[jboss-jira] [JBoss JIRA] (WFLY-4176) ClassLoader permissions bug in org.glassfish.enterprise.concurrent.ContextServiceImpl

James Perkins (JIRA) issues at jboss.org
Thu Dec 11 18:26:30 EST 2014 

James Perkins created WFLY-4176:
-----------------------------------

             Summary: ClassLoader permissions bug in org.glassfish.enterprise.concurrent.ContextServiceImpl
                 Key: WFLY-4176
                 URL: https://issues.jboss.org/browse/WFLY-4176
             Project: WildFly
          Issue Type: Enhancement
          Components: EE
            Reporter: James Perkins
            Assignee: Eduardo Martins


The [{{org.jboss.as.test.integration.ee.concurrent.DefaultContextServiceServletTestCase}}|https://github.com/wildfly/wildfly/blob/master/testsuite/integration/web/src/test/java/org/jboss/as/test/integration/ee/concurrent/DefaultContextServiceServletTestCase.java] fails due to the {{org.glassfish.enterprise.concurrent.ContextServiceImpl.createContextualProxy}} attempting to get a class loader without the proper permissions.

Stack Trace:
{code}
14:53:57,032 ERROR [io.undertow.request] (default task-1) UT005023: Exception handling request to /war-example/simple: java.security.AccessControlException: WFSM000001: Permission check failed (permission "("java.lang.RuntimePermission" "getClassLoader")" in code source "(vfs:/content/war-example.war/WEB-INF/classes <no signer certificates>)" of "null")
	at org.wildfly.security.manager.WildFlySecurityManager.checkPermission(WildFlySecurityManager.java:270)
	at org.wildfly.security.manager.WildFlySecurityManager.checkPermission(WildFlySecurityManager.java:172)
	at java.lang.ClassLoader.checkClassLoaderPermission(ClassLoader.java:1517)
	at java.lang.Class.getClassLoader(Class.java:679)
	at org.glassfish.enterprise.concurrent.ContextServiceImpl.createContextualProxy(ContextServiceImpl.java:137)
	at org.glassfish.enterprise.concurrent.ContextServiceImpl.createContextualProxy(ContextServiceImpl.java:125)
	at org.jboss.as.test.integration.ee.concurrent.DefaultContextServiceTestServlet.doGet(DefaultContextServiceTestServlet.java:58)
	at javax.servlet.http.HttpServlet.service(HttpServlet.java:687)
	at javax.servlet.http.HttpServlet.service(HttpServlet.java:790)
	at io.undertow.servlet.handlers.ServletHandler.handleRequest(ServletHandler.java:86)
	at io.undertow.servlet.handlers.security.ServletSecurityRoleHandler.handleRequest(ServletSecurityRoleHandler.java:62)
	at io.undertow.servlet.handlers.ServletDispatchingHandler.handleRequest(ServletDispatchingHandler.java:36)
	at org.wildfly.extension.undertow.security.SecurityContextAssociationHandler.handleRequest(SecurityContextAssociationHandler.java:78)
	at io.undertow.server.handlers.PredicateHandler.handleRequest(PredicateHandler.java:43)
	at io.undertow.servlet.handlers.security.SSLInformationAssociationHandler.handleRequest(SSLInformationAssociationHandler.java:131)
	at io.undertow.servlet.handlers.security.ServletAuthenticationCallHandler.handleRequest(ServletAuthenticationCallHandler.java:57)
	at io.undertow.server.handlers.PredicateHandler.handleRequest(PredicateHandler.java:43)
	at io.undertow.security.handlers.AbstractConfidentialityHandler.handleRequest(AbstractConfidentialityHandler.java:46)
	at io.undertow.servlet.handlers.security.ServletConfidentialityConstraintHandler.handleRequest(ServletConfidentialityConstraintHandler.java:64)
	at io.undertow.security.handlers.AuthenticationMechanismsHandler.handleRequest(AuthenticationMechanismsHandler.java:58)
	at io.undertow.servlet.handlers.security.CachedAuthenticatedSessionHandler.handleRequest(CachedAuthenticatedSessionHandler.java:70)
	at io.undertow.security.handlers.NotificationReceiverHandler.handleRequest(NotificationReceiverHandler.java:50)
	at io.undertow.security.handlers.SecurityInitialHandler.handleRequest(SecurityInitialHandler.java:76)
	at io.undertow.server.handlers.PredicateHandler.handleRequest(PredicateHandler.java:43)
	at org.wildfly.extension.undertow.security.jacc.JACCContextIdHandler.handleRequest(JACCContextIdHandler.java:61)
	at io.undertow.server.handlers.PredicateHandler.handleRequest(PredicateHandler.java:43)
	at io.undertow.server.handlers.PredicateHandler.handleRequest(PredicateHandler.java:43)
	at io.undertow.servlet.handlers.ServletInitialHandler.handleFirstRequest(ServletInitialHandler.java:261)
	at io.undertow.servlet.handlers.ServletInitialHandler.dispatchRequest(ServletInitialHandler.java:247)
	at io.undertow.servlet.handlers.ServletInitialHandler.access$000(ServletInitialHandler.java:76)
	at io.undertow.servlet.handlers.ServletInitialHandler$1$1.run(ServletInitialHandler.java:172)
	at java.security.AccessController.doPrivileged(Native Method)
	at io.undertow.servlet.handlers.ServletInitialHandler$1.handleRequest(ServletInitialHandler.java:169)
	at io.undertow.server.Connectors.executeRootHandler(Connectors.java:199)
	at io.undertow.server.HttpServerExchange$1.run(HttpServerExchange.java:767)
	at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1142)
	at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:617)
	at java.lang.Thread.run(Thread.java:745)
{code}

The runtime permissions added to the test will need to be removed once this issue is resolved.



--
This message was sent by Atlassian JIRA
(v6.3.11#6341)

More information about the jboss-jira mailing list