[ https://issues.apache.org/jira/browse/ARTEMIS-1789?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16428412#comment-16428412 ]
Justin Bertram commented on ARTEMIS-1789: ----------------------------------------- I believe this can be addressed by back-porting the fix from ARTEMIS-1701 to the 1.x branch. > Permission check failed when resolving DNS under a security manager > ------------------------------------------------------------------- > > Key: ARTEMIS-1789 > URL: https://issues.apache.org/jira/browse/ARTEMIS-1789 > Project: ActiveMQ Artemis > Issue Type: Bug > Affects Versions: 1.5.5 > Reporter: Jeff Mesnil > Priority: Major > > When our application server is running with a security managert, Artemis > reports an error because it does not have the permission to resolve IP > addresses: > {code} > AMQ212007: connector.create or connectorFactory.createConnector should never > throw an exception, implementation is badly behaved, but we will deal with it > anyway.: java.security.AccessControlException: WFSM000001: Permission check > failed (permission "("java.net.SocketPermission" "localhost" "resolve")" in > code source "(vfs:/content/JMSResourceDefinitionsTestCase.jar <no signer > certificates>)" of "ModuleClassLoader for Module > "deployment.JMSResourceDefinitionsTestCase.jar" from Service Module Loader") > at > org.wildfly.security.manager.WildFlySecurityManager.checkPermission(WildFlySecurityManager.java:295) > at > org.wildfly.security.manager.WildFlySecurityManager.checkPermission(WildFlySecurityManager.java:192) > at java.lang.SecurityManager.checkConnect(SecurityManager.java:1048) > at > org.wildfly.security.manager.WildFlySecurityManager.checkConnect(WildFlySecurityManager.java:390) > at java.net.InetAddress.getAllByName0(InetAddress.java:1268) > at java.net.InetAddress.getAllByName(InetAddress.java:1192) > at java.net.InetAddress.getAllByName(InetAddress.java:1126) > at java.net.InetAddress.getByName(InetAddress.java:1076) > at java.net.InetSocketAddress.<init>(InetSocketAddress.java:220) > at > org.apache.activemq.artemis.core.remoting.impl.netty.NettyConnector.createConnection(NettyConnector.java:600) > at > org.apache.activemq.artemis.core.client.impl.ClientSessionFactoryImpl.openTransportConnection(ClientSessionFactoryImpl.java:1036) > at > org.apache.activemq.artemis.core.client.impl.ClientSessionFactoryImpl.createTransportConnection(ClientSessionFactoryImpl.java:1076) > at > org.apache.activemq.artemis.core.client.impl.ClientSessionFactoryImpl.establishNewConnection(ClientSessionFactoryImpl.java:1254) > at > org.apache.activemq.artemis.core.client.impl.ClientSessionFactoryImpl.getConnection(ClientSessionFactoryImpl.java:891) > at > org.apache.activemq.artemis.core.client.impl.ClientSessionFactoryImpl.getConnectionWithRetry(ClientSessionFactoryImpl.java:795) > at > org.apache.activemq.artemis.core.client.impl.ClientSessionFactoryImpl.connect(ClientSessionFactoryImpl.java:238) > at > org.apache.activemq.artemis.core.client.impl.ServerLocatorImpl.createSessionFactory(ServerLocatorImpl.java:772) > at > org.apache.activemq.artemis.jms.client.ActiveMQConnectionFactory.createConnectionInternal(ActiveMQConnectionFactory.java:755) > at > org.apache.activemq.artemis.jms.client.ActiveMQConnectionFactory.createXAConnection(ActiveMQConnectionFactory.java:338) > at > org.apache.activemq.artemis.ra.ActiveMQRAManagedConnection.setup(ActiveMQRAManagedConnection.java:769) > at > org.apache.activemq.artemis.ra.ActiveMQRAManagedConnection.<init>(ActiveMQRAManagedConnection.java:161) > at > org.apache.activemq.artemis.ra.ActiveMQRAManagedConnectionFactory.createManagedConnection(ActiveMQRAManagedConnectionFactory.java:151) > {code} > The solution may be to explicitly resolve the InetAddress(s) in a privileged > block before passing them in to Netty. -- This message was sent by Atlassian JIRA (v7.6.3#76005)