Loading...

XML

Word

Printable

Type: Bug
Resolution: Done
Priority: Critical
Fix Version/s: 7.3.1.CR1, 7.3.1.GA
Affects Version/s: None
Component/s: Security
Labels:
- regression_test_only

CDW devel_ack:
CDW docs_ack:
CDW pm_ack:
CDW qa_ack:
CDW release:
QE Test Coverage:
-
Target Release:

7.3.z.GA
Workaround:

Workaround Exists
Workaround Description:
Hide

Within the security-manager subsystem the following permission can be defined in the minimum set of permissions applied to all deployments: -

<permission class="java.security.SecurityPermission" name="getProperty.authconfigprovider.factory" />

Alternatively the permission can be added to the permissions.xml within the deployment to grant this permission to the deployment.
Show
Within the security-manager subsystem the following permission can be defined in the minimum set of permissions applied to all deployments: - <permission class="java.security.SecurityPermission" name="getProperty.authconfigprovider.factory" /> Alternatively the permission can be added to the permissions.xml within the deployment to grant this permission to the deployment.
Git Pull Request:
https://github.com/wildfly-security/elytron-web/pull/170

SFDC Cases Counter:
SFDC Cases Open:
SFDC Cases Links:

Without this fix in place deployments could see a message similar to the following logged at DEBUG level: -

2020-02-17 13:17:28,367 DEBUG [org.wildfly.security.access] (default task-1) Permission check failed (permission "("java.security.SecurityPermission" "getProperty.authconfigprovider.factory")" in code source "(vfs:/content
	at org.wildfly.security.manager.WildFlySecurityManager.checkPermission(WildFlySecurityManager.java:303) [wildfly-elytron-security-manager-1.10.4.Final-redhat-00001.jar:1.10.4.Final-redhat-00001]
	at org.wildfly.security.manager.WildFlySecurityManager.checkPermission(WildFlySecurityManager.java:200) [wildfly-elytron-security-manager-1.10.4.Final-redhat-00001.jar:1.10.4.Final-redhat-00001]
	at javax.security.auth.message.config.AuthConfigFactory.checkPermission(AuthConfigFactory.java:166) [jboss-jaspi-api_1.1_spec-2.0.1.Final-redhat-00001.jar:2.0.1.Final-redhat-00001]
	at javax.security.auth.message.config.AuthConfigFactory.getFactory(AuthConfigFactory.java:201) [jboss-jaspi-api_1.1_spec-2.0.1.Final-redhat-00001.jar:2.0.1.Final-redhat-00001]
	at org.wildfly.elytron.web.undertow.server.servlet.ServletSecurityContextImpl.getAuthConfigFactory(ServletSecurityContextImpl.java:119)
	at org.wildfly.elytron.web.undertow.server.servlet.ServletSecurityContextImpl.authenticate(ServletSecurityContextImpl.java:92)

clones

ELYWEB-67 A doPrivileged it required to access the JASPI AuthConfigFactory

Resolved

is incorporated by

JBEAP-18706 (7.3.z) Upgrade elytron-web from 1.6.0.Final to 1.6.1.Final

Closed

Assignee:: Ilia Vassilev

Reporter:: Ilia Vassilev

Votes:: 0 Vote for this issue

Watchers:: 5 Start watching this issue

Created:: 2020/02/17 10:49 AM

Updated:: 2024/08/28 2:55 PM

Resolved:: 2020/02/18 12:51 PM

Details

Description

Attachments

Issue Links

Easy Agile Planning Poker

Activity

People

Dates