|
1 /* |
|
2 * Copyright (c) 2013, Oracle and/or its affiliates. All rights reserved. |
|
3 * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. |
|
4 * |
|
5 * This code is free software; you can redistribute it and/or modify it |
|
6 * under the terms of the GNU General Public License version 2 only, as |
|
7 * published by the Free Software Foundation. |
|
8 * |
|
9 * This code is distributed in the hope that it will be useful, but WITHOUT |
|
10 * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or |
|
11 * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License |
|
12 * version 2 for more details (a copy is included in the LICENSE file that |
|
13 * accompanied this code). |
|
14 * |
|
15 * You should have received a copy of the GNU General Public License version |
|
16 * 2 along with this work; if not, write to the Free Software Foundation, |
|
17 * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. |
|
18 * |
|
19 * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA |
|
20 * or visit www.oracle.com if you need additional information or have any |
|
21 * questions. |
|
22 */ |
|
23 /** |
|
24 * @test |
|
25 * @bug 8004476 |
|
26 * @summary test XPath extension functions |
|
27 * @run main/othervm XPathExFuncTest |
|
28 */ |
|
29 import java.io.FileInputStream; |
|
30 import java.io.InputStream; |
|
31 import java.security.AllPermission; |
|
32 import java.security.CodeSource; |
|
33 import java.security.Permission; |
|
34 import java.security.PermissionCollection; |
|
35 import java.security.Permissions; |
|
36 import java.security.Policy; |
|
37 import java.security.ProtectionDomain; |
|
38 import java.util.Iterator; |
|
39 import java.util.List; |
|
40 import javax.xml.XMLConstants; |
|
41 import javax.xml.namespace.NamespaceContext; |
|
42 import javax.xml.namespace.QName; |
|
43 import javax.xml.parsers.DocumentBuilder; |
|
44 import javax.xml.parsers.DocumentBuilderFactory; |
|
45 import javax.xml.xpath.XPath; |
|
46 import javax.xml.xpath.XPathExpressionException; |
|
47 import javax.xml.xpath.XPathFactory; |
|
48 import javax.xml.xpath.XPathFactoryConfigurationException; |
|
49 import javax.xml.xpath.XPathFunction; |
|
50 import javax.xml.xpath.XPathFunctionException; |
|
51 import javax.xml.xpath.XPathFunctionResolver; |
|
52 import org.w3c.dom.Document; |
|
53 |
|
54 /** |
|
55 * test XPath extension functions |
|
56 * |
|
57 * @author huizhe.wang@oracle.com |
|
58 */ |
|
59 public class XPathExFuncTest extends TestBase { |
|
60 |
|
61 final static String ENABLE_EXTENSION_FUNCTIONS = "http://www.oracle.com/xml/jaxp/properties/enableExtensionFunctions"; |
|
62 final static String CLASSNAME = "DocumentBuilderFactoryImpl"; |
|
63 final String XPATH_EXPRESSION = "ext:helloWorld()"; |
|
64 |
|
65 /** |
|
66 * Creates a new instance of StreamReader |
|
67 */ |
|
68 public XPathExFuncTest(String name) { |
|
69 super(name); |
|
70 } |
|
71 boolean hasSM; |
|
72 String xslFile, xslFileId; |
|
73 String xmlFile, xmlFileId; |
|
74 |
|
75 protected void setUp() { |
|
76 super.setUp(); |
|
77 xmlFile = filepath + "/SecureProcessingTest.xml"; |
|
78 |
|
79 } |
|
80 |
|
81 /** |
|
82 * @param args the command line arguments |
|
83 */ |
|
84 public static void main(String[] args) { |
|
85 XPathExFuncTest test = new XPathExFuncTest("OneTest"); |
|
86 test.setUp(); |
|
87 |
|
88 test.testExtFunc(); |
|
89 test.testExtFuncNotAllowed(); |
|
90 test.testEnableExtFunc(); |
|
91 test.tearDown(); |
|
92 |
|
93 } |
|
94 |
|
95 /** |
|
96 * by default, extension function is enabled |
|
97 */ |
|
98 public void testExtFunc() { |
|
99 |
|
100 try { |
|
101 evaluate(false); |
|
102 System.out.println("testExtFunc: OK"); |
|
103 } catch (XPathFactoryConfigurationException e) { |
|
104 fail(e.getMessage()); |
|
105 } catch (XPathExpressionException e) { |
|
106 fail(e.getMessage()); |
|
107 } |
|
108 } |
|
109 |
|
110 /** |
|
111 * Security is enabled, extension function not allowed |
|
112 */ |
|
113 public void testExtFuncNotAllowed() { |
|
114 Policy p = new SimplePolicy(new AllPermission()); |
|
115 Policy.setPolicy(p); |
|
116 System.setSecurityManager(new SecurityManager()); |
|
117 |
|
118 try { |
|
119 evaluate(false); |
|
120 } catch (XPathFactoryConfigurationException e) { |
|
121 fail(e.getMessage()); |
|
122 } catch (XPathExpressionException ex) { |
|
123 //expected since extension function is disallowed |
|
124 System.out.println("testExtFuncNotAllowed: OK"); |
|
125 } finally { |
|
126 System.setSecurityManager(null); |
|
127 } |
|
128 } |
|
129 |
|
130 /** |
|
131 * Security is enabled, use new feature: enableExtensionFunctions |
|
132 */ |
|
133 public void testEnableExtFunc() { |
|
134 Policy p = new SimplePolicy(new AllPermission()); |
|
135 Policy.setPolicy(p); |
|
136 System.setSecurityManager(new SecurityManager()); |
|
137 |
|
138 |
|
139 try { |
|
140 evaluate(true); |
|
141 System.out.println("testEnableExt: OK"); |
|
142 } catch (XPathFactoryConfigurationException e) { |
|
143 fail(e.getMessage()); |
|
144 } catch (XPathExpressionException e) { |
|
145 fail(e.getMessage()); |
|
146 } finally { |
|
147 System.setSecurityManager(null); |
|
148 } |
|
149 } |
|
150 |
|
151 Document getDocument() { |
|
152 // the xml source |
|
153 DocumentBuilderFactory documentBuilderFactory = DocumentBuilderFactory.newInstance(); |
|
154 DocumentBuilder documentBuilder = null; |
|
155 Document document = null; |
|
156 |
|
157 try { |
|
158 documentBuilder = documentBuilderFactory.newDocumentBuilder(); |
|
159 InputStream xmlStream = new FileInputStream(xmlFile); |
|
160 document = documentBuilder.parse(xmlStream); |
|
161 } catch (Exception e) { |
|
162 fail(e.toString()); |
|
163 } |
|
164 return document; |
|
165 } |
|
166 |
|
167 void evaluate(boolean enableExt) throws XPathFactoryConfigurationException, XPathExpressionException { |
|
168 Document document = getDocument(); |
|
169 |
|
170 XPathFactory xPathFactory = XPathFactory.newInstance(); |
|
171 /** |
|
172 * Use of the extension function 'http://exslt.org/strings:tokenize' is |
|
173 * not allowed when the secure processing feature is set to true. |
|
174 * Attempt to use the new property to enable extension function |
|
175 */ |
|
176 if (enableExt) { |
|
177 boolean isExtensionSupported = enableExtensionFunction(xPathFactory); |
|
178 } |
|
179 |
|
180 xPathFactory.setXPathFunctionResolver(new MyXPathFunctionResolver()); |
|
181 if (System.getSecurityManager() == null) { |
|
182 xPathFactory.setFeature(XMLConstants.FEATURE_SECURE_PROCESSING, false); |
|
183 } |
|
184 |
|
185 XPath xPath = xPathFactory.newXPath(); |
|
186 xPath.setNamespaceContext(new MyNamespaceContext()); |
|
187 |
|
188 String xPathResult = xPath.evaluate(XPATH_EXPRESSION, document); |
|
189 System.out.println( |
|
190 "XPath result (enableExtensionFunction == " + enableExt + ") = \"" |
|
191 + xPathResult |
|
192 + "\""); |
|
193 } |
|
194 |
|
195 public class MyXPathFunctionResolver |
|
196 implements XPathFunctionResolver { |
|
197 |
|
198 public XPathFunction resolveFunction(QName functionName, int arity) { |
|
199 |
|
200 // not a real ewsolver, always return a default XPathFunction |
|
201 return new MyXPathFunction(); |
|
202 } |
|
203 } |
|
204 |
|
205 public class MyXPathFunction |
|
206 implements XPathFunction { |
|
207 |
|
208 public Object evaluate(List list) throws XPathFunctionException { |
|
209 |
|
210 return "Hello World"; |
|
211 } |
|
212 } |
|
213 |
|
214 public class MyNamespaceContext implements NamespaceContext { |
|
215 |
|
216 public String getNamespaceURI(String prefix) { |
|
217 if (prefix == null) { |
|
218 throw new IllegalArgumentException("The prefix cannot be null."); |
|
219 } |
|
220 |
|
221 if (prefix.equals("ext")) { |
|
222 return "http://ext.com"; |
|
223 } else { |
|
224 return null; |
|
225 } |
|
226 } |
|
227 |
|
228 public String getPrefix(String namespace) { |
|
229 |
|
230 if (namespace == null) { |
|
231 throw new IllegalArgumentException("The namespace uri cannot be null."); |
|
232 } |
|
233 |
|
234 if (namespace.equals("http://ext.com")) { |
|
235 return "ext"; |
|
236 } else { |
|
237 return null; |
|
238 } |
|
239 } |
|
240 |
|
241 public Iterator getPrefixes(String namespace) { |
|
242 return null; |
|
243 } |
|
244 } |
|
245 |
|
246 boolean enableExtensionFunction(XPathFactory factory) { |
|
247 boolean isSupported = true; |
|
248 try { |
|
249 factory.setFeature(ENABLE_EXTENSION_FUNCTIONS, true); |
|
250 } catch (XPathFactoryConfigurationException ex) { |
|
251 isSupported = false; |
|
252 } |
|
253 return isSupported; |
|
254 } |
|
255 |
|
256 class SimplePolicy extends Policy { |
|
257 |
|
258 private final Permissions perms; |
|
259 |
|
260 public SimplePolicy(Permission... permissions) { |
|
261 perms = new Permissions(); |
|
262 for (Permission permission : permissions) { |
|
263 perms.add(permission); |
|
264 } |
|
265 } |
|
266 |
|
267 @Override |
|
268 public PermissionCollection getPermissions(CodeSource cs) { |
|
269 return perms; |
|
270 } |
|
271 |
|
272 @Override |
|
273 public PermissionCollection getPermissions(ProtectionDomain pd) { |
|
274 return perms; |
|
275 } |
|
276 |
|
277 @Override |
|
278 public boolean implies(ProtectionDomain pd, Permission p) { |
|
279 return perms.implies(p); |
|
280 } |
|
281 |
|
282 //for older jdk |
|
283 @Override |
|
284 public void refresh() { |
|
285 } |
|
286 } |
|
287 } |