Jay Modi created HTTPASYNC-124:
----------------------------------
Summary: Add doPrivileged blocks to async client and connection
manager builders
Key: HTTPASYNC-124
URL: https://issues.apache.org/jira/browse/HTTPASYNC-124
Project: HttpComponents HttpAsyncClient
Issue Type: Improvement
Reporter: Jay Modi
Attachments: builder_do_privileged.patch
If a Java security manager is present and restricting actions (like the one
used in elasticsearch), permissions need to be granted to the code using the
HttpAsyncClientBuilder when using the `useSystemProperties` options and the
call to the HttpAsyncClientBuilder#build method must be wrapped in a
AccessController#doPrivileged block. The retrieval of system properties and the
default proxy are the operations performed by the HttpAsyncClientBuilder that
require permissions to be granted or an AccessControlException will be thrown.
In order to restrict the granting of privileges to the least amount of code
necessary, the HttpAsyncClientBuilder can wrap the privileged operations in a
AccessController#doPrivileged block. This would allow code that makes use of
the HttpAsyncClient to restrict the permission granting to the async client jar
file.
Attached is a patch that adds the AccessController#doPrivileged blocks. This
relates to work done in https://github.com/elastic/elasticsearch/pull/25757.
--
This message was sent by Atlassian JIRA
(v6.4.14#64029)
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
