[jboss-dev-forums] [Design the new POJO MicroContainer] - JBMICROCONT-385 - Privileged actions for GenericBeanFactory.

adrian@jboss.org do-not-reply at jboss.com
Tue Nov 18 09:55:13 EST 2008 

I like the way you create a blocker issue when you haven't even discussed it in the
forums. :-)

It could just as easily have been an aop or ejb3 problem since it is they
that are trying to createBean() and the caller has no rights.

In fact, the initial issue is definetly an MC problem.

It shouldn't be trying to use the TCL at all which is where it is failing. 
The reason it is trying to use it, is because the caller
doesn't have the getClassLoader permission to retrieve the classloader
from the KernelControllerContext.
So that should be in a privileged action.

But equally, I've gone beyond that basic fix, since in my opionion, the
createBean() should run under the privileges of whoever registered the
GenericBeanFactory in the MC.

So I've changed it to do that as well.

This required a change to AbstractKernelControllerContext::getAccessControlContext()
to make it public.

Equally, since that information should be protected against misuse,
I've required the caller to have
new SecurityPermission("getAccessControlContext");

I'm not sure if that is the correct permission or whether this should be
one of the fine grained permissions described on a different thread.

You can find the test(s) for these in
org.jboss.test.kernel.controller.test.GenericBeanFactoryAccessControlTestCase

The first test registers a GenericBeanFactory in a context that
can access the System properties. It shows the constructor
can still do that when you use createBean().
It also tests that createBean() uses the correct classloader (not the TCL).

The second test is similar, except the context registering the GBF
doesn't have the rights to get the system properties.

NOTE: Just because createBean() now restores your privileges from
GBF registration time, that doesn't mean you shouldn't use privilege blocks.
Who knows in what security context somebody will create a GBF for your bean? :-)

View the original post : http://www.jboss.com/index.html?module=bb&op=viewtopic&p=4190149#4190149

Reply to the post : http://www.jboss.com/index.html?module=bb&op=posting&mode=reply&p=4190149

More information about the jboss-dev-forums mailing list