Loading...

XML

Word

Printable

Type: Bug
Resolution: Done
Priority: Major
Fix Version/s: 7.0.0.ER7
Affects Version/s: 7.0.0.ER6
Component/s: Undertow
Labels:
None

CDW devel_ack:
CDW docs_ack:
CDW pm_ack:
CDW qa_ack:
CDW release:
Target Release:

7.backlog.GA

SFDC Cases Counter:
SFDC Cases Open:
SFDC Cases Links:

Some source codes contain wrong static call for permission check

AccessController.checkPermission(...);

There must be some like this

securityManagerInstance.checkPermission(...);

https://github.com/undertow-io/undertow/blob/master/websockets-jsr/src/main/java/io/undertow/websockets/jsr/UndertowContainerProvider.java#L105
Lines 105, 112, 126
https://github.com/undertow-io/undertow/blob/7db20bdef6cea603b5df9066506e40c8143f109a/servlet/src/main/java/io/undertow/servlet/spec/HttpSessionImpl.java#L216
Line 216
https://github.com/undertow-io/undertow/blob/95051a890cbf655631f26813180fab5c31aa954b/servlet/src/main/java/io/undertow/servlet/handlers/ServletInitialHandler.java#L109
Line 109
https://github.com/undertow-io/undertow/blob/909b972ec3a57555a2b769cec918f3d69a7a4502/servlet/src/main/java/io/undertow/servlet/handlers/ServletRequestContext.java#L64
Lines 64, 71,78, 89
https://github.com/undertow-io/undertow/blob/efb2eb38839473938ab090afb0e8b2781408c783/core/src/main/java/io/undertow/server/HttpServerExchange.java#L1742
Line 1742

is cloned by

UNDERTOW-661 Some classes contain static call of AccessController.checkPermission(...)

Resolved

Assignee:: Stuart Douglas (Inactive)

Reporter:: Hynek Švábek (Inactive)

Votes:: 0 Vote for this issue

Watchers:: 1 Start watching this issue

Created:: 2016/03/15 10:30 AM

Updated:: 2016/03/23 4:10 AM

Resolved:: 2016/03/16 6:03 PM