[jboss-jira] [JBoss JIRA] (WFLY-12081) (Intermittent) stuck start with secmgr after enabling Elytron JACC for undertow/application-security-domain
Darran Lofthouse (Jira)
issues at jboss.org
Wed May 15 11:02:02 EDT 2019
[ https://issues.jboss.org/browse/WFLY-12081?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13733897#comment-13733897 ]
Darran Lofthouse commented on WFLY-12081:
-----------------------------------------
Looking at thread dumps this call appears to be holding the lock the remaining threads are waiting for: -
{noformat}
"ServerService Thread Pool -- 49" #76 prio=5 os_prio=0 tid=0x000055e918afb800 nid=0x4bb7 in Object.wait() [0x00007fe43b1bd000]
java.lang.Thread.State: RUNNABLE
at java.lang.invoke.MethodHandleImpl.bindCaller(MethodHandleImpl.java:1117)
at java.lang.invoke.MethodHandles$Lookup.maybeBindCaller(MethodHandles.java:1681)
at java.lang.invoke.MethodHandles$Lookup.getDirectMethodCommon(MethodHandles.java:1669)
at java.lang.invoke.MethodHandles$Lookup.getDirectMethodNoSecurityManager(MethodHandles.java:1617)
at java.lang.invoke.MethodHandles$Lookup.getDirectMethodForConstant(MethodHandles.java:1802)
at java.lang.invoke.MethodHandles$Lookup.linkMethodHandleConstant(MethodHandles.java:1751)
at java.lang.invoke.MethodHandleNatives.linkMethodHandleConstant(MethodHandleNatives.java:477)
at org.wildfly.security.auth.server.SecurityDomain.getCurrent(SecurityDomain.java:170)
at org.wildfly.extension.elytron.PolicyDefinitions$5$1$$Lambda$435/1196173473.run(Unknown Source)
at org.wildfly.extension.elytron.SecurityActions.doPrivileged(SecurityActions.java:35)
at org.wildfly.extension.elytron.PolicyDefinitions$5$1.getContext(PolicyDefinitions.java:363)
at javax.security.jacc.PolicyContext.getContext(PolicyContext.java:105)
at org.wildfly.security.authz.jacc.JaccDelegatingPolicy.getCurrentSecurityIdentity(JaccDelegatingPolicy.java:157)
at org.wildfly.security.authz.jacc.JaccDelegatingPolicy.impliesIdentityPermission(JaccDelegatingPolicy.java:151)
at org.wildfly.security.authz.jacc.JaccDelegatingPolicy.implies(JaccDelegatingPolicy.java:109)
at java.security.ProtectionDomain.implies(ProtectionDomain.java:279)
at org.wildfly.security.manager.WildFlySecurityManager.findAccessDenial(WildFlySecurityManager.java:220)
at org.wildfly.security.manager.WildFlySecurityManager.checkPermission(WildFlySecurityManager.java:292)
at org.wildfly.security.manager.WildFlySecurityManager.checkPermission(WildFlySecurityManager.java:191)
at sun.net.www.protocol.jar.JarFileFactory.getCachedJarFile(JarFileFactory.java:131)
at sun.net.www.protocol.jar.JarFileFactory.get(JarFileFactory.java:81)
- locked <0x00000000e0e51240> (a sun.net.www.protocol.jar.JarFileFactory)
at sun.net.www.protocol.jar.JarURLConnection.connect(JarURLConnection.java:122)
at org.jboss.modules.GetURLConnectionAction.run(GetURLConnectionAction.java:37)
{noformat}
> (Intermittent) stuck start with secmgr after enabling Elytron JACC for undertow/application-security-domain
> -----------------------------------------------------------------------------------------------------------
>
> Key: WFLY-12081
> URL: https://issues.jboss.org/browse/WFLY-12081
> Project: WildFly
> Issue Type: Bug
> Components: Security
> Affects Versions: 17.0.0.Beta1
> Reporter: Ondrej Kotek
> Assignee: Darran Lofthouse
> Priority: Blocker
>
> After enabling JACC on {{undertow/application-security-domain=other}}, the server can get stuck when starting with Security Manager turned on. It stops responding and cannot be terminated by Ctrl-C.
> After disabling JACC, or when starting without Security Manager, the server starts as expected.
> This behaviour blocks customers that uses JACC with Security Manager.
--
This message was sent by Atlassian Jira
(v7.12.1#712002)
More information about the jboss-jira
mailing list