Loading...

XML

Word

Printable

Details

Type: Bug
Resolution: Done
Priority: Major
Fix Version/s: 4.6.1.Final, 4.6.2.Final, 4.7.0.Beta1, 4.7.0.Final
Affects Version/s: 4.6.0.Final
Component/s: None
Labels:
None

Steps to Reproduce:

Hide

This was discovered sending a POST request with form parameters using the JAX-RS client in OpenLiberty.

Show
This was discovered sending a POST request with form parameters using the JAX-RS client in OpenLiberty.
Release Note Text:
Undefined
Git Pull Request:
https://github.com/resteasy/Resteasy/pull/2778, https://github.com/resteasy/Resteasy/pull/2784

Description

org.jboss.resteasy.spi.config.DefaultConfiguration.apply() in resteasy-core-spi calls

System.getProperty(name) on line 169.
This causes the following error when Java 2 Security is enabled:

Caused by: java.security.AccessControlException: Access denied ("java.util.PropertyPermission" "java.io.tmpdir" "read")
	at java.base/java.security.AccessController.throwACE(AccessController.java:176)
	at java.base/java.security.AccessController.checkPermissionHelper(AccessController.java:238)
	at java.base/java.security.AccessController.checkPermission(AccessController.java:385)
	at java.base/java.lang.SecurityManager.checkPermission(SecurityManager.java:322)
	at java.base/java.lang.SecurityManager.checkPropertyAccess(SecurityManager.java:1066)
	at java.base/java.lang.System.getProperty(System.java:506)
	at java.base/java.lang.System.getProperty(System.java:475)
	at org.jboss.resteasy.spi.config.DefaultConfiguration$Resolver.apply(DefaultConfiguration.java:169)
	at org.jboss.resteasy.spi.config.DefaultConfiguration$Resolver.apply(DefaultConfiguration.java:160)
	at org.jboss.resteasy.spi.config.DefaultConfiguration.getOptionalValue(DefaultConfiguration.java:99)
	at org.jboss.resteasy.client.jaxrs.engines.ManualClosingApacheHttpClient43Engine.<init>(ManualClosingApacheHttpClient43Engine.java:120)
	at org.jboss.resteasy.client.jaxrs.engines.ApacheHttpClient43Engine.<init>(ApacheHttpClient43Engine.java:29)
	at org.jboss.resteasy.client.jaxrs.engines.ClientHttpEngineBuilder43.createEngine(ClientHttpEngineBuilder43.java:265)
	at org.jboss.resteasy.client.jaxrs.engines.ClientHttpEngineBuilder43.build(ClientHttpEngineBuilder43.java:210)
	... 39 more

Attachments

Activity

People

Assignee:: James Perkins

Reporter:: Adam Anderson (Inactive)

Votes:: 0 Vote for this issue

Watchers:: 1 Start watching this issue

Dates

Created:: 2021/05/06 8:42 PM

Updated:: 2021/07/09 6:39 AM

Resolved:: 2021/05/11 10:21 AM