Uploaded image for project: 'JBoss Web Server'
  1. JBoss Web Server
  2. JWS-472

The security manager doesn't work correctly

XMLWordPrintable

    • Icon: Bug Bug
    • Resolution: Done
    • Icon: Critical Critical
    • JWS 3.1.0 DR1
    • JWS 3.0.3 GA
    • rpm, tomcat7, tomcat8
    • None

      If you enable the security manager JSPs will not compile. See the linked bugzilla entry for more details.

      root cause

java.security.AccessControlException: access denied ("java.util.PropertyPermission" "tolerateIllegalAmbiguousVarargsInvocation" "read")
	java.security.AccessControlContext.checkPermission(AccessControlContext.java:474)
	java.security.AccessController.checkPermission(AccessController.java:685)
	java.lang.SecurityManager.checkPermission(SecurityManager.java:549)
	java.lang.SecurityManager.checkPropertyAccess(SecurityManager.java:1298)
	java.lang.System.getProperty(System.java:708)
	org.eclipse.jdt.internal.compiler.impl.CompilerOptions.<init>(CompilerOptions.java:453)
	org.apache.jasper.compiler.JDTCompiler.generateClass(JDTCompiler.java:433)
	org.apache.jasper.compiler.Compiler.compile(Compiler.java:361)
	org.apache.jasper.compiler.Compiler.compile(Compiler.java:336)
	org.apache.jasper.compiler.Compiler.compile(Compiler.java:323)
	org.apache.jasper.JspCompilationContext.compile(JspCompilationContext.java:574)
	org.apache.jasper.servlet.JspServletWrapper.service(JspServletWrapper.java:356)
	org.apache.jasper.servlet.JspServlet.serviceJspFile(JspServlet.java:396)
	org.apache.jasper.servlet.JspServlet.service(JspServlet.java:340)
	javax.servlet.http.HttpServlet.service(HttpServlet.java:725)
	sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
	sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:57)
	sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
	java.lang.reflect.Method.invoke(Method.java:606)
	org.apache.catalina.security.SecurityUtil$1.run(SecurityUtil.java:274)
	org.apache.catalina.security.SecurityUtil$1.run(SecurityUtil.java:271)
	java.security.AccessController.doPrivileged(Native Method)
	javax.security.auth.Subject.doAsPrivileged(Subject.java:536)
	org.apache.catalina.security.SecurityUtil.execute(SecurityUtil.java:306)
	org.apache.catalina.security.SecurityUtil.doAsPrivilege(SecurityUtil.java:166)
	java.security.AccessController.doPrivileged(Native Method)
	org.apache.tomcat.websocket.server.WsFilter.doFilter(WsFilter.java:52)
	sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
	sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:57)
	sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
	java.lang.reflect.Method.invoke(Method.java:606)
	org.apache.catalina.security.SecurityUtil$1.run(SecurityUtil.java:274)
	org.apache.catalina.security.SecurityUtil$1.run(SecurityUtil.java:271)
	java.security.AccessController.doPrivileged(Native Method)
	javax.security.auth.Subject.doAsPrivileged(Subject.java:536)
	org.apache.catalina.security.SecurityUtil.execute(SecurityUtil.java:306)
	org.apache.catalina.security.SecurityUtil.doAsPrivilege(SecurityUtil.java:246)

            rhn-support-csutherl Coty Sutherland
            rhn-support-csutherl Coty Sutherland
            Jan Onderka Jan Onderka
            Votes:
            0 Vote for this issue
            Watchers:
            6 Start watching this issue

              Created:
              Updated:
              Resolved:

                Estimated:
                Original Estimate - 3 hours
                3h
                Remaining:
                Remaining Estimate - 3 hours
                3h
                Logged:
                Time Spent - Not Specified
                Not Specified