glassfish
  1. glassfish
  2. GLASSFISH-15456

[UB]Release note security permissions required for CDI applications

    Details

    • Type: Task Task
    • Status: Resolved
    • Priority: Major Major
    • Resolution: Fixed
    • Affects Version/s: 3.1_b33
    • Fix Version/s: 3.1
    • Component/s: docs
    • Labels:
      None

      Description

      Please release note the following for 3.1 See GLASSFISH-15078 [1] for more information.

      CDI-enabled Java EE applications that are deployed in a GF3.1 domain/cluster, which has security manager enabled, have to add the following Permissions for the deployed application. Adding permissions for an application is described in http://docs.sun.com/app/docs/doc/820-7695/beabz?l=en&a=view

      grant codeBase "file:$

      {com.sun.aas.instanceRoot}/applications/[ApplicationName]" {
      permission java.lang.reflect.ReflectPermission "suppressAccessChecks";
      };

      For example, for a CDI application, say foo.war, add the following permissions to server.policy, restart domain/cluster and then deploy and use the application.

      grant codeBase "file:${com.sun.aas.instanceRoot}

      /applications/foo" {
      permission java.lang.reflect.ReflectPermission "suppressAccessChecks";
      };

      These additional Permissions are not needed when the security manager is disabled.

      [1] http://java.net/jira/browse/GLASSFISH-15078?focusedCommentId=174564&page=com.atlassian.jira.plugin.system.issuetabpanels%3Acomment-tabpanel#action_174564

        Activity

        Hide
        Paul Davies added a comment -

        Not really a bug but a task.
        Reassigned to Release Notes owner.
        Prefixed summary with [UB] to denote that the issue affects unbundled documentation.

        Show
        Paul Davies added a comment - Not really a bug but a task. Reassigned to Release Notes owner. Prefixed summary with [UB] to denote that the issue affects unbundled documentation.
        Hide
        Scott Fordin added a comment -

        Will add topic to 3.1 Release Notes.

        Show
        Scott Fordin added a comment - Will add topic to 3.1 Release Notes.
        Hide
        Scott Fordin added a comment -

        Believe this was added to 3.1 Security Guide.

        Show
        Scott Fordin added a comment - Believe this was added to 3.1 Security Guide.
        Hide
        Scott Fordin added a comment -

        Actually, it was not added to the Security Guide, so I've added it to the 3.1 Release Notes, and added the "3_1-release-note-added" tag.

        Show
        Scott Fordin added a comment - Actually, it was not added to the Security Guide, so I've added it to the 3.1 Release Notes, and added the "3_1-release-note-added" tag.

          People

          • Assignee:
            Scott Fordin
            Reporter:
            Sivakumar Thyagarajan
          • Votes:
            0 Vote for this issue
            Watchers:
            0 Start watching this issue

            Dates

            • Created:
              Updated:
              Resolved: