You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@openjpa.apache.org by "Albert Lee (JIRA)" <ji...@apache.org> on 2007/08/27 19:23:30 UTC
[jira] Created: (OPENJPA-339) Java 2 security Access denied in
File.toURL() call
Java 2 security Access denied in File.toURL() call
--------------------------------------------------
Key: OPENJPA-339
URL: https://issues.apache.org/jira/browse/OPENJPA-339
Project: OpenJPA
Issue Type: Bug
Components: lib
Affects Versions: 0.9.7
Reporter: Albert Lee
Fix For: 1.0.0
Encounter the following access denial exception when Java 2 security is enabled in application server environment.
File.toURL() is not documented which requires security check, however indirectly, the File.isDirectory() is invoked, which required security permission.
Exception = java.security.AccessControlException
Source = com.ibm.ws.security.core.SecurityManager
probeid = 180
Stack Dump = java.security.AccessControlException: Access denied (java.io.FilePermission C:\WAS3\profiles\AppSrv01\installedApps\javajoeNode01Cell\EJB3JPACallbackBeanApp.ear\EJB3JPACallbackWebApp.war\WEB-INF\classes\suite\r70\base\jpaspec\callback\entities\AbstractCallbackEntity.class read)
at java.security.AccessController.checkPermission(AccessController.java:104)
at java.lang.SecurityManager.checkPermission(SecurityManager.java:547)
at com.ibm.ws.security.core.SecurityManager.checkPermission(SecurityManager.java:189)
at java.lang.SecurityManager.checkRead(SecurityManager.java:886)
at java.io.File.isDirectory(File.java:747)
at java.io.File.toURL(File.java:620)
at org.apache.openjpa.lib.meta.FileMetaDataIterator.next(FileMetaDataIterator.java:114)
at org.apache.openjpa.lib.meta.ClassArgParser.mapTypeNames(ClassArgParser.java:283)
at org.apache.openjpa.meta.AbstractCFMetaDataFactory.scan(AbstractCFMetaDataFactory.java:778)
at org.apache.openjpa.meta.AbstractCFMetaDataFactory.parsePersistentTypeNames(AbstractCFMetaDataFactory.java:637)
at org.apache.openjpa.meta.AbstractCFMetaDataFactory.getPersistentTypeNames(AbstractCFMetaDataFactory.java:605)
at org.apache.openjpa.meta.MetaDataRepository.getPersistentTypeNames(MetaDataRepository.java:1214)
at org.apache.openjpa.meta.MetaDataRepository.loadPersistentTypes(MetaDataRepository.java:1231)
at org.apache.openjpa.kernel.AbstractBrokerFactory.loadPersistentTypes(AbstractBrokerFactory.java:245)
at org.apache.openjpa.kernel.AbstractBrokerFactory.newBroker(AbstractBrokerFactory.java:197)
at org.apache.openjpa.kernel.DelegatingBrokerFactory.newBroker(DelegatingBrokerFactory.java:142)
at org.apache.openjpa.persistence.EntityManagerFactoryImpl.createEntityManager(EntityManagerFactoryImpl.java:190)
at com.ibm.ws.persistence.EntityManagerFactoryImpl.createEntityManager(EntityManagerFactoryImpl.java:37)
at com.ibm.ws.persistence.EntityManagerFactoryImpl.createEntityManager(EntityManagerFactoryImpl.java:28)
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.
[jira] Assigned: (OPENJPA-339) Java 2 security Access denied in
File.toURL() call
Posted by "Kevin Sutter (JIRA)" <ji...@apache.org>.
[ https://issues.apache.org/jira/browse/OPENJPA-339?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Kevin Sutter reassigned OPENJPA-339:
------------------------------------
Assignee: Albert Lee
> Java 2 security Access denied in File.toURL() call
> --------------------------------------------------
>
> Key: OPENJPA-339
> URL: https://issues.apache.org/jira/browse/OPENJPA-339
> Project: OpenJPA
> Issue Type: Bug
> Components: lib
> Affects Versions: 0.9.7
> Reporter: Albert Lee
> Assignee: Albert Lee
> Fix For: 1.0.0
>
>
> Encounter the following access denial exception when Java 2 security is enabled in application server environment.
> File.toURL() is not documented which requires security check, however indirectly, the File.isDirectory() is invoked, which required security permission.
> Exception = java.security.AccessControlException
> Source = com.ibm.ws.security.core.SecurityManager
> probeid = 180
> Stack Dump = java.security.AccessControlException: Access denied (java.io.FilePermission C:\WAS3\profiles\AppSrv01\installedApps\javajoeNode01Cell\EJB3JPACallbackBeanApp.ear\EJB3JPACallbackWebApp.war\WEB-INF\classes\suite\r70\base\jpaspec\callback\entities\AbstractCallbackEntity.class read)
> at java.security.AccessController.checkPermission(AccessController.java:104)
> at java.lang.SecurityManager.checkPermission(SecurityManager.java:547)
> at com.ibm.ws.security.core.SecurityManager.checkPermission(SecurityManager.java:189)
> at java.lang.SecurityManager.checkRead(SecurityManager.java:886)
> at java.io.File.isDirectory(File.java:747)
> at java.io.File.toURL(File.java:620)
> at org.apache.openjpa.lib.meta.FileMetaDataIterator.next(FileMetaDataIterator.java:114)
> at org.apache.openjpa.lib.meta.ClassArgParser.mapTypeNames(ClassArgParser.java:283)
> at org.apache.openjpa.meta.AbstractCFMetaDataFactory.scan(AbstractCFMetaDataFactory.java:778)
> at org.apache.openjpa.meta.AbstractCFMetaDataFactory.parsePersistentTypeNames(AbstractCFMetaDataFactory.java:637)
> at org.apache.openjpa.meta.AbstractCFMetaDataFactory.getPersistentTypeNames(AbstractCFMetaDataFactory.java:605)
> at org.apache.openjpa.meta.MetaDataRepository.getPersistentTypeNames(MetaDataRepository.java:1214)
> at org.apache.openjpa.meta.MetaDataRepository.loadPersistentTypes(MetaDataRepository.java:1231)
> at org.apache.openjpa.kernel.AbstractBrokerFactory.loadPersistentTypes(AbstractBrokerFactory.java:245)
> at org.apache.openjpa.kernel.AbstractBrokerFactory.newBroker(AbstractBrokerFactory.java:197)
> at org.apache.openjpa.kernel.DelegatingBrokerFactory.newBroker(DelegatingBrokerFactory.java:142)
> at org.apache.openjpa.persistence.EntityManagerFactoryImpl.createEntityManager(EntityManagerFactoryImpl.java:190)
> at com.ibm.ws.persistence.EntityManagerFactoryImpl.createEntityManager(EntityManagerFactoryImpl.java:37)
> at com.ibm.ws.persistence.EntityManagerFactoryImpl.createEntityManager(EntityManagerFactoryImpl.java:28)
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.
[jira] Updated: (OPENJPA-339) Java 2 security Access denied in
File.toURL() call
Posted by "Kevin Sutter (JIRA)" <ji...@apache.org>.
[ https://issues.apache.org/jira/browse/OPENJPA-339?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Kevin Sutter updated OPENJPA-339:
---------------------------------
Fix Version/s: (was: 1.0.0)
> Java 2 security Access denied in File.toURL() call
> --------------------------------------------------
>
> Key: OPENJPA-339
> URL: https://issues.apache.org/jira/browse/OPENJPA-339
> Project: OpenJPA
> Issue Type: Bug
> Components: lib
> Affects Versions: 0.9.7
> Reporter: Albert Lee
> Assignee: Albert Lee
>
> Encounter the following access denial exception when Java 2 security is enabled in application server environment.
> File.toURL() is not documented which requires security check, however indirectly, the File.isDirectory() is invoked, which required security permission.
> Exception = java.security.AccessControlException
> Source = com.ibm.ws.security.core.SecurityManager
> probeid = 180
> Stack Dump = java.security.AccessControlException: Access denied (java.io.FilePermission C:\WAS3\profiles\AppSrv01\installedApps\javajoeNode01Cell\EJB3JPACallbackBeanApp.ear\EJB3JPACallbackWebApp.war\WEB-INF\classes\suite\r70\base\jpaspec\callback\entities\AbstractCallbackEntity.class read)
> at java.security.AccessController.checkPermission(AccessController.java:104)
> at java.lang.SecurityManager.checkPermission(SecurityManager.java:547)
> at com.ibm.ws.security.core.SecurityManager.checkPermission(SecurityManager.java:189)
> at java.lang.SecurityManager.checkRead(SecurityManager.java:886)
> at java.io.File.isDirectory(File.java:747)
> at java.io.File.toURL(File.java:620)
> at org.apache.openjpa.lib.meta.FileMetaDataIterator.next(FileMetaDataIterator.java:114)
> at org.apache.openjpa.lib.meta.ClassArgParser.mapTypeNames(ClassArgParser.java:283)
> at org.apache.openjpa.meta.AbstractCFMetaDataFactory.scan(AbstractCFMetaDataFactory.java:778)
> at org.apache.openjpa.meta.AbstractCFMetaDataFactory.parsePersistentTypeNames(AbstractCFMetaDataFactory.java:637)
> at org.apache.openjpa.meta.AbstractCFMetaDataFactory.getPersistentTypeNames(AbstractCFMetaDataFactory.java:605)
> at org.apache.openjpa.meta.MetaDataRepository.getPersistentTypeNames(MetaDataRepository.java:1214)
> at org.apache.openjpa.meta.MetaDataRepository.loadPersistentTypes(MetaDataRepository.java:1231)
> at org.apache.openjpa.kernel.AbstractBrokerFactory.loadPersistentTypes(AbstractBrokerFactory.java:245)
> at org.apache.openjpa.kernel.AbstractBrokerFactory.newBroker(AbstractBrokerFactory.java:197)
> at org.apache.openjpa.kernel.DelegatingBrokerFactory.newBroker(DelegatingBrokerFactory.java:142)
> at org.apache.openjpa.persistence.EntityManagerFactoryImpl.createEntityManager(EntityManagerFactoryImpl.java:190)
> at com.ibm.ws.persistence.EntityManagerFactoryImpl.createEntityManager(EntityManagerFactoryImpl.java:37)
> at com.ibm.ws.persistence.EntityManagerFactoryImpl.createEntityManager(EntityManagerFactoryImpl.java:28)
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.
[jira] Reopened: (OPENJPA-339) Java 2 security Access denied in
File.toURL() call
Posted by "Albert Lee (JIRA)" <ji...@apache.org>.
[ https://issues.apache.org/jira/browse/OPENJPA-339?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Albert Lee reopened OPENJPA-339:
--------------------------------
More testing discovers other paths in ProxyManagerImpl causes other access violations.
> Java 2 security Access denied in File.toURL() call
> --------------------------------------------------
>
> Key: OPENJPA-339
> URL: https://issues.apache.org/jira/browse/OPENJPA-339
> Project: OpenJPA
> Issue Type: Bug
> Components: lib
> Affects Versions: 0.9.7
> Reporter: Albert Lee
> Assignee: Albert Lee
> Fix For: 1.1.0
>
> Attachments: OPENJPA-339.patch
>
>
> Encounter the following access denial exception when Java 2 security is enabled in application server environment.
> File.toURL() is not documented which requires security check, however indirectly, the File.isDirectory() is invoked, which required security permission.
> Exception = java.security.AccessControlException
> Source = com.ibm.ws.security.core.SecurityManager
> probeid = 180
> Stack Dump = java.security.AccessControlException: Access denied (java.io.FilePermission C:\WAS3\profiles\AppSrv01\installedApps\javajoeNode01Cell\EJB3JPACallbackBeanApp.ear\EJB3JPACallbackWebApp.war\WEB-INF\classes\suite\r70\base\jpaspec\callback\entities\AbstractCallbackEntity.class read)
> at java.security.AccessController.checkPermission(AccessController.java:104)
> at java.lang.SecurityManager.checkPermission(SecurityManager.java:547)
> at com.ibm.ws.security.core.SecurityManager.checkPermission(SecurityManager.java:189)
> at java.lang.SecurityManager.checkRead(SecurityManager.java:886)
> at java.io.File.isDirectory(File.java:747)
> at java.io.File.toURL(File.java:620)
> at org.apache.openjpa.lib.meta.FileMetaDataIterator.next(FileMetaDataIterator.java:114)
> at org.apache.openjpa.lib.meta.ClassArgParser.mapTypeNames(ClassArgParser.java:283)
> at org.apache.openjpa.meta.AbstractCFMetaDataFactory.scan(AbstractCFMetaDataFactory.java:778)
> at org.apache.openjpa.meta.AbstractCFMetaDataFactory.parsePersistentTypeNames(AbstractCFMetaDataFactory.java:637)
> at org.apache.openjpa.meta.AbstractCFMetaDataFactory.getPersistentTypeNames(AbstractCFMetaDataFactory.java:605)
> at org.apache.openjpa.meta.MetaDataRepository.getPersistentTypeNames(MetaDataRepository.java:1214)
> at org.apache.openjpa.meta.MetaDataRepository.loadPersistentTypes(MetaDataRepository.java:1231)
> at org.apache.openjpa.kernel.AbstractBrokerFactory.loadPersistentTypes(AbstractBrokerFactory.java:245)
> at org.apache.openjpa.kernel.AbstractBrokerFactory.newBroker(AbstractBrokerFactory.java:197)
> at org.apache.openjpa.kernel.DelegatingBrokerFactory.newBroker(DelegatingBrokerFactory.java:142)
> at org.apache.openjpa.persistence.EntityManagerFactoryImpl.createEntityManager(EntityManagerFactoryImpl.java:190)
> at com.ibm.ws.persistence.EntityManagerFactoryImpl.createEntityManager(EntityManagerFactoryImpl.java:37)
> at com.ibm.ws.persistence.EntityManagerFactoryImpl.createEntityManager(EntityManagerFactoryImpl.java:28)
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.
[jira] Commented: (OPENJPA-339) Java 2 security Access denied in
File.toURL() call
Posted by "Albert Lee (JIRA)" <ji...@apache.org>.
[ https://issues.apache.org/jira/browse/OPENJPA-339?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel#action_12523955 ]
Albert Lee commented on OPENJPA-339:
------------------------------------
The other path which caused security violations are:
Stack Dump = java.security.AccessControlException: Access denied (java.lang.RuntimePermission getClassLoader)
at java.security.AccessController.checkPermission(AccessController.java:104)
at java.lang.SecurityManager.checkPermission(SecurityManager.java:547)
at com.ibm.ws.security.core.SecurityManager.checkPermission(SecurityManager.java:189)
at java.lang.Thread.getContextClassLoader(Thread.java:488)
at serp.bytecode.BCClass.getClassLoader(BCClass.java:1670)
at serp.bytecode.BCMember.getClassLoader(BCMember.java:326)
at serp.bytecode.Attribute.getClassLoader(Attribute.java:85)
at serp.bytecode.Instruction.getClassLoader(Instruction.java:141)
at serp.bytecode.TypedInstruction.getType(TypedInstruction.java:76)
at serp.bytecode.Code.calculateMaxLocals(Code.java:191)
at org.apache.openjpa.util.ProxyManagerImpl.addProxyBeanMethods(ProxyManagerImpl.java:1173)
at org.apache.openjpa.util.ProxyManagerImpl.generateProxyBeanBytecode(ProxyManagerImpl.java:640)
at org.apache.openjpa.util.ProxyManagerImpl.getFactoryProxyBean(ProxyManagerImpl.java:452)
at org.apache.openjpa.util.ProxyManagerImpl.newCustomProxy(ProxyManagerImpl.java:311)
at org.apache.openjpa.kernel.SingleFieldManager.proxy(SingleFieldManager.java:129)
at org.apache.openjpa.kernel.StateManagerImpl.proxyFields(StateManagerImpl.java:2721)
at org.apache.openjpa.kernel.PNonTransState.initialize(PNonTransState.java:44)
at org.apache.openjpa.kernel.StateManagerImpl.setPCState(StateManagerImpl.java:216)
at org.apache.openjpa.kernel.StateManagerImpl.commit(StateManagerImpl.java:1005)
at org.apache.openjpa.kernel.BrokerImpl.endTransaction(BrokerImpl.java:2177)
at org.apache.openjpa.kernel.BrokerImpl.afterCompletion(BrokerImpl.java:1782)
at com.ibm.ws.uow.ComponentContextSynchronizationWrapper.afterCompletion(ComponentContextSynchronizationWrapper.java:84)
at com.ibm.ws.Transaction.JTA.RegisteredSyncs.distributeAfter(RegisteredSyncs.java:424)
at com.ibm.ws.Transaction.JTA.TransactionImpl.distributeAfter(TransactionImpl.java:3883)
at com.ibm.ws.Transaction.JTA.TransactionImpl.postCompletion(TransactionImpl.java:3862)
at com.ibm.ws.Transaction.JTA.TransactionImpl.commitXAResources(TransactionImpl.java:2518)
at com.ibm.ws.Transaction.JTA.TransactionImpl.stage1CommitProcessing(TransactionImpl.java:1635)
at com.ibm.ws.Transaction.JTA.TransactionImpl.processCommit(TransactionImpl.java:1595)
at com.ibm.ws.Transaction.JTA.TransactionImpl.commit(TransactionImpl.java:1530)
at com.ibm.ws.Transaction.JTA.TranManagerImpl.commit(TranManagerImpl.java:237)
at com.ibm.ws.Transaction.JTA.TranManagerSet.commit(TranManagerSet.java:162)
at com.ibm.ws.Transaction.JTA.UserTransactionImpl.commit(UserTransactionImpl.java:292)
at com.ibm.ejs.container.UserTransactionWrapper.commit(UserTransactionWrapper.java:264)
at suite.r70.acommon.transactionservice.JTATransactionService.commitTransaction(JTATransactionService.java:39)
and
Caused by: java.security.AccessControlException: Access denied (java.lang.RuntimePermission modifyThreadGroup)
at java.security.AccessController.checkPermission(AccessController.java:104)
at java.lang.SecurityManager.checkPermission(SecurityManager.java:547)
at com.ibm.ws.security.core.SecurityManager.checkPermission(SecurityManager.java:189)
at com.ibm.ws.security.core.SecurityManager.checkAccess(SecurityManager.java:309)
at java.lang.ThreadGroup.checkAccess(ThreadGroup.java:222)
at java.lang.Thread.initialize(Thread.java:342)
at java.lang.Thread.<init>(Thread.java:276)
at java.lang.Thread.<init>(Thread.java:168)
at org.apache.openjpa.datacache.DataCacheScheduler.scheduleEviction(DataCacheScheduler.java:100)
at org.apache.openjpa.datacache.AbstractDataCache.initialize(AbstractDataCache.java:89)
at org.apache.openjpa.datacache.ConcurrentDataCache.initialize(ConcurrentDataCache.java:91)
at org.apache.openjpa.datacache.DataCacheManagerImpl.initialize(DataCacheManagerImpl.java:51)
at org.apache.openjpa.conf.OpenJPAConfigurationImpl.getDataCacheManagerInstance(OpenJPAConfigurationImpl.java:602)
at org.apache.openjpa.kernel.AbstractBrokerFactory.newBroker(AbstractBrokerFactory.java:181)
I have created a patch and am running more tests before posting it to this report.
> Java 2 security Access denied in File.toURL() call
> --------------------------------------------------
>
> Key: OPENJPA-339
> URL: https://issues.apache.org/jira/browse/OPENJPA-339
> Project: OpenJPA
> Issue Type: Bug
> Components: lib
> Affects Versions: 0.9.7
> Reporter: Albert Lee
> Assignee: Albert Lee
> Fix For: 1.1.0
>
> Attachments: OPENJPA-339.patch
>
>
> Encounter the following access denial exception when Java 2 security is enabled in application server environment.
> File.toURL() is not documented which requires security check, however indirectly, the File.isDirectory() is invoked, which required security permission.
> Exception = java.security.AccessControlException
> Source = com.ibm.ws.security.core.SecurityManager
> probeid = 180
> Stack Dump = java.security.AccessControlException: Access denied (java.io.FilePermission C:\WAS3\profiles\AppSrv01\installedApps\javajoeNode01Cell\EJB3JPACallbackBeanApp.ear\EJB3JPACallbackWebApp.war\WEB-INF\classes\suite\r70\base\jpaspec\callback\entities\AbstractCallbackEntity.class read)
> at java.security.AccessController.checkPermission(AccessController.java:104)
> at java.lang.SecurityManager.checkPermission(SecurityManager.java:547)
> at com.ibm.ws.security.core.SecurityManager.checkPermission(SecurityManager.java:189)
> at java.lang.SecurityManager.checkRead(SecurityManager.java:886)
> at java.io.File.isDirectory(File.java:747)
> at java.io.File.toURL(File.java:620)
> at org.apache.openjpa.lib.meta.FileMetaDataIterator.next(FileMetaDataIterator.java:114)
> at org.apache.openjpa.lib.meta.ClassArgParser.mapTypeNames(ClassArgParser.java:283)
> at org.apache.openjpa.meta.AbstractCFMetaDataFactory.scan(AbstractCFMetaDataFactory.java:778)
> at org.apache.openjpa.meta.AbstractCFMetaDataFactory.parsePersistentTypeNames(AbstractCFMetaDataFactory.java:637)
> at org.apache.openjpa.meta.AbstractCFMetaDataFactory.getPersistentTypeNames(AbstractCFMetaDataFactory.java:605)
> at org.apache.openjpa.meta.MetaDataRepository.getPersistentTypeNames(MetaDataRepository.java:1214)
> at org.apache.openjpa.meta.MetaDataRepository.loadPersistentTypes(MetaDataRepository.java:1231)
> at org.apache.openjpa.kernel.AbstractBrokerFactory.loadPersistentTypes(AbstractBrokerFactory.java:245)
> at org.apache.openjpa.kernel.AbstractBrokerFactory.newBroker(AbstractBrokerFactory.java:197)
> at org.apache.openjpa.kernel.DelegatingBrokerFactory.newBroker(DelegatingBrokerFactory.java:142)
> at org.apache.openjpa.persistence.EntityManagerFactoryImpl.createEntityManager(EntityManagerFactoryImpl.java:190)
> at com.ibm.ws.persistence.EntityManagerFactoryImpl.createEntityManager(EntityManagerFactoryImpl.java:37)
> at com.ibm.ws.persistence.EntityManagerFactoryImpl.createEntityManager(EntityManagerFactoryImpl.java:28)
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.
[jira] Resolved: (OPENJPA-339) Java 2 security Access denied in
File.toURL() call
Posted by "Kevin Sutter (JIRA)" <ji...@apache.org>.
[ https://issues.apache.org/jira/browse/OPENJPA-339?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Kevin Sutter resolved OPENJPA-339.
----------------------------------
Resolution: Fixed
Fix Version/s: 1.1.0
Resolved via svn revision #570288.
> Java 2 security Access denied in File.toURL() call
> --------------------------------------------------
>
> Key: OPENJPA-339
> URL: https://issues.apache.org/jira/browse/OPENJPA-339
> Project: OpenJPA
> Issue Type: Bug
> Components: lib
> Affects Versions: 0.9.7
> Reporter: Albert Lee
> Assignee: Albert Lee
> Fix For: 1.1.0
>
> Attachments: OPENJPA-339.patch
>
>
> Encounter the following access denial exception when Java 2 security is enabled in application server environment.
> File.toURL() is not documented which requires security check, however indirectly, the File.isDirectory() is invoked, which required security permission.
> Exception = java.security.AccessControlException
> Source = com.ibm.ws.security.core.SecurityManager
> probeid = 180
> Stack Dump = java.security.AccessControlException: Access denied (java.io.FilePermission C:\WAS3\profiles\AppSrv01\installedApps\javajoeNode01Cell\EJB3JPACallbackBeanApp.ear\EJB3JPACallbackWebApp.war\WEB-INF\classes\suite\r70\base\jpaspec\callback\entities\AbstractCallbackEntity.class read)
> at java.security.AccessController.checkPermission(AccessController.java:104)
> at java.lang.SecurityManager.checkPermission(SecurityManager.java:547)
> at com.ibm.ws.security.core.SecurityManager.checkPermission(SecurityManager.java:189)
> at java.lang.SecurityManager.checkRead(SecurityManager.java:886)
> at java.io.File.isDirectory(File.java:747)
> at java.io.File.toURL(File.java:620)
> at org.apache.openjpa.lib.meta.FileMetaDataIterator.next(FileMetaDataIterator.java:114)
> at org.apache.openjpa.lib.meta.ClassArgParser.mapTypeNames(ClassArgParser.java:283)
> at org.apache.openjpa.meta.AbstractCFMetaDataFactory.scan(AbstractCFMetaDataFactory.java:778)
> at org.apache.openjpa.meta.AbstractCFMetaDataFactory.parsePersistentTypeNames(AbstractCFMetaDataFactory.java:637)
> at org.apache.openjpa.meta.AbstractCFMetaDataFactory.getPersistentTypeNames(AbstractCFMetaDataFactory.java:605)
> at org.apache.openjpa.meta.MetaDataRepository.getPersistentTypeNames(MetaDataRepository.java:1214)
> at org.apache.openjpa.meta.MetaDataRepository.loadPersistentTypes(MetaDataRepository.java:1231)
> at org.apache.openjpa.kernel.AbstractBrokerFactory.loadPersistentTypes(AbstractBrokerFactory.java:245)
> at org.apache.openjpa.kernel.AbstractBrokerFactory.newBroker(AbstractBrokerFactory.java:197)
> at org.apache.openjpa.kernel.DelegatingBrokerFactory.newBroker(DelegatingBrokerFactory.java:142)
> at org.apache.openjpa.persistence.EntityManagerFactoryImpl.createEntityManager(EntityManagerFactoryImpl.java:190)
> at com.ibm.ws.persistence.EntityManagerFactoryImpl.createEntityManager(EntityManagerFactoryImpl.java:37)
> at com.ibm.ws.persistence.EntityManagerFactoryImpl.createEntityManager(EntityManagerFactoryImpl.java:28)
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.
[jira] Closed: (OPENJPA-339) Java 2 security Access denied in
File.toURL() call
Posted by "Albert Lee (JIRA)" <ji...@apache.org>.
[ https://issues.apache.org/jira/browse/OPENJPA-339?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Albert Lee closed OPENJPA-339.
------------------------------
> Java 2 security Access denied in File.toURL() call
> --------------------------------------------------
>
> Key: OPENJPA-339
> URL: https://issues.apache.org/jira/browse/OPENJPA-339
> Project: OpenJPA
> Issue Type: Bug
> Components: lib
> Affects Versions: 0.9.7
> Reporter: Albert Lee
> Assignee: Albert Lee
> Fix For: 1.0.1, 1.1.0
>
> Attachments: OPENJPA-339.1.patch, OPENJPA-339.patch
>
>
> Encounter the following access denial exception when Java 2 security is enabled in application server environment.
> File.toURL() is not documented which requires security check, however indirectly, the File.isDirectory() is invoked, which required security permission.
> Exception = java.security.AccessControlException
> Source = com.ibm.ws.security.core.SecurityManager
> probeid = 180
> Stack Dump = java.security.AccessControlException: Access denied (java.io.FilePermission C:\WAS3\profiles\AppSrv01\installedApps\javajoeNode01Cell\EJB3JPACallbackBeanApp.ear\EJB3JPACallbackWebApp.war\WEB-INF\classes\suite\r70\base\jpaspec\callback\entities\AbstractCallbackEntity.class read)
> at java.security.AccessController.checkPermission(AccessController.java:104)
> at java.lang.SecurityManager.checkPermission(SecurityManager.java:547)
> at com.ibm.ws.security.core.SecurityManager.checkPermission(SecurityManager.java:189)
> at java.lang.SecurityManager.checkRead(SecurityManager.java:886)
> at java.io.File.isDirectory(File.java:747)
> at java.io.File.toURL(File.java:620)
> at org.apache.openjpa.lib.meta.FileMetaDataIterator.next(FileMetaDataIterator.java:114)
> at org.apache.openjpa.lib.meta.ClassArgParser.mapTypeNames(ClassArgParser.java:283)
> at org.apache.openjpa.meta.AbstractCFMetaDataFactory.scan(AbstractCFMetaDataFactory.java:778)
> at org.apache.openjpa.meta.AbstractCFMetaDataFactory.parsePersistentTypeNames(AbstractCFMetaDataFactory.java:637)
> at org.apache.openjpa.meta.AbstractCFMetaDataFactory.getPersistentTypeNames(AbstractCFMetaDataFactory.java:605)
> at org.apache.openjpa.meta.MetaDataRepository.getPersistentTypeNames(MetaDataRepository.java:1214)
> at org.apache.openjpa.meta.MetaDataRepository.loadPersistentTypes(MetaDataRepository.java:1231)
> at org.apache.openjpa.kernel.AbstractBrokerFactory.loadPersistentTypes(AbstractBrokerFactory.java:245)
> at org.apache.openjpa.kernel.AbstractBrokerFactory.newBroker(AbstractBrokerFactory.java:197)
> at org.apache.openjpa.kernel.DelegatingBrokerFactory.newBroker(DelegatingBrokerFactory.java:142)
> at org.apache.openjpa.persistence.EntityManagerFactoryImpl.createEntityManager(EntityManagerFactoryImpl.java:190)
> at com.ibm.ws.persistence.EntityManagerFactoryImpl.createEntityManager(EntityManagerFactoryImpl.java:37)
> at com.ibm.ws.persistence.EntityManagerFactoryImpl.createEntityManager(EntityManagerFactoryImpl.java:28)
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.
[jira] Updated: (OPENJPA-339) Java 2 security Access denied in
File.toURL() call
Posted by "Michael Dick (JIRA)" <ji...@apache.org>.
[ https://issues.apache.org/jira/browse/OPENJPA-339?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Michael Dick updated OPENJPA-339:
---------------------------------
Fix Version/s: 1.0.1
> Java 2 security Access denied in File.toURL() call
> --------------------------------------------------
>
> Key: OPENJPA-339
> URL: https://issues.apache.org/jira/browse/OPENJPA-339
> Project: OpenJPA
> Issue Type: Bug
> Components: lib
> Affects Versions: 0.9.7
> Reporter: Albert Lee
> Assignee: Albert Lee
> Fix For: 1.0.1, 1.1.0
>
> Attachments: OPENJPA-339.1.patch, OPENJPA-339.patch
>
>
> Encounter the following access denial exception when Java 2 security is enabled in application server environment.
> File.toURL() is not documented which requires security check, however indirectly, the File.isDirectory() is invoked, which required security permission.
> Exception = java.security.AccessControlException
> Source = com.ibm.ws.security.core.SecurityManager
> probeid = 180
> Stack Dump = java.security.AccessControlException: Access denied (java.io.FilePermission C:\WAS3\profiles\AppSrv01\installedApps\javajoeNode01Cell\EJB3JPACallbackBeanApp.ear\EJB3JPACallbackWebApp.war\WEB-INF\classes\suite\r70\base\jpaspec\callback\entities\AbstractCallbackEntity.class read)
> at java.security.AccessController.checkPermission(AccessController.java:104)
> at java.lang.SecurityManager.checkPermission(SecurityManager.java:547)
> at com.ibm.ws.security.core.SecurityManager.checkPermission(SecurityManager.java:189)
> at java.lang.SecurityManager.checkRead(SecurityManager.java:886)
> at java.io.File.isDirectory(File.java:747)
> at java.io.File.toURL(File.java:620)
> at org.apache.openjpa.lib.meta.FileMetaDataIterator.next(FileMetaDataIterator.java:114)
> at org.apache.openjpa.lib.meta.ClassArgParser.mapTypeNames(ClassArgParser.java:283)
> at org.apache.openjpa.meta.AbstractCFMetaDataFactory.scan(AbstractCFMetaDataFactory.java:778)
> at org.apache.openjpa.meta.AbstractCFMetaDataFactory.parsePersistentTypeNames(AbstractCFMetaDataFactory.java:637)
> at org.apache.openjpa.meta.AbstractCFMetaDataFactory.getPersistentTypeNames(AbstractCFMetaDataFactory.java:605)
> at org.apache.openjpa.meta.MetaDataRepository.getPersistentTypeNames(MetaDataRepository.java:1214)
> at org.apache.openjpa.meta.MetaDataRepository.loadPersistentTypes(MetaDataRepository.java:1231)
> at org.apache.openjpa.kernel.AbstractBrokerFactory.loadPersistentTypes(AbstractBrokerFactory.java:245)
> at org.apache.openjpa.kernel.AbstractBrokerFactory.newBroker(AbstractBrokerFactory.java:197)
> at org.apache.openjpa.kernel.DelegatingBrokerFactory.newBroker(DelegatingBrokerFactory.java:142)
> at org.apache.openjpa.persistence.EntityManagerFactoryImpl.createEntityManager(EntityManagerFactoryImpl.java:190)
> at com.ibm.ws.persistence.EntityManagerFactoryImpl.createEntityManager(EntityManagerFactoryImpl.java:37)
> at com.ibm.ws.persistence.EntityManagerFactoryImpl.createEntityManager(EntityManagerFactoryImpl.java:28)
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.
[jira] Updated: (OPENJPA-339) Java 2 security Access denied in
File.toURL() call
Posted by "Albert Lee (JIRA)" <ji...@apache.org>.
[ https://issues.apache.org/jira/browse/OPENJPA-339?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Albert Lee updated OPENJPA-339:
-------------------------------
Attachment: OPENJPA-339.1.patch
Attached patch for the 2 new permission denials.
The "new Thread" scenario is straight forward and needs no explaination.
For the ProxyManagerImpl case, I have in-line the new PrivilegeAction instead of putting them in J2DoPrivHelper because generateProxyBeanBytecode() is protected qualified, therefore it can not be call from an action in J2DoPrivHelper. There are also many methods being called to the Code instance in generateProxyBeanBytecode() that may potentially need the doPriv . So instead of putting many individual doPriv for Code, the doPriv is moved up to generateProxyBeanBytecode() and this only needs one instead.
> Java 2 security Access denied in File.toURL() call
> --------------------------------------------------
>
> Key: OPENJPA-339
> URL: https://issues.apache.org/jira/browse/OPENJPA-339
> Project: OpenJPA
> Issue Type: Bug
> Components: lib
> Affects Versions: 0.9.7
> Reporter: Albert Lee
> Assignee: Albert Lee
> Fix For: 1.1.0
>
> Attachments: OPENJPA-339.1.patch, OPENJPA-339.patch
>
>
> Encounter the following access denial exception when Java 2 security is enabled in application server environment.
> File.toURL() is not documented which requires security check, however indirectly, the File.isDirectory() is invoked, which required security permission.
> Exception = java.security.AccessControlException
> Source = com.ibm.ws.security.core.SecurityManager
> probeid = 180
> Stack Dump = java.security.AccessControlException: Access denied (java.io.FilePermission C:\WAS3\profiles\AppSrv01\installedApps\javajoeNode01Cell\EJB3JPACallbackBeanApp.ear\EJB3JPACallbackWebApp.war\WEB-INF\classes\suite\r70\base\jpaspec\callback\entities\AbstractCallbackEntity.class read)
> at java.security.AccessController.checkPermission(AccessController.java:104)
> at java.lang.SecurityManager.checkPermission(SecurityManager.java:547)
> at com.ibm.ws.security.core.SecurityManager.checkPermission(SecurityManager.java:189)
> at java.lang.SecurityManager.checkRead(SecurityManager.java:886)
> at java.io.File.isDirectory(File.java:747)
> at java.io.File.toURL(File.java:620)
> at org.apache.openjpa.lib.meta.FileMetaDataIterator.next(FileMetaDataIterator.java:114)
> at org.apache.openjpa.lib.meta.ClassArgParser.mapTypeNames(ClassArgParser.java:283)
> at org.apache.openjpa.meta.AbstractCFMetaDataFactory.scan(AbstractCFMetaDataFactory.java:778)
> at org.apache.openjpa.meta.AbstractCFMetaDataFactory.parsePersistentTypeNames(AbstractCFMetaDataFactory.java:637)
> at org.apache.openjpa.meta.AbstractCFMetaDataFactory.getPersistentTypeNames(AbstractCFMetaDataFactory.java:605)
> at org.apache.openjpa.meta.MetaDataRepository.getPersistentTypeNames(MetaDataRepository.java:1214)
> at org.apache.openjpa.meta.MetaDataRepository.loadPersistentTypes(MetaDataRepository.java:1231)
> at org.apache.openjpa.kernel.AbstractBrokerFactory.loadPersistentTypes(AbstractBrokerFactory.java:245)
> at org.apache.openjpa.kernel.AbstractBrokerFactory.newBroker(AbstractBrokerFactory.java:197)
> at org.apache.openjpa.kernel.DelegatingBrokerFactory.newBroker(DelegatingBrokerFactory.java:142)
> at org.apache.openjpa.persistence.EntityManagerFactoryImpl.createEntityManager(EntityManagerFactoryImpl.java:190)
> at com.ibm.ws.persistence.EntityManagerFactoryImpl.createEntityManager(EntityManagerFactoryImpl.java:37)
> at com.ibm.ws.persistence.EntityManagerFactoryImpl.createEntityManager(EntityManagerFactoryImpl.java:28)
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.
[jira] Updated: (OPENJPA-339) Java 2 security Access denied in
File.toURL() call
Posted by "Albert Lee (JIRA)" <ji...@apache.org>.
[ https://issues.apache.org/jira/browse/OPENJPA-339?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Albert Lee updated OPENJPA-339:
-------------------------------
Attachment: OPENJPA-339.patch
Add corrective doPriv() in appropriate call-outs.
> Java 2 security Access denied in File.toURL() call
> --------------------------------------------------
>
> Key: OPENJPA-339
> URL: https://issues.apache.org/jira/browse/OPENJPA-339
> Project: OpenJPA
> Issue Type: Bug
> Components: lib
> Affects Versions: 0.9.7
> Reporter: Albert Lee
> Assignee: Albert Lee
> Attachments: OPENJPA-339.patch
>
>
> Encounter the following access denial exception when Java 2 security is enabled in application server environment.
> File.toURL() is not documented which requires security check, however indirectly, the File.isDirectory() is invoked, which required security permission.
> Exception = java.security.AccessControlException
> Source = com.ibm.ws.security.core.SecurityManager
> probeid = 180
> Stack Dump = java.security.AccessControlException: Access denied (java.io.FilePermission C:\WAS3\profiles\AppSrv01\installedApps\javajoeNode01Cell\EJB3JPACallbackBeanApp.ear\EJB3JPACallbackWebApp.war\WEB-INF\classes\suite\r70\base\jpaspec\callback\entities\AbstractCallbackEntity.class read)
> at java.security.AccessController.checkPermission(AccessController.java:104)
> at java.lang.SecurityManager.checkPermission(SecurityManager.java:547)
> at com.ibm.ws.security.core.SecurityManager.checkPermission(SecurityManager.java:189)
> at java.lang.SecurityManager.checkRead(SecurityManager.java:886)
> at java.io.File.isDirectory(File.java:747)
> at java.io.File.toURL(File.java:620)
> at org.apache.openjpa.lib.meta.FileMetaDataIterator.next(FileMetaDataIterator.java:114)
> at org.apache.openjpa.lib.meta.ClassArgParser.mapTypeNames(ClassArgParser.java:283)
> at org.apache.openjpa.meta.AbstractCFMetaDataFactory.scan(AbstractCFMetaDataFactory.java:778)
> at org.apache.openjpa.meta.AbstractCFMetaDataFactory.parsePersistentTypeNames(AbstractCFMetaDataFactory.java:637)
> at org.apache.openjpa.meta.AbstractCFMetaDataFactory.getPersistentTypeNames(AbstractCFMetaDataFactory.java:605)
> at org.apache.openjpa.meta.MetaDataRepository.getPersistentTypeNames(MetaDataRepository.java:1214)
> at org.apache.openjpa.meta.MetaDataRepository.loadPersistentTypes(MetaDataRepository.java:1231)
> at org.apache.openjpa.kernel.AbstractBrokerFactory.loadPersistentTypes(AbstractBrokerFactory.java:245)
> at org.apache.openjpa.kernel.AbstractBrokerFactory.newBroker(AbstractBrokerFactory.java:197)
> at org.apache.openjpa.kernel.DelegatingBrokerFactory.newBroker(DelegatingBrokerFactory.java:142)
> at org.apache.openjpa.persistence.EntityManagerFactoryImpl.createEntityManager(EntityManagerFactoryImpl.java:190)
> at com.ibm.ws.persistence.EntityManagerFactoryImpl.createEntityManager(EntityManagerFactoryImpl.java:37)
> at com.ibm.ws.persistence.EntityManagerFactoryImpl.createEntityManager(EntityManagerFactoryImpl.java:28)
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.
[jira] Commented: (OPENJPA-339) Java 2 security Access denied in
File.toURL() call
Posted by "Albert Lee (JIRA)" <ji...@apache.org>.
[ https://issues.apache.org/jira/browse/OPENJPA-339?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel#action_12523102 ]
Albert Lee commented on OPENJPA-339:
------------------------------------
Find another failing security scenario that needs to fix:
Exception = java.security.AccessControlException
Source = com.ibm.ws.security.core.SecurityManager
probeid = 180
Stack Dump = java.security.AccessControlException: Access denied (java.lang.RuntimePermission getClassLoader)
at java.security.AccessController.checkPermission(AccessController.java:104)
at java.lang.SecurityManager.checkPermission(SecurityManager.java:547)
at com.ibm.ws.security.core.SecurityManager.checkPermission(SecurityManager.java:189)
at java.lang.Thread.getContextClassLoader(Thread.java:488)
at serp.bytecode.Project.loadClass(Project.java:116)
at serp.bytecode.Project.loadClass(Project.java:86)
at org.apache.openjpa.util.ProxyManagerImpl.generateProxyBeanBytecode(ProxyManagerImpl.java:629)
at org.apache.openjpa.util.ProxyManagerImpl.getFactoryProxyBean(ProxyManagerImpl.java:452)
at org.apache.openjpa.util.ProxyManagerImpl.newCustomProxy(ProxyManagerImpl.java:311)
at org.apache.openjpa.kernel.SingleFieldManager.proxy(SingleFieldManager.java:126)
at org.apache.openjpa.kernel.StateManagerImpl.storeObjectField(StateManagerImpl.java:2413)
at org.apache.openjpa.kernel.StateManagerImpl.storeField(StateManagerImpl.java:2510)
at org.apache.openjpa.kernel.StateManagerImpl.storeField(StateManagerImpl.java:769)
at org.apache.openjpa.kernel.StateManagerImpl.store(StateManagerImpl.java:765)
at org.apache.openjpa.jdbc.meta.strats.HandlerFieldStrategy.load(HandlerFieldStrategy.java:174)
at org.apache.openjpa.jdbc.meta.FieldMapping.load(FieldMapping.java:789)
at org.apache.openjpa.jdbc.kernel.JDBCStoreManager.load(JDBCStoreManager.java:833)
at org.apache.openjpa.jdbc.kernel.JDBCStoreManager.load(JDBCStoreManager.java:785)
at org.apache.openjpa.jdbc.kernel.JDBCStoreManager.initializeState(JDBCStoreManager.java:336)
at org.apache.openjpa.jdbc.kernel.JDBCStoreManager.initialize(JDBCStoreManager.java:255)
at org.apache.openjpa.kernel.DelegatingStoreManager.initialize(DelegatingStoreManager.java:111)
at org.apache.openjpa.kernel.ROPStoreManager.initialize(ROPStoreManager.java:57)
at org.apache.openjpa.kernel.BrokerImpl.initialize(BrokerImpl.java:878)
at org.apache.openjpa.kernel.BrokerImpl.find(BrokerImpl.java:836)
at org.apache.openjpa.kernel.BrokerImpl.find(BrokerImpl.java:753)
at org.apache.openjpa.kernel.DelegatingBroker.find(DelegatingBroker.java:172)
at org.apache.openjpa.persistence.EntityManagerImpl.find(EntityManagerImpl.java:349)
at suite.r70.acommon.servicesupport.AbstractServiceClass.findIEntity(AbstractServiceClass.java:111)
> Java 2 security Access denied in File.toURL() call
> --------------------------------------------------
>
> Key: OPENJPA-339
> URL: https://issues.apache.org/jira/browse/OPENJPA-339
> Project: OpenJPA
> Issue Type: Bug
> Components: lib
> Affects Versions: 0.9.7
> Reporter: Albert Lee
> Assignee: Albert Lee
>
> Encounter the following access denial exception when Java 2 security is enabled in application server environment.
> File.toURL() is not documented which requires security check, however indirectly, the File.isDirectory() is invoked, which required security permission.
> Exception = java.security.AccessControlException
> Source = com.ibm.ws.security.core.SecurityManager
> probeid = 180
> Stack Dump = java.security.AccessControlException: Access denied (java.io.FilePermission C:\WAS3\profiles\AppSrv01\installedApps\javajoeNode01Cell\EJB3JPACallbackBeanApp.ear\EJB3JPACallbackWebApp.war\WEB-INF\classes\suite\r70\base\jpaspec\callback\entities\AbstractCallbackEntity.class read)
> at java.security.AccessController.checkPermission(AccessController.java:104)
> at java.lang.SecurityManager.checkPermission(SecurityManager.java:547)
> at com.ibm.ws.security.core.SecurityManager.checkPermission(SecurityManager.java:189)
> at java.lang.SecurityManager.checkRead(SecurityManager.java:886)
> at java.io.File.isDirectory(File.java:747)
> at java.io.File.toURL(File.java:620)
> at org.apache.openjpa.lib.meta.FileMetaDataIterator.next(FileMetaDataIterator.java:114)
> at org.apache.openjpa.lib.meta.ClassArgParser.mapTypeNames(ClassArgParser.java:283)
> at org.apache.openjpa.meta.AbstractCFMetaDataFactory.scan(AbstractCFMetaDataFactory.java:778)
> at org.apache.openjpa.meta.AbstractCFMetaDataFactory.parsePersistentTypeNames(AbstractCFMetaDataFactory.java:637)
> at org.apache.openjpa.meta.AbstractCFMetaDataFactory.getPersistentTypeNames(AbstractCFMetaDataFactory.java:605)
> at org.apache.openjpa.meta.MetaDataRepository.getPersistentTypeNames(MetaDataRepository.java:1214)
> at org.apache.openjpa.meta.MetaDataRepository.loadPersistentTypes(MetaDataRepository.java:1231)
> at org.apache.openjpa.kernel.AbstractBrokerFactory.loadPersistentTypes(AbstractBrokerFactory.java:245)
> at org.apache.openjpa.kernel.AbstractBrokerFactory.newBroker(AbstractBrokerFactory.java:197)
> at org.apache.openjpa.kernel.DelegatingBrokerFactory.newBroker(DelegatingBrokerFactory.java:142)
> at org.apache.openjpa.persistence.EntityManagerFactoryImpl.createEntityManager(EntityManagerFactoryImpl.java:190)
> at com.ibm.ws.persistence.EntityManagerFactoryImpl.createEntityManager(EntityManagerFactoryImpl.java:37)
> at com.ibm.ws.persistence.EntityManagerFactoryImpl.createEntityManager(EntityManagerFactoryImpl.java:28)
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.
[jira] Resolved: (OPENJPA-339) Java 2 security Access denied in
File.toURL() call
Posted by "Kevin Sutter (JIRA)" <ji...@apache.org>.
[ https://issues.apache.org/jira/browse/OPENJPA-339?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Kevin Sutter resolved OPENJPA-339.
----------------------------------
Resolution: Fixed
Resolved in trunk (1.1.0).
> Java 2 security Access denied in File.toURL() call
> --------------------------------------------------
>
> Key: OPENJPA-339
> URL: https://issues.apache.org/jira/browse/OPENJPA-339
> Project: OpenJPA
> Issue Type: Bug
> Components: lib
> Affects Versions: 0.9.7
> Reporter: Albert Lee
> Assignee: Albert Lee
> Fix For: 1.1.0
>
> Attachments: OPENJPA-339.1.patch, OPENJPA-339.patch
>
>
> Encounter the following access denial exception when Java 2 security is enabled in application server environment.
> File.toURL() is not documented which requires security check, however indirectly, the File.isDirectory() is invoked, which required security permission.
> Exception = java.security.AccessControlException
> Source = com.ibm.ws.security.core.SecurityManager
> probeid = 180
> Stack Dump = java.security.AccessControlException: Access denied (java.io.FilePermission C:\WAS3\profiles\AppSrv01\installedApps\javajoeNode01Cell\EJB3JPACallbackBeanApp.ear\EJB3JPACallbackWebApp.war\WEB-INF\classes\suite\r70\base\jpaspec\callback\entities\AbstractCallbackEntity.class read)
> at java.security.AccessController.checkPermission(AccessController.java:104)
> at java.lang.SecurityManager.checkPermission(SecurityManager.java:547)
> at com.ibm.ws.security.core.SecurityManager.checkPermission(SecurityManager.java:189)
> at java.lang.SecurityManager.checkRead(SecurityManager.java:886)
> at java.io.File.isDirectory(File.java:747)
> at java.io.File.toURL(File.java:620)
> at org.apache.openjpa.lib.meta.FileMetaDataIterator.next(FileMetaDataIterator.java:114)
> at org.apache.openjpa.lib.meta.ClassArgParser.mapTypeNames(ClassArgParser.java:283)
> at org.apache.openjpa.meta.AbstractCFMetaDataFactory.scan(AbstractCFMetaDataFactory.java:778)
> at org.apache.openjpa.meta.AbstractCFMetaDataFactory.parsePersistentTypeNames(AbstractCFMetaDataFactory.java:637)
> at org.apache.openjpa.meta.AbstractCFMetaDataFactory.getPersistentTypeNames(AbstractCFMetaDataFactory.java:605)
> at org.apache.openjpa.meta.MetaDataRepository.getPersistentTypeNames(MetaDataRepository.java:1214)
> at org.apache.openjpa.meta.MetaDataRepository.loadPersistentTypes(MetaDataRepository.java:1231)
> at org.apache.openjpa.kernel.AbstractBrokerFactory.loadPersistentTypes(AbstractBrokerFactory.java:245)
> at org.apache.openjpa.kernel.AbstractBrokerFactory.newBroker(AbstractBrokerFactory.java:197)
> at org.apache.openjpa.kernel.DelegatingBrokerFactory.newBroker(DelegatingBrokerFactory.java:142)
> at org.apache.openjpa.persistence.EntityManagerFactoryImpl.createEntityManager(EntityManagerFactoryImpl.java:190)
> at com.ibm.ws.persistence.EntityManagerFactoryImpl.createEntityManager(EntityManagerFactoryImpl.java:37)
> at com.ibm.ws.persistence.EntityManagerFactoryImpl.createEntityManager(EntityManagerFactoryImpl.java:28)
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.