Valentin Valchev created WINK-427:
-------------------------------------
Summary: JaxRsFilter fails if OSGi security is enabled
Key: WINK-427
URL: https://issues.apache.org/jira/browse/WINK-427
Project: Wink
Issue Type: Bug
Components: OSGi
Reporter: Valentin Valchev
Priority: Critical
When the filter code is executed, the stack will contain classes from the Http
Service.
OSGi allows the administrator to give different permissions to each bundle. So
if the HTTP is given less permissions by the wink-osgi bundle, the doFilter()
method might fails with SecurityException.
Example:
http is given permissions A,B,C
wink-osgi is given ALL permissions
anyway, the security context, when doFilter() is executed will allow only A,B
and C permissions.
Therefore it's recommended to use privileged block in doFilter() method or in
winkProvider.handleRequest().
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)
