Uploaded image for project: 'Tuscany'
  1. Tuscany
  2. TUSCANY-4030

AccessControlException when trying to read schemas with Java 2 security enabled

    Details

    • Type: Bug
    • Status: Closed
    • Priority: Major
    • Resolution: Fixed
    • Affects Version/s: None
    • Fix Version/s: Java-SCA-2.0
    • Component/s: None
    • Labels:
      None
    • Patch Info:
      Patch Available

      Description

      I believe we need to wrap line 183 in the XSDModelResolver with an AccessController.doPrivileged so we can read a schema when java 2 security is enabled. Working on a patch now.

      InputSource xsd = null;
      final XSDefinition finaldef = definition;
      try {
      try {
      xsd = (InputSource) AccessController.doPrivileged(new PrivilegedExceptionAction<InputSource>() {
      public InputSource run() throws IOException

      { return XMLDocumentHelper.getInputSource(finaldef.getLocation().toURL()); }

      });
      } catch (PrivilegedActionException e)

      { throw (IOException) e.getException(); }

      } catch (IOException e)

      { throw new ContributionRuntimeException(e); }

      java.security.AccessControlException: Access denied (java.io.FilePermission C:\WAS\was85a\profiles\AppSrv01\installedAssets\sdoscope-shared-oasis.jar\BASE\sdoscope-shared-oasis.jar read)
      at java.security.AccessController.checkPermission(AccessController.java:132)
      at java.lang.SecurityManager.checkPermission(SecurityManager.java:544)
      at com.ibm.ws.security.core.SecurityManager.checkPermission(SecurityManager.java:208)
      at java.lang.SecurityManager.checkRead(SecurityManager.java:883)
      at java.util.zip.ZipFile.<init>(ZipFile.java:145)
      at java.util.jar.JarFile.<init>(JarFile.java:149)
      at java.util.jar.JarFile.<init>(JarFile.java:86)
      at sun.net.www.protocol.jar.URLJarFile.<init>(URLJarFile.java:84)
      at sun.net.www.protocol.jar.URLJarFile.getJarFile(URLJarFile.java:60)
      at sun.net.www.protocol.jar.JarFileFactory.get(JarFileFactory.java:92)
      at sun.net.www.protocol.jar.JarURLConnection.connect(JarURLConnection.java:119)
      at sun.net.www.protocol.jar.JarURLConnection.getInputStream(JarURLConnection.java:147)
      at org.apache.tuscany.sca.common.xml.XMLDocumentHelper.openStream(XMLDocumentHelper.java:139)
      at org.apache.tuscany.sca.common.xml.XMLDocumentHelper.getInputSource(XMLDocumentHelper.java:129)
      at org.apache.tuscany.sca.xsd.xml.XSDModelResolver.loadOnDemand(XSDModelResolver.java:183)
      at org.apache.tuscany.sca.xsd.xml.XSDModelResolver.aggregate(XSDModelResolver.java:224)
      at org.apache.tuscany.sca.xsd.xml.XSDModelResolver.resolveModel(XSDModelResolver.java:123)
      at org.apache.tuscany.sca.contribution.resolver.ExtensibleModelResolver.resolveModel(ExtensibleModelResolver.java:154)

        Attachments

        1. TUSCANY-4030v3.patch
          5 kB
          Kaushik Mukherjee

          Activity

            People

            • Assignee:
              simonslaws Simon Laws
              Reporter:
              kmukher Kaushik Mukherjee
            • Votes:
              0 Vote for this issue
              Watchers:
              0 Start watching this issue

              Dates

              • Created:
                Updated:
                Resolved: