[
https://issues.redhat.com/browse/WFLY-13044?page=com.atlassian.jira.plugi...
]
Franco Gimenez updated WFLY-13044:
----------------------------------
Steps to Reproduce:
Make two constraint, one deny access to all resources (with extension pattern and similar
extension like "*\**.html", "*\**.htm", or "*\**.jsp",
"*\**.js") and other allowing access to certain resource like
"/index.html".
Start the application and see the error .
was:
Make two constraint, one deny access to all resources (with extension pattern and similar
extension like "*\**.html", "**.htm", or "**.jsp",
"**.js") and other allowing access to certain resource like
"/index.html".
Start the application and see the error .
WFLYSEC0012 Error in web.xml with similar Patterns
--------------------------------------------------
Key: WFLY-13044
URL:
https://issues.redhat.com/browse/WFLY-13044
Project: WildFly
Issue Type: Bug
Components: Web (Undertow)
Affects Versions: 18.0.0.Final, 18.0.1.Final, 19.0.0.Beta1
Reporter: Franco Gimenez
Assignee: Flavia Rainone
Priority: Major
Attachments: app.zip, image-2020-01-31-10-28-27-872.png, server.log.zip,
web.xml.zip
There are a problem while two constraints are limiting the access to the same resource
with extensión patterns and exact pattern.
In our web.xml we have two constraints. One limiting the access to all resources and
other allowing access to certain files.
This is the web.xml to test the error:
!image-2020-01-31-10-28-27-872.png|thumbnail!
The problem happens when the "*.htm" is evaluated inside of the
jboss-jacc-api_1.5 lib. It tries to match "/index.html" against
"*.htm" pattern, when the implies function returns false, it throws the
exception.
The log is:
{code:java}
2020-01-30 18:44:38,293 INFO [org.wildfly.extension.undertow] (ServerService Thread Pool
-- 77) WFLYUT0021: Registered web context:
'/issue-reproducer-1.0.0.Final-SNAPSHOT' for server 'default-server'
2020-01-30 18:44:38,302 ERROR [org.jboss.msc.service.fail] (MSC service thread 1-2)
MSC000001: Failed to start service
jboss.deployment.unit."issue-reproducer-1.0.0.Final-SNAPSHOT.war".jboss.security.jacc:
org.jboss.msc.service.StartException in service
jboss.deployment.unit."issue-reproducer-1.0.0.Final-SNAPSHOT.war".jboss.security.jacc:
WFLYSEC0012: Unable to start the JaccService service
at org.jboss.as.security.service.JaccService.start(JaccService.java:107)
at
org.jboss.msc.service.ServiceControllerImpl$StartTask.startService(ServiceControllerImpl.java:1739)
at
org.jboss.msc.service.ServiceControllerImpl$StartTask.execute(ServiceControllerImpl.java:1701)
at
org.jboss.msc.service.ServiceControllerImpl$ControllerTask.run(ServiceControllerImpl.java:1559)
at
org.jboss.threads.ContextClassLoaderSavingRunnable.run(ContextClassLoaderSavingRunnable.java:35)
at org.jboss.threads.EnhancedQueueExecutor.safeRun(EnhancedQueueExecutor.java:1982)
at
org.jboss.threads.EnhancedQueueExecutor$ThreadBody.doRunTask(EnhancedQueueExecutor.java:1486)
at
org.jboss.threads.EnhancedQueueExecutor$ThreadBody.run(EnhancedQueueExecutor.java:1377)
at java.lang.Thread.run(Thread.java:745)
Caused by: java.lang.IllegalArgumentException: Invalid exact pattern in URLPatternList
at javax.security.jacc.URLPatternSpec.setURLPatternArray(URLPatternSpec.java:314)
at javax.security.jacc.URLPatternSpec.<init>(URLPatternSpec.java:79)
at
javax.security.jacc.WebResourcePermission.<init>(WebResourcePermission.java:160)
at
org.wildfly.extension.undertow.security.jacc.WarJACCService.createPermissions(WarJACCService.java:287)
at
org.wildfly.extension.undertow.security.jacc.WarJACCService.createPermissions(WarJACCService.java:64)
at org.jboss.as.security.service.JaccService.start(JaccService.java:86)
... 8 more
{code}
I add a test proyect and the complete log in my environment.
With Wildfly 17 there are not error.
--
This message was sent by Atlassian Jira
(v7.13.8#713008)