Uploaded image for project: 'JBoss Marshalling'
  1. JBoss Marshalling
  2. JBMAR-130

AccessControlException because of SerializableClass.callReadObject

    XMLWordPrintable

Details

    • Medium

    Description

      see https://community.jboss.org/message/716366#716366 for details.
      Invoking an EJB from a remote client throws an AccessControlException after 60+ successful invocations despite AllPermission in the policy file. The patch we developed in the discussion was to modify org/jboss/marshalling/reflect/SerializableClass.callReadObject(...) to use a privileged action. The workaround passed the tests in jboss-marshalling and worked for the remote EJB invocation (over 100,000 successful invocations before stopping test).

      Attachments

        Activity

          People

            dlloyd@redhat.com David Lloyd
            wreicher1@redhat.com Will Reichert
            Votes:
            0 Vote for this issue
            Watchers:
            6 Start watching this issue

            Dates

              Created:
              Updated:
              Resolved: