You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@openwebbeans.apache.org by "Mark Struberg (JIRA)" <ji...@apache.org> on 2011/03/24 22:26:05 UTC
[jira] [Resolved] (OWB-469) JSR299TCK: Security Error / Passivation
errors during readObject
[ https://issues.apache.org/jira/browse/OWB-469?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Mark Struberg resolved OWB-469.
-------------------------------
Resolution: Fixed
> JSR299TCK: Security Error / Passivation errors during readObject
> ----------------------------------------------------------------
>
> Key: OWB-469
> URL: https://issues.apache.org/jira/browse/OWB-469
> Project: OpenWebBeans
> Issue Type: Bug
> Components: Events
> Affects Versions: 1.0.1, 1.1.0, 1.0.0-alpha-2
> Environment: win server 2003
> Reporter: Rohit Dilip Kelapure
> Assignee: Rohit Dilip Kelapure
> Fix For: 1.1.0
>
> Original Estimate: 24h
> Remaining Estimate: 24h
>
> JIRA opened on behalf of Paul Reder.
> Problem Observed:
> Snippet for failure:
> @SpecAssertions({
> @SpecAssertion(section = "10.3.2", id = "g"),
> @SpecAssertion(section = "6.6.2", id = "e")
> })
> public void testImplicitEventIsPassivationCapable() throws IOException, ClassNotFoundException
> {
> StudentDirectory directory = getInstanceByType(StudentDirectory.class);
> directory.reset();
> Registration registration = getInstanceByType(Registration.class);
> Event<StudentRegisteredEvent> event = registration.getInjectedStudentRegisteredEvent();
> assert Serializable.class.isAssignableFrom(event.getClass());
> byte[] serializedEvent = serialize(event);
> ...
> Event<StudentRegisteredEvent> eventCopy = (Event<StudentRegisteredEvent>) deserialize(serializedEvent); // <--- error here
> ...
> Error:
> java.security.AccessControlException: Access denied (java.lang.RuntimePermission accessClassInPackage.com.xxx.oti.reflect)
> at java.security.AccessController.checkPermission(AccessController.java:108)
> at java.lang.SecurityManager.checkPermission(SecurityManager.java:533)
> at com.xxx.ws.security.core.SecurityManager.checkPermission(SecurityManager.java:212)
> at java.lang.SecurityManager.checkPackageAccess(SecurityManager.java:1528)
> at sun.misc.Launcher$AppClassLoader.loadClass(Launcher.java:343)
> at java.lang.ClassLoader.loadClass(ClassLoader.java:619)
> at org.eclipse.osgi.internal.loader.BundleLoader.findClassInternal(BundleLoader.java:438)
> at org.eclipse.osgi.internal.loader.BundleLoader.findClass(BundleLoader.java:422)
> at org.eclipse.osgi.internal.loader.BundleLoader.findClass(BundleLoader.java:410)
> at org.eclipse.osgi.internal.baseadaptor.DefaultClassLoader.loadClass(DefaultClassLoader.java:103)
> at java.lang.ClassLoader.loadClass(ClassLoader.java:619)
> at java.lang.Class.forNameImpl(Native Method)
> at java.lang.Class.forName(Class.java:169)
> at java.io.ObjectInputStream.resolveClass(ObjectInputStream.java:605)
> at java.io.ObjectInputStream.readNonProxyDesc(ObjectInputStream.java:1559)
> at java.io.ObjectInputStream.readClassDesc(ObjectInputStream.java:1500)
> at java.io.ObjectInputStream.readOrdinaryObject(ObjectInputStream.java:1736)
> at java.io.ObjectInputStream.readObject0(ObjectInputStream.java:1333)
> at java.io.ObjectInputStream.defaultReadFields(ObjectInputStream.java:1951)
> at java.io.ObjectInputStream.readSerialData(ObjectInputStream.java:1875)
> at java.io.ObjectInputStream.readOrdinaryObject(ObjectInputStream.java:1757)
> at java.io.ObjectInputStream.readObject0(ObjectInputStream.java:1333)
> at java.io.ObjectInputStream.readArray(ObjectInputStream.java:1671)
> at java.io.ObjectInputStream.readObject0(ObjectInputStream.java:1327)
> at java.io.ObjectInputStream.defaultReadFields(ObjectInputStream.java:1951)
> at java.io.ObjectInputStream.defaultReadObject(ObjectInputStream.java:481)
> at org.apache.webbeans.event.EventImpl.readObject(EventImpl.java:153)
> at java.io.ObjectStreamClass.invokeReadObject(ObjectStreamClass.java:1033)
> at java.io.ObjectInputStream.readSerialData(ObjectInputStream.java:1853)
> at java.io.ObjectInputStream.readOrdinaryObject(ObjectInputStream.java:1757)
> at java.io.ObjectInputStream.readObject0(ObjectInputStream.java:1333)
> at java.io.ObjectInputStream.readObject(ObjectInputStream.java:352)
> at org.jboss.jsr299.tck.AbstractJSR299Test.deserialize(AbstractJSR299Test.java:63)
> at org.jboss.jsr299.tck.tests.event.implicit.ImplicitEventTest.testImplicitEventIsPassivationCapable(ImplicitEventTest.java:118)
--
This message is automatically generated by JIRA.
For more information on JIRA, see: http://www.atlassian.com/software/jira