January 2019 - jboss-jira - Jboss List Archives

[JBoss JIRA] (WFLY-11365) Test JSONBTestCase fails with security manager

by Brian Stansberry (Jira)

[ https://issues.jboss.org/browse/WFLY-11365?page=com.atlassian.jira.plugin... ] Brian Stansberry commented on WFLY-11365: ----------------------------------------- Re: upstream, what counts is the project we consume. > Test JSONBTestCase fails with security manager > ---------------------------------------------- > > Key: WFLY-11365 > URL: https://issues.jboss.org/browse/WFLY-11365 > Project: WildFly > Issue Type: Bug > Components: EE, Test Suite > Affects Versions: 15.0.0.Beta1 > Reporter: Martin Choma > Assignee: Bartosz Baranowski > Priority: Major > Labels: security-manager > Attachments: sm-fix.patch > > > {noformat} > org.jboss.as.test.integration.json (1) > JSONBTestCase.testJsonbServlet > {noformat} > {noformat} > java.security.AccessControlException: WFSM000001: Permission check failed (permission "("java.io.FilePermission" "/store/repository/org/eclipse/yasson/1.0.2/yasson-1.0.2.jar" "read")" in code source "(vfs:/content/jsonb10-test.war/WEB-INF/classes <no signer certificates>)" of "ModuleClassLoader for Module "deployment.jsonb10-test.war" from Service Module Loader") > at org.wildfly.security.manager.WildFlySecurityManager.checkPermission(WildFlySecurityManager.java:294) > at org.wildfly.security.manager.WildFlySecurityManager.checkPermission(WildFlySecurityManager.java:191) > at java.lang.SecurityManager.checkRead(SecurityManager.java:888) > at org.wildfly.security.manager.WildFlySecurityManager.checkRead(WildFlySecurityManager.java:359) > at java.util.zip.ZipFile.<init>(ZipFile.java:216) > at java.util.zip.ZipFile.<init>(ZipFile.java:155) > at java.util.jar.JarFile.<init>(JarFile.java:166) > at java.util.jar.JarFile.<init>(JarFile.java:103) > at sun.net.www.protocol.jar.URLJarFile.<init>(URLJarFile.java:93) > at sun.net.www.protocol.jar.URLJarFile.getJarFile(URLJarFile.java:69) > at sun.net.www.protocol.jar.JarFileFactory.get(JarFileFactory.java:99) > at sun.net.www.protocol.jar.JarURLConnection.connect(JarURLConnection.java:122) > at sun.net.www.protocol.jar.JarURLConnection.getInputStream(JarURLConnection.java:152) > at java.net.URL.openStream(URL.java:1045) > at java.util.ServiceLoader.parse(ServiceLoader.java:304) > at java.util.ServiceLoader.access$200(ServiceLoader.java:185) > at java.util.ServiceLoader$LazyIterator.hasNextService(ServiceLoader.java:357) > at java.util.ServiceLoader$LazyIterator.access$600(ServiceLoader.java:323) > at java.util.ServiceLoader$LazyIterator$1.run(ServiceLoader.java:396) > at java.util.ServiceLoader$LazyIterator$1.run(ServiceLoader.java:395) > at java.security.AccessController.doPrivileged(Native Method) > at java.util.ServiceLoader$LazyIterator.hasNext(ServiceLoader.java:398) > at java.util.ServiceLoader$1.hasNext(ServiceLoader.java:474) > at javax.json.bind.spi.JsonbProvider.provider(JsonbProvider.java:112) > at javax.json.bind.JsonbBuilder.create(JsonbBuilder.java:108) > at org.jboss.as.test.integration.json.JSONBServlet.doGet(JSONBServlet.java:46) ... > {noformat} > Looks to me similar to WFLY-11337 > [1] https://ci.wildfly.org/viewLog.html?buildId=128138&buildTypeId=WF_MasterS... -- This message was sent by Atlassian Jira (v7.12.1#712002)

5 years, 5 months

1
0
0 / 0

[JBoss JIRA] (WFLY-11365) Test JSONBTestCase fails with security manager

by Brian Stansberry (Jira)

[ https://issues.jboss.org/browse/WFLY-11365?page=com.atlassian.jira.plugin... ] Brian Stansberry updated WFLY-11365: ------------------------------------ Workaround Description: Grant file read permissions to the deployment, e.g. via a permissions.xml file in the deployment as illustrated in https://github.com/wildfly/wildfly/pull/11946. Workaround: Workaround Exists > Test JSONBTestCase fails with security manager > ---------------------------------------------- > > Key: WFLY-11365 > URL: https://issues.jboss.org/browse/WFLY-11365 > Project: WildFly > Issue Type: Bug > Components: EE, Test Suite > Affects Versions: 15.0.0.Beta1 > Reporter: Martin Choma > Assignee: Bartosz Baranowski > Priority: Major > Labels: security-manager > Attachments: sm-fix.patch > > > {noformat} > org.jboss.as.test.integration.json (1) > JSONBTestCase.testJsonbServlet > {noformat} > {noformat} > java.security.AccessControlException: WFSM000001: Permission check failed (permission "("java.io.FilePermission" "/store/repository/org/eclipse/yasson/1.0.2/yasson-1.0.2.jar" "read")" in code source "(vfs:/content/jsonb10-test.war/WEB-INF/classes <no signer certificates>)" of "ModuleClassLoader for Module "deployment.jsonb10-test.war" from Service Module Loader") > at org.wildfly.security.manager.WildFlySecurityManager.checkPermission(WildFlySecurityManager.java:294) > at org.wildfly.security.manager.WildFlySecurityManager.checkPermission(WildFlySecurityManager.java:191) > at java.lang.SecurityManager.checkRead(SecurityManager.java:888) > at org.wildfly.security.manager.WildFlySecurityManager.checkRead(WildFlySecurityManager.java:359) > at java.util.zip.ZipFile.<init>(ZipFile.java:216) > at java.util.zip.ZipFile.<init>(ZipFile.java:155) > at java.util.jar.JarFile.<init>(JarFile.java:166) > at java.util.jar.JarFile.<init>(JarFile.java:103) > at sun.net.www.protocol.jar.URLJarFile.<init>(URLJarFile.java:93) > at sun.net.www.protocol.jar.URLJarFile.getJarFile(URLJarFile.java:69) > at sun.net.www.protocol.jar.JarFileFactory.get(JarFileFactory.java:99) > at sun.net.www.protocol.jar.JarURLConnection.connect(JarURLConnection.java:122) > at sun.net.www.protocol.jar.JarURLConnection.getInputStream(JarURLConnection.java:152) > at java.net.URL.openStream(URL.java:1045) > at java.util.ServiceLoader.parse(ServiceLoader.java:304) > at java.util.ServiceLoader.access$200(ServiceLoader.java:185) > at java.util.ServiceLoader$LazyIterator.hasNextService(ServiceLoader.java:357) > at java.util.ServiceLoader$LazyIterator.access$600(ServiceLoader.java:323) > at java.util.ServiceLoader$LazyIterator$1.run(ServiceLoader.java:396) > at java.util.ServiceLoader$LazyIterator$1.run(ServiceLoader.java:395) > at java.security.AccessController.doPrivileged(Native Method) > at java.util.ServiceLoader$LazyIterator.hasNext(ServiceLoader.java:398) > at java.util.ServiceLoader$1.hasNext(ServiceLoader.java:474) > at javax.json.bind.spi.JsonbProvider.provider(JsonbProvider.java:112) > at javax.json.bind.JsonbBuilder.create(JsonbBuilder.java:108) > at org.jboss.as.test.integration.json.JSONBServlet.doGet(JSONBServlet.java:46) ... > {noformat} > Looks to me similar to WFLY-11337 > [1] https://ci.wildfly.org/viewLog.html?buildId=128138&buildTypeId=WF_MasterS... -- This message was sent by Atlassian Jira (v7.12.1#712002)

5 years, 5 months

1
0
0 / 0

[JBoss JIRA] (WFLY-11365) Test JSONBTestCase fails with security manager

by Brian Stansberry (Jira)

[ https://issues.jboss.org/browse/WFLY-11365?page=com.atlassian.jira.plugin... ] Brian Stansberry commented on WFLY-11365: ----------------------------------------- Let's not fork. It should be fixed upstream; until that happens the user can give their app the needed permissions, via permissions.xml (e.g. https://github.com/wildfly/wildfly/pull/11946) or via the security-manager subsystem. > Test JSONBTestCase fails with security manager > ---------------------------------------------- > > Key: WFLY-11365 > URL: https://issues.jboss.org/browse/WFLY-11365 > Project: WildFly > Issue Type: Bug > Components: EE, Test Suite > Affects Versions: 15.0.0.Beta1 > Reporter: Martin Choma > Assignee: Bartosz Baranowski > Priority: Major > Labels: security-manager > Attachments: sm-fix.patch > > > {noformat} > org.jboss.as.test.integration.json (1) > JSONBTestCase.testJsonbServlet > {noformat} > {noformat} > java.security.AccessControlException: WFSM000001: Permission check failed (permission "("java.io.FilePermission" "/store/repository/org/eclipse/yasson/1.0.2/yasson-1.0.2.jar" "read")" in code source "(vfs:/content/jsonb10-test.war/WEB-INF/classes <no signer certificates>)" of "ModuleClassLoader for Module "deployment.jsonb10-test.war" from Service Module Loader") > at org.wildfly.security.manager.WildFlySecurityManager.checkPermission(WildFlySecurityManager.java:294) > at org.wildfly.security.manager.WildFlySecurityManager.checkPermission(WildFlySecurityManager.java:191) > at java.lang.SecurityManager.checkRead(SecurityManager.java:888) > at org.wildfly.security.manager.WildFlySecurityManager.checkRead(WildFlySecurityManager.java:359) > at java.util.zip.ZipFile.<init>(ZipFile.java:216) > at java.util.zip.ZipFile.<init>(ZipFile.java:155) > at java.util.jar.JarFile.<init>(JarFile.java:166) > at java.util.jar.JarFile.<init>(JarFile.java:103) > at sun.net.www.protocol.jar.URLJarFile.<init>(URLJarFile.java:93) > at sun.net.www.protocol.jar.URLJarFile.getJarFile(URLJarFile.java:69) > at sun.net.www.protocol.jar.JarFileFactory.get(JarFileFactory.java:99) > at sun.net.www.protocol.jar.JarURLConnection.connect(JarURLConnection.java:122) > at sun.net.www.protocol.jar.JarURLConnection.getInputStream(JarURLConnection.java:152) > at java.net.URL.openStream(URL.java:1045) > at java.util.ServiceLoader.parse(ServiceLoader.java:304) > at java.util.ServiceLoader.access$200(ServiceLoader.java:185) > at java.util.ServiceLoader$LazyIterator.hasNextService(ServiceLoader.java:357) > at java.util.ServiceLoader$LazyIterator.access$600(ServiceLoader.java:323) > at java.util.ServiceLoader$LazyIterator$1.run(ServiceLoader.java:396) > at java.util.ServiceLoader$LazyIterator$1.run(ServiceLoader.java:395) > at java.security.AccessController.doPrivileged(Native Method) > at java.util.ServiceLoader$LazyIterator.hasNext(ServiceLoader.java:398) > at java.util.ServiceLoader$1.hasNext(ServiceLoader.java:474) > at javax.json.bind.spi.JsonbProvider.provider(JsonbProvider.java:112) > at javax.json.bind.JsonbBuilder.create(JsonbBuilder.java:108) > at org.jboss.as.test.integration.json.JSONBServlet.doGet(JSONBServlet.java:46) ... > {noformat} > Looks to me similar to WFLY-11337 > [1] https://ci.wildfly.org/viewLog.html?buildId=128138&buildTypeId=WF_MasterS... -- This message was sent by Atlassian Jira (v7.12.1#712002)

5 years, 5 months

1
0
0 / 0

[JBoss JIRA] (WFLY-10488) Upgrade WildFly HTTP Client to 1.0.13.Final

by Brian Stansberry (Jira)

[ https://issues.jboss.org/browse/WFLY-10488?page=com.atlassian.jira.plugin... ] Brian Stansberry resolved WFLY-10488. ------------------------------------- Fix Version/s: 16.0.0.Beta1 Resolution: Duplicate Issue > Upgrade WildFly HTTP Client to 1.0.13.Final > ------------------------------------------- > > Key: WFLY-10488 > URL: https://issues.jboss.org/browse/WFLY-10488 > Project: WildFly > Issue Type: Component Upgrade > Reporter: David Lloyd > Assignee: Stuart Douglas > Priority: Major > Fix For: 16.0.0.Beta1 > > -- This message was sent by Atlassian Jira (v7.12.1#712002)

5 years, 5 months

1
0
0 / 0

[JBoss JIRA] (WFLY-11363) Test HttpInvocationInContainerTestCase fails with security manager

by Brian Stansberry (Jira)

[ https://issues.jboss.org/browse/WFLY-11363?page=com.atlassian.jira.plugin... ] Brian Stansberry resolved WFLY-11363. ------------------------------------- Fix Version/s: 16.0.0.Beta1 Assignee: Jan Kalina (was: Bartosz Baranowski) Resolution: Done > Test HttpInvocationInContainerTestCase fails with security manager > ------------------------------------------------------------------ > > Key: WFLY-11363 > URL: https://issues.jboss.org/browse/WFLY-11363 > Project: WildFly > Issue Type: Bug > Components: EJB, Test Suite > Affects Versions: 15.0.0.Beta1 > Reporter: Martin Choma > Assignee: Jan Kalina > Priority: Major > Labels: security-manager > Fix For: 16.0.0.Beta1 > > > {noformat} > org.jboss.as.test.integration.ejb.remote.http (1) > HttpInvocationInContainerTestCase.invokeEjb > {noformat} > {noformat} > Caused by: java.security.AccessControlException: WFSM000001: Permission check failed (permission "("java.io.FilePermission" "/store/repository/org/wildfly/wildfly-http-client/wildfly-http-ejb-client/1.0.12.Final/wildfly-http-ejb-client-1.0.12.Final.jar" "read")" in code source "(vfs:/content/http-test.war/WEB-INF/classes <no signer certificates>)" of "ModuleClassLoader for Module "deployment.http-test.war" from Service Module Loader") > at org.wildfly.security.manager.WildFlySecurityManager.checkPermission(WildFlySecurityManager.java:294) > at org.wildfly.security.manager.WildFlySecurityManager.checkPermission(WildFlySecurityManager.java:191) > at java.lang.SecurityManager.checkRead(SecurityManager.java:888) > at org.wildfly.security.manager.WildFlySecurityManager.checkRead(WildFlySecurityManager.java:359) > at java.util.zip.ZipFile.<init>(ZipFile.java:216) > at java.util.zip.ZipFile.<init>(ZipFile.java:155) > at java.util.jar.JarFile.<init>(JarFile.java:166) > at java.util.jar.JarFile.<init>(JarFile.java:103) > at sun.net.www.protocol.jar.URLJarFile.<init>(URLJarFile.java:93) > at sun.net.www.protocol.jar.URLJarFile.getJarFile(URLJarFile.java:69) > at sun.net.www.protocol.jar.JarFileFactory.get(JarFileFactory.java:99) > at sun.net.www.protocol.jar.JarURLConnection.connect(JarURLConnection.java:122) > at sun.net.www.protocol.jar.JarURLConnection.getInputStream(JarURLConnection.java:152) > at java.net.URL.openStream(URL.java:1045) > at java.util.ServiceLoader.parse(ServiceLoader.java:304) > at java.util.ServiceLoader.access$200(ServiceLoader.java:185) > at java.util.ServiceLoader$LazyIterator.hasNextService(ServiceLoader.java:357) > at java.util.ServiceLoader$LazyIterator.access$600(ServiceLoader.java:323) > at java.util.ServiceLoader$LazyIterator$1.run(ServiceLoader.java:396) > at java.util.ServiceLoader$LazyIterator$1.run(ServiceLoader.java:395) > at java.security.AccessController.doPrivileged(Native Method) > at java.util.ServiceLoader$LazyIterator.hasNext(ServiceLoader.java:398) > at java.util.ServiceLoader$1.hasNext(ServiceLoader.java:474) > at org.wildfly.httpclient.naming.HttpRootContext.<clinit>(HttpRootContext.java:98) > ... 140 more > {noformat} > [1] https://ci.wildfly.org/viewLog.html?buildId=128138&buildTypeId=WF_MasterS... -- This message was sent by Atlassian Jira (v7.12.1#712002)

5 years, 5 months

1
0
0 / 0

[JBoss JIRA] (WFLY-11363) Test HttpInvocationInContainerTestCase fails with security manager

by Brian Stansberry (Jira)

[ https://issues.jboss.org/browse/WFLY-11363?page=com.atlassian.jira.plugin... ] Brian Stansberry commented on WFLY-11363: ----------------------------------------- The WFLY-11528 component upgrade fixed this. > Test HttpInvocationInContainerTestCase fails with security manager > ------------------------------------------------------------------ > > Key: WFLY-11363 > URL: https://issues.jboss.org/browse/WFLY-11363 > Project: WildFly > Issue Type: Bug > Components: EJB, Test Suite > Affects Versions: 15.0.0.Beta1 > Reporter: Martin Choma > Assignee: Bartosz Baranowski > Priority: Major > Labels: security-manager > Fix For: 16.0.0.Beta1 > > > {noformat} > org.jboss.as.test.integration.ejb.remote.http (1) > HttpInvocationInContainerTestCase.invokeEjb > {noformat} > {noformat} > Caused by: java.security.AccessControlException: WFSM000001: Permission check failed (permission "("java.io.FilePermission" "/store/repository/org/wildfly/wildfly-http-client/wildfly-http-ejb-client/1.0.12.Final/wildfly-http-ejb-client-1.0.12.Final.jar" "read")" in code source "(vfs:/content/http-test.war/WEB-INF/classes <no signer certificates>)" of "ModuleClassLoader for Module "deployment.http-test.war" from Service Module Loader") > at org.wildfly.security.manager.WildFlySecurityManager.checkPermission(WildFlySecurityManager.java:294) > at org.wildfly.security.manager.WildFlySecurityManager.checkPermission(WildFlySecurityManager.java:191) > at java.lang.SecurityManager.checkRead(SecurityManager.java:888) > at org.wildfly.security.manager.WildFlySecurityManager.checkRead(WildFlySecurityManager.java:359) > at java.util.zip.ZipFile.<init>(ZipFile.java:216) > at java.util.zip.ZipFile.<init>(ZipFile.java:155) > at java.util.jar.JarFile.<init>(JarFile.java:166) > at java.util.jar.JarFile.<init>(JarFile.java:103) > at sun.net.www.protocol.jar.URLJarFile.<init>(URLJarFile.java:93) > at sun.net.www.protocol.jar.URLJarFile.getJarFile(URLJarFile.java:69) > at sun.net.www.protocol.jar.JarFileFactory.get(JarFileFactory.java:99) > at sun.net.www.protocol.jar.JarURLConnection.connect(JarURLConnection.java:122) > at sun.net.www.protocol.jar.JarURLConnection.getInputStream(JarURLConnection.java:152) > at java.net.URL.openStream(URL.java:1045) > at java.util.ServiceLoader.parse(ServiceLoader.java:304) > at java.util.ServiceLoader.access$200(ServiceLoader.java:185) > at java.util.ServiceLoader$LazyIterator.hasNextService(ServiceLoader.java:357) > at java.util.ServiceLoader$LazyIterator.access$600(ServiceLoader.java:323) > at java.util.ServiceLoader$LazyIterator$1.run(ServiceLoader.java:396) > at java.util.ServiceLoader$LazyIterator$1.run(ServiceLoader.java:395) > at java.security.AccessController.doPrivileged(Native Method) > at java.util.ServiceLoader$LazyIterator.hasNext(ServiceLoader.java:398) > at java.util.ServiceLoader$1.hasNext(ServiceLoader.java:474) > at org.wildfly.httpclient.naming.HttpRootContext.<clinit>(HttpRootContext.java:98) > ... 140 more > {noformat} > [1] https://ci.wildfly.org/viewLog.html?buildId=128138&buildTypeId=WF_MasterS... -- This message was sent by Atlassian Jira (v7.12.1#712002)

5 years, 5 months

1
0
0 / 0

[JBoss JIRA] (WFLY-11363) Test HttpInvocationInContainerTestCase fails with security manager

by Brian Stansberry (Jira)

[ https://issues.jboss.org/browse/WFLY-11363?page=com.atlassian.jira.plugin... ] Brian Stansberry reopened WFLY-11363: ------------------------------------- > Test HttpInvocationInContainerTestCase fails with security manager > ------------------------------------------------------------------ > > Key: WFLY-11363 > URL: https://issues.jboss.org/browse/WFLY-11363 > Project: WildFly > Issue Type: Bug > Components: EJB, Test Suite > Affects Versions: 15.0.0.Beta1 > Reporter: Martin Choma > Assignee: Bartosz Baranowski > Priority: Major > Labels: security-manager > Fix For: 16.0.0.Beta1 > > > {noformat} > org.jboss.as.test.integration.ejb.remote.http (1) > HttpInvocationInContainerTestCase.invokeEjb > {noformat} > {noformat} > Caused by: java.security.AccessControlException: WFSM000001: Permission check failed (permission "("java.io.FilePermission" "/store/repository/org/wildfly/wildfly-http-client/wildfly-http-ejb-client/1.0.12.Final/wildfly-http-ejb-client-1.0.12.Final.jar" "read")" in code source "(vfs:/content/http-test.war/WEB-INF/classes <no signer certificates>)" of "ModuleClassLoader for Module "deployment.http-test.war" from Service Module Loader") > at org.wildfly.security.manager.WildFlySecurityManager.checkPermission(WildFlySecurityManager.java:294) > at org.wildfly.security.manager.WildFlySecurityManager.checkPermission(WildFlySecurityManager.java:191) > at java.lang.SecurityManager.checkRead(SecurityManager.java:888) > at org.wildfly.security.manager.WildFlySecurityManager.checkRead(WildFlySecurityManager.java:359) > at java.util.zip.ZipFile.<init>(ZipFile.java:216) > at java.util.zip.ZipFile.<init>(ZipFile.java:155) > at java.util.jar.JarFile.<init>(JarFile.java:166) > at java.util.jar.JarFile.<init>(JarFile.java:103) > at sun.net.www.protocol.jar.URLJarFile.<init>(URLJarFile.java:93) > at sun.net.www.protocol.jar.URLJarFile.getJarFile(URLJarFile.java:69) > at sun.net.www.protocol.jar.JarFileFactory.get(JarFileFactory.java:99) > at sun.net.www.protocol.jar.JarURLConnection.connect(JarURLConnection.java:122) > at sun.net.www.protocol.jar.JarURLConnection.getInputStream(JarURLConnection.java:152) > at java.net.URL.openStream(URL.java:1045) > at java.util.ServiceLoader.parse(ServiceLoader.java:304) > at java.util.ServiceLoader.access$200(ServiceLoader.java:185) > at java.util.ServiceLoader$LazyIterator.hasNextService(ServiceLoader.java:357) > at java.util.ServiceLoader$LazyIterator.access$600(ServiceLoader.java:323) > at java.util.ServiceLoader$LazyIterator$1.run(ServiceLoader.java:396) > at java.util.ServiceLoader$LazyIterator$1.run(ServiceLoader.java:395) > at java.security.AccessController.doPrivileged(Native Method) > at java.util.ServiceLoader$LazyIterator.hasNext(ServiceLoader.java:398) > at java.util.ServiceLoader$1.hasNext(ServiceLoader.java:474) > at org.wildfly.httpclient.naming.HttpRootContext.<clinit>(HttpRootContext.java:98) > ... 140 more > {noformat} > [1] https://ci.wildfly.org/viewLog.html?buildId=128138&buildTypeId=WF_MasterS... -- This message was sent by Atlassian Jira (v7.12.1#712002)

5 years, 5 months

1
0
0 / 0

[JBoss JIRA] (WFLY-11363) Test HttpInvocationInContainerTestCase fails with security manager

by James Perkins (Jira)

[ https://issues.jboss.org/browse/WFLY-11363?page=com.atlassian.jira.plugin... ] James Perkins resolved WFLY-11363. ---------------------------------- Resolution: Cannot Reproduce This seemed to pass for me when running locally with the security manager enabled. > Test HttpInvocationInContainerTestCase fails with security manager > ------------------------------------------------------------------ > > Key: WFLY-11363 > URL: https://issues.jboss.org/browse/WFLY-11363 > Project: WildFly > Issue Type: Bug > Components: EJB, Test Suite > Affects Versions: 15.0.0.Beta1 > Reporter: Martin Choma > Assignee: Bartosz Baranowski > Priority: Major > Labels: security-manager > > {noformat} > org.jboss.as.test.integration.ejb.remote.http (1) > HttpInvocationInContainerTestCase.invokeEjb > {noformat} > {noformat} > Caused by: java.security.AccessControlException: WFSM000001: Permission check failed (permission "("java.io.FilePermission" "/store/repository/org/wildfly/wildfly-http-client/wildfly-http-ejb-client/1.0.12.Final/wildfly-http-ejb-client-1.0.12.Final.jar" "read")" in code source "(vfs:/content/http-test.war/WEB-INF/classes <no signer certificates>)" of "ModuleClassLoader for Module "deployment.http-test.war" from Service Module Loader") > at org.wildfly.security.manager.WildFlySecurityManager.checkPermission(WildFlySecurityManager.java:294) > at org.wildfly.security.manager.WildFlySecurityManager.checkPermission(WildFlySecurityManager.java:191) > at java.lang.SecurityManager.checkRead(SecurityManager.java:888) > at org.wildfly.security.manager.WildFlySecurityManager.checkRead(WildFlySecurityManager.java:359) > at java.util.zip.ZipFile.<init>(ZipFile.java:216) > at java.util.zip.ZipFile.<init>(ZipFile.java:155) > at java.util.jar.JarFile.<init>(JarFile.java:166) > at java.util.jar.JarFile.<init>(JarFile.java:103) > at sun.net.www.protocol.jar.URLJarFile.<init>(URLJarFile.java:93) > at sun.net.www.protocol.jar.URLJarFile.getJarFile(URLJarFile.java:69) > at sun.net.www.protocol.jar.JarFileFactory.get(JarFileFactory.java:99) > at sun.net.www.protocol.jar.JarURLConnection.connect(JarURLConnection.java:122) > at sun.net.www.protocol.jar.JarURLConnection.getInputStream(JarURLConnection.java:152) > at java.net.URL.openStream(URL.java:1045) > at java.util.ServiceLoader.parse(ServiceLoader.java:304) > at java.util.ServiceLoader.access$200(ServiceLoader.java:185) > at java.util.ServiceLoader$LazyIterator.hasNextService(ServiceLoader.java:357) > at java.util.ServiceLoader$LazyIterator.access$600(ServiceLoader.java:323) > at java.util.ServiceLoader$LazyIterator$1.run(ServiceLoader.java:396) > at java.util.ServiceLoader$LazyIterator$1.run(ServiceLoader.java:395) > at java.security.AccessController.doPrivileged(Native Method) > at java.util.ServiceLoader$LazyIterator.hasNext(ServiceLoader.java:398) > at java.util.ServiceLoader$1.hasNext(ServiceLoader.java:474) > at org.wildfly.httpclient.naming.HttpRootContext.<clinit>(HttpRootContext.java:98) > ... 140 more > {noformat} > [1] https://ci.wildfly.org/viewLog.html?buildId=128138&buildTypeId=WF_MasterS... -- This message was sent by Atlassian Jira (v7.12.1#712002)

5 years, 5 months

1
0
0 / 0

[JBoss JIRA] (WFLY-11365) Test JSONBTestCase fails with security manager

by James Perkins (Jira)

[ https://issues.jboss.org/browse/WFLY-11365?page=com.atlassian.jira.plugin... ] James Perkins updated WFLY-11365: --------------------------------- Attachment: sm-fix.patch > Test JSONBTestCase fails with security manager > ---------------------------------------------- > > Key: WFLY-11365 > URL: https://issues.jboss.org/browse/WFLY-11365 > Project: WildFly > Issue Type: Bug > Components: EE, Test Suite > Affects Versions: 15.0.0.Beta1 > Reporter: Martin Choma > Assignee: Bartosz Baranowski > Priority: Major > Labels: security-manager > Attachments: sm-fix.patch > > > {noformat} > org.jboss.as.test.integration.json (1) > JSONBTestCase.testJsonbServlet > {noformat} > {noformat} > java.security.AccessControlException: WFSM000001: Permission check failed (permission "("java.io.FilePermission" "/store/repository/org/eclipse/yasson/1.0.2/yasson-1.0.2.jar" "read")" in code source "(vfs:/content/jsonb10-test.war/WEB-INF/classes <no signer certificates>)" of "ModuleClassLoader for Module "deployment.jsonb10-test.war" from Service Module Loader") > at org.wildfly.security.manager.WildFlySecurityManager.checkPermission(WildFlySecurityManager.java:294) > at org.wildfly.security.manager.WildFlySecurityManager.checkPermission(WildFlySecurityManager.java:191) > at java.lang.SecurityManager.checkRead(SecurityManager.java:888) > at org.wildfly.security.manager.WildFlySecurityManager.checkRead(WildFlySecurityManager.java:359) > at java.util.zip.ZipFile.<init>(ZipFile.java:216) > at java.util.zip.ZipFile.<init>(ZipFile.java:155) > at java.util.jar.JarFile.<init>(JarFile.java:166) > at java.util.jar.JarFile.<init>(JarFile.java:103) > at sun.net.www.protocol.jar.URLJarFile.<init>(URLJarFile.java:93) > at sun.net.www.protocol.jar.URLJarFile.getJarFile(URLJarFile.java:69) > at sun.net.www.protocol.jar.JarFileFactory.get(JarFileFactory.java:99) > at sun.net.www.protocol.jar.JarURLConnection.connect(JarURLConnection.java:122) > at sun.net.www.protocol.jar.JarURLConnection.getInputStream(JarURLConnection.java:152) > at java.net.URL.openStream(URL.java:1045) > at java.util.ServiceLoader.parse(ServiceLoader.java:304) > at java.util.ServiceLoader.access$200(ServiceLoader.java:185) > at java.util.ServiceLoader$LazyIterator.hasNextService(ServiceLoader.java:357) > at java.util.ServiceLoader$LazyIterator.access$600(ServiceLoader.java:323) > at java.util.ServiceLoader$LazyIterator$1.run(ServiceLoader.java:396) > at java.util.ServiceLoader$LazyIterator$1.run(ServiceLoader.java:395) > at java.security.AccessController.doPrivileged(Native Method) > at java.util.ServiceLoader$LazyIterator.hasNext(ServiceLoader.java:398) > at java.util.ServiceLoader$1.hasNext(ServiceLoader.java:474) > at javax.json.bind.spi.JsonbProvider.provider(JsonbProvider.java:112) > at javax.json.bind.JsonbBuilder.create(JsonbBuilder.java:108) > at org.jboss.as.test.integration.json.JSONBServlet.doGet(JSONBServlet.java:46) ... > {noformat} > Looks to me similar to WFLY-11337 > [1] https://ci.wildfly.org/viewLog.html?buildId=128138&buildTypeId=WF_MasterS... -- This message was sent by Atlassian Jira (v7.12.1#712002)

5 years, 5 months

1
0
0 / 0

[JBoss JIRA] (WFLY-11365) Test JSONBTestCase fails with security manager

by James Perkins (Jira)

[ https://issues.jboss.org/browse/WFLY-11365?page=com.atlassian.jira.plugin... ] James Perkins commented on WFLY-11365: -------------------------------------- The fix for this is to wrap the service loading in a privileged block. I've attached a patch, untested, that should resolve the issue. This is going to require the following: * A fork of the spec which includes the fix * A PR submitted for the upstream Java EE 8 API project * A PR submitted for the upstream Jakarta EE 8 API project > Test JSONBTestCase fails with security manager > ---------------------------------------------- > > Key: WFLY-11365 > URL: https://issues.jboss.org/browse/WFLY-11365 > Project: WildFly > Issue Type: Bug > Components: EE, Test Suite > Affects Versions: 15.0.0.Beta1 > Reporter: Martin Choma > Assignee: Bartosz Baranowski > Priority: Major > Labels: security-manager > > {noformat} > org.jboss.as.test.integration.json (1) > JSONBTestCase.testJsonbServlet > {noformat} > {noformat} > java.security.AccessControlException: WFSM000001: Permission check failed (permission "("java.io.FilePermission" "/store/repository/org/eclipse/yasson/1.0.2/yasson-1.0.2.jar" "read")" in code source "(vfs:/content/jsonb10-test.war/WEB-INF/classes <no signer certificates>)" of "ModuleClassLoader for Module "deployment.jsonb10-test.war" from Service Module Loader") > at org.wildfly.security.manager.WildFlySecurityManager.checkPermission(WildFlySecurityManager.java:294) > at org.wildfly.security.manager.WildFlySecurityManager.checkPermission(WildFlySecurityManager.java:191) > at java.lang.SecurityManager.checkRead(SecurityManager.java:888) > at org.wildfly.security.manager.WildFlySecurityManager.checkRead(WildFlySecurityManager.java:359) > at java.util.zip.ZipFile.<init>(ZipFile.java:216) > at java.util.zip.ZipFile.<init>(ZipFile.java:155) > at java.util.jar.JarFile.<init>(JarFile.java:166) > at java.util.jar.JarFile.<init>(JarFile.java:103) > at sun.net.www.protocol.jar.URLJarFile.<init>(URLJarFile.java:93) > at sun.net.www.protocol.jar.URLJarFile.getJarFile(URLJarFile.java:69) > at sun.net.www.protocol.jar.JarFileFactory.get(JarFileFactory.java:99) > at sun.net.www.protocol.jar.JarURLConnection.connect(JarURLConnection.java:122) > at sun.net.www.protocol.jar.JarURLConnection.getInputStream(JarURLConnection.java:152) > at java.net.URL.openStream(URL.java:1045) > at java.util.ServiceLoader.parse(ServiceLoader.java:304) > at java.util.ServiceLoader.access$200(ServiceLoader.java:185) > at java.util.ServiceLoader$LazyIterator.hasNextService(ServiceLoader.java:357) > at java.util.ServiceLoader$LazyIterator.access$600(ServiceLoader.java:323) > at java.util.ServiceLoader$LazyIterator$1.run(ServiceLoader.java:396) > at java.util.ServiceLoader$LazyIterator$1.run(ServiceLoader.java:395) > at java.security.AccessController.doPrivileged(Native Method) > at java.util.ServiceLoader$LazyIterator.hasNext(ServiceLoader.java:398) > at java.util.ServiceLoader$1.hasNext(ServiceLoader.java:474) > at javax.json.bind.spi.JsonbProvider.provider(JsonbProvider.java:112) > at javax.json.bind.JsonbBuilder.create(JsonbBuilder.java:108) > at org.jboss.as.test.integration.json.JSONBServlet.doGet(JSONBServlet.java:46) ... > {noformat} > Looks to me similar to WFLY-11337 > [1] https://ci.wildfly.org/viewLog.html?buildId=128138&buildTypeId=WF_MasterS... -- This message was sent by Atlassian Jira (v7.12.1#712002)

5 years, 5 months

1
0
0 / 0

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

2012

2011

2010

2009

2008

2007

2006

jboss-jira January 2019