Uploaded image for project: 'WildFly'
  1. WildFly
  2. WFLY-21514

Appclient module resources are visible to to the web container, EJB container and other appclient modules, contrary to EE spec

XMLWordPrintable

      Other ear submodules should not have visibility to resources in application client archives. See 'must not have access' discussions in:

      https://jakarta.ee/specifications/platform/10/jakarta-platform-spec-10.0#a3046
      https://jakarta.ee/specifications/platform/10/jakarta-platform-spec-10.0#jakarta-enterprise-beans-container-class-loading-requirements
      https://jakarta.ee/specifications/platform/10/jakarta-platform-spec-10.0#application-client-container-class-loading-requirements

      In WildFly they do. The EE 11 TCK has changed how the packaging of some EARs is done, resulting in the same class appearing in both an appclient jar and other modules in the ear, which has exposed the missing isolation. The requirements above are not new in EE 11 though.

      The original report:

      During Jakarta EE 11 Platform TCK testing we are seeing the following server failure:

        at io.undertow.servlet@2.0.0.Alpha2//io.undertow.servlet.handlers.ServletDispatchingHandler.handleRequest(ServletDispatchingHandler.java:36)
    at org.wildfly.security.elytron-web.undertow-server@4.1.2.Final//org.wildfly.elytron.web.undertow.server.ElytronRunAsHandler.lambda$handleRequest$1(ElytronRunAsHandler.java:68)
    at org.wildfly.security.elytron-base@2.8.3.Final//org.wildfly.security.auth.server.FlexibleIdentityAssociation.runAsFunctionEx(FlexibleIdentityAssociation.java:103)
    at org.wildfly.security.elytron-base@2.8.3.Final//org.wildfly.security.auth.server.Scoped.runAsFunctionEx(Scoped.java:161)
    at org.wildfly.security.elytron-base@2.8.3.Final//org.wildfly.security.auth.server.Scoped.runAs(Scoped.java:73)
    at org.wildfly.security.elytron-web.undertow-server@4.1.2.Final//org.wildfly.elytron.web.undertow.server.ElytronRunAsHandler.handleRequest(ElytronRunAsHandler.java:67)
    at io.undertow.servlet@2.0.0.Alpha2//io.undertow.servlet.handlers.RedirectDirHandler.handleRequest(RedirectDirHandler.java:68)
    at io.undertow.servlet@2.0.0.Alpha2//io.undertow.servlet.handlers.security.SSLInformationAssociationHandler.handleRequest(SSLInformationAssociationHandler.java:121)
    at io.undertow.servlet@2.0.0.Alpha2//io.undertow.servlet.handlers.security.ServletAuthenticationCallHandler.handleRequest(ServletAuthenticationCallHandler.java:57)
    at io.undertow.core@2.4.0.Alpha1//io.undertow.server.handlers.PredicateHandler.handleRequest(PredicateHandler.java:43)
    at io.undertow.core@2.4.0.Alpha1//io.undertow.security.handlers.AbstractConfidentialityHandler.handleRequest(AbstractConfidentialityHandler.java:46)
    at io.undertow.servlet@2.0.0.Alpha2//io.undertow.servlet.handlers.security.ServletConfidentialityConstraintHandler.handleRequest(ServletConfidentialityConstraintHandler.java:64)
    at io.undertow.core@2.4.0.Alpha1//io.undertow.security.handlers.AbstractSecurityContextAssociationHandler.handleRequest(AbstractSecurityContextAssociationHandler.java:43)
    at org.wildfly.security.elytron-web.undertow-server-servlet@4.1.2.Final//org.wildfly.elytron.web.undertow.server.servlet.CleanUpHandler.handleRequest(CleanUpHandler.java:38)
    at io.undertow.core@2.4.0.Alpha1//io.undertow.server.handlers.PredicateHandler.handleRequest(PredicateHandler.java:43)
    at org.wildfly.extension.undertow@40.0.0.Beta1-SNAPSHOT//org.wildfly.extension.undertow.deployment.ControlPointDeploymentInfoConfigurator$ControlPointRequestAttributeHandler.handleRequest(ControlPointDeploymentInfoConfigurator.java:175)
    at org.wildfly.extension.undertow@40.0.0.Beta1-SNAPSHOT//org.wildfly.extension.undertow.security.jacc.JACCContextIdHandler.handleRequest(JACCContextIdHandler.java:44)
    at io.undertow.core@2.4.0.Alpha1//io.undertow.server.handlers.PredicateHandler.handleRequest(PredicateHandler.java:43)
    at io.undertow.servlet@2.0.0.Alpha2//io.undertow.servlet.handlers.SendErrorPageHandler.handleRequest(SendErrorPageHandler.java:52)
    at io.undertow.core@2.4.0.Alpha1//io.undertow.server.handlers.PredicateHandler.handleRequest(PredicateHandler.java:43)
    at io.undertow.servlet@2.0.0.Alpha2//io.undertow.servlet.handlers.ServletInitialHandler.handleFirstRequest(ServletInitialHandler.java:271)
    at io.undertow.servlet@2.0.0.Alpha2//io.undertow.servlet.handlers.ServletInitialHandler$1.call(ServletInitialHandler.java:130)
    at io.undertow.servlet@2.0.0.Alpha2//io.undertow.servlet.handlers.ServletInitialHandler$1.call(ServletInitialHandler.java:127)
    at io.undertow.servlet@2.0.0.Alpha2//io.undertow.servlet.core.ServletRequestContextThreadSetupAction$1.call(ServletRequestContextThreadSetupAction.java:48)
    at io.undertow.servlet@2.0.0.Alpha2//io.undertow.servlet.core.ContextClassLoaderSetupAction$1.call(ContextClassLoaderSetupAction.java:43)
    at org.wildfly.extension.undertow@40.0.0.Beta1-SNAPSHOT//org.wildfly.extension.undertow.deployment.ControlPointDeploymentInfoConfigurator$1.call(ControlPointDeploymentInfoConfigurator.java:100)
    at org.wildfly.extension.undertow@40.0.0.Beta1-SNAPSHOT//org.wildfly.extension.undertow.deployment.UndertowDeploymentInfoService$UndertowThreadSetupAction.lambda$create$0(UndertowDeploymentInfoService.java:1431)
    at org.wildfly.extension.undertow@40.0.0.Beta1-SNAPSHOT//org.wildfly.extension.undertow.deployment.UndertowDeploymentInfoService$UndertowThreadSetupAction.lambda$create$0(UndertowDeploymentInfoService.java:1431)
    at org.wildfly.extension.undertow@40.0.0.Beta1-SNAPSHOT//org.wildfly.extension.undertow.deployment.UndertowDeploymentInfoService$UndertowThreadSetupAction.lambda$create$0(UndertowDeploymentInfoService.java:1431)
    at org.wildfly.extension.undertow@40.0.0.Beta1-SNAPSHOT//org.wildfly.extension.undertow.deployment.UndertowDeploymentInfoService$UndertowThreadSetupAction.lambda$create$0(UndertowDeploymentInfoService.java:1431)
    at org.wildfly.extension.undertow@40.0.0.Beta1-SNAPSHOT//org.wildfly.extension.undertow.deployment.UndertowDeploymentInfoService$UndertowThreadSetupAction.lambda$create$0(UndertowDeploymentInfoService.java:1431)
    at io.undertow.servlet@2.0.0.Alpha2//io.undertow.servlet.handlers.ServletInitialHandler.dispatchRequest(ServletInitialHandler.java:251)
    at io.undertow.servlet@2.0.0.Alpha2//io.undertow.servlet.handlers.ServletInitialHandler.lambda$new$1(ServletInitialHandler.java:99)
    at io.undertow.core@2.4.0.Alpha1//io.undertow.server.Connectors.executeRootHandler(Connectors.java:418)
    at io.undertow.core@2.4.0.Alpha1//io.undertow.server.HttpServerExchange$1.run(HttpServerExchange.java:901)
    at org.jboss.threads@3.9.2//org.jboss.threads.ContextHandler$1.runWith(ContextHandler.java:18)
    at org.jboss.threads@3.9.2//org.jboss.threads.EnhancedQueueExecutor$Task.doRunWith(EnhancedQueueExecutor.java:2651)
    at org.jboss.threads@3.9.2//org.jboss.threads.EnhancedQueueExecutor$Task.run(EnhancedQueueExecutor.java:2630)
    at org.jboss.threads@3.9.2//org.jboss.threads.EnhancedQueueExecutor$ThreadBody.run(EnhancedQueueExecutor.java:1586)
    at org.jboss.xnio@3.8.16.Final//org.xnio.XnioWorker$WorkerThreadFactory$1$1.run(XnioWorker.java:1282)
    at java.base/java.lang.Thread.run(Thread.java:1474)
Caused by: java.lang.IllegalStateException: WFLYEE0042: Failed to construct component instance
    at org.jboss.as.ee@40.0.0.Beta1-SNAPSHOT//org.jboss.as.ee.component.BasicComponent.constructComponentInstance(BasicComponent.java:153)
    at org.jboss.as.ee@40.0.0.Beta1-SNAPSHOT//org.jboss.as.ee.component.BasicComponent.constructComponentInstance(BasicComponent.java:124)
    at org.jboss.as.ee@40.0.0.Beta1-SNAPSHOT//org.jboss.as.ee.component.BasicComponent.createInstance(BasicComponent.java:71)
    at org.jboss.as.ee@40.0.0.Beta1-SNAPSHOT//org.jboss.as.ee.component.ComponentRegistry$ComponentManagedReferenceFactory.getReference(ComponentRegistry.java:146)
    at org.wildfly.extension.undertow@40.0.0.Beta1-SNAPSHOT//org.wildfly.extension.undertow.deployment.UndertowDeploymentInfoService$6.createInstance(UndertowDeploymentInfoService.java:1127)
    at io.undertow.servlet@2.0.0.Alpha2//io.undertow.servlet.core.ManagedServlet$DefaultInstanceStrategy.start(ManagedServlet.java:309)
    ... 44 more
Caused by: java.lang.IllegalArgumentException: WFLYEE0117: Field injectedBean cannot be set - object of class com.sun.ts.tests.common.vehicle.appmanagedNoTx.AppManagedNoTxVehicleIF$$$view1 loaded by ModuleClassLoader for Module "deployment.jpa_core_query_apitests_vehicles.ear.jpa_core_query_apitests_appmanagedNoTx_vehicle_ejb.jar" from Service Module Loader is not assignable to interface com.sun.ts.tests.common.vehicle.appmanagedNoTx.AppManagedNoTxVehicleIF loaded by ModuleClassLoader for Module "deployment.jpa_core_query_apitests_vehicles.ear.jpa_core_query_apitests_vehicles_client.jar" from Service Module Loader
    at org.jboss.as.ee@40.0.0.Beta1-SNAPSHOT//org.jboss.as.ee.component.ManagedReferenceFieldInjectionInterceptorFactory$ManagedReferenceFieldInjectionInterceptor.processInvocation(ManagedReferenceFieldInjectionInterceptorFactory.java:93)
    at org.jboss.invocation@2.0.1.Final//org.jboss.invocation.InterceptorContext.proceed(InterceptorContext.java:422)
    at org.jboss.as.ee@40.0.0.Beta1-SNAPSHOT//org.jboss.as.ee.component.AroundConstructInterceptorFactory$1.processInvocation(AroundConstructInterceptorFactory.java:33)
    at org.jboss.invocation@2.0.1.Final//org.jboss.invocation.InterceptorContext.proceed(InterceptorContext.java:422)
    at org.wildfly.concurrency@40.0.0.Beta1-SNAPSHOT//org.jboss.as.ee.concurrent.ConcurrentContextInterceptor.processInvocation(ConcurrentContextInterceptor.java:28)
    at org.jboss.invocation@2.0.1.Final//org.jboss.invocation.InterceptorContext.proceed(InterceptorContext.java:422)
    at org.jboss.invocation@2.0.1.Final//org.jboss.invocation.ContextClassLoaderInterceptor.processInvocation(ContextClassLoaderInterceptor.java:60)
    at org.jboss.invocation@2.0.1.Final//org.jboss.invocation.InterceptorContext.proceed(InterceptorContext.java:422)
    at org.jboss.invocation@2.0.1.Final//org.jboss.invocation.ChainedInterceptor.processInvocation(ChainedInterceptor.java:53)

      The TCK test ear contains the following files:

      jpa_core_query_apitests_appmanagedNoTx_vehicle_ejb.jar
      jpa_core_query_apitests_vehicles_client.jar
      lib/jpa_core_query_apitests.jar
      lib/
      lib/arquillian-junit5.jar
      lib/arquillian-testenricher-ejb-jakarta.jar
      lib/arquillian-testenricher-cdi-jakarta.jar
      lib/arquillian-testenricher-initialcontext.jar
      lib/arquillian-testenricher-resource-jakarta.jar
      lib/arquillian-core.jar
      lib/wildfly-common-testencricher.jar
      lib/arquillian-protocol-lib.jar
      appmanagedNoTx_vehicle_web.war

      The jpa_core_query_apitests_appmanagedNoTx_vehicle_ejb.jar contains:

      com/sun/ts/lib/harness/Fault.class
      com/sun/ts/lib/harness/SetupException.class
      com/sun/ts/tests/common/base/EETest.class
      com/sun/ts/tests/common/base/ServiceEETest.class
      com/sun/ts/tests/common/vehicle/VehicleClient.class
      com/sun/ts/tests/common/vehicle/VehicleRunnable.class
      com/sun/ts/tests/common/vehicle/ejb3share/EJB3ShareBaseBean.class
      com/sun/ts/tests/common/vehicle/VehicleRunnerFactory.class
      com/sun/ts/tests/common/vehicle/appmanagedNoTx/AppManagedNoTxVehicleBean.class
      com/sun/ts/tests/common/vehicle/appmanagedNoTx/AppManagedNoTxVehicleIF.class
      com/sun/ts/tests/common/vehicle/ejb3share/EJB3ShareIF.class
      com/sun/ts/tests/common/vehicle/ejb3share/UseEntityManager.class
      com/sun/ts/tests/common/vehicle/ejb3share/UseEntityManagerFactory.class
      com/sun/ts/tests/common/vehicle/ejb3share/EntityTransactionWrapper.class
      com/sun/ts/tests/common/vehicle/ejb3share/NoopTransactionWrapper.class
      ee/jakarta/tck/persistence/common/PMClientBase.class
      com/sun/ts/tests/common/vehicle/ejb3share/UserTransactionWrapper.class
      ee/jakarta/tck/persistence/core/query/apitests/Client1.class

      jpa_core_query_apitests_vehicles_client.jar contains:

      jar tf jpa_core_query_apitests_vehicles_client.jar
      com/sun/ts/tests/common/vehicle/VehicleRunnerFactory.class
      com/sun/ts/tests/common/vehicle/appmanagedNoTx/AppManagedNoTxVehicleIF.class
      com/sun/ts/tests/common/vehicle/appmanagedNoTx/
      com/sun/ts/tests/common/vehicle/ejb3share/UseEntityManager.class
      com/sun/ts/tests/common/vehicle/ejb3share/
      com/sun/ts/tests/common/vehicle/ejb3share/EJB3ShareIF.class
      com/sun/ts/lib/harness/Fault.class
      com/sun/ts/tests/common/vehicle/ejb3share/UseEntityManagerFactory.class
      com/sun/ts/tests/common/vehicle/EmptyVehicleRunner.class
      ee/jakarta/tck/persistence/common/PMClientBase.class
      com/sun/ts/tests/common/vehicle/appmanagedNoTx/AppManagedNoTxVehicleRunner.class
      com/sun/ts/tests/common/vehicle/web/AltWebVehicleRunner.class
      com/sun/ts/tests/common/vehicle/VehicleRunnable.class
      com/sun/ts/tests/common/vehicle/ejb3share/UserTransactionWrapper.class
      com/sun/ts/tests/common/base/EETest.class
      com/sun/ts/tests/common/base/ServiceEETest.class
      com/sun/ts/tests/common/vehicle/ejb3share/EntityTransactionWrapper.class
      com/sun/ts/lib/harness/SetupException.class
      com/sun/ts/tests/common/vehicle/VehicleClient.class
      com/sun/ts/tests/common/vehicle/ejb3share/NoopTransactionWrapper.class
      ee/jakarta/tck/persistence/core/query/apitests/Client4.class
      ee/jakarta/tck/persistence/core/query/apitests/Client4AppmanagednotxTest.class
      META-INF/application-client.xml
      META-INF/MANIFEST.MF

      appmanagedNoTx_vehicle_web.war contains:

      WEB-INF/classes/com/sun/ts/tests/common/vehicle/servlet/ServletVehicle.class
      WEB-INF/classes/com/sun/ts/tests/common/vehicle/web/AltWebVehicleRunner.class
      WEB-INF/classes/com/sun/ts/tests/common/vehicle/appmanagedNoTx/AppManagedNoTxServletVehicle.class

              bstansbe@redhat.com Brian Stansberry
              smarlow1@redhat.com Scott Marlow
              Votes:
              0 Vote for this issue
              Watchers:
              1 Start watching this issue

                Created:
                Updated:
                Resolved: