hc-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Gary Gregory (JIRA)" <j...@apache.org>
Subject [jira] [Comment Edited] (HTTPASYNC-124) Add doPrivileged blocks to async client and connection manager builders
Date Fri, 21 Jul 2017 04:02:00 GMT

    [ https://issues.apache.org/jira/browse/HTTPASYNC-124?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16095742#comment-16095742
] 

Gary Gregory edited comment on HTTPASYNC-124 at 7/21/17 4:01 AM:
-----------------------------------------------------------------

In git master. Please verify and close. This will be in HttpClient 5 which merges in the async
client into the main client module (unlike 4.x.)


was (Author: garydgregory):
In git master. Please verify and close.

> Add doPrivileged blocks to async client and connection manager builders 
> ------------------------------------------------------------------------
>
>                 Key: HTTPASYNC-124
>                 URL: https://issues.apache.org/jira/browse/HTTPASYNC-124
>             Project: HttpComponents HttpAsyncClient
>          Issue Type: Improvement
>            Reporter: Jay Modi
>         Attachments: builder_do_privileged.patch
>
>
> If a Java security manager is present and restricting actions (like the one used in elasticsearch),
permissions need to be granted to the code using the HttpAsyncClientBuilder when using the
`useSystemProperties` options and the call to the HttpAsyncClientBuilder#build method must
be wrapped in a AccessController#doPrivileged block. The retrieval of system properties and
the default proxy are the operations performed by the HttpAsyncClientBuilder that require
permissions to be granted or an AccessControlException will be thrown.
> In order to restrict the granting of privileges to the least amount of code necessary,
the HttpAsyncClientBuilder can wrap the privileged operations in a AccessController#doPrivileged
block. This would allow code that makes use of the HttpAsyncClient to restrict the permission
granting to the async client jar file.
> Attached is a patch that adds the AccessController#doPrivileged blocks. This relates
to work done in https://github.com/elastic/elasticsearch/pull/25757.



--
This message was sent by Atlassian JIRA
(v6.4.14#64029)

---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@hc.apache.org
For additional commands, e-mail: dev-help@hc.apache.org


Mime
View raw message