Mercurial > hg > release > icedtea-web-1.6
changeset 1236:1277621dfd03
Security dialogs got, moreover, unified dealing with trustNone/All and headless
author | Jiri Vanek <jvanek@redhat.com> |
---|---|
date | Thu, 11 Jun 2015 12:30:23 +0200 |
parents | 7b9e3303f691 |
children | bf754026fe6b |
files | ChangeLog netx/net/sourceforge/jnlp/runtime/JNLPRuntime.java netx/net/sourceforge/jnlp/security/SecurityDialogs.java netx/net/sourceforge/jnlp/security/appletextendedsecurity/UnsignedAppletTrustConfirmation.java tests/netx/unit/net/sourceforge/jnlp/security/SecurityDialogsTest.java |
diffstat | 5 files changed, 548 insertions(+), 19 deletions(-) [+] |
line wrap: on
line diff
--- a/ChangeLog Tue Jun 09 17:52:42 2015 +0200 +++ b/ChangeLog Thu Jun 11 12:30:23 2015 +0200 @@ -1,3 +1,18 @@ +2015-06-10 Jiri Vanek <jvanek@redhat.com> + + Security dialogs got, moreover, unified dealing with trustNone/All and headless + * netx/net/sourceforge/jnlp/runtime/JNLPRuntime.java: setTrustAll setTrustNone + made public so it can be used in testing. + * netx/net/sourceforge/jnlp/security/SecurityDialogs.java: all calls to show + security dialog now have correct introduction based on shouldPromptUser with + resolution based on trustAll. (shouldPromptUser) now takes also headless to + accounting. + * netx/net/sourceforge/jnlp/security/appletextendedsecurity/UnsignedAppletTrustConfirmation.java: + (checkUnsignedWithUserIfRequired) now react trustAll and trustNone + (checkPartiallySignedWithUserIfRequired) now react also trustAll + * tests/netx/unit/net/sourceforge/jnlp/security/SecurityDialogsTest.java: added + tests verifying adapted logic + 2015-06-09 Jiri Vanek <jvanek@redhat.com> Fixed issue, when desktop/menu shortcut created during -html mode, was not created like it
--- a/netx/net/sourceforge/jnlp/runtime/JNLPRuntime.java Tue Jun 09 17:52:42 2015 +0200 +++ b/netx/net/sourceforge/jnlp/runtime/JNLPRuntime.java Thu Jun 11 12:30:23 2015 +0200 @@ -841,7 +841,7 @@ return html; } - static void setTrustAll(boolean b) { + public static void setTrustAll(boolean b) { trustAll=b; } @@ -849,7 +849,7 @@ return trustAll; } - static void setTrustNone(final boolean b) { + public static void setTrustNone(final boolean b) { trustNone = b; }
--- a/netx/net/sourceforge/jnlp/security/SecurityDialogs.java Tue Jun 09 17:52:42 2015 +0200 +++ b/netx/net/sourceforge/jnlp/security/SecurityDialogs.java Thu Jun 11 12:30:23 2015 +0200 @@ -145,7 +145,7 @@ return (Boolean) o; } if (o instanceof Integer){ - return getIntegerResponseAsBoolean((Boolean)o); + return getIntegerResponseAsBoolean(o); } if (o instanceof AccessWarningPaneComplexReturn){ return getIntegerResponseAsBoolean(((AccessWarningPaneComplexReturn)o).getRegularReturn()); @@ -209,7 +209,11 @@ final JNLPFile file, final Object[] extras) { if (!shouldPromptUser()) { - return 1; + if (JNLPRuntime.isTrustAll()) { + return 0; + } else { + return 1; + } } final SecurityDialogMessage message = new SecurityDialogMessage(); @@ -234,7 +238,11 @@ public static AppSigningWarningAction showUnsignedWarningDialog(JNLPFile file) { if (!shouldPromptUser()) { - return new AppSigningWarningAction(ExecuteAppletAction.NO, false); + if (JNLPRuntime.isTrustAll()) { + return new AppSigningWarningAction(ExecuteAppletAction.YES, false); + } else { + return new AppSigningWarningAction(ExecuteAppletAction.NO, false); + } } final SecurityDialogMessage message = new SecurityDialogMessage(); @@ -264,7 +272,11 @@ JNLPFile file, CertVerifier certVerifier, SecurityDelegate securityDelegate) { if (!shouldPromptUser()) { - return AppletAction.CANCEL; + if (JNLPRuntime.isTrustAll()) { + return AppletAction.RUN; + } else { + return AppletAction.CANCEL; + } } final SecurityDialogMessage message = new SecurityDialogMessage(); @@ -291,7 +303,11 @@ SecurityDelegate securityDelegate) { if (!shouldPromptUser()) { - return new AppSigningWarningAction(ExecuteAppletAction.NO, false); + if (JNLPRuntime.isTrustAll()) { + return new AppSigningWarningAction(ExecuteAppletAction.YES, false); + } else { + return new AppSigningWarningAction(ExecuteAppletAction.NO, false); + } } final SecurityDialogMessage message = new SecurityDialogMessage(); @@ -318,6 +334,10 @@ */ public static Object[] showAuthenicationPrompt(String host, int port, String prompt, String type) { + if (!shouldPromptUser()){ + return null; + } + SecurityManager sm = System.getSecurityManager(); if (sm != null) { NetPermission requestPermission @@ -336,9 +356,13 @@ public static boolean showMissingALACAttributePanel(String title, URL codeBase, Set<URL> remoteUrls) { - if (!shouldPromptUser()) { - return false; - } + if (!shouldPromptUser()) { + if (JNLPRuntime.isTrustAll()) { + return true; + } else { + return false; + } + } SecurityDialogMessage message = new SecurityDialogMessage(); message.dialogType = DialogType.MISSING_ALACA; @@ -354,7 +378,7 @@ } public static boolean showMatchingALACAttributePanel(JNLPFile file, URL codeBase, Set<URL> remoteUrls) { - + ExecuteAppletAction storedAction = getStoredAction(file, AppletSecurityActions.MATCHING_ALACA_ACTION); OutputController.getLogger().log(OutputController.Level.ERROR_DEBUG, "Stored action for matching alaca at " + file.getCodeBase() +" was " + storedAction); @@ -368,8 +392,12 @@ } - if (!shouldPromptUser()) { - return false; + if (!shouldPromptUser()) { + if (JNLPRuntime.isTrustAll()) { + return true; + } else { + return false; + } } SecurityDialogMessage message = new SecurityDialogMessage(); @@ -416,7 +444,11 @@ public static boolean showMissingPermissionsAttributeDialogue(String title, URL codeBase) { if (!shouldPromptUser()) { - return false; + if (JNLPRuntime.isTrustAll()) { + return true; + } else { + return false; + } } SecurityDialogMessage message = new SecurityDialogMessage(); @@ -531,12 +563,16 @@ * Returns whether the current runtime configuration allows prompting user * for security warnings. * - * @return true if security warnings should be shown to the user. + * @return true if security warnings should be shown to the user. false of + * otherwise or runtime is headless */ private static boolean shouldPromptUser() { return AccessController.doPrivileged(new PrivilegedAction<Boolean >() { @Override public Boolean run() { + if (JNLPRuntime.isHeadless()){ + return false; + } return Boolean.valueOf(JNLPRuntime.getConfiguration() .getProperty(DeploymentConfiguration.KEY_SECURITY_PROMPT_USER)); }
--- a/netx/net/sourceforge/jnlp/security/appletextendedsecurity/UnsignedAppletTrustConfirmation.java Tue Jun 09 17:52:42 2015 +0200 +++ b/netx/net/sourceforge/jnlp/security/appletextendedsecurity/UnsignedAppletTrustConfirmation.java Thu Jun 11 12:30:23 2015 +0200 @@ -186,12 +186,12 @@ public static void checkUnsignedWithUserIfRequired(JNLPFile file) throws LaunchException { - if (unsignedAppletsAreForbidden()) { + if (unsignedAppletsAreForbidden() || JNLPRuntime.isTrustNone()) { OutputController.getLogger().log(OutputController.Level.ERROR_DEBUG, "Not running unsigned applet at " + file.getCodeBase() +" because unsigned applets are disallowed by security policy."); throw new LaunchException(file, null, R("LSFatal"), R("LCClient"), R("LUnsignedApplet"), R("LUnsignedAppletPolicyDenied")); } - if (!unsignedConfirmationIsRequired()) { + if (!unsignedConfirmationIsRequired() || JNLPRuntime.isTrustAll()) { OutputController.getLogger().log(OutputController.Level.ERROR_DEBUG, "Running unsigned applet at " + file.getCodeBase() +" does not require confirmation according to security policy."); return; } @@ -233,6 +233,10 @@ securityDelegate.setRunInSandbox(); return; } + if (JNLPRuntime.isTrustAll()) { + OutputController.getLogger().log(OutputController.Level.ERROR_DEBUG, "Running partially signed applet at " + file.getCodeBase() + " due to -Xtrustall flag"); + return; + } if (!unsignedConfirmationIsRequired()) { OutputController.getLogger().log(OutputController.Level.ERROR_DEBUG, "Running partially signed applet at " + file.getCodeBase() + " does not require confirmation according to security policy.");
--- a/tests/netx/unit/net/sourceforge/jnlp/security/SecurityDialogsTest.java Tue Jun 09 17:52:42 2015 +0200 +++ b/tests/netx/unit/net/sourceforge/jnlp/security/SecurityDialogsTest.java Thu Jun 11 12:30:23 2015 +0200 @@ -36,13 +36,33 @@ package net.sourceforge.jnlp.security; +import java.io.File; +import java.io.IOException; +import java.net.MalformedURLException; +import java.net.URL; +import java.util.HashSet; +import net.sourceforge.jnlp.InformationDesc; +import net.sourceforge.jnlp.LaunchException; +import net.sourceforge.jnlp.browsertesting.browsers.firefox.FirefoxProfilesOperator; +import net.sourceforge.jnlp.config.DeploymentConfiguration; +import net.sourceforge.jnlp.config.PathsAndFiles; +import net.sourceforge.jnlp.mock.DummyJNLPFileWithJar; +import net.sourceforge.jnlp.runtime.JNLPRuntime; +import static net.sourceforge.jnlp.security.SecurityDialogs.AppletAction.*; import static net.sourceforge.jnlp.security.SecurityDialogs.getIntegerResponseAsAppletAction; import static net.sourceforge.jnlp.security.SecurityDialogs.getIntegerResponseAsBoolean; +import net.sourceforge.jnlp.security.appletextendedsecurity.AppletSecurityLevel; +import net.sourceforge.jnlp.security.appletextendedsecurity.ExecuteAppletAction; +import net.sourceforge.jnlp.security.appletextendedsecurity.UnsignedAppletTrustConfirmation; +import net.sourceforge.jnlp.security.dialogs.apptrustwarningpanel.AppTrustWarningPanel.AppSigningWarningAction; +import org.junit.After; +import org.junit.AfterClass; +import org.junit.Assert; import static org.junit.Assert.assertEquals; import static org.junit.Assert.assertFalse; import static org.junit.Assert.assertTrue; -import static net.sourceforge.jnlp.security.SecurityDialogs.AppletAction.*; - +import org.junit.Before; +import org.junit.BeforeClass; import org.junit.Test; public class SecurityDialogsTest { @@ -100,4 +120,458 @@ assertEquals("Integer reference 2 should have resulted in CANCEL", getIntegerResponseAsAppletAction(intRef3), CANCEL); assertEquals("Integer reference 3 should have resulted in CANCEL", getIntegerResponseAsAppletAction(intRef4), CANCEL); } + + private static boolean wasHeadless; + private static boolean wasTrustAll; + private static boolean wasTrustNone; + private static String prompt; + private static URL url; + private static File appletSecurityBackup; + private static String seclevel; + + private static class DummyJnlpWithTitleAndUrls extends DummyJNLPFileWithJar { + + public DummyJnlpWithTitleAndUrls() throws MalformedURLException { + super(new File("/some/path/blah.jar")); + } + + @Override + public InformationDesc getInformation() { + return new InformationDesc(null, false) { + + @Override + public String getTitle() { + return "Demo App"; + } + + }; + } + + @Override + public URL getCodeBase() { + return url; + } + + @Override + public URL getSourceLocation() { + return url; + } + + }; + + private static class ExpectedResults { + + public static ExpectedResults PositiveResults = new ExpectedResults(true, RUN, ExecuteAppletAction.YES, null, true); + public static ExpectedResults NegativeResults = new ExpectedResults(false, CANCEL, ExecuteAppletAction.NO, null, false); + public final boolean p1; + public final SecurityDialogs.AppletAction p2; + public final ExecuteAppletAction ea; + public final Object[] np; + public final boolean b; + + public ExpectedResults(boolean p1, SecurityDialogs.AppletAction p2, ExecuteAppletAction ea, Object[] np, boolean b) { + this.p1 = p1; + this.p2 = p2; + this.ea = ea; + this.np = np; + this.b = b; + } + + } + + @BeforeClass + public static void initUrl() throws MalformedURLException { + url = new URL("http://must.not.be.in/.appletSecurity"); + } + + @BeforeClass + public static void backupAppletSecurity() throws IOException { + appletSecurityBackup = File.createTempFile("appletSecurity", "itwTestBAckup"); + FirefoxProfilesOperator.copyFile(PathsAndFiles.APPLET_TRUST_SETTINGS_USER.getFile(), appletSecurityBackup); + } + + @Before + public void removeAppletSecurity() throws IOException { + removeAppletSecurityImpl(); + } + + public static void removeAppletSecurityImpl() throws IOException { + if (appletSecurityBackup.exists()) { + PathsAndFiles.APPLET_TRUST_SETTINGS_USER.getFile().delete(); + } + } + + @AfterClass + public static void restoreAppletSecurity() throws IOException { + if (appletSecurityBackup.exists()) { + removeAppletSecurityImpl(); + FirefoxProfilesOperator.copyFile(appletSecurityBackup, PathsAndFiles.APPLET_TRUST_SETTINGS_USER.getFile()); + appletSecurityBackup.delete(); + } + } + + @BeforeClass + public static void saveJnlpRuntime() { + wasHeadless = JNLPRuntime.isHeadless(); + wasTrustAll = JNLPRuntime.isTrustAll(); + //trutNone is not used in dialogues, its considered as default + //but is ussed in Unsigned... dialogs family + wasTrustNone = JNLPRuntime.isTrustNone(); + prompt = JNLPRuntime.getConfiguration().getProperty(DeploymentConfiguration.KEY_SECURITY_PROMPT_USER); + seclevel = JNLPRuntime.getConfiguration().getProperty(DeploymentConfiguration.KEY_SECURITY_LEVEL); + } + + @After + public void restoreJnlpRuntime() throws Exception { + restoreJnlpRuntimeFinally(); + } + + private static void setPrompt(String p) { + JNLPRuntime.getConfiguration().setProperty(DeploymentConfiguration.KEY_SECURITY_PROMPT_USER, p); + } + + private static void setPrompt(boolean p) { + JNLPRuntime.getConfiguration().setProperty(DeploymentConfiguration.KEY_SECURITY_PROMPT_USER, String.valueOf(p)); + } + + private static void setAS(AppletSecurityLevel as) { + JNLPRuntime.getConfiguration().setProperty(DeploymentConfiguration.KEY_SECURITY_LEVEL, String.valueOf(as.toChars())); + } + + @AfterClass + public static void restoreJnlpRuntimeFinally() throws Exception { + JNLPRuntime.setHeadless(wasHeadless); + JNLPRuntime.setTrustAll(wasTrustAll); + JNLPRuntime.setTrustNone(wasTrustNone); + setPrompt(prompt); + JNLPRuntime.getConfiguration().setProperty(DeploymentConfiguration.KEY_SECURITY_LEVEL, seclevel); + } + + @Test(timeout = 1000)//if gui pops up + public void testDialogsHeadlessTrustAllPrompt() throws Exception { + JNLPRuntime.setHeadless(true); + JNLPRuntime.setTrustAll(true); + JNLPRuntime.setTrustNone(false); //ignored + setPrompt(true); //should not metter becasue is headless + setAS(AppletSecurityLevel.ALLOW_UNSIGNED); + testAllDialogs(ExpectedResults.PositiveResults); + checkUnsignedActing(true); + setAS(AppletSecurityLevel.ASK_UNSIGNED); + checkUnsignedActing(true); + setAS(AppletSecurityLevel.DENY_ALL); + checkUnsignedActing(false, true); + setAS(AppletSecurityLevel.DENY_UNSIGNED); + checkUnsignedActing(false, true); + } + + @Test(timeout = 1000)//if gui pops up + public void testDialogsHeadlessTrustNonePrompt() throws Exception { + JNLPRuntime.setHeadless(true); + JNLPRuntime.setTrustAll(false); + JNLPRuntime.setTrustNone(false); //used by Unsigne + setPrompt(true); //should not metter becasue is headless + setAS(AppletSecurityLevel.ALLOW_UNSIGNED); + testAllDialogs(ExpectedResults.NegativeResults); + checkUnsignedActing(true); + setAS(AppletSecurityLevel.ASK_UNSIGNED); + checkUnsignedActing(false); + setAS(AppletSecurityLevel.DENY_ALL); + checkUnsignedActing(false); + setAS(AppletSecurityLevel.DENY_UNSIGNED); + checkUnsignedActing(false); + } + + @Test(timeout = 1000)//if gui pops up + public void testDialogsNotHeadlessTrustAllDontPrompt() throws Exception { + JNLPRuntime.setHeadless(false); //should not metter as is nto asking + JNLPRuntime.setTrustAll(true); + JNLPRuntime.setTrustNone(false); //ignored + setPrompt(false); + setAS(AppletSecurityLevel.ALLOW_UNSIGNED); + testAllDialogs(ExpectedResults.PositiveResults); + checkUnsignedActing(true); + setAS(AppletSecurityLevel.ASK_UNSIGNED); + checkUnsignedActing(true); + setAS(AppletSecurityLevel.DENY_ALL); + checkUnsignedActing(false, true); + setAS(AppletSecurityLevel.DENY_UNSIGNED); + checkUnsignedActing(false, true); + } + + @Test(timeout = 1000)//if gui pops up + public void testDialogsNotHeadlessTrustNoneDontPrompt() throws Exception { + JNLPRuntime.setHeadless(false); //should not metter as is nto asking + JNLPRuntime.setTrustAll(false); + JNLPRuntime.setTrustNone(false); //ignored + setPrompt(false); + setAS(AppletSecurityLevel.ALLOW_UNSIGNED); + testAllDialogs(ExpectedResults.NegativeResults); + checkUnsignedActing(true); + setAS(AppletSecurityLevel.ASK_UNSIGNED); + checkUnsignedActing(false); + setAS(AppletSecurityLevel.DENY_ALL); + checkUnsignedActing(false); + setAS(AppletSecurityLevel.DENY_UNSIGNED); + checkUnsignedActing(false); + } + + private void testAllDialogs(ExpectedResults r) throws MalformedURLException { + //anything but shoertcut + boolean r1 = SecurityDialogs.showAccessWarningDialogB(SecurityDialogs.AccessType.PRINTER, null, null); + Assert.assertEquals(r.p1, r1); + //shortcut + boolean r2 = SecurityDialogs.showAccessWarningDialogB(SecurityDialogs.AccessType.CREATE_DESTKOP_SHORTCUT, null, null); + Assert.assertEquals(r.p1, r2); + AppSigningWarningAction r3 = SecurityDialogs.showUnsignedWarningDialog(null); + Assert.assertEquals(r.ea, r3.getAction()); + SecurityDialogs.AppletAction r4 = SecurityDialogs.showCertWarningDialog(SecurityDialogs.AccessType.UNVERIFIED, null, null, null); + Assert.assertEquals(r.p2, r4); + AppSigningWarningAction r5 = SecurityDialogs.showPartiallySignedWarningDialog(null, null, null); + Assert.assertEquals(r.ea, r5.getAction()); + Object[] r6 = SecurityDialogs.showAuthenicationPrompt(null, 123456, null, null); + Assert.assertEquals(r.np, r6); //the np is null in both positive and negative + boolean r7 = SecurityDialogs.showMissingALACAttributePanel(null, null, null); + Assert.assertEquals(r.b, r7); + boolean r8 = SecurityDialogs.showMatchingALACAttributePanel(new DummyJnlpWithTitleAndUrls(), url, new HashSet<URL>()); + Assert.assertEquals(r.b, r8); + boolean r9 = SecurityDialogs.showMissingPermissionsAttributeDialogue(null, null); + Assert.assertEquals(r.b, r9); + } + + private void checkUnsignedActing(boolean b) throws MalformedURLException { + checkUnsignedActing(b, b); + } + + /* + * testPartiallySignedBehaviour(); needs security delegate to set sandbox, so somtetimes results are strange + */ + private void checkUnsignedActing(boolean b1, boolean b2) throws MalformedURLException { + boolean r10 = testUnsignedBehaviour(); + Assert.assertEquals(b1, r10); + boolean r11 = testPartiallySignedBehaviour(); + Assert.assertEquals(b2, r11); + } + + private boolean testUnsignedBehaviour() throws MalformedURLException { + try { + UnsignedAppletTrustConfirmation.checkUnsignedWithUserIfRequired(new DummyJnlpWithTitleAndUrls()); + return true; + } catch (LaunchException ex) { + return false; + } + } + + private boolean testPartiallySignedBehaviour() throws MalformedURLException { + try { + UnsignedAppletTrustConfirmation.checkPartiallySignedWithUserIfRequired(null, new DummyJnlpWithTitleAndUrls(), null); + return true; + } catch (LaunchException ex) { + return false; + } + } + //SPOILER ALERT + //all test below, are executing gui mode + //however, they should never popup becasue jnlpruntime should never be initialized in this test + //so posting to non existing queue leads to NPE + //if this logic will ever be changed, the testswill need fixing + //msot terrible thing which may happen is, that gui will be really shown + //then each test must check if it have X, if odnt, pass with message "nothing tested| + //if it have X, it have to show gui, terminate itself, and then verify that gui was really running + + private void countNPES() throws MalformedURLException { + int npecounter = 0; + int metcounter = 0; + try { + metcounter++; + //anything but shoertcut + SecurityDialogs.showAccessWarningDialog(SecurityDialogs.AccessType.PRINTER, null, null); + } catch (NullPointerException ex) { + npecounter++; + } + try { + metcounter++; + //shortcut + SecurityDialogs.showAccessWarningDialog(SecurityDialogs.AccessType.CREATE_DESTKOP_SHORTCUT, null, null); + } catch (NullPointerException ex) { + npecounter++; + } + try { + metcounter++; + SecurityDialogs.showUnsignedWarningDialog(null); + } catch (NullPointerException ex) { + npecounter++; + } + try { + metcounter++; + SecurityDialogs.showCertWarningDialog(SecurityDialogs.AccessType.UNVERIFIED, null, null, null); + } catch (NullPointerException ex) { + npecounter++; + } + try { + metcounter++; + AppSigningWarningAction r5 = SecurityDialogs.showPartiallySignedWarningDialog(null, null, null); + } catch (NullPointerException ex) { + npecounter++; + } + try { + metcounter++; + SecurityDialogs.showAuthenicationPrompt(null, 123456, null, null); + } catch (NullPointerException ex) { + npecounter++; + } + try { + metcounter++; + SecurityDialogs.showMissingALACAttributePanel(null, null, null); + } catch (NullPointerException ex) { + npecounter++; + } + try { + metcounter++; + SecurityDialogs.showMatchingALACAttributePanel(new DummyJnlpWithTitleAndUrls(), url, new HashSet<URL>()); + } catch (NullPointerException ex) { + npecounter++; + } + try { + metcounter++; + SecurityDialogs.showMissingPermissionsAttributeDialogue(null, null); + } catch (NullPointerException ex) { + npecounter++; + } + Assert.assertEquals(metcounter, npecounter); + } + + private void checkUnsignedNPE(boolean b) throws MalformedURLException { + checkUnsignedNPE(b, b); + } + + /* + testPartiallySignedBehaviour(); needs security delegate to set sandbox, so somtetimes results are strange + */ + private void checkUnsignedNPE(boolean b1, boolean b2) throws MalformedURLException { + int metcounter = 0; + boolean ex1 = false; + boolean ex2 = false; + try { + metcounter++; + testPartiallySignedBehaviour(); + } catch (NullPointerException ex) { + ex1 = true; + } + try { + metcounter++; + testUnsignedBehaviour(); + } catch (NullPointerException ex) { + ex2 = true; + } + Assert.assertEquals(2, metcounter); + Assert.assertEquals(b1, ex1); + Assert.assertEquals(b2, ex2); + } + + @Test + public void testDialogsNotHeadlessTrustNonePrompt() throws Exception { + JNLPRuntime.setHeadless(false); + JNLPRuntime.setTrustAll(false);//should notmetter + JNLPRuntime.setTrustNone(false); //ignored + setPrompt(true); + setAS(AppletSecurityLevel.ALLOW_UNSIGNED); + countNPES(); + checkUnsignedNPE(false); + } + + @Test + public void testNormaDialogsNotHeadlessTrustAllPrompt() throws Exception { + JNLPRuntime.setHeadless(false); + JNLPRuntime.setTrustAll(true); + JNLPRuntime.setTrustNone(false); + setPrompt(true); + setAS(AppletSecurityLevel.ALLOW_UNSIGNED); + countNPES(); + } + + @Test + public void testUnsignedDialogsNotHeadlessTrustAllPrompt() throws Exception { + JNLPRuntime.setHeadless(false); + JNLPRuntime.setTrustAll(true); + JNLPRuntime.setTrustNone(false); + setPrompt(true); //ignored + setAS(AppletSecurityLevel.ALLOW_UNSIGNED); + checkUnsignedActing(true); + setAS(AppletSecurityLevel.ASK_UNSIGNED); + checkUnsignedActing(true); + setAS(AppletSecurityLevel.DENY_ALL); + checkUnsignedActing(false, true); + setAS(AppletSecurityLevel.DENY_UNSIGNED); + checkUnsignedActing(false, true); + } + + @Test + public void testUnsignedDialogsNotHeadlessTrustNonePrompt() throws Exception { + JNLPRuntime.setHeadless(false); + JNLPRuntime.setTrustAll(false); + JNLPRuntime.setTrustNone(true); + setPrompt(true); //ignored + setAS(AppletSecurityLevel.ALLOW_UNSIGNED); + boolean r10 = testUnsignedBehaviour(); + Assert.assertEquals(false, r10); + checkUnsignedNPE(true, false); + setAS(AppletSecurityLevel.ASK_UNSIGNED); + boolean r11 = testUnsignedBehaviour(); + Assert.assertEquals(false, r11); + checkUnsignedNPE(true, false); + setAS(AppletSecurityLevel.DENY_ALL); + boolean r12 = testUnsignedBehaviour(); + Assert.assertEquals(false, r12); + checkUnsignedNPE(true, false); + setAS(AppletSecurityLevel.DENY_UNSIGNED); + boolean r13 = testUnsignedBehaviour(); + Assert.assertEquals(false, r13); + checkUnsignedNPE(true, false); + } + + @Test + public void testUnsignedDialogsNotHeadlessTrustNoneTrustAllPrompt() throws Exception { + JNLPRuntime.setHeadless(false); + JNLPRuntime.setTrustAll(true); + JNLPRuntime.setTrustNone(true); + setPrompt(true); //ignored + setAS(AppletSecurityLevel.ALLOW_UNSIGNED); + boolean a = testUnsignedBehaviour(); + Assert.assertFalse(a); + checkUnsignedNPE(true, false); + setAS(AppletSecurityLevel.ASK_UNSIGNED); + boolean r10 = testUnsignedBehaviour(); + Assert.assertEquals(false, r10); + checkUnsignedNPE(true, false); + setAS(AppletSecurityLevel.DENY_ALL); + boolean r11 = testUnsignedBehaviour(); + Assert.assertEquals(false, r11); + checkUnsignedNPE(true, false); + setAS(AppletSecurityLevel.DENY_UNSIGNED); + boolean r12 = testUnsignedBehaviour(); + Assert.assertEquals(false, r12); + checkUnsignedNPE(true, false); + } + + + @Test + public void testUnsignedDialogsNotHeadlessPrompt() throws Exception { + JNLPRuntime.setHeadless(false); + JNLPRuntime.setTrustAll(false); + JNLPRuntime.setTrustNone(false); + setPrompt(true); //ignored + setAS(AppletSecurityLevel.ALLOW_UNSIGNED); + checkUnsignedActing(true); + setAS(AppletSecurityLevel.ASK_UNSIGNED); + checkUnsignedNPE(true, true); + setAS(AppletSecurityLevel.DENY_ALL); + boolean r11 = testUnsignedBehaviour(); + Assert.assertEquals(false, r11); + checkUnsignedNPE(true, false); + setAS(AppletSecurityLevel.DENY_UNSIGNED); + boolean r12 = testUnsignedBehaviour(); + Assert.assertEquals(false, r12); + checkUnsignedNPE(true, false); + } + }