[ https://issues.apache.org/jira/browse/AXIS2-4390?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Andreas Veithen updated AXIS2-4390: ----------------------------------- Fix Version/s: 1.6 > JAXWS: Java2Security Violation Fixes > ------------------------------------ > > Key: AXIS2-4390 > URL: https://issues.apache.org/jira/browse/AXIS2-4390 > Project: Axis 2.0 (Axis2) > Issue Type: Bug > Reporter: Rich Scheuerle > Assignee: Rich Scheuerle > Fix For: 1.6 > > Original Estimate: 24h > Remaining Estimate: 24h > > Two Java2Security violations were detected during IBM testing. > The first violation occurs in > org/apache/axis2/jaxws/description/impl/DescriptionUtils.openHandlerConfig > stream. > The non-priv code causes the handler configuration access to fail. This can > cause user applications to fail. > The second violation occurs in the JAX-WS JavaBeanDispatcher while getting > the Context ClassLoader. > Solution; > I am correcting the code to add the appropriate ammount of doPriv stanzas. > Kudos to Paul Mariduena for his cooperation on the design and testing of > these fixes. -- This message is automatically generated by JIRA. - You can reply to this email to add a comment to the issue online.