[jboss-jira] [JBoss JIRA] (WFCORE-3042) It is not possible to add new Elytron policy after adding and removing it first
[
https://issues.jboss.org/browse/WFCORE-3042?page=com.atlassian.jira.plugi...
]
Martin Stefanko reassigned WFCORE-3042:
---------------------------------------
Assignee: Martin Stefanko
It is not possible to add new Elytron policy after adding and
removing it first
-------------------------------------------------------------------------------
Key: WFCORE-3042
URL: https://issues.jboss.org/browse/WFCORE-3042
Project: WildFly Core
Issue Type: Bug
Components: Security
Reporter: Jan Kašík
Assignee: Martin Stefanko
Adding new Elytron policy fails if it was previously added and then removed. Next adding
fails [1] and with exception [2] in server.log.
[1]
{code}
[standalone@localhost:9990 /] /subsystem=elytron/policy=jacc:add(jacc-policy=[{name =>
jacc}])
{
"outcome" => "failed",
"response-headers" => {
"operation-requires-reload" => true,
"process-state" => "reload-required"
},
"failure-description" => {"WFLYCTL0080: Failed services" =>
{"org.wildfly.security.policy" => "Failed to start service
Caused by: java.lang.RuntimeException: Failed to set policy
[org.wildfly.security.authz.jacc.JaccDelegatingPolicy@502d9a84]
Caused by: java.lang.SecurityException: ELY03018: Cannot add permissions to a
read-only permission collection"}},
"rolled-back" => true
}
{code}
[2]
{code}
2017-06-29 11:08:35,700 ERROR [org.jboss.msc.service.fail] (MSC service thread 1-4)
MSC000001: Failed to start service org.wildfly.security.policy:
org.jboss.msc.service.StartException in service org.wildfly.security.policy: Failed to
start service
at
org.jboss.msc.service.ServiceControllerImpl$StartTask.run(ServiceControllerImpl.java:1978)
at
java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1142)
at
java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:617)
at java.lang.Thread.run(Thread.java:748)
Caused by: java.lang.RuntimeException: Failed to set policy
[org.wildfly.security.authz.jacc.JaccDelegatingPolicy@502d9a84]
at
org.wildfly.extension.elytron.PolicyDefinitions$1$1.start(PolicyDefinitions.java:177)
at
org.jboss.msc.service.ServiceControllerImpl$StartTask.startService(ServiceControllerImpl.java:2032)
at
org.jboss.msc.service.ServiceControllerImpl$StartTask.run(ServiceControllerImpl.java:1955)
... 3 more
Caused by: java.lang.SecurityException: ELY03018: Cannot add permissions to a read-only
permission collection
at
org.wildfly.security.authz.jacc.JaccDelegatingPolicy$1.add(JaccDelegatingPolicy.java:126)
at java.security.Policy.addStaticPerms(Policy.java:686)
at java.security.Policy.getPermissions(Policy.java:673)
at
org.jboss.security.jacc.DelegatingPolicy.getPermissions(DelegatingPolicy.java:125)
at java.security.Policy.initPolicy(Policy.java:327)
at java.security.Policy.setPolicy(Policy.java:270)
at
org.wildfly.extension.elytron.PolicyDefinitions$1$1.lambda$setPolicyAction$0(PolicyDefinitions.java:201)
at
org.wildfly.extension.elytron.PolicyDefinitions$1$1.setPolicy(PolicyDefinitions.java:195)
at
org.wildfly.extension.elytron.PolicyDefinitions$1$1.start(PolicyDefinitions.java:173)
... 5 more
2017-06-29 11:08:35,701 ERROR [org.jboss.as.controller.management-operation]
(management-handler-thread - 3) WFLYCTL0013: Operation ("add") failed - address:
([
("subsystem" => "elytron"),
("policy" => "jacc")
]) - failure description: {"WFLYCTL0080: Failed services" =>
{"org.wildfly.security.policy" => "Failed to start service
Caused by: java.lang.RuntimeException: Failed to set policy
[org.wildfly.security.authz.jacc.JaccDelegatingPolicy@502d9a84]
Caused by: java.lang.SecurityException: ELY03018: Cannot add permissions to a
read-only permission collection"}}
{code}
--
This message was sent by Atlassian JIRA
(v7.2.3#72005)