[jboss-jira] [JBoss JIRA] (WFLY-11365) Test JSONBTestCase fails with security manager

James Perkins (Jira) issues at jboss.org
Thu Jan 3 14:38:00 EST 2019 

    [ https://issues.jboss.org/browse/WFLY-11365?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13678142#comment-13678142 ] 

James Perkins commented on WFLY-11365:
--------------------------------------

The biggest issue is the file permission would likely need to be an explicit path so with something like an RPM this could be an issue. The other option would be to use the {{<<ALL FILES>>}} permission which is not ideal either.

> Test JSONBTestCase fails with security manager
> ----------------------------------------------
>
>                 Key: WFLY-11365
>                 URL: https://issues.jboss.org/browse/WFLY-11365
>             Project: WildFly
>          Issue Type: Bug
>          Components: EE, Test Suite
>    Affects Versions: 15.0.0.Beta1
>            Reporter: Martin Choma
>            Assignee: Bartosz Baranowski
>            Priority: Major
>              Labels: security-manager
>         Attachments: sm-fix.patch
>
>
> {noformat}
> org.jboss.as.test.integration.json (1)
>     JSONBTestCase.testJsonbServlet
> {noformat}
> {noformat}
> java.security.AccessControlException: WFSM000001: Permission check failed (permission "("java.io.FilePermission" "/store/repository/org/eclipse/yasson/1.0.2/yasson-1.0.2.jar" "read")" in code source "(vfs:/content/jsonb10-test.war/WEB-INF/classes &lt;no signer certificates&gt;)" of "ModuleClassLoader for Module "deployment.jsonb10-test.war" from Service Module Loader")
>  at org.wildfly.security.manager.WildFlySecurityManager.checkPermission(WildFlySecurityManager.java:294)
>  at org.wildfly.security.manager.WildFlySecurityManager.checkPermission(WildFlySecurityManager.java:191)
>  at java.lang.SecurityManager.checkRead(SecurityManager.java:888)
>  at org.wildfly.security.manager.WildFlySecurityManager.checkRead(WildFlySecurityManager.java:359)
>  at java.util.zip.ZipFile.&lt;init&gt;(ZipFile.java:216)
>  at java.util.zip.ZipFile.&lt;init&gt;(ZipFile.java:155)
>  at java.util.jar.JarFile.&lt;init&gt;(JarFile.java:166)
>  at java.util.jar.JarFile.&lt;init&gt;(JarFile.java:103)
>  at sun.net.www.protocol.jar.URLJarFile.&lt;init&gt;(URLJarFile.java:93)
>  at sun.net.www.protocol.jar.URLJarFile.getJarFile(URLJarFile.java:69)
>  at sun.net.www.protocol.jar.JarFileFactory.get(JarFileFactory.java:99)
>  at sun.net.www.protocol.jar.JarURLConnection.connect(JarURLConnection.java:122)
>  at sun.net.www.protocol.jar.JarURLConnection.getInputStream(JarURLConnection.java:152)
>  at java.net.URL.openStream(URL.java:1045)
>  at java.util.ServiceLoader.parse(ServiceLoader.java:304)
>  at java.util.ServiceLoader.access$200(ServiceLoader.java:185)
>  at java.util.ServiceLoader$LazyIterator.hasNextService(ServiceLoader.java:357)
>  at java.util.ServiceLoader$LazyIterator.access$600(ServiceLoader.java:323)
>  at java.util.ServiceLoader$LazyIterator$1.run(ServiceLoader.java:396)
>  at java.util.ServiceLoader$LazyIterator$1.run(ServiceLoader.java:395)
>  at java.security.AccessController.doPrivileged(Native Method)
>  at java.util.ServiceLoader$LazyIterator.hasNext(ServiceLoader.java:398)
>  at java.util.ServiceLoader$1.hasNext(ServiceLoader.java:474)
>  at javax.json.bind.spi.JsonbProvider.provider(JsonbProvider.java:112)
>  at javax.json.bind.JsonbBuilder.create(JsonbBuilder.java:108)
>  at org.jboss.as.test.integration.json.JSONBServlet.doGet(JSONBServlet.java:46)	...
> {noformat}
> Looks to me similar to WFLY-11337
> [1] https://ci.wildfly.org/viewLog.html?buildId=128138&buildTypeId=WF_MasterSecurityManager



--
This message was sent by Atlassian Jira
(v7.12.1#712002)

More information about the jboss-jira mailing list