JAXWS: Java2Security Violation Fixes ------------------------------------ Key: AXIS2-4390 URL: https://issues.apache.org/jira/browse/AXIS2-4390 Project: Axis 2.0 (Axis2) Issue Type: Bug Reporter: Rich Scheuerle Assignee: Rich Scheuerle
Two Java2Security violations were detected during IBM testing. The first violation occurs in org/apache/axis2/jaxws/description/impl/DescriptionUtils.openHandlerConfig stream. The non-priv code causes the handler configuration access to fail. This can cause user applications to fail. The second violation occurs in the JAX-WS JavaBeanDispatcher while getting the Context ClassLoader. Solution; I am correcting the code to add the appropriate ammount of doPriv stanzas. Kudos to Paul Mariduena for his cooperation on the design and testing of these fixes. -- This message is automatically generated by JIRA. - You can reply to this email to add a comment to the issue online.