[infinispan-issues] [JBoss JIRA] (ISPN-9165) ManifestUberJarDuplicatedJarsWarner uses FJP without privileged block
David Lloyd (JIRA)
issues at jboss.org
Wed May 16 08:21:00 EDT 2018
David Lloyd created ISPN-9165:
---------------------------------
Summary: ManifestUberJarDuplicatedJarsWarner uses FJP without privileged block
Key: ISPN-9165
URL: https://issues.jboss.org/browse/ISPN-9165
Project: Infinispan
Issue Type: Bug
Components: Core
Affects Versions: 9.2.2.Final
Reporter: David Lloyd
{{ManifestUberJarDuplicatedJarsWarner}} has a method called {{isClasspathCorrectAsync}} which dispatches a task to the fork-join pool. The task loads resources from the Infinispan JAR.
This fails under a security manager. The common FJP executes tasks with no permissions. One of two things must be done:
# Do not use the fork-join pool; find some other async solution which preserves the access control context.
# Capture and propagate the current AccessControlContext when calling {{isClasspathCorrectAsync}}. This can be done by calling {{AccessController.getContext()}} before submitting the task, and then, within the submitted lambda, wrap the call to isClasspathCorrect with a call to {{AccessController.doPrivileged()}} which restores the captured context (by giving it as the second parameter). Note that this will entail a nested lambda or anonymous class.
--
This message was sent by Atlassian JIRA
(v7.5.0#75005)
More information about the infinispan-issues
mailing list