You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@openwebbeans.apache.org by "Rohit Dilip Kelapure (JIRA)" <ji...@apache.org> on 2010/10/08 15:43:32 UTC
[jira] Created: (OWB-469) JSR299TCK: Security Error / Passivation
errors during readObject
JSR299TCK: Security Error / Passivation errors during readObject
----------------------------------------------------------------
Key: OWB-469
URL: https://issues.apache.org/jira/browse/OWB-469
Project: OpenWebBeans
Issue Type: Bug
Components: Events
Affects Versions: 1.0.0-alpha-2, 1.1.0, 1.0.1
Environment: win server 2003
Reporter: Rohit Dilip Kelapure
Assignee: Rohit Dilip Kelapure
JIRA opened on behalf of Paul Reder.
Problem Observed:
Snippet for failure:
@SpecAssertions({
@SpecAssertion(section = "10.3.2", id = "g"),
@SpecAssertion(section = "6.6.2", id = "e")
})
public void testImplicitEventIsPassivationCapable() throws IOException, ClassNotFoundException
{
StudentDirectory directory = getInstanceByType(StudentDirectory.class);
directory.reset();
Registration registration = getInstanceByType(Registration.class);
Event<StudentRegisteredEvent> event = registration.getInjectedStudentRegisteredEvent();
assert Serializable.class.isAssignableFrom(event.getClass());
byte[] serializedEvent = serialize(event);
...
Event<StudentRegisteredEvent> eventCopy = (Event<StudentRegisteredEvent>) deserialize(serializedEvent); // <--- error here
...
Error:
java.security.AccessControlException: Access denied (java.lang.RuntimePermission accessClassInPackage.com.xxx.oti.reflect)
at java.security.AccessController.checkPermission(AccessController.java:108)
at java.lang.SecurityManager.checkPermission(SecurityManager.java:533)
at com.xxx.ws.security.core.SecurityManager.checkPermission(SecurityManager.java:212)
at java.lang.SecurityManager.checkPackageAccess(SecurityManager.java:1528)
at sun.misc.Launcher$AppClassLoader.loadClass(Launcher.java:343)
at java.lang.ClassLoader.loadClass(ClassLoader.java:619)
at org.eclipse.osgi.internal.loader.BundleLoader.findClassInternal(BundleLoader.java:438)
at org.eclipse.osgi.internal.loader.BundleLoader.findClass(BundleLoader.java:422)
at org.eclipse.osgi.internal.loader.BundleLoader.findClass(BundleLoader.java:410)
at org.eclipse.osgi.internal.baseadaptor.DefaultClassLoader.loadClass(DefaultClassLoader.java:103)
at java.lang.ClassLoader.loadClass(ClassLoader.java:619)
at java.lang.Class.forNameImpl(Native Method)
at java.lang.Class.forName(Class.java:169)
at java.io.ObjectInputStream.resolveClass(ObjectInputStream.java:605)
at java.io.ObjectInputStream.readNonProxyDesc(ObjectInputStream.java:1559)
at java.io.ObjectInputStream.readClassDesc(ObjectInputStream.java:1500)
at java.io.ObjectInputStream.readOrdinaryObject(ObjectInputStream.java:1736)
at java.io.ObjectInputStream.readObject0(ObjectInputStream.java:1333)
at java.io.ObjectInputStream.defaultReadFields(ObjectInputStream.java:1951)
at java.io.ObjectInputStream.readSerialData(ObjectInputStream.java:1875)
at java.io.ObjectInputStream.readOrdinaryObject(ObjectInputStream.java:1757)
at java.io.ObjectInputStream.readObject0(ObjectInputStream.java:1333)
at java.io.ObjectInputStream.readArray(ObjectInputStream.java:1671)
at java.io.ObjectInputStream.readObject0(ObjectInputStream.java:1327)
at java.io.ObjectInputStream.defaultReadFields(ObjectInputStream.java:1951)
at java.io.ObjectInputStream.defaultReadObject(ObjectInputStream.java:481)
at org.apache.webbeans.event.EventImpl.readObject(EventImpl.java:153)
at java.io.ObjectStreamClass.invokeReadObject(ObjectStreamClass.java:1033)
at java.io.ObjectInputStream.readSerialData(ObjectInputStream.java:1853)
at java.io.ObjectInputStream.readOrdinaryObject(ObjectInputStream.java:1757)
at java.io.ObjectInputStream.readObject0(ObjectInputStream.java:1333)
at java.io.ObjectInputStream.readObject(ObjectInputStream.java:352)
at org.jboss.jsr299.tck.AbstractJSR299Test.deserialize(AbstractJSR299Test.java:63)
at org.jboss.jsr299.tck.tests.event.implicit.ImplicitEventTest.testImplicitEventIsPassivationCapable(ImplicitEventTest.java:118)
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.
[jira] Updated: (OWB-469) JSR299TCK: Security Error / Passivation
errors during readObject
Posted by "Rohit Dilip Kelapure (JIRA)" <ji...@apache.org>.
[ https://issues.apache.org/jira/browse/OWB-469?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Rohit Dilip Kelapure updated OWB-469:
-------------------------------------
Patch provided by Paul Reder
> JSR299TCK: Security Error / Passivation errors during readObject
> ----------------------------------------------------------------
>
> Key: OWB-469
> URL: https://issues.apache.org/jira/browse/OWB-469
> Project: OpenWebBeans
> Issue Type: Bug
> Components: Events
> Affects Versions: 1.1.0, 1.0.1, 1.0.0-alpha-2
> Environment: win server 2003
> Reporter: Rohit Dilip Kelapure
> Assignee: Rohit Dilip Kelapure
> Original Estimate: 24h
> Remaining Estimate: 24h
>
> JIRA opened on behalf of Paul Reder.
> Problem Observed:
> Snippet for failure:
> @SpecAssertions({
> @SpecAssertion(section = "10.3.2", id = "g"),
> @SpecAssertion(section = "6.6.2", id = "e")
> })
> public void testImplicitEventIsPassivationCapable() throws IOException, ClassNotFoundException
> {
> StudentDirectory directory = getInstanceByType(StudentDirectory.class);
> directory.reset();
> Registration registration = getInstanceByType(Registration.class);
> Event<StudentRegisteredEvent> event = registration.getInjectedStudentRegisteredEvent();
> assert Serializable.class.isAssignableFrom(event.getClass());
> byte[] serializedEvent = serialize(event);
> ...
> Event<StudentRegisteredEvent> eventCopy = (Event<StudentRegisteredEvent>) deserialize(serializedEvent); // <--- error here
> ...
> Error:
> java.security.AccessControlException: Access denied (java.lang.RuntimePermission accessClassInPackage.com.xxx.oti.reflect)
> at java.security.AccessController.checkPermission(AccessController.java:108)
> at java.lang.SecurityManager.checkPermission(SecurityManager.java:533)
> at com.xxx.ws.security.core.SecurityManager.checkPermission(SecurityManager.java:212)
> at java.lang.SecurityManager.checkPackageAccess(SecurityManager.java:1528)
> at sun.misc.Launcher$AppClassLoader.loadClass(Launcher.java:343)
> at java.lang.ClassLoader.loadClass(ClassLoader.java:619)
> at org.eclipse.osgi.internal.loader.BundleLoader.findClassInternal(BundleLoader.java:438)
> at org.eclipse.osgi.internal.loader.BundleLoader.findClass(BundleLoader.java:422)
> at org.eclipse.osgi.internal.loader.BundleLoader.findClass(BundleLoader.java:410)
> at org.eclipse.osgi.internal.baseadaptor.DefaultClassLoader.loadClass(DefaultClassLoader.java:103)
> at java.lang.ClassLoader.loadClass(ClassLoader.java:619)
> at java.lang.Class.forNameImpl(Native Method)
> at java.lang.Class.forName(Class.java:169)
> at java.io.ObjectInputStream.resolveClass(ObjectInputStream.java:605)
> at java.io.ObjectInputStream.readNonProxyDesc(ObjectInputStream.java:1559)
> at java.io.ObjectInputStream.readClassDesc(ObjectInputStream.java:1500)
> at java.io.ObjectInputStream.readOrdinaryObject(ObjectInputStream.java:1736)
> at java.io.ObjectInputStream.readObject0(ObjectInputStream.java:1333)
> at java.io.ObjectInputStream.defaultReadFields(ObjectInputStream.java:1951)
> at java.io.ObjectInputStream.readSerialData(ObjectInputStream.java:1875)
> at java.io.ObjectInputStream.readOrdinaryObject(ObjectInputStream.java:1757)
> at java.io.ObjectInputStream.readObject0(ObjectInputStream.java:1333)
> at java.io.ObjectInputStream.readArray(ObjectInputStream.java:1671)
> at java.io.ObjectInputStream.readObject0(ObjectInputStream.java:1327)
> at java.io.ObjectInputStream.defaultReadFields(ObjectInputStream.java:1951)
> at java.io.ObjectInputStream.defaultReadObject(ObjectInputStream.java:481)
> at org.apache.webbeans.event.EventImpl.readObject(EventImpl.java:153)
> at java.io.ObjectStreamClass.invokeReadObject(ObjectStreamClass.java:1033)
> at java.io.ObjectInputStream.readSerialData(ObjectInputStream.java:1853)
> at java.io.ObjectInputStream.readOrdinaryObject(ObjectInputStream.java:1757)
> at java.io.ObjectInputStream.readObject0(ObjectInputStream.java:1333)
> at java.io.ObjectInputStream.readObject(ObjectInputStream.java:352)
> at org.jboss.jsr299.tck.AbstractJSR299Test.deserialize(AbstractJSR299Test.java:63)
> at org.jboss.jsr299.tck.tests.event.implicit.ImplicitEventTest.testImplicitEventIsPassivationCapable(ImplicitEventTest.java:118)
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.