Loading...

XML

Word

Printable

Type: Bug
Resolution: Done
Priority: Blocker
Fix Version/s: 7.0.0.ER7
Affects Version/s: 7.0.0.DR5, 7.0.0.ER6
Component/s: Security Manager
Labels:
None

CDW devel_ack:
CDW docs_ack:
CDW pm_ack:
CDW qa_ack:
CDW release:
Target Release:

7.0.0.GA
Git Pull Request:
https://github.com/jbossas/jboss-eap7/pull/408
Steps to Reproduce:
Hide

# store the test application system-property.war into /tmp folder # run server with security manager ./standalone.sh -secmgr # deploy the test application ./jboss-cli.sh -c "deploy /tmp/system-property.war" # open http://localhost:8080/system-property/ and check if there is a AccessControlException stack trace # it's expected state, because the app has no permissions.xml # add AllPermission to deployment permissions minimum-set ./jboss-cli.sh -c << EOT /subsystem=security-manager/deployment-permissions=default/minimum-set=default:add /subsystem=security-manager/deployment-permissions=default/minimum-set=default/permission=test:add(class=java.security.AllPermission) EOT # from the server response you can see the server reload is not required # open http://localhost:8080/system-property/ and check if you see the JRE path in the response - expected behavior # Instead of the expected state the AccessControlException is still present => BUG! # reload server ./jboss-cli.sh -c reload # open http://localhost:8080/system-property/ and check if you see the JRE path in the response - Yes! it works now.
Show
# store the test application system-property.war into /tmp folder # run server with security manager ./standalone.sh -secmgr # deploy the test application ./jboss-cli.sh -c "deploy /tmp/system-property.war" # open http: //localhost:8080/system-property/ and check if there is a AccessControlException stack trace # it's expected state, because the app has no permissions.xml # add AllPermission to deployment permissions minimum-set ./jboss-cli.sh -c << EOT /subsystem=security-manager/deployment-permissions= default /minimum-set= default :add /subsystem=security-manager/deployment-permissions= default /minimum-set= default /permission=test:add(class=java.security.AllPermission) EOT # from the server response you can see the server reload is not required # open http: //localhost:8080/system-property/ and check if you see the JRE path in the response - expected behavior # Instead of the expected state the AccessControlException is still present => BUG! # reload server ./jboss-cli.sh -c reload # open http: //localhost:8080/system-property/ and check if you see the JRE path in the response - Yes! it works now.

SFDC Cases Counter:
SFDC Cases Open:
SFDC Cases Links:

When adding permissions in the security-manager subsystem, the changes are not used until server reload. But the CLI operation doesn't require reload.

- - Sort By Name
  - Sort By Date
  - Ascending
  - Descending
  - Thumbnails
  - List
  - Download All

system-property.war
5 kB
2015/07/09 10:07 AM

blocks

JBEAP-3729 Add regression tests security-manager subsystem issues JBEAP-408 and JBEAP-416

Verified

is blocked by

WFLY-6340 Adding deployment permissions doesn't put server in requires reload state

Closed

is cloned by

WFLY-4898 Change in permissions is not visible until server reload

Closed

is related to

JBEAP-407 Permission names are not persisted in the domain model

Closed

Assignee:: Josef Cacek (Inactive)

Reporter:: Josef Cacek (Inactive)

Votes:: 0 Vote for this issue

Watchers:: 2 Start watching this issue

Created:: 2015/07/09 10:06 AM

Updated:: 2021/10/24 5:55 AM

Resolved:: 2016/03/21 10:13 AM

Details

Description

Attachments

Attachments

Issue Links

Easy Agile Planning Poker

Activity

People

Dates