[
https://issues.jboss.org/browse/AS7-6684?page=com.atlassian.jira.plugin.s...
]
Remy Maucherat commented on AS7-6684:
-------------------------------------
JSPs have certain features, which need certain permissions to operate, which is why these
permissions are added in the policy. So I don't quite understand what you're
saying.
(BTW, the Jasper source is also in git
https://github.com/undertow-io/jaspertow )
Jasper using wrong ProtectionDomain for compiled JSP
----------------------------------------------------
Key: AS7-6684
URL:
https://issues.jboss.org/browse/AS7-6684
Project: Application Server 7
Issue Type: Bug
Components: Web
Reporter: David Lloyd
Assignee: Remy Maucherat
Fix For: 8.0.0.Alpha1
Compiled JSPs loaded via JasperLoader appear to be using a different ProtectionDomain
than the rest of the WAR deployment. I think it should probably be using a PD which
contains the permissions from the deployment's ClassLoader, and probably the
CodeSource from the deployment unit from which the JSP file originated. This will ensure
that permissions set via deployment descriptor and/or the management model will take
proper effect.
--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators
For more information on JIRA, see:
http://www.atlassian.com/software/jira