[jboss-jira] [JBoss JIRA] Created: (JBAOP-675) AOP weaved code needs to appropriately generate Privileged Blocks
Anil Saldhana (JIRA)
jira-events at lists.jboss.org
Thu Nov 20 02:23:36 EST 2008
AOP weaved code needs to appropriately generate Privileged Blocks
-----------------------------------------------------------------
Key: JBAOP-675
URL: https://jira.jboss.org/jira/browse/JBAOP-675
Project: JBoss AOP
Issue Type: Bug
Security Level: Public (Everyone can see)
Affects Versions: 2.0.0.GA
Reporter: Anil Saldhana
Priority: Blocker
Please generate a SP release asap.
http://www.jboss.com/index.html?module=bb&op=viewtopic&p=4190733
http://www.jboss.com/index.html?module=bb&op=viewtopic&p=4190726
When a pointcut is applied, the aop generated code calls instanceadvisor (and other aop baggage) inducing a security manager "getClassLoader" permission check.
You need to wrap the advisor call in a privileged block.
=================
if(System.getSecurityManager() == null)
//get your advisor
else
{
advisor = AccessController.doPrivileged(new PrivilegedAction<Advisor>(){
public Advisor run()
{
//aop
}
}
}
================================
I will probably be back with more jira issues. So a few SP versions added to your project may not be bad. ;)
--
This message is automatically generated by JIRA.
-
If you think it was sent incorrectly contact one of the administrators: https://jira.jboss.org/jira/secure/Administrators.jspa
-
For more information on JIRA, see: http://www.atlassian.com/software/jira
More information about the jboss-jira
mailing list