You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@santuario.apache.org by "Colm O hEigeartaigh (JIRA)" <ji...@apache.org> on 2017/05/26 10:28:04 UTC

[jira] [Resolved] (SANTUARIO-464) Allow setting default algorithms without invoking the SecurityManager

     [ https://issues.apache.org/jira/browse/SANTUARIO-464?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]

Colm O hEigeartaigh resolved SANTUARIO-464.
-------------------------------------------
    Resolution: Fixed

> Allow setting default algorithms without invoking the SecurityManager
> ---------------------------------------------------------------------
>
>                 Key: SANTUARIO-464
>                 URL: https://issues.apache.org/jira/browse/SANTUARIO-464
>             Project: Santuario
>          Issue Type: Bug
>          Components: Java
>    Affects Versions: Java 2.0.3, Java 2.0.4, Java 2.0.5, Java 2.0.6, Java 2.0.7, Java 2.0.8
>         Environment: Google App Engine lastest SDK 1.9.51 Standard Environment
> OpenSAML
>            Reporter: Xin Meng
>            Assignee: Colm O hEigeartaigh
>            Priority: Minor
>             Fix For: Java 2.1.0, Java 2.0.9
>
>
> I use the OpenSAML 3.3.0 on Google App Engine Platform and always return the error. (I have submitted an issue show the detail https://issues.shibboleth.net/jira/browse/OSJ-205) And the exception is at the bottom. 
> The interesting thing is that when I change the version of 'xmlsec' to the 2.0.2, the exception will not occur. Then I try all the version above from 2.0.3 to 2.0.8 ([2.0.5 is used by OpenSAML 3.3.0|https://mvnrepository.com/artifact/org.opensaml/opensaml-security-api/3.3.0]). The exception will always be thrown. 
> Update: I try the [534045-patched of  wso2|https://mvnrepository.com/artifact/org.apache.santuario/xmlsec/534045-patched], and the exception does not occur!
> *So is there any difference from 2.0.3 which is not compatible with Google App Engine Standard Environment?*
> Caused by: java.security.AccessControlException: access denied ("java.security.SecurityPermission" "org.apache.xml.security.register")
> at java.security.AccessControlContext.checkPermission(AccessControlContext.java:472)
> at java.security.AccessController.checkPermission(AccessController.java:884)
> at java.lang.SecurityManager.checkPermission(SecurityManager.java:549)
> at com.google.appengine.tools.development.DevAppServerFactory$CustomSecurityManager.checkPermission(DevAppServerFactory.java:445)
> at org.apache.xml.security.utils.JavaUtils.checkRegisterPermission(JavaUtils.java:249)
> at org.apache.xml.security.utils.ElementProxy.setDefaultPrefix(ElementProxy.java:475)
> at org.apache.xml.security.utils.ElementProxy.registerDefaultPrefixes(ElementProxy.java:498)
> at org.apache.xml.security.Init$2.run(Init.java:122)
> at org.apache.xml.security.Init$2.run(Init.java:117)
> at java.security.AccessController.doPrivileged(Native Method)
> at org.apache.xml.security.Init.dynamicInit(Init.java:117)
> at org.apache.xml.security.Init.init(Init.java:94)
> at org.opensaml.xmlsec.signature.impl.SignatureMarshaller.<init>(SignatureMarshaller.java:55)
> ... 108 more



--
This message was sent by Atlassian JIRA
(v6.3.15#6346)