July 2012 - jboss-jira - Jboss List Archives

[JBoss JIRA] (JBMESSAGING-1930) org.jboss.jms.server.container.SecurityAspect.check is missing privileged blocks

by Derek Horton (JIRA)

[ https://issues.jboss.org/browse/JBMESSAGING-1930?page=com.atlassian.jira.... ] Derek Horton updated JBMESSAGING-1930: -------------------------------------- Attachment: JBPAPP-7335.patch > org.jboss.jms.server.container.SecurityAspect.check is missing privileged blocks > -------------------------------------------------------------------------------- > > Key: JBMESSAGING-1930 > URL: https://issues.jboss.org/browse/JBMESSAGING-1930 > Project: JBoss Messaging > Issue Type: Bug > Components: JMS Security > Affects Versions: 1.4.8.SP5 > Reporter: Derek Horton > Assignee: Yong Hao Gao > Fix For: 1.4.8.SP8 > > Attachments: JBPAPP-7335.patch > > > A customer is trying to use the Java security manager on EAP 5.0.1. When the security manager is enabled, JBoss is throwing the following exception when they deploy their application that uses JMS: > Caused by: java.security.AccessControlException: access denied (javax.management.MBeanPermission org.jboss.jms.server.jbosssx.JBossASSecurityMetadataStore#getSecurityMetadata[jboss.messaging:service=SecurityStore] invoke) > at java.security.AccessControlContext.checkPermission(AccessControlContext.java:323) > at java.security.AccessController.checkPermission(AccessController.java:546) > at java.lang.SecurityManager.checkPermission(SecurityManager.java:532) > at org.jboss.system.security.DebuggingJavaSecurityManager.checkPermission(DebuggingJavaSecurityManager.java:95) > at org.jboss.mx.server.MBeanServerImpl.checkMBeanPermission(MBeanServerImpl.java:1735) > at org.jboss.mx.server.MBeanServerImpl.invoke(MBeanServerImpl.java:663) > at org.jboss.mx.util.MBeanProxyExt.invoke(MBeanProxyExt.java:210) > at $Proxy85.getSecurityMetadata(Unknown Source) > at org.jboss.jms.server.container.SecurityAspect.check(SecurityAspect.java:285) > at org.jboss.jms.server.container.SecurityAspect.handleCreateConsumerDelegate(SecurityAspect.java:113) > at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) > at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39) > at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25) > at java.lang.reflect.Method.invoke(Method.java:597) > at org.jboss.aop.advice.PerInstanceAdvice.invoke(PerInstanceAdvice.java:122) > at org.jboss.aop.joinpoint.MethodInvocation.invokeNext(MethodInvocation.java:102) > at org.jboss.jms.server.container.ServerLogInterceptor.invoke(ServerLogInterceptor.java:105) > at org.jboss.aop.joinpoint.MethodInvocation.invokeNext(MethodInvocation.java:102) > at org.jboss.jms.server.endpoint.advised.SessionAdvised.createConsumerDelegate(SessionAdvised.java) > at org.jboss.jms.wireformat.SessionCreateConsumerDelegateRequest.serverInvoke(SessionCreateConsumerDelegateRequest.java:100) > at org.jboss.jms.server.remoting.JMSServerInvocationHandler.invoke(JMSServerInvocationHandler.java:157) > at org.jboss.remoting.ServerInvoker.invoke(ServerInvoker.java:930) > at org.jboss.remoting.transport.local.LocalClientInvoker.invoke(LocalClientInvoker.java:106) > at org.jboss.remoting.Client.invoke(Client.java:2034) > at org.jboss.remoting.Client.invoke(Client.java:877) > at org.jboss.remoting.Client.invoke(Client.java:865) > at org.jboss.jms.client.delegate.DelegateSupport.doInvoke(DelegateSupport.java:189) > I found a JIRA [1] that appears to resolve the issue in messaging versions 1.4.0.SP3.CP05, 1.4.1.GA, 1.4.2.GA. I tried adding the following grant statement to the java security policy file, hoping that would resolve the issue. > > grant codeBase "file:${jboss.home.dir}/common/lib/jboss-messaging-int.jar" { > permission java.security.AllPermission; > }; > Unfortunately, it does not resolve the issue. > I am also able to recreate the issue on EAP 5.1.0. > [1] https://issues.jboss.org/browse/JBMESSAGING-1448 -- This message is automatically generated by JIRA. If you think it was sent incorrectly, please contact your JIRA administrators: https://issues.jboss.org/secure/ContactAdministrators!default.jspa For more information on JIRA, see: http://www.atlassian.com/software/jira

13 years, 9 months

1
0
0 / 0

[JBoss JIRA] (JBMESSAGING-1930) org.jboss.jms.server.container.SecurityAspect.check is missing privileged blocks

by Derek Horton (JIRA)

[ https://issues.jboss.org/browse/JBMESSAGING-1930?page=com.atlassian.jira.... ] Derek Horton moved JBPAPP-9509 to JBMESSAGING-1930: --------------------------------------------------- Project: JBoss Messaging (was: JBoss Enterprise Application Platform) Key: JBMESSAGING-1930 (was: JBPAPP-9509) Issue Type: Bug (was: Support Patch) Workflow: jira (was: JBoss Platforms Support Case Workflow v1) Release Notes Text: (was: CAUSE This only affects customers who are using the Java Security Manager and Message Driven Beans. The JBoss Messaging code is missing privileged blocks. CONSEQUENCE Message Driven Beans will fail to execute because of security exceptions. FIX Add the correct privileged blocks to the JBoss Messaging code. RESULT Message Driven Beans will work if the Java Security Manager is used. ) Fix Version/s: 1.4.8.SP8 (was: TBD EAP 5) Security: (was: JBoss Internal) Docs QE Status: (was: NEW) Affects Version/s: 1.4.8.SP5 (was: EAP_EWP 5.1.0) (was: EAP 5.0.1) (was: EAP_EWP 5.1.2) Workaround Description: N/A Support Case Reference: (was: https://na7.salesforce.com/500A0000007AwT4) SVN / CVS Isolated Branch: (was: https://svn.jboss.org/repos/messaging/branches/JBossMessaging_1_4_6_GA_JB...) Component/s: JMS Security (was: Messaging) Steps to Reproduce: - enable the Java Security Manager - deploy a message driven bean > org.jboss.jms.server.container.SecurityAspect.check is missing privileged blocks > -------------------------------------------------------------------------------- > > Key: JBMESSAGING-1930 > URL: https://issues.jboss.org/browse/JBMESSAGING-1930 > Project: JBoss Messaging > Issue Type: Bug > Components: JMS Security > Affects Versions: 1.4.8.SP5 > Reporter: Derek Horton > Assignee: Derek Horton > Fix For: 1.4.8.SP8 > > > A customer is trying to use the Java security manager on EAP 5.0.1. When the security manager is enabled, JBoss is throwing the following exception when they deploy their application that uses JMS: > Caused by: java.security.AccessControlException: access denied (javax.management.MBeanPermission org.jboss.jms.server.jbosssx.JBossASSecurityMetadataStore#getSecurityMetadata[jboss.messaging:service=SecurityStore] invoke) > at java.security.AccessControlContext.checkPermission(AccessControlContext.java:323) > at java.security.AccessController.checkPermission(AccessController.java:546) > at java.lang.SecurityManager.checkPermission(SecurityManager.java:532) > at org.jboss.system.security.DebuggingJavaSecurityManager.checkPermission(DebuggingJavaSecurityManager.java:95) > at org.jboss.mx.server.MBeanServerImpl.checkMBeanPermission(MBeanServerImpl.java:1735) > at org.jboss.mx.server.MBeanServerImpl.invoke(MBeanServerImpl.java:663) > at org.jboss.mx.util.MBeanProxyExt.invoke(MBeanProxyExt.java:210) > at $Proxy85.getSecurityMetadata(Unknown Source) > at org.jboss.jms.server.container.SecurityAspect.check(SecurityAspect.java:285) > at org.jboss.jms.server.container.SecurityAspect.handleCreateConsumerDelegate(SecurityAspect.java:113) > at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) > at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39) > at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25) > at java.lang.reflect.Method.invoke(Method.java:597) > at org.jboss.aop.advice.PerInstanceAdvice.invoke(PerInstanceAdvice.java:122) > at org.jboss.aop.joinpoint.MethodInvocation.invokeNext(MethodInvocation.java:102) > at org.jboss.jms.server.container.ServerLogInterceptor.invoke(ServerLogInterceptor.java:105) > at org.jboss.aop.joinpoint.MethodInvocation.invokeNext(MethodInvocation.java:102) > at org.jboss.jms.server.endpoint.advised.SessionAdvised.createConsumerDelegate(SessionAdvised.java) > at org.jboss.jms.wireformat.SessionCreateConsumerDelegateRequest.serverInvoke(SessionCreateConsumerDelegateRequest.java:100) > at org.jboss.jms.server.remoting.JMSServerInvocationHandler.invoke(JMSServerInvocationHandler.java:157) > at org.jboss.remoting.ServerInvoker.invoke(ServerInvoker.java:930) > at org.jboss.remoting.transport.local.LocalClientInvoker.invoke(LocalClientInvoker.java:106) > at org.jboss.remoting.Client.invoke(Client.java:2034) > at org.jboss.remoting.Client.invoke(Client.java:877) > at org.jboss.remoting.Client.invoke(Client.java:865) > at org.jboss.jms.client.delegate.DelegateSupport.doInvoke(DelegateSupport.java:189) > I found a JIRA [1] that appears to resolve the issue in messaging versions 1.4.0.SP3.CP05, 1.4.1.GA, 1.4.2.GA. I tried adding the following grant statement to the java security policy file, hoping that would resolve the issue. > > grant codeBase "file:${jboss.home.dir}/common/lib/jboss-messaging-int.jar" { > permission java.security.AllPermission; > }; > Unfortunately, it does not resolve the issue. > I am also able to recreate the issue on EAP 5.1.0. > [1] https://issues.jboss.org/browse/JBMESSAGING-1448 -- This message is automatically generated by JIRA. If you think it was sent incorrectly, please contact your JIRA administrators: https://issues.jboss.org/secure/ContactAdministrators!default.jspa For more information on JIRA, see: http://www.atlassian.com/software/jira

13 years, 9 months

1
0
0 / 0

[JBoss JIRA] (JBMESSAGING-1930) org.jboss.jms.server.container.SecurityAspect.check is missing privileged blocks

by Derek Horton (JIRA)

[ https://issues.jboss.org/browse/JBMESSAGING-1930?page=com.atlassian.jira.... ] Derek Horton reassigned JBMESSAGING-1930: ----------------------------------------- Assignee: Yong Hao Gao (was: Derek Horton) > org.jboss.jms.server.container.SecurityAspect.check is missing privileged blocks > -------------------------------------------------------------------------------- > > Key: JBMESSAGING-1930 > URL: https://issues.jboss.org/browse/JBMESSAGING-1930 > Project: JBoss Messaging > Issue Type: Bug > Components: JMS Security > Affects Versions: 1.4.8.SP5 > Reporter: Derek Horton > Assignee: Yong Hao Gao > Fix For: 1.4.8.SP8 > > > A customer is trying to use the Java security manager on EAP 5.0.1. When the security manager is enabled, JBoss is throwing the following exception when they deploy their application that uses JMS: > Caused by: java.security.AccessControlException: access denied (javax.management.MBeanPermission org.jboss.jms.server.jbosssx.JBossASSecurityMetadataStore#getSecurityMetadata[jboss.messaging:service=SecurityStore] invoke) > at java.security.AccessControlContext.checkPermission(AccessControlContext.java:323) > at java.security.AccessController.checkPermission(AccessController.java:546) > at java.lang.SecurityManager.checkPermission(SecurityManager.java:532) > at org.jboss.system.security.DebuggingJavaSecurityManager.checkPermission(DebuggingJavaSecurityManager.java:95) > at org.jboss.mx.server.MBeanServerImpl.checkMBeanPermission(MBeanServerImpl.java:1735) > at org.jboss.mx.server.MBeanServerImpl.invoke(MBeanServerImpl.java:663) > at org.jboss.mx.util.MBeanProxyExt.invoke(MBeanProxyExt.java:210) > at $Proxy85.getSecurityMetadata(Unknown Source) > at org.jboss.jms.server.container.SecurityAspect.check(SecurityAspect.java:285) > at org.jboss.jms.server.container.SecurityAspect.handleCreateConsumerDelegate(SecurityAspect.java:113) > at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) > at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39) > at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25) > at java.lang.reflect.Method.invoke(Method.java:597) > at org.jboss.aop.advice.PerInstanceAdvice.invoke(PerInstanceAdvice.java:122) > at org.jboss.aop.joinpoint.MethodInvocation.invokeNext(MethodInvocation.java:102) > at org.jboss.jms.server.container.ServerLogInterceptor.invoke(ServerLogInterceptor.java:105) > at org.jboss.aop.joinpoint.MethodInvocation.invokeNext(MethodInvocation.java:102) > at org.jboss.jms.server.endpoint.advised.SessionAdvised.createConsumerDelegate(SessionAdvised.java) > at org.jboss.jms.wireformat.SessionCreateConsumerDelegateRequest.serverInvoke(SessionCreateConsumerDelegateRequest.java:100) > at org.jboss.jms.server.remoting.JMSServerInvocationHandler.invoke(JMSServerInvocationHandler.java:157) > at org.jboss.remoting.ServerInvoker.invoke(ServerInvoker.java:930) > at org.jboss.remoting.transport.local.LocalClientInvoker.invoke(LocalClientInvoker.java:106) > at org.jboss.remoting.Client.invoke(Client.java:2034) > at org.jboss.remoting.Client.invoke(Client.java:877) > at org.jboss.remoting.Client.invoke(Client.java:865) > at org.jboss.jms.client.delegate.DelegateSupport.doInvoke(DelegateSupport.java:189) > I found a JIRA [1] that appears to resolve the issue in messaging versions 1.4.0.SP3.CP05, 1.4.1.GA, 1.4.2.GA. I tried adding the following grant statement to the java security policy file, hoping that would resolve the issue. > > grant codeBase "file:${jboss.home.dir}/common/lib/jboss-messaging-int.jar" { > permission java.security.AllPermission; > }; > Unfortunately, it does not resolve the issue. > I am also able to recreate the issue on EAP 5.1.0. > [1] https://issues.jboss.org/browse/JBMESSAGING-1448 -- This message is automatically generated by JIRA. If you think it was sent incorrectly, please contact your JIRA administrators: https://issues.jboss.org/secure/ContactAdministrators!default.jspa For more information on JIRA, see: http://www.atlassian.com/software/jira

13 years, 9 months

1
0
0 / 0

[JBoss JIRA] (AS7-5171) Remove dependency on custom extension in XMLParserActivator

by Thomas Diesler (JIRA)

Thomas Diesler created AS7-5171: ----------------------------------- Summary: Remove dependency on custom extension in XMLParserActivator Key: AS7-5171 URL: https://issues.jboss.org/browse/AS7-5171 Project: Application Server 7 Issue Type: Task Components: OSGi Reporter: Thomas Diesler Fix For: 7.2.0.CR1 We currently overwrite this extension {code} activator = new XMLParserActivator() { @Override protected URL getResourceURL(Bundle parserBundle, String resname) { return resloader.getResource(resname); } }; activator.start(syscontext); {code} which is not part of the standard API. -- This message is automatically generated by JIRA. If you think it was sent incorrectly, please contact your JIRA administrators: https://issues.jboss.org/secure/ContactAdministrators!default.jspa For more information on JIRA, see: http://www.atlassian.com/software/jira

13 years, 9 months

1
0
0 / 0

[JBoss JIRA] (AS7-5143) "java.lang.IllegalStateException: Parameters processing failed" for IE browser only

by Vaibhav N (JIRA)

Vaibhav N created AS7-5143: ------------------------------ Summary: "java.lang.IllegalStateException: Parameters processing failed" for IE browser only Key: AS7-5143 URL: https://issues.jboss.org/browse/AS7-5143 Project: Application Server 7 Issue Type: Bug Affects Versions: 7.1.2.Final (EAP) Environment: Windows 7 Enterprise Service Pack 1, JDK-1.7.0_05, jboss-as-7.1.1.Final/jboss-eap-6.0.0(Evaluation) Reporter: Vaibhav N Application throws an exception for IE browser only with "JBoss-as-7.1.1.Final" & "JBoss-eap-6.0.0(Evaluation version)" only, but it is working correctly for Firefox browser. Note : It is working fine with "jboss-as-7.1.0.Final" version for all browsers. Exception details : Unhandled Exception / Error: Internal Error (757457307) at :: Exception (Parameters processing failed.) java.lang.IllegalStateException: Parameters processing failed. at org.apache.tomcat.util.http.Parameters.processParameters(Parameters.java:407) at org.apache.tomcat.util.http.Parameters.processParameters(Parameters.java:229) at org.apache.catalina.connector.Request.parseParameters(Request.java:2874) at org.apache.catalina.connector.Request.getParameterNames(Request.java:1333) at org.apache.catalina.connector.RequestFacade.getParameterNames(RequestFacade.java:379)......................... -- This message is automatically generated by JIRA. If you think it was sent incorrectly, please contact your JIRA administrators: https://issues.jboss.org/secure/ContactAdministrators!default.jspa For more information on JIRA, see: http://www.atlassian.com/software/jira

13 years, 9 months

5
7
0 / 0

[JBoss JIRA] (AS7-5169) Adding System property in pattern-formatter in domain/standalone xmls of as7 does not print the value

by rang s (JIRA)

rang s created AS7-5169: --------------------------- Summary: Adding System property in pattern-formatter in domain/standalone xmls of as7 does not print the value Key: AS7-5169 URL: https://issues.jboss.org/browse/AS7-5169 Project: Application Server 7 Issue Type: Bug Components: Logging Affects Versions: 7.1.2.Final (EAP) Reporter: rang s Assignee: James Perkins Priority: Minor Adding a system property in the pattern string of logging.properties ${<system property>} substitutes the value in log file. However the same in domain.xml/standalone.xml does not substitute the variable with the value. (Addition notes: PropertyHelper.resolveValue() is used to get the value in normal case. However from AS7 this appears to get bypassed as in FormatterSpec.java : apply() calls the constructor of PatternFormatter directly which in turn resolves other variables and system property remains unresolved) -- This message is automatically generated by JIRA. If you think it was sent incorrectly, please contact your JIRA administrators: https://issues.jboss.org/secure/ContactAdministrators!default.jspa For more information on JIRA, see: http://www.atlassian.com/software/jira

13 years, 9 months

1
0
0 / 0

[JBoss JIRA] (AS7-4956) Deployed JMS destinations are not manageable

by Jeff Mesnil (JIRA)

Jeff Mesnil created AS7-4956: -------------------------------- Summary: Deployed JMS destinations are not manageable Key: AS7-4956 URL: https://issues.jboss.org/browse/AS7-4956 Project: Application Server 7 Issue Type: Bug Components: JMS Reporter: Jeff Mesnil Assignee: Jeff Mesnil 1.deploy the helloworld-mdb quickstart => this deploys a HELLOWORLDMDBQueue JMS Queue from its webapp/WEB-INF/hornetq-jms.xml 2. this JMS queue is not exposed in the admin CLI or web console $ ./bin/jboss-cli.sh --connect [standalone@localhost:9999 /] /subsystem=messaging/hornetq-server=default/jms-queue=HELLOWORLDMDBQueue:read-resource { "outcome" => "failed", "failure-description" => "JBAS014807: Management resource '[ (\"subsystem\" => \"messaging\"), (\"hornetq-server\" => \"default\"), (\"jms-queue\" => \"HELLOWORLDMDBQueue\") ]' not found", "rolled-back" => true } -- This message is automatically generated by JIRA. If you think it was sent incorrectly, please contact your JIRA administrators: https://issues.jboss.org/secure/ContactAdministrators!default.jspa For more information on JIRA, see: http://www.atlassian.com/software/jira

13 years, 9 months

2
6
0 / 0

[JBoss JIRA] (JBRULES-3577) A custom phase which initializes the solution but doesn't provide a better solution than the original should not get reverted

by Geoffrey De Smet (JIRA)

Geoffrey De Smet created JBRULES-3577: ----------------------------------------- Summary: A custom phase which initializes the solution but doesn't provide a better solution than the original should not get reverted Key: JBRULES-3577 URL: https://issues.jboss.org/browse/JBRULES-3577 Project: Drools Issue Type: Bug Security Level: Public (Everyone can see) Components: drools-planner Reporter: Geoffrey De Smet Assignee: Geoffrey De Smet DefaultSolver.runSolverPhases() will go through each phase, and will revert the changes if they're not better. Or, more exactly, here are lines 191-193: if (it.hasNext()) { // solverScope.setWorkingSolutionFromBestSolution(); } Now, if this involved setting the planning variables for the first time, those will be reverted. -- View this message in context: http://drools.46999.n3.nabble.com/Planner-Initialized-solution-local-sear... -- This message is automatically generated by JIRA. If you think it was sent incorrectly, please contact your JIRA administrators: https://issues.jboss.org/secure/ContactAdministrators!default.jspa For more information on JIRA, see: http://www.atlassian.com/software/jira

13 years, 9 months

1
3
0 / 0

[JBoss JIRA] (JBRULES-3576) Drools-camel-Server - Guvnor URL referenced by <drools:resource> is not started yet.

by Nicholas DiPiazza (JIRA)

Nicholas DiPiazza created JBRULES-3576: ------------------------------------------ Summary: Drools-camel-Server - Guvnor URL referenced by <drools:resource> is not started yet. Key: JBRULES-3576 URL: https://issues.jboss.org/browse/JBRULES-3576 Project: Drools Issue Type: Bug Security Level: Public (Everyone can see) Components: drools-camel Affects Versions: 5.3.0.Final Reporter: Nicholas DiPiazza Assignee: Mark Proctor -- This message is automatically generated by JIRA. If you think it was sent incorrectly, please contact your JIRA administrators: https://issues.jboss.org/secure/ContactAdministrators!default.jspa For more information on JIRA, see: http://www.atlassian.com/software/jira

13 years, 9 months

1
5
0 / 0

[JBoss JIRA] (AS7-5167) [EAP6] UnsupportedCallbackException where security realm delegates to JAAS realm.

by Derek Horton (JIRA)

Derek Horton created AS7-5167: --------------------------------- Summary: [EAP6] UnsupportedCallbackException where security realm delegates to JAAS realm. Key: AS7-5167 URL: https://issues.jboss.org/browse/AS7-5167 Project: Application Server 7 Issue Type: Bug Components: Security Reporter: Derek Horton Assignee: Darran Lofthouse Priority: Critical Fix For: 7.1.3.Final (EAP), 7.2.0.Alpha1 An UnsupportedCallbackException is being reported where a security realm delegates to JAAS realm, this causes the 'successful' authentication to subsequently fail. -- This message is automatically generated by JIRA. If you think it was sent incorrectly, please contact your JIRA administrators: https://issues.jboss.org/secure/ContactAdministrators!default.jspa For more information on JIRA, see: http://www.atlassian.com/software/jira

13 years, 9 months

1
1
0 / 0

2026

2025

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

2012

2011

2010

2009

2008

2007

2006

jboss-jira July 2012