Uploaded image for project: 'RESTEasy'
  1. RESTEasy
  2. RESTEASY-2982

The ClientHttpEngineBuilder43 will fail if the security manager and SSL are enabled

XMLWordPrintable

    • Icon: Bug Bug
    • Resolution: Done
    • Icon: Major Major
    • 6.2.2.Final
    • None
    • None
    • None

      The ClientHttpEngineBuilder43.build() loads the ClientConfigProvider via a service loader. This is not done in a privileged action requiring users to explicitly add permissions. The service loader iteration should happen in a privileged action to avoid the user having to add overly verbose file permissions.

      Snippet
      Iterator clientConfigProviderIterator = ServiceLoader.load(ClientConfigProvider.class).iterator();
      ...
      // Fails here
        } else if (clientConfigProviderIterator.hasNext())
         {
            // delegate creation of socket to ClientConfigProvider implementation
            final ClientConfigProvider configProvider = ((ClientConfigProvider) clientConfigProviderIterator.next());
      

              rsearls r searls
              jperkins-rhn James Perkins
              Votes:
              0 Vote for this issue
              Watchers:
              2 Start watching this issue

                Created:
                Updated:
                Resolved: