Test Security : Security « Servlets « Java

Home
Java
1.2D Graphics GUI
2.3D
3.Advanced Graphics
4.Ant
5.Apache Common
6.Chart
7.Class
8.Collections Data Structure
9.Data Type
10.Database SQL JDBC
11.Design Pattern
12.Development Class
13.EJB3
14.Email
15.Event
16.File Input Output
17.Game
18.Generics
19.GWT
20.Hibernate
21.I18N
22.J2EE
23.J2ME
24.JavaFX
25.JDK 6
26.JDK 7
27.JNDI LDAP
28.JPA
29.JSP
30.JSTL
31.Language Basics
32.Network Protocol
33.PDF RTF
34.Reflection
35.Regular Expressions
36.Scripting
37.Security
38.Servlets
39.Spring
40.Swing Components
41.Swing JFC
42.SWT JFace Eclipse
43.Threads
44.Tiny Application
45.Velocity
46.Web Services SOA
47.XML
Java » Servlets » Security 




Test Security

import  java.io.*;
import  java.net.*;
import  javax.servlet.*;
import  javax.servlet.http.*;

public class TestSecurity extends HttpServlet {
    String h2o = "<H2>";
    String h2c = "</H2>";
    String p = "<p>";

    /**
     * put your documentation comment here
     @param req
     @param res
     @exception ServletException, IOException
     */
    public void doGet (HttpServletRequest req, HttpServletResponse resthrows ServletException, IOException {
        res.setContentType("text/html");
        PrintWriter out = res.getWriter();
        out.println("<HTML>");
        out.println("<HEAD><TITLE>Hello World</TITLE></HEAD>");
        out.println("<BODY>");
        out.println("<BIG>Test Security</BIG>");
        try {
            out.println(h2o + "Information..." + h2c);
            out.println("  Security Manager: " + getSecurityManager().getClass().getName()
                    + p);
            out.println("  ClassLoader: " this.getClass().getClassLoader()
                    + p);
            //            weblogic.utils.classloaders.GenericClassLoader gcl = (weblogic.utils.classloaders.GenericClassLoader)this.getClass().getClassLoader();
            //            gcl.setDebug( true );
            out.println("  CodeSource: " this.getClass().getProtectionDomain().getCodeSource().getLocation()
                    + p);
            out.println(" -- allowed -- " + p);
        catch (Exception e) {
            out.println(" -- rejected -- " + e.getMessage() + p);
        }
        /*
         try
         {
         out.println( h2o + "Trying some dangerous J2EE calls..." + h2c );
         String hack = request.getParameter( "hack" );
         Cookie[] cookies = request.getCookies();
         out.println( " -- allowed -- " + p );
         int x = 1 + 2 + 3;
         out.println( hack );  // use it
         int y = 1 + 2 + 3;
         out.println( cookies );  // use it
         String m = "COOKIE: " + cookies[0]; // use it again
         cookies = new Cookie[10]; // reset it
         String n = "COOKIE: " + cookies[5]; // use it again
         }
         catch( Exception e ) { out.println( " -- rejected -- " + e.getMessage() + p ); }
         */
        try {
            out.println(h2o + "Attempting file write to d:/Java..." + h2c);
            File f = new File("d:/Java/blah.txt");
            FileWriter fw = new FileWriter(f);
            fw.write("test\n");
            fw.close();
            out.println(" -- allowed -- " + p);
        catch (Exception e) {
            out.println(" -- rejected -- " + e.getMessage() + p);
        }
        try {
            out.println(h2o + "Attempting file write to d:/Java/TestServlet..."
                    + h2c);
            File f = new File("d:/Java/TestServlet/blah.txt");
            FileWriter fw = new FileWriter(f);
            fw.write("test\n");
            fw.close();
            out.println(" -- allowed -- " + p);
        catch (Exception e) {
            out.println(" -- rejected -- " + e.getMessage() + p);
        }
        try {
            out.println(h2o + "Attempting file read to c:/Ntdetect..." + h2c);
            File f = new File("c:/Ntdetect.com");
            FileReader fr = new FileReader(f);
            int c = fr.read();
            out.println(" -- allowed -- " + p);
        catch (Exception e) {
            out.println(" -- rejected -- " + e.getMessage() + p);
        }
        try {
            out.println(h2o + "Attempting file read to c:/weblogic/weblogic.properties..."
                    + h2c);
            File f = new File("c:/weblogic/weblogic.properties");
            FileReader fr = new FileReader(f);
            int c = fr.read();
            out.println(" -- allowed -- " + p);
        catch (Exception e) {
            out.println(" -- rejected -- " + e.getMessage() + p);
        }
        try {
            out.println(h2o + "Attempting to connect to yahoo.com..." + h2c);
            Socket s = new Socket("yahoo.com"8080);
            out.println(" -- allowed -- " + p);
        catch (Exception e) {
            out.println(" -- rejected -- " + e.getMessage() + p);
        }
        try {
            out.println(h2o + "Attempting to connect to hacker.com..." + h2c);
            Socket s = new Socket("hacker.com"8080);
            out.println(" -- allowed -- " + p);
        catch (Exception e) {
            out.println(" -- rejected -- " + e.getMessage() + p);
        }
        try {
            out.println(h2o + "Attempting to listen on port 37337..." + h2c);
            ServerSocket s = new ServerSocket(37337);
            Socket c = s.accept();
            out.println(" -- allowed -- " + p);
        catch (Exception e) {
            out.println(" -- rejected -- " + e.getMessage() + p);
        }
        try {
            out.println(h2o + "Attempting to listen on port 7001..." + h2c);
            ServerSocket s = new ServerSocket(7001);
            Socket c = s.accept();
            out.println(" -- allowed -- " + p);
        catch (Exception e) {
            out.println(" -- rejected -- " + e.getMessage() + p);
        }
        /*
         try
         {
         out.println( h2o + "Attempting native call..." + h2c );
         native0( 1 );
         out.println( " -- allowed -- " + p );
         }           
         catch( Exception e ) { out.println( " -- rejected -- " + e.getMessage() + p ); }
         */
        try {
            out.println(h2o + "Attempting exec..." + h2c);
            Runtime.getRuntime().exec("dir");
            out.println(" -- allowed -- " + p);
        catch (Exception e) {
            out.println(" -- rejected -- " + e.getMessage() + p);
        }
        try {
            out.println(h2o + "Attempting system exit..." + h2c);
            out.println(" -- allowed -- " + p);
        catch (Exception e) {
            out.println(" -- rejected -- " + e.getMessage() + p);
        }
        out.println("</BODY></HTML>");
    }
}


           
       














Related examples in the same category
1.Password Servlet
2.Restrict User IP
java2s.com  | Contact Us | Privacy Policy
Copyright 2009 - 12 Demo Source and Support. All rights reserved.
All other trademarks are property of their respective owners.