[jboss-jira] [JBoss JIRA] (WFLY-8375) Some tests fail with security manager due to lack of permission to read EJB client
Ivo Studensky (JIRA)
issues at jboss.org
Mon May 22 03:55:00 EDT 2017
[ https://issues.jboss.org/browse/WFLY-8375?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Ivo Studensky resolved WFLY-8375.
---------------------------------
Fix Version/s: 11.0.0.Beta1
Resolution: Done
> Some tests fail with security manager due to lack of permission to read EJB client
> ----------------------------------------------------------------------------------
>
> Key: WFLY-8375
> URL: https://issues.jboss.org/browse/WFLY-8375
> Project: WildFly
> Issue Type: Bug
> Components: Test Suite
> Reporter: Jan Tymel
> Assignee: Ivo Studensky
> Fix For: 11.0.0.Beta1
>
>
> *org.jboss.as.test.integration.ejb.injection.ejbref.lookup.EjbRefLookupTestCase#testJBossEjbRefInRest*
> {{./integration-tests.sh -DtestLogToFile=false -Dts.noSmoke -Dts.basic -Dtest=EjbRefLookupTestCase -Dsecurity.manager}}
> fails with:
> {code}
> ERROR [io.undertow.request] (default task-3) UT005023: Exception handling request to /5e692792-50c7-4f07-8881-e7429386c843/rest/second/text: org.jboss.resteasy.spi.UnhandledException: java.security.AccessControlException: WFSM000001: Permission check failed (permission "("java.io.FilePermission" "/home/jtymel/jboss-eap/src/7.1/jboss-eap-7.1.0.DR13/dist/target/jboss-eap-7.1/modules/system/layers/base/org/jboss/ejb-client/main/jboss-ejb-client-4.0.0.Beta16-redhat-1.jar" "read")" in code source "(vfs:/content/5e692792-50c7-4f07-8881-e7429386c843.war/WEB-INF/classes <no signer certificates>)" of "null")
> at org.jboss.resteasy.core.ExceptionHandler.handleApplicationException(ExceptionHandler.java:78)
> at org.jboss.resteasy.core.ExceptionHandler.handleException(ExceptionHandler.java:222)
> at org.jboss.resteasy.core.SynchronousDispatcher.writeException(SynchronousDispatcher.java:175)
> at org.jboss.resteasy.core.SynchronousDispatcher.invoke(SynchronousDispatcher.java:418)
> at org.jboss.resteasy.core.SynchronousDispatcher.invoke(SynchronousDispatcher.java:209)
> at org.jboss.resteasy.plugins.server.servlet.ServletContainerDispatcher.service(ServletContainerDispatcher.java:228)
> at org.jboss.resteasy.plugins.server.servlet.HttpServletDispatcher.service(HttpServletDispatcher.java:56)
> at org.jboss.resteasy.plugins.server.servlet.HttpServletDispatcher.service(HttpServletDispatcher.java:51)
> at javax.servlet.http.HttpServlet.service(HttpServlet.java:790)
> at io.undertow.servlet.handlers.ServletHandler.handleRequest(ServletHandler.java:85)
> at io.undertow.servlet.handlers.security.ServletSecurityRoleHandler.handleRequest(ServletSecurityRoleHandler.java:62)
> at io.undertow.servlet.handlers.ServletDispatchingHandler.handleRequest(ServletDispatchingHandler.java:36)
> at org.wildfly.extension.undertow.security.SecurityContextAssociationHandler.handleRequest(SecurityContextAssociationHandler.java:78)
> at io.undertow.server.handlers.PredicateHandler.handleRequest(PredicateHandler.java:43)
> at io.undertow.servlet.handlers.security.SSLInformationAssociationHandler.handleRequest(SSLInformationAssociationHandler.java:131)
> at io.undertow.servlet.handlers.security.ServletAuthenticationCallHandler.handleRequest(ServletAuthenticationCallHandler.java:57)
> at io.undertow.server.handlers.PredicateHandler.handleRequest(PredicateHandler.java:43)
> at io.undertow.security.handlers.AbstractConfidentialityHandler.handleRequest(AbstractConfidentialityHandler.java:46)
> at io.undertow.servlet.handlers.security.ServletConfidentialityConstraintHandler.handleRequest(ServletConfidentialityConstraintHandler.java:64)
> at io.undertow.security.handlers.AuthenticationMechanismsHandler.handleRequest(AuthenticationMechanismsHandler.java:60)
> at io.undertow.servlet.handlers.security.CachedAuthenticatedSessionHandler.handleRequest(CachedAuthenticatedSessionHandler.java:77)
> at io.undertow.security.handlers.NotificationReceiverHandler.handleRequest(NotificationReceiverHandler.java:50)
> at io.undertow.security.handlers.AbstractSecurityContextAssociationHandler.handleRequest(AbstractSecurityContextAssociationHandler.java:43)
> at io.undertow.server.handlers.PredicateHandler.handleRequest(PredicateHandler.java:43)
> at org.wildfly.extension.undertow.security.jacc.JACCContextIdHandler.handleRequest(JACCContextIdHandler.java:61)
> at io.undertow.server.handlers.PredicateHandler.handleRequest(PredicateHandler.java:43)
> at org.wildfly.extension.undertow.deployment.GlobalRequestControllerHandler.handleRequest(GlobalRequestControllerHandler.java:46)
> at io.undertow.server.handlers.PredicateHandler.handleRequest(PredicateHandler.java:43)
> at io.undertow.servlet.handlers.ServletInitialHandler.handleFirstRequest(ServletInitialHandler.java:292)
> at io.undertow.servlet.handlers.ServletInitialHandler.access$100(ServletInitialHandler.java:81)
> at io.undertow.servlet.handlers.ServletInitialHandler$2.call(ServletInitialHandler.java:138)
> at io.undertow.servlet.handlers.ServletInitialHandler$2.call(ServletInitialHandler.java:135)
> at io.undertow.servlet.core.ServletRequestContextThreadSetupAction$1.call(ServletRequestContextThreadSetupAction.java:48)
> at io.undertow.servlet.core.ContextClassLoaderSetupAction$1.call(ContextClassLoaderSetupAction.java:43)
> at org.wildfly.extension.undertow.security.SecurityContextThreadSetupAction.lambda$create$0(SecurityContextThreadSetupAction.java:105)
> at org.wildfly.extension.undertow.security.SecurityContextThreadSetupAction$$Lambda$762.000000004C0FC080.call(Unknown Source)
> at org.wildfly.extension.undertow.deployment.UndertowDeploymentInfoService$UndertowThreadSetupAction.lambda$create$0(UndertowDeploymentInfoService.java:1704)
> at org.wildfly.extension.undertow.deployment.UndertowDeploymentInfoService$UndertowThreadSetupAction$$Lambda$763.000000004C1943A0.call(Unknown Source)
> at org.wildfly.extension.undertow.deployment.UndertowDeploymentInfoService$UndertowThreadSetupAction.lambda$create$0(UndertowDeploymentInfoService.java:1704)
> at org.wildfly.extension.undertow.deployment.UndertowDeploymentInfoService$UndertowThreadSetupAction$$Lambda$763.000000004C1943A0.call(Unknown Source)
> at org.wildfly.extension.undertow.deployment.UndertowDeploymentInfoService$UndertowThreadSetupAction.lambda$create$0(UndertowDeploymentInfoService.java:1704)
> at org.wildfly.extension.undertow.deployment.UndertowDeploymentInfoService$UndertowThreadSetupAction$$Lambda$763.000000004C1943A0.call(Unknown Source)
> at org.wildfly.extension.undertow.deployment.UndertowDeploymentInfoService$UndertowThreadSetupAction.lambda$create$0(UndertowDeploymentInfoService.java:1704)
> at org.wildfly.extension.undertow.deployment.UndertowDeploymentInfoService$UndertowThreadSetupAction$$Lambda$763.000000004C1943A0.call(Unknown Source)
> at io.undertow.servlet.handlers.ServletInitialHandler.dispatchRequest(ServletInitialHandler.java:272)
> at io.undertow.servlet.handlers.ServletInitialHandler.access$000(ServletInitialHandler.java:81)
> at io.undertow.servlet.handlers.ServletInitialHandler$1$1.run(ServletInitialHandler.java:110)
> at java.security.AccessController.doPrivileged(AccessController.java:650)
> at io.undertow.servlet.handlers.ServletInitialHandler$1.handleRequest(ServletInitialHandler.java:107)
> at io.undertow.server.Connectors.executeRootHandler(Connectors.java:211)
> at io.undertow.server.HttpServerExchange$1.run(HttpServerExchange.java:809)
> at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1153)
> at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:628)
> at java.lang.Thread.run(Thread.java:785)
> Caused by: java.security.AccessControlException: WFSM000001: Permission check failed (permission "("java.io.FilePermission" "/home/jtymel/jboss-eap/src/7.1/jboss-eap-7.1.0.DR13/dist/target/jboss-eap-7.1/modules/system/layers/base/org/jboss/ejb-client/main/jboss-ejb-client-4.0.0.Beta16-redhat-1.jar" "read")" in code source "(vfs:/content/5e692792-50c7-4f07-8881-e7429386c843.war/WEB-INF/classes <no signer certificates>)" of "null")
> at org.wildfly.security.manager.WildFlySecurityManager.checkPermission(WildFlySecurityManager.java:278)
> at org.wildfly.security.manager.WildFlySecurityManager.checkPermission(WildFlySecurityManager.java:175)
> at java.lang.SecurityManager.checkRead(SecurityManager.java:901)
> at org.wildfly.security.manager.WildFlySecurityManager.checkRead(WildFlySecurityManager.java:350)
> at sun.net.www.protocol.jar.JarFileFactory.getCachedJarFile(JarFileFactory.java:158)
> at sun.net.www.protocol.jar.JarFileFactory.get(JarFileFactory.java:102)
> at sun.net.www.protocol.jar.JarURLConnection.connect(JarURLConnection.java:135)
> at sun.net.www.protocol.jar.JarURLConnection.getInputStream(JarURLConnection.java:163)
> at java.net.URL.openStream(URL.java:1057)
> at java.util.ServiceLoader.parse(ServiceLoader.java:315)
> at java.util.ServiceLoader.access$200(ServiceLoader.java:196)
> at java.util.ServiceLoader$LazyIterator.hasNextService(ServiceLoader.java:368)
> at java.util.ServiceLoader$LazyIterator.access$600(ServiceLoader.java:334)
> at java.util.ServiceLoader$LazyIterator$1.run(ServiceLoader.java:407)
> at java.util.ServiceLoader$LazyIterator$1.run(ServiceLoader.java:406)
> at java.security.AccessController.doPrivileged(AccessController.java:620)
> at java.util.ServiceLoader$LazyIterator.hasNext(ServiceLoader.java:409)
> at java.util.ServiceLoader$1.hasNext(ServiceLoader.java:485)
> at org.wildfly.naming.client.WildFlyRootContext.getProviderContext(WildFlyRootContext.java:435)
> at org.wildfly.naming.client.WildFlyRootContext.lookup(WildFlyRootContext.java:130)
> at javax.naming.InitialContext.lookup(InitialContext.java:428)
> at javax.naming.InitialContext.lookup(InitialContext.java:428)
> at org.jboss.as.weld.services.bootstrap.WeldEjbInjectionServices.doLookup(WeldEjbInjectionServices.java:247)
> at org.jboss.as.weld.services.bootstrap.WeldEjbInjectionServices$1.createResource(WeldEjbInjectionServices.java:108)
> at org.jboss.weld.injection.AbstractResourceInjection.getResourceReference(AbstractResourceInjection.java:49)
> at org.jboss.weld.injection.AbstractResourceInjection.injectResourceReference(AbstractResourceInjection.java:63)
> at org.jboss.weld.util.Beans.injectEEFields(Beans.java:331)
> at org.jboss.weld.injection.producer.ResourceInjector$1.proceed(ResourceInjector.java:69)
> at org.jboss.weld.injection.InjectionContextImpl.run(InjectionContextImpl.java:48)
> at org.jboss.weld.injection.producer.ResourceInjector.inject(ResourceInjector.java:72)
> at org.jboss.weld.injection.producer.BasicInjectionTarget.inject(BasicInjectionTarget.java:117)
> at org.jboss.resteasy.cdi.JaxrsInjectionTarget.inject(JaxrsInjectionTarget.java:44)
> at org.jboss.weld.bean.ManagedBean.create(ManagedBean.java:159)
> at org.jboss.weld.context.AbstractContext.get(AbstractContext.java:96)
> at org.jboss.weld.bean.ContextualInstanceStrategy$DefaultContextualInstanceStrategy.get(ContextualInstanceStrategy.java:100)
> at org.jboss.weld.bean.ContextualInstanceStrategy$CachingContextualInstanceStrategy.get(ContextualInstanceStrategy.java:177)
> at org.jboss.weld.bean.ContextualInstance.get(ContextualInstance.java:50)
> at org.jboss.weld.bean.proxy.ContextBeanInstance.getInstance(ContextBeanInstance.java:99)
> at org.jboss.weld.bean.proxy.ProxyMethodHandler.getInstance(ProxyMethodHandler.java:125)
> at org.jboss.as.test.integration.ejb.injection.ejbref.lookup.SecondRestService$Proxy$_$$_WeldClientProxy.getResultXML(Unknown Source)
> at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
> at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:95)
> at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:55)
> at java.lang.reflect.Method.invoke(Method.java:508)
> at org.jboss.resteasy.core.MethodInjectorImpl.invoke(MethodInjectorImpl.java:140)
> at org.jboss.resteasy.core.ResourceMethodInvoker.invokeOnTarget(ResourceMethodInvoker.java:295)
> at org.jboss.resteasy.core.ResourceMethodInvoker.invoke(ResourceMethodInvoker.java:249)
> at org.jboss.resteasy.core.ResourceMethodInvoker.invoke(ResourceMethodInvoker.java:236)
> at org.jboss.resteasy.core.SynchronousDispatcher.invoke(SynchronousDispatcher.java:402)
> ... 50 more
> {code}
> Another affected tests found so far:
> *org.jboss.as.test.integration.ejb.remote.ejbnamespace.EjbNamespaceInvocationTestCase#testDirectLookup*
> {{./integration-tests.sh -DtestLogToFile=false -Dts.noSmoke -Dts.basic -Dtest=EjbNamespaceInvocationTestCase -Dsecurity.manager}}
> *org.jboss.as.test.integration.ejb.security.callerprincipal.GetCallerPrincipalWithNoDefaultSecurityDomainTestCase#testUnauthenticatedNoSecurityDomain*
> {{./integration-tests.sh -DtestLogToFile=false -Dts.noSmoke -Dts.basic -Dtest=GetCallerPrincipalWithNoDefaultSecurityDomainTestCase -Dsecurity.manager}}
> *org.jboss.as.test.multinode.transaction.async.TransactionPropagationTestCase#testRemoteInvocation*
> *org.jboss.as.test.multinode.transaction.async.TransactionPropagationTestCase#testRemoteWithStatusAtRegistry*
> *org.jboss.as.test.multinode.transaction.async.TransactionPropagationTestCase#testRemoteWithStatusAtTransactionManager*
> {{./integration-tests.sh -DtestLogToFile=false -Dts.noSmoke -Dts.multinode -Dtest=TransactionPropagationTestCase -Dsecurity.manager}}
--
This message was sent by Atlassian JIRA
(v7.2.3#72005)
More information about the jboss-jira
mailing list