diff --git a/docs/manual/CoreTasks/java.html b/docs/manual/CoreTasks/java.html index ab72b5d72..c2b9f850a 100644 --- a/docs/manual/CoreTasks/java.html +++ b/docs/manual/CoreTasks/java.html @@ -88,7 +88,7 @@ JVM. failonerror Stop the buildprocess if the command exits with a - returncode other than 0. Default is "false" + returncode other than 0. Default is "false" (see note) No @@ -220,13 +220,11 @@ see permissions

When the permission RuntimePermission exitVM has not been granted (or has been revoked) the System.exit() call will be intercepted and treated like indicated in failonerror.

-

Settings will be ignored if fork is enabled.

since Ant 1.6.

diff --git a/src/main/org/apache/tools/ant/taskdefs/Java.java b/src/main/org/apache/tools/ant/taskdefs/Java.java index 08580227c..110e95c88 100644 --- a/src/main/org/apache/tools/ant/taskdefs/Java.java +++ b/src/main/org/apache/tools/ant/taskdefs/Java.java @@ -180,13 +180,11 @@ public class Java extends Task { log("bootclasspath ignored when same JVM is used.", Project.MSG_WARN); } - /* if (perm == null && failOnError == true) { - perm = new Permissions(); + perm = new Permissions(true); log("running " + this.cmdl.getClassname() + " with default permissions (exit forbidden)", Project.MSG_VERBOSE); } - */ log("Running in same VM " + cmdl.describeJavaCommand(), Project.MSG_VERBOSE); } diff --git a/src/main/org/apache/tools/ant/types/Permissions.java b/src/main/org/apache/tools/ant/types/Permissions.java index bca85c932..b90c04bca 100644 --- a/src/main/org/apache/tools/ant/types/Permissions.java +++ b/src/main/org/apache/tools/ant/types/Permissions.java @@ -86,8 +86,24 @@ public class Permissions { private java.security.Permissions granted = null; private SecurityManager origSm = null; private boolean active = false; - - /** + private boolean delegateToOldSM = false; + + /** + * default constructor + */ + public Permissions() { + } + /** + * create a new set of permissions + * @param delegateToOldSM if true the old security manager + * will be used if the permission has not been explicitly granted or revoked + * in this instance + * if false, it behaves like the default constructor + */ + public Permissions(boolean delegateToOldSM) { + this.delegateToOldSM = delegateToOldSM; + } + /** * Adds a permission to be granted. * @param perm The Permissions.Permission to be granted. */ @@ -194,20 +210,43 @@ public class Permissions { * The central point in checking permissions. * Overridden from java.lang.SecurityManager * - * @parem perm The permission requested. + * @param perm The permission requested. */ public void checkPermission(java.security.Permission perm) { if (active) { - if (!granted.implies(perm)) { - throw new SecurityException("Permission " + perm +" was not granted."); - } - for (Iterator i = revokedPermissions.listIterator(); i.hasNext();) { - if (((Permissions.Permission)i.next()).matches(perm)) { - throw new SecurityException("Permission " + perm +" was revoked."); + if (delegateToOldSM && !perm.getName().equals("exitVM")) { + boolean permOK = false; + if (granted.implies(perm)) { + permOK = true; } + checkRevoked(perm); + /* + if the permission was not explicitly granted or revoked + the original security manager will do its work + */ + if (!permOK && origSm != null) { + origSm.checkPermission(perm); + } + } else { + if (!granted.implies(perm)) { + throw new SecurityException("Permission " + perm + " was not granted."); + } + checkRevoked(perm); } } } + /** + * throws an exception if this permission is revoked + * @param perm the permission being checked + */ + private void checkRevoked(java.security.Permission perm) { + for (Iterator i = revokedPermissions.listIterator(); i.hasNext();) { + if (((Permissions.Permission)i.next()).matches(perm)) { + throw new SecurityException("Permission " + perm + " was revoked."); + } + } + + } } /** Represents a permission. */ @@ -279,7 +318,7 @@ public class Permissions { if (name != null) { if (name.endsWith("*")) { - if (!perm.getName().startsWith(name.substring(0,name.length()-1))) { + if (!perm.getName().startsWith(name.substring(0, name.length() - 1))) { return false; } } else { @@ -304,7 +343,7 @@ public class Permissions { /** * Parses the actions into a set of separate strings. - * @param action The actions to be parsed. + * @param actions The actions to be parsed. */ private Set parseActions(String actions) { Set result = new HashSet(); @@ -317,9 +356,12 @@ public class Permissions { } return result; } - + /** + * get a string description of the permissions + * @return string description of the permissions + */ public String toString() { - return ("Permission: " + className + " (\""+name+"\", \""+actions+"\")"); + return ("Permission: " + className + " (\"" + name + "\", \"" + actions + "\")"); } } } \ No newline at end of file diff --git a/src/testcases/org/apache/tools/ant/taskdefs/JavaTest.java b/src/testcases/org/apache/tools/ant/taskdefs/JavaTest.java index 98b14a82f..2b6c6a314 100644 --- a/src/testcases/org/apache/tools/ant/taskdefs/JavaTest.java +++ b/src/testcases/org/apache/tools/ant/taskdefs/JavaTest.java @@ -195,7 +195,7 @@ public class JavaTest extends BuildFileTest { executeTarget("testResultPropertyNonZeroNoFork"); assertEquals("-1",project.getProperty("exitcode")); } - /* + public void testRunFailWithFailOnError() { expectBuildExceptionContaining("testRunFailWithFailOnError", "non zero return code", @@ -205,7 +205,7 @@ public class JavaTest extends BuildFileTest { public void testRunSuccessWithFailOnError() { executeTarget("testRunSuccessWithFailOnError"); } - */ + public void testSpawn() { FileUtils fileutils = FileUtils.newFileUtils(); File logFile = fileutils.createTempFile("spawn","log", project.getBaseDir());