Loading...

XML

Word

Printable

Details

Type: Bug
Resolution: Done
Priority: Minor
Fix Version/s: 11.0.0.Alpha1
Affects Version/s: 10.1.0.Final
Component/s: EJB, Security Manager
Labels:
None

Steps to Reproduce:
Hide

Run test and remove there `RuntimePermission`s from method defining the deployment

./integration-tests.sh clean install -Dts.noSmoke -Dts.basic -Dtest=DynamicMessageListenerTestCase -Dsecurity.manager
Show
Run test and remove there `RuntimePermission`s from method defining the deployment ./integration-tests.sh clean install -Dts.noSmoke -Dts.basic -Dtest=DynamicMessageListenerTestCase -Dsecurity.manager
Git Pull Request:
https://github.com/wildfly-security-incubator/wildfly/pull/150

Description

When RAR is deployed the EJB endpoint creation requires too much RuntimePermission to be defined in deployment itself. It's needed to define

new RuntimePermission("accessDeclaredMembers")
new RuntimePermission("defineClassInPackage.*")
new RuntimePermission("getClassLoader")

These permissions should not be required as are needed by internal endpoind creation operations launched from org.jboss.as.ejb3.inflow.JBossMessageEndpointFactory

Stacktraces of security manager exceptions are added in attachment.

Attachments

- Sort By Name
- Sort By Date
- Ascending
- Descending
- Thumbnails
- List
- Download All

getClassLoader-permission-stacktrace.txt
6 kB
2017/03/09 9:34 AM

Activity

People

Assignee:: Ondrej Chaloupka (Inactive)

Reporter:: Ondrej Chaloupka (Inactive)

Votes:: 0 Vote for this issue

Watchers:: 2 Start watching this issue

Dates

Created:: 2017/03/09 9:35 AM

Updated:: 2017/12/06 11:53 AM

Resolved:: 2017/03/13 5:47 PM