bval-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Albert Lee (Commented) (JIRA)" <j...@apache.org>
Subject [jira] [Commented] (BVAL-100) Java2 Security AccessControlException after moving to use common-lang3
Date Thu, 02 Feb 2012 00:53:53 GMT

    [ https://issues.apache.org/jira/browse/BVAL-100?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13198412#comment-13198412
] 

Albert Lee commented on BVAL-100:
---------------------------------

After the first problem is fixed, there are a few more similar exceptions shown below:

java.security.AccessControlException: Access denied (java.io.FilePermission \C:\Users\leealber\tc\WASX\as\profiles\AppSrv01\installedApps\al
leetp2Node01Cell\ATestBean.ear\BVALTestBean.jar read)
        at java.security.AccessController.checkPermission(AccessController.java:108)
        at java.lang.SecurityManager.checkPermission(SecurityManager.java:544)
        at com.ibm.ws.security.core.SecurityManager.checkPermission(SecurityManager.java:208)
        at java.lang.SecurityManager.checkRead(SecurityManager.java:883)
        at com.ibm.ws.classloader.SinglePathClassProvider.check(SinglePathClassProvider.java:593)
        at com.ibm.ws.classloader.SinglePathClassProvider.checkURL(SinglePathClassProvider.java:577)
        at com.ibm.ws.classloader.SinglePathClassProvider.getResource(SinglePathClassProvider.java:569)
        at com.ibm.ws.classloader.CompoundClassLoader.findResources(CompoundClassLoader.java:1117)
        at com.ibm.ws.classloader.CompoundClassLoader.getResources(CompoundClassLoader.java:1081)
        at com.ibm.ws.classloader.CompoundClassLoader.getResources(CompoundClassLoader.java:1062)
        at org.apache.bval.jsr303.xml.ValidationParser.getInputStream(ValidationParser.java:121)
        at org.apache.bval.jsr303.xml.ValidationParser.applyMappingStreams(ValidationParser.java:252)
        at org.apache.bval.jsr303.xml.ValidationParser.applyConfig(ValidationParser.java:162)
        at org.apache.bval.jsr303.xml.ValidationParser.processValidationConfig(ValidationParser.java:82)
        at org.apache.bval.jsr303.ConfigurationImpl.parseValidationXml(ConfigurationImpl.java:262)
        at org.apache.bval.jsr303.ConfigurationImpl.prepare(ConfigurationImpl.java:252)
        at org.apache.bval.jsr303.ConfigurationImpl.buildValidatorFactory(ConfigurationImpl.java:242)
        at javax.validation.Validation.buildDefaultValidatorFactory(Validation.java:50)
        at com.ibm.websphere.beanvalidation.fat.app.utilities.BeanHelper.resolveValidatorfactory(BeanHelper.java:80)
        
java.security.AccessControlException: Access denied (org.osgi.framework.AdminPermission (id=76)
resolve,resource)
        at java.security.AccessController.checkPermission(AccessController.java:108)
        at java.lang.SecurityManager.checkPermission(SecurityManager.java:544)
        at com.ibm.ws.security.core.SecurityManager.checkPermission(SecurityManager.java:208)
        at org.eclipse.osgi.framework.internal.core.BundleResourceHandler.checkAuthorization(BundleResourceHandler.java:289)
        at org.eclipse.osgi.framework.internal.core.BundleResourceHandler.parseURL(BundleResourceHandler.java:128)
        at java.net.URL.<init>(URL.java:608)
        at java.net.URL.<init>(URL.java:476)
        at java.net.URL.<init>(URL.java:425)
        at org.apache.xerces.impl.XMLEntityManager.setupCurrentEntity(Unknown Source)
        at org.apache.xerces.impl.XMLVersionDetector.determineDocVersion(Unknown Source)
        at org.apache.xerces.impl.xs.opti.SchemaParsingConfig.parse(Unknown Source)
        at org.apache.xerces.impl.xs.opti.SchemaParsingConfig.parse(Unknown Source)
        at org.apache.xerces.impl.xs.opti.SchemaDOMParser.parse(Unknown Source)
        at org.apache.xerces.impl.xs.traversers.XSDHandler.getSchemaDocument(Unknown Source)
        at org.apache.xerces.impl.xs.traversers.XSDHandler.parseSchema(Unknown Source)
        at org.apache.xerces.impl.xs.XMLSchemaLoader.loadSchema(Unknown Source)
        at org.apache.xerces.impl.xs.XMLSchemaLoader.loadGrammar(Unknown Source)
        at org.apache.xerces.impl.xs.XMLSchemaLoader.loadGrammar(Unknown Source)
        at org.apache.xerces.jaxp.validation.XMLSchemaFactory.newSchema(Unknown Source)
        at javax.xml.validation.SchemaFactory.newSchema(Unknown Source)
        at javax.xml.validation.SchemaFactory.newSchema(Unknown Source)
        at org.apache.bval.jsr303.xml.ValidationParser.getSchema(ValidationParser.java:159)
        at org.apache.bval.jsr303.xml.ValidationParser.getSchema(ValidationParser.java:145)
        at org.apache.bval.jsr303.xml.ValidationParser.parseXmlConfig(ValidationParser.java:99)
        at org.apache.bval.jsr303.xml.ValidationParser.processValidationConfig(ValidationParser.java:82)
        at org.apache.bval.jsr303.ConfigurationImpl.parseValidationXml(ConfigurationImpl.java:262)
        at org.apache.bval.jsr303.ConfigurationImpl.prepare(ConfigurationImpl.java:252)
        at org.apache.bval.jsr303.ConfigurationImpl.buildValidatorFactory(ConfigurationImpl.java:242)
        at javax.validation.Validation.buildDefaultValidatorFactory(Validation.java:50)
        at com.ibm.websphere.beanvalidation.fat.app.utilities.BeanHelper.resolveValidatorfactory(BeanHelper.java:80)
        

java.security.AccessControlException: Access denied (java.io.FilePermission \C:\Users\leealber\tc\WASX\as\profiles\AppSrv01\installedApps\al
leetp2Node01Cell\ATestBean.ear\BVALTestBean.jar read)
        at java.security.AccessController.checkPermission(AccessController.java:108)
        at java.lang.SecurityManager.checkPermission(SecurityManager.java:544)
        at com.ibm.ws.security.core.SecurityManager.checkPermission(SecurityManager.java:208)
        at java.lang.SecurityManager.checkRead(SecurityManager.java:883)
        at com.ibm.ws.classloader.SinglePathClassProvider.check(SinglePathClassProvider.java:593)
        at com.ibm.ws.classloader.SinglePathClassProvider.checkURL(SinglePathClassProvider.java:577)
        at com.ibm.ws.classloader.SinglePathClassProvider.getResource(SinglePathClassProvider.java:569)
        at com.ibm.ws.classloader.CompoundClassLoader.findResource(CompoundClassLoader.java:1018)
        at com.ibm.ws.classloader.CompoundClassLoader.getResource(CompoundClassLoader.java:974)
        at com.ibm.ws.classloader.CompoundClassLoader.getResourceAsStream(CompoundClassLoader.java:1155)
        at org.apache.bval.jsr303.xml.ValidationParser.getInputStream(ValidationParser.java:119)
        at org.apache.bval.jsr303.xml.ValidationParser.applyMappingStreams(ValidationParser.java:263)
        at org.apache.bval.jsr303.xml.ValidationParser.applyConfig(ValidationParser.java:173)
        at org.apache.bval.jsr303.xml.ValidationParser.processValidationConfig(ValidationParser.java:84)
        at org.apache.bval.jsr303.ConfigurationImpl.parseValidationXml(ConfigurationImpl.java:262)
        at org.apache.bval.jsr303.ConfigurationImpl.prepare(ConfigurationImpl.java:252)
        at org.apache.bval.jsr303.ConfigurationImpl.buildValidatorFactory(ConfigurationImpl.java:242)
        at javax.validation.Validation.buildDefaultValidatorFactory(Validation.java:50)
        at com.ibm.websphere.beanvalidation.fat.app.utilities.BeanHelper.resolveValidatorfactory(BeanHelper.java:80)
        at com.ibm.websphere.beanvalidation.fat.app.utilities.BeanHelper.getValidatorFactory(BeanHelper.java:63)
        at com.ibm.websphere.beanvalidation.fat.app.utilities.BeanHelper.getValidator(BeanHelper.java:51)
        at com.ibm.websphere.beanvalidation.fat.app.utilities.BeanHelper.validate(BeanHelper.java:108)
        at com.ibm.websphere.beanvalidation.fat.app.ATestBean.checkValidation(ATestBean.java:95)
        at com.ibm.websphere.beanvalidation.fat.app.EJSRemote0SLATestBean_69fd99a1.checkValidation(EJSRemote0SLATestBean_69fd99a1.java)
        at com.ibm.websphere.beanvalidation.fat.app._EJSRemote0SLATestBean_69fd99a1_Tie.checkValidation(_EJSRemote0SLATestBean_69fd99a1_Tie.
java)
        at com.ibm.websphere.beanvalidation.fat.app._EJSRemote0SLATestBean_69fd99a1_Tie._invoke(_EJSRemote0SLATestBean_69fd99a1_Tie.java)
        at com.ibm.CORBA.iiop.ServerDelegate.dispatchInvokeHandler(ServerDelegate.java:661)
        at com.ibm.CORBA.iiop.ServerDelegate.dispatch(ServerDelegate.java:515)
        at com.ibm.rmi.iiop.ORB.process(ORB.java:517)
        at com.ibm.CORBA.iiop.ORB.process(ORB.java:1575)
        at com.ibm.rmi.iiop.Connection.doRequestWork(Connection.java:2965)
        at com.ibm.rmi.iiop.Connection.doWork(Connection.java:2848)
        at com.ibm.rmi.iiop.WorkUnitImpl.doWork(WorkUnitImpl.java:64)
        at com.ibm.ejs.oa.pool.PooledThread.run(ThreadPool.java:118)
        at com.ibm.ws.util.ThreadPool$Worker.run(ThreadPool.java:1783)

I have reworked and cleaned up a few parts to enable the doPriv in these exception paths.
I shall post another patch which fixed all of these exceptions.

                
> Java2 Security AccessControlException after moving to use common-lang3
> ----------------------------------------------------------------------
>
>                 Key: BVAL-100
>                 URL: https://issues.apache.org/jira/browse/BVAL-100
>             Project: BeanValidation
>          Issue Type: Bug
>          Components: jsr303
>    Affects Versions: 0.4-incubating
>            Reporter: Albert Lee
>            Priority: Minor
>              Labels: security
>             Fix For: 0.4-incubating
>
>         Attachments: BVAL-100.patch
>
>
> Encountered the following exception when Java 2 security is enabled in an application
server. This is caused after switching the use common-lang from 2.4 to 3.1 pacakge.
> java.security.AccessControlException: Access denied (java.lang.RuntimePermission getClassLoader)
>         at java.security.AccessController.checkPermission(AccessController.java:108)
>         at java.lang.SecurityManager.checkPermission(SecurityManager.java:544)
>         at com.ibm.ws.security.core.SecurityManager.checkPermission(SecurityManager.java:208)
>         at java.lang.Thread.getContextClassLoader(Thread.java:470)
>         at org.apache.commons.lang3.StringUtils.<clinit>(StringUtils.java:717)
>         at java.lang.J9VMInternals.initializeImpl(Native Method)
>         at java.lang.J9VMInternals.initialize(J9VMInternals.java:228)
>         at org.apache.commons.lang3.ClassUtils.toCanonicalName(ClassUtils.java:923)
>         at org.apache.commons.lang3.ClassUtils.getClass(ClassUtils.java:792)
>         at org.apache.bval.jsr303.resolver.DefaultTraversableResolver.initJpa(DefaultTraversableResolver.java:78)
>         at org.apache.bval.jsr303.resolver.DefaultTraversableResolver.<init>(DefaultTraversableResolver.java:50)
>         at org.apache.bval.jsr303.ConfigurationImpl.<init>(ConfigurationImpl.java:76)
>         at org.apache.bval.jsr303.ApacheValidationProvider.createGenericConfiguration(ApacheValidationProvider.java:66)
>         at javax.validation.Validation$GenericBootstrapImpl.configure(Validation.java:173)
>         at javax.validation.Validation.buildDefaultValidatorFactory(Validation.java:50)
>         at com.ibm.websphere.beanvalidation.fat.app.utilities.BeanHelper.resolveValidatorfactory(BeanHelper.java:80)

--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators: https://issues.apache.org/jira/secure/ContactAdministrators!default.jspa
For more information on JIRA, see: http://www.atlassian.com/software/jira

        

Mime
View raw message