You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@tuscany.apache.org by "Raymond Feng (JIRA)" <tu...@ws.apache.org> on 2008/04/16 20:21:26 UTC

[jira] Commented: (TUSCANY-2237) Java 2 Security - Enhancements to run Itest bucket

    [ https://issues.apache.org/jira/browse/TUSCANY-2237?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=12589684#action_12589684 ] 

Raymond Feng commented on TUSCANY-2237:
---------------------------------------

IMO, the following priviledged block is too wide. Can you find the offending module and move the doPrivileged() to that module only?

Index: modules/host-embedded/src/main/java/org/apache/tuscany/sca/host/embedded/impl/ReallySmallRuntime.java

-            module.stop(registry);
+            // Allow privileged access to stop MBeans. Requires MBeanPermission in security policy.
+            AccessController.doPrivileged(new PrivilegedAction<Object>() {
+                public Object run() {
+                    module.stop(registry);
+                    return null;
+                }
+            });            


> Java 2 Security - Enhancements to run Itest bucket
> --------------------------------------------------
>
>                 Key: TUSCANY-2237
>                 URL: https://issues.apache.org/jira/browse/TUSCANY-2237
>             Project: Tuscany
>          Issue Type: Bug
>          Components: Java SCA Core Runtime
>    Affects Versions: Java-SCA-1.1
>         Environment: Java 1.5, Windows
>            Reporter: Dan Becker
>            Assignee: Raymond Feng
>             Fix For: Java-SCA-Next
>
>         Attachments: TUSCANY-2237.patch
>
>
> Must add proper Java 2 security to allow all Itests to run and pass JUnit testing. An example of a failing Itest occurs with CallableReferenceRemoteTestcase with Java 2 security enables. Here is an example AccessControlException:
> java.security.AccessControlException: access denied (java.util.PropertyPermission java.io.tmpdir read)
> 	at java.security.AccessControlContext.checkPermission(Unknown Source)
> 	at java.security.AccessController.checkPermission(Unknown Source)
> 	at java.lang.SecurityManager.checkPermission(Unknown Source)
> 	at java.lang.SecurityManager.checkPropertyAccess(Unknown Source)
> 	at java.lang.System.getProperty(Unknown Source)
> 	at org.apache.axis2.context.ConfigurationContext.cleanupTemp(ConfigurationContext.java:665)
> 	at org.apache.axis2.context.ConfigurationContext.terminate(ConfigurationContext.java:653)
> 	at org.apache.axis2.transport.http.AxisServlet.destroy(AxisServlet.java:449)
> 	at org.apache.tuscany.sca.binding.ws.axis2.Axis2ServiceServlet.destroy(Axis2ServiceServlet.java:236)
> 	at org.apache.tuscany.sca.http.tomcat.ServletWrapper.destroyServlet(ServletWrapper.java:55)
> 	at org.apache.tuscany.sca.http.tomcat.TomcatServer.removeServletMapping(TomcatServer.java:510)
> 	at org.apache.tuscany.sca.binding.ws.axis2.Axis2ServiceProvider.stop(Axis2ServiceProvider.java:308)
> 	at org.apache.tuscany.sca.binding.ws.axis2.Axis2ServiceBindingProvider.stop(Axis2ServiceBindingProvider.java:98)
> 	at org.apache.tuscany.sca.core.assembly.CompositeActivatorImpl.stop(CompositeActivatorImpl.java:615)
> 	at org.apache.tuscany.sca.core.assembly.CompositeActivatorImpl.stop(CompositeActivatorImpl.java:513)
> 	at org.apache.tuscany.sca.node.impl.SCADomainProxyImpl.destroy(SCADomainProxyImpl.java:500)
> 	at org.apache.tuscany.sca.node.impl.SCANodeImpl.destroy(SCANodeImpl.java:441)
> 	at org.apache.tuscany.sca.itest.callableref.CallableReferenceRemoteTestCase.destroy(CallableReferenceRemoteTestCase.java:97)
> 	at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
> 	at sun.reflect.NativeMethodAccessorImpl.invoke(Unknown Source)
> 	at sun.reflect.DelegatingMethodAccessorImpl.invoke(Unknown Source)
> 	at java.lang.reflect.Method.invoke(Unknown Source)
> 	at org.junit.internal.runners.BeforeAndAfterRunner.invokeMethod(BeforeAndAfterRunner.java:74)
> 	at org.junit.internal.runners.BeforeAndAfterRunner.runAfters(BeforeAndAfterRunner.java:65)
> 	at org.junit.internal.runners.BeforeAndAfterRunner.runProtected(BeforeAndAfterRunner.java:37)
> 	at org.junit.internal.runners.TestClassRunner.run(TestClassRunner.java:52)
> 	at org.eclipse.jdt.internal.junit4.runner.JUnit4TestReference.run(JUnit4TestReference.java:38)
> 	at org.eclipse.jdt.internal.junit.runner.TestExecution.run(TestExecution.java:38)
> 	at org.eclipse.jdt.internal.junit.runner.RemoteTestRunner.runTests(RemoteTestRunner.java:460)
> 	at org.eclipse.jdt.internal.junit.runner.RemoteTestRunner.runTests(RemoteTestRunner.java:673)
> 	at org.eclipse.jdt.internal.junit.runner.RemoteTestRunner.run(RemoteTestRunner.java:386)
> 	at org.eclipse.jdt.internal.junit.runner.RemoteTestRunner.main(RemoteTestRunner.java:196)
> This is fixed by adding AccessController.doPrivileged blocks around the sensitive call

-- 
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.


---------------------------------------------------------------------
To unsubscribe, e-mail: tuscany-dev-unsubscribe@ws.apache.org
For additional commands, e-mail: tuscany-dev-help@ws.apache.org