[jira] [Updated] (TUSCANY-4030) AccessControlException when trying to read schemas with Java 2 security enabled

[Kaushik Mukherjee (Updated) (JIRA)]

     [ 
https://issues.apache.org/jira/browse/TUSCANY-4030?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]

Kaushik Mukherjee updated TUSCANY-4030:
---------------------------------------

    Attachment:     (was: TUSCANY-4030.patch)
    
> AccessControlException when trying to read schemas with Java 2 security 
> enabled
> -------------------------------------------------------------------------------
>
>                 Key: TUSCANY-4030
>                 URL: https://issues.apache.org/jira/browse/TUSCANY-4030
>             Project: Tuscany
>          Issue Type: Bug
>            Reporter: Kaushik Mukherjee
>
> I believe we need to wrap line 183 in the XSDModelResolver with an 
> AccessController.doPrivileged so we can read a schema when java 2 security is 
> enabled. Working on a patch now.
>                 InputSource xsd = null;
>                 final XSDefinition finaldef = definition;
>                 try {
>                     try {
>                         xsd = (InputSource) AccessController.doPrivileged(new 
> PrivilegedExceptionAction<InputSource>() {
>                             public InputSource run() throws IOException {
>                                 return 
> XMLDocumentHelper.getInputSource(finaldef.getLocation().toURL());
>                             }
>                         });
>                     } catch (PrivilegedActionException e) {
>                         throw (IOException) e.getException();
>                     }
>                 } catch (IOException e) {
>                     throw new ContributionRuntimeException(e);
>                 }
> java.security.AccessControlException: Access denied (java.io.FilePermission 
> C:\WAS\was85a\profiles\AppSrv01\installedAssets\sdoscope-shared-oasis.jar\BASE\sdoscope-shared-oasis.jar
>  read)
>       at 
> java.security.AccessController.checkPermission(AccessController.java:132)
>       at java.lang.SecurityManager.checkPermission(SecurityManager.java:544)
>       at 
> com.ibm.ws.security.core.SecurityManager.checkPermission(SecurityManager.java:208)
>       at java.lang.SecurityManager.checkRead(SecurityManager.java:883)
>       at java.util.zip.ZipFile.<init>(ZipFile.java:145)
>       at java.util.jar.JarFile.<init>(JarFile.java:149)
>       at java.util.jar.JarFile.<init>(JarFile.java:86)
>       at sun.net.www.protocol.jar.URLJarFile.<init>(URLJarFile.java:84)
>       at sun.net.www.protocol.jar.URLJarFile.getJarFile(URLJarFile.java:60)
>       at sun.net.www.protocol.jar.JarFileFactory.get(JarFileFactory.java:92)
>       at 
> sun.net.www.protocol.jar.JarURLConnection.connect(JarURLConnection.java:119)
>       at 
> sun.net.www.protocol.jar.JarURLConnection.getInputStream(JarURLConnection.java:147)
>       at 
> org.apache.tuscany.sca.common.xml.XMLDocumentHelper.openStream(XMLDocumentHelper.java:139)
>       at 
> org.apache.tuscany.sca.common.xml.XMLDocumentHelper.getInputSource(XMLDocumentHelper.java:129)
>       at 
> org.apache.tuscany.sca.xsd.xml.XSDModelResolver.loadOnDemand(XSDModelResolver.java:183)
>       at 
> org.apache.tuscany.sca.xsd.xml.XSDModelResolver.aggregate(XSDModelResolver.java:224)
>       at 
> org.apache.tuscany.sca.xsd.xml.XSDModelResolver.resolveModel(XSDModelResolver.java:123)
>       at 
> org.apache.tuscany.sca.contribution.resolver.ExtensibleModelResolver.resolveModel(ExtensibleModelResolver.java:154)

--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators: 
https://issues.apache.org/jira/secure/ContactAdministrators!default.jspa
For more information on JIRA, see: http://www.atlassian.com/software/jira