This is an automated email from the ASF dual-hosted git repository.
rzo1 pushed a commit to branch jdk24
in repository https://gitbox.apache.org/repos/asf/tomee.git
commit 3be8931c491a75214044f7271fa6a6e8e62b108f
Author: Richard Zowalla <r...@apache.org>
AuthorDate: Tue Jun 24 13:44:59 2025 +0200
Revert "JDK 24?"
This reverts commit 5c79e5b0278907408cf194a7f225c737a96c2c92.
---
.../core/security/AbstractSecurityService.java | 44 +++++++++++-----------
.../org/apache/openejb/loader/SystemInstance.java | 1 -
2 files changed, 23 insertions(+), 22 deletions(-)
diff --git
a/container/openejb-core/src/main/java/org/apache/openejb/core/security/AbstractSecurityService.java
b/container/openejb-core/src/main/java/org/apache/openejb/core/security/AbstractSecurityService.java
index bf4818c6b4..4c3a6ee78f 100644
---
a/container/openejb-core/src/main/java/org/apache/openejb/core/security/AbstractSecurityService.java
+++
b/container/openejb-core/src/main/java/org/apache/openejb/core/security/AbstractSecurityService.java
@@ -373,30 +373,32 @@ public abstract class AbstractSecurityService implements
DestroyableResource, Se
@Override
public boolean isCallerAuthorized(final Method method, final InterfaceType
type) {
-
if("true".equals(SystemInstance.get().getProperty("security.manager.available",
"true"))) {
- final ThreadContext threadContext =
ThreadContext.getThreadContext();
- final BeanContext beanContext = threadContext.getBeanContext();
- final String ejbName = beanContext.getEjbName();
- try {
- String name = type == null ? null : type.getSpecName();
- if ("LocalBean".equals(name) || "LocalBeanHome".equals(name)) {
- name = null;
- }
+ final ThreadContext threadContext = ThreadContext.getThreadContext();
+ final BeanContext beanContext = threadContext.getBeanContext();
+ final String ejbName = beanContext.getEjbName();
+ try {
+ String name = type == null ? null : type.getSpecName();
+ if ("LocalBean".equals(name) || "LocalBeanHome".equals(name)) {
+ name = null;
+ }
- final Identity currentIdentity = clientIdentity.get();
- final SecurityContext securityContext;
- if (currentIdentity == null) {
- securityContext = threadContext.get(SecurityContext.class);
- } else {
- securityContext = new
SecurityContext(currentIdentity.getSubject());
- }
- securityContext.getAccessControlContext().checkPermission(new
EJBMethodPermission(ejbName, name, method));
- } catch (final AccessControlException e) {
- return false;
+ final Identity currentIdentity = clientIdentity.get();
+ final SecurityContext securityContext;
+ if (currentIdentity == null) {
+ securityContext = threadContext.get(SecurityContext.class);
+ } else {
+ securityContext = new
SecurityContext(currentIdentity.getSubject());
}
- return true;
+ securityContext.getAccessControlContext().checkPermission(new
EJBMethodPermission(ejbName, name, method));
+ } catch (final AccessControlException e) {
+ if ("openejb/Deployer".equals(ejbName)
+ || type == BUSINESS_LOCALBEAN_HOME
+ || type == LOCALBEAN) {
+ return true;
+ }
+ return false;
}
- return true; // if the security manager is not available, we assume
that the caller is authorized
+ return true;
}
protected static String autoJaccProvider() {
diff --git
a/container/openejb-loader/src/main/java/org/apache/openejb/loader/SystemInstance.java
b/container/openejb-loader/src/main/java/org/apache/openejb/loader/SystemInstance.java
index 434c02a653..f690577740 100644
---
a/container/openejb-loader/src/main/java/org/apache/openejb/loader/SystemInstance.java
+++
b/container/openejb-loader/src/main/java/org/apache/openejb/loader/SystemInstance.java
@@ -131,7 +131,6 @@ public final class SystemInstance {
}
this.internalProperties.setProperty("openejb.home",
homeDirCanonicalPath);
this.internalProperties.setProperty("openejb.base",
baseDirCanonicalPath);
- this.internalProperties.setProperty("security.manager.available",
Boolean.toString(System.getSecurityManager() != null));
System.setProperty("derby.system.home",
System.getProperty("derby.system.home", baseDirCanonicalPath));
}
