1 Reply Latest reply on Feb 24, 2007 11:57 AM by Scott Stark

    JBAOP-368, Need to correct the ProtectionDomain used to defi

    Scott Stark Master

      A problem I have run into while looking at running jboss5 under a security manager is that the interceptor class is not being created with a useful ProtectionDomain/CodeSource. It should be using the CodeSource of the aspect object so that one can use the ProtectionDomain of the aspect as the basis for security policy configuration. For example, the call to the TransformerCommon should be passing in the ProtectionDomain obtained from the apect:

      ProtectionDomain pd = aspect.getClass().getProtectionDomain();
      iclass = TransformerCommon.toClass(clazz, cl, pd);

      I'm going through the calls to TransformerCommon.toClass and updating these to pass in a ProtectionDomain to test out a fix.