This can be fixed. The reason behind this issue is the following code in
CarbonTomcatSessionManager#checkAccess.
StackTraceElement[] trace = Thread.currentThread().getStackTrace();
String callingClass = trace[3].getClassName();
if (allowedClasses.contains(callingClass)) {
return;
}
Here we are assuming that the 4'th class in the trace would be an allowed
class in the list. This is correct with sun jdk. But with ibm, the expected
class is found at 5th place. So if we can have a check for that, this can
be fixed.
With this change there may be a security issue with sun jdk. Some time, if
the expected class is actually found at 5th place, then we will run into a
issue. This too can be fixed by checking the jvm system property and
allowing only ibm, in that case.
Thanks,
Kishanthan.
On Fri, Jul 13, 2012 at 12:26 PM, Afkham Azeez <[email protected]> wrote:
>
>
> On Fri, Jul 13, 2012 at 12:23 PM, Kishanthan Thangarajah <
> [email protected]> wrote:
>
>> According to the error logs, the error seems to be coming from
>> CarbonTomcatSessionManger where it checks the current thread access.
>> java.lang.SecurityException: Illegal access attempt by tenant[-1] to
>> sessions owned by tenant[-1234]
>> at
>> org.wso2.carbon.webapp.mgt.CarbonTomcatSessionManager.checkAccess(CarbonTomcatSessionManager.java:114)
>>
>> How can this be an issue when changing jdk's?
>>
>
> Somehow the CarbonContext ThreadLocal variable is not established it
> seems. It works on standard Tomcat because the Tomcat session manager does
> not have this check.
>
>
>>
>> On Fri, Jul 13, 2012 at 12:07 PM, Chamara Ariyarathne
>> <[email protected]>wrote:
>>
>>> Same webapp works on tomcat with the ibm jdk 7.
>>>
>>> On Fri, Jul 13, 2012 at 11:53 AM, Chamara Ariyarathne <[email protected]
>>> > wrote:
>>>
>>>> Does not work when the browser cache is cleared.
>>>> I will try out on top of tomcat
>>>>
>>>>
>>>> On Fri, Jul 13, 2012 at 11:45 AM, Afkham Azeez <[email protected]> wrote:
>>>>
>>>>> Can you clear the browser cache & retry.
>>>>>
>>>>> On Fri, Jul 13, 2012 at 11:29 AM, Chamara Ariyarathne <
>>>>> [email protected]> wrote:
>>>>>
>>>>>> JIRA created.
>>>>>>
>>>>>> https://wso2.org/jira/browse/CARBON-13637
>>>>>>
>>>>>> --
>>>>>> *Chamara Ariyarathne*
>>>>>> Senior Software Engineer - QA;
>>>>>> WSO2 Inc; http://www.wso2.com/.
>>>>>> Mobile; *+94772786766*
>>>>>>
>>>>>>
>>>>>> _______________________________________________
>>>>>> Dev mailing list
>>>>>> [email protected]
>>>>>> http://wso2.org/cgi-bin/mailman/listinfo/dev
>>>>>>
>>>>>>
>>>>>
>>>>>
>>>>> --
>>>>> *Afkham Azeez*
>>>>> Director of Architecture; WSO2, Inc.; http://wso2.com
>>>>> Member; Apache Software Foundation; http://www.apache.org/
>>>>> * <http://www.apache.org/>**
>>>>> email: **[email protected]* <[email protected]>* cell: +94 77 3320919
>>>>> blog: **http://blog.afkham.org* <http://blog.afkham.org>*
>>>>> twitter:
>>>>> **http://twitter.com/afkham_azeez*<http://twitter.com/afkham_azeez>
>>>>> *
>>>>> linked-in: **http://lk.linkedin.com/in/afkhamazeez*
>>>>> *
>>>>> *
>>>>> *Lean . Enterprise . Middleware*
>>>>>
>>>>>
>>>>
>>>>
>>>> --
>>>> *Chamara Ariyarathne*
>>>> Senior Software Engineer - QA;
>>>> WSO2 Inc; http://www.wso2.com/.
>>>> Mobile; *+94772786766*
>>>>
>>>>
>>>
>>>
>>> --
>>> *Chamara Ariyarathne*
>>> Senior Software Engineer - QA;
>>> WSO2 Inc; http://www.wso2.com/.
>>> Mobile; *+94772786766*
>>>
>>>
>>> _______________________________________________
>>> Dev mailing list
>>> [email protected]
>>> http://wso2.org/cgi-bin/mailman/listinfo/dev
>>>
>>>
>>
>>
>> --
>> *Kishanthan Thangarajah*
>> Software Engineer,
>> Development Technologies Team,
>> WSO2, Inc.
>> lean.enterprise.middleware
>>
>> Mobile - +94773426635
>> Blog - *http://kishanthan.wordpress.com*
>> Twitter - *http://twitter.com/kishanthan*
>>
>>
>
>
> --
> *Afkham Azeez*
> Director of Architecture; WSO2, Inc.; http://wso2.com
> Member; Apache Software Foundation; http://www.apache.org/
> * <http://www.apache.org/>**
> email: **[email protected]* <[email protected]>* cell: +94 77 3320919
> blog: **http://blog.afkham.org* <http://blog.afkham.org>*
> twitter: **http://twitter.com/afkham_azeez*<http://twitter.com/afkham_azeez>
> *
> linked-in: **http://lk.linkedin.com/in/afkhamazeez*
> *
> *
> *Lean . Enterprise . Middleware*
>
>
--
*Kishanthan Thangarajah*
Software Engineer,
Development Technologies Team,
WSO2, Inc.
lean.enterprise.middleware
Mobile - +94773426635
Blog - *http://kishanthan.wordpress.com*
Twitter - *http://twitter.com/kishanthan*
_______________________________________________
Dev mailing list
[email protected]
http://wso2.org/cgi-bin/mailman/listinfo/dev
