tuscany-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Kaushik Mukherjee (Updated) (JIRA)" <...@tuscany.apache.org>
Subject [jira] [Updated] (TUSCANY-4030) AccessControlException when trying to read schemas with Java 2 security enabled
Date Tue, 20 Mar 2012 15:05:39 GMT

     [ https://issues.apache.org/jira/browse/TUSCANY-4030?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]

Kaushik Mukherjee updated TUSCANY-4030:
---------------------------------------

    Attachment: TUSCANY-4030v2.patch

Updated the patch to use doPrivileged calls for all occurrences 
                
> AccessControlException when trying to read schemas with Java 2 security enabled
> -------------------------------------------------------------------------------
>
>                 Key: TUSCANY-4030
>                 URL: https://issues.apache.org/jira/browse/TUSCANY-4030
>             Project: Tuscany
>          Issue Type: Bug
>            Reporter: Kaushik Mukherjee
>         Attachments: TUSCANY-4030v2.patch
>
>
> I believe we need to wrap line 183 in the XSDModelResolver with an AccessController.doPrivileged
so we can read a schema when java 2 security is enabled. Working on a patch now.
>                 InputSource xsd = null;
>                 final XSDefinition finaldef = definition;
>                 try {
>                     try {
>                         xsd = (InputSource) AccessController.doPrivileged(new PrivilegedExceptionAction<InputSource>()
{
>                             public InputSource run() throws IOException {
>                                 return XMLDocumentHelper.getInputSource(finaldef.getLocation().toURL());
>                             }
>                         });
>                     } catch (PrivilegedActionException e) {
>                         throw (IOException) e.getException();
>                     }
>                 } catch (IOException e) {
>                     throw new ContributionRuntimeException(e);
>                 }
> java.security.AccessControlException: Access denied (java.io.FilePermission C:\WAS\was85a\profiles\AppSrv01\installedAssets\sdoscope-shared-oasis.jar\BASE\sdoscope-shared-oasis.jar
read)
> 	at java.security.AccessController.checkPermission(AccessController.java:132)
> 	at java.lang.SecurityManager.checkPermission(SecurityManager.java:544)
> 	at com.ibm.ws.security.core.SecurityManager.checkPermission(SecurityManager.java:208)
> 	at java.lang.SecurityManager.checkRead(SecurityManager.java:883)
> 	at java.util.zip.ZipFile.<init>(ZipFile.java:145)
> 	at java.util.jar.JarFile.<init>(JarFile.java:149)
> 	at java.util.jar.JarFile.<init>(JarFile.java:86)
> 	at sun.net.www.protocol.jar.URLJarFile.<init>(URLJarFile.java:84)
> 	at sun.net.www.protocol.jar.URLJarFile.getJarFile(URLJarFile.java:60)
> 	at sun.net.www.protocol.jar.JarFileFactory.get(JarFileFactory.java:92)
> 	at sun.net.www.protocol.jar.JarURLConnection.connect(JarURLConnection.java:119)
> 	at sun.net.www.protocol.jar.JarURLConnection.getInputStream(JarURLConnection.java:147)
> 	at org.apache.tuscany.sca.common.xml.XMLDocumentHelper.openStream(XMLDocumentHelper.java:139)
> 	at org.apache.tuscany.sca.common.xml.XMLDocumentHelper.getInputSource(XMLDocumentHelper.java:129)
> 	at org.apache.tuscany.sca.xsd.xml.XSDModelResolver.loadOnDemand(XSDModelResolver.java:183)
> 	at org.apache.tuscany.sca.xsd.xml.XSDModelResolver.aggregate(XSDModelResolver.java:224)
> 	at org.apache.tuscany.sca.xsd.xml.XSDModelResolver.resolveModel(XSDModelResolver.java:123)
> 	at org.apache.tuscany.sca.contribution.resolver.ExtensibleModelResolver.resolveModel(ExtensibleModelResolver.java:154)

--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators: https://issues.apache.org/jira/secure/ContactAdministrators!default.jspa
For more information on JIRA, see: http://www.atlassian.com/software/jira

        

Mime
View raw message