diff --git a/src/share/classes/java/lang/SecurityManager.java b/src/share/classes/java/lang/SecurityManager.java index 80181cd4e80fc43d312ea890aa464fbb9fe67885..31664dc6cb2e537e4b80c61d032d7db7d55edbed 100644 --- a/src/share/classes/java/lang/SecurityManager.java +++ b/src/share/classes/java/lang/SecurityManager.java @@ -1320,6 +1320,9 @@ class SecurityManager { * AWTPermission("showWindowWithoutWarningBanner") permission, * and returns true if a SecurityException is not thrown, * otherwise it returns false. + * In the case of subset Profiles of Java SE that do not include the + * {@code java.awt} package, {@code checkPermission} is instead called + * to check the permission {@code java.security.AllPermission}. *

* If you override this method, then you should make a call to * super.checkTopLevelWindow @@ -1340,8 +1343,12 @@ class SecurityManager { if (window == null) { throw new NullPointerException("window can't be null"); } + Permission perm = SecurityConstants.AWT.TOPLEVEL_WINDOW_PERMISSION; + if (perm == null) { + perm = SecurityConstants.ALL_PERMISSION; + } try { - checkPermission(SecurityConstants.AWT.TOPLEVEL_WINDOW_PERMISSION); + checkPermission(perm); return true; } catch (SecurityException se) { // just return false @@ -1379,6 +1386,9 @@ class SecurityManager { * This method calls checkPermission with the * AWTPermission("accessClipboard") * permission. + * In the case of subset Profiles of Java SE that do not include the + * {@code java.awt} package, {@code checkPermission} is instead called + * to check the permission {@code java.security.AllPermission}. *

* If you override this method, then you should make a call to * super.checkSystemClipboardAccess @@ -1391,7 +1401,11 @@ class SecurityManager { * @see #checkPermission(java.security.Permission) checkPermission */ public void checkSystemClipboardAccess() { - checkPermission(SecurityConstants.AWT.ACCESS_CLIPBOARD_PERMISSION); + Permission perm = SecurityConstants.AWT.ACCESS_CLIPBOARD_PERMISSION; + if (perm == null) { + perm = SecurityConstants.ALL_PERMISSION; + } + checkPermission(perm); } /** @@ -1400,6 +1414,10 @@ class SecurityManager { *

* This method calls checkPermission with the * AWTPermission("accessEventQueue") permission. + * In the case of subset Profiles of Java SE that do not include the + * {@code java.awt} package, {@code checkPermission} is instead called + * to check the permission {@code java.security.AllPermission}. + * *

* If you override this method, then you should make a call to * super.checkAwtEventQueueAccess @@ -1412,7 +1430,11 @@ class SecurityManager { * @see #checkPermission(java.security.Permission) checkPermission */ public void checkAwtEventQueueAccess() { - checkPermission(SecurityConstants.AWT.CHECK_AWT_EVENTQUEUE_PERMISSION); + Permission perm = SecurityConstants.AWT.CHECK_AWT_EVENTQUEUE_PERMISSION; + if (perm == null) { + perm = SecurityConstants.ALL_PERMISSION; + } + checkPermission(perm); } /* diff --git a/src/share/classes/sun/security/util/SecurityConstants.java b/src/share/classes/sun/security/util/SecurityConstants.java index c9d321f7c15f8fb9a89d66ea58e9faed24077e6e..2b985ad0f65c8016bb7f6424a3523df48473b043 100644 --- a/src/share/classes/sun/security/util/SecurityConstants.java +++ b/src/share/classes/sun/security/util/SecurityConstants.java @@ -70,31 +70,6 @@ public final class SecurityConstants { // sun.security.provider.PolicyFile public static final AllPermission ALL_PERMISSION = new AllPermission(); - /** - * Permission type used when AWT is not present. - */ - private static class FakeAWTPermission extends BasicPermission { - private static final long serialVersionUID = -1L; - public FakeAWTPermission(String name) { - super(name); - } - public String toString() { - return "(\"java.awt.AWTPermission\" \"" + getName() + "\")"; - } - } - - /** - * Permission factory used when AWT is not present. - */ - private static class FakeAWTPermissionFactory - implements PermissionFactory - { - @Override - public FakeAWTPermission newPermission(String name) { - return new FakeAWTPermission(name); - } - } - /** * AWT Permissions used in the JDK. */ @@ -107,37 +82,29 @@ public final class SecurityConstants { private static final String AWTFactory = "sun.awt.AWTPermissionFactory"; /** - * The PermissionFactory to create AWT permissions (or fake permissions - * if AWT is not present). + * The PermissionFactory to create AWT permissions (or null if AWT is + * not present) */ private static final PermissionFactory factory = permissionFactory(); private static PermissionFactory permissionFactory() { - Class c = AccessController - .doPrivileged(new PrivilegedAction>() { - public Class run() { - try { - return Class.forName(AWTFactory, true, null); - } catch (ClassNotFoundException e) { - // not available - return null; - } - }}); - if (c != null) { - // AWT present - try { - return (PermissionFactory)c.newInstance(); - } catch (ReflectiveOperationException x) { - throw new InternalError(x.getMessage(), x); - } - } else { - // AWT not present - return new FakeAWTPermissionFactory(); + Class c; + try { + c = Class.forName(AWTFactory, false, AWT.class.getClassLoader()); + } catch (ClassNotFoundException e) { + // not available + return null; + } + // AWT present + try { + return (PermissionFactory)c.newInstance(); + } catch (ReflectiveOperationException x) { + throw new InternalError(x); } } private static Permission newAWTPermission(String name) { - return factory.newPermission(name); + return (factory == null) ? null : factory.newPermission(name); } // java.lang.SecurityManager diff --git a/test/java/lang/SecurityManager/NoAWT.java b/test/java/lang/SecurityManager/NoAWT.java index 3224af46dd4858315112e9d484f4864ff97a996c..d55e05c10274ac031e47afe61fa4cd63cfb67037 100644 --- a/test/java/lang/SecurityManager/NoAWT.java +++ b/test/java/lang/SecurityManager/NoAWT.java @@ -22,14 +22,43 @@ */ /* @test - * @bug 8004502 + * @bug 8004502 8008793 * @summary Sanity check that SecurityManager methods that check AWTPermission * behave as expected when AWT is not present */ +import java.security.AllPermission; +import java.security.Permission; + public class NoAWT { + + static class MySecurityManager extends SecurityManager { + Class expectedClass; + + void setExpectedPermissionClass(Class c) { + expectedClass = c; + } + + @Override + public void checkPermission(Permission perm) { + if (perm.getClass() != expectedClass) + throw new RuntimeException("Got: " + perm.getClass() + ", expected: " + expectedClass); + super.checkPermission(perm); + } + } + public static void main(String[] args) { - SecurityManager sm = new SecurityManager(); + Class awtPermissionClass = null; + try { + awtPermissionClass = Class.forName("java.awt.AWTPermission"); + } catch (ClassNotFoundException ignore) { } + + MySecurityManager sm = new MySecurityManager(); + if (awtPermissionClass != null) { + sm.setExpectedPermissionClass(awtPermissionClass); + } else { + sm.setExpectedPermissionClass(AllPermission.class); + } try { sm.checkAwtEventQueueAccess();