You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@tuscany.apache.org by "Kaushik Mukherjee (Created) (JIRA)" <de...@tuscany.apache.org> on 2012/03/19 22:17:38 UTC
[jira] [Created] (TUSCANY-4030) AccessControlException when trying
to read schemas with Java 2 security enabled
AccessControlException when trying to read schemas with Java 2 security enabled
-------------------------------------------------------------------------------
Key: TUSCANY-4030
URL: https://issues.apache.org/jira/browse/TUSCANY-4030
Project: Tuscany
Issue Type: Bug
Reporter: Kaushik Mukherjee
I believe we need to wrap line 183 in the XSDModelResolver with an AccessController.doPrivileged so we can read a schema when java 2 security is enabled. Working on a patch now.
InputSource xsd = null;
final XSDefinition finaldef = definition;
try {
try {
xsd = (InputSource) AccessController.doPrivileged(new PrivilegedExceptionAction<InputSource>() {
public InputSource run() throws IOException {
return XMLDocumentHelper.getInputSource(finaldef.getLocation().toURL());
}
});
} catch (PrivilegedActionException e) {
throw (IOException) e.getException();
}
} catch (IOException e) {
throw new ContributionRuntimeException(e);
}
java.security.AccessControlException: Access denied (java.io.FilePermission C:\WAS\was85a\profiles\AppSrv01\installedAssets\sdoscope-shared-oasis.jar\BASE\sdoscope-shared-oasis.jar read)
at java.security.AccessController.checkPermission(AccessController.java:132)
at java.lang.SecurityManager.checkPermission(SecurityManager.java:544)
at com.ibm.ws.security.core.SecurityManager.checkPermission(SecurityManager.java:208)
at java.lang.SecurityManager.checkRead(SecurityManager.java:883)
at java.util.zip.ZipFile.<init>(ZipFile.java:145)
at java.util.jar.JarFile.<init>(JarFile.java:149)
at java.util.jar.JarFile.<init>(JarFile.java:86)
at sun.net.www.protocol.jar.URLJarFile.<init>(URLJarFile.java:84)
at sun.net.www.protocol.jar.URLJarFile.getJarFile(URLJarFile.java:60)
at sun.net.www.protocol.jar.JarFileFactory.get(JarFileFactory.java:92)
at sun.net.www.protocol.jar.JarURLConnection.connect(JarURLConnection.java:119)
at sun.net.www.protocol.jar.JarURLConnection.getInputStream(JarURLConnection.java:147)
at org.apache.tuscany.sca.common.xml.XMLDocumentHelper.openStream(XMLDocumentHelper.java:139)
at org.apache.tuscany.sca.common.xml.XMLDocumentHelper.getInputSource(XMLDocumentHelper.java:129)
at org.apache.tuscany.sca.xsd.xml.XSDModelResolver.loadOnDemand(XSDModelResolver.java:183)
at org.apache.tuscany.sca.xsd.xml.XSDModelResolver.aggregate(XSDModelResolver.java:224)
at org.apache.tuscany.sca.xsd.xml.XSDModelResolver.resolveModel(XSDModelResolver.java:123)
at org.apache.tuscany.sca.contribution.resolver.ExtensibleModelResolver.resolveModel(ExtensibleModelResolver.java:154)
--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators: https://issues.apache.org/jira/secure/ContactAdministrators!default.jspa
For more information on JIRA, see: http://www.atlassian.com/software/jira
[jira] [Updated] (TUSCANY-4030) AccessControlException when trying
to read schemas with Java 2 security enabled
Posted by "Kaushik Mukherjee (Updated) (JIRA)" <de...@tuscany.apache.org>.
[ https://issues.apache.org/jira/browse/TUSCANY-4030?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Kaushik Mukherjee updated TUSCANY-4030:
---------------------------------------
Attachment: (was: TUSCANY-4030.patch)
> AccessControlException when trying to read schemas with Java 2 security enabled
> -------------------------------------------------------------------------------
>
> Key: TUSCANY-4030
> URL: https://issues.apache.org/jira/browse/TUSCANY-4030
> Project: Tuscany
> Issue Type: Bug
> Reporter: Kaushik Mukherjee
>
> I believe we need to wrap line 183 in the XSDModelResolver with an AccessController.doPrivileged so we can read a schema when java 2 security is enabled. Working on a patch now.
> InputSource xsd = null;
> final XSDefinition finaldef = definition;
> try {
> try {
> xsd = (InputSource) AccessController.doPrivileged(new PrivilegedExceptionAction<InputSource>() {
> public InputSource run() throws IOException {
> return XMLDocumentHelper.getInputSource(finaldef.getLocation().toURL());
> }
> });
> } catch (PrivilegedActionException e) {
> throw (IOException) e.getException();
> }
> } catch (IOException e) {
> throw new ContributionRuntimeException(e);
> }
> java.security.AccessControlException: Access denied (java.io.FilePermission C:\WAS\was85a\profiles\AppSrv01\installedAssets\sdoscope-shared-oasis.jar\BASE\sdoscope-shared-oasis.jar read)
> at java.security.AccessController.checkPermission(AccessController.java:132)
> at java.lang.SecurityManager.checkPermission(SecurityManager.java:544)
> at com.ibm.ws.security.core.SecurityManager.checkPermission(SecurityManager.java:208)
> at java.lang.SecurityManager.checkRead(SecurityManager.java:883)
> at java.util.zip.ZipFile.<init>(ZipFile.java:145)
> at java.util.jar.JarFile.<init>(JarFile.java:149)
> at java.util.jar.JarFile.<init>(JarFile.java:86)
> at sun.net.www.protocol.jar.URLJarFile.<init>(URLJarFile.java:84)
> at sun.net.www.protocol.jar.URLJarFile.getJarFile(URLJarFile.java:60)
> at sun.net.www.protocol.jar.JarFileFactory.get(JarFileFactory.java:92)
> at sun.net.www.protocol.jar.JarURLConnection.connect(JarURLConnection.java:119)
> at sun.net.www.protocol.jar.JarURLConnection.getInputStream(JarURLConnection.java:147)
> at org.apache.tuscany.sca.common.xml.XMLDocumentHelper.openStream(XMLDocumentHelper.java:139)
> at org.apache.tuscany.sca.common.xml.XMLDocumentHelper.getInputSource(XMLDocumentHelper.java:129)
> at org.apache.tuscany.sca.xsd.xml.XSDModelResolver.loadOnDemand(XSDModelResolver.java:183)
> at org.apache.tuscany.sca.xsd.xml.XSDModelResolver.aggregate(XSDModelResolver.java:224)
> at org.apache.tuscany.sca.xsd.xml.XSDModelResolver.resolveModel(XSDModelResolver.java:123)
> at org.apache.tuscany.sca.contribution.resolver.ExtensibleModelResolver.resolveModel(ExtensibleModelResolver.java:154)
--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators: https://issues.apache.org/jira/secure/ContactAdministrators!default.jspa
For more information on JIRA, see: http://www.atlassian.com/software/jira
[jira] [Updated] (TUSCANY-4030) AccessControlException when trying
to read schemas with Java 2 security enabled
Posted by "Kaushik Mukherjee (Updated) (JIRA)" <de...@tuscany.apache.org>.
[ https://issues.apache.org/jira/browse/TUSCANY-4030?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Kaushik Mukherjee updated TUSCANY-4030:
---------------------------------------
Attachment: (was: TUSCANY-4030v2.patch)
> AccessControlException when trying to read schemas with Java 2 security enabled
> -------------------------------------------------------------------------------
>
> Key: TUSCANY-4030
> URL: https://issues.apache.org/jira/browse/TUSCANY-4030
> Project: Tuscany
> Issue Type: Bug
> Reporter: Kaushik Mukherjee
>
> I believe we need to wrap line 183 in the XSDModelResolver with an AccessController.doPrivileged so we can read a schema when java 2 security is enabled. Working on a patch now.
> InputSource xsd = null;
> final XSDefinition finaldef = definition;
> try {
> try {
> xsd = (InputSource) AccessController.doPrivileged(new PrivilegedExceptionAction<InputSource>() {
> public InputSource run() throws IOException {
> return XMLDocumentHelper.getInputSource(finaldef.getLocation().toURL());
> }
> });
> } catch (PrivilegedActionException e) {
> throw (IOException) e.getException();
> }
> } catch (IOException e) {
> throw new ContributionRuntimeException(e);
> }
> java.security.AccessControlException: Access denied (java.io.FilePermission C:\WAS\was85a\profiles\AppSrv01\installedAssets\sdoscope-shared-oasis.jar\BASE\sdoscope-shared-oasis.jar read)
> at java.security.AccessController.checkPermission(AccessController.java:132)
> at java.lang.SecurityManager.checkPermission(SecurityManager.java:544)
> at com.ibm.ws.security.core.SecurityManager.checkPermission(SecurityManager.java:208)
> at java.lang.SecurityManager.checkRead(SecurityManager.java:883)
> at java.util.zip.ZipFile.<init>(ZipFile.java:145)
> at java.util.jar.JarFile.<init>(JarFile.java:149)
> at java.util.jar.JarFile.<init>(JarFile.java:86)
> at sun.net.www.protocol.jar.URLJarFile.<init>(URLJarFile.java:84)
> at sun.net.www.protocol.jar.URLJarFile.getJarFile(URLJarFile.java:60)
> at sun.net.www.protocol.jar.JarFileFactory.get(JarFileFactory.java:92)
> at sun.net.www.protocol.jar.JarURLConnection.connect(JarURLConnection.java:119)
> at sun.net.www.protocol.jar.JarURLConnection.getInputStream(JarURLConnection.java:147)
> at org.apache.tuscany.sca.common.xml.XMLDocumentHelper.openStream(XMLDocumentHelper.java:139)
> at org.apache.tuscany.sca.common.xml.XMLDocumentHelper.getInputSource(XMLDocumentHelper.java:129)
> at org.apache.tuscany.sca.xsd.xml.XSDModelResolver.loadOnDemand(XSDModelResolver.java:183)
> at org.apache.tuscany.sca.xsd.xml.XSDModelResolver.aggregate(XSDModelResolver.java:224)
> at org.apache.tuscany.sca.xsd.xml.XSDModelResolver.resolveModel(XSDModelResolver.java:123)
> at org.apache.tuscany.sca.contribution.resolver.ExtensibleModelResolver.resolveModel(ExtensibleModelResolver.java:154)
--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators: https://issues.apache.org/jira/secure/ContactAdministrators!default.jspa
For more information on JIRA, see: http://www.atlassian.com/software/jira
[jira] [Assigned] (TUSCANY-4030) AccessControlException when trying
to read schemas with Java 2 security enabled
Posted by "Simon Laws (Assigned) (JIRA)" <de...@tuscany.apache.org>.
[ https://issues.apache.org/jira/browse/TUSCANY-4030?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Simon Laws reassigned TUSCANY-4030:
-----------------------------------
Assignee: Simon Laws
> AccessControlException when trying to read schemas with Java 2 security enabled
> -------------------------------------------------------------------------------
>
> Key: TUSCANY-4030
> URL: https://issues.apache.org/jira/browse/TUSCANY-4030
> Project: Tuscany
> Issue Type: Bug
> Reporter: Kaushik Mukherjee
> Assignee: Simon Laws
> Attachments: TUSCANY-4030v3.patch
>
>
> I believe we need to wrap line 183 in the XSDModelResolver with an AccessController.doPrivileged so we can read a schema when java 2 security is enabled. Working on a patch now.
> InputSource xsd = null;
> final XSDefinition finaldef = definition;
> try {
> try {
> xsd = (InputSource) AccessController.doPrivileged(new PrivilegedExceptionAction<InputSource>() {
> public InputSource run() throws IOException {
> return XMLDocumentHelper.getInputSource(finaldef.getLocation().toURL());
> }
> });
> } catch (PrivilegedActionException e) {
> throw (IOException) e.getException();
> }
> } catch (IOException e) {
> throw new ContributionRuntimeException(e);
> }
> java.security.AccessControlException: Access denied (java.io.FilePermission C:\WAS\was85a\profiles\AppSrv01\installedAssets\sdoscope-shared-oasis.jar\BASE\sdoscope-shared-oasis.jar read)
> at java.security.AccessController.checkPermission(AccessController.java:132)
> at java.lang.SecurityManager.checkPermission(SecurityManager.java:544)
> at com.ibm.ws.security.core.SecurityManager.checkPermission(SecurityManager.java:208)
> at java.lang.SecurityManager.checkRead(SecurityManager.java:883)
> at java.util.zip.ZipFile.<init>(ZipFile.java:145)
> at java.util.jar.JarFile.<init>(JarFile.java:149)
> at java.util.jar.JarFile.<init>(JarFile.java:86)
> at sun.net.www.protocol.jar.URLJarFile.<init>(URLJarFile.java:84)
> at sun.net.www.protocol.jar.URLJarFile.getJarFile(URLJarFile.java:60)
> at sun.net.www.protocol.jar.JarFileFactory.get(JarFileFactory.java:92)
> at sun.net.www.protocol.jar.JarURLConnection.connect(JarURLConnection.java:119)
> at sun.net.www.protocol.jar.JarURLConnection.getInputStream(JarURLConnection.java:147)
> at org.apache.tuscany.sca.common.xml.XMLDocumentHelper.openStream(XMLDocumentHelper.java:139)
> at org.apache.tuscany.sca.common.xml.XMLDocumentHelper.getInputSource(XMLDocumentHelper.java:129)
> at org.apache.tuscany.sca.xsd.xml.XSDModelResolver.loadOnDemand(XSDModelResolver.java:183)
> at org.apache.tuscany.sca.xsd.xml.XSDModelResolver.aggregate(XSDModelResolver.java:224)
> at org.apache.tuscany.sca.xsd.xml.XSDModelResolver.resolveModel(XSDModelResolver.java:123)
> at org.apache.tuscany.sca.contribution.resolver.ExtensibleModelResolver.resolveModel(ExtensibleModelResolver.java:154)
--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators: https://issues.apache.org/jira/secure/ContactAdministrators!default.jspa
For more information on JIRA, see: http://www.atlassian.com/software/jira
[jira] [Updated] (TUSCANY-4030) AccessControlException when trying
to read schemas with Java 2 security enabled
Posted by "Kaushik Mukherjee (Updated) (JIRA)" <de...@tuscany.apache.org>.
[ https://issues.apache.org/jira/browse/TUSCANY-4030?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Kaushik Mukherjee updated TUSCANY-4030:
---------------------------------------
Attachment: TUSCANY-4030v2.patch
Updated the patch to use doPrivileged calls for all occurrences
> AccessControlException when trying to read schemas with Java 2 security enabled
> -------------------------------------------------------------------------------
>
> Key: TUSCANY-4030
> URL: https://issues.apache.org/jira/browse/TUSCANY-4030
> Project: Tuscany
> Issue Type: Bug
> Reporter: Kaushik Mukherjee
> Attachments: TUSCANY-4030v2.patch
>
>
> I believe we need to wrap line 183 in the XSDModelResolver with an AccessController.doPrivileged so we can read a schema when java 2 security is enabled. Working on a patch now.
> InputSource xsd = null;
> final XSDefinition finaldef = definition;
> try {
> try {
> xsd = (InputSource) AccessController.doPrivileged(new PrivilegedExceptionAction<InputSource>() {
> public InputSource run() throws IOException {
> return XMLDocumentHelper.getInputSource(finaldef.getLocation().toURL());
> }
> });
> } catch (PrivilegedActionException e) {
> throw (IOException) e.getException();
> }
> } catch (IOException e) {
> throw new ContributionRuntimeException(e);
> }
> java.security.AccessControlException: Access denied (java.io.FilePermission C:\WAS\was85a\profiles\AppSrv01\installedAssets\sdoscope-shared-oasis.jar\BASE\sdoscope-shared-oasis.jar read)
> at java.security.AccessController.checkPermission(AccessController.java:132)
> at java.lang.SecurityManager.checkPermission(SecurityManager.java:544)
> at com.ibm.ws.security.core.SecurityManager.checkPermission(SecurityManager.java:208)
> at java.lang.SecurityManager.checkRead(SecurityManager.java:883)
> at java.util.zip.ZipFile.<init>(ZipFile.java:145)
> at java.util.jar.JarFile.<init>(JarFile.java:149)
> at java.util.jar.JarFile.<init>(JarFile.java:86)
> at sun.net.www.protocol.jar.URLJarFile.<init>(URLJarFile.java:84)
> at sun.net.www.protocol.jar.URLJarFile.getJarFile(URLJarFile.java:60)
> at sun.net.www.protocol.jar.JarFileFactory.get(JarFileFactory.java:92)
> at sun.net.www.protocol.jar.JarURLConnection.connect(JarURLConnection.java:119)
> at sun.net.www.protocol.jar.JarURLConnection.getInputStream(JarURLConnection.java:147)
> at org.apache.tuscany.sca.common.xml.XMLDocumentHelper.openStream(XMLDocumentHelper.java:139)
> at org.apache.tuscany.sca.common.xml.XMLDocumentHelper.getInputSource(XMLDocumentHelper.java:129)
> at org.apache.tuscany.sca.xsd.xml.XSDModelResolver.loadOnDemand(XSDModelResolver.java:183)
> at org.apache.tuscany.sca.xsd.xml.XSDModelResolver.aggregate(XSDModelResolver.java:224)
> at org.apache.tuscany.sca.xsd.xml.XSDModelResolver.resolveModel(XSDModelResolver.java:123)
> at org.apache.tuscany.sca.contribution.resolver.ExtensibleModelResolver.resolveModel(ExtensibleModelResolver.java:154)
--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators: https://issues.apache.org/jira/secure/ContactAdministrators!default.jspa
For more information on JIRA, see: http://www.atlassian.com/software/jira
[jira] [Updated] (TUSCANY-4030) AccessControlException when trying
to read schemas with Java 2 security enabled
Posted by "Kaushik Mukherjee (Updated) (JIRA)" <de...@tuscany.apache.org>.
[ https://issues.apache.org/jira/browse/TUSCANY-4030?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Kaushik Mukherjee updated TUSCANY-4030:
---------------------------------------
Attachment: TUSCANY-4030v3.patch
Updated all read calls to use doPrivileged()
> AccessControlException when trying to read schemas with Java 2 security enabled
> -------------------------------------------------------------------------------
>
> Key: TUSCANY-4030
> URL: https://issues.apache.org/jira/browse/TUSCANY-4030
> Project: Tuscany
> Issue Type: Bug
> Reporter: Kaushik Mukherjee
> Attachments: TUSCANY-4030v3.patch
>
>
> I believe we need to wrap line 183 in the XSDModelResolver with an AccessController.doPrivileged so we can read a schema when java 2 security is enabled. Working on a patch now.
> InputSource xsd = null;
> final XSDefinition finaldef = definition;
> try {
> try {
> xsd = (InputSource) AccessController.doPrivileged(new PrivilegedExceptionAction<InputSource>() {
> public InputSource run() throws IOException {
> return XMLDocumentHelper.getInputSource(finaldef.getLocation().toURL());
> }
> });
> } catch (PrivilegedActionException e) {
> throw (IOException) e.getException();
> }
> } catch (IOException e) {
> throw new ContributionRuntimeException(e);
> }
> java.security.AccessControlException: Access denied (java.io.FilePermission C:\WAS\was85a\profiles\AppSrv01\installedAssets\sdoscope-shared-oasis.jar\BASE\sdoscope-shared-oasis.jar read)
> at java.security.AccessController.checkPermission(AccessController.java:132)
> at java.lang.SecurityManager.checkPermission(SecurityManager.java:544)
> at com.ibm.ws.security.core.SecurityManager.checkPermission(SecurityManager.java:208)
> at java.lang.SecurityManager.checkRead(SecurityManager.java:883)
> at java.util.zip.ZipFile.<init>(ZipFile.java:145)
> at java.util.jar.JarFile.<init>(JarFile.java:149)
> at java.util.jar.JarFile.<init>(JarFile.java:86)
> at sun.net.www.protocol.jar.URLJarFile.<init>(URLJarFile.java:84)
> at sun.net.www.protocol.jar.URLJarFile.getJarFile(URLJarFile.java:60)
> at sun.net.www.protocol.jar.JarFileFactory.get(JarFileFactory.java:92)
> at sun.net.www.protocol.jar.JarURLConnection.connect(JarURLConnection.java:119)
> at sun.net.www.protocol.jar.JarURLConnection.getInputStream(JarURLConnection.java:147)
> at org.apache.tuscany.sca.common.xml.XMLDocumentHelper.openStream(XMLDocumentHelper.java:139)
> at org.apache.tuscany.sca.common.xml.XMLDocumentHelper.getInputSource(XMLDocumentHelper.java:129)
> at org.apache.tuscany.sca.xsd.xml.XSDModelResolver.loadOnDemand(XSDModelResolver.java:183)
> at org.apache.tuscany.sca.xsd.xml.XSDModelResolver.aggregate(XSDModelResolver.java:224)
> at org.apache.tuscany.sca.xsd.xml.XSDModelResolver.resolveModel(XSDModelResolver.java:123)
> at org.apache.tuscany.sca.contribution.resolver.ExtensibleModelResolver.resolveModel(ExtensibleModelResolver.java:154)
--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators: https://issues.apache.org/jira/secure/ContactAdministrators!default.jspa
For more information on JIRA, see: http://www.atlassian.com/software/jira
[jira] [Closed] (TUSCANY-4030) AccessControlException when trying
to read schemas with Java 2 security enabled
Posted by "Simon Laws (Closed) (JIRA)" <de...@tuscany.apache.org>.
[ https://issues.apache.org/jira/browse/TUSCANY-4030?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Simon Laws closed TUSCANY-4030.
-------------------------------
Resolution: Fixed
Fix Version/s: Java-SCA-2.0
Applied at revision: 1304257. Thanks for the patch Kaushik.
> AccessControlException when trying to read schemas with Java 2 security enabled
> -------------------------------------------------------------------------------
>
> Key: TUSCANY-4030
> URL: https://issues.apache.org/jira/browse/TUSCANY-4030
> Project: Tuscany
> Issue Type: Bug
> Reporter: Kaushik Mukherjee
> Assignee: Simon Laws
> Fix For: Java-SCA-2.0
>
> Attachments: TUSCANY-4030v3.patch
>
>
> I believe we need to wrap line 183 in the XSDModelResolver with an AccessController.doPrivileged so we can read a schema when java 2 security is enabled. Working on a patch now.
> InputSource xsd = null;
> final XSDefinition finaldef = definition;
> try {
> try {
> xsd = (InputSource) AccessController.doPrivileged(new PrivilegedExceptionAction<InputSource>() {
> public InputSource run() throws IOException {
> return XMLDocumentHelper.getInputSource(finaldef.getLocation().toURL());
> }
> });
> } catch (PrivilegedActionException e) {
> throw (IOException) e.getException();
> }
> } catch (IOException e) {
> throw new ContributionRuntimeException(e);
> }
> java.security.AccessControlException: Access denied (java.io.FilePermission C:\WAS\was85a\profiles\AppSrv01\installedAssets\sdoscope-shared-oasis.jar\BASE\sdoscope-shared-oasis.jar read)
> at java.security.AccessController.checkPermission(AccessController.java:132)
> at java.lang.SecurityManager.checkPermission(SecurityManager.java:544)
> at com.ibm.ws.security.core.SecurityManager.checkPermission(SecurityManager.java:208)
> at java.lang.SecurityManager.checkRead(SecurityManager.java:883)
> at java.util.zip.ZipFile.<init>(ZipFile.java:145)
> at java.util.jar.JarFile.<init>(JarFile.java:149)
> at java.util.jar.JarFile.<init>(JarFile.java:86)
> at sun.net.www.protocol.jar.URLJarFile.<init>(URLJarFile.java:84)
> at sun.net.www.protocol.jar.URLJarFile.getJarFile(URLJarFile.java:60)
> at sun.net.www.protocol.jar.JarFileFactory.get(JarFileFactory.java:92)
> at sun.net.www.protocol.jar.JarURLConnection.connect(JarURLConnection.java:119)
> at sun.net.www.protocol.jar.JarURLConnection.getInputStream(JarURLConnection.java:147)
> at org.apache.tuscany.sca.common.xml.XMLDocumentHelper.openStream(XMLDocumentHelper.java:139)
> at org.apache.tuscany.sca.common.xml.XMLDocumentHelper.getInputSource(XMLDocumentHelper.java:129)
> at org.apache.tuscany.sca.xsd.xml.XSDModelResolver.loadOnDemand(XSDModelResolver.java:183)
> at org.apache.tuscany.sca.xsd.xml.XSDModelResolver.aggregate(XSDModelResolver.java:224)
> at org.apache.tuscany.sca.xsd.xml.XSDModelResolver.resolveModel(XSDModelResolver.java:123)
> at org.apache.tuscany.sca.contribution.resolver.ExtensibleModelResolver.resolveModel(ExtensibleModelResolver.java:154)
--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators: https://issues.apache.org/jira/secure/ContactAdministrators!default.jspa
For more information on JIRA, see: http://www.atlassian.com/software/jira
[jira] [Updated] (TUSCANY-4030) AccessControlException when trying
to read schemas with Java 2 security enabled
Posted by "Kaushik Mukherjee (Updated) (JIRA)" <de...@tuscany.apache.org>.
[ https://issues.apache.org/jira/browse/TUSCANY-4030?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Kaushik Mukherjee updated TUSCANY-4030:
---------------------------------------
Attachment: TUSCANY-4030.patch
Wrapped XMLDocumentHelper.getInputSource() with AccessController.doPrivileged().
> AccessControlException when trying to read schemas with Java 2 security enabled
> -------------------------------------------------------------------------------
>
> Key: TUSCANY-4030
> URL: https://issues.apache.org/jira/browse/TUSCANY-4030
> Project: Tuscany
> Issue Type: Bug
> Reporter: Kaushik Mukherjee
> Attachments: TUSCANY-4030.patch
>
>
> I believe we need to wrap line 183 in the XSDModelResolver with an AccessController.doPrivileged so we can read a schema when java 2 security is enabled. Working on a patch now.
> InputSource xsd = null;
> final XSDefinition finaldef = definition;
> try {
> try {
> xsd = (InputSource) AccessController.doPrivileged(new PrivilegedExceptionAction<InputSource>() {
> public InputSource run() throws IOException {
> return XMLDocumentHelper.getInputSource(finaldef.getLocation().toURL());
> }
> });
> } catch (PrivilegedActionException e) {
> throw (IOException) e.getException();
> }
> } catch (IOException e) {
> throw new ContributionRuntimeException(e);
> }
> java.security.AccessControlException: Access denied (java.io.FilePermission C:\WAS\was85a\profiles\AppSrv01\installedAssets\sdoscope-shared-oasis.jar\BASE\sdoscope-shared-oasis.jar read)
> at java.security.AccessController.checkPermission(AccessController.java:132)
> at java.lang.SecurityManager.checkPermission(SecurityManager.java:544)
> at com.ibm.ws.security.core.SecurityManager.checkPermission(SecurityManager.java:208)
> at java.lang.SecurityManager.checkRead(SecurityManager.java:883)
> at java.util.zip.ZipFile.<init>(ZipFile.java:145)
> at java.util.jar.JarFile.<init>(JarFile.java:149)
> at java.util.jar.JarFile.<init>(JarFile.java:86)
> at sun.net.www.protocol.jar.URLJarFile.<init>(URLJarFile.java:84)
> at sun.net.www.protocol.jar.URLJarFile.getJarFile(URLJarFile.java:60)
> at sun.net.www.protocol.jar.JarFileFactory.get(JarFileFactory.java:92)
> at sun.net.www.protocol.jar.JarURLConnection.connect(JarURLConnection.java:119)
> at sun.net.www.protocol.jar.JarURLConnection.getInputStream(JarURLConnection.java:147)
> at org.apache.tuscany.sca.common.xml.XMLDocumentHelper.openStream(XMLDocumentHelper.java:139)
> at org.apache.tuscany.sca.common.xml.XMLDocumentHelper.getInputSource(XMLDocumentHelper.java:129)
> at org.apache.tuscany.sca.xsd.xml.XSDModelResolver.loadOnDemand(XSDModelResolver.java:183)
> at org.apache.tuscany.sca.xsd.xml.XSDModelResolver.aggregate(XSDModelResolver.java:224)
> at org.apache.tuscany.sca.xsd.xml.XSDModelResolver.resolveModel(XSDModelResolver.java:123)
> at org.apache.tuscany.sca.contribution.resolver.ExtensibleModelResolver.resolveModel(ExtensibleModelResolver.java:154)
--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators: https://issues.apache.org/jira/secure/ContactAdministrators!default.jspa
For more information on JIRA, see: http://www.atlassian.com/software/jira