[WICKET-5492] WebApplication ignores a SecurityException when reading the configuration type - ASF JIRA

XML

Word

Printable

JSON

Details

Type: Bug
Status: Resolved
Priority: Major
Resolution: Fixed
Affects Version/s: 1.4.18
Fix Version/s: 6.14.0, 7.0.0-M1, 1.5.12
Component/s: wicket
Labels:
- exception-handling
- security
Environment:
WebSphere 6.1 with shared classloading enabled. Linux system.

Description

The WebApplication class has a piece of code in the method getConfigurationType(), that ignores a SecurityException.

Code snippet:
try

{ result = System.getProperty("wicket." + Application.CONFIGURATION); }

catch (SecurityException e)

{ // Ignore - we're not allowed to read system properties. }

This apparently causes a performance problem at one of our customers, where they had shared classloading enabled.

Permissions were set differently on shared classloader level, which caused the retrieval of the property to fail silently, while taking about 10ms longer. This code is called everytime Component.getMarkupId is called, which means with 300+ components on a page, you get a delay of 3 seconds or more.

Ofcourse the problem can be (and has been) solved with a correct configuration. My request however is that the exception is atleast logged at some level (warning for example), so spotting the problem will become a lot easier (it took us 2 weeks to narrow it down).

Attachments

Activity

People

Assignee:: Martin Tzvetanov Grigorov

Reporter:: Arjan Zwaan

Votes:: 0 Vote for this issue

Watchers:: 3 Start watching this issue

Dates

Created:: 29/Jan/14 09:33

Updated:: 30/Jan/14 08:54

Resolved:: 30/Jan/14 08:48

Time Tracking

Estimated:

Remaining:

Logged:

Not Specified