[jboss-jira] [JBoss JIRA] (WFLY-2222) SecurityExceptions when starting server with signed jars in an exploded app deployment

David Lloyd (JIRA) jira-events at lists.jboss.org
Fri Oct 4 14:40:02 EDT 2013 

    [ https://issues.jboss.org/browse/WFLY-2222?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=12809562#comment-12809562 ] 

David Lloyd commented on WFLY-2222:
-----------------------------------

Can you try the alternative fix in the last commit of https://github.com/dmlloyd/wildfly/tree/WFLY-2222 which hopefully will solve the same problem but without holding the synch over the duration of the doPrivileged?

Thanks.
                
> SecurityExceptions when starting server with signed jars in an exploded app deployment
> --------------------------------------------------------------------------------------
>
>                 Key: WFLY-2222
>                 URL: https://issues.jboss.org/browse/WFLY-2222
>             Project: WildFly
>          Issue Type: Bug
>          Components: Class Loading
>            Reporter: Matt Fluet
>            Assignee: David Lloyd
>            Priority: Critical
>         Attachments: 0001-Fix-ClassLoader-SecurityException-with-jar-certifica.patch
>
>
> This issue is directly related to https://issues.jboss.org/browse/AS7-2724, where signed jars are sometimes throwing a security exception when the server starts up and then classes cannot be loaded out of certain packages (appears to be some sort of a concurrency issue).  
> The fix for that issue was applied to JarFileResourceLoader here:  https://github.com/jboss-modules/jboss-modules/commit/8cf33f5c02c0c4bf6f96d04efa8845762bbc90ae
> However, our application is exploded, so the VFSResourceLoader needs a similar fix.  I will attach a git patch file with the change we're proposing.
> To test the theory, we applied the patch to one server and left another as is as a control...we then left a process running that continually restarted the server for 3 days.  The control server hit the SecurityException problem 5 times, and the patched server didn't show it at all.

--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators
For more information on JIRA, see: http://www.atlassian.com/software/jira

More information about the jboss-jira mailing list