Uploaded image for project: 'JBoss Modules'
  1. JBoss Modules
  2. MODULES-173

Permission check failed for java.io.FilePermission when getting classloader resources

XMLWordPrintable

    • Icon: Bug Bug
    • Resolution: Done
    • Icon: Major Major
    • 1.2.5.Final, 1.3.0.Beta3
    • 1.2.4.Final
    • Core
    • None

      When trying resolving a JAXWS SPI Provider in WFLY with security manager enabled, I get the following:

      19:00:51,826 ERROR [org.jboss.as.webservices.invocation.InvocationHandlerJAXWS] (default task-4) JBAS015594: Method invocation failed with exception: Unable to createEndpointReference Provider: javax.xml.ws.WebServiceException: Unable to createEndpointReference Provider
      	at javax.xml.ws.spi.Provider.provider(Provider.java:126) [jboss-jaxws-api_2.2_spec-2.0.2.Final-SNAPSHOT.jar:2.0.2.Final-SNAPSHOT]
      	at javax.xml.ws.Service.<init>(Service.java:57) [jboss-jaxws-api_2.2_spec-2.0.2.Final-SNAPSHOT.jar:2.0.2.Final-SNAPSHOT]
      	at javax.xml.ws.Service.create(Service.java:687) [jboss-jaxws-api_2.2_spec-2.0.2.Final-SNAPSHOT.jar:2.0.2.Final-SNAPSHOT]
      	at org.jboss.test.ws.jaxws.cxf.bus.ClientEndpointImpl.getService(ClientEndpointImpl.java:89) [classes:]
      	at org.jboss.test.ws.jaxws.cxf.bus.ClientEndpointImpl.getPort(ClientEndpointImpl.java:76) [classes:]
      	at org.jboss.test.ws.jaxws.cxf.bus.ClientEndpointImpl.testClient(ClientEndpointImpl.java:42) [classes:]
      	at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) [rt.jar:1.7.0_17]
      	at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:57) [rt.jar:1.7.0_17]
      	at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43) [rt.jar:1.7.0_17]
      	at java.lang.reflect.Method.invoke(Method.java:601) [rt.jar:1.7.0_17]
      	at org.jboss.as.ee.component.ManagedReferenceMethodInterceptorFactory$ManagedReferenceMethodInterceptor.processInvocation(ManagedReferenceMethodInterceptorFactory.java:72)
      	at org.jboss.invocation.InterceptorContext.proceed(InterceptorContext.java:309)
      	at org.jboss.invocation.WeavedInterceptor.processInvocation(WeavedInterceptor.java:53)
      	at org.jboss.as.ee.component.interceptors.UserInterceptorFactory$1.processInvocation(UserInterceptorFactory.java:63)
      	at org.jboss.invocation.InterceptorContext.proceed(InterceptorContext.java:309)
      	at org.jboss.invocation.WeavedInterceptor.processInvocation(WeavedInterceptor.java:53)
      	at org.jboss.as.ee.component.interceptors.UserInterceptorFactory$1.processInvocation(UserInterceptorFactory.java:63)
      	at org.jboss.invocation.InterceptorContext.proceed(InterceptorContext.java:309)
      	at org.jboss.invocation.InitialInterceptor.processInvocation(InitialInterceptor.java:21)
      	at org.jboss.invocation.InterceptorContext.proceed(InterceptorContext.java:309)
      	at org.jboss.invocation.ChainedInterceptor.processInvocation(ChainedInterceptor.java:61)
      	at org.jboss.as.ee.component.interceptors.ComponentDispatcherInterceptor.processInvocation(ComponentDispatcherInterceptor.java:53)
      	at org.jboss.invocation.InterceptorContext.proceed(InterceptorContext.java:309)
      	at org.jboss.as.webservices.deployers.WSComponentInstanceAssociationInterceptor.processInvocation(WSComponentInstanceAssociationInterceptor.java:49)
      	at org.jboss.invocation.InterceptorContext.proceed(InterceptorContext.java:309)
      	at org.jboss.invocation.InterceptorContext.run(InterceptorContext.java:325)
      	at org.wildfly.security.manager.WildFlySecurityManager.doChecked(WildFlySecurityManager.java:428)
      	at org.wildfly.security.manager.AccessCheckingInterceptor.processInvocation(AccessCheckingInterceptor.java:63)
      	at org.jboss.invocation.InterceptorContext.proceed(InterceptorContext.java:309)
      	at org.jboss.invocation.InterceptorContext.run(InterceptorContext.java:325)
      	at java.security.AccessController.doPrivileged(Native Method) [rt.jar:1.7.0_17]
      	at org.jboss.invocation.PrivilegedInterceptor.processInvocation(PrivilegedInterceptor.java:75)
      	at org.jboss.invocation.InterceptorContext.proceed(InterceptorContext.java:309)
      	at org.jboss.invocation.ChainedInterceptor.processInvocation(ChainedInterceptor.java:61)
      	at org.jboss.as.ee.component.ViewService$View.invoke(ViewService.java:165)
      	at org.jboss.as.webservices.invocation.AbstractInvocationHandler.invoke(AbstractInvocationHandler.java:112)
      	at org.jboss.wsf.stack.cxf.JBossWSInvoker.performInvocation(JBossWSInvoker.java:149)
      	at org.apache.cxf.service.invoker.AbstractInvoker.invoke(AbstractInvoker.java:96) [cxf-api.jar:2.7.6.SNAPSHOT]
      	at org.apache.cxf.jaxws.AbstractJAXWSMethodInvoker.invoke(AbstractJAXWSMethodInvoker.java:178)
      	at org.apache.cxf.jaxws.JAXWSMethodInvoker.invoke(JAXWSMethodInvoker.java:68)
      	at org.jboss.wsf.stack.cxf.JBossWSInvoker.invoke(JBossWSInvoker.java:129)
      	at org.apache.cxf.interceptor.ServiceInvokerInterceptor$1.run(ServiceInvokerInterceptor.java:57) [cxf-api.jar:2.7.6.SNAPSHOT]
      	at java.util.concurrent.Executors$RunnableAdapter.call(Executors.java:471) [rt.jar:1.7.0_17]
      	at java.util.concurrent.FutureTask$Sync.innerRun(FutureTask.java:334) [rt.jar:1.7.0_17]
      	at java.util.concurrent.FutureTask.run(FutureTask.java:166) [rt.jar:1.7.0_17]
      	at org.apache.cxf.workqueue.SynchronousExecutor.execute(SynchronousExecutor.java:37) [cxf-api.jar:2.7.6.SNAPSHOT]
      	at org.apache.cxf.interceptor.ServiceInvokerInterceptor.handleMessage(ServiceInvokerInterceptor.java:106) [cxf-api.jar:2.7.6.SNAPSHOT]
      	at org.apache.cxf.phase.PhaseInterceptorChain.doIntercept(PhaseInterceptorChain.java:271) [cxf-api.jar:2.7.6.SNAPSHOT]
      	at org.apache.cxf.transport.ChainInitiationObserver.onMessage(ChainInitiationObserver.java:121) [cxf-api.jar:2.7.6.SNAPSHOT]
      	at org.apache.cxf.transport.http.AbstractHTTPDestination.invoke(AbstractHTTPDestination.java:239)
      	at org.jboss.wsf.stack.cxf.RequestHandlerImpl.handleHttpRequest(RequestHandlerImpl.java:93)
      	at org.jboss.wsf.stack.cxf.transport.ServletHelper.callRequestHandler(ServletHelper.java:143)
      	at org.jboss.wsf.stack.cxf.CXFServletExt.invoke(CXFServletExt.java:87)
      	at org.apache.cxf.transport.servlet.AbstractHTTPServlet.handleRequest(AbstractHTTPServlet.java:286)
      	at org.apache.cxf.transport.servlet.AbstractHTTPServlet.doPost(AbstractHTTPServlet.java:206)
      	at javax.servlet.http.HttpServlet.service(HttpServlet.java:707) [jboss-servlet-api_3.1_spec-1.0.0.Beta1.jar:1.0.0.Beta1]
      	at org.jboss.wsf.stack.cxf.CXFServletExt.service(CXFServletExt.java:135)
      	at org.jboss.wsf.spi.deployment.WSFServlet.service(WSFServlet.java:140) [jbossws-spi.jar:2.2.0-SNAPSHOT]
      	at javax.servlet.http.HttpServlet.service(HttpServlet.java:790) [jboss-servlet-api_3.1_spec-1.0.0.Beta1.jar:1.0.0.Beta1]
      	at io.undertow.servlet.handlers.ServletHandler.handleRequest(ServletHandler.java:87) [undertow-servlet-1.0.0.Beta3.jar:1.0.0.Beta3]
      	at io.undertow.servlet.handlers.FilterHandler$FilterChainImpl.doFilter(FilterHandler.java:130) [undertow-servlet-1.0.0.Beta3.jar:1.0.0.Beta3]
      	at io.undertow.websockets.jsr.JsrWebSocketFilter.doFilter(JsrWebSocketFilter.java:138) [undertow-websockets-jsr-1.0.0.Beta3.jar:1.0.0.Beta3]
      	at io.undertow.servlet.core.ManagedFilter.doFilter(ManagedFilter.java:56) [undertow-servlet-1.0.0.Beta3.jar:1.0.0.Beta3]
      	at io.undertow.servlet.handlers.FilterHandler$FilterChainImpl.doFilter(FilterHandler.java:132) [undertow-servlet-1.0.0.Beta3.jar:1.0.0.Beta3]
      	at io.undertow.servlet.handlers.FilterHandler.handleRequest(FilterHandler.java:85) [undertow-servlet-1.0.0.Beta3.jar:1.0.0.Beta3]
      	at io.undertow.servlet.handlers.security.ServletSecurityRoleHandler.handleRequest(ServletSecurityRoleHandler.java:56) [undertow-servlet-1.0.0.Beta3.jar:1.0.0.Beta3]
      	at io.undertow.servlet.handlers.ServletDispatchingHandler.handleRequest(ServletDispatchingHandler.java:36) [undertow-servlet-1.0.0.Beta3.jar:1.0.0.Beta3]
      	at org.wildfly.extension.undertow.security.SecurityContextAssociationHandler.handleRequest(SecurityContextAssociationHandler.java:78)
      	at io.undertow.servlet.handlers.security.SSLInformationAssociationHandler.handleRequest(SSLInformationAssociationHandler.java:115) [undertow-servlet-1.0.0.Beta3.jar:1.0.0.Beta3]
      	at io.undertow.security.handlers.AuthenticationCallHandler.handleRequest(AuthenticationCallHandler.java:52) [undertow-core-1.0.0.Beta3.jar:1.0.0.Beta3]
      	at io.undertow.security.handlers.AbstractConfidentialityHandler.handleRequest(AbstractConfidentialityHandler.java:45) [undertow-core-1.0.0.Beta3.jar:1.0.0.Beta3]
      	at io.undertow.servlet.handlers.security.CachedAuthenticatedSessionHandler.handleRequest(CachedAuthenticatedSessionHandler.java:65) [undertow-servlet-1.0.0.Beta3.jar:1.0.0.Beta3]
      	at io.undertow.security.handlers.SecurityInitialHandler.handleRequest(SecurityInitialHandler.java:70) [undertow-core-1.0.0.Beta3.jar:1.0.0.Beta3]
      	at io.undertow.server.handlers.PredicateHandler.handleRequest(PredicateHandler.java:25) [undertow-core-1.0.0.Beta3.jar:1.0.0.Beta3]
      	at org.wildfly.extension.undertow.security.SecurityContextCreationHandler.handleRequest(SecurityContextCreationHandler.java:54)
      	at io.undertow.server.handlers.PredicateHandler.handleRequest(PredicateHandler.java:25) [undertow-core-1.0.0.Beta3.jar:1.0.0.Beta3]
      	at io.undertow.servlet.handlers.ServletInitialHandler.handleFirstRequest(ServletInitialHandler.java:185) [undertow-servlet-1.0.0.Beta3.jar:1.0.0.Beta3]
      	at io.undertow.servlet.handlers.ServletInitialHandler.dispatchRequest(ServletInitialHandler.java:172) [undertow-servlet-1.0.0.Beta3.jar:1.0.0.Beta3]
      	at io.undertow.servlet.handlers.ServletInitialHandler.access$000(ServletInitialHandler.java:56) [undertow-servlet-1.0.0.Beta3.jar:1.0.0.Beta3]
      	at io.undertow.servlet.handlers.ServletInitialHandler$1.handleRequest(ServletInitialHandler.java:107) [undertow-servlet-1.0.0.Beta3.jar:1.0.0.Beta3]
      	at io.undertow.server.HttpHandlers.executeRootHandler(HttpHandlers.java:36) [undertow-core-1.0.0.Beta3.jar:1.0.0.Beta3]
      	at io.undertow.server.HttpServerExchange$1.run(HttpServerExchange.java:629) [undertow-core-1.0.0.Beta3.jar:1.0.0.Beta3]
      	at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1145) [rt.jar:1.7.0_17]
      	at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:615) [rt.jar:1.7.0_17]
      	at java.lang.Thread.run(Thread.java:722) [rt.jar:1.7.0_17]
      Caused by: java.security.AccessControlException: WFSM000001: Permission check failed for ("java.io.FilePermission" "/dati/wildfly/build/target/wildfly-8.0.0.Alpha4-SNAPSHOT/modules/system/layers/base/sun/jdk/main/service-loader-resources/META-INF/services/javax.xml.ws.spi.Provider" "read")
      	at org.wildfly.security.manager.WildFlySecurityManager.checkPermission(WildFlySecurityManager.java:221)
      	at org.wildfly.security.manager.WildFlySecurityManager.checkPermission(WildFlySecurityManager.java:130)
      	at java.lang.SecurityManager.checkRead(SecurityManager.java:888) [rt.jar:1.7.0_17]
      	at org.wildfly.security.manager.WildFlySecurityManager.checkRead(WildFlySecurityManager.java:273)
      	at java.io.File.exists(File.java:770) [rt.jar:1.7.0_17]
      	at org.jboss.modules.FileResourceLoader.getResource(FileResourceLoader.java:134) [jboss-modules.jar:1.2.5.Final-SNAPSHOT]
      	at org.jboss.modules.ModuleClassLoader.loadResourceLocal(ModuleClassLoader.java:335) [jboss-modules.jar:1.2.5.Final-SNAPSHOT]
      	at org.jboss.modules.ModuleClassLoader$1.loadResourceLocal(ModuleClassLoader.java:87) [jboss-modules.jar:1.2.5.Final-SNAPSHOT]
      	at org.jboss.modules.Module.getResources(Module.java:599) [jboss-modules.jar:1.2.5.Final-SNAPSHOT]
      	at org.jboss.modules.ModuleClassLoader.findResources(ModuleClassLoader.java:521) [jboss-modules.jar:1.2.5.Final-SNAPSHOT]
      	at org.jboss.modules.ConcurrentClassLoader.getResources(ConcurrentClassLoader.java:264) [jboss-modules.jar:1.2.5.Final-SNAPSHOT]
      	at java.util.ServiceLoader$LazyIterator.hasNext(ServiceLoader.java:340) [rt.jar:1.7.0_17]
      	at java.util.ServiceLoader$1.hasNext(ServiceLoader.java:439) [rt.jar:1.7.0_17]
      	at javax.xml.ws.spi.Provider.getProviderUsingServiceLoader(Provider.java:146) [jboss-jaxws-api_2.2_spec-2.0.2.Final-SNAPSHOT.jar:2.0.2.Final-SNAPSHOT]
      	at javax.xml.ws.spi.Provider.provider(Provider.java:106) [jboss-jaxws-api_2.2_spec-2.0.2.Final-SNAPSHOT.jar:2.0.2.Final-SNAPSHOT]
      	... 84 more
      

      The jboss-jaxws-api_2.2_spec-2.0.2.Final-SNAPSHOT.jar:2.0.2.Final-SNAPSHOT is a locally built snapshot with the https://github.com/jboss/jboss-jaxws-api_spec/pull/2 addition only.

              dlloyd@redhat.com David Lloyd
              rhn-support-asoldano Alessio Soldano
              Votes:
              0 Vote for this issue
              Watchers:
              2 Start watching this issue

                Created:
                Updated:
                Resolved: