Re: CXF deploying in Tomcat checkPermission issue

Fri, 01 Feb 2008 18:15:12 -0800 

Unfortunately, this is completely required per the jaxws spec.   We HAVE 
to call the check permissions on the SecurityManager when an 
Endpoint.publish(..) call is made.  

You really have two options:

1) Configure the SecurityManager to allow the PUBLISH_PERMISSION check to 
succeed.   I think tomcat has some configs to allow you to keep the SM 
in place, but configured to allow publish.

2) Switch from using jaxws:endpoint to jaxws:server in your spring config 
file.   jaxws:server doesn't use the JAXWS Endpoint apis (It create the 
CXF internal representation that the JAXWS Endpoing thing more or less 
wrappers) so it may not be affected by that check.

Dan


On Friday 01 February 2008, Yadav, Yogendra (IT) wrote:
> Hi,
> Having this issue while deploying CXF in Tomcat which has
> SecurityManager enabled and can't turn off.
>
> <org.springframework.beans.factory.BeanCreationException: Error
> creating bean with name 'helloWorld': Invocation of init method
> failed; nested exception is java.security.AccessControlException:
> access denied (javax.xml.ws.WebServicePermission publishEndpoint)
> Caused by: java.security.AccessControlException: access denied
> (javax.xml.ws.WebServicePermission publishEndpoint)
>         at
> java.security.AccessControlContext.checkPermission(AccessControlContex
>t. java:264)
>         at
> java.security.AccessController.checkPermission(AccessController.java:4
>27 )
>         at
> java.lang.SecurityManager.checkPermission(SecurityManager.java:532)
>         at
> org.apache.cxf.jaxws.EndpointImpl.checkPublishPermission(EndpointImpl.
>ja va:349)
>
> The EndpointImpl.checkPublishPermission :
>     protected void checkPublishPermission() {
>         SecurityManager sm = System.getSecurityManager();
>         if (sm != null) {
>             sm.checkPermission(PUBLISH_PERMISSION);
>         } else if
> (Boolean.getBoolean(CHECK_PUBLISH_ENDPOINT_PERMISSON_PROPERTY)) {
>             AccessController.checkPermission(PUBLISH_PERMISSION);
>
> Where:
>     private static final WebServicePermission PUBLISH_PERMISSION =
>         new WebServicePermission("publishEndpoint");
>
> thanx
> -yogen
> --------------------------------------------------------
>
> NOTICE: If received in error, please destroy and notify sender. Sender
> does not intend to waive confidentiality or privilege. Use of this
> email is prohibited when received in error.



-- 
J. Daniel Kulp
Principal Engineer, IONA
[EMAIL PROTECTED]
http://www.dankulp.com/blog

Reply via email to