--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/jdk/test/javax/security/auth/PrivateCredentialPermission/MoreThenOnePrincipals.java Fri Jun 19 14:06:24 2015 +0800
@@ -0,0 +1,98 @@
+/*
+ * Copyright (c) 2015, Oracle and/or its affiliates. All rights reserved.
+ * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
+ *
+ * This code is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU General Public License version 2 only, as
+ * published by the Free Software Foundation.
+ *
+ * This code is distributed in the hope that it will be useful, but WITHOUT
+ * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
+ * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
+ * version 2 for more details (a copy is included in the LICENSE file that
+ * accompanied this code).
+ *
+ * You should have received a copy of the GNU General Public License version
+ * 2 along with this work; if not, write to the Free Software Foundation,
+ * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+ *
+ * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
+ * or visit www.oracle.com if you need additional information or have any
+ * questions.
+ */
+
+import com.sun.security.auth.NTUserPrincipal;
+import com.sun.security.auth.UnixPrincipal;
+import java.util.Arrays;
+import java.util.Collections;
+import java.util.HashSet;
+import javax.security.auth.Subject;
+import org.testng.annotations.DataProvider;
+import org.testng.annotations.Test;
+
+/*
+ * @test
+ * @bug 8050409
+ * @summary Tests with Subject.getPrivateCredentials to check permission checks with one or more principals.
+ * @run testng/othervm/policy=MoreThenOnePrincipals.policy MoreThenOnePrincipals
+ */
+public class MoreThenOnePrincipals {
+ private static final String[] CRED_VALUES =
+ new String[]{"testPrivateCredential-1", "testPrivateCredentials-2"};
+ private static final HashSet CREDS = new HashSet<>(Arrays.asList(CRED_VALUES));
+
+ /**
+ * Policy file grants access to the private Credential,belonging to a
+ * Subject with at least two associated Principals:"com.sun.security.auth
+ * .NTUserPrincipal", with the name,"NTUserPrincipal-1", and
+ * "com.sun.security.auth.UnixPrincipal", with the name, "UnixPrincipals-1".
+ *
+ * For test1 and test2, subjects are associated with none or only one of
+ * principals mentioned above, SecurityException is expected.
+ * For test 3 and test 4, subjects are associated with two or more
+ * Principals (above principals are included), no exception is expected.
+ *
+ */
+
+ @Test(dataProvider = "Provider1", expectedExceptions = SecurityException.class)
+ public void test1(Subject s) {
+ s.getPrivateCredentials(String.class);
+ }
+
+ @Test(dataProvider = "Provider1", expectedExceptions = SecurityException.class)
+ public void test2(Subject s) {
+ s.getPrivateCredentials().iterator().next();
+ }
+
+ @Test(dataProvider = "Provider2")
+ public void test3(Subject s) {
+ s.getPrivateCredentials(String.class);
+ }
+
+ @Test(dataProvider = "Provider2")
+ public void test4(Subject s) {
+ s.getPrivateCredentials().iterator().next();
+ }
+
+ @DataProvider
+ public Object[][] Provider1() {
+ Subject s1 = new Subject(false, Collections.EMPTY_SET, Collections.EMPTY_SET, CREDS);
+ s1.getPrincipals().add(new NTUserPrincipal("NTUserPrincipal-2"));
+ Subject s2 = new Subject(false, Collections.EMPTY_SET, Collections.EMPTY_SET, CREDS);
+ s2.getPrincipals().add(new NTUserPrincipal("NTUserPrincipal-1"));
+ return new Object[][]{{s1}, {s2}};
+ }
+
+ @DataProvider
+ public Object[][] Provider2() {
+ Subject s3 = new Subject(false, Collections.EMPTY_SET, Collections.EMPTY_SET, CREDS);
+ s3.getPrincipals().add(new NTUserPrincipal("NTUserPrincipal-1"));
+ s3.getPrincipals().add(new UnixPrincipal("UnixPrincipals-1"));
+ Subject s4 = new Subject(false, Collections.EMPTY_SET, Collections.EMPTY_SET, CREDS);
+ s4.getPrincipals().add(new NTUserPrincipal("NTUserPrincipal-1"));
+ s4.getPrincipals().add(new UnixPrincipal("UnixPrincipals-1"));
+ s4.getPrincipals().add(new UnixPrincipal("UnixPrincipals-2"));
+ return new Object[][]{{s3}, {s4}};
+ }
+
+}
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/jdk/test/javax/security/auth/PrivateCredentialPermission/MoreThenOnePrincipals.policy Fri Jun 19 14:06:24 2015 +0800
@@ -0,0 +1,10 @@
+grant{
+// permissions for TestNG execution
+permission java.io.FilePermission "*","read,write";
+permission java.lang.RuntimePermission "accessDeclaredMembers";
+permission java.util.PropertyPermission "*","read";
+permission java.lang.reflect.ReflectPermission "suppressAccessChecks";
+// permissions for test itself
+permission javax.security.auth.AuthPermission "modifyPrincipals";
+permission javax.security.auth.PrivateCredentialPermission "* com.sun.security.auth.NTUserPrincipal \"NTUserPrincipal-1\" com.sun.security.auth.UnixPrincipal \"UnixPrincipals-1\"", "read";
+};