecMgr);
            Field factoryField = c.getDeclaredField("factories");
            factoryField.setAccessible(true);
-            Object factoryTable = factoryField.get(null); 
+            Object factoryTable = factoryField.get(null);
            assertNotNull(factoryTable);
            String ftClassName = factoryTable.getClass().getName();
-            assertTrue("Custom hashtable unexpectedly used", 
+            assertTrue("Custom hashtable unexpectedly used",
                    !CustomHashtable.class.getName().equals(ftClassName));

            assertEquals(0, mySecurityManager.getUntrustedCodeCount());