1 Reply Latest reply on Feb 24, 2007 11:57 AM by starksm64

JBAOP-368, Need to correct the ProtectionDomain used to defi

starksm64 Feb 24, 2007 2:28 AM

A problem I have run into while looking at running jboss5 under a security manager is that the interceptor class is not being created with a useful ProtectionDomain/CodeSource. It should be using the CodeSource of the aspect object so that one can use the ProtectionDomain of the aspect as the basis for security policy configuration. For example, the call to the TransformerCommon should be passing in the ProtectionDomain obtained from the apect:

ProtectionDomain pd = aspect.getClass().getProtectionDomain();
iclass = TransformerCommon.toClass(clazz, cl, pd);

I'm going through the calls to TransformerCommon.toClass and updating these to pass in a ProtectionDomain to test out a fix.

1. Re: JBAOP-368, Need to correct the ProtectionDomain for toCl

starksm64 Feb 24, 2007 11:57 AM (in response to starksm64)

I have committed a change to trunk to require a ProtectionDomain to be passed into the TransformerCommon.toClass calls and updated the callers. This gets past the problems of null CodeSources in the ProtectionDomain check. In general we should not be creating classes without a ProtectionDomain as it will not meaningful CodeSource location.
Actions