May 2016 - jboss-jira - Jboss List Archives

[JBoss JIRA] (WFLY-6660) Allow to dump Artemis journal to file by CLI operation

by Jeff Mesnil (JIRA)

[ https://issues.jboss.org/browse/WFLY-6660?page=com.atlassian.jira.plugin.... ] Jeff Mesnil commented on WFLY-6660: ----------------------------------- This new operation seems to duplicate the :export-journal operation that provides a XML version of the Artemis files. Is there anything in that new operation that is not covered by the :export-journal? Otherwise, I don't think it would help much as the output would likely be so huge that users will store it in a file for examination anyway... > Allow to dump Artemis journal to file by CLI operation > ------------------------------------------------------ > > Key: WFLY-6660 > URL: https://issues.jboss.org/browse/WFLY-6660 > Project: WildFly > Issue Type: Feature Request > Components: JMS > Affects Versions: 10.0.0.Final > Reporter: Miroslav Novak > Assignee: Jeff Mesnil > > For debugging and investigation purposes it would useful to have CLI operation which would dump content of Artemis journal directory. > New CLI operation like {{print-journal-date-content}} would print content of journal to a file. > It would do the same thing like following Artemis CLI command: > {code} > .../activemq-artemis/artemis-distribution/target/apache-artemis-1.3.0-SNAPSHOT-bin/apache-artemis-1.3.0-SNAPSHOT/bin/artemis data print --bindings bindings --journal journal --paging paging --large-messages largemessages > {code} > This should work only in Admin only mode as dumping journal in run-time is not possible when data changes. -- This message was sent by Atlassian JIRA (v6.4.11#64026)

7 years, 11 months

1
0
0 / 0

[JBoss JIRA] (WFLY-6644) Provide container managed sign on in configuration of pooled-connection-factory

by Miroslav Novak (JIRA)

[ https://issues.jboss.org/browse/WFLY-6644?page=com.atlassian.jira.plugin.... ] Miroslav Novak updated WFLY-6644: --------------------------------- Description: Currently it's not possible to configure container managed sign-on for Artemis RA in <pooled-connection-factory> in messaging-activemq subsystem. This will allow to provide authentication information when new connection to Artemis broker is created without specifying username and password when calling connectionFactory.createConnection(). Such security-domain could look like: {code}<security-domain name="CrashRecoveryDomain0"> <authentication> <login-module code="ConfiguredIdentity" flag="required"> <module-option name="principal" value="crash0"/> <module-option name="password" value="crash0"/> <module-option name="password-stacking" value="useFirstPass"/> <module-option name="userName" value="crash0"/> </login-module> </authentication> </security-domain>{code} The main benefit is that username and password can be omitted when creating new connection and does not have to be hard cored in EJB/Servlet. This could be used for inbound connections as well. We should allow to specify default-principal-name which would be used for authentication. There is more info about this approach in WebLogic documentatin [1]. [1] https://docs.oracle.com/cd/E13222_01/wls/docs92/resadapter/security.html was: Currently it's not possible to configure container managed sign-on for Artemis RA in <pooled-connection-factory> in messaging-activemq subsystem. This will allow to provide authentication information when new connection to Artemis broker is created without specifying username and password when calling connectionFactory.createConnection(). Such security-domain could look like: <security-domain name="CrashRecoveryDomain0"> <authentication> <login-module code="ConfiguredIdentity" flag="required"> <module-option name="principal" value="crash0"/> <module-option name="password" value="crash0"/> <module-option name="password-stacking" value="useFirstPass"/> <module-option name="userName" value="crash0"/> </login-module> </authentication> </security-domain> The main benefit is that username and password can be omitted when creating new connection and does not have to be hard cored in EJB/Servlet. This could be used for inbound connections as well. We should allow to specify default-principal-name which would be used for authentication. There is more info about this approach in WebLogic documentatin [1]. [1] https://docs.oracle.com/cd/E13222_01/wls/docs92/resadapter/security.html > Provide container managed sign on in configuration of pooled-connection-factory > ------------------------------------------------------------------------------- > > Key: WFLY-6644 > URL: https://issues.jboss.org/browse/WFLY-6644 > Project: WildFly > Issue Type: Bug > Components: JMS > Affects Versions: 10.0.0.Final > Reporter: Miroslav Novak > Assignee: Jeff Mesnil > > Currently it's not possible to configure container managed sign-on for Artemis RA in <pooled-connection-factory> in messaging-activemq subsystem. This will allow to provide authentication information when new connection to Artemis broker is created without specifying username and password when calling connectionFactory.createConnection(). > Such security-domain could look like: > {code}<security-domain name="CrashRecoveryDomain0"> > <authentication> > <login-module code="ConfiguredIdentity" flag="required"> > <module-option name="principal" value="crash0"/> > <module-option name="password" value="crash0"/> > <module-option name="password-stacking" value="useFirstPass"/> > <module-option name="userName" value="crash0"/> > </login-module> > </authentication> > </security-domain>{code} > The main benefit is that username and password can be omitted when creating new connection and does not have to be hard cored in EJB/Servlet. This could be used for inbound connections as well. We should allow to specify default-principal-name which would be used for authentication. There is more info about this approach in WebLogic documentatin [1]. > [1] https://docs.oracle.com/cd/E13222_01/wls/docs92/resadapter/security.html -- This message was sent by Atlassian JIRA (v6.4.11#64026)

7 years, 11 months

1
0
0 / 0

[JBoss JIRA] (ELY-553) Make use of realm events to handle OTP timeout updates

by Farah Juma (JIRA)

Farah Juma created ELY-553: ------------------------------ Summary: Make use of realm events to handle OTP timeout updates Key: ELY-553 URL: https://issues.jboss.org/browse/ELY-553 Project: WildFly Elytron Issue Type: Feature Request Components: SASL Reporter: Farah Juma Assignee: Farah Juma For the OTP SASL mechanism, we need to protect against race attacks, as described in [RFC 2289|https://tools.ietf.org/html/rfc2289#section-9.0]. The approach {{OTPSaslServer}} [currently takes|https://github.com/wildfly-security/wildfly-elytron/blob/master/src...] to defend against such attacks is the one suggested in RFC 2289, i.e., we prevent multiple simultaneous authentication sessions for a user. This means that once a legitimate user has started the authentication process, an attacker would be blocked until that first authentication process finishes. With this approach, a timeout is needed in order to prevent a denial of service attack. We could store the timeout info for a user via a {{RealmIdentity}} attribute as in [PR #277|https://github.com/wildfly-security/wildfly-elytron/pull/277]. We could then add support for a new event that indicates a timeout attribute change for a realm identity and then handle a {{TimeoutUpdateCallback}} by handling this new event. -- This message was sent by Atlassian JIRA (v6.4.11#64026)

7 years, 11 months

1
0
0 / 0

[JBoss JIRA] (WFLY-6192) JAXBUsageTestCase fails with security manager with security manager enabled

by Stuart Douglas (JIRA)

[ https://issues.jboss.org/browse/WFLY-6192?page=com.atlassian.jira.plugin.... ] Stuart Douglas commented on WFLY-6192: -------------------------------------- The reason is because it is public it would allow any code to access field reflection. I think the correct fix is to move the privileged block into whatever actually creates this class. > JAXBUsageTestCase fails with security manager with security manager enabled > --------------------------------------------------------------------------- > > Key: WFLY-6192 > URL: https://issues.jboss.org/browse/WFLY-6192 > Project: WildFly > Issue Type: Bug > Components: Test Suite > Reporter: Hynek Švábek > Assignee: Ivo Studensky > > *org.jboss.as.test.integration.jaxb.unit.JAXBUsageTestCase#testJAXBServlet* > {{./integration-tests.sh -fae -Dmaven.test.failure.ignore=true -DfailIfNoTests=false -Dsecurity.manager -Dts.basic -Dts.noSmoke -Dtest=org.jboss.as.test.integration.jaxb.unit.JAXBUsageTestCase#testJAXBServlet}} > Fails with: > {code} > ERROR [io.undertow.request] (default task-46) UT005023: Exception handling request to /jaxb-webapp//jaxbServlet: java.security.AccessControlException: WFSM000001: Permission check failed (permission "("java.lang.RuntimePermission" "getClassLoader")" in code source "(vfs:/content/jaxb-webapp.war/WEB-INF/classes <no signer certificates>)" of "null") > at org.wildfly.security.manager.WildFlySecurityManager.checkPermission(WildFlySecurityManager.java:273) > at org.wildfly.security.manager.WildFlySecurityManager.checkPermission(WildFlySecurityManager.java:175) > at java.lang.Thread.getContextClassLoader(Thread.java:500) > at javax.xml.bind.JAXBContext.newInstance(JAXBContext.java:279) > at org.jboss.as.test.integration.jaxb.JAXBUsageServlet.doGet(JAXBUsageServlet.java:50) > at javax.servlet.http.HttpServlet.service(HttpServlet.java:687) > at javax.servlet.http.HttpServlet.service(HttpServlet.java:790) > at io.undertow.servlet.handlers.ServletHandler.handleRequest(ServletHandler.java:85) > at io.undertow.servlet.handlers.security.ServletSecurityRoleHandler.handleRequest(ServletSecurityRoleHandler.java:62) > at io.undertow.servlet.handlers.ServletDispatchingHandler.handleRequest(ServletDispatchingHandler.java:36) > at org.wildfly.extension.undertow.security.SecurityContextAssociationHandler.handleRequest(SecurityContextAssociationHandler.java:78) > at io.undertow.server.handlers.PredicateHandler.handleRequest(PredicateHandler.java:43) > at io.undertow.servlet.handlers.security.SSLInformationAssociationHandler.handleRequest(SSLInformationAssociationHandler.java:131) > at io.undertow.servlet.handlers.security.ServletAuthenticationCallHandler.handleRequest(ServletAuthenticationCallHandler.java:57) > at io.undertow.server.handlers.PredicateHandler.handleRequest(PredicateHandler.java:43) > at io.undertow.security.handlers.AbstractConfidentialityHandler.handleRequest(AbstractConfidentialityHandler.java:46) > at io.undertow.servlet.handlers.security.ServletConfidentialityConstraintHandler.handleRequest(ServletConfidentialityConstraintHandler.java:64) > at io.undertow.security.handlers.AuthenticationMechanismsHandler.handleRequest(AuthenticationMechanismsHandler.java:60) > at io.undertow.servlet.handlers.security.CachedAuthenticatedSessionHandler.handleRequest(CachedAuthenticatedSessionHandler.java:77) > at io.undertow.security.handlers.NotificationReceiverHandler.handleRequest(NotificationReceiverHandler.java:50) > at io.undertow.security.handlers.AbstractSecurityContextAssociationHandler.handleRequest(AbstractSecurityContextAssociationHandler.java:43) > at io.undertow.server.handlers.PredicateHandler.handleRequest(PredicateHandler.java:43) > at org.wildfly.extension.undertow.security.jacc.JACCContextIdHandler.handleRequest(JACCContextIdHandler.java:61) > at io.undertow.server.handlers.PredicateHandler.handleRequest(PredicateHandler.java:43) > at io.undertow.server.handlers.PredicateHandler.handleRequest(PredicateHandler.java:43) > at io.undertow.servlet.handlers.ServletInitialHandler.handleFirstRequest(ServletInitialHandler.java:284) > at io.undertow.servlet.handlers.ServletInitialHandler.dispatchRequest(ServletInitialHandler.java:263) > at io.undertow.servlet.handlers.ServletInitialHandler.access$000(ServletInitialHandler.java:81) > at io.undertow.servlet.handlers.ServletInitialHandler$1$1.run(ServletInitialHandler.java:180) > at java.security.AccessController.doPrivileged(AccessController.java:650) > at io.undertow.servlet.handlers.ServletInitialHandler$1.handleRequest(ServletInitialHandler.java:177) > at io.undertow.server.Connectors.executeRootHandler(Connectors.java:202) > at io.undertow.server.HttpServerExchange$1.run(HttpServerExchange.java:793) > at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1153) > at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:628) > at java.lang.Thread.run(Thread.java:785) > {code} -- This message was sent by Atlassian JIRA (v6.4.11#64026)

7 years, 11 months

1
0
0 / 0

[JBoss JIRA] (ELY-552) Modify OTPSaslClient to use an ExtendedChoiceCallback to determine the password format

by Farah Juma (JIRA)

Farah Juma created ELY-552: ------------------------------ Summary: Modify OTPSaslClient to use an ExtendedChoiceCallback to determine the password format Key: ELY-552 URL: https://issues.jboss.org/browse/ELY-552 Project: WildFly Elytron Issue Type: Feature Request Components: SASL Reporter: Farah Juma Assignee: Farah Juma Modify {{OTPSaslClient}} to use an {{ExtendedChoiceCallback}} to determine if the password will be provided as a pass phrase, which can be used to generate an OTP, or as an already generated OTP. -- This message was sent by Atlassian JIRA (v6.4.11#64026)

7 years, 11 months

1
0
0 / 0

[JBoss JIRA] (ELY-551) Add the ability to specify a one-time password or pass phrase to AuthenticationConfiguration

by Farah Juma (JIRA)

Farah Juma created ELY-551: ------------------------------ Summary: Add the ability to specify a one-time password or pass phrase to AuthenticationConfiguration Key: ELY-551 URL: https://issues.jboss.org/browse/ELY-551 Project: WildFly Elytron Issue Type: Feature Request Components: Authentication Client Reporter: Farah Juma Assignee: Farah Juma This is needed for the OTP SASL mechanism. -- This message was sent by Atlassian JIRA (v6.4.11#64026)

7 years, 11 months

1
0
0 / 0

[JBoss JIRA] (WFLY-6368) Upgrade Apache CXF from 3.1.5 to 3.1.6

by Alessio Soldano (JIRA)

[ https://issues.jboss.org/browse/WFLY-6368?page=com.atlassian.jira.plugin.... ] Alessio Soldano updated WFLY-6368: ---------------------------------- Fix Version/s: 10.1.0.Final > Upgrade Apache CXF from 3.1.5 to 3.1.6 > -------------------------------------- > > Key: WFLY-6368 > URL: https://issues.jboss.org/browse/WFLY-6368 > Project: WildFly > Issue Type: Component Upgrade > Reporter: Bartosz Baranowski > Assignee: Alessio Soldano > Fix For: 10.1.0.Final > > -- This message was sent by Atlassian JIRA (v6.4.11#64026)

7 years, 11 months

1
0
0 / 0

[JBoss JIRA] (WFLY-6368) Upgrade Apache CXF from 3.1.5 to 3.1.6

by Alessio Soldano (JIRA)

[ https://issues.jboss.org/browse/WFLY-6368?page=com.atlassian.jira.plugin.... ] Alessio Soldano updated WFLY-6368: ---------------------------------- Summary: Upgrade Apache CXF from 3.1.5 to 3.1.6 (was: Upgrade CXF from 3.1.5 to 3.1.6) > Upgrade Apache CXF from 3.1.5 to 3.1.6 > -------------------------------------- > > Key: WFLY-6368 > URL: https://issues.jboss.org/browse/WFLY-6368 > Project: WildFly > Issue Type: Component Upgrade > Reporter: Bartosz Baranowski > Assignee: Alessio Soldano > -- This message was sent by Atlassian JIRA (v6.4.11#64026)

7 years, 11 months

1
0
0 / 0

[JBoss JIRA] (LOGTOOL-107) jboss-logging-tools don't include the license file

by gil cattaneo (JIRA)

gil cattaneo created LOGTOOL-107: ------------------------------------ Summary: jboss-logging-tools don't include the license file Key: LOGTOOL-107 URL: https://issues.jboss.org/browse/LOGTOOL-107 Project: Log Tool Issue Type: Bug Reporter: gil cattaneo Not available LICENSE file in source directory structure Please. Added license and copyright notice. the fedora pakaging guideline is very strictly precise about this problem https://fedoraproject.org/wiki/Packaging:LicensingGuidelines?rd=Packaging... thanks regards -- This message was sent by Atlassian JIRA (v6.4.11#64026)

7 years, 11 months

1
0
0 / 0

[JBoss JIRA] (WFLY-6192) JAXBUsageTestCase fails with security manager with security manager enabled

by Ivo Studensky (JIRA)

[ https://issues.jboss.org/browse/WFLY-6192?page=com.atlassian.jira.plugin.... ] Ivo Studensky commented on WFLY-6192: ------------------------------------- [~swd847] I've filed a PR for {{RuntimePermission("getClassLoader")}} which I believe is a reasonable fix. JAXB should not require the deployment to have the {{getClassLoader}} permission, see JBEE-166. But then there is a stacktrace \[2\] which fails on \[1\] which states it cannot run inside of a privileged block (see the comment above the line 248). I think the reason not to use the privileged block there is that JAXB loads customer classes which then might lead to a leak of privileges. [1] https://github.com/jboss/jaxb/blob/2.2.11-jboss/jaxb-ri/runtime/impl/src/... [2] {noformat} 2016-05-30 14:44:46,011 WARNING [com.sun.xml.bind.v2.runtime.reflect.Accessor$FieldReflection] (default task-1) Unable to make org.jboss.as.test.integration.jaxb.bindings.USAddress.name accessible.: java.security.AccessControlException: WFSM000001: Permission check failed (permission "("java.lang.reflect.ReflectPermission" "suppressAccessChecks")" in code source "(vfs:/content/jaxb-webapp.war/WEB-INF/classes <no signer certificates>)" of "null") at org.wildfly.security.manager.WildFlySecurityManager.checkPermission(WildFlySecurityManager.java:273) at org.wildfly.security.manager.WildFlySecurityManager.checkPermission(WildFlySecurityManager.java:175) at java.lang.reflect.AccessibleObject.setAccessible(AccessibleObject.java:128) at com.sun.xml.bind.v2.runtime.reflect.Accessor$FieldReflection.<init>(Accessor.java:248) at com.sun.xml.bind.v2.runtime.reflect.Accessor$FieldReflection.<init>(Accessor.java:236) at com.sun.xml.bind.AccessorFactoryImpl.createFieldAccessor(AccessorFactoryImpl.java:70) at com.sun.xml.bind.v2.model.impl.RuntimeClassInfoImpl.createFieldSeed(RuntimeClassInfoImpl.java:265) at com.sun.xml.bind.v2.model.impl.RuntimeClassInfoImpl.createFieldSeed(RuntimeClassInfoImpl.java:86) at com.sun.xml.bind.v2.model.impl.ClassInfoImpl.findFieldProperties(ClassInfoImpl.java:408) at com.sun.xml.bind.v2.model.impl.ClassInfoImpl.getProperties(ClassInfoImpl.java:311) at com.sun.xml.bind.v2.model.impl.RuntimeClassInfoImpl.getProperties(RuntimeClassInfoImpl.java:186) at com.sun.xml.bind.v2.model.impl.ModelBuilder.getClassInfo(ModelBuilder.java:261) at com.sun.xml.bind.v2.model.impl.RuntimeModelBuilder.getClassInfo(RuntimeModelBuilder.java:103) at com.sun.xml.bind.v2.model.impl.RuntimeModelBuilder.getClassInfo(RuntimeModelBuilder.java:84) at com.sun.xml.bind.v2.model.impl.ModelBuilder.getClassInfo(ModelBuilder.java:227) at com.sun.xml.bind.v2.model.impl.RuntimeModelBuilder.getClassInfo(RuntimeModelBuilder.java:98) at com.sun.xml.bind.v2.model.impl.RuntimeModelBuilder.getClassInfo(RuntimeModelBuilder.java:84) at com.sun.xml.bind.v2.model.impl.ModelBuilder.getTypeInfo(ModelBuilder.java:375) at com.sun.xml.bind.v2.model.impl.RegistryInfoImpl.<init>(RegistryInfoImpl.java:104) at com.sun.xml.bind.v2.model.impl.ModelBuilder.addRegistry(ModelBuilder.java:417) at com.sun.xml.bind.v2.model.impl.ModelBuilder.getTypeInfo(ModelBuilder.java:387) at com.sun.xml.bind.v2.runtime.JAXBContextImpl.getTypeInfoSet(JAXBContextImpl.java:454) at com.sun.xml.bind.v2.runtime.JAXBContextImpl.<init>(JAXBContextImpl.java:292) at com.sun.xml.bind.v2.runtime.JAXBContextImpl.<init>(JAXBContextImpl.java:139) at com.sun.xml.bind.v2.runtime.JAXBContextImpl$JAXBContextBuilder.build(JAXBContextImpl.java:1138) at com.sun.xml.bind.v2.ContextFactory.createContext(ContextFactory.java:162) at com.sun.xml.bind.v2.ContextFactory.createContext(ContextFactory.java:286) at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62) at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43) at java.lang.reflect.Method.invoke(Method.java:498) at javax.xml.bind.ContextFinder.newInstance(ContextFinder.java:139) at javax.xml.bind.ContextFinder.find(ContextFinder.java:313) at javax.xml.bind.JAXBContext.newInstance(JAXBContext.java:427) at javax.xml.bind.JAXBContext.newInstance(JAXBContext.java:390) at javax.xml.bind.JAXBContext.newInstance(JAXBContext.java:281) at org.jboss.as.test.integration.jaxb.JAXBUsageServlet.doGet(JAXBUsageServlet.java:50) at javax.servlet.http.HttpServlet.service(HttpServlet.java:687) at javax.servlet.http.HttpServlet.service(HttpServlet.java:790) at io.undertow.servlet.handlers.ServletHandler.handleRequest(ServletHandler.java:85) at io.undertow.servlet.handlers.security.ServletSecurityRoleHandler.handleRequest(ServletSecurityRoleHandler.java:62) at io.undertow.servlet.handlers.ServletDispatchingHandler.handleRequest(ServletDispatchingHandler.java:36) at org.wildfly.extension.undertow.security.SecurityContextAssociationHandler.handleRequest(SecurityContextAssociationHandler.java:78) at io.undertow.server.handlers.PredicateHandler.handleRequest(PredicateHandler.java:43) at io.undertow.servlet.handlers.security.SSLInformationAssociationHandler.handleRequest(SSLInformationAssociationHandler.java:131) at io.undertow.servlet.handlers.security.ServletAuthenticationCallHandler.handleRequest(ServletAuthenticationCallHandler.java:57) at io.undertow.server.handlers.PredicateHandler.handleRequest(PredicateHandler.java:43) at io.undertow.security.handlers.AbstractConfidentialityHandler.handleRequest(AbstractConfidentialityHandler.java:46) at io.undertow.servlet.handlers.security.ServletConfidentialityConstraintHandler.handleRequest(ServletConfidentialityConstraintHandler.java:64) at io.undertow.security.handlers.AuthenticationMechanismsHandler.handleRequest(AuthenticationMechanismsHandler.java:60) at io.undertow.servlet.handlers.security.CachedAuthenticatedSessionHandler.handleRequest(CachedAuthenticatedSessionHandler.java:77) at io.undertow.security.handlers.NotificationReceiverHandler.handleRequest(NotificationReceiverHandler.java:50) at io.undertow.security.handlers.AbstractSecurityContextAssociationHandler.handleRequest(AbstractSecurityContextAssociationHandler.java:43) at io.undertow.server.handlers.PredicateHandler.handleRequest(PredicateHandler.java:43) at org.wildfly.extension.undertow.security.jacc.JACCContextIdHandler.handleRequest(JACCContextIdHandler.java:61) at io.undertow.server.handlers.PredicateHandler.handleRequest(PredicateHandler.java:43) at io.undertow.server.handlers.PredicateHandler.handleRequest(PredicateHandler.java:43) at io.undertow.servlet.handlers.ServletInitialHandler.handleFirstRequest(ServletInitialHandler.java:285) at io.undertow.servlet.handlers.ServletInitialHandler.dispatchRequest(ServletInitialHandler.java:264) at io.undertow.servlet.handlers.ServletInitialHandler.access$000(ServletInitialHandler.java:81) at io.undertow.servlet.handlers.ServletInitialHandler$1$1.run(ServletInitialHandler.java:181) at java.security.AccessController.doPrivileged(Native Method) at io.undertow.servlet.handlers.ServletInitialHandler$1.handleRequest(ServletInitialHandler.java:178) at io.undertow.server.Connectors.executeRootHandler(Connectors.java:202) at io.undertow.server.HttpServerExchange$1.run(HttpServerExchange.java:792) at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1142) at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:617) at java.lang.Thread.run(Thread.java:745) {noformat} > JAXBUsageTestCase fails with security manager with security manager enabled > --------------------------------------------------------------------------- > > Key: WFLY-6192 > URL: https://issues.jboss.org/browse/WFLY-6192 > Project: WildFly > Issue Type: Bug > Components: Test Suite > Reporter: Hynek Švábek > Assignee: Ivo Studensky > > *org.jboss.as.test.integration.jaxb.unit.JAXBUsageTestCase#testJAXBServlet* > {{./integration-tests.sh -fae -Dmaven.test.failure.ignore=true -DfailIfNoTests=false -Dsecurity.manager -Dts.basic -Dts.noSmoke -Dtest=org.jboss.as.test.integration.jaxb.unit.JAXBUsageTestCase#testJAXBServlet}} > Fails with: > {code} > ERROR [io.undertow.request] (default task-46) UT005023: Exception handling request to /jaxb-webapp//jaxbServlet: java.security.AccessControlException: WFSM000001: Permission check failed (permission "("java.lang.RuntimePermission" "getClassLoader")" in code source "(vfs:/content/jaxb-webapp.war/WEB-INF/classes <no signer certificates>)" of "null") > at org.wildfly.security.manager.WildFlySecurityManager.checkPermission(WildFlySecurityManager.java:273) > at org.wildfly.security.manager.WildFlySecurityManager.checkPermission(WildFlySecurityManager.java:175) > at java.lang.Thread.getContextClassLoader(Thread.java:500) > at javax.xml.bind.JAXBContext.newInstance(JAXBContext.java:279) > at org.jboss.as.test.integration.jaxb.JAXBUsageServlet.doGet(JAXBUsageServlet.java:50) > at javax.servlet.http.HttpServlet.service(HttpServlet.java:687) > at javax.servlet.http.HttpServlet.service(HttpServlet.java:790) > at io.undertow.servlet.handlers.ServletHandler.handleRequest(ServletHandler.java:85) > at io.undertow.servlet.handlers.security.ServletSecurityRoleHandler.handleRequest(ServletSecurityRoleHandler.java:62) > at io.undertow.servlet.handlers.ServletDispatchingHandler.handleRequest(ServletDispatchingHandler.java:36) > at org.wildfly.extension.undertow.security.SecurityContextAssociationHandler.handleRequest(SecurityContextAssociationHandler.java:78) > at io.undertow.server.handlers.PredicateHandler.handleRequest(PredicateHandler.java:43) > at io.undertow.servlet.handlers.security.SSLInformationAssociationHandler.handleRequest(SSLInformationAssociationHandler.java:131) > at io.undertow.servlet.handlers.security.ServletAuthenticationCallHandler.handleRequest(ServletAuthenticationCallHandler.java:57) > at io.undertow.server.handlers.PredicateHandler.handleRequest(PredicateHandler.java:43) > at io.undertow.security.handlers.AbstractConfidentialityHandler.handleRequest(AbstractConfidentialityHandler.java:46) > at io.undertow.servlet.handlers.security.ServletConfidentialityConstraintHandler.handleRequest(ServletConfidentialityConstraintHandler.java:64) > at io.undertow.security.handlers.AuthenticationMechanismsHandler.handleRequest(AuthenticationMechanismsHandler.java:60) > at io.undertow.servlet.handlers.security.CachedAuthenticatedSessionHandler.handleRequest(CachedAuthenticatedSessionHandler.java:77) > at io.undertow.security.handlers.NotificationReceiverHandler.handleRequest(NotificationReceiverHandler.java:50) > at io.undertow.security.handlers.AbstractSecurityContextAssociationHandler.handleRequest(AbstractSecurityContextAssociationHandler.java:43) > at io.undertow.server.handlers.PredicateHandler.handleRequest(PredicateHandler.java:43) > at org.wildfly.extension.undertow.security.jacc.JACCContextIdHandler.handleRequest(JACCContextIdHandler.java:61) > at io.undertow.server.handlers.PredicateHandler.handleRequest(PredicateHandler.java:43) > at io.undertow.server.handlers.PredicateHandler.handleRequest(PredicateHandler.java:43) > at io.undertow.servlet.handlers.ServletInitialHandler.handleFirstRequest(ServletInitialHandler.java:284) > at io.undertow.servlet.handlers.ServletInitialHandler.dispatchRequest(ServletInitialHandler.java:263) > at io.undertow.servlet.handlers.ServletInitialHandler.access$000(ServletInitialHandler.java:81) > at io.undertow.servlet.handlers.ServletInitialHandler$1$1.run(ServletInitialHandler.java:180) > at java.security.AccessController.doPrivileged(AccessController.java:650) > at io.undertow.servlet.handlers.ServletInitialHandler$1.handleRequest(ServletInitialHandler.java:177) > at io.undertow.server.Connectors.executeRootHandler(Connectors.java:202) > at io.undertow.server.HttpServerExchange$1.run(HttpServerExchange.java:793) > at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1153) > at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:628) > at java.lang.Thread.run(Thread.java:785) > {code} -- This message was sent by Atlassian JIRA (v6.4.11#64026)

7 years, 11 months

1
0
0 / 0

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

2012

2011

2010

2009

2008

2007

2006

jboss-jira May 2016