[MYFACES-3590] AccessControlException occurs in Classpath._searchDir - ASF JIRA

XML

Word

Printable

JSON

Details

Type: Bug
Status: Closed
Priority: Minor
Resolution: Fixed
Affects Version/s: 2.0.14
Fix Version/s: 2.0.15, 2.1.9
Component/s: JSR-314
Labels:
None
Environment:
WebSphere Application Server

Description

I have an application which is experiencing an AccessControlException with the following stack trace:

Caused by: java.security.AccessControlException: Access denied (java.io.FilePermission \META-INF read)
at java.security.AccessController.checkPermission(AccessController.java:108)
at java.lang.SecurityManager.checkPermission(SecurityManager.java:544)
at com.ibm.ws.security.core.SecurityManager.checkPermission(SecurityManager.java:208)
at java.lang.SecurityManager.checkRead(SecurityManager.java:883)
at java.io.File.exists(File.java:742)
at org.apache.myfaces.view.facelets.util.Classpath._searchDir(Classpath.java:116)
at org.apache.myfaces.view.facelets.util.Classpath._searchResource(Classpath.java:106)
at org.apache.myfaces.view.facelets.util.Classpath.search(Classpath.java:61)

I've attached a patch which just adds a doPrivileged block around the offending code.

If someone can review and commit the change that would be great, let me know if there are any questions.

Thanks!

Attachments

- Sort By Name
- Sort By Date
- Ascending
- Descending

Classpath.patch
01/Aug/12 14:30
1 kB
Paul Nicolucci

Activity

People

Assignee:: Leonardo Uribe

Reporter:: Paul Nicolucci

Votes:: 0 Vote for this issue

Watchers:: 2 Start watching this issue

Dates

Created:: 01/Aug/12 14:29

Updated:: 04/Sep/12 23:01

Resolved:: 03/Aug/12 13:45

Time Tracking

Estimated:

Remaining:

Logged:

Not Specified