[
https://issues.apache.org/jira/browse/OPENJPA-339?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Albert Lee updated OPENJPA-339:
-------------------------------
Attachment: OPENJPA-339.1.patch
Attached patch for the 2 new permission denials.
The "new Thread" scenario is straight forward and needs no explaination.
For the ProxyManagerImpl case, I have in-line the new PrivilegeAction instead
of putting them in J2DoPrivHelper because generateProxyBeanBytecode() is
protected qualified, therefore it can not be call from an action in
J2DoPrivHelper. There are also many methods being called to the Code instance
in generateProxyBeanBytecode() that may potentially need the doPriv . So
instead of putting many individual doPriv for Code, the doPriv is moved up to
generateProxyBeanBytecode() and this only needs one instead.
> Java 2 security Access denied in File.toURL() call
> --------------------------------------------------
>
> Key: OPENJPA-339
> URL: https://issues.apache.org/jira/browse/OPENJPA-339
> Project: OpenJPA
> Issue Type: Bug
> Components: lib
> Affects Versions: 0.9.7
> Reporter: Albert Lee
> Assignee: Albert Lee
> Fix For: 1.1.0
>
> Attachments: OPENJPA-339.1.patch, OPENJPA-339.patch
>
>
> Encounter the following access denial exception when Java 2 security is
> enabled in application server environment.
> File.toURL() is not documented which requires security check, however
> indirectly, the File.isDirectory() is invoked, which required security
> permission.
> Exception = java.security.AccessControlException
> Source = com.ibm.ws.security.core.SecurityManager
> probeid = 180
> Stack Dump = java.security.AccessControlException: Access denied
> (java.io.FilePermission
> C:\WAS3\profiles\AppSrv01\installedApps\javajoeNode01Cell\EJB3JPACallbackBeanApp.ear\EJB3JPACallbackWebApp.war\WEB-INF\classes\suite\r70\base\jpaspec\callback\entities\AbstractCallbackEntity.class
> read)
> at
> java.security.AccessController.checkPermission(AccessController.java:104)
> at java.lang.SecurityManager.checkPermission(SecurityManager.java:547)
> at
> com.ibm.ws.security.core.SecurityManager.checkPermission(SecurityManager.java:189)
> at java.lang.SecurityManager.checkRead(SecurityManager.java:886)
> at java.io.File.isDirectory(File.java:747)
> at java.io.File.toURL(File.java:620)
> at
> org.apache.openjpa.lib.meta.FileMetaDataIterator.next(FileMetaDataIterator.java:114)
> at
> org.apache.openjpa.lib.meta.ClassArgParser.mapTypeNames(ClassArgParser.java:283)
> at
> org.apache.openjpa.meta.AbstractCFMetaDataFactory.scan(AbstractCFMetaDataFactory.java:778)
> at
> org.apache.openjpa.meta.AbstractCFMetaDataFactory.parsePersistentTypeNames(AbstractCFMetaDataFactory.java:637)
> at
> org.apache.openjpa.meta.AbstractCFMetaDataFactory.getPersistentTypeNames(AbstractCFMetaDataFactory.java:605)
> at
> org.apache.openjpa.meta.MetaDataRepository.getPersistentTypeNames(MetaDataRepository.java:1214)
> at
> org.apache.openjpa.meta.MetaDataRepository.loadPersistentTypes(MetaDataRepository.java:1231)
> at
> org.apache.openjpa.kernel.AbstractBrokerFactory.loadPersistentTypes(AbstractBrokerFactory.java:245)
> at
> org.apache.openjpa.kernel.AbstractBrokerFactory.newBroker(AbstractBrokerFactory.java:197)
> at
> org.apache.openjpa.kernel.DelegatingBrokerFactory.newBroker(DelegatingBrokerFactory.java:142)
> at
> org.apache.openjpa.persistence.EntityManagerFactoryImpl.createEntityManager(EntityManagerFactoryImpl.java:190)
> at
> com.ibm.ws.persistence.EntityManagerFactoryImpl.createEntityManager(EntityManagerFactoryImpl.java:37)
> at
> com.ibm.ws.persistence.EntityManagerFactoryImpl.createEntityManager(EntityManagerFactoryImpl.java:28)
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.
