Using Glassfish with security manager enabled, if we run some CTS tests, we are seeing errors that shuld probably be handled on the glassfish server side. The following permissions have been encountered and are needed in the server.policy file - without these permissions, GF will not allow some common behavior to work.
The permissions in question are:
permission javax.management.MBeanServerPermission "findMBeanServer";
permission java.lang.RuntimePermission "createSecurityManager";
If we add these to server.policy then our tests work but without them our tests fail. It has been suggested that the tests are doing common tasks that average users should be able to do and that is why its believed some level of support needs to be done on the GF server side.
See attached for stacktrace details.
The work around is to manually add these properties to the server.policy file.
The following properties are also needed in server.policy and it is not clear if these ought to be configured (ie. added to server.policy) in the CTS config step or if these perms should be handled in Glassfish side.
These additional properties are:
permission javax.security.jacc.EJBMethodPermission SecEjbHelloBasic
(see details for this perm in attached file: server.log.EJBMethodPermission )