[JBoss JIRA] Created: (JBAS-4154) Get the server to run under a security manager

[JBoss JIRA] Created: (JBAS-6897)...

[JBoss JIRA] Created:...

Scott M Stark (JIRA)

Saturday, 24 February 2007 Sat, 24 Feb '07

11:15 a.m.

Get the server to run under a security manager ---------------------------------------------- Key: JBAS-4154 URL: http://jira.jboss.com/jira/browse/JBAS-4154 Project: JBoss Application Server Issue Type: Task Security Level: Public (Everyone can see) Components: Security Affects Versions: JBossAS-5.0.0.Beta1 Reporter: Scott M Stark Assigned To: Scott M Stark The testsuite tests-security-manager target was failing due to the aop layer not creating classes with correct ProtectionDomains. This is fixed in (JBAOP-368). The next problem is that the server.policy needs to use vfsfile urls for the permission assignments. However, because these are URLs and not URIs, there has to be a URL handler available when the policy is read at bootstrap. Currently a policy entry like: grant codeBase "vfsfile:${jboss.home.dir}/lib/-" { permission java.security.AllPermission; }; fails because the jboss vfsfile URL handler is unknown: policy: Adding policy entry: policy: signedBy null policy: codeBase vfsfile:/tmp/trunk/build/output/jboss-5.0.0.Beta2/lib/- java.security.policy: error adding Entry: java.net.MalformedURLException: unknown protocol: vfsfile policy: -- This message is automatically generated by JIRA. - If you think it was sent incorrectly contact one of the administrators: http://jira.jboss.com/jira/secure/Administrators.jspa - For more information on JIRA, see: http://www.atlassian.com/software/jira

Show replies by date

Dimitris Andreadis (JIRA)

Thursday, 10 July Thu, 10 Jul

3:49 p.m.

New subject: [JBoss JIRA] Updated: (JBAS-4154) Get the server to run under a security manager

[ http://jira.jboss.com/jira/browse/JBAS-4154?page=all ] Dimitris Andreadis updated JBAS-4154: ------------------------------------- Fix Version/s: JBossAS-5.0.0.CR2 As it is now jacc-securitymgr are commented out in the testsuite.

...

Get the server to run under a security manager ---------------------------------------------- Key: JBAS-4154 URL: http://jira.jboss.com/jira/browse/JBAS-4154 Project: JBoss Application Server Issue Type: Task Security Level: Public(Everyone can see) Components: Security Affects Versions: JBossAS-5.0.0.Beta1 Reporter: Scott M Stark Assigned To: Scott M Stark Fix For: JBossAS-5.0.0.CR2 The testsuite tests-security-manager target was failing due to the aop layer not creating classes with correct ProtectionDomains. This is fixed in (JBAOP-368). The next problem is that the server.policy needs to use vfsfile urls for the permission assignments. However, because these are URLs and not URIs, there has to be a URL handler available when the policy is read at bootstrap. Currently a policy entry like: grant codeBase "vfsfile:${jboss.home.dir}/lib/-" { permission java.security.AllPermission; }; fails because the jboss vfsfile URL handler is unknown: policy: Adding policy entry: policy: signedBy null policy: codeBase vfsfile:/tmp/trunk/build/output/jboss-5.0.0.Beta2/lib/- java.security.policy: error adding Entry: java.net.MalformedURLException: unknown protocol: vfsfile policy:

-- This message is automatically generated by JIRA. - If you think it was sent incorrectly contact one of the administrators: http://jira.jboss.com/jira/secure/Administrators.jspa - For more information on JIRA, see: http://www.atlassian.com/software/jira

Dimitris Andreadis (JIRA)

Thursday, 11 September Thu, 11 Sep

1:32 p.m.

New subject: [JBoss JIRA] Updated: (JBAS-4154) Get the server to run under a security manager

[ https://jira.jboss.org/jira/browse/JBAS-4154?page=com.atlassian.jira.plug... ] Dimitris Andreadis updated JBAS-4154: ------------------------------------- Fix Version/s: JBossAS-5.0.0.GA (was: JBossAS-5.0.0.CR2)

...

Get the server to run under a security manager ---------------------------------------------- Key: JBAS-4154 URL: https://jira.jboss.org/jira/browse/JBAS-4154 Project: JBoss Application Server Issue Type: Task Security Level: Public(Everyone can see) Components: Security Affects Versions: JBossAS-5.0.0.Beta1 Reporter: Scott M Stark Assignee: Scott M Stark Fix For: JBossAS-5.0.0.GA The testsuite tests-security-manager target was failing due to the aop layer not creating classes with correct ProtectionDomains. This is fixed in (JBAOP-368). The next problem is that the server.policy needs to use vfsfile urls for the permission assignments. However, because these are URLs and not URIs, there has to be a URL handler available when the policy is read at bootstrap. Currently a policy entry like: grant codeBase "vfsfile:${jboss.home.dir}/lib/-" { permission java.security.AllPermission; }; fails because the jboss vfsfile URL handler is unknown: policy: Adding policy entry: policy: signedBy null policy: codeBase vfsfile:/tmp/trunk/build/output/jboss-5.0.0.Beta2/lib/- java.security.policy: error adding Entry: java.net.MalformedURLException: unknown protocol: vfsfile policy:

-- This message is automatically generated by JIRA. - If you think it was sent incorrectly contact one of the administrators: https://jira.jboss.org/jira/secure/Administrators.jspa - For more information on JIRA, see: http://www.atlassian.com/software/jira

Anil Saldhana (JIRA)

Monday, 3 November Mon, 3 Nov

4:54 p.m.

New subject: [JBoss JIRA] Assigned: (JBAS-4154) Get the server to run under a security manager

[ https://jira.jboss.org/jira/browse/JBAS-4154?page=com.atlassian.jira.plug... ] Anil Saldhana reassigned JBAS-4154: ----------------------------------- Assignee: Anil Saldhana (was: Scott M Stark)

...

Get the server to run under a security manager ---------------------------------------------- Key: JBAS-4154 URL: https://jira.jboss.org/jira/browse/JBAS-4154 Project: JBoss Application Server Issue Type: Task Security Level: Public(Everyone can see) Components: Security Affects Versions: JBossAS-5.0.0.Beta1 Reporter: Scott M Stark Assignee: Anil Saldhana Fix For: JBossAS-5.0.0.GA The testsuite tests-security-manager target was failing due to the aop layer not creating classes with correct ProtectionDomains. This is fixed in (JBAOP-368). The next problem is that the server.policy needs to use vfsfile urls for the permission assignments. However, because these are URLs and not URIs, there has to be a URL handler available when the policy is read at bootstrap. Currently a policy entry like: grant codeBase "vfsfile:${jboss.home.dir}/lib/-" { permission java.security.AllPermission; }; fails because the jboss vfsfile URL handler is unknown: policy: Adding policy entry: policy: signedBy null policy: codeBase vfsfile:/tmp/trunk/build/output/jboss-5.0.0.Beta2/lib/- java.security.policy: error adding Entry: java.net.MalformedURLException: unknown protocol: vfsfile policy:

Anil Saldhana (JIRA)

4:54 p.m.

New subject: [JBoss JIRA] Updated: (JBAS-4154) Get the server to run under a security manager

[ https://jira.jboss.org/jira/browse/JBAS-4154?page=com.atlassian.jira.plug... ] Anil Saldhana updated JBAS-4154: -------------------------------- Priority: Critical (was: Major)

...

Get the server to run under a security manager ---------------------------------------------- Key: JBAS-4154 URL: https://jira.jboss.org/jira/browse/JBAS-4154 Project: JBoss Application Server Issue Type: Task Security Level: Public(Everyone can see) Components: Security Affects Versions: JBossAS-5.0.0.Beta1 Reporter: Scott M Stark Assignee: Anil Saldhana Priority: Critical Fix For: JBossAS-5.0.0.GA The testsuite tests-security-manager target was failing due to the aop layer not creating classes with correct ProtectionDomains. This is fixed in (JBAOP-368). The next problem is that the server.policy needs to use vfsfile urls for the permission assignments. However, because these are URLs and not URIs, there has to be a URL handler available when the policy is read at bootstrap. Currently a policy entry like: grant codeBase "vfsfile:${jboss.home.dir}/lib/-" { permission java.security.AllPermission; }; fails because the jboss vfsfile URL handler is unknown: policy: Adding policy entry: policy: signedBy null policy: codeBase vfsfile:/tmp/trunk/build/output/jboss-5.0.0.Beta2/lib/- java.security.policy: error adding Entry: java.net.MalformedURLException: unknown protocol: vfsfile policy:

Anil Saldhana (JIRA)

Monday, 10 November Mon, 10 Nov

10:37 a.m.

New subject: [JBoss JIRA] Assigned: (JBAS-4154) Get the server to run under a security manager

[ https://jira.jboss.org/jira/browse/JBAS-4154?page=com.atlassian.jira.plug... ] Anil Saldhana reassigned JBAS-4154: ----------------------------------- Assignee: Scott M Stark (was: Anil Saldhana)

...

Get the server to run under a security manager ---------------------------------------------- Key: JBAS-4154 URL: https://jira.jboss.org/jira/browse/JBAS-4154 Project: JBoss Application Server Issue Type: Task Security Level: Public(Everyone can see) Components: Security Affects Versions: JBossAS-5.0.0.Beta1 Reporter: Scott M Stark Assignee: Scott M Stark Priority: Critical Fix For: JBossAS-5.0.0.GA The testsuite tests-security-manager target was failing due to the aop layer not creating classes with correct ProtectionDomains. This is fixed in (JBAOP-368). The next problem is that the server.policy needs to use vfsfile urls for the permission assignments. However, because these are URLs and not URIs, there has to be a URL handler available when the policy is read at bootstrap. Currently a policy entry like: grant codeBase "vfsfile:${jboss.home.dir}/lib/-" { permission java.security.AllPermission; }; fails because the jboss vfsfile URL handler is unknown: policy: Adding policy entry: policy: signedBy null policy: codeBase vfsfile:/tmp/trunk/build/output/jboss-5.0.0.Beta2/lib/- java.security.policy: error adding Entry: java.net.MalformedURLException: unknown protocol: vfsfile policy:

Anil Saldhana (JIRA)

10:43 a.m.

New subject: [JBoss JIRA] Commented: (JBAS-4154) Get the server to run under a security manager

[ https://jira.jboss.org/jira/browse/JBAS-4154?page=com.atlassian.jira.plug... ] Anil Saldhana commented on JBAS-4154: ------------------------------------- I am not interested in injecting any custom policy implementation just to handle vfs urls. We cannot ignore the fact that JDK implementations differ by vendors and also by versions.

...

Get the server to run under a security manager ---------------------------------------------- Key: JBAS-4154 URL: https://jira.jboss.org/jira/browse/JBAS-4154 Project: JBoss Application Server Issue Type: Task Security Level: Public(Everyone can see) Components: Security Affects Versions: JBossAS-5.0.0.Beta1 Reporter: Scott M Stark Assignee: Scott M Stark Priority: Critical Fix For: JBossAS-5.0.0.GA The testsuite tests-security-manager target was failing due to the aop layer not creating classes with correct ProtectionDomains. This is fixed in (JBAOP-368). The next problem is that the server.policy needs to use vfsfile urls for the permission assignments. However, because these are URLs and not URIs, there has to be a URL handler available when the policy is read at bootstrap. Currently a policy entry like: grant codeBase "vfsfile:${jboss.home.dir}/lib/-" { permission java.security.AllPermission; }; fails because the jboss vfsfile URL handler is unknown: policy: Adding policy entry: policy: signedBy null policy: codeBase vfsfile:/tmp/trunk/build/output/jboss-5.0.0.Beta2/lib/- java.security.policy: error adding Entry: java.net.MalformedURLException: unknown protocol: vfsfile policy:

Anil Saldhana (JIRA)

Tuesday, 11 November Tue, 11 Nov

12:37 p.m.

New subject: [JBoss JIRA] Commented: (JBAS-4154) Get the server to run under a security manager

[ https://jira.jboss.org/jira/browse/JBAS-4154?page=com.atlassian.jira.plug... ] Anil Saldhana commented on JBAS-4154: ------------------------------------- "tests-security-manager" has 67 tests "tests-jacc-securitymgr" is probably 50-100. So we are talking something like 100-150 tests that are currently disabled and not running.

...

Get the server to run under a security manager ---------------------------------------------- Key: JBAS-4154 URL: https://jira.jboss.org/jira/browse/JBAS-4154 Project: JBoss Application Server Issue Type: Task Security Level: Public(Everyone can see) Components: Security Affects Versions: JBossAS-5.0.0.Beta1 Reporter: Scott M Stark Assignee: Scott M Stark Priority: Critical Fix For: JBossAS-5.0.0.GA The testsuite tests-security-manager target was failing due to the aop layer not creating classes with correct ProtectionDomains. This is fixed in (JBAOP-368). The next problem is that the server.policy needs to use vfsfile urls for the permission assignments. However, because these are URLs and not URIs, there has to be a URL handler available when the policy is read at bootstrap. Currently a policy entry like: grant codeBase "vfsfile:${jboss.home.dir}/lib/-" { permission java.security.AllPermission; }; fails because the jboss vfsfile URL handler is unknown: policy: Adding policy entry: policy: signedBy null policy: codeBase vfsfile:/tmp/trunk/build/output/jboss-5.0.0.Beta2/lib/- java.security.policy: error adding Entry: java.net.MalformedURLException: unknown protocol: vfsfile policy:

Anil Saldhana (JIRA)

11:36 p.m.

New subject: [JBoss JIRA] Assigned: (JBAS-4154) Get the server to run under a security manager

[ https://jira.jboss.org/jira/browse/JBAS-4154?page=com.atlassian.jira.plug... ] Anil Saldhana reassigned JBAS-4154: ----------------------------------- Assignee: Anil Saldhana (was: Scott M Stark)

...

Get the server to run under a security manager ---------------------------------------------- Key: JBAS-4154 URL: https://jira.jboss.org/jira/browse/JBAS-4154 Project: JBoss Application Server Issue Type: Task Security Level: Public(Everyone can see) Components: Security Affects Versions: JBossAS-5.0.0.Beta1 Reporter: Scott M Stark Assignee: Anil Saldhana Priority: Critical Fix For: JBossAS-5.0.0.GA The testsuite tests-security-manager target was failing due to the aop layer not creating classes with correct ProtectionDomains. This is fixed in (JBAOP-368). The next problem is that the server.policy needs to use vfsfile urls for the permission assignments. However, because these are URLs and not URIs, there has to be a URL handler available when the policy is read at bootstrap. Currently a policy entry like: grant codeBase "vfsfile:${jboss.home.dir}/lib/-" { permission java.security.AllPermission; }; fails because the jboss vfsfile URL handler is unknown: policy: Adding policy entry: policy: signedBy null policy: codeBase vfsfile:/tmp/trunk/build/output/jboss-5.0.0.Beta2/lib/- java.security.policy: error adding Entry: java.net.MalformedURLException: unknown protocol: vfsfile policy:

Anil Saldhana (JIRA)

Wednesday, 12 November Wed, 12 Nov

11:16 a.m.

New subject: [JBoss JIRA] Resolved: (JBAS-4154) Get the server to run under a security manager

[ https://jira.jboss.org/jira/browse/JBAS-4154?page=com.atlassian.jira.plug... ] Anil Saldhana resolved JBAS-4154. --------------------------------- Resolution: Done The server runs under a security manager now. Failing tests go in separate issues.

...

Get the server to run under a security manager ---------------------------------------------- Key: JBAS-4154 URL: https://jira.jboss.org/jira/browse/JBAS-4154 Project: JBoss Application Server Issue Type: Task Security Level: Public(Everyone can see) Components: Security Affects Versions: JBossAS-5.0.0.Beta1 Reporter: Scott M Stark Assignee: Anil Saldhana Priority: Critical Fix For: JBossAS-5.0.0.GA The testsuite tests-security-manager target was failing due to the aop layer not creating classes with correct ProtectionDomains. This is fixed in (JBAOP-368). The next problem is that the server.policy needs to use vfsfile urls for the permission assignments. However, because these are URLs and not URIs, there has to be a URL handler available when the policy is read at bootstrap. Currently a policy entry like: grant codeBase "vfsfile:${jboss.home.dir}/lib/-" { permission java.security.AllPermission; }; fails because the jboss vfsfile URL handler is unknown: policy: Adding policy entry: policy: signedBy null policy: codeBase vfsfile:/tmp/trunk/build/output/jboss-5.0.0.Beta2/lib/- java.security.policy: error adding Entry: java.net.MalformedURLException: unknown protocol: vfsfile policy:

Anil Saldhana (JIRA)

Thursday, 13 November Thu, 13 Nov

12:41 a.m.

New subject: [JBoss JIRA] Reopened: (JBAS-4154) Get the server to run under a security manager

[ https://jira.jboss.org/jira/browse/JBAS-4154?page=com.atlassian.jira.plug... ] Anil Saldhana reopened JBAS-4154: --------------------------------- Lets get the jacc-securitymgr running.

...

Get the server to run under a security manager ---------------------------------------------- Key: JBAS-4154 URL: https://jira.jboss.org/jira/browse/JBAS-4154 Project: JBoss Application Server Issue Type: Task Security Level: Public(Everyone can see) Components: Security Affects Versions: JBossAS-5.0.0.Beta1 Reporter: Scott M Stark Assignee: Anil Saldhana Priority: Critical Fix For: JBossAS-5.0.0.GA The testsuite tests-security-manager target was failing due to the aop layer not creating classes with correct ProtectionDomains. This is fixed in (JBAOP-368). The next problem is that the server.policy needs to use vfsfile urls for the permission assignments. However, because these are URLs and not URIs, there has to be a URL handler available when the policy is read at bootstrap. Currently a policy entry like: grant codeBase "vfsfile:${jboss.home.dir}/lib/-" { permission java.security.AllPermission; }; fails because the jboss vfsfile URL handler is unknown: policy: Adding policy entry: policy: signedBy null policy: codeBase vfsfile:/tmp/trunk/build/output/jboss-5.0.0.Beta2/lib/- java.security.policy: error adding Entry: java.net.MalformedURLException: unknown protocol: vfsfile policy:

Anil Saldhana (JIRA)

10:53 p.m.

New subject: [JBoss JIRA] Closed: (JBAS-4154) Get the server to run under a security manager

[ https://jira.jboss.org/jira/browse/JBAS-4154?page=com.atlassian.jira.plug... ] Anil Saldhana closed JBAS-4154. ------------------------------- Resolution: Done Both the targets are enabled (tests-security-manager and tests-jacc-securitymgr). Currently less than 10 failures.

...

Get the server to run under a security manager ---------------------------------------------- Key: JBAS-4154 URL: https://jira.jboss.org/jira/browse/JBAS-4154 Project: JBoss Application Server Issue Type: Task Security Level: Public(Everyone can see) Components: Security Affects Versions: JBossAS-5.0.0.Beta1 Reporter: Scott M Stark Assignee: Anil Saldhana Priority: Critical Fix For: JBossAS-5.0.0.GA The testsuite tests-security-manager target was failing due to the aop layer not creating classes with correct ProtectionDomains. This is fixed in (JBAOP-368). The next problem is that the server.policy needs to use vfsfile urls for the permission assignments. However, because these are URLs and not URIs, there has to be a URL handler available when the policy is read at bootstrap. Currently a policy entry like: grant codeBase "vfsfile:${jboss.home.dir}/lib/-" { permission java.security.AllPermission; }; fails because the jboss vfsfile URL handler is unknown: policy: Adding policy entry: policy: signedBy null policy: codeBase vfsfile:/tmp/trunk/build/output/jboss-5.0.0.Beta2/lib/- java.security.policy: error adding Entry: java.net.MalformedURLException: unknown protocol: vfsfile policy:

Anil Saldhana (JIRA)

10:55 p.m.

New subject: [JBoss JIRA] Commented: (JBAS-4154) Get the server to run under a security manager

[ https://jira.jboss.org/jira/browse/JBAS-4154?page=com.atlassian.jira.plug... ] Anil Saldhana commented on JBAS-4154: ------------------------------------- Actually, it is 302 tests that got enabled.

...

Get the server to run under a security manager ---------------------------------------------- Key: JBAS-4154 URL: https://jira.jboss.org/jira/browse/JBAS-4154 Project: JBoss Application Server Issue Type: Task Security Level: Public(Everyone can see) Components: Security Affects Versions: JBossAS-5.0.0.Beta1 Reporter: Scott M Stark Assignee: Anil Saldhana Priority: Critical Fix For: JBossAS-5.0.0.GA The testsuite tests-security-manager target was failing due to the aop layer not creating classes with correct ProtectionDomains. This is fixed in (JBAOP-368). The next problem is that the server.policy needs to use vfsfile urls for the permission assignments. However, because these are URLs and not URIs, there has to be a URL handler available when the policy is read at bootstrap. Currently a policy entry like: grant codeBase "vfsfile:${jboss.home.dir}/lib/-" { permission java.security.AllPermission; }; fails because the jboss vfsfile URL handler is unknown: policy: Adding policy entry: policy: signedBy null policy: codeBase vfsfile:/tmp/trunk/build/output/jboss-5.0.0.Beta2/lib/- java.security.policy: error adding Entry: java.net.MalformedURLException: unknown protocol: vfsfile policy:

Anil Saldhana (JIRA)

Wednesday, 26 November Wed, 26 Nov

8:16 p.m.

New subject: [JBoss JIRA] Reopened: (JBAS-4154) Get the server to run under a security manager

[ https://jira.jboss.org/jira/browse/JBAS-4154?page=com.atlassian.jira.plug... ] Anil Saldhana reopened JBAS-4154: --------------------------------- Got to redo the security mgr policy again now that the CodeSource URLs are REAL urls. I am tired of this exercise. Will revisit post GA,

...

Get the server to run under a security manager ---------------------------------------------- Key: JBAS-4154 URL: https://jira.jboss.org/jira/browse/JBAS-4154 Project: JBoss Application Server Issue Type: Task Security Level: Public(Everyone can see) Components: Security Affects Versions: JBossAS-5.0.0.Beta1 Reporter: Scott M Stark Assignee: Anil Saldhana Priority: Critical Fix For: JBossAS-5.0.1.CR1 The testsuite tests-security-manager target was failing due to the aop layer not creating classes with correct ProtectionDomains. This is fixed in (JBAOP-368). The next problem is that the server.policy needs to use vfsfile urls for the permission assignments. However, because these are URLs and not URIs, there has to be a URL handler available when the policy is read at bootstrap. Currently a policy entry like: grant codeBase "vfsfile:${jboss.home.dir}/lib/-" { permission java.security.AllPermission; }; fails because the jboss vfsfile URL handler is unknown: policy: Adding policy entry: policy: signedBy null policy: codeBase vfsfile:/tmp/trunk/build/output/jboss-5.0.0.Beta2/lib/- java.security.policy: error adding Entry: java.net.MalformedURLException: unknown protocol: vfsfile policy:

Anil Saldhana (JIRA)

8:16 p.m.

New subject: [JBoss JIRA] Updated: (JBAS-4154) Get the server to run under a security manager

[ https://jira.jboss.org/jira/browse/JBAS-4154?page=com.atlassian.jira.plug... ] Anil Saldhana updated JBAS-4154: -------------------------------- Fix Version/s: JBossAS-5.0.1.CR1 (was: JBossAS-5.0.0.GA)

...

Get the server to run under a security manager ---------------------------------------------- Key: JBAS-4154 URL: https://jira.jboss.org/jira/browse/JBAS-4154 Project: JBoss Application Server Issue Type: Task Security Level: Public(Everyone can see) Components: Security Affects Versions: JBossAS-5.0.0.Beta1 Reporter: Scott M Stark Assignee: Anil Saldhana Priority: Critical Fix For: JBossAS-5.0.1.CR1 The testsuite tests-security-manager target was failing due to the aop layer not creating classes with correct ProtectionDomains. This is fixed in (JBAOP-368). The next problem is that the server.policy needs to use vfsfile urls for the permission assignments. However, because these are URLs and not URIs, there has to be a URL handler available when the policy is read at bootstrap. Currently a policy entry like: grant codeBase "vfsfile:${jboss.home.dir}/lib/-" { permission java.security.AllPermission; }; fails because the jboss vfsfile URL handler is unknown: policy: Adding policy entry: policy: signedBy null policy: codeBase vfsfile:/tmp/trunk/build/output/jboss-5.0.0.Beta2/lib/- java.security.policy: error adding Entry: java.net.MalformedURLException: unknown protocol: vfsfile policy:

Jason T. Greene (JIRA)

Tuesday, 24 February Tue, 24 Feb

3:37 p.m.

New subject: [JBoss JIRA] Updated: (JBAS-4154) Get the server to run under a security manager

[ https://jira.jboss.org/jira/browse/JBAS-4154?page=com.atlassian.jira.plug... ] Jason T. Greene updated JBAS-4154: ---------------------------------- Fix Version/s: JBossAS-5.1.0.CR1 (was: JBossAS-5.1.0.Beta1) Moving to CR1 since we have less than 2 weeks till Beta. Move the ones back that you actually have plans to do.

...

Get the server to run under a security manager ---------------------------------------------- Key: JBAS-4154 URL: https://jira.jboss.org/jira/browse/JBAS-4154 Project: JBoss Application Server Issue Type: Task Security Level: Public(Everyone can see) Components: Security Affects Versions: JBossAS-5.0.0.Beta1 Reporter: Scott M Stark Assignee: Anil Saldhana Priority: Critical Fix For: JBossAS-5.1.0.CR1 The testsuite tests-security-manager target was failing due to the aop layer not creating classes with correct ProtectionDomains. This is fixed in (JBAOP-368). The next problem is that the server.policy needs to use vfsfile urls for the permission assignments. However, because these are URLs and not URIs, there has to be a URL handler available when the policy is read at bootstrap. Currently a policy entry like: grant codeBase "vfsfile:${jboss.home.dir}/lib/-" { permission java.security.AllPermission; }; fails because the jboss vfsfile URL handler is unknown: policy: Adding policy entry: policy: signedBy null policy: codeBase vfsfile:/tmp/trunk/build/output/jboss-5.0.0.Beta2/lib/- java.security.policy: error adding Entry: java.net.MalformedURLException: unknown protocol: vfsfile policy:

Jason T. Greene (JIRA)

Monday, 13 April Mon, 13 Apr

12:52 p.m.

New subject: [JBoss JIRA] Updated: (JBAS-4154) Get the server to run under a security manager

...

Get the server to run under a security manager ---------------------------------------------- Key: JBAS-4154 URL: https://jira.jboss.org/jira/browse/JBAS-4154 Project: JBoss Application Server Issue Type: Task Security Level: Public(Everyone can see) Components: Security Affects Versions: JBossAS-5.0.0.Beta1 Reporter: Scott M Stark Assignee: Anil Saldhana Priority: Critical Fix For: JBossAS-5.1.0.GA The testsuite tests-security-manager target was failing due to the aop layer not creating classes with correct ProtectionDomains. This is fixed in (JBAOP-368). The next problem is that the server.policy needs to use vfsfile urls for the permission assignments. However, because these are URLs and not URIs, there has to be a URL handler available when the policy is read at bootstrap. Currently a policy entry like: grant codeBase "vfsfile:${jboss.home.dir}/lib/-" { permission java.security.AllPermission; }; fails because the jboss vfsfile URL handler is unknown: policy: Adding policy entry: policy: signedBy null policy: codeBase vfsfile:/tmp/trunk/build/output/jboss-5.0.0.Beta2/lib/- java.security.policy: error adding Entry: java.net.MalformedURLException: unknown protocol: vfsfile policy:

Anil Saldhana (JIRA)

Tuesday, 12 May Tue, 12 May

10:58 a.m.

New subject: [JBoss JIRA] Closed: (JBAS-4154) Get the server to run under a security manager

[ https://jira.jboss.org/jira/browse/JBAS-4154?page=com.atlassian.jira.plug... ] Anil Saldhana closed JBAS-4154. ------------------------------- Resolution: Done

...

Get the server to run under a security manager ---------------------------------------------- Key: JBAS-4154 URL: https://jira.jboss.org/jira/browse/JBAS-4154 Project: JBoss Application Server Issue Type: Task Security Level: Public(Everyone can see) Components: Security Affects Versions: JBossAS-5.0.0.Beta1 Reporter: Scott M Stark Assignee: Anil Saldhana Priority: Critical Fix For: JBossAS-5.1.0.GA The testsuite tests-security-manager target was failing due to the aop layer not creating classes with correct ProtectionDomains. This is fixed in (JBAOP-368). The next problem is that the server.policy needs to use vfsfile urls for the permission assignments. However, because these are URLs and not URIs, there has to be a URL handler available when the policy is read at bootstrap. Currently a policy entry like: grant codeBase "vfsfile:${jboss.home.dir}/lib/-" { permission java.security.AllPermission; }; fails because the jboss vfsfile URL handler is unknown: policy: Adding policy entry: policy: signedBy null policy: codeBase vfsfile:/tmp/trunk/build/output/jboss-5.0.0.Beta2/lib/- java.security.policy: error adding Entry: java.net.MalformedURLException: unknown protocol: vfsfile policy:

5719

days inactive

6527

days old

jboss-jira@lists.jboss.org

Manage subscription

17 comments

4 participants

tags (0)

participants (4)

Anil Saldhana (JIRA)
Dimitris Andreadis (JIRA)
Jason T. Greene (JIRA)
Scott M Stark (JIRA)

2025

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

2012

2011

2010

2009

2008

2007

2006

[JBoss JIRA] Created: (JBAS-4154) Get the server to run under a security manager