Uploaded image for project: 'EJB Client Library (AS7+)'
  1. EJB Client Library (AS7+)
  2. EJBCLIENT-539

JBossEJBProperties failing to set appropriate security context

XMLWordPrintable

    • Icon: Bug Bug
    • Resolution: Done
    • Icon: Critical Critical
    • 4.0.56.Final, 5.0.8.Final
    • None
    • None

      org.jboss.ejb.client.legacy.JBossEJBProperties makes a call during class initialization that requires security permissions, without use of an appropriate privileged block.

      It is invalid for a class to do anything during class initialization that depends on the context it's called from, as it is undefined when and where that can occur.

      The call to ContextManager.setGlobalDefaultSupplier needs to be wrapped in a privileged block.

      java.security.AccessControlException: WFSM000001: Permission check failed (permission "("org.wildfly.common.context.ContextPermission" "org.jboss.ejb.client.legacy-properties" "setGlobalDefaultSupplier")" in code source "(vfs:/content/app.ear/app.jar <no signer certificates>)" of "ModuleClassLoader for Module "deployment.app.ear.app.jar" from Service Module Loader")
    at org.wildfly.security.manager.WildFlySecurityManager.checkPermission(WildFlySecurityManager.java:309)
    at org.wildfly.security.manager.WildFlySecurityManager.checkPermission(WildFlySecurityManager.java:201)
    at org.wildfly.common.context.ContextManager.setGlobalDefaultSupplier(ContextManager.java:93)
    at org.jboss.ejb.client.legacy.JBossEJBProperties.<clinit>(JBossEJBProperties.java:123)

              chaowan@redhat.com Chao Wang
              rhn-support-aogburn Aaron Ogburn
              Votes:
              0 Vote for this issue
              Watchers:
              3 Start watching this issue

                Created:
                Updated:
                Resolved: