1 /* 2 * Copyright (c) 2014, 2021, Oracle and/or its affiliates. All rights reserved. 3 * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. 4 * 5 * This code is free software; you can redistribute it and/or modify it 6 * under the terms of the GNU General Public License version 2 only, as 7 * published by the Free Software Foundation. 8 * 9 * This code is distributed in the hope that it will be useful, but WITHOUT 10 * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or 11 * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License 12 * version 2 for more details (a copy is included in the LICENSE file that 13 * accompanied this code). 14 * 15 * You should have received a copy of the GNU General Public License version 16 * 2 along with this work; if not, write to the Free Software Foundation, 17 * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. 18 * 19 * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA 20 * or visit www.oracle.com if you need additional information or have any 21 * questions. 22 */ 23 24 package common; 25 26 import javax.xml.XMLConstants; 27 import javax.xml.transform.TransformerFactory; 28 import javax.xml.validation.SchemaFactory; 29 import javax.xml.xpath.XPathFactory; 30 31 import static jaxp.library.JAXPTestUtilities.clearSystemProperty; 32 import static jaxp.library.JAXPTestUtilities.setSystemProperty; 33 import org.testng.Assert; 34 import org.testng.annotations.Listeners; 35 import org.testng.annotations.Test; 36 37 /* 38 * @test 39 * @bug 7143711 40 * @library /javax/xml/jaxp/libs /javax/xml/jaxp/unittest 41 * @run testng/othervm -DrunSecMngr=true -Djava.security.manager=allow common.Bug7143711Test 42 * @summary Test set use-service-mechanism shall not override what's set by the constructor in secure mode. 43 */ 44 @Listeners({ jaxp.library.BasePolicy.class }) 45 @Test(singleThreaded = true) 46 public class Bug7143711Test { 47 private static final String SCHEMA_LANGUAGE = "http://java.sun.com/xml/jaxp/properties/schemaLanguage"; 48 private static final String SCHEMA_SOURCE = "http://java.sun.com/xml/jaxp/properties/schemaSource"; 49 50 private static final String DOM_FACTORY_ID = "javax.xml.parsers.DocumentBuilderFactory"; 51 private static final String SAX_FACTORY_ID = "javax.xml.parsers.SAXParserFactory"; 52 53 // impl specific feature 54 private static final String ORACLE_FEATURE_SERVICE_MECHANISM = "http://www.oracle.com/feature/use-service-mechanism"; 55 56 @Test testValidation_SAX_withSM()57 public void testValidation_SAX_withSM() { 58 System.out.println("Validation using SAX Source with security manager:"); 59 setSystemProperty(SAX_FACTORY_ID, "MySAXFactoryImpl"); 60 61 try { 62 SchemaFactory factory = SchemaFactory.newInstance(XMLConstants.W3C_XML_SCHEMA_NS_URI); 63 // should not allow 64 factory.setFeature(ORACLE_FEATURE_SERVICE_MECHANISM, true); 65 if ((boolean) factory.getFeature(ORACLE_FEATURE_SERVICE_MECHANISM)) { 66 Assert.fail("should not override in secure mode"); 67 } 68 } catch (Exception e) { 69 Assert.fail(e.getMessage()); 70 71 } finally { 72 clearSystemProperty(SAX_FACTORY_ID); 73 } 74 } 75 76 @Test(enabled=false) //skipped due to bug JDK-8080097 testTransform_DOM_withSM()77 public void testTransform_DOM_withSM() { 78 System.out.println("Transform using DOM Source; Security Manager is set:"); 79 setSystemProperty(DOM_FACTORY_ID, "MyDOMFactoryImpl"); 80 81 try { 82 TransformerFactory factory = TransformerFactory.newInstance("com.sun.org.apache.xalan.internal.xsltc.trax.TransformerFactoryImpl", 83 TransformerFactory.class.getClassLoader()); 84 factory.setFeature(ORACLE_FEATURE_SERVICE_MECHANISM, true); 85 if ((boolean) factory.getFeature(ORACLE_FEATURE_SERVICE_MECHANISM)) { 86 Assert.fail("should not override in secure mode"); 87 } 88 89 } catch (Exception e) { 90 Assert.fail(e.getMessage()); 91 } finally { 92 clearSystemProperty(DOM_FACTORY_ID); 93 } 94 } 95 96 @Test testXPath_DOM_withSM()97 public void testXPath_DOM_withSM() { 98 System.out.println("Evaluate DOM Source; Security Manager is set:"); 99 setSystemProperty(DOM_FACTORY_ID, "MyDOMFactoryImpl"); 100 101 try { 102 XPathFactory xPathFactory = XPathFactory.newInstance("http://java.sun.com/jaxp/xpath/dom", 103 "com.sun.org.apache.xpath.internal.jaxp.XPathFactoryImpl", null); 104 xPathFactory.setFeature(ORACLE_FEATURE_SERVICE_MECHANISM, true); 105 if ((boolean) xPathFactory.getFeature(ORACLE_FEATURE_SERVICE_MECHANISM)) { 106 Assert.fail("should not override in secure mode"); 107 } 108 109 } catch (Exception e) { 110 Assert.fail(e.getMessage()); 111 } finally { 112 clearSystemProperty(DOM_FACTORY_ID); 113 } 114 } 115 } 116