[jboss-dev-forums] [Design of Security on JBoss] - Re: JBAS-7049: AccessController permission check throwing NP
anil.saldhana@jboss.com
do-not-reply at jboss.com
Thu Jul 9 17:44:55 EDT 2009
Thanks to DML.
Actually the openjdk7 code is:
| for (int i=0; i< context.length; i++) {
| if (context != null && !context.implies(perm)) {
| if (dumpDebug) {
| debug.println("access denied " + perm);
| }
| if (Debug.isOn("failure") && debug != null) {
| // Want to make sure this is always displayed for failure,
| // but do not want to display again if already displayed
| // above.
| if (!dumpDebug) {
| debug.println("access denied " + perm);
| }
| Thread.currentThread().dumpStack();
| final ProtectionDomain pd = context;
| final Debug db = debug;
| AccessController.doPrivileged (new PrivilegedAction<Void>() {
| public Void run() {
| db.println("domain that failed "+pd);
| return null;
| }
| });
| }
| throw new AccessControlException("access denied "+perm, perm);
| }
| }
Looks like the debug != null check has been added on the if condition in openjdk7.
View the original post : http://www.jboss.org/index.html?module=bb&op=viewtopic&p=4242720#4242720
Reply to the post : http://www.jboss.org/index.html?module=bb&op=posting&mode=reply&p=4242720
More information about the jboss-dev-forums
mailing list