Hi Fabio, The is tracked by this ticket now https://issues.apache.org/jira/browse/CXF-9227
Best Regards Freeman On Fri, Jun 26, 2026 at 4:23 AM Fabio Burzigotti <[email protected]> wrote: > Hi Freeman, > I've tried again and, as said, there's no way for me to create an issue; > I can only comment on existing ones. > I'd appreciate if this could be solved. > > Thanks, > Fabio. > ------------------------------ > *From:* Freeman Fang <[email protected]> > *Sent:* Thursday, June 25, 2026 9:35 PM > *To:* [email protected] <[email protected]> > *Cc:* Fabio Burzigotti <[email protected]> > *Subject:* [EXTERNAL] Re: cxf-4.1.7 causes WildFly regression when > Security Manager is enabled > > Hi Fabio, Thank you for the detailed report. I believe we need to address > those for the next release. Could you please open a single JIRA ticket > covering all three issues so we can attach the patch and track them > properly? Feel free to assign > Hi Fabio, > > Thank you for the detailed report. I believe we need to address those for > the next release. > > Could you please open a single JIRA ticket covering all three issues so we > can attach the patch and track them properly? Feel free to assign it to me. > Also I have no idea why you can't create jira ticket now, could you please > try again and let us know if you still can't > > Best regards, > Freeman > > On Thu, Jun 25, 2026 at 12:30 PM Fabio Burzigotti via dev < > [email protected]> wrote: > > Hi, > WildFly's CI checks [1] to test the Apache CXF upgrade from version > 4.1.6 to 4.1.7 revealed a behavior change that's causing applications to > fail. > > By analyzing the stack trace, we identified a common root cause: new > permission checks that require additional deployment configuration (for > example, via permissions.xml). > > We initially found the following: > - NetPermission("getProxySelector") > - RuntimePermission("org.apache.cxf.permission") > > Once added to the deployment's permissions.xml file, we discovered > another: SocketPermission("[::1]:8080", "connect,resolve"). > > We're now adding this one and seeing if more appear, but it's clear this > is a behavior change that impacts users and causes a regression for WildFly > users. > > According to our analysis, the NetPermission("getProxySelector") issue is > caused by changes in https://github.com/apache/cxf/pull/3154/ > <https://urldefense.proofpoint.com/v2/url?u=https-3A__github.com_apache_cxf_pull_3154_&d=DwMFaQ&c=BSDicqBQBDjDI9RkVyTcHQ&r=6DfnpHA4c8_1RRukaC5NgaPkggwObJL3tohfoe-PGLI&m=d8eo5VbxILUdVeyMx-4ZU3BSSu8wBzjXqoemyCBLyJg16CoekBOBJIe87e8n-r4L&s=kHp4G7ZKROL_EHR0qC3YjJVkZ2Co3v8TMphigF3BYSk&e=> > . > The SocketPermission("[::1]:8080", "connect,resolve") issue appears to > stem from URIResolver, but this must be a side effect of the recent > changes, as it didn't occur in version 4.1.6. > The same appears to be true for > RuntimePermission("org.apache.cxf.permission"). > > I tried creating a ticket on Apache CXF Jira, but I don't have permissions > to see the "Create" button, which is strange since I have an Apache CXF > account. > > What are your thoughts on this issue? > > [1] > https://ci.wildfly.org/buildConfiguration/WF_PullRequest_LinuxSmJdk17/570420 > <https://urldefense.proofpoint.com/v2/url?u=https-3A__ci.wildfly.org_buildConfiguration_WF-5FPullRequest-5FLinuxSmJdk17_570420&d=DwMFaQ&c=BSDicqBQBDjDI9RkVyTcHQ&r=6DfnpHA4c8_1RRukaC5NgaPkggwObJL3tohfoe-PGLI&m=d8eo5VbxILUdVeyMx-4ZU3BSSu8wBzjXqoemyCBLyJg16CoekBOBJIe87e8n-r4L&s=QcwSnVpw7N7XR5RqxxIB7YCkVcU-9qmN5Z3qHL0LDoY&e=> > > Regards, > > Fabio Burzigotti > Software Developer > IBM Software > [email protected] > > IBM > > Unless otherwise stated above: > > IBM Italia S.p.A. > Sede Legale: Circonvallazione Idroscalo - 20054 Segrate (MI) > Cap. Soc. euro 247.656.998.20 > C. F. e Reg. Imprese MI 01442240030 - Partita IVA 10914660153 > Società con unico azionista > Società soggetta all'attività di direzione e coordinamento di > International Business Machines Corporation > > Unless otherwise stated above: > > IBM Italia S.p.A. > Sede Legale: Circonvallazione Idroscalo - 20054 Segrate (MI) > Cap. Soc. euro 247.656.998.20 > C. F. e Reg. Imprese MI 01442240030 - Partita IVA 10914660153 > Società con unico azionista > Società soggetta all'attività di direzione e coordinamento di > International Business Machines Corporation >
