Uploaded image for project: 'JBoss Enterprise Application Platform'
  1. JBoss Enterprise Application Platform
  2. JBEAP-28149

[GSS](7.4.z) EJBCLIENT-539 - JBossEJBProperties failing to set appropriate security context

XMLWordPrintable

    • False
    • None
    • False
    • Release Notes
    • -
    • Hide

      Test coverage: No test coverage provided because it is hard to reproduce issue. It seems that customers are package the applications in their specific way, not sure what it is, but triggered this case.
      On the other hand, the fix is just moving the static class initial block to a doPrivileged block, which shouldn't cause any problem or security concerns
      *Planned testing: *Full regression testing for ejb

      Show
      Test coverage: No test coverage provided because it is hard to reproduce issue. It seems that customers are package the applications in their specific way, not sure what it is, but triggered this case. On the other hand, the fix is just moving the static class initial block to a doPrivileged block, which shouldn't cause any problem or security concerns *Planned testing: *Full regression testing for ejb

      org.jboss.ejb.client.legacy.JBossEJBProperties makes a call during class initialization that requires security permissions, without use of an appropriate privileged block.

      It is invalid for a class to do anything during class initialization that depends on the context it's called from, as it is undefined when and where that can occur.

      The call to ContextManager.setGlobalDefaultSupplier needs to be wrapped in a privileged block.

      java.security.AccessControlException: WFSM000001: Permission check failed (permission "("org.wildfly.common.context.ContextPermission" "org.jboss.ejb.client.legacy-properties" "setGlobalDefaultSupplier")" in code source "(vfs:/content/app.ear/app.jar <no signer certificates>)" of "ModuleClassLoader for Module "deployment.app.ear.app.jar" from Service Module Loader")
          at org.wildfly.security.manager.WildFlySecurityManager.checkPermission(WildFlySecurityManager.java:309)
          at org.wildfly.security.manager.WildFlySecurityManager.checkPermission(WildFlySecurityManager.java:201)
          at org.wildfly.common.context.ContextManager.setGlobalDefaultSupplier(ContextManager.java:93)
          at org.jboss.ejb.client.legacy.JBossEJBProperties.<clinit>(JBossEJBProperties.java:123)
      

              chaowan@redhat.com Chao Wang
              rhn-support-aogburn Aaron Ogburn
              Votes:
              0 Vote for this issue
              Watchers:
              2 Start watching this issue

                Created:
                Updated:
                Resolved: