[jira] [Commented] (CXF-7467) WSDLManagerImpl requires privileged actions in order to work under a security manager
[ https://issues.apache.org/jira/browse/CXF-7467?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16138376#comment-16138376 ] ASF GitHub Bot commented on CXF-7467: - Github user asfgit closed the pull request at: https://github.com/apache/cxf/pull/303 > WSDLManagerImpl requires privileged actions in order to work under a security > manager > - > > Key: CXF-7467 > URL: https://issues.apache.org/jira/browse/CXF-7467 > Project: CXF > Issue Type: Bug > Components: JAX-WS Runtime >Affects Versions: 3.1.12 >Reporter: Ingo Weiss > Labels: security > Fix For: 3.1.13, 3.2.0 > > > When using CXF and WSDL under a security manager, security related exceptions > are thrown, making initialisation of {{WSDLManagerImpl}} fail. > {noformat} > Caused by: java.security.AccessControlException: WFSM01: Permission check > failed (permission "("java.io.FilePermission" > "/Library/Java/JavaVirtualMachines/jdk1.8.0_144.jdk/Contents/Home/jre/lib/wsdl.properties" > "read")" in code source "(vfs:/content/executorService.war/WEB-INF/classes > )" of "ModuleClassLoader for Module > "deployment.executorService.war" from Service Module Loader") > at > org.wildfly.security.manager.WildFlySecurityManager.checkPermission(WildFlySecurityManager.java:278) > at > org.wildfly.security.manager.WildFlySecurityManager.checkPermission(WildFlySecurityManager.java:175) > at java.lang.SecurityManager.checkRead(SecurityManager.java:888) > at > org.wildfly.security.manager.WildFlySecurityManager.checkRead(WildFlySecurityManager.java:350) > at java.io.FileInputStream.(FileInputStream.java:127) > at > javax.wsdl.factory.WSDLFactory.findFactoryImplName(WSDLFactory.java:243) > at javax.wsdl.factory.WSDLFactory.newInstance(WSDLFactory.java:60) > at org.apache.cxf.wsdl11.WSDLManagerImpl.(WSDLManagerImpl.java:84) > at org.apache.cxf.wsdl11.WSDLManagerImpl.(WSDLManagerImpl.java:80) > at sun.reflect.NativeConstructorAccessorImpl.newInstance0(Native Method) > at > sun.reflect.NativeConstructorAccessorImpl.newInstance(NativeConstructorAccessorImpl.java:62) > at > sun.reflect.DelegatingConstructorAccessorImpl.newInstance(DelegatingConstructorAccessorImpl.java:45) > at java.lang.reflect.Constructor.newInstance(Constructor.java:423) > at org.apache.cxf.bus.extension.Extension.load(Extension.java:249) > at org.apache.cxf.bus.extension.Extension.load(Extension.java:261) > at > org.apache.cxf.bus.extension.ExtensionManagerImpl.loadAndRegister(ExtensionManagerImpl.java:213) > at > org.apache.cxf.bus.extension.ExtensionManagerImpl.getBeanOfType(ExtensionManagerImpl.java:320) > at > org.apache.cxf.bus.extension.ExtensionManagerBus.getExtension(ExtensionManagerBus.java:215) > at > org.apache.cxf.jaxws.ServiceImpl.initializePorts(ServiceImpl.java:169) > at org.apache.cxf.jaxws.ServiceImpl.initialize(ServiceImpl.java:160) > at org.apache.cxf.jaxws.ServiceImpl.(ServiceImpl.java:129) > ... > {noformat} -- This message was sent by Atlassian JIRA (v6.4.14#64029)
[jira] [Commented] (CXF-7467) WSDLManagerImpl requires privileged actions in order to work under a security manager
[ https://issues.apache.org/jira/browse/CXF-7467?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16123263#comment-16123263 ] Ingo Weiss commented on CXF-7467: - I did, https://github.com/apache/cxf/pull/303. > WSDLManagerImpl requires privileged actions in order to work under a security > manager > - > > Key: CXF-7467 > URL: https://issues.apache.org/jira/browse/CXF-7467 > Project: CXF > Issue Type: Bug > Components: JAX-WS Runtime >Affects Versions: 3.1.12 >Reporter: Ingo Weiss > Labels: security > > When using CXF and WSDL under a security manager, security related exceptions > are thrown, making initialisation of {{WSDLManagerImpl}} fail. > {noformat} > Caused by: java.security.AccessControlException: WFSM01: Permission check > failed (permission "("java.io.FilePermission" > "/Library/Java/JavaVirtualMachines/jdk1.8.0_144.jdk/Contents/Home/jre/lib/wsdl.properties" > "read")" in code source "(vfs:/content/executorService.war/WEB-INF/classes > )" of "ModuleClassLoader for Module > "deployment.executorService.war" from Service Module Loader") > at > org.wildfly.security.manager.WildFlySecurityManager.checkPermission(WildFlySecurityManager.java:278) > at > org.wildfly.security.manager.WildFlySecurityManager.checkPermission(WildFlySecurityManager.java:175) > at java.lang.SecurityManager.checkRead(SecurityManager.java:888) > at > org.wildfly.security.manager.WildFlySecurityManager.checkRead(WildFlySecurityManager.java:350) > at java.io.FileInputStream.(FileInputStream.java:127) > at > javax.wsdl.factory.WSDLFactory.findFactoryImplName(WSDLFactory.java:243) > at javax.wsdl.factory.WSDLFactory.newInstance(WSDLFactory.java:60) > at org.apache.cxf.wsdl11.WSDLManagerImpl.(WSDLManagerImpl.java:84) > at org.apache.cxf.wsdl11.WSDLManagerImpl.(WSDLManagerImpl.java:80) > at sun.reflect.NativeConstructorAccessorImpl.newInstance0(Native Method) > at > sun.reflect.NativeConstructorAccessorImpl.newInstance(NativeConstructorAccessorImpl.java:62) > at > sun.reflect.DelegatingConstructorAccessorImpl.newInstance(DelegatingConstructorAccessorImpl.java:45) > at java.lang.reflect.Constructor.newInstance(Constructor.java:423) > at org.apache.cxf.bus.extension.Extension.load(Extension.java:249) > at org.apache.cxf.bus.extension.Extension.load(Extension.java:261) > at > org.apache.cxf.bus.extension.ExtensionManagerImpl.loadAndRegister(ExtensionManagerImpl.java:213) > at > org.apache.cxf.bus.extension.ExtensionManagerImpl.getBeanOfType(ExtensionManagerImpl.java:320) > at > org.apache.cxf.bus.extension.ExtensionManagerBus.getExtension(ExtensionManagerBus.java:215) > at > org.apache.cxf.jaxws.ServiceImpl.initializePorts(ServiceImpl.java:169) > at org.apache.cxf.jaxws.ServiceImpl.initialize(ServiceImpl.java:160) > at org.apache.cxf.jaxws.ServiceImpl.(ServiceImpl.java:129) > ... > {noformat} -- This message was sent by Atlassian JIRA (v6.4.14#64029)
[jira] [Commented] (CXF-7467) WSDLManagerImpl requires privileged actions in order to work under a security manager
[ https://issues.apache.org/jira/browse/CXF-7467?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16123252#comment-16123252 ] Sergey Beryozkin commented on CXF-7467: --- Can you please create a Java 7 friendly patch for 3.1.x ? > WSDLManagerImpl requires privileged actions in order to work under a security > manager > - > > Key: CXF-7467 > URL: https://issues.apache.org/jira/browse/CXF-7467 > Project: CXF > Issue Type: Bug > Components: JAX-WS Runtime >Affects Versions: 3.1.12 >Reporter: Ingo Weiss > Labels: security > > When using CXF and WSDL under a security manager, security related exceptions > are thrown, making initialisation of {{WSDLManagerImpl}} fail. > {noformat} > Caused by: java.security.AccessControlException: WFSM01: Permission check > failed (permission "("java.io.FilePermission" > "/Library/Java/JavaVirtualMachines/jdk1.8.0_144.jdk/Contents/Home/jre/lib/wsdl.properties" > "read")" in code source "(vfs:/content/executorService.war/WEB-INF/classes > )" of "ModuleClassLoader for Module > "deployment.executorService.war" from Service Module Loader") > at > org.wildfly.security.manager.WildFlySecurityManager.checkPermission(WildFlySecurityManager.java:278) > at > org.wildfly.security.manager.WildFlySecurityManager.checkPermission(WildFlySecurityManager.java:175) > at java.lang.SecurityManager.checkRead(SecurityManager.java:888) > at > org.wildfly.security.manager.WildFlySecurityManager.checkRead(WildFlySecurityManager.java:350) > at java.io.FileInputStream.(FileInputStream.java:127) > at > javax.wsdl.factory.WSDLFactory.findFactoryImplName(WSDLFactory.java:243) > at javax.wsdl.factory.WSDLFactory.newInstance(WSDLFactory.java:60) > at org.apache.cxf.wsdl11.WSDLManagerImpl.(WSDLManagerImpl.java:84) > at org.apache.cxf.wsdl11.WSDLManagerImpl.(WSDLManagerImpl.java:80) > at sun.reflect.NativeConstructorAccessorImpl.newInstance0(Native Method) > at > sun.reflect.NativeConstructorAccessorImpl.newInstance(NativeConstructorAccessorImpl.java:62) > at > sun.reflect.DelegatingConstructorAccessorImpl.newInstance(DelegatingConstructorAccessorImpl.java:45) > at java.lang.reflect.Constructor.newInstance(Constructor.java:423) > at org.apache.cxf.bus.extension.Extension.load(Extension.java:249) > at org.apache.cxf.bus.extension.Extension.load(Extension.java:261) > at > org.apache.cxf.bus.extension.ExtensionManagerImpl.loadAndRegister(ExtensionManagerImpl.java:213) > at > org.apache.cxf.bus.extension.ExtensionManagerImpl.getBeanOfType(ExtensionManagerImpl.java:320) > at > org.apache.cxf.bus.extension.ExtensionManagerBus.getExtension(ExtensionManagerBus.java:215) > at > org.apache.cxf.jaxws.ServiceImpl.initializePorts(ServiceImpl.java:169) > at org.apache.cxf.jaxws.ServiceImpl.initialize(ServiceImpl.java:160) > at org.apache.cxf.jaxws.ServiceImpl.(ServiceImpl.java:129) > ... > {noformat} -- This message was sent by Atlassian JIRA (v6.4.14#64029)
[jira] [Commented] (CXF-7467) WSDLManagerImpl requires privileged actions in order to work under a security manager
[ https://issues.apache.org/jira/browse/CXF-7467?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16123235#comment-16123235 ] ASF GitHub Bot commented on CXF-7467: - Github user asfgit closed the pull request at: https://github.com/apache/cxf/pull/304 > WSDLManagerImpl requires privileged actions in order to work under a security > manager > - > > Key: CXF-7467 > URL: https://issues.apache.org/jira/browse/CXF-7467 > Project: CXF > Issue Type: Bug > Components: JAX-WS Runtime >Affects Versions: 3.1.12 >Reporter: Ingo Weiss > Labels: security > > When using CXF and WSDL under a security manager, security related exceptions > are thrown, making initialisation of {{WSDLManagerImpl}} fail. > {noformat} > Caused by: java.security.AccessControlException: WFSM01: Permission check > failed (permission "("java.io.FilePermission" > "/Library/Java/JavaVirtualMachines/jdk1.8.0_144.jdk/Contents/Home/jre/lib/wsdl.properties" > "read")" in code source "(vfs:/content/executorService.war/WEB-INF/classes > )" of "ModuleClassLoader for Module > "deployment.executorService.war" from Service Module Loader") > at > org.wildfly.security.manager.WildFlySecurityManager.checkPermission(WildFlySecurityManager.java:278) > at > org.wildfly.security.manager.WildFlySecurityManager.checkPermission(WildFlySecurityManager.java:175) > at java.lang.SecurityManager.checkRead(SecurityManager.java:888) > at > org.wildfly.security.manager.WildFlySecurityManager.checkRead(WildFlySecurityManager.java:350) > at java.io.FileInputStream.(FileInputStream.java:127) > at > javax.wsdl.factory.WSDLFactory.findFactoryImplName(WSDLFactory.java:243) > at javax.wsdl.factory.WSDLFactory.newInstance(WSDLFactory.java:60) > at org.apache.cxf.wsdl11.WSDLManagerImpl.(WSDLManagerImpl.java:84) > at org.apache.cxf.wsdl11.WSDLManagerImpl.(WSDLManagerImpl.java:80) > at sun.reflect.NativeConstructorAccessorImpl.newInstance0(Native Method) > at > sun.reflect.NativeConstructorAccessorImpl.newInstance(NativeConstructorAccessorImpl.java:62) > at > sun.reflect.DelegatingConstructorAccessorImpl.newInstance(DelegatingConstructorAccessorImpl.java:45) > at java.lang.reflect.Constructor.newInstance(Constructor.java:423) > at org.apache.cxf.bus.extension.Extension.load(Extension.java:249) > at org.apache.cxf.bus.extension.Extension.load(Extension.java:261) > at > org.apache.cxf.bus.extension.ExtensionManagerImpl.loadAndRegister(ExtensionManagerImpl.java:213) > at > org.apache.cxf.bus.extension.ExtensionManagerImpl.getBeanOfType(ExtensionManagerImpl.java:320) > at > org.apache.cxf.bus.extension.ExtensionManagerBus.getExtension(ExtensionManagerBus.java:215) > at > org.apache.cxf.jaxws.ServiceImpl.initializePorts(ServiceImpl.java:169) > at org.apache.cxf.jaxws.ServiceImpl.initialize(ServiceImpl.java:160) > at org.apache.cxf.jaxws.ServiceImpl.(ServiceImpl.java:129) > ... > {noformat} -- This message was sent by Atlassian JIRA (v6.4.14#64029)
[jira] [Commented] (CXF-7467) WSDLManagerImpl requires privileged actions in order to work under a security manager
[ https://issues.apache.org/jira/browse/CXF-7467?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16119627#comment-16119627 ] ASF GitHub Bot commented on CXF-7467: - GitHub user iweiss opened a pull request: https://github.com/apache/cxf/pull/304 [CXF-7467] WSDLManagerImpl requires privileged actions in order to work under a security manager This covers CXF 3.2. CXF 3.1 PR: https://github.com/apache/cxf/pull/303 You can merge this pull request into a Git repository by running: $ git pull https://github.com/iweiss/cxf wsdl-secmanager-fixes_3.2 Alternatively you can review and apply these changes as the patch at: https://github.com/apache/cxf/pull/304.patch To close this pull request, make a commit to your master/trunk branch with (at least) the following in the commit message: This closes #304 commit 5d62df5f0eb20089d29c47e4691e4146bbc685cf Author: Ingo Weiss Date: 2017-08-09T09:26:27Z [CXF-7467] WSDLManagerImpl requires privileged actions in order to work under a security manager This covers CXF 3.2. CXF 3.1 PR: https://github.com/apache/cxf/pull/303 > WSDLManagerImpl requires privileged actions in order to work under a security > manager > - > > Key: CXF-7467 > URL: https://issues.apache.org/jira/browse/CXF-7467 > Project: CXF > Issue Type: Bug > Components: JAX-WS Runtime >Affects Versions: 3.1.12 >Reporter: Ingo Weiss > Labels: security > > When using CXF and WSDL under a security manager, security related exceptions > are thrown, making initialisation of {{WSDLManagerImpl}} fail. > {noformat} > Caused by: java.security.AccessControlException: WFSM01: Permission check > failed (permission "("java.io.FilePermission" > "/Library/Java/JavaVirtualMachines/jdk1.8.0_144.jdk/Contents/Home/jre/lib/wsdl.properties" > "read")" in code source "(vfs:/content/executorService.war/WEB-INF/classes > )" of "ModuleClassLoader for Module > "deployment.executorService.war" from Service Module Loader") > at > org.wildfly.security.manager.WildFlySecurityManager.checkPermission(WildFlySecurityManager.java:278) > at > org.wildfly.security.manager.WildFlySecurityManager.checkPermission(WildFlySecurityManager.java:175) > at java.lang.SecurityManager.checkRead(SecurityManager.java:888) > at > org.wildfly.security.manager.WildFlySecurityManager.checkRead(WildFlySecurityManager.java:350) > at java.io.FileInputStream.(FileInputStream.java:127) > at > javax.wsdl.factory.WSDLFactory.findFactoryImplName(WSDLFactory.java:243) > at javax.wsdl.factory.WSDLFactory.newInstance(WSDLFactory.java:60) > at org.apache.cxf.wsdl11.WSDLManagerImpl.(WSDLManagerImpl.java:84) > at org.apache.cxf.wsdl11.WSDLManagerImpl.(WSDLManagerImpl.java:80) > at sun.reflect.NativeConstructorAccessorImpl.newInstance0(Native Method) > at > sun.reflect.NativeConstructorAccessorImpl.newInstance(NativeConstructorAccessorImpl.java:62) > at > sun.reflect.DelegatingConstructorAccessorImpl.newInstance(DelegatingConstructorAccessorImpl.java:45) > at java.lang.reflect.Constructor.newInstance(Constructor.java:423) > at org.apache.cxf.bus.extension.Extension.load(Extension.java:249) > at org.apache.cxf.bus.extension.Extension.load(Extension.java:261) > at > org.apache.cxf.bus.extension.ExtensionManagerImpl.loadAndRegister(ExtensionManagerImpl.java:213) > at > org.apache.cxf.bus.extension.ExtensionManagerImpl.getBeanOfType(ExtensionManagerImpl.java:320) > at > org.apache.cxf.bus.extension.ExtensionManagerBus.getExtension(ExtensionManagerBus.java:215) > at > org.apache.cxf.jaxws.ServiceImpl.initializePorts(ServiceImpl.java:169) > at org.apache.cxf.jaxws.ServiceImpl.initialize(ServiceImpl.java:160) > at org.apache.cxf.jaxws.ServiceImpl.(ServiceImpl.java:129) > ... > {noformat} -- This message was sent by Atlassian JIRA (v6.4.14#64029)
[jira] [Commented] (CXF-7467) WSDLManagerImpl requires privileged actions in order to work under a security manager
[ https://issues.apache.org/jira/browse/CXF-7467?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16119626#comment-16119626 ] ASF GitHub Bot commented on CXF-7467: - GitHub user iweiss opened a pull request: https://github.com/apache/cxf/pull/303 [CXF-7467] WSDLManagerImpl requires privileged actions in order to work under a security manager This covers CXF 3.1 You can merge this pull request into a Git repository by running: $ git pull https://github.com/iweiss/cxf wsdl-secmanager-fixes Alternatively you can review and apply these changes as the patch at: https://github.com/apache/cxf/pull/303.patch To close this pull request, make a commit to your master/trunk branch with (at least) the following in the commit message: This closes #303 commit 8361f00a0de320e47ebb415dfda9997ba4faaf92 Author: Ingo Weiss Date: 2017-08-09T08:00:11Z Fixes issues when using WSDL under a security manager > WSDLManagerImpl requires privileged actions in order to work under a security > manager > - > > Key: CXF-7467 > URL: https://issues.apache.org/jira/browse/CXF-7467 > Project: CXF > Issue Type: Bug > Components: JAX-WS Runtime >Affects Versions: 3.1.12 >Reporter: Ingo Weiss > Labels: security > > When using CXF and WSDL under a security manager, security related exceptions > are thrown, making initialisation of {{WSDLManagerImpl}} fail. > {noformat} > Caused by: java.security.AccessControlException: WFSM01: Permission check > failed (permission "("java.io.FilePermission" > "/Library/Java/JavaVirtualMachines/jdk1.8.0_144.jdk/Contents/Home/jre/lib/wsdl.properties" > "read")" in code source "(vfs:/content/executorService.war/WEB-INF/classes > )" of "ModuleClassLoader for Module > "deployment.executorService.war" from Service Module Loader") > at > org.wildfly.security.manager.WildFlySecurityManager.checkPermission(WildFlySecurityManager.java:278) > at > org.wildfly.security.manager.WildFlySecurityManager.checkPermission(WildFlySecurityManager.java:175) > at java.lang.SecurityManager.checkRead(SecurityManager.java:888) > at > org.wildfly.security.manager.WildFlySecurityManager.checkRead(WildFlySecurityManager.java:350) > at java.io.FileInputStream.(FileInputStream.java:127) > at > javax.wsdl.factory.WSDLFactory.findFactoryImplName(WSDLFactory.java:243) > at javax.wsdl.factory.WSDLFactory.newInstance(WSDLFactory.java:60) > at org.apache.cxf.wsdl11.WSDLManagerImpl.(WSDLManagerImpl.java:84) > at org.apache.cxf.wsdl11.WSDLManagerImpl.(WSDLManagerImpl.java:80) > at sun.reflect.NativeConstructorAccessorImpl.newInstance0(Native Method) > at > sun.reflect.NativeConstructorAccessorImpl.newInstance(NativeConstructorAccessorImpl.java:62) > at > sun.reflect.DelegatingConstructorAccessorImpl.newInstance(DelegatingConstructorAccessorImpl.java:45) > at java.lang.reflect.Constructor.newInstance(Constructor.java:423) > at org.apache.cxf.bus.extension.Extension.load(Extension.java:249) > at org.apache.cxf.bus.extension.Extension.load(Extension.java:261) > at > org.apache.cxf.bus.extension.ExtensionManagerImpl.loadAndRegister(ExtensionManagerImpl.java:213) > at > org.apache.cxf.bus.extension.ExtensionManagerImpl.getBeanOfType(ExtensionManagerImpl.java:320) > at > org.apache.cxf.bus.extension.ExtensionManagerBus.getExtension(ExtensionManagerBus.java:215) > at > org.apache.cxf.jaxws.ServiceImpl.initializePorts(ServiceImpl.java:169) > at org.apache.cxf.jaxws.ServiceImpl.initialize(ServiceImpl.java:160) > at org.apache.cxf.jaxws.ServiceImpl.(ServiceImpl.java:129) > ... > {noformat} -- This message was sent by Atlassian JIRA (v6.4.14#64029)