JSP in web application doesn't get VFS-based security permissions ----------------------------------------------------------------- Key: WFLY-4864 URL: https://issues.jboss.org/browse/WFLY-4864 Project: WildFly Issue Type: Bug Components: Web (Undertow) Affects Versions: 10.0.0.Alpha4 Reporter: Bartosz Spyrko-Śmietanko Assignee: Tomaz Cerar Fix For: 10.0.0.Alpha6 Attachments: read-props.war, security.policy Permissions granted to web applications (using vfs:/... codebase) are not available in JSPs. After deploying the test app, a call to http://localhost:8080/read-props/ gives following error: Caused by: java.security.AccessControlException: WFSM000001: Permission check failed (permission "("java.util.PropertyPermission" "java.home" "read")" in code source "(file:/Users/spyrkob/workspaces/set/servers/wildfly-10.x/wildfly-10.0.0.Alpha5-SNAPSHOT/standalone/tmp/read-props.war/ <no signer certificates>)" of "org.apache.jasper.servlet.JasperLoader@3cae09bb") at org.wildfly.security.manager.WildFlySecurityManager.checkPermission(WildFlySecurityManager.java:270) at org.wildfly.security.manager.WildFlySecurityManager.checkPropertyAccess(WildFlySecurityManager.java:493) at java.lang.System.getProperty(System.java:714) at org.apache.jsp.index_jsp._jspService(index_jsp.java:95) at org.apache.jasper.runtime.HttpJspBase.service(HttpJspBase.java:70) at javax.servlet.http.HttpServlet.service(HttpServlet.java:790) at org.apache.jasper.servlet.JspServletWrapper.service(JspServletWrapper.java:433) ... 33 more