Uploaded image for project: 'WildFly Core'
  1. WildFly Core
  2. WFCORE-7059

Prepare for the security manager being disabled in Java 24

XMLWordPrintable

    • Icon: Task Task
    • Resolution: Unresolved
    • Icon: Major Major
    • None
    • None
    • Security, Server
    • None

      In Java 24, the security manager is being disabled. The API's will remain until some further releases, but errors will occur if there is an attempt to enable the security manager. WildFly needs to be prepared for this and print a warning, maybe error, if there was an attempt to enable the security manager on Java 24+.

      Currently Elytron attempts to set a policy which produces this exception:

      09:16:21,463 ERROR [org.jboss.msc.service.fail] (MSC service thread 1-6) MSC000001: Failed to start service org.wildfly.security.policy: org.jboss.msc.service.StartException in service org.wildfly.security.policy: Failed to start service
	at org.jboss.msc@1.5.5.Final//org.jboss.msc.service.ServiceControllerImpl$StartTask.execute(ServiceControllerImpl.java:1609)
	at org.jboss.msc@1.5.5.Final//org.jboss.msc.service.ServiceControllerImpl$ControllerTask.run(ServiceControllerImpl.java:1438)
	at org.jboss.threads@2.4.0.Final//org.jboss.threads.ContextClassLoaderSavingRunnable.run(ContextClassLoaderSavingRunnable.java:35)
	at org.jboss.threads@2.4.0.Final//org.jboss.threads.EnhancedQueueExecutor.safeRun(EnhancedQueueExecutor.java:1990)
	at org.jboss.threads@2.4.0.Final//org.jboss.threads.EnhancedQueueExecutor$ThreadBody.doRunTask(EnhancedQueueExecutor.java:1486)
	at org.jboss.threads@2.4.0.Final//org.jboss.threads.EnhancedQueueExecutor$ThreadBody.run(EnhancedQueueExecutor.java:1363)
	at java.base/java.lang.Thread.run(Thread.java:1447)
Caused by: java.lang.RuntimeException: WFLYELY01022: Failed to set policy [java.security.Policy$1@153db5a7]
	at org.wildfly.extension.elytron@27.0.0.Beta3-SNAPSHOT//org.wildfly.extension.elytron.PolicyDefinitions$2$1.setPolicy(PolicyDefinitions.java:209)
	at org.wildfly.extension.elytron@27.0.0.Beta3-SNAPSHOT//org.wildfly.extension.elytron.PolicyDefinitions$2$1.start(PolicyDefinitions.java:185)
	at org.jboss.msc@1.5.5.Final//org.jboss.msc.service.ServiceControllerImpl$StartTask.startService(ServiceControllerImpl.java:1617)
	at org.jboss.msc@1.5.5.Final//org.jboss.msc.service.ServiceControllerImpl$StartTask.execute(ServiceControllerImpl.java:1580)
	... 6 more
Caused by: java.lang.UnsupportedOperationException: Setting a system-wide Policy object is not supported
	at java.base/java.security.Policy.setPolicy(Policy.java:114)
	at org.wildfly.extension.elytron@27.0.0.Beta3-SNAPSHOT//org.wildfly.extension.elytron.PolicyDefinitions$2$1.lambda$setPolicyAction$0(PolicyDefinitions.java:215)
	at org.wildfly.extension.elytron@27.0.0.Beta3-SNAPSHOT//org.wildfly.extension.elytron.PolicyDefinitions$2$1.setPolicy(PolicyDefinitions.java:206)
	... 9 more

      This is due to the default jacc policy. The simple solution will be to remove the policy for testing. However, I'm not sure if we should do anything by default. If we do not think we need to or should do anything by default, feel free to close this issue as "Won't Do"

              Unassigned Unassigned
              jperkins-rhn James Perkins
              Votes:
              0 Vote for this issue
              Watchers:
              3 Start watching this issue

                Created:
                Updated: