-
Type:
Bug
-
Resolution: Fixed
-
Priority:
P2
-
Affects Version/s: 6
-
Component/s: security-libs
-
b91
-
sparc
-
solaris_10
XML Signature validation fails (using JSR 105 API) if a SecurityManager is enabled. This
is a bug that needs to be fixed. This the exception stack trace:
java.security.AccessControlException: access denied (java.util.PropertyPermission com.sun.org.apache.xml.internal.security.resource.config read)
at java.security.AccessControlContext.checkPermission(AccessControlContext.java:323)
at java.security.AccessController.checkPermission(AccessController.java:546)
at java.lang.SecurityManager.checkPermission(SecurityManager.java:532)
at java.lang.SecurityManager.checkPropertyAccess(SecurityManager.java:1285)
at java.lang.System.getProperty(System.java:652)
at com.sun.org.apache.xml.internal.security.Init.init(Init.java:111)
at org.jcp.xml.dsig.internal.dom.DOMXMLSignature.<clinit>(DOMXMLSignature.java:62)
at org.jcp.xml.dsig.internal.dom.DOMXMLSignatureFactory.unmarshal(DOMXMLSignatureFactory.java:152)
at org.jcp.xml.dsig.internal.dom.DOMXMLSignatureFactory.unmarshalXMLSignature(DOMXMLSignatureFactory.java:116)
Validating and generating XML Signatures should not require special permissions. The reading
of the property operation above either needs to be removed or wrapped in a doPrivileged block.
is a bug that needs to be fixed. This the exception stack trace:
java.security.AccessControlException: access denied (java.util.PropertyPermission com.sun.org.apache.xml.internal.security.resource.config read)
at java.security.AccessControlContext.checkPermission(AccessControlContext.java:323)
at java.security.AccessController.checkPermission(AccessController.java:546)
at java.lang.SecurityManager.checkPermission(SecurityManager.java:532)
at java.lang.SecurityManager.checkPropertyAccess(SecurityManager.java:1285)
at java.lang.System.getProperty(System.java:652)
at com.sun.org.apache.xml.internal.security.Init.init(Init.java:111)
at org.jcp.xml.dsig.internal.dom.DOMXMLSignature.<clinit>(DOMXMLSignature.java:62)
at org.jcp.xml.dsig.internal.dom.DOMXMLSignatureFactory.unmarshal(DOMXMLSignatureFactory.java:152)
at org.jcp.xml.dsig.internal.dom.DOMXMLSignatureFactory.unmarshalXMLSignature(DOMXMLSignatureFactory.java:116)
Validating and generating XML Signatures should not require special permissions. The reading
of the property operation above either needs to be removed or wrapped in a doPrivileged block.