You are viewing a plain text version of this content. The canonical link for it is here.
Posted to issues@commons.apache.org by "Dennis Lundberg (JIRA)" <ji...@apache.org> on 2009/12/29 15:04:29 UTC
[jira] Updated: (LOGGING-134) No AccessControll on getClassLoader
operations
[ https://issues.apache.org/jira/browse/LOGGING-134?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Dennis Lundberg updated LOGGING-134:
------------------------------------
Description:
Problem is that commons logging performs some operations (atleast getClassLoader) which requiere access permissions. Since commons do not encapsulate calls to class loader getters in "doPriviledged" initialization of loggers fail.
This would not be a big deal if it wasnt about loggers - which usually are declared "static final" and usually poeple dont use "static{}" to init logger like:
{code}
private final static Logger log;
static
{
log=AccessController.doPriviledged(new PriviledgedAction<Logger>()
{
public Object run()
{
return Logger.getLogger(class);
}
});
}
{code}
Example fail log on 1.1.1:
Caused by: org.apache.commons.logging.LogConfigurationException: java.security.AccessControlException: access denied (java.lang.RuntimePermission getClassLoader) (Caused by java.security.AccessControl
Exception: access denied (java.lang.RuntimePermission getClassLoader))
at org.apache.commons.logging.impl.LogFactoryImpl.newInstance(LogFactoryImpl.java:637)
at org.apache.commons.logging.impl.LogFactoryImpl.getInstance(LogFactoryImpl.java:336)
at org.apache.commons.logging.impl.LogFactoryImpl.getInstance(LogFactoryImpl.java:310)
at org.apache.commons.logging.LogFactory.getLog(LogFactory.java:685)
at org.jboss.cache.commands.write.RemoveNodeCommand.<clinit>(RemoveNodeCommand.java:45)
... 22 more
Caused by: java.security.AccessControlException: access denied (java.lang.RuntimePermission getClassLoader)
at java.security.AccessControlContext.checkPermission(Unknown Source)
at java.security.AccessController.checkPermission(Unknown Source)
at java.lang.SecurityManager.checkPermission(Unknown Source)
at java.lang.ClassLoader.getParent(Unknown Source)
at org.apache.commons.logging.impl.LogFactoryImpl.getLowestClassLoader(LogFactoryImpl.java:1327)
at org.apache.commons.logging.impl.LogFactoryImpl.getBaseClassLoader(LogFactoryImpl.java:1247)
at org.apache.commons.logging.impl.LogFactoryImpl.createLogFromClass(LogFactoryImpl.java:1048)
at org.apache.commons.logging.impl.LogFactoryImpl.discoverLogImplementation(LogFactoryImpl.java:858)
at org.apache.commons.logging.impl.LogFactoryImpl.newInstance(LogFactoryImpl.java:604)
... 26 more
was:
Problem is that commons logging performs some operations (atleast getClassLoader) which requiere access permissions. Since commons do not encapsulate calls to class loader getters in "doPriviledged" initialization of loggers fail.
This would not be a big deal if it wasnt about loggers - which usually are decalred "static final" and usually poeple dont use "static{}" to init logger like:
private final static Logger log;
static
{
log=AccessController.doPriviledged(new PriviledgedAction<Logger>()
{
public Object run()
{
return Logger.getLogger(class);
}
});
}
Example fail log on 1.1.1:
Caused by: org.apache.commons.logging.LogConfigurationException: java.security.AccessControlException: access denied (java.lang.RuntimePermission getClassLoader) (Caused by java.security.AccessControl
Exception: access denied (java.lang.RuntimePermission getClassLoader))
at org.apache.commons.logging.impl.LogFactoryImpl.newInstance(LogFactoryImpl.java:637)
at org.apache.commons.logging.impl.LogFactoryImpl.getInstance(LogFactoryImpl.java:336)
at org.apache.commons.logging.impl.LogFactoryImpl.getInstance(LogFactoryImpl.java:310)
at org.apache.commons.logging.LogFactory.getLog(LogFactory.java:685)
at org.jboss.cache.commands.write.RemoveNodeCommand.<clinit>(RemoveNodeCommand.java:45)
... 22 more
Caused by: java.security.AccessControlException: access denied (java.lang.RuntimePermission getClassLoader)
at java.security.AccessControlContext.checkPermission(Unknown Source)
at java.security.AccessController.checkPermission(Unknown Source)
at java.lang.SecurityManager.checkPermission(Unknown Source)
at java.lang.ClassLoader.getParent(Unknown Source)
at org.apache.commons.logging.impl.LogFactoryImpl.getLowestClassLoader(LogFactoryImpl.java:1327)
at org.apache.commons.logging.impl.LogFactoryImpl.getBaseClassLoader(LogFactoryImpl.java:1247)
at org.apache.commons.logging.impl.LogFactoryImpl.createLogFromClass(LogFactoryImpl.java:1048)
at org.apache.commons.logging.impl.LogFactoryImpl.discoverLogImplementation(LogFactoryImpl.java:858)
at org.apache.commons.logging.impl.LogFactoryImpl.newInstance(LogFactoryImpl.java:604)
... 26 more
Fix Version/s: (was: 1.1.1)
> No AccessControll on getClassLoader operations
> ----------------------------------------------
>
> Key: LOGGING-134
> URL: https://issues.apache.org/jira/browse/LOGGING-134
> Project: Commons Logging
> Issue Type: Improvement
> Affects Versions: 1.1.1
> Environment: JDK1.6, WinXP SP2. Ran under JBoss 5.1.GA, mobicents 2.0.B2,
> Reporter: Bartosz Baranowski
> Priority: Trivial
>
> Problem is that commons logging performs some operations (atleast getClassLoader) which requiere access permissions. Since commons do not encapsulate calls to class loader getters in "doPriviledged" initialization of loggers fail.
> This would not be a big deal if it wasnt about loggers - which usually are declared "static final" and usually poeple dont use "static{}" to init logger like:
> {code}
> private final static Logger log;
> static
> {
> log=AccessController.doPriviledged(new PriviledgedAction<Logger>()
> {
> public Object run()
> {
> return Logger.getLogger(class);
>
> }
> });
> }
> {code}
> Example fail log on 1.1.1:
> Caused by: org.apache.commons.logging.LogConfigurationException: java.security.AccessControlException: access denied (java.lang.RuntimePermission getClassLoader) (Caused by java.security.AccessControl
> Exception: access denied (java.lang.RuntimePermission getClassLoader))
> at org.apache.commons.logging.impl.LogFactoryImpl.newInstance(LogFactoryImpl.java:637)
> at org.apache.commons.logging.impl.LogFactoryImpl.getInstance(LogFactoryImpl.java:336)
> at org.apache.commons.logging.impl.LogFactoryImpl.getInstance(LogFactoryImpl.java:310)
> at org.apache.commons.logging.LogFactory.getLog(LogFactory.java:685)
> at org.jboss.cache.commands.write.RemoveNodeCommand.<clinit>(RemoveNodeCommand.java:45)
> ... 22 more
> Caused by: java.security.AccessControlException: access denied (java.lang.RuntimePermission getClassLoader)
> at java.security.AccessControlContext.checkPermission(Unknown Source)
> at java.security.AccessController.checkPermission(Unknown Source)
> at java.lang.SecurityManager.checkPermission(Unknown Source)
> at java.lang.ClassLoader.getParent(Unknown Source)
> at org.apache.commons.logging.impl.LogFactoryImpl.getLowestClassLoader(LogFactoryImpl.java:1327)
> at org.apache.commons.logging.impl.LogFactoryImpl.getBaseClassLoader(LogFactoryImpl.java:1247)
> at org.apache.commons.logging.impl.LogFactoryImpl.createLogFromClass(LogFactoryImpl.java:1048)
> at org.apache.commons.logging.impl.LogFactoryImpl.discoverLogImplementation(LogFactoryImpl.java:858)
> at org.apache.commons.logging.impl.LogFactoryImpl.newInstance(LogFactoryImpl.java:604)
> ... 26 more
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.