-
Bug
-
Resolution: Done
-
Major
-
7.3.4.GA
-
False
-
False
-
-
-
-
-
-
+
-
Undefined
-
Workaround Exists
-
-
-
If the security manager contains an invalid class or other data in the minimum-set it throws a NullPointerException instead of a useful error message.
ERROR [management-operation] WFLYCTL0013 : Operation ("add") failed - address ([("subsystem" => "security-manager")]): java.lang.NullPointerException at java.security.Permissions.getPermissionCollection(Permissions.java:240) at java.security.Permissions.implies(Permissions.java:179) at org.jboss.modules.security.FactoryPermissionCollection.implies(FactoryPermissionCollection.java:75) at org.wildfly.extension.security.manager.SecurityManagerSubsystemAdd.performBoottime(SecurityManagerSubsystemAdd.java:101) ...
The same thing happens with other missing data.
- Works:
<permission class="java.io.FilePermission" name="/foo" actions="read"/>
- Fail with NullPointerException:
<permission class="invalid.class.name" name="/foo" actions="read"/>
<permission class="java.io.FilePermission" name="/foo"/>
<permission class="java.io.FilePermission" actions="read"/>
The NullPointerException does not occur if maximum-set is absent, or contains java.security.AllPermission
- clones
-
WFCORE-5243 NullPointerException when invalid <permission> classes specified
- Closed
- is cloned by
-
JBEAP-20798 [GSS](7.3.z) WFCORE-5243 - NullPointerException when invalid <permission> classes specified
- Closed
- is incorporated by
-
JBEAP-21978 (7.4.z) Upgrade WildFly Core from 15.0.2.Final-redhat-00001 to 15.0.3.Final-redhat-00001
- Closed
- relates to
-
JBEAP-16526 [GSS](7.2.z) WFCORE-4374 - security-manager minimum-set for MBeanServerPermission createMBeanServer not working but permissions.xml does
- Closed