You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@bval.apache.org by "Albert Lee (JIRA)" <ji...@apache.org> on 2011/01/05 21:25:47 UTC
[jira] Resolved: (BVAL-87) Java 2 security violations in
ClassValidator.validate
[ https://issues.apache.org/jira/browse/BVAL-87?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Albert Lee resolved BVAL-87.
----------------------------
Resolution: Fixed
> Java 2 security violations in ClassValidator.validate
> -----------------------------------------------------
>
> Key: BVAL-87
> URL: https://issues.apache.org/jira/browse/BVAL-87
> Project: BeanValidation
> Issue Type: Bug
> Components: jsr303
> Affects Versions: 0.3-incubating
> Reporter: Albert Lee
> Fix For: 0.3-incubating
>
> Attachments: BVAL-87.1.patch, BVAL-87.patch
>
>
> Hitting a few Java 2 security access control exception during validation.
> java.security.AccessControlException: Access denied (java.lang.RuntimePermission accessDeclaredMembers)
> at java.security.AccessController.checkPermission(AccessController.java:108)
> at java.lang.SecurityManager.checkPermission(SecurityManager.java:533)
> at com.ibm.ws.security.core.SecurityManager.checkPermission(SecurityManager.java:212)
> at java.lang.SecurityManager.checkMemberAccess(SecurityManager.java:1678)
> at java.lang.Class.checkMemberAccess(Class.java:105)
> at java.lang.Class.getDeclaredFields(Class.java:535)
> at org.apache.bval.jsr303.Jsr303MetaBeanFactory.processClass(Jsr303MetaBeanFactory.java:129)
> at org.apache.bval.jsr303.Jsr303MetaBeanFactory.buildMetaBean(Jsr303MetaBeanFactory.java:101)
> at org.apache.bval.MetaBeanBuilder.buildForClass(MetaBeanBuilder.java:128)
> at org.apache.bval.MetaBeanManager.findForClass(MetaBeanManager.java:102)
> at org.apache.bval.jsr303.ClassValidator.validate(ClassValidator.java:128)
> java.security.AccessControlException: Access denied (java.lang.RuntimePermission getClassLoader)
> at java.security.AccessController.checkPermission(AccessController.java:108)
> at java.lang.SecurityManager.checkPermission(SecurityManager.java:544)
> at com.ibm.ws.security.core.SecurityManager.checkPermission(SecurityManager.java:212)
> at java.lang.Thread.getContextClassLoader(Thread.java:457)
> at org.apache.bval.jsr303.DefaultMessageInterpolator.getFileBasedResourceBundle(DefaultMessageInterpolator.java:163)
> at org.apache.bval.jsr303.DefaultMessageInterpolator.findUserResourceBundle(DefaultMessageInterpolator.java:269)
> at org.apache.bval.jsr303.DefaultMessageInterpolator.interpolateMessage(DefaultMessageInterpolator.java:116)
> at org.apache.bval.jsr303.DefaultMessageInterpolator.interpolate(DefaultMessageInterpolator.java:97)
> at org.apache.bval.jsr303.DefaultMessageInterpolator.interpolate(DefaultMessageInterpolator.java:92)
> at org.apache.bval.jsr303.ConstraintValidationListener.addError(ConstraintValidationListener.java:85)
> at org.apache.bval.jsr303.ConstraintValidationListener.addError(ConstraintValidationListener.java:65)
> at org.apache.bval.jsr303.ConstraintValidation.addErrors(ConstraintValidation.java:255)
> at org.apache.bval.jsr303.ConstraintValidation.validate(ConstraintValidation.java:211)
> at org.apache.bval.jsr303.ConstraintValidation.validate(ConstraintValidation.java:140)
> at org.apache.bval.util.ValidationHelper.validateProperty(ValidationHelper.java:212)
> at org.apache.bval.util.ValidationHelper.validateBean(ValidationHelper.java:195)
> at org.apache.bval.jsr303.ClassValidator.validateBeanNet(ClassValidator.java:474)
> at org.apache.bval.jsr303.ClassValidator.validate(ClassValidator.java:140)
> Working through the doPriv location required in the path.
> WIll post a patch when testing is complete.
> Albert Lee
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.