axis-java-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Andreas Veithen (JIRA)" <j...@apache.org>
Subject [jira] Updated: (AXIS2-4390) JAXWS: Java2Security Violation Fixes
Date Wed, 17 Jun 2009 19:24:07 GMT

     [ https://issues.apache.org/jira/browse/AXIS2-4390?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]

Andreas Veithen updated AXIS2-4390:
-----------------------------------

    Fix Version/s: 1.6

> JAXWS: Java2Security Violation Fixes
> ------------------------------------
>
>                 Key: AXIS2-4390
>                 URL: https://issues.apache.org/jira/browse/AXIS2-4390
>             Project: Axis 2.0 (Axis2)
>          Issue Type: Bug
>            Reporter: Rich Scheuerle
>            Assignee: Rich Scheuerle
>             Fix For: 1.6
>
>   Original Estimate: 24h
>  Remaining Estimate: 24h
>
> Two Java2Security violations were detected during IBM testing.
> The first violation occurs in org/apache/axis2/jaxws/description/impl/DescriptionUtils.openHandlerConfig
stream.
> The non-priv code causes the handler configuration access to fail.  This can cause user
applications to fail.
> The second violation occurs in the JAX-WS JavaBeanDispatcher while getting the Context
ClassLoader.
> Solution;
>    I am correcting the code to add the appropriate ammount of doPriv stanzas.
> Kudos to Paul Mariduena for his cooperation on the design and testing of these fixes.

-- 
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.


Mime
View raw message