You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@tomee.apache.org by "Romain Manni-Bucau (JIRA)" <ji...@apache.org> on 2017/02/07 09:14:41 UTC
[jira] [Commented] (TOMEE-2013) Java PropertyPermisssion
[ https://issues.apache.org/jira/browse/TOMEE-2013?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=15855617#comment-15855617 ]
Romain Manni-Bucau commented on TOMEE-2013:
-------------------------------------------
Hi
looks like mainly eclipselink issues, we can upgrade but we don't own eclipselink code so the fix would be on their side.
I'm not sure what you changed in openejb-core (we'll not take binaries so please do a patch if you want the diff to be studied) but if there is a bug not related to the JPA provider we can include it
> Java PropertyPermisssion
> ------------------------
>
> Key: TOMEE-2013
> URL: https://issues.apache.org/jira/browse/TOMEE-2013
> Project: TomEE
> Issue Type: Bug
> Components: TomEE Core Server
> Affects Versions: 7.0.2
> Reporter: Magesh
> Labels: security
> Attachments: openejb-core-7.0.2.jar, Security_Permissions_openejb.txt
>
>
> Hi,
> We are using TOMEE server (apache-tomee-plus-7.0.2) to deploy our applications which uses EJBs. When we run the server with security mode enabled, applications are not getting deployed without the below permission.
> permission java.util.PropertyPermission "*", "read,write";
> We did some changes to the openejb-core-7.0.2.jar file in the classes org.apache.openejb.core.transaction.EjbTransactionUtil, org.apache.openejb.core.transaction.JtaTransactionPolicy
> After the changes were made the following specific permissions were required.
> permission java.util.PropertyPermission "javax.persistence.transactionType", "read";
> permission java.util.PropertyPermission "javax.persistence.schema-generation.database.action", "read";
> permission java.util.PropertyPermission "javax.persistence.schema-generation.scripts.action", "read";
> permission java.util.PropertyPermission "javax.persistence.jdbc.user", "read";
> permission java.util.PropertyPermission "javax.persistence.jdbc.password", "read";
> permission java.util.PropertyPermission "javax.persistence.jtaDataSource", "read";
> permission java.util.PropertyPermission "javax.persistence.nonJtaDataSource", "read";
> permission java.util.PropertyPermission "javax.persistence.lock.timeout", "read";
> permission java.util.PropertyPermission "javax.persistence.query.timeout", "read";
> permission java.util.PropertyPermission "javax.persistence.schema-generation.connection", "read";
> permission java.util.PropertyPermission "javax.persistence.sql-load-script-source", "read";
> permission java.util.PropertyPermission "org.eclipse.persistence.querymonitor", "read";
> Will this be addressed in the future release or else the permissions are required.
--
This message was sent by Atlassian JIRA
(v6.3.15#6346)