tomee-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Svetlin Zarev <>
Subject OpenEJB 4.5.2 & Protection Domains
Date Tue, 30 Aug 2016 14:35:09 GMT

I've hit a an issue with newer java versions and an old OpenEJB v4.5.2. The
issue is caused by the following change in the JRE:

*DomainCombiner will no longer consult runtime policy for static
ProtectionDomain objects when combining ProtectionDomain objects*
Applications which use static ProtectionDomain objects (created using the
2-arg constructor) with an insufficient set of permissions may now get an
AccessControlException with this fix. They should either replace the static
ProtectionDomain objects with dynamic ones (using the 4-arg constructor)
whose permission set will be expanded by the current Policy or construct
the static ProtectionDomain object with all the necessary permissions.
JDK-8147771 (not public)

So now we are getting "EJBAccessException: Unauthorized Access by Principal
Denied" when trying to create an EJB because of that fix. Any idea how we
can solve that issue (moving to a newer openejb is not an option) ?

Best regards,

  • Unnamed multipart/alternative (inline, None, 0 bytes)
View raw message