[
https://issues.apache.org/jira/browse/AXIS2-4390?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Andreas Veithen updated AXIS2-4390:
-----------------------------------
Fix Version/s: 1.6
> JAXWS: Java2Security Violation Fixes
> ------------------------------------
>
> Key: AXIS2-4390
> URL: https://issues.apache.org/jira/browse/AXIS2-4390
> Project: Axis 2.0 (Axis2)
> Issue Type: Bug
> Reporter: Rich Scheuerle
> Assignee: Rich Scheuerle
> Fix For: 1.6
>
> Original Estimate: 24h
> Remaining Estimate: 24h
>
> Two Java2Security violations were detected during IBM testing.
> The first violation occurs in
> org/apache/axis2/jaxws/description/impl/DescriptionUtils.openHandlerConfig
> stream.
> The non-priv code causes the handler configuration access to fail. This can
> cause user applications to fail.
> The second violation occurs in the JAX-WS JavaBeanDispatcher while getting
> the Context ClassLoader.
> Solution;
> I am correcting the code to add the appropriate ammount of doPriv stanzas.
> Kudos to Paul Mariduena for his cooperation on the design and testing of
> these fixes.
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.
