You are viewing a plain text version of this content. The canonical link for it is here.

Posted to dev@openwebbeans.apache.org by "YING WANG (JIRA)" <ji...@apache.org> on 2010/04/09 03:27:00 UTC

[jira] Assigned: (OWB-312) Add dopriv's to allow OWB to function with java 2 security enabled

     [ https://issues.apache.org/jira/browse/OWB-312?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]

YING WANG reassigned OWB-312:
-----------------------------

    Assignee: YING WANG  (was: Gurkan Erdogdu)

> Add dopriv's to allow OWB to function with java 2 security enabled
> ------------------------------------------------------------------
>
>                 Key: OWB-312
>                 URL: https://issues.apache.org/jira/browse/OWB-312
>             Project: OpenWebBeans
>          Issue Type: Bug
>          Components: Core
>    Affects Versions: M4
>            Reporter: Jacquelle Leggett
>            Assignee: YING WANG
>             Fix For: 1.0.0
>
>
> When using OWB with java 2 security enabled, my application requires the following permissions:
>   permission java.lang.reflect.ReflectPermission "suppressAccessChecks";
>   permission java.lang.RuntimePermission "accessDeclaredMembers";
>   permission java.lang.RuntimePermission "getClassLoader";
>   permission java.lang.RuntimePermission "getProtectionDomain"; 
> The associated errors do not appear to be strategic security exceptions; therefore, dopriv blocks should be added to the appropriate sections of code.  Adding dopriv blocks to AnnotationUtil and ClassUtil, will resolve most of the issues based on the SecurityExceptions I saw.
> java.security.AccessControlException: Access denied (java.lang.RuntimePermission accessDeclaredMembers)
> 	at java.security.AccessController.checkPermission(AccessController.java:108)
> 	at java.lang.SecurityManager.checkPermission(SecurityManager.java:533)
> 	at com.ibm.ws.security.core.SecurityManager.checkPermission(SecurityManager.java:212)
> 	at java.lang.SecurityManager.checkMemberAccess(SecurityManager.java:1678)
> 	at java.lang.Class.checkMemberAccess(Class.java:109)
> 	at java.lang.Class.getDeclaredMethods(Class.java:668)
> 	at org.apache.webbeans.util.AnnotationUtil.hasAnnotationMember(AnnotationUtil.java:457)
> 	at org.apache.webbeans.container.InjectionResolver.findByQualifier(InjectionResolver.java:523)
> 	at org.apache.webbeans.container.InjectionResolver.implResolveByType(InjectionResolver.java:410)

-- 
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.