Uploaded image for project: 'JBoss Enterprise Application Platform'
  1. JBoss Enterprise Application Platform
  2. JBEAP-11990

Many org.jboss.as.test.integration.ejb.security.**.* tests fail with security manager

    Details

    • Target Release:
    • Steps to Reproduce:
      Hide
      cd wildfly/testsuite/integration/basic
      mvn clean test -Dtest=org.jboss.as.test.integration.ejb.security.**.* -Dsecurity.manager
      
      Show
      cd wildfly/testsuite/integration/basic mvn clean test -Dtest=org.jboss.as.test.integration.ejb.security.**.* -Dsecurity.manager

      Description

      Many tests in org.jboss.as.test.integration.ejb.security package and subpackages fail or result in error with missing permission "("org.wildfly.security.permission.ElytronPermission" "getSecurityDomain")", e.g.:

      java.security.AccessControlException: WFSM000001: Permission check failed (permission "("org.wildfly.security.permission.ElytronPermission" "getSecurityDomain")" in code source "(vfs:/content/ejb3-security-partial-dd-test.jar <no signer certificates>)" of "ModuleClassLoader for Module "deployment.ejb3-security-partial-dd-test.jar" from Service Module Loader")
      	at org.wildfly.security.manager.WildFlySecurityManager.checkPermission(WildFlySecurityManager.java:278)
      	at org.wildfly.security.manager.WildFlySecurityManager.checkPermission(WildFlySecurityManager.java:175)
      	at org.wildfly.security.auth.server.SecurityDomain.getCurrent(SecurityDomain.java:155)
      ...
      

      Following test cases are affected:

      • AnnotationAuthorizationTestCase
      • EJBInWarDefaultSecurityDomainTestCase
      • LifecycleTestCase
      • MixedSecurityAnnotationAuthorizationTestCase
      • RunAsPrincipalTestCase
      • SecurityDDOverrideTestCase
      • asynchronous.AsynchronousSecurityTestCase
      • callerprincipal.GetCallerPrincipalTestCase
      • missingmethodpermission.*
        • require also RuntimePermission("getClassLoader") and RuntimePermission("setContextClassLoader") permissions
      • rolelink.SecurityRoleLinkTestCase
      • runas.RunAsTestCase
      • singleton.SingletonSecurityTestCase

        Gliffy Diagrams

          Attachments

            Issue Links

              Activity

                People

                • Assignee:
                  soul2zimate Chao Wang
                  Reporter:
                  okotek Ondrej Kotek
                  Tester:
                  Ondrej Kotek
                • Votes:
                  0 Vote for this issue
                  Watchers:
                  2 Start watching this issue

                  Dates

                  • Created:
                    Updated:
                    Resolved: