[jira] [Commented] (CXF-7467) WSDLManagerImpl requires privileged actions in order to work under a security manager
[
https://issues.apache.org/jira/browse/CXF-7467?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16138376#comment-16138376
]
ASF GitHub Bot commented on CXF-7467:
-
Github user asfgit closed the pull request at:
https://github.com/apache/cxf/pull/303
> WSDLManagerImpl requires privileged actions in order to work under a security
> manager
> -
>
> Key: CXF-7467
> URL: https://issues.apache.org/jira/browse/CXF-7467
> Project: CXF
> Issue Type: Bug
> Components: JAX-WS Runtime
>Affects Versions: 3.1.12
>Reporter: Ingo Weiss
> Labels: security
> Fix For: 3.1.13, 3.2.0
>
>
> When using CXF and WSDL under a security manager, security related exceptions
> are thrown, making initialisation of {{WSDLManagerImpl}} fail.
> {noformat}
> Caused by: java.security.AccessControlException: WFSM01: Permission check
> failed (permission "("java.io.FilePermission"
> "/Library/Java/JavaVirtualMachines/jdk1.8.0_144.jdk/Contents/Home/jre/lib/wsdl.properties"
> "read")" in code source "(vfs:/content/executorService.war/WEB-INF/classes
> )" of "ModuleClassLoader for Module
> "deployment.executorService.war" from Service Module Loader")
> at
> org.wildfly.security.manager.WildFlySecurityManager.checkPermission(WildFlySecurityManager.java:278)
> at
> org.wildfly.security.manager.WildFlySecurityManager.checkPermission(WildFlySecurityManager.java:175)
> at java.lang.SecurityManager.checkRead(SecurityManager.java:888)
> at
> org.wildfly.security.manager.WildFlySecurityManager.checkRead(WildFlySecurityManager.java:350)
> at java.io.FileInputStream.(FileInputStream.java:127)
> at
> javax.wsdl.factory.WSDLFactory.findFactoryImplName(WSDLFactory.java:243)
> at javax.wsdl.factory.WSDLFactory.newInstance(WSDLFactory.java:60)
> at org.apache.cxf.wsdl11.WSDLManagerImpl.(WSDLManagerImpl.java:84)
> at org.apache.cxf.wsdl11.WSDLManagerImpl.(WSDLManagerImpl.java:80)
> at sun.reflect.NativeConstructorAccessorImpl.newInstance0(Native Method)
> at
> sun.reflect.NativeConstructorAccessorImpl.newInstance(NativeConstructorAccessorImpl.java:62)
> at
> sun.reflect.DelegatingConstructorAccessorImpl.newInstance(DelegatingConstructorAccessorImpl.java:45)
> at java.lang.reflect.Constructor.newInstance(Constructor.java:423)
> at org.apache.cxf.bus.extension.Extension.load(Extension.java:249)
> at org.apache.cxf.bus.extension.Extension.load(Extension.java:261)
> at
> org.apache.cxf.bus.extension.ExtensionManagerImpl.loadAndRegister(ExtensionManagerImpl.java:213)
> at
> org.apache.cxf.bus.extension.ExtensionManagerImpl.getBeanOfType(ExtensionManagerImpl.java:320)
> at
> org.apache.cxf.bus.extension.ExtensionManagerBus.getExtension(ExtensionManagerBus.java:215)
> at
> org.apache.cxf.jaxws.ServiceImpl.initializePorts(ServiceImpl.java:169)
> at org.apache.cxf.jaxws.ServiceImpl.initialize(ServiceImpl.java:160)
> at org.apache.cxf.jaxws.ServiceImpl.(ServiceImpl.java:129)
> ...
> {noformat}
--
This message was sent by Atlassian JIRA
(v6.4.14#64029)
[jira] [Commented] (CXF-7467) WSDLManagerImpl requires privileged actions in order to work under a security manager
[
https://issues.apache.org/jira/browse/CXF-7467?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16123263#comment-16123263
]
Ingo Weiss commented on CXF-7467:
-
I did, https://github.com/apache/cxf/pull/303.
> WSDLManagerImpl requires privileged actions in order to work under a security
> manager
> -
>
> Key: CXF-7467
> URL: https://issues.apache.org/jira/browse/CXF-7467
> Project: CXF
> Issue Type: Bug
> Components: JAX-WS Runtime
>Affects Versions: 3.1.12
>Reporter: Ingo Weiss
> Labels: security
>
> When using CXF and WSDL under a security manager, security related exceptions
> are thrown, making initialisation of {{WSDLManagerImpl}} fail.
> {noformat}
> Caused by: java.security.AccessControlException: WFSM01: Permission check
> failed (permission "("java.io.FilePermission"
> "/Library/Java/JavaVirtualMachines/jdk1.8.0_144.jdk/Contents/Home/jre/lib/wsdl.properties"
> "read")" in code source "(vfs:/content/executorService.war/WEB-INF/classes
> )" of "ModuleClassLoader for Module
> "deployment.executorService.war" from Service Module Loader")
> at
> org.wildfly.security.manager.WildFlySecurityManager.checkPermission(WildFlySecurityManager.java:278)
> at
> org.wildfly.security.manager.WildFlySecurityManager.checkPermission(WildFlySecurityManager.java:175)
> at java.lang.SecurityManager.checkRead(SecurityManager.java:888)
> at
> org.wildfly.security.manager.WildFlySecurityManager.checkRead(WildFlySecurityManager.java:350)
> at java.io.FileInputStream.(FileInputStream.java:127)
> at
> javax.wsdl.factory.WSDLFactory.findFactoryImplName(WSDLFactory.java:243)
> at javax.wsdl.factory.WSDLFactory.newInstance(WSDLFactory.java:60)
> at org.apache.cxf.wsdl11.WSDLManagerImpl.(WSDLManagerImpl.java:84)
> at org.apache.cxf.wsdl11.WSDLManagerImpl.(WSDLManagerImpl.java:80)
> at sun.reflect.NativeConstructorAccessorImpl.newInstance0(Native Method)
> at
> sun.reflect.NativeConstructorAccessorImpl.newInstance(NativeConstructorAccessorImpl.java:62)
> at
> sun.reflect.DelegatingConstructorAccessorImpl.newInstance(DelegatingConstructorAccessorImpl.java:45)
> at java.lang.reflect.Constructor.newInstance(Constructor.java:423)
> at org.apache.cxf.bus.extension.Extension.load(Extension.java:249)
> at org.apache.cxf.bus.extension.Extension.load(Extension.java:261)
> at
> org.apache.cxf.bus.extension.ExtensionManagerImpl.loadAndRegister(ExtensionManagerImpl.java:213)
> at
> org.apache.cxf.bus.extension.ExtensionManagerImpl.getBeanOfType(ExtensionManagerImpl.java:320)
> at
> org.apache.cxf.bus.extension.ExtensionManagerBus.getExtension(ExtensionManagerBus.java:215)
> at
> org.apache.cxf.jaxws.ServiceImpl.initializePorts(ServiceImpl.java:169)
> at org.apache.cxf.jaxws.ServiceImpl.initialize(ServiceImpl.java:160)
> at org.apache.cxf.jaxws.ServiceImpl.(ServiceImpl.java:129)
> ...
> {noformat}
--
This message was sent by Atlassian JIRA
(v6.4.14#64029)
[jira] [Commented] (CXF-7467) WSDLManagerImpl requires privileged actions in order to work under a security manager
[
https://issues.apache.org/jira/browse/CXF-7467?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16123252#comment-16123252
]
Sergey Beryozkin commented on CXF-7467:
---
Can you please create a Java 7 friendly patch for 3.1.x ?
> WSDLManagerImpl requires privileged actions in order to work under a security
> manager
> -
>
> Key: CXF-7467
> URL: https://issues.apache.org/jira/browse/CXF-7467
> Project: CXF
> Issue Type: Bug
> Components: JAX-WS Runtime
>Affects Versions: 3.1.12
>Reporter: Ingo Weiss
> Labels: security
>
> When using CXF and WSDL under a security manager, security related exceptions
> are thrown, making initialisation of {{WSDLManagerImpl}} fail.
> {noformat}
> Caused by: java.security.AccessControlException: WFSM01: Permission check
> failed (permission "("java.io.FilePermission"
> "/Library/Java/JavaVirtualMachines/jdk1.8.0_144.jdk/Contents/Home/jre/lib/wsdl.properties"
> "read")" in code source "(vfs:/content/executorService.war/WEB-INF/classes
> )" of "ModuleClassLoader for Module
> "deployment.executorService.war" from Service Module Loader")
> at
> org.wildfly.security.manager.WildFlySecurityManager.checkPermission(WildFlySecurityManager.java:278)
> at
> org.wildfly.security.manager.WildFlySecurityManager.checkPermission(WildFlySecurityManager.java:175)
> at java.lang.SecurityManager.checkRead(SecurityManager.java:888)
> at
> org.wildfly.security.manager.WildFlySecurityManager.checkRead(WildFlySecurityManager.java:350)
> at java.io.FileInputStream.(FileInputStream.java:127)
> at
> javax.wsdl.factory.WSDLFactory.findFactoryImplName(WSDLFactory.java:243)
> at javax.wsdl.factory.WSDLFactory.newInstance(WSDLFactory.java:60)
> at org.apache.cxf.wsdl11.WSDLManagerImpl.(WSDLManagerImpl.java:84)
> at org.apache.cxf.wsdl11.WSDLManagerImpl.(WSDLManagerImpl.java:80)
> at sun.reflect.NativeConstructorAccessorImpl.newInstance0(Native Method)
> at
> sun.reflect.NativeConstructorAccessorImpl.newInstance(NativeConstructorAccessorImpl.java:62)
> at
> sun.reflect.DelegatingConstructorAccessorImpl.newInstance(DelegatingConstructorAccessorImpl.java:45)
> at java.lang.reflect.Constructor.newInstance(Constructor.java:423)
> at org.apache.cxf.bus.extension.Extension.load(Extension.java:249)
> at org.apache.cxf.bus.extension.Extension.load(Extension.java:261)
> at
> org.apache.cxf.bus.extension.ExtensionManagerImpl.loadAndRegister(ExtensionManagerImpl.java:213)
> at
> org.apache.cxf.bus.extension.ExtensionManagerImpl.getBeanOfType(ExtensionManagerImpl.java:320)
> at
> org.apache.cxf.bus.extension.ExtensionManagerBus.getExtension(ExtensionManagerBus.java:215)
> at
> org.apache.cxf.jaxws.ServiceImpl.initializePorts(ServiceImpl.java:169)
> at org.apache.cxf.jaxws.ServiceImpl.initialize(ServiceImpl.java:160)
> at org.apache.cxf.jaxws.ServiceImpl.(ServiceImpl.java:129)
> ...
> {noformat}
--
This message was sent by Atlassian JIRA
(v6.4.14#64029)
[jira] [Commented] (CXF-7467) WSDLManagerImpl requires privileged actions in order to work under a security manager
[
https://issues.apache.org/jira/browse/CXF-7467?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16123235#comment-16123235
]
ASF GitHub Bot commented on CXF-7467:
-
Github user asfgit closed the pull request at:
https://github.com/apache/cxf/pull/304
> WSDLManagerImpl requires privileged actions in order to work under a security
> manager
> -
>
> Key: CXF-7467
> URL: https://issues.apache.org/jira/browse/CXF-7467
> Project: CXF
> Issue Type: Bug
> Components: JAX-WS Runtime
>Affects Versions: 3.1.12
>Reporter: Ingo Weiss
> Labels: security
>
> When using CXF and WSDL under a security manager, security related exceptions
> are thrown, making initialisation of {{WSDLManagerImpl}} fail.
> {noformat}
> Caused by: java.security.AccessControlException: WFSM01: Permission check
> failed (permission "("java.io.FilePermission"
> "/Library/Java/JavaVirtualMachines/jdk1.8.0_144.jdk/Contents/Home/jre/lib/wsdl.properties"
> "read")" in code source "(vfs:/content/executorService.war/WEB-INF/classes
> )" of "ModuleClassLoader for Module
> "deployment.executorService.war" from Service Module Loader")
> at
> org.wildfly.security.manager.WildFlySecurityManager.checkPermission(WildFlySecurityManager.java:278)
> at
> org.wildfly.security.manager.WildFlySecurityManager.checkPermission(WildFlySecurityManager.java:175)
> at java.lang.SecurityManager.checkRead(SecurityManager.java:888)
> at
> org.wildfly.security.manager.WildFlySecurityManager.checkRead(WildFlySecurityManager.java:350)
> at java.io.FileInputStream.(FileInputStream.java:127)
> at
> javax.wsdl.factory.WSDLFactory.findFactoryImplName(WSDLFactory.java:243)
> at javax.wsdl.factory.WSDLFactory.newInstance(WSDLFactory.java:60)
> at org.apache.cxf.wsdl11.WSDLManagerImpl.(WSDLManagerImpl.java:84)
> at org.apache.cxf.wsdl11.WSDLManagerImpl.(WSDLManagerImpl.java:80)
> at sun.reflect.NativeConstructorAccessorImpl.newInstance0(Native Method)
> at
> sun.reflect.NativeConstructorAccessorImpl.newInstance(NativeConstructorAccessorImpl.java:62)
> at
> sun.reflect.DelegatingConstructorAccessorImpl.newInstance(DelegatingConstructorAccessorImpl.java:45)
> at java.lang.reflect.Constructor.newInstance(Constructor.java:423)
> at org.apache.cxf.bus.extension.Extension.load(Extension.java:249)
> at org.apache.cxf.bus.extension.Extension.load(Extension.java:261)
> at
> org.apache.cxf.bus.extension.ExtensionManagerImpl.loadAndRegister(ExtensionManagerImpl.java:213)
> at
> org.apache.cxf.bus.extension.ExtensionManagerImpl.getBeanOfType(ExtensionManagerImpl.java:320)
> at
> org.apache.cxf.bus.extension.ExtensionManagerBus.getExtension(ExtensionManagerBus.java:215)
> at
> org.apache.cxf.jaxws.ServiceImpl.initializePorts(ServiceImpl.java:169)
> at org.apache.cxf.jaxws.ServiceImpl.initialize(ServiceImpl.java:160)
> at org.apache.cxf.jaxws.ServiceImpl.(ServiceImpl.java:129)
> ...
> {noformat}
--
This message was sent by Atlassian JIRA
(v6.4.14#64029)
[jira] [Commented] (CXF-7467) WSDLManagerImpl requires privileged actions in order to work under a security manager
[
https://issues.apache.org/jira/browse/CXF-7467?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16119627#comment-16119627
]
ASF GitHub Bot commented on CXF-7467:
-
GitHub user iweiss opened a pull request:
https://github.com/apache/cxf/pull/304
[CXF-7467] WSDLManagerImpl requires privileged actions in order to work
under a security manager
This covers CXF 3.2.
CXF 3.1 PR: https://github.com/apache/cxf/pull/303
You can merge this pull request into a Git repository by running:
$ git pull https://github.com/iweiss/cxf wsdl-secmanager-fixes_3.2
Alternatively you can review and apply these changes as the patch at:
https://github.com/apache/cxf/pull/304.patch
To close this pull request, make a commit to your master/trunk branch
with (at least) the following in the commit message:
This closes #304
commit 5d62df5f0eb20089d29c47e4691e4146bbc685cf
Author: Ingo Weiss
Date: 2017-08-09T09:26:27Z
[CXF-7467] WSDLManagerImpl requires privileged actions in order to work
under a security manager
This covers CXF 3.2.
CXF 3.1 PR: https://github.com/apache/cxf/pull/303
> WSDLManagerImpl requires privileged actions in order to work under a security
> manager
> -
>
> Key: CXF-7467
> URL: https://issues.apache.org/jira/browse/CXF-7467
> Project: CXF
> Issue Type: Bug
> Components: JAX-WS Runtime
>Affects Versions: 3.1.12
>Reporter: Ingo Weiss
> Labels: security
>
> When using CXF and WSDL under a security manager, security related exceptions
> are thrown, making initialisation of {{WSDLManagerImpl}} fail.
> {noformat}
> Caused by: java.security.AccessControlException: WFSM01: Permission check
> failed (permission "("java.io.FilePermission"
> "/Library/Java/JavaVirtualMachines/jdk1.8.0_144.jdk/Contents/Home/jre/lib/wsdl.properties"
> "read")" in code source "(vfs:/content/executorService.war/WEB-INF/classes
> )" of "ModuleClassLoader for Module
> "deployment.executorService.war" from Service Module Loader")
> at
> org.wildfly.security.manager.WildFlySecurityManager.checkPermission(WildFlySecurityManager.java:278)
> at
> org.wildfly.security.manager.WildFlySecurityManager.checkPermission(WildFlySecurityManager.java:175)
> at java.lang.SecurityManager.checkRead(SecurityManager.java:888)
> at
> org.wildfly.security.manager.WildFlySecurityManager.checkRead(WildFlySecurityManager.java:350)
> at java.io.FileInputStream.(FileInputStream.java:127)
> at
> javax.wsdl.factory.WSDLFactory.findFactoryImplName(WSDLFactory.java:243)
> at javax.wsdl.factory.WSDLFactory.newInstance(WSDLFactory.java:60)
> at org.apache.cxf.wsdl11.WSDLManagerImpl.(WSDLManagerImpl.java:84)
> at org.apache.cxf.wsdl11.WSDLManagerImpl.(WSDLManagerImpl.java:80)
> at sun.reflect.NativeConstructorAccessorImpl.newInstance0(Native Method)
> at
> sun.reflect.NativeConstructorAccessorImpl.newInstance(NativeConstructorAccessorImpl.java:62)
> at
> sun.reflect.DelegatingConstructorAccessorImpl.newInstance(DelegatingConstructorAccessorImpl.java:45)
> at java.lang.reflect.Constructor.newInstance(Constructor.java:423)
> at org.apache.cxf.bus.extension.Extension.load(Extension.java:249)
> at org.apache.cxf.bus.extension.Extension.load(Extension.java:261)
> at
> org.apache.cxf.bus.extension.ExtensionManagerImpl.loadAndRegister(ExtensionManagerImpl.java:213)
> at
> org.apache.cxf.bus.extension.ExtensionManagerImpl.getBeanOfType(ExtensionManagerImpl.java:320)
> at
> org.apache.cxf.bus.extension.ExtensionManagerBus.getExtension(ExtensionManagerBus.java:215)
> at
> org.apache.cxf.jaxws.ServiceImpl.initializePorts(ServiceImpl.java:169)
> at org.apache.cxf.jaxws.ServiceImpl.initialize(ServiceImpl.java:160)
> at org.apache.cxf.jaxws.ServiceImpl.(ServiceImpl.java:129)
> ...
> {noformat}
--
This message was sent by Atlassian JIRA
(v6.4.14#64029)
[jira] [Commented] (CXF-7467) WSDLManagerImpl requires privileged actions in order to work under a security manager
[
https://issues.apache.org/jira/browse/CXF-7467?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16119626#comment-16119626
]
ASF GitHub Bot commented on CXF-7467:
-
GitHub user iweiss opened a pull request:
https://github.com/apache/cxf/pull/303
[CXF-7467] WSDLManagerImpl requires privileged actions in order to work
under a security manager
This covers CXF 3.1
You can merge this pull request into a Git repository by running:
$ git pull https://github.com/iweiss/cxf wsdl-secmanager-fixes
Alternatively you can review and apply these changes as the patch at:
https://github.com/apache/cxf/pull/303.patch
To close this pull request, make a commit to your master/trunk branch
with (at least) the following in the commit message:
This closes #303
commit 8361f00a0de320e47ebb415dfda9997ba4faaf92
Author: Ingo Weiss
Date: 2017-08-09T08:00:11Z
Fixes issues when using WSDL under a security manager
> WSDLManagerImpl requires privileged actions in order to work under a security
> manager
> -
>
> Key: CXF-7467
> URL: https://issues.apache.org/jira/browse/CXF-7467
> Project: CXF
> Issue Type: Bug
> Components: JAX-WS Runtime
>Affects Versions: 3.1.12
>Reporter: Ingo Weiss
> Labels: security
>
> When using CXF and WSDL under a security manager, security related exceptions
> are thrown, making initialisation of {{WSDLManagerImpl}} fail.
> {noformat}
> Caused by: java.security.AccessControlException: WFSM01: Permission check
> failed (permission "("java.io.FilePermission"
> "/Library/Java/JavaVirtualMachines/jdk1.8.0_144.jdk/Contents/Home/jre/lib/wsdl.properties"
> "read")" in code source "(vfs:/content/executorService.war/WEB-INF/classes
> )" of "ModuleClassLoader for Module
> "deployment.executorService.war" from Service Module Loader")
> at
> org.wildfly.security.manager.WildFlySecurityManager.checkPermission(WildFlySecurityManager.java:278)
> at
> org.wildfly.security.manager.WildFlySecurityManager.checkPermission(WildFlySecurityManager.java:175)
> at java.lang.SecurityManager.checkRead(SecurityManager.java:888)
> at
> org.wildfly.security.manager.WildFlySecurityManager.checkRead(WildFlySecurityManager.java:350)
> at java.io.FileInputStream.(FileInputStream.java:127)
> at
> javax.wsdl.factory.WSDLFactory.findFactoryImplName(WSDLFactory.java:243)
> at javax.wsdl.factory.WSDLFactory.newInstance(WSDLFactory.java:60)
> at org.apache.cxf.wsdl11.WSDLManagerImpl.(WSDLManagerImpl.java:84)
> at org.apache.cxf.wsdl11.WSDLManagerImpl.(WSDLManagerImpl.java:80)
> at sun.reflect.NativeConstructorAccessorImpl.newInstance0(Native Method)
> at
> sun.reflect.NativeConstructorAccessorImpl.newInstance(NativeConstructorAccessorImpl.java:62)
> at
> sun.reflect.DelegatingConstructorAccessorImpl.newInstance(DelegatingConstructorAccessorImpl.java:45)
> at java.lang.reflect.Constructor.newInstance(Constructor.java:423)
> at org.apache.cxf.bus.extension.Extension.load(Extension.java:249)
> at org.apache.cxf.bus.extension.Extension.load(Extension.java:261)
> at
> org.apache.cxf.bus.extension.ExtensionManagerImpl.loadAndRegister(ExtensionManagerImpl.java:213)
> at
> org.apache.cxf.bus.extension.ExtensionManagerImpl.getBeanOfType(ExtensionManagerImpl.java:320)
> at
> org.apache.cxf.bus.extension.ExtensionManagerBus.getExtension(ExtensionManagerBus.java:215)
> at
> org.apache.cxf.jaxws.ServiceImpl.initializePorts(ServiceImpl.java:169)
> at org.apache.cxf.jaxws.ServiceImpl.initialize(ServiceImpl.java:160)
> at org.apache.cxf.jaxws.ServiceImpl.(ServiceImpl.java:129)
> ...
> {noformat}
--
This message was sent by Atlassian JIRA
(v6.4.14#64029)
