Issue Details (XML | Word | Printable)

Key: GLASSFISH-15456
Type: Task Task
Status: Resolved Resolved
Resolution: Fixed
Priority: Major Major
Assignee: Scott Fordin
Reporter: Sivakumar Thyagarajan
Votes: 0
Watchers: 0

If you were logged in you would be able to see more operations.

[UB]Release note security permissions required for CDI applications

Created: 06/Jan/11 04:49 AM   Updated: 25/Mar/11 11:54 AM   Resolved: 25/Mar/11 11:54 AM
Component/s: docs
Affects Version/s: 3.1_b33
Fix Version/s: 3.1

Time Tracking:
Not Specified

Tags: 3_1-release-note-added 3_1-release-notes
Participants: Paul Davies, Scott Fordin and Sivakumar Thyagarajan

 Description  « Hide

Please release note the following for 3.1 See GLASSFISH-15078 [1] for more information.

CDI-enabled Java EE applications that are deployed in a GF3.1 domain/cluster, which has security manager enabled, have to add the following Permissions for the deployed application. Adding permissions for an application is described in

grant codeBase "file:${com.sun.aas.instanceRoot}/applications/[ApplicationName]" { permission java.lang.reflect.ReflectPermission "suppressAccessChecks"; };

For example, for a CDI application, say foo.war, add the following permissions to server.policy, restart domain/cluster and then deploy and use the application.

grant codeBase "file:${com.sun.aas.instanceRoot}/applications/foo" { permission java.lang.reflect.ReflectPermission "suppressAccessChecks"; };

These additional Permissions are not needed when the security manager is disabled.


Paul Davies added a comment - 11/Jan/11 02:41 PM

Not really a bug but a task.
Reassigned to Release Notes owner.
Prefixed summary with [UB] to denote that the issue affects unbundled documentation.

Scott Fordin added a comment - 11/Feb/11 12:30 PM

Will add topic to 3.1 Release Notes.

Scott Fordin added a comment - 25/Feb/11 08:27 PM

Believe this was added to 3.1 Security Guide.

Scott Fordin added a comment - 25/Mar/11 11:54 AM

Actually, it was not added to the Security Guide, so I've added it to the 3.1 Release Notes, and added the "3_1-release-note-added" tag.