Uploaded image for project: 'JBoss Enterprise Application Platform'
  1. JBoss Enterprise Application Platform
  2. JBEAP-20605

[QE](7.4.z) Permission check failed (permission "("java.lang.RuntimePermission" "accessClassInPackage.com.sun.jndi.ldap")"

    XMLWordPrintable

Details

    • Bug
    • Resolution: Won't Do
    • Major
    • None
    • 7.4.0.CD21
    • Naming, Security Manager
    • None
    • False
    • False
    • Undefined
    • Workaround Exists
    • Hide

      Add into permission.xml 

          <permission>
        <class-name>java.lang.RuntimePermission</class-name>
        <name>accessClassInPackage.com.sun.jndi.ldap</name>
    </permission>
    <permission>
        <class-name>java.lang.RuntimePermission</class-name>
        <name>accessClassInPackage.com.sun.jndi.ldap.ext</name>
    </permission>
      Show
      Add into permission.xml <permission> < class- name>java.lang.RuntimePermission</ class- name> <name>accessClassInPackage.com.sun.jndi.ldap</name> </permission> <permission> < class- name>java.lang.RuntimePermission</ class- name> <name>accessClassInPackage.com.sun.jndi.ldap.ext</name> </permission>

    Description

      We have test which covers https://issues.jboss.org/browse/JBEAP-2520. We encounter failure running with security manager on jdk11. 

      Output was not as expected. expected:<[GOOD]> but was:<[javax.naming.NamingException: WFLYNAM0027: Failed instantiate InitialContextFactory com.sun.jndi.ldap.LdapCtxFactory from classloader ModuleClassLoader for Module "deployment.38308486-f150-44c1-80c1-7e63b064e0be.war" from Service Module Loader [Root exception is java.security.AccessControlException: WFSM000001: Permission check failed (permission "("java.lang.RuntimePermission" "accessClassInPackage.com.sun.jndi.ldap")" in code source "(vfs:/content/38308486-f150-44c1-80c1-7e63b064e0be.war/WEB-INF/classes <no signer certificates>)" of "ModuleClassLoader for Module "deployment.38308486-f150-44c1-80c1-7e63b064e0be.war" from Service Module Loader")]
 at org.jboss.as.naming@7.4.0.CD21-redhat-00001//org.jboss.as.naming.InitialContext.getDefaultInitCtx(InitialContext.java:120)
 at org.jboss.as.naming@7.4.0.CD21-redhat-00001//org.jboss.as.naming.InitialContext.init(InitialContext.java:101)
 at java.naming/javax.naming.ldap.InitialLdapContext.<init>(InitialLdapContext.java:154)
 at org.jboss.as.naming@7.4.0.CD21-redhat-00001//org.jboss.as.naming.InitialContext.<init>(InitialContext.java:91)
 at org.jboss.as.naming@7.4.0.CD21-redhat-00001//org.jboss.as.naming.InitialContextFactory.getInitialContext(InitialContextFactory.java:43)
 at java.naming/javax.naming.spi.NamingManager.getInitialContext(NamingManager.java:719)
 at java.naming/javax.naming.InitialContext.getDefaultInitCtx(InitialContext.java:305)
 at java.naming/javax.naming.InitialContext.init(InitialContext.java:236)
 at java.naming/javax.naming.ldap.InitialLdapContext.<init>(InitialLdapContext.java:154)
 at deployment.38308486-f150-44c1-80c1-7e63b064e0be.war//org.jboss.eapqe.krbldap.eap7.tests.misc.ComSunJndiLdapExtCheckerServlet.doGet(ComSunJndiLdapExtCheckerServlet.java:85)
 at javax.servlet.api@2.0.0.Final-redhat-00001//javax.servlet.http.HttpServlet.service(HttpServlet.java:503)
 at javax.servlet.api@2.0.0.Final-redhat-00001//javax.servlet.http.HttpServlet.service(HttpServlet.java:590)
 at io.undertow.servlet@2.2.2.Final-redhat-00001//io.undertow.servlet.handlers.ServletHandler.handleRequest(ServletHandler.java:74)
 at io.undertow.servlet@2.2.2.Final-redhat-00001//io.undertow.servlet.handlers.security.ServletSecurityRoleHandler.handleRequest(ServletSecurityRoleHandler.java:62)
 at io.undertow.servlet@2.2.2.Final-redhat-00001//io.undertow.servlet.handlers.ServletChain$1.handleRequest(ServletChain.java:68)
 at io.undertow.servlet@2.2.2.Final-redhat-00001//io.undertow.servlet.handlers.ServletDispatchingHandler.handleRequest(ServletDispatchingHandler.java:36)
 at org.wildfly.extension.undertow@7.4.0.CD21-redhat-00001//org.wildfly.extension.undertow.security.SecurityContextAssociationHandler.handleRequest(SecurityContextAssociationHandler.java:78)
 at io.undertow.core@2.2.2.Final-redhat-00001//io.undertow.server.handlers.PredicateHandler.handleRequest(PredicateHandler.java:43)
 at io.undertow.servlet@2.2.2.Final-redhat-00001//io.undertow.servlet.handlers.RedirectDirHandler.handleRequest(RedirectDirHandler.java:68)
 at io.undertow.servlet@2.2.2.Final-redhat-00001//io.undertow.servlet.handlers.security.SSLInformationAssociationHandler.handleRequest(SSLInformationAssociationHandler.java:132)
 at io.undertow.servlet@2.2.2.Final-redhat-00001//io.undertow.servlet.handlers.security.ServletAuthenticationCallHandler.handleRequest(ServletAuthenticationCallHandler.java:57)
 at io.undertow.core@2.2.2.Final-redhat-00001//io.undertow.server.handlers.PredicateHandler.handleRequest(PredicateHandler.java:43)
 at io.undertow.core@2.2.2.Final-redhat-00001//io.undertow.security.handlers.AbstractConfidentialityHandler.handleRequest(AbstractConfidentialityHandler.java:46)
 at io.undertow.servlet@2.2.2.Final-redhat-00001//io.undertow.servlet.handlers.security.ServletConfidentialityConstraintHandler.handleRequest(ServletConfidentialityConstraintHandler.java:64)
 at io.undertow.core@2.2.2.Final-redhat-00001//io.undertow.security.handlers.AuthenticationMechanismsHandler.handleRequest(AuthenticationMechanismsHandler.java:60)
 at io.undertow.servlet@2.2.2.Final-redhat-00001//io.undertow.servlet.handlers.security.CachedAuthenticatedSessionHandler.handleRequest(CachedAuthenticatedSessionHandler.java:77)
 at io.undertow.core@2.2.2.Final-redhat-00001//io.undertow.security.handlers.NotificationReceiverHandler.handleRequest(NotificationReceiverHandler.java:50)
 at io.undertow.core@2.2.2.Final-redhat-00001//io.undertow.security.handlers.AbstractSecurityContextAssociationHandler.handleRequest(AbstractSecurityContextAssociationHandler.java:43)
 at io.undertow.core@2.2.2.Final-redhat-00001//io.undertow.server.handlers.PredicateHandler.handleRequest(PredicateHandler.java:43)
 at org.wildfly.extension.undertow@7.4.0.CD21-redhat-00001//org.wildfly.extension.undertow.security.jacc.JACCContextIdHandler.handleRequest(JACCContextIdHandler.java:61)
 at io.undertow.core@2.2.2.Final-redhat-00001//io.undertow.server.handlers.PredicateHandler.handleRequest(PredicateHandler.java:43)
 at org.wildfly.extension.undertow@7.4.0.CD21-redhat-00001//org.wildfly.extension.undertow.deployment.GlobalRequestControllerHandler.handleRequest(GlobalRequestControllerHandler.java:68)
 at io.undertow.servlet@2.2.2.Final-redhat-00001//io.undertow.servlet.handlers.SendErrorPageHandler.handleRequest(SendErrorPageHandler.java:52)
 at io.undertow.core@2.2.2.Final-redhat-00001//io.undertow.server.handlers.PredicateHandler.handleRequest(PredicateHandler.java:43)
 at io.undertow.servlet@2.2.2.Final-redhat-00001//io.undertow.servlet.handlers.ServletInitialHandler.handleFirstRequest(ServletInitialHandler.java:269)
 at io.undertow.servlet@2.2.2.Final-redhat-00001//io.undertow.servlet.handlers.ServletInitialHandler.access$100(ServletInitialHandler.java:78)
 at io.undertow.servlet@2.2.2.Final-redhat-00001//io.undertow.servlet.handlers.ServletInitialHandler$2.call(ServletInitialHandler.java:133)
 at io.undertow.servlet@2.2.2.Final-redhat-00001//io.undertow.servlet.handlers.ServletInitialHandler$2.call(ServletInitialHandler.java:130)
 at io.undertow.servlet@2.2.2.Final-redhat-00001//io.undertow.servlet.core.ServletRequestContextThreadSetupAction$1.call(ServletRequestContextThreadSetupAction.java:48)
 at io.undertow.servlet@2.2.2.Final-redhat-00001//io.undertow.servlet.core.ContextClassLoaderSetupAction$1.call(ContextClassLoaderSetupAction.java:43)
 at org.wildfly.extension.undertow@7.4.0.CD21-redhat-00001//org.wildfly.extension.undertow.security.SecurityContextThreadSetupAction.lambda$create$0(SecurityContextThreadSetupAction.java:105)
 at org.wildfly.extension.undertow@7.4.0.CD21-redhat-00001//org.wildfly.extension.undertow.deployment.UndertowDeploymentInfoService$UndertowThreadSetupAction.lambda$create$0(UndertowDeploymentInfoService.java:1530)
 at org.wildfly.extension.undertow@7.4.0.CD21-redhat-00001//org.wildfly.extension.undertow.deployment.UndertowDeploymentInfoService$UndertowThreadSetupAction.lambda$create$0(UndertowDeploymentInfoService.java:1530)
 at org.wildfly.extension.undertow@7.4.0.CD21-redhat-00001//org.wildfly.extension.undertow.deployment.UndertowDeploymentInfoService$UndertowThreadSetupAction.lambda$create$0(UndertowDeploymentInfoService.java:1530)
 at org.wildfly.extension.undertow@7.4.0.CD21-redhat-00001//org.wildfly.extension.undertow.deployment.UndertowDeploymentInfoService$UndertowThreadSetupAction.lambda$create$0(UndertowDeploymentInfoService.java:1530)
 at io.undertow.servlet@2.2.2.Final-redhat-00001//io.undertow.servlet.handlers.ServletInitialHandler.dispatchRequest(ServletInitialHandler.java:249)
 at io.undertow.servlet@2.2.2.Final-redhat-00001//io.undertow.servlet.handlers.ServletInitialHandler.access$000(ServletInitialHandler.java:78)
 at io.undertow.servlet@2.2.2.Final-redhat-00001//io.undertow.servlet.handlers.ServletInitialHandler$1$1.run(ServletInitialHandler.java:105)
 at java.base/java.security.AccessController.doPrivileged(Native Method)
 at io.undertow.servlet@2.2.2.Final-redhat-00001//io.undertow.servlet.handlers.ServletInitialHandler$1.handleRequest(ServletInitialHandler.java:102)
 at io.undertow.core@2.2.2.Final-redhat-00001//io.undertow.server.Connectors.executeRootHandler(Connectors.java:387)
 at io.undertow.core@2.2.2.Final-redhat-00001//io.undertow.server.HttpServerExchange$1.run(HttpServerExchange.java:841)
 at org.jboss.threads@2.4.0.Final-redhat-00001//org.jboss.threads.ContextClassLoaderSavingRunnable.run(ContextClassLoaderSavingRunnable.java:35)
 at org.jboss.threads@2.4.0.Final-redhat-00001//org.jboss.threads.EnhancedQueueExecutor.safeRun(EnhancedQueueExecutor.java:1990)
 at org.jboss.threads@2.4.0.Final-redhat-00001//org.jboss.threads.EnhancedQueueExecutor$ThreadBody.doRunTask(EnhancedQueueExecutor.java:1486)
 at org.jboss.threads@2.4.0.Final-redhat-00001//org.jboss.threads.EnhancedQueueExecutor$ThreadBody.run(EnhancedQueueExecutor.java:1348)
 at org.jboss.xnio@3.8.2.Final-redhat-00001//org.xnio.XnioWorker$WorkerThreadFactory$1$1.run(XnioWorker.java:1280)
 at java.base/java.lang.Thread.run(Thread.java:834)
Caused by: java.security.AccessControlException: WFSM000001: Permission check failed (permission "("java.lang.RuntimePermission" "accessClassInPackage.com.sun.jndi.ldap")" in code source "(vfs:/content/38308486-f150-44c1-80c1-7e63b064e0be.war/WEB-INF/classes <no signer certificates>)" of "ModuleClassLoader for Module "deployment.38308486-f150-44c1-80c1-7e63b064e0be.war" from Service Module Loader")
 at org.wildfly.security.elytron-private@1.13.1.Final-redhat-00001//org.wildfly.security.manager.WildFlySecurityManager.checkPermission(WildFlySecurityManager.java:304)
 at org.wildfly.security.elytron-private@1.13.1.Final-redhat-00001//org.wildfly.security.manager.WildFlySecurityManager.checkPermission(WildFlySecurityManager.java:201)
 at java.base/java.lang.SecurityManager.checkPackageAccess(SecurityManager.java:1238)
 at org.wildfly.security.elytron-private@1.13.1.Final-redhat-00001//org.wildfly.security.manager.WildFlySecurityManager.checkPackageAccess(WildFlySecurityManager.java:500)
 at java.base/jdk.internal.loader.ClassLoaders$AppClassLoader.loadClass(ClassLoaders.java:174)
 at java.base/java.lang.ClassLoader.loadClass(ClassLoader.java:521)
 at org.jboss.modules.JDKModuleFinder$JDKModuleLoader.loadClassLocal(JDKModuleFinder.java:158)
 at org.jboss.modules.Module.loadModuleClass(Module.java:731)
 at org.jboss.modules.ModuleClassLoader.findClass(ModuleClassLoader.java:247)
 at org.jboss.modules.ConcurrentClassLoader.performLoadClassUnchecked(ConcurrentClassLoader.java:410)
 at org.jboss.modules.ConcurrentClassLoader.performLoadClass(ConcurrentClassLoader.java:398)
 at org.jboss.modules.ConcurrentClassLoader.loadClass(ConcurrentClassLoader.java:116)
 at java.base/java.lang.Class.forName0(Native Method)
 at java.base/java.lang.Class.forName(Class.java:398)
 at org.jboss.as.naming@7.4.0.CD21-redhat-00001//org.jboss.as.naming.InitialContext.getDefaultInitCtx(InitialContext.java:115)
 ... 57 more
]>

      When I add permission for that 

          <permission>
        <class-name>java.lang.RuntimePermission</class-name>
        <name>accessClassInPackage.com.sun.jndi.ldap</name>
    </permission>

      I get another exception

      check(org.jboss.eapqe.krbldap.eap7.tests.misc.ComSunJndiLdapExtCheckerTestCase)  Time elapsed: 0.249 sec  <<< FAILURE!
org.junit.ComparisonFailure: Output was not as expected. expected:<[GOOD]> but was:<[java.security.AccessControlException: WFSM000001: Permission check failed (permission "("java.lang.RuntimePermission" "accessClassInPackage.com.sun.jndi.ldap.ext")" in code source "(vfs:/content/c829fe82-f5a9-4f85-84f1-ba9959a98cee.war/WEB-INF/classes <no signer certificates>)" of "ModuleClassLoader for Module "deployment.c829fe82-f5a9-4f85-84f1-ba9959a98cee.war" from Service Module Loader")
	at org.wildfly.security.elytron-private@1.13.1.Final-redhat-00001//org.wildfly.security.manager.WildFlySecurityManager.checkPermission(WildFlySecurityManager.java:304)
	at org.wildfly.security.elytron-private@1.13.1.Final-redhat-00001//org.wildfly.security.manager.WildFlySecurityManager.checkPermission(WildFlySecurityManager.java:201)
	at java.base/java.lang.SecurityManager.checkPackageAccess(SecurityManager.java:1238)
	at org.wildfly.security.elytron-private@1.13.1.Final-redhat-00001//org.wildfly.security.manager.WildFlySecurityManager.checkPackageAccess(WildFlySecurityManager.java:500)
	at java.base/jdk.internal.loader.ClassLoaders$AppClassLoader.loadClass(ClassLoaders.java:174)
	at java.base/java.lang.ClassLoader.loadClass(ClassLoader.java:521)
	at org.jboss.modules.JDKModuleFinder$JDKModuleLoader.loadClassLocal(JDKModuleFinder.java:158)
	at org.jboss.modules.Module.loadModuleClass(Module.java:731)
	at org.jboss.modules.ModuleClassLoader.findClass(ModuleClassLoader.java:247)
	at org.jboss.modules.ConcurrentClassLoader.performLoadClassUnchecked(ConcurrentClassLoader.java:410)
	at org.jboss.modules.ConcurrentClassLoader.performLoadClass(ConcurrentClassLoader.java:398)
	at org.jboss.modules.ConcurrentClassLoader.loadClass(ConcurrentClassLoader.java:116)
	at java.base/java.lang.Class.forName0(Native Method)
	at java.base/java.lang.Class.forName(Class.java:398)
	at java.naming/com.sun.naming.internal.VersionHelper.loadClass(VersionHelper.java:123)
	at java.naming/com.sun.naming.internal.VersionHelper.loadClass(VersionHelper.java:96)
	at java.naming/javax.naming.ldap.StartTlsRequest.createExtendedResponse(StartTlsRequest.java:196)
	at java.naming/com.sun.jndi.ldap.LdapCtx.extendedOperation(LdapCtx.java:3393)
	at java.naming/javax.naming.ldap.InitialLdapContext.extendedOperation(InitialLdapContext.java:184)
	at java.naming/javax.naming.ldap.InitialLdapContext.extendedOperation(InitialLdapContext.java:184)
	at deployment.c829fe82-f5a9-4f85-84f1-ba9959a98cee.war//org.jboss.eapqe.krbldap.eap7.tests.misc.ComSunJndiLdapExtCheckerServlet.doGet(ComSunJndiLdapExtCheckerServlet.java:86)
	at javax.servlet.api@2.0.0.Final-redhat-00001//javax.servlet.http.HttpServlet.service(HttpServlet.java:503)
	at javax.servlet.api@2.0.0.Final-redhat-00001//javax.servlet.http.HttpServlet.service(HttpServlet.java:590)
	at io.undertow.servlet@2.2.2.Final-redhat-00001//io.undertow.servlet.handlers.ServletHandler.handleRequest(ServletHandler.java:74)
	at io.undertow.servlet@2.2.2.Final-redhat-00001//io.undertow.servlet.handlers.security.ServletSecurityRoleHandler.handleRequest(ServletSecurityRoleHandler.java:62)
	at io.undertow.servlet@2.2.2.Final-redhat-00001//io.undertow.servlet.handlers.ServletChain$1.handleRequest(ServletChain.java:68)
	at io.undertow.servlet@2.2.2.Final-redhat-00001//io.undertow.servlet.handlers.ServletDispatchingHandler.handleRequest(ServletDispatchingHandler.java:36)
	at org.wildfly.extension.undertow@7.4.0.CD21-redhat-00001//org.wildfly.extension.undertow.security.SecurityContextAssociationHandler.handleRequest(SecurityContextAssociationHandler.java:78)
	at io.undertow.core@2.2.2.Final-redhat-00001//io.undertow.server.handlers.PredicateHandler.handleRequest(PredicateHandler.java:43)
	at io.undertow.servlet@2.2.2.Final-redhat-00001//io.undertow.servlet.handlers.RedirectDirHandler.handleRequest(RedirectDirHandler.java:68)
	at io.undertow.servlet@2.2.2.Final-redhat-00001//io.undertow.servlet.handlers.security.SSLInformationAssociationHandler.handleRequest(SSLInformationAssociationHandler.java:132)
	at io.undertow.servlet@2.2.2.Final-redhat-00001//io.undertow.servlet.handlers.security.ServletAuthenticationCallHandler.handleRequest(ServletAuthenticationCallHandler.java:57)
	at io.undertow.core@2.2.2.Final-redhat-00001//io.undertow.server.handlers.PredicateHandler.handleRequest(PredicateHandler.java:43)
	at io.undertow.core@2.2.2.Final-redhat-00001//io.undertow.security.handlers.AbstractConfidentialityHandler.handleRequest(AbstractConfidentialityHandler.java:46)
	at io.undertow.servlet@2.2.2.Final-redhat-00001//io.undertow.servlet.handlers.security.ServletConfidentialityConstraintHandler.handleRequest(ServletConfidentialityConstraintHandler.java:64)
	at io.undertow.core@2.2.2.Final-redhat-00001//io.undertow.security.handlers.AuthenticationMechanismsHandler.handleRequest(AuthenticationMechanismsHandler.java:60)
	at io.undertow.servlet@2.2.2.Final-redhat-00001//io.undertow.servlet.handlers.security.CachedAuthenticatedSessionHandler.handleRequest(CachedAuthenticatedSessionHandler.java:77)
	at io.undertow.core@2.2.2.Final-redhat-00001//io.undertow.security.handlers.NotificationReceiverHandler.handleRequest(NotificationReceiverHandler.java:50)
	at io.undertow.core@2.2.2.Final-redhat-00001//io.undertow.security.handlers.AbstractSecurityContextAssociationHandler.handleRequest(AbstractSecurityContextAssociationHandler.java:43)
	at io.undertow.core@2.2.2.Final-redhat-00001//io.undertow.server.handlers.PredicateHandler.handleRequest(PredicateHandler.java:43)
	at org.wildfly.extension.undertow@7.4.0.CD21-redhat-00001//org.wildfly.extension.undertow.security.jacc.JACCContextIdHandler.handleRequest(JACCContextIdHandler.java:61)
	at io.undertow.core@2.2.2.Final-redhat-00001//io.undertow.server.handlers.PredicateHandler.handleRequest(PredicateHandler.java:43)
	at org.wildfly.extension.undertow@7.4.0.CD21-redhat-00001//org.wildfly.extension.undertow.deployment.GlobalRequestControllerHandler.handleRequest(GlobalRequestControllerHandler.java:68)
	at io.undertow.servlet@2.2.2.Final-redhat-00001//io.undertow.servlet.handlers.SendErrorPageHandler.handleRequest(SendErrorPageHandler.java:52)
	at io.undertow.core@2.2.2.Final-redhat-00001//io.undertow.server.handlers.PredicateHandler.handleRequest(PredicateHandler.java:43)
	at io.undertow.servlet@2.2.2.Final-redhat-00001//io.undertow.servlet.handlers.ServletInitialHandler.handleFirstRequest(ServletInitialHandler.java:269)
	at io.undertow.servlet@2.2.2.Final-redhat-00001//io.undertow.servlet.handlers.ServletInitialHandler.access$100(ServletInitialHandler.java:78)
	at io.undertow.servlet@2.2.2.Final-redhat-00001//io.undertow.servlet.handlers.ServletInitialHandler$2.call(ServletInitialHandler.java:133)
	at io.undertow.servlet@2.2.2.Final-redhat-00001//io.undertow.servlet.handlers.ServletInitialHandler$2.call(ServletInitialHandler.java:130)
	at io.undertow.servlet@2.2.2.Final-redhat-00001//io.undertow.servlet.core.ServletRequestContextThreadSetupAction$1.call(ServletRequestContextThreadSetupAction.java:48)
	at io.undertow.servlet@2.2.2.Final-redhat-00001//io.undertow.servlet.core.ContextClassLoaderSetupAction$1.call(ContextClassLoaderSetupAction.java:43)
	at org.wildfly.extension.undertow@7.4.0.CD21-redhat-00001//org.wildfly.extension.undertow.security.SecurityContextThreadSetupAction.lambda$create$0(SecurityContextThreadSetupAction.java:105)
	at org.wildfly.extension.undertow@7.4.0.CD21-redhat-00001//org.wildfly.extension.undertow.deployment.UndertowDeploymentInfoService$UndertowThreadSetupAction.lambda$create$0(UndertowDeploymentInfoService.java:1530)
	at org.wildfly.extension.undertow@7.4.0.CD21-redhat-00001//org.wildfly.extension.undertow.deployment.UndertowDeploymentInfoService$UndertowThreadSetupAction.lambda$create$0(UndertowDeploymentInfoService.java:1530)
	at org.wildfly.extension.undertow@7.4.0.CD21-redhat-00001//org.wildfly.extension.undertow.deployment.UndertowDeploymentInfoService$UndertowThreadSetupAction.lambda$create$0(UndertowDeploymentInfoService.java:1530)
	at org.wildfly.extension.undertow@7.4.0.CD21-redhat-00001//org.wildfly.extension.undertow.deployment.UndertowDeploymentInfoService$UndertowThreadSetupAction.lambda$create$0(UndertowDeploymentInfoService.java:1530)
	at io.undertow.servlet@2.2.2.Final-redhat-00001//io.undertow.servlet.handlers.ServletInitialHandler.dispatchRequest(ServletInitialHandler.java:249)
	at io.undertow.servlet@2.2.2.Final-redhat-00001//io.undertow.servlet.handlers.ServletInitialHandler.access$000(ServletInitialHandler.java:78)
	at io.undertow.servlet@2.2.2.Final-redhat-00001//io.undertow.servlet.handlers.ServletInitialHandler$1$1.run(ServletInitialHandler.java:105)
	at java.base/java.security.AccessController.doPrivileged(Native Method)
	at io.undertow.servlet@2.2.2.Final-redhat-00001//io.undertow.servlet.handlers.ServletInitialHandler$1.handleRequest(ServletInitialHandler.java:102)
	at io.undertow.core@2.2.2.Final-redhat-00001//io.undertow.server.Connectors.executeRootHandler(Connectors.java:387)
	at io.undertow.core@2.2.2.Final-redhat-00001//io.undertow.server.HttpServerExchange$1.run(HttpServerExchange.java:841)
	at org.jboss.threads@2.4.0.Final-redhat-00001//org.jboss.threads.ContextClassLoaderSavingRunnable.run(ContextClassLoaderSavingRunnable.java:35)
	at org.jboss.threads@2.4.0.Final-redhat-00001//org.jboss.threads.EnhancedQueueExecutor.safeRun(EnhancedQueueExecutor.java:1990)
	at org.jboss.threads@2.4.0.Final-redhat-00001//org.jboss.threads.EnhancedQueueExecutor$ThreadBody.doRunTask(EnhancedQueueExecutor.java:1486)
	at org.jboss.threads@2.4.0.Final-redhat-00001//org.jboss.threads.EnhancedQueueExecutor$ThreadBody.run(EnhancedQueueExecutor.java:1348)
	at org.jboss.xnio@3.8.2.Final-redhat-00001//org.xnio.XnioWorker$WorkerThreadFactory$1$1.run(XnioWorker.java:1280)
	at java.base/java.lang.Thread.run(Thread.java:834)
]>
	at org.junit.Assert.assertEquals(Assert.java:115)
	at org.jboss.eapqe.krbldap.eap7.tests.misc.ComSunJndiLdapExtCheckerTestCase.check(ComSunJndiLdapExtCheckerTestCase.java:97)

      When I add both permissions test pass.

          <permission>
        <class-name>java.lang.RuntimePermission</class-name>
        <name>accessClassInPackage.com.sun.jndi.ldap</name>
    </permission>
    <permission>
        <class-name>java.lang.RuntimePermission</class-name>
        <name>accessClassInPackage.com.sun.jndi.ldap.ext</name>
    </permission>

      But could you check if in eap codebase we shouldnt add doPriviledged() call. Especially if I found with similar issue OpenLiberty have added it.

      [1] https://github.com/OpenLiberty/open-liberty/issues/8401

      Attachments

        Issue Links

          clones

          Bug - A problem that impairs or prevents the functions of the product. WFLY-15652 Permission check failed (permission "("java.lang.RuntimePermission" "accessClassInPackage.com.sun.jndi.ldap")"

          • Major - To be worked after higher priority work items are addressed. When the severity is high and the effort to change it is low to moderate, this term is chosen. Issues in this category likely have an existing workaround but implementation or execution may be non-trivial.
          • Resolved

          Activity

            People

              istudens@redhat.com Ivo Studensky
              mchoma@redhat.com Martin Choma
              Votes:
              0 Vote for this issue
              Watchers:
              6 Start watching this issue

              Dates

                Created:
                Updated:
                Resolved: