Uploaded image for project: 'Weld'
  1. Weld
  2. WELD-2496

org.jboss.weld.literal.BeforeDestroyedLiteral may fail to initialize with a security manager

    XMLWordPrintable

Details

    • Bug
    • Resolution: Done
    • Critical
    • 3.0.5.Final
    • 3.0.4.Final
    • None

    Description

      The class org.jboss.weld.literal.BeforeDestroyedLiteral has an implicit class initializer which calls it static of method, which in turn calls the class constructor, which in turn calls the implicit superclass constructor javax.enterprise.util.AnnotationLiteral#AnnotationLiteral, which in turn calls javax.enterprise.util.AnnotationLiteral#getMembers which requires special security manager permissions since it uses the reflection API to get declared members.

      A class static initialization may be performed from any context. If it performs operations which require special privileges, then the static initialization steps must be enclosed in a AccessController#doPrivileged call.

      One example failure within the WildFly test suite has the following stack trace:

      Breakpoint reached
	  at org.wildfly.security.manager.WildFlySecurityManager.checkPermission(WildFlySecurityManager.java:295)
	  at org.wildfly.security.manager.WildFlySecurityManager.checkPermission(WildFlySecurityManager.java:192)
	  at java.lang.Class.checkMemberAccess(Class.java:2348)
	  at java.lang.Class.getDeclaredMethods(Class.java:1974)
	  at javax.enterprise.util.AnnotationLiteral.getMembers(AnnotationLiteral.java:78)
	  at javax.enterprise.util.AnnotationLiteral.<init>(AnnotationLiteral.java:69)
	  at org.jboss.weld.literal.BeforeDestroyedLiteral.<init>(BeforeDestroyedLiteral.java:50)
	  at org.jboss.weld.literal.BeforeDestroyedLiteral.of(BeforeDestroyedLiteral.java:47)
	  at org.jboss.weld.literal.BeforeDestroyedLiteral.<clinit>(BeforeDestroyedLiteral.java:34)
	  at org.jboss.weld.module.ejb.AbstractEJBRequestScopeActivationInterceptor$2.computeValue(AbstractEJBRequestScopeActivationInterceptor.java:58)
	  at org.jboss.weld.module.ejb.AbstractEJBRequestScopeActivationInterceptor$2.computeValue(AbstractEJBRequestScopeActivationInterceptor.java:54)
	  at org.jboss.weld.util.LazyValueHolder.get(LazyValueHolder.java:46)
	  at org.jboss.weld.module.ejb.AbstractEJBRequestScopeActivationInterceptor.aroundInvoke(AbstractEJBRequestScopeActivationInterceptor.java:83)
	  at org.jboss.as.weld.ejb.EjbRequestScopeActivationInterceptor.processInvocation(EjbRequestScopeActivationInterceptor.java:89)
	  at org.jboss.invocation.InterceptorContext.proceed(InterceptorContext.java:422)
	  at org.jboss.as.ejb3.component.interceptors.CurrentInvocationContextInterceptor.processInvocation(CurrentInvocationContextInterceptor.java:41)
	  at org.jboss.invocation.InterceptorContext.proceed(InterceptorContext.java:422)
	  at org.jboss.as.ejb3.component.invocationmetrics.WaitTimeInterceptor.processInvocation(WaitTimeInterceptor.java:47)
	  at org.jboss.invocation.InterceptorContext.proceed(InterceptorContext.java:422)
	  at org.jboss.as.ejb3.security.SecurityContextInterceptor.processInvocation(SecurityContextInterceptor.java:100)
	  at org.jboss.invocation.InterceptorContext.proceed(InterceptorContext.java:422)
	  at org.jboss.as.ejb3.deployment.processors.StartupAwaitInterceptor.processInvocation(StartupAwaitInterceptor.java:22)
	  at org.jboss.invocation.InterceptorContext.proceed(InterceptorContext.java:422)
	  at org.jboss.as.ejb3.component.interceptors.ShutDownInterceptorFactory$1.processInvocation(ShutDownInterceptorFactory.java:64)
	  at org.jboss.invocation.InterceptorContext.proceed(InterceptorContext.java:422)
	  at org.jboss.as.ejb3.deployment.processors.EjbSuspendInterceptor.processInvocation(EjbSuspendInterceptor.java:57)
	  at org.jboss.invocation.InterceptorContext.proceed(InterceptorContext.java:422)
	  at org.jboss.as.ejb3.component.interceptors.LoggingInterceptor.processInvocation(LoggingInterceptor.java:67)
	  at org.jboss.invocation.InterceptorContext.proceed(InterceptorContext.java:422)
	  at org.jboss.as.ee.component.NamespaceContextInterceptor.processInvocation(NamespaceContextInterceptor.java:50)
	  at org.jboss.invocation.InterceptorContext.proceed(InterceptorContext.java:422)
	  at org.jboss.as.ejb3.component.interceptors.AdditionalSetupInterceptor.processInvocation(AdditionalSetupInterceptor.java:54)
	  at org.jboss.invocation.InterceptorContext.proceed(InterceptorContext.java:422)
	  at org.jboss.as.ejb3.component.messagedriven.MessageDrivenComponentDescription$5$1.processInvocation(MessageDrivenComponentDescription.java:243)
	  at org.jboss.invocation.InterceptorContext.proceed(InterceptorContext.java:422)
	  at org.jboss.invocation.ContextClassLoaderInterceptor.processInvocation(ContextClassLoaderInterceptor.java:60)
	  at org.jboss.invocation.InterceptorContext.proceed(InterceptorContext.java:422)
	  at org.jboss.invocation.InterceptorContext.run(InterceptorContext.java:438)
	  at org.wildfly.security.manager.WildFlySecurityManager.doChecked(WildFlySecurityManager.java:619)
	  at org.jboss.invocation.AccessCheckingInterceptor.processInvocation(AccessCheckingInterceptor.java:57)
	  at org.jboss.invocation.InterceptorContext.proceed(InterceptorContext.java:422)
	  at org.jboss.invocation.ChainedInterceptor.processInvocation(ChainedInterceptor.java:53)
	  at org.jboss.as.ee.component.ViewService$View.invoke(ViewService.java:198)
	  at org.jboss.as.ee.component.ViewDescription$1.processInvocation(ViewDescription.java:185)
	  at org.jboss.as.ee.component.ProxyInvocationHandler.invoke(ProxyInvocationHandler.java:81)
	  at org.jboss.as.test.integration.ee.injection.resource.enventry.TestEnvEntryMDBean$$$view1.onMessage(Unknown Source:-1)
	  at sun.reflect.NativeMethodAccessorImpl.invoke0(NativeMethodAccessorImpl.java:-1)
	  at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62)
	  at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
	  at java.lang.reflect.Method.invoke(Method.java:498)
	  at org.jboss.as.ejb3.inflow.MessageEndpointInvocationHandler.doInvoke(MessageEndpointInvocationHandler.java:139)
	  at org.jboss.as.ejb3.inflow.AbstractInvocationHandler.invoke(AbstractInvocationHandler.java:73)
	  at org.jboss.as.test.integration.ee.injection.resource.enventry.TestEnvEntryMDBean$$$endpoint1.onMessage(Unknown Source:-1)
	  at org.apache.activemq.artemis.ra.inflow.ActiveMQMessageHandler.onMessage(ActiveMQMessageHandler.java:303)
	  at org.apache.activemq.artemis.core.client.impl.ClientConsumerImpl.callOnMessage(ClientConsumerImpl.java:1001)
	  at org.apache.activemq.artemis.core.client.impl.ClientConsumerImpl.access$400(ClientConsumerImpl.java:49)
	  at org.apache.activemq.artemis.core.client.impl.ClientConsumerImpl$Runner.run(ClientConsumerImpl.java:1124)
	  at org.apache.activemq.artemis.utils.OrderedExecutorFactory$OrderedExecutor$ExecutorTask.run(OrderedExecutorFactory.java:122)
	  at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1149)
	  at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:624)
	  at java.lang.Thread.run(Thread.java:748)
Perm = ("java.lang.RuntimePermission" "accessDeclaredMembers"), CS = (vfs:/content/env-entry-test.jar <no signer certificates>), CL = ModuleClassLoader for Module "deployment.env-entry-test.jar" from Service Module Loader, ID = 34549a6d

      Attachments

        Issue Links

          causes

          Bug - A problem that impairs or prevents the functions of the product. WFLY-10383 Multiple test failures due to Weld class init problem

          • Critical - To be worked on immediately following BLOCKER issues.
          • Closed
          is blocked by

          Bug - A problem that impairs or prevents the functions of the product. CDI-699 AnnotationLiteral should use privileged actions for reflective operations

          • Major - To be worked after higher priority work items are addressed. When the severity is high and the effort to change it is low to moderate, this term is chosen. Issues in this category likely have an existing workaround but implementation or execution may be non-trivial.
          • Resolved

          Activity

            People

              manovotn Matěj Novotný
              dlloyd@redhat.com David Lloyd
              Votes:
              0 Vote for this issue
              Watchers:
              3 Start watching this issue

              Dates

                Created:
                Updated:
                Resolved: