You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@tuscany.apache.org by "Raymond Feng (JIRA)" <tu...@ws.apache.org> on 2008/04/16 20:21:26 UTC
[jira] Commented: (TUSCANY-2237) Java 2 Security - Enhancements to
run Itest bucket
[ https://issues.apache.org/jira/browse/TUSCANY-2237?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=12589684#action_12589684 ]
Raymond Feng commented on TUSCANY-2237:
---------------------------------------
IMO, the following priviledged block is too wide. Can you find the offending module and move the doPrivileged() to that module only?
Index: modules/host-embedded/src/main/java/org/apache/tuscany/sca/host/embedded/impl/ReallySmallRuntime.java
- module.stop(registry);
+ // Allow privileged access to stop MBeans. Requires MBeanPermission in security policy.
+ AccessController.doPrivileged(new PrivilegedAction<Object>() {
+ public Object run() {
+ module.stop(registry);
+ return null;
+ }
+ });
> Java 2 Security - Enhancements to run Itest bucket
> --------------------------------------------------
>
> Key: TUSCANY-2237
> URL: https://issues.apache.org/jira/browse/TUSCANY-2237
> Project: Tuscany
> Issue Type: Bug
> Components: Java SCA Core Runtime
> Affects Versions: Java-SCA-1.1
> Environment: Java 1.5, Windows
> Reporter: Dan Becker
> Assignee: Raymond Feng
> Fix For: Java-SCA-Next
>
> Attachments: TUSCANY-2237.patch
>
>
> Must add proper Java 2 security to allow all Itests to run and pass JUnit testing. An example of a failing Itest occurs with CallableReferenceRemoteTestcase with Java 2 security enables. Here is an example AccessControlException:
> java.security.AccessControlException: access denied (java.util.PropertyPermission java.io.tmpdir read)
> at java.security.AccessControlContext.checkPermission(Unknown Source)
> at java.security.AccessController.checkPermission(Unknown Source)
> at java.lang.SecurityManager.checkPermission(Unknown Source)
> at java.lang.SecurityManager.checkPropertyAccess(Unknown Source)
> at java.lang.System.getProperty(Unknown Source)
> at org.apache.axis2.context.ConfigurationContext.cleanupTemp(ConfigurationContext.java:665)
> at org.apache.axis2.context.ConfigurationContext.terminate(ConfigurationContext.java:653)
> at org.apache.axis2.transport.http.AxisServlet.destroy(AxisServlet.java:449)
> at org.apache.tuscany.sca.binding.ws.axis2.Axis2ServiceServlet.destroy(Axis2ServiceServlet.java:236)
> at org.apache.tuscany.sca.http.tomcat.ServletWrapper.destroyServlet(ServletWrapper.java:55)
> at org.apache.tuscany.sca.http.tomcat.TomcatServer.removeServletMapping(TomcatServer.java:510)
> at org.apache.tuscany.sca.binding.ws.axis2.Axis2ServiceProvider.stop(Axis2ServiceProvider.java:308)
> at org.apache.tuscany.sca.binding.ws.axis2.Axis2ServiceBindingProvider.stop(Axis2ServiceBindingProvider.java:98)
> at org.apache.tuscany.sca.core.assembly.CompositeActivatorImpl.stop(CompositeActivatorImpl.java:615)
> at org.apache.tuscany.sca.core.assembly.CompositeActivatorImpl.stop(CompositeActivatorImpl.java:513)
> at org.apache.tuscany.sca.node.impl.SCADomainProxyImpl.destroy(SCADomainProxyImpl.java:500)
> at org.apache.tuscany.sca.node.impl.SCANodeImpl.destroy(SCANodeImpl.java:441)
> at org.apache.tuscany.sca.itest.callableref.CallableReferenceRemoteTestCase.destroy(CallableReferenceRemoteTestCase.java:97)
> at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
> at sun.reflect.NativeMethodAccessorImpl.invoke(Unknown Source)
> at sun.reflect.DelegatingMethodAccessorImpl.invoke(Unknown Source)
> at java.lang.reflect.Method.invoke(Unknown Source)
> at org.junit.internal.runners.BeforeAndAfterRunner.invokeMethod(BeforeAndAfterRunner.java:74)
> at org.junit.internal.runners.BeforeAndAfterRunner.runAfters(BeforeAndAfterRunner.java:65)
> at org.junit.internal.runners.BeforeAndAfterRunner.runProtected(BeforeAndAfterRunner.java:37)
> at org.junit.internal.runners.TestClassRunner.run(TestClassRunner.java:52)
> at org.eclipse.jdt.internal.junit4.runner.JUnit4TestReference.run(JUnit4TestReference.java:38)
> at org.eclipse.jdt.internal.junit.runner.TestExecution.run(TestExecution.java:38)
> at org.eclipse.jdt.internal.junit.runner.RemoteTestRunner.runTests(RemoteTestRunner.java:460)
> at org.eclipse.jdt.internal.junit.runner.RemoteTestRunner.runTests(RemoteTestRunner.java:673)
> at org.eclipse.jdt.internal.junit.runner.RemoteTestRunner.run(RemoteTestRunner.java:386)
> at org.eclipse.jdt.internal.junit.runner.RemoteTestRunner.main(RemoteTestRunner.java:196)
> This is fixed by adding AccessController.doPrivileged blocks around the sensitive call
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.
---------------------------------------------------------------------
To unsubscribe, e-mail: tuscany-dev-unsubscribe@ws.apache.org
For additional commands, e-mail: tuscany-dev-help@ws.apache.org