-
Bug
-
Resolution: Done
-
Critical
-
7.4.18.GA
-
False
-
None
-
False
-
Release Notes
-
-
-
-
-
-
-
-
-
-
org.jboss.ejb.client.legacy.JBossEJBProperties makes a call during class initialization that requires security permissions, without use of an appropriate privileged block.
It is invalid for a class to do anything during class initialization that depends on the context it's called from, as it is undefined when and where that can occur.
The call to ContextManager.setGlobalDefaultSupplier needs to be wrapped in a privileged block.
java.security.AccessControlException: WFSM000001: Permission check failed (permission "("org.wildfly.common.context.ContextPermission" "org.jboss.ejb.client.legacy-properties" "setGlobalDefaultSupplier")" in code source "(vfs:/content/app.ear/app.jar <no signer certificates>)" of "ModuleClassLoader for Module "deployment.app.ear.app.jar" from Service Module Loader") at org.wildfly.security.manager.WildFlySecurityManager.checkPermission(WildFlySecurityManager.java:309) at org.wildfly.security.manager.WildFlySecurityManager.checkPermission(WildFlySecurityManager.java:201) at org.wildfly.common.context.ContextManager.setGlobalDefaultSupplier(ContextManager.java:93) at org.jboss.ejb.client.legacy.JBossEJBProperties.<clinit>(JBossEJBProperties.java:123)
- clones
-
JBEAP-28148 [GSS](8.0.z) EJBCLIENT-539 - JBossEJBProperties failing to set appropriate security context
- Resolved
- is incorporated by
-
JBEAP-28238 (7.4.z) Upgrade ejb-client from 4.0.55.Final-redhat-00001 to 4.0.56.Final-redhat-00001
- Resolved
- relates to
-
EJBCLIENT-539 JBossEJBProperties failing to set appropriate security context
- Resolved