Java 2 security
---------------
Key: TUSCANY-2030
URL: https://issues.apache.org/jira/browse/TUSCANY-2030
Project: Tuscany
Issue Type: New Feature
Affects Versions: Java-SCA-1.0.1
Reporter: Greg Dritschler
In environments where Java 2 security is enabled, an AccessControlException may
occur in Tuscany code even though it has privileges to perform the action,
because there is code on the call stack that does not have such privileges.
doPrivileged calls must be used around such actions.
Here is an example of a failure. There are undoubtedly others.
java.security.AccessControlException: Access denied
(java.lang.RuntimePermission getClassLoader)
at
java.security.AccessController.checkPermission(AccessController.java:104)
at java.lang.SecurityManager.checkPermission(SecurityManager.java:547)
at
com.ibm.ws.security.core.SecurityManager.checkPermission(SecurityManager.java:189)
at java.lang.Class.getClassLoader(Class.java:234)
at
org.apache.tuscany.sca.core.invocation.JDKProxyFactory.createProxy(JDKProxyFactory.java:64)
at
org.apache.tuscany.sca.core.invocation.DefaultProxyFactoryExtensionPoint.createProxy(DefaultProxyFactoryExtensionPoint.java:105)
at
org.apache.tuscany.sca.core.context.CallableReferenceImpl.getInstance(CallableReferenceImpl.java:154)
at
org.apache.tuscany.sca.core.context.CallableReferenceImpl.getService(CallableReferenceImpl.java:162)
at
org.apache.tuscany.sca.host.embedded.impl.EmbeddedSCADomain.getService(EmbeddedSCADomain.java:138)
at
com.ibm.ws.soa.sca.runtime.impl.SimpleCompositeContextImpl.locateService(SimpleCompositeContextImpl.java:86)
at com.ibm._jsp._Calculator._jspService(_Calculator.java:96)
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.
---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
