openjpa-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Albert Lee (JIRA)" <j...@apache.org>
Subject [jira] Updated: (OPENJPA-339) Java 2 security Access denied in File.toURL() call
Date Fri, 31 Aug 2007 14:46:31 GMT

     [ https://issues.apache.org/jira/browse/OPENJPA-339?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]

Albert Lee updated OPENJPA-339:
-------------------------------

    Attachment: OPENJPA-339.1.patch

Attached patch for the 2 new permission denials.

The "new Thread" scenario is straight forward and needs no explaination.

For the ProxyManagerImpl case, I have in-line the new PrivilegeAction instead of putting them
in J2DoPrivHelper because generateProxyBeanBytecode() is protected qualified, therefore it
can not be call from an action in J2DoPrivHelper. There are also many methods being called
to the Code instance in generateProxyBeanBytecode() that may potentially need the doPriv .
So instead of putting many individual doPriv for Code, the doPriv is moved up to generateProxyBeanBytecode()
 and this only needs one instead.


> Java 2 security Access denied in File.toURL() call
> --------------------------------------------------
>
>                 Key: OPENJPA-339
>                 URL: https://issues.apache.org/jira/browse/OPENJPA-339
>             Project: OpenJPA
>          Issue Type: Bug
>          Components: lib
>    Affects Versions: 0.9.7
>            Reporter: Albert Lee
>            Assignee: Albert Lee
>             Fix For: 1.1.0
>
>         Attachments: OPENJPA-339.1.patch, OPENJPA-339.patch
>
>
> Encounter the following access denial exception when Java 2 security is enabled in application
server environment.
> File.toURL() is not documented which requires security check, however indirectly, the
File.isDirectory() is invoked, which required security permission.
> Exception = java.security.AccessControlException
> Source = com.ibm.ws.security.core.SecurityManager
> probeid = 180
> Stack Dump = java.security.AccessControlException: Access denied (java.io.FilePermission
C:\WAS3\profiles\AppSrv01\installedApps\javajoeNode01Cell\EJB3JPACallbackBeanApp.ear\EJB3JPACallbackWebApp.war\WEB-INF\classes\suite\r70\base\jpaspec\callback\entities\AbstractCallbackEntity.class
read)
>         at java.security.AccessController.checkPermission(AccessController.java:104)
>         at java.lang.SecurityManager.checkPermission(SecurityManager.java:547)
>         at com.ibm.ws.security.core.SecurityManager.checkPermission(SecurityManager.java:189)
>         at java.lang.SecurityManager.checkRead(SecurityManager.java:886)
>         at java.io.File.isDirectory(File.java:747)
>         at java.io.File.toURL(File.java:620)
>         at org.apache.openjpa.lib.meta.FileMetaDataIterator.next(FileMetaDataIterator.java:114)
>         at org.apache.openjpa.lib.meta.ClassArgParser.mapTypeNames(ClassArgParser.java:283)
>         at org.apache.openjpa.meta.AbstractCFMetaDataFactory.scan(AbstractCFMetaDataFactory.java:778)
>         at org.apache.openjpa.meta.AbstractCFMetaDataFactory.parsePersistentTypeNames(AbstractCFMetaDataFactory.java:637)
>         at org.apache.openjpa.meta.AbstractCFMetaDataFactory.getPersistentTypeNames(AbstractCFMetaDataFactory.java:605)
>         at org.apache.openjpa.meta.MetaDataRepository.getPersistentTypeNames(MetaDataRepository.java:1214)
>         at org.apache.openjpa.meta.MetaDataRepository.loadPersistentTypes(MetaDataRepository.java:1231)
>         at org.apache.openjpa.kernel.AbstractBrokerFactory.loadPersistentTypes(AbstractBrokerFactory.java:245)
>         at org.apache.openjpa.kernel.AbstractBrokerFactory.newBroker(AbstractBrokerFactory.java:197)
>         at org.apache.openjpa.kernel.DelegatingBrokerFactory.newBroker(DelegatingBrokerFactory.java:142)
>         at org.apache.openjpa.persistence.EntityManagerFactoryImpl.createEntityManager(EntityManagerFactoryImpl.java:190)
>         at com.ibm.ws.persistence.EntityManagerFactoryImpl.createEntityManager(EntityManagerFactoryImpl.java:37)
>         at com.ibm.ws.persistence.EntityManagerFactoryImpl.createEntityManager(EntityManagerFactoryImpl.java:28)

-- 
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.


Mime
View raw message