-
Bug
-
Resolution: Done
-
Major
-
7.3.4.GA
-
False
-
False
-
-
-
-
-
-
+
-
Undefined
-
Workaround Exists
-
-
-
If the security manager contains an invalid class or other data in the minimum-set it throws a NullPointerException instead of a useful error message.
ERROR [management-operation] WFLYCTL0013 : Operation ("add") failed - address ([("subsystem" => "security-manager")]): java.lang.NullPointerException at java.security.Permissions.getPermissionCollection(Permissions.java:240) at java.security.Permissions.implies(Permissions.java:179) at org.jboss.modules.security.FactoryPermissionCollection.implies(FactoryPermissionCollection.java:75) at org.wildfly.extension.security.manager.SecurityManagerSubsystemAdd.performBoottime(SecurityManagerSubsystemAdd.java:101) ...
The same thing happens with other missing data.
- Works:
<permission class="java.io.FilePermission" name="/foo" actions="read"/>
- Fail with NullPointerException:
<permission class="invalid.class.name" name="/foo" actions="read"/>
<permission class="java.io.FilePermission" name="/foo"/>
<permission class="java.io.FilePermission" actions="read"/>
The NullPointerException does not occur if maximum-set is absent, or contains java.security.AllPermission
- clones
-
JBEAP-20799 [GSS](7.4.z) WFCORE-5243 - NullPointerException when invalid <permission> classes specified
- Closed
-
WFCORE-5243 NullPointerException when invalid <permission> classes specified
- Closed
- is duplicated by
-
JBEAP-20797 [GSS](7.3.z) NullPointerException when invalid <permission> classes specified
- Closed
- is incorporated by
-
JBEAP-21094 (7.3.z) Upgrade WildFly Core from 10.1.18.Final-redhat-00001 to 10.1.19.Final-redhat-00001
- Closed