Uploaded image for project: 'MyFaces Core'
  1. MyFaces Core
  2. MYFACES-3590

AccessControlException occurs in Classpath._searchDir

    XMLWordPrintableJSON

    Details

    • Type: Bug
    • Status: Closed
    • Priority: Minor
    • Resolution: Fixed
    • Affects Version/s: 2.0.14
    • Fix Version/s: 2.0.15, 2.1.9
    • Component/s: JSR-314
    • Labels:
      None
    • Environment:
      WebSphere Application Server

      Description

      I have an application which is experiencing an AccessControlException with the following stack trace:

      Caused by: java.security.AccessControlException: Access denied (java.io.FilePermission \META-INF read)
      at java.security.AccessController.checkPermission(AccessController.java:108)
      at java.lang.SecurityManager.checkPermission(SecurityManager.java:544)
      at com.ibm.ws.security.core.SecurityManager.checkPermission(SecurityManager.java:208)
      at java.lang.SecurityManager.checkRead(SecurityManager.java:883)
      at java.io.File.exists(File.java:742)
      at org.apache.myfaces.view.facelets.util.Classpath._searchDir(Classpath.java:116)
      at org.apache.myfaces.view.facelets.util.Classpath._searchResource(Classpath.java:106)
      at org.apache.myfaces.view.facelets.util.Classpath.search(Classpath.java:61)

      I've attached a patch which just adds a doPrivileged block around the offending code.

      If someone can review and commit the change that would be great, let me know if there are any questions.

      Thanks!

        Attachments

        1. Classpath.patch
          1 kB
          Paul Nicolucci

          Activity

            People

            • Assignee:
              lu4242 Leonardo Uribe
              Reporter:
              paul.nicolucci Paul Nicolucci
            • Votes:
              0 Vote for this issue
              Watchers:
              2 Start watching this issue

              Dates

              • Created:
                Updated:
                Resolved:

                Time Tracking

                Estimated:
                Original Estimate - 2h
                2h
                Remaining:
                Remaining Estimate - 2h
                2h
                Logged:
                Time Spent - Not Specified
                Not Specified