[jboss-jira] [JBoss JIRA] Commented: (JBAS-3426) Fix org.jboss.test.jacc.test.WebIntegrationUnitTestCase in HEAD

Anil Saldhana (JIRA) jira-events at jboss.com
Mon Jul 31 14:57:14 EDT 2006


    [ http://jira.jboss.com/jira/browse/JBAS-3426?page=comments#action_12340287 ] 
            
Anil Saldhana commented on JBAS-3426:
-------------------------------------

According to Remy,  the Tomcat InvokerServlet should not be accessed due to security concerns.


> Fix org.jboss.test.jacc.test.WebIntegrationUnitTestCase in HEAD
> ---------------------------------------------------------------
>
>                 Key: JBAS-3426
>                 URL: http://jira.jboss.com/jira/browse/JBAS-3426
>             Project: JBoss Application Server
>          Issue Type: Bug
>      Security Level: Public(Everyone can see) 
>          Components: Web (Tomcat) service, Security
>         Environment: org.jboss.test.jacc.test.WebIntegrationUnitTestCase(JACC)
> as well as org.jboss.test.jacc.test.WebIntegrationUnitTestCase
> Failing tests are testENCServlet  and testENCServletViaInvoker
>            Reporter: Anil Saldhana
>         Assigned To: Scott M Stark
>             Fix For: JBossAS-5.0.0.Beta
>
>
> There is privileges related exception that is showing up in HEAD whereas in Branch_4_0, does not show up.
> =======================================================================================
> 10:37:07,843 INFO  [ENCServlet] InitialContext.env:
> 10:37:07,843 INFO  [ENCServlet] Key: java.naming.factory.initial, value: org.jnp.interfaces.NamingContextFactory
> 10:37:07,843 INFO  [ENCServlet] Key: java.naming.factory.url.pkgs, value: org.jboss.naming:org.jnp.interfaces:org.jboss.naming:org.jnp.interfaces
> 10:37:07,890 ERROR [[invoker]] Allocate exception for servlet invoker
> java.lang.SecurityException: Servlet of class org.apache.catalina.servlets.Invok
> erServlet is privileged and cannot be loaded by this web application
>         at org.apache.catalina.core.StandardWrapper.loadServlet(StandardWrapper.
> java:1114)
>         at org.apache.catalina.core.StandardWrapper.allocate(StandardWrapper.java:784)
>         at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:130)
>         at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:178)
>         at org.jboss.web.tomcat.security.SecurityAssociationValve.invoke(SecurityAssociationValve.java:174)
>         at org.apache.catalina.authenticator.AuthenticatorBase.invoke(Authentica
> =========================================================================================
> Something changed in TC6 as to how web apps can invoke the container servlets?

-- 
This message is automatically generated by JIRA.
-
If you think it was sent incorrectly contact one of the administrators: http://jira.jboss.com/jira/secure/Administrators.jspa
-
For more information on JIRA, see: http://www.atlassian.com/software/jira

        



More information about the jboss-jira mailing list