-
Bug
-
Resolution: Fixed
-
P3
-
1.0
-
beta
-
generic
-
generic
Name: krC82822 Date: 03/21/2001
emacs: test 574>java -version
java version "1.3.0_01"
Java(TM) 2 Runtime Environment, Standard Edition (build 1.3.0_01)
Java HotSpot(TM) Client VM (build 1.3.0_01, mixed mode)
I'm seeing a strange interaction between the granting of the
(javax.security.auth.AuthPermission getLoginConfiguration)
permission and the setting of the java.security.debug=all
property even in the absence of a security manager when
the java.security.policy property is set from within the
class main method.
See the TestLogin.java code at the end of this note.
emacs: test 575>echo $CLASSPATH
.;/usr/local/src/cvsroot/jBoss/jboss/dist/lib/jaas.jar
+++ Try running with java.security.debug=access
emacs: test 576>java -Djava.security.debug=access TestLogin
java.security.manager = null
access: access allowed (javax.security.auth.AuthPermission
getLoginConfiguration)
+++ Try running with java.security.debug=all
emacs: test 577>java -Djava.security.debug=all TestLogin
scl: getPermissions
(file:/D:/usr/local/src/cvsroot/jBoss/jbosssx/src/main/test/ <no certificates>)
policy: reading file:D:/usr/local/Java/jdk1.3/jre/lib/security/java.policy
policy: Adding policy entry:
policy: signedBy null
policy: codeBase file:D:/usr/local/Java/jdk1.3/jre/lib/ext/*
...
scl:
java.security.manager = null
java.lang.Exception: Stack trace
at java.lang.Thread.dumpStack(Thread.java:993)
at java.security.AccessControlContext.checkPermission
(AccessControlContext.java:230)
at java.security.AccessController.checkPermission
(AccessController.java:399)
at TestLogin.main(TestLogin.java:17)
access: domain 0 ProtectionDomain
(file:/D:/usr/local/src/cvsroot/jBoss/jbosssx/src/main/test/ <no certificates>)
java.security.Permissions@5601ea (
(javax.sound.sampled.AudioPermission record)
(java.awt.AWTPermission showWindowWithoutWarningBanner)
(java.io.FilePermission <<ALL FILES>> read)
(java.io.FilePermission
D:\usr\local\src\cvsroot\jBoss\jbosssx\src\main\test\jmf.log write)
(java.io.FilePermission D:\Documents and Settings\Administrator\.JMStudioCfg
write)
(java.io.FilePermission D:\Temp\* write)
(java.io.FilePermission D:\Temp\* delete)
(java.io.FilePermission \D:\usr\local\src\cvsroot\jBoss\jbosssx\src\main\test\-
read)
(java.lang.RuntimePermission exitVM)
(java.lang.RuntimePermission modifyThreadGroup)
(java.lang.RuntimePermission stopThread)
(java.lang.RuntimePermission loadLibrary.*)
(java.lang.RuntimePermission accessClassInPackage.sun.misc)
(java.lang.RuntimePermission accessClassInPackage.sun.audio)
(java.lang.RuntimePermission modifyThread)
(java.net.SocketPermission * connect,accept,resolve)
(java.net.SocketPermission localhost:1024- listen,resolve)
(java.util.PropertyPermission java.class.path read)
(java.util.PropertyPermission user.name read)
(java.util.PropertyPermission java.vendor read)
(java.util.PropertyPermission java.specification.version read)
(java.util.PropertyPermission line.separator read)
(java.util.PropertyPermission java.class.version read)
(java.util.PropertyPermission java.specification.name read)
(java.util.PropertyPermission java.vendor.url read)
(java.util.PropertyPermission java.vm.version read)
(java.util.PropertyPermission os.name read)
(java.util.PropertyPermission os.arch read)
(java.util.PropertyPermission java.home read)
(java.util.PropertyPermission os.version read)
(java.util.PropertyPermission java.version read)
(java.util.PropertyPermission java.vm.specification.version read)
(java.util.PropertyPermission user.dir read)
(java.util.PropertyPermission java.vm.specification.name read)
(java.util.PropertyPermission java.specification.vendor read)
(java.util.PropertyPermission java.vm.vendor read)
(java.util.PropertyPermission file.separator read)
(java.util.PropertyPermission path.separator read)
(java.util.PropertyPermission user.home read)
(java.util.PropertyPermission java.vm.name read)
(java.util.PropertyPermission java.vm.specification.vendor read)
)
access: access denied (javax.security.auth.AuthPermission getLoginConfiguration)
java.lang.Exception: Stack trace
at java.lang.Thread.dumpStack(Thread.java:993)
at java.security.AccessControlContext.checkPermission
(AccessControlContext.java:261)
at java.security.AccessController.checkPermission
(AccessController.java:399)
at TestLogin.main(TestLogin.java:17)
access: domain that failed ProtectionDomain
(file:/D:/usr/local/src/cvsroot/jBoss/jbosssx/src/main/test/ <no certificates>)
java.security.Permissions@5601ea (
(javax.sound.sampled.AudioPermission record)
(java.awt.AWTPermission showWindowWithoutWarningBanner)
(java.io.FilePermission <<ALL FILES>> read)
(java.io.FilePermission
D:\usr\local\src\cvsroot\jBoss\jbosssx\src\main\test\jmf.log write)
(java.io.FilePermission D:\Documents and Settings\Administrator\.JMStudioCfg
write)
(java.io.FilePermission D:\Temp\* write)
(java.io.FilePermission D:\Temp\* delete)
(java.io.FilePermission \D:\usr\local\src\cvsroot\jBoss\jbosssx\src\main\test\-
read)
(java.lang.RuntimePermission exitVM)
(java.lang.RuntimePermission modifyThreadGroup)
(java.lang.RuntimePermission stopThread)
(java.lang.RuntimePermission loadLibrary.*)
(java.lang.RuntimePermission accessClassInPackage.sun.misc)
(java.lang.RuntimePermission accessClassInPackage.sun.audio)
(java.lang.RuntimePermission modifyThread)
(java.net.SocketPermission * connect,accept,resolve)
(java.net.SocketPermission localhost:1024- listen,resolve)
(java.util.PropertyPermission java.class.path read)
(java.util.PropertyPermission user.name read)
(java.util.PropertyPermission java.vendor read)
(java.util.PropertyPermission java.specification.version read)
(java.util.PropertyPermission line.separator read)
(java.util.PropertyPermission java.class.version read)
(java.util.PropertyPermission java.specification.name read)
(java.util.PropertyPermission java.vendor.url read)
(java.util.PropertyPermission java.vm.version read)
(java.util.PropertyPermission os.name read)
(java.util.PropertyPermission os.arch read)
(java.util.PropertyPermission java.home read)
(java.util.PropertyPermission os.version read)
(java.util.PropertyPermission java.version read)
(java.util.PropertyPermission java.vm.specification.version read)
(java.util.PropertyPermission user.dir read)
(java.util.PropertyPermission java.vm.specification.name read)
(java.util.PropertyPermission java.specification.vendor read)
(java.util.PropertyPermission java.vm.vendor read)
(java.util.PropertyPermission file.separator read)
(java.util.PropertyPermission path.separator read)
(java.util.PropertyPermission user.home read)
(java.util.PropertyPermission java.vm.name read)
(java.util.PropertyPermission java.vm.specification.vendor read)
)
java.security.AccessControlException: access denied
(javax.security.auth.AuthPermission getLoginConfiguration)
at java.security.AccessControlContext.checkPermission
(AccessControlContext.java:272)
at java.security.AccessController.checkPermission
(AccessController.java:399)
at TestLogin.main(TestLogin.java:17)
--- Begin TestLogin.java
import java.security.*;
import javax.security.auth.*;
public class TestLogin
{
public static void main(String[] args) throws Exception
{
System.setProperty("java.security.policy", "policy");
System.out.println("java.security.manager = "+System.getProperty
("java.security.manager"));
Permission p = new AuthPermission("getLoginConfiguration");
AccessController.checkPermission(p);
}
}
The policy file simply grants all permissions:
emacs: test 593>cat policy
grant {
permission java.security.AllPermission;
};
(Review ID: 117877)
======================================================================