[GLASSFISH-15456] [UB]Release note security permissions required for CDI applications Created: 06/Jan/11  Updated: 25/Mar/11  Resolved: 25/Mar/11

Status: Resolved
Project: glassfish
Component/s: docs
Affects Version/s: 3.1_b33
Fix Version/s: 3.1

Type: Task Priority: Major
Reporter: Sivakumar Thyagarajan Assignee: Scott Fordin
Resolution: Fixed Votes: 0
Labels: None
Remaining Estimate: Not Specified
Time Spent: Not Specified
Original Estimate: Not Specified

Tags: 3_1-release-note-added, 3_1-release-notes


Please release note the following for 3.1 See GLASSFISH-15078 [1] for more information.

CDI-enabled Java EE applications that are deployed in a GF3.1 domain/cluster, which has security manager enabled, have to add the following Permissions for the deployed application. Adding permissions for an application is described in http://docs.sun.com/app/docs/doc/820-7695/beabz?l=en&a=view

grant codeBase "file:$

{com.sun.aas.instanceRoot}/applications/[ApplicationName]" {
permission java.lang.reflect.ReflectPermission "suppressAccessChecks";

For example, for a CDI application, say foo.war, add the following permissions to server.policy, restart domain/cluster and then deploy and use the application.

grant codeBase "file:${com.sun.aas.instanceRoot}

/applications/foo" {
permission java.lang.reflect.ReflectPermission "suppressAccessChecks";

These additional Permissions are not needed when the security manager is disabled.

[1] http://java.net/jira/browse/GLASSFISH-15078?focusedCommentId=174564&page=com.atlassian.jira.plugin.system.issuetabpanels%3Acomment-tabpanel#action_174564

Comment by Paul Davies [ 11/Jan/11 ]

Not really a bug but a task.
Reassigned to Release Notes owner.
Prefixed summary with [UB] to denote that the issue affects unbundled documentation.

Comment by Scott Fordin [ 11/Feb/11 ]

Will add topic to 3.1 Release Notes.

Comment by Scott Fordin [ 25/Feb/11 ]

Believe this was added to 3.1 Security Guide.

Comment by Scott Fordin [ 25/Mar/11 ]

Actually, it was not added to the Security Guide, so I've added it to the 3.1 Release Notes, and added the "3_1-release-note-added" tag.

Generated at Sat Oct 10 01:36:05 UTC 2015 using JIRA 6.2.3#6260-sha1:63ef1d6dac3f4f4d7db4c1effd405ba38ccdc558.