Examples of java.security.AllPermission

• java.security.AllPermission
  The AllPermission is a permission that implies all other permissions.

  Note: Granting AllPermission should be done with extreme care, as it implies all other permissions. Thus, it grants code the ability to run with security disabled. Extreme caution should be taken before granting such a permission to code. This permission should be used only during testing, or in extremely rare cases where an application or applet is completely trusted and adding the necessary permissions to the policy is prohibitively cumbersome. @see java.security.Permission @see java.security.AccessController @see java.security.Permissions @see java.security.PermissionCollection @see java.lang.SecurityManager @version 1.21 05/11/17 @author Roland Schemers @serial exclude

    public void testAllAllowed() {
        System.setProperty(
                LogFactory.HASHTABLE_IMPLEMENTATION_PROPERTY,
                CustomHashtable.class.getName());
        MockSecurityManager mySecurityManager = new MockSecurityManager();
        mySecurityManager.addPermission(new AllPermission());
        System.setSecurityManager(mySecurityManager);

        try {
            // Use reflection so that we can control exactly when the static
            // initialiser for the LogFactory class is executed.

        {
            // We need to authorize java permissions.
            // Without this check, we get a ClassCircularityError in Tomcat.
            if (permission.getClass().getName().startsWith("java"))
            {
                perms.add(new AllPermission());
            }
            else
            {
//                if (log.isDebugEnabled())
//                {
//                    log.debug("Implying permission [class, " + permission.getClass().getName() + "], " + "[name, "
//                            + permission.getName() + "], " + "[actions, " + permission.getActions() + "] for: ");
//                    log.debug("\tCodeSource:" + protectionDomain.getCodeSource().getLocation().getPath());
//                    for (int i = 0; i < principals.length; i++)
//                    {
//                        log.debug("\tPrincipal[" + i + "]: [name, " + principals[i].getName() + "], [class, "
//                                + principals[i].getClass() + "]");
//                    }
//                }
                perms = pms.getPermissions(Arrays.asList(principals));
            }
        }
        else
        {
            // No principal is returned from the subject.
            // For security check, be sure to use doAsPrivileged(theSubject, anAction, null)...
            // We grant access when no principal is associated to the subject.
            perms.add(new AllPermission());
        }
        if (null != perms)
        {
            permImplied = perms.implies(permission);
        }

        {
            // We need to authorize java permissions.
            // Without this check, we get a ClassCircularityError in Tomcat.
            if (permission.getClass().getName().startsWith("java"))
            {
                perms.add(new AllPermission());
            }
            else
            {
//                if (log.isDebugEnabled())
//                {
//                    log.debug("Implying permission [class, " + permission.getClass().getName() + "], " + "[name, "
//                            + permission.getName() + "], " + "[actions, " + permission.getActions() + "] for: ");
//                    log.debug("\tCodeSource:" + protectionDomain.getCodeSource().getLocation().getPath());
//                    for (int i = 0; i < principals.length; i++)
//                    {
//                        log.debug("\tPrincipal[" + i + "]: [name, " + principals[i].getName() + "], [class, "
//                                + principals[i].getClass() + "]");
//                    }
//                }
                perms = pms.getPermissions(Arrays.asList(principals));
            }
        }
        else
        {
            // No principal is returned from the subject.
            // For security check, be sure to use doAsPrivileged(theSubject, anAction, null)...
            // We grant access when no principal is associated to the subject.
            perms.add(new AllPermission());
        }
        if (null != perms)
        {
            permImplied = perms.implies(permission);
        }

          args = argsList.toArray(new String[argsList.size()]);
          Policy.setPolicy(new Policy() {
        @Override
        public PermissionCollection getPermissions(ProtectionDomain domain) {
          PermissionCollection result = new Permissions();
          result.add(new AllPermission());
          return result;
        }
      });
          System.setSecurityManager(new SecurityManager());
        }

  @Override
  public boolean authenticate(HttpServletRequest request,
      HttpServletResponse response) {
    // surprisingly this works even when stanbol is started without -s for securitymanager
    //TODO check for some more concrete permission
    AccessController.checkPermission(new AllPermission());
    return true;
  }

            pass = (Boolean) AccessController.doPrivileged(
                    new PrivilegedAction() {
                        public Object run() {
                            try {
                                AccessController
                                        .checkPermission(new AllPermission());
                                return new Boolean(false);
                            } catch (SecurityException ex) {
                                return new Boolean(true);
                            }
                        }

                new Class[] { Runnable.class});
        assertSame(null, pc.getClassLoader());

        ProtectionDomain pd = pc.getProtectionDomain();
        ProtectionDomain od = Object.class.getProtectionDomain();
        assertTrue(pd.implies(new AllPermission()));
        assertSame(od.getClassLoader(), pd.getClassLoader());
        assertEquals(od.toString(), pd.toString());
    }

        assertSame(PkgIntf.class.getPackage(), pc.getPackage());
        assertSame(PkgIntf.class.getClassLoader(), pc.getClassLoader());

        ProtectionDomain pd = pc.getProtectionDomain();
        ProtectionDomain od = Object.class.getProtectionDomain();
        assertTrue(pd.implies(new AllPermission()));
        assertSame(od.getClassLoader(), pd.getClassLoader());
        assertEquals(od.toString(), pd.toString());
    }

     * Returns array containing empty and non-empty Permissions.
     */
    protected Object[] getData() {
        Permissions ps = new Permissions();

        ps.add(new AllPermission());
        ps.add(new SecurityPermission("abc"));

        return new Object[] { new Permissions(), ps };
    }

    /**
     * @see com.intel.drl.test.SerializationTest#getData()
     */
    protected Object[] getData() {
        return new Object[] {new AllPermission()};
    }