[JBoss JIRA] (WFLY-10928) Clean up licenses xml/html discrepancies between galleon and legacy build
by Brian Stansberry (JIRA)
Brian Stansberry created WFLY-10928:
---------------------------------------
Summary: Clean up licenses xml/html discrepancies between galleon and legacy build
Key: WFLY-10928
URL: https://issues.jboss.org/browse/WFLY-10928
Project: WildFly
Issue Type: Task
Components: Build System
Reporter: Brian Stansberry
Assignee: Yeray Borges
Fix For: 14.0.0.CR1
A diff of the legacy build vs the galleon build shows some discrepancies. Please investigate in case any of these are problems, particularly with the galleon build.
I'm unconcerned with minor presentation differences.
An expected difference is the legacy build has entries for the legacy f-ps while the galleon build has entries for the galleon f-ps. That's normal and fine.
Most important goal is to use the comparison as a way to find and correct things in the galleon build that would cause productization delays.
[~aloubyansky] FYI.
--
This message was sent by Atlassian JIRA
(v7.5.0#75005)
7 years, 10 months
[JBoss JIRA] (WFLY-10240) WS scripts throws AccessControlException when secmgr is used
by Kabir Khan (JIRA)
[ https://issues.jboss.org/browse/WFLY-10240?page=com.atlassian.jira.plugin... ]
Kabir Khan edited comment on WFLY-10240 at 8/25/18 4:17 AM:
------------------------------------------------------------
It seems that in WF11 (which effectively was 7.1.0) the wsconsume script gives no treatment to the SECMGR environment variable and -secmgr parameter in
https://github.com/wildfly/wildfly/blob/11.0.0.Final/feature-pack/src/mai...
This support was added by [~rsearls] in https://github.com/wildfly/wildfly/pull/10695 and https://github.com/wildfly/wildfly/pull/10813. So this 'working' in 7.1 would actually meant these flags have no effect and the security manager was not turned on.
For 6.3 and 6.4 we did not support Java 8. I have checked with [~darranl], and adding doPrivileged blocks in cxf which is the part the call stack under our control would have no effect as it is in a different ProtectionDomain from the sun.tool classes. Having gone through this with him, he agrees this looks like a JDK bug and that a policy file is needed.
Please downgrade this issue, file the Jira bug, and document as a known issue.
[~rsearls] Perhaps find a policy file which grants a smaller set of permissions for the documentation? As granting AllPermissions is effectively the same as running without a SM :)
Finally, I'd like to reemphasize that this are developer tools to generate code to run in the server. If the intent is to stop people from adding 'evil' endpoints for deployment into the server, there is nothing to stop me from opening my IDE and writing something by hand. Securing the code generation tool is not the right level for locking this down, that needs to happen elsewhere. However, it might keep some customers happy, but we have a workaround with the policy file.
was (Author: kabirkhan):
It seems that in WF11 (which effectively was 7.1.0) the wsconsume script gives no treatment to the SECMGR environment variable and -secmgr parameter in
https://github.com/wildfly/wildfly/blob/11.0.0.Final/feature-pack/src/mai...
This support was added by [~rsearls] in https://github.com/wildfly/wildfly/pull/10695 and https://github.com/wildfly/wildfly/pull/10813. So this 'working' in 7.1 would actually meant these flags have no effect and the security manager was not turned on.
For 6.3 and 6.4 we did not support Java 8. I have checked with [~darranl], and adding doPrivileged blocks in cxf which is the part the call stack under our control would have no effect as it is in a different ProtectionDomain from the sun.tool classes. Having gone through this with him, he agrees this looks like a JDK bug and that a policy file is needed.
Please downgrade this issue, file the Jira bug, and document as a known issue.
[~rsearls] Perhaps find a policy file which grants a smaller set of permissions for the documentation? As granting AllPermissions is effectively the same running without a SM :)
Finally, I'd like to reemphasize that this are developer tools to generate code to run in the server. If the intent is to stop people from adding 'evil' endpoints for deployment into the server, there is nothing to stop me from opening my IDE and writing something by hand. Securing the code generation tool is not the right level for locking this down, that needs to happen elsewhere. However, it might keep some customers happy, but we have a workaround with the policy file.
> WS scripts throws AccessControlException when secmgr is used
> ------------------------------------------------------------
>
> Key: WFLY-10240
> URL: https://issues.jboss.org/browse/WFLY-10240
> Project: WildFly
> Issue Type: Bug
> Components: Scripts, Web Services
> Reporter: Marek Kopecký
> Assignee: R Searls
> Priority: Blocker
> Labels: blocker-WF14
>
> WS scripts throws AccessControlException when secmgr is used
> {noformat}
> [mkopecky@dhcp-10-40-5-128 bin]$ java -version
> openjdk version "1.8.0_162"
> OpenJDK Runtime Environment (build 1.8.0_162-b12)
> OpenJDK 64-Bit Server VM (build 25.162-b12, mixed mode)
> [mkopecky@dhcp-10-40-5-128 bin]$ ./wsconsume.sh -secmgr https://raw.githubusercontent.com/jbossws/jbossws-cxf/master/modules/test...
> Could not find log4j.properties or log4j.xml configuration, logging to console.
> Loading FrontEnd jaxws ...
> Loading DataBinding jaxb ...
> wsdl2java -compile -exsh false -d /home/mkopecky/playground/wf/wfly.23/wfly.23/bin/output/tmp5146068 -verbose -classdir /home/mkopecky/playground/wf/wfly.23/wfly.23/bin/output -allowElementReferences https://raw.githubusercontent.com/jbossws/jbossws-cxf/master/modules/test...
> wsdl2java - Apache CXF 3.2.4
> [mkopecky@dhcp-10-40-5-128 bin]$ export SECMGR=true
> [mkopecky@dhcp-10-40-5-128 bin]$ ./wsconsume.sh -secmgr https://raw.githubusercontent.com/jbossws/jbossws-cxf/master/modules/test...
> Could not find log4j.properties or log4j.xml configuration, logging to console.
> Loading FrontEnd jaxws ...
> Loading DataBinding jaxb ...
> wsdl2java -compile -exsh false -d /home/mkopecky/playground/wf/wfly.23/wfly.23/bin/output/tmp4759967 -verbose -classdir /home/mkopecky/playground/wf/wfly.23/wfly.23/bin/output -allowElementReferences https://raw.githubusercontent.com/jbossws/jbossws-cxf/master/modules/test...
> wsdl2java - Apache CXF 3.2.4
> JBWS024002: Failed to invoke org.apache.cxf.tools.wsdlto.WSDLToJava
> org.apache.cxf.tools.common.ToolException: java.security.AccessControlException: WFSM000001: Permission check failed (permission "("java.io.FilePermission" "/home/mkopecky/playground/wf/wfly.23/wfly.23/bin/output/tmp4759967/org/openuri/_2004/_04/helloworld/EndpointInterface.java" "read")" in code source "(file:/usr/lib/jvm/java-1.8.0-openjdk-1.8.0.162-3.b12.fc26.x86_64/lib/tools.jar <no signer certificates>)" of "java.net.FactoryURLClassLoader@e4d2696")
> at org.apache.cxf.tools.wsdlto.WSDLToJavaContainer.execute(WSDLToJavaContainer.java:420)
> at org.apache.cxf.tools.common.toolspec.ToolRunner.runTool(ToolRunner.java:105)
> at org.apache.cxf.tools.wsdlto.WSDLToJava.run(WSDLToJava.java:113)
> at org.jboss.wsf.stack.cxf.tools.CXFConsumerImpl.consume(CXFConsumerImpl.java:313)
> at org.jboss.ws.tools.cmd.WSConsume.importServices(WSConsume.java:298)
> at org.jboss.ws.tools.cmd.WSConsume.mainInternal(WSConsume.java:108)
> at org.jboss.ws.tools.cmd.WSConsume.main(WSConsume.java:96)
> at org.jboss.modules.Module.runMainMethod(Module.java:348)
> at org.jboss.modules.Module.run(Module.java:328)
> at org.jboss.modules.Main.main(Main.java:557)
> Caused by: java.security.AccessControlException: WFSM000001: Permission check failed (permission "("java.io.FilePermission" "/home/mkopecky/playground/wf/wfly.23/wfly.23/bin/output/tmp4759967/org/openuri/_2004/_04/helloworld/EndpointInterface.java" "read")" in code source "(file:/usr/lib/jvm/java-1.8.0-openjdk-1.8.0.162-3.b12.fc26.x86_64/lib/tools.jar <no signer certificates>)" of "java.net.FactoryURLClassLoader@e4d2696")
> at org.wildfly.security.manager.WildFlySecurityManager.checkPermission(WildFlySecurityManager.java:295)
> at org.wildfly.security.manager.WildFlySecurityManager.checkPermission(WildFlySecurityManager.java:192)
> at java.lang.SecurityManager.checkRead(SecurityManager.java:888)
> at org.wildfly.security.manager.WildFlySecurityManager.checkRead(WildFlySecurityManager.java:360)
> at java.io.File.isDirectory(File.java:844)
> at com.sun.tools.javac.file.RegularFileObject.<init>(RegularFileObject.java:69)
> at com.sun.tools.javac.file.RegularFileObject.<init>(RegularFileObject.java:64)
> at com.sun.tools.javac.file.JavacFileManager.getJavaFileObjectsFromFiles(JavacFileManager.java:785)
> at com.sun.tools.javac.file.JavacFileManager.getJavaFileObjectsFromStrings(JavacFileManager.java:185)
> at org.apache.cxf.common.util.Compiler.useJava6Compiler(Compiler.java:202)
> at org.apache.cxf.common.util.Compiler.compileFiles(Compiler.java:141)
> at org.apache.cxf.tools.common.ClassUtils.compile(ClassUtils.java:123)
> at org.apache.cxf.tools.wsdlto.WSDLToJavaContainer.processWsdl(WSDLToJavaContainer.java:303)
> at org.apache.cxf.tools.wsdlto.WSDLToJavaContainer.execute(WSDLToJavaContainer.java:164)
> at org.apache.cxf.tools.wsdlto.WSDLToJavaContainer.execute(WSDLToJavaContainer.java:412)
> ... 9 more
> [mkopecky@dhcp-10-40-5-128 bin]$
> {noformat}
> {noformat}
> [mkopecky@dhcp-10-40-5-128 bin]$ java -version
> openjdk version "1.8.0_162"
> OpenJDK Runtime Environment (build 1.8.0_162-b12)
> OpenJDK 64-Bit Server VM (build 25.162-b12, mixed mode)
> [mkopecky@dhcp-10-40-5-128 bin]$ ./wsprovide.sh -k -c ~/erase13/classes -o out org.jboss.as.testsuite.integration.scripts.test.tools.Echo1Impl
> Could not find log4j.properties or log4j.xml configuration, logging to console.
> java2ws -s /home/mkopecky/playground/wf/wfly.23/wfly.23/bin/out -classdir /home/mkopecky/playground/wf/wfly.23/wfly.23/bin/out -d /home/mkopecky/playground/wf/wfly.23/wfly.23/bin/out -verbose -cp /home/mkopecky/erase13/classes/: -wrapperbean -createxsdimports org.jboss.as.testsuite.integration.scripts.test.tools.Echo1Impl
> java2ws - Apache CXF 3.2.4
> [mkopecky@dhcp-10-40-5-128 bin]$ export SECMGR=true
> [mkopecky@dhcp-10-40-5-128 bin]$ ./wsprovide.sh -k -c ~/erase13/classes -o out org.jboss.as.testsuite.integration.scripts.test.tools.Echo1Impl
> Could not find log4j.properties or log4j.xml configuration, logging to console.
> java2ws -s /home/mkopecky/playground/wf/wfly.23/wfly.23/bin/out -classdir /home/mkopecky/playground/wf/wfly.23/wfly.23/bin/out -d /home/mkopecky/playground/wf/wfly.23/wfly.23/bin/out -verbose -cp /home/mkopecky/erase13/classes/: -wrapperbean -createxsdimports org.jboss.as.testsuite.integration.scripts.test.tools.Echo1Impl
> java2ws - Apache CXF 3.2.4
> java.security.AccessControlException: WFSM000001: Permission check failed (permission "("java.io.FilePermission" "/home/mkopecky/playground/wf/wfly.23/wfly.23/bin/out/org/jboss/as/testsuite/integration/scripts/test/tools/jaxws/EchoPlus1Response.java" "read")" in code source "(file:/usr/lib/jvm/java-1.8.0-openjdk-1.8.0.162-3.b12.fc26.x86_64/lib/tools.jar <no signer certificates>)" of "java.net.FactoryURLClassLoader@29876704")
> at org.wildfly.security.manager.WildFlySecurityManager.checkPermission(WildFlySecurityManager.java:295)
> at org.wildfly.security.manager.WildFlySecurityManager.checkPermission(WildFlySecurityManager.java:192)
> at java.lang.SecurityManager.checkRead(SecurityManager.java:888)
> at org.wildfly.security.manager.WildFlySecurityManager.checkRead(WildFlySecurityManager.java:360)
> at java.io.File.isDirectory(File.java:844)
> at com.sun.tools.javac.file.RegularFileObject.<init>(RegularFileObject.java:69)
> at com.sun.tools.javac.file.RegularFileObject.<init>(RegularFileObject.java:64)
> at com.sun.tools.javac.file.JavacFileManager.getJavaFileObjectsFromFiles(JavacFileManager.java:785)
> at com.sun.tools.javac.file.JavacFileManager.getJavaFileObjectsFromStrings(JavacFileManager.java:185)
> at org.apache.cxf.common.util.Compiler.useJava6Compiler(Compiler.java:202)
> at org.apache.cxf.common.util.Compiler.compileFiles(Compiler.java:141)
> at org.apache.cxf.tools.java2wsdl.generator.wsdl11.BeanGenerator.generateAndCompile(BeanGenerator.java:91)
> at org.apache.cxf.tools.java2wsdl.generator.wsdl11.BeanGenerator.generate(BeanGenerator.java:58)
> at org.apache.cxf.tools.java2wsdl.generator.wsdl11.BeanGenerator.generate(BeanGenerator.java:35)
> at org.apache.cxf.tools.java2wsdl.processor.JavaToWSDLProcessor.generate(JavaToWSDLProcessor.java:156)
> at org.apache.cxf.tools.java2wsdl.processor.JavaToWSDLProcessor.process(JavaToWSDLProcessor.java:118)
> at org.apache.cxf.tools.java2ws.JavaToWSContainer.processWSDL(JavaToWSContainer.java:110)
> at org.apache.cxf.tools.java2ws.JavaToWSContainer.execute(JavaToWSContainer.java:75)
> at org.apache.cxf.tools.common.toolspec.ToolRunner.runTool(ToolRunner.java:105)
> at org.apache.cxf.tools.common.toolspec.ToolRunner.runTool(ToolRunner.java:45)
> at org.apache.cxf.tools.java2ws.JavaToWS.run(JavaToWS.java:83)
> at org.jboss.wsf.stack.cxf.tools.CXFProviderImpl.provide(CXFProviderImpl.java:200)
> at org.jboss.wsf.stack.cxf.tools.CXFProviderImpl.provide(CXFProviderImpl.java:109)
> at org.jboss.ws.tools.cmd.WSProvide.generate(WSProvide.java:223)
> at org.jboss.ws.tools.cmd.WSProvide.main(WSProvide.java:89)
> at org.jboss.modules.Module.runMainMethod(Module.java:348)
> at org.jboss.modules.Module.run(Module.java:328)
> at org.jboss.modules.Main.main(Main.java:557)
> [mkopecky@dhcp-10-40-5-128 bin]$
> {noformat}
> Second example uses classes from classes.zip file attached in WFLY-10238
> cc: [~jbliznak]
--
This message was sent by Atlassian JIRA
(v7.5.0#75005)
7 years, 10 months