[jboss-jira] [JBoss JIRA] Updated: (JASSIST-23) Java 2 Security ProtiectionDomain is not associated with new generated classes
Renat Zubairov (JIRA)
jira-events at jboss.com
Tue Jul 18 04:27:11 EDT 2006
[ http://jira.jboss.com/jira/browse/JASSIST-23?page=all ]
Renat Zubairov updated JASSIST-23:
----------------------------------
Attachment: exception.txt
Exception stack trace where visible that generated code have no code base.
> Java 2 Security ProtiectionDomain is not associated with new generated classes
> ------------------------------------------------------------------------------
>
> Key: JASSIST-23
> URL: http://jira.jboss.com/jira/browse/JASSIST-23
> Project: Javassist
> Issue Type: Bug
> Environment: IBM WebSphere 5.1 with J2EE Security ON, Javassist 3.0, Tapestry 4.1, HiveMind 1.1.1
> Reporter: Renat Zubairov
> Assigned To: Shigeru Chiba
> Priority: Blocker
> Attachments: exception.txt
>
> Original Estimate: 3 hours
> Remaining Estimate: 3 hours
>
> Classes that are generated using Javassist have no associated protection domain therefore it is not possible for JVM to assign permissions based on the static JAR files names, this is severe problem because it is not possible to grant permissions, hence all permissions are vorbidden, since that nothing works.
> Javassist is used by HiveMind to generate proxy classes for it's services, an see the stack trace (in attachment) the generated classes can't be associated with any ProtectionDomain, therefore
> _any Javassist supported application is impossble to start under strict security in Java_.
--
This message is automatically generated by JIRA.
-
If you think it was sent incorrectly contact one of the administrators: http://jira.jboss.com/jira/secure/Administrators.jspa
-
For more information on JIRA, see: http://www.atlassian.com/software/jira
More information about the jboss-jira
mailing list