tomee-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Romain Manni-Bucau (JIRA)" <j...@apache.org>
Subject [jira] [Commented] (TOMEE-2013) Java PropertyPermisssion
Date Tue, 07 Feb 2017 10:45:41 GMT

    [ https://issues.apache.org/jira/browse/TOMEE-2013?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=15855727#comment-15855727
] 

Romain Manni-Bucau commented on TOMEE-2013:
-------------------------------------------

Oh get it,

There is no "plan" as such to wrap it in a security manager (if not null) call but nothing
blocking if you send us a patch fixing it.

> Java PropertyPermisssion
> ------------------------
>
>                 Key: TOMEE-2013
>                 URL: https://issues.apache.org/jira/browse/TOMEE-2013
>             Project: TomEE
>          Issue Type: Bug
>          Components: TomEE Core Server
>    Affects Versions: 7.0.2
>            Reporter: Magesh
>              Labels: security
>         Attachments: Logger.java, openejb-core-7.0.2.jar, Security_Permissions_openejb.txt
>
>
> Hi,
>   We are using TOMEE server (apache-tomee-plus-7.0.2) to deploy our applications which
uses EJBs. When we run the server with security mode enabled, applications are not getting
deployed without the below permission.
> permission java.util.PropertyPermission "*", "read,write";
> We did some changes to the openejb-core-7.0.2.jar file in the classes org.apache.openejb.core.transaction.EjbTransactionUtil,
org.apache.openejb.core.transaction.JtaTransactionPolicy
> After the changes were made the following specific permissions were required.
>                permission java.util.PropertyPermission "javax.persistence.transactionType",
"read";
>                permission java.util.PropertyPermission "javax.persistence.schema-generation.database.action",
"read";
>                permission java.util.PropertyPermission "javax.persistence.schema-generation.scripts.action",
"read";
>                permission java.util.PropertyPermission "javax.persistence.jdbc.user",
"read";
>                permission java.util.PropertyPermission "javax.persistence.jdbc.password",
"read";
>                permission java.util.PropertyPermission "javax.persistence.jtaDataSource",
"read";
>                permission java.util.PropertyPermission "javax.persistence.nonJtaDataSource",
"read";
>                permission java.util.PropertyPermission "javax.persistence.lock.timeout",
"read";
>                permission java.util.PropertyPermission "javax.persistence.query.timeout",
"read";
>                permission java.util.PropertyPermission "javax.persistence.schema-generation.connection",
"read";
>                permission java.util.PropertyPermission "javax.persistence.sql-load-script-source",
"read";
>                permission java.util.PropertyPermission "org.eclipse.persistence.querymonitor",
"read";
> Will this be addressed in the future release or else the permissions are required.



--
This message was sent by Atlassian JIRA
(v6.3.15#6346)

Mime
View raw message