Uploaded image for project: 'Santuario'
  1. Santuario
  2. SANTUARIO-464

Allow setting default algorithms without invoking the SecurityManager

    XMLWordPrintableJSON

    Details

    • Type: Bug
    • Status: Closed
    • Priority: Minor
    • Resolution: Fixed
    • Affects Version/s: Java 2.0.3, Java 2.0.4, Java 2.0.5, Java 2.0.6, Java 2.0.7, Java 2.0.8
    • Fix Version/s: Java 2.1.0, Java 2.0.9
    • Component/s: Java
    • Labels:
      None
    • Environment:
      Google App Engine lastest SDK 1.9.51 Standard Environment
      OpenSAML

      Description

      I use the OpenSAML 3.3.0 on Google App Engine Platform and always return the error. (I have submitted an issue show the detail https://issues.shibboleth.net/jira/browse/OSJ-205) And the exception is at the bottom.

      The interesting thing is that when I change the version of 'xmlsec' to the 2.0.2, the exception will not occur. Then I try all the version above from 2.0.3 to 2.0.8 (2.0.5 is used by OpenSAML 3.3.0). The exception will always be thrown.

      Update: I try the 534045-patched of wso2, and the exception does not occur!

      So is there any difference from 2.0.3 which is not compatible with Google App Engine Standard Environment?

      Caused by: java.security.AccessControlException: access denied ("java.security.SecurityPermission" "org.apache.xml.security.register")
      at java.security.AccessControlContext.checkPermission(AccessControlContext.java:472)
      at java.security.AccessController.checkPermission(AccessController.java:884)
      at java.lang.SecurityManager.checkPermission(SecurityManager.java:549)
      at com.google.appengine.tools.development.DevAppServerFactory$CustomSecurityManager.checkPermission(DevAppServerFactory.java:445)
      at org.apache.xml.security.utils.JavaUtils.checkRegisterPermission(JavaUtils.java:249)
      at org.apache.xml.security.utils.ElementProxy.setDefaultPrefix(ElementProxy.java:475)
      at org.apache.xml.security.utils.ElementProxy.registerDefaultPrefixes(ElementProxy.java:498)
      at org.apache.xml.security.Init$2.run(Init.java:122)
      at org.apache.xml.security.Init$2.run(Init.java:117)
      at java.security.AccessController.doPrivileged(Native Method)
      at org.apache.xml.security.Init.dynamicInit(Init.java:117)
      at org.apache.xml.security.Init.init(Init.java:94)
      at org.opensaml.xmlsec.signature.impl.SignatureMarshaller.<init>(SignatureMarshaller.java:55)
      ... 108 more

        Attachments

          Activity

            People

            • Assignee:
              coheigea Colm O hEigeartaigh
              Reporter:
              mengxin Xin Meng
            • Votes:
              0 Vote for this issue
              Watchers:
              4 Start watching this issue

              Dates

              • Created:
                Updated:
                Resolved: