PUBLIC - Liferay Portal Community Edition

Security Manager fails with usage of org.codehaus.jackson.map.ObjectMapper

Details

  • Branch Version/s:
    6.1.x
  • Backported to Branch:
    Committed
  • Similar Issues:
    Show 5 results 

Description

I use org.codehaus.jackson.map.ObjectMapper in my plugin as:

ObjectMapper objectMapper = new ObjectMapper();

If Security Manager is enabled, then it throws the exception:

14:49:45,942 WARN [http-bio-8080-exec-74][RuntimeChecker:256] Attempted to access declared members
Oct 30, 2012 2:49:45 PM org.apache.catalina.core.ApplicationDispatcher invoke
SEVERE: Servlet.service() for servlet twostepauthconfig Servlet threw exception
java.lang.SecurityException: Attempted to access declared members
at com.liferay.portal.security.pacl.checker.BaseChecker.throwSecurityException(BaseChecker.java:259)
at com.liferay.portal.security.pacl.checker.RuntimeChecker.checkPermission(RuntimeChecker.java:71)

After debug, I found out that the source of the problem is in invocation of BaseReflectChecker which does not support sun.reflect.annotation.AnnotationType and returns "false".

Activity

Ascending order - Click to sort in descending order
Hide
Permalink
Tammy Fong added a comment -

Committed on:
Portal 6.2.x GIT ID: 39f681dbd3919bee8be60a1bc39c07d818b7de92.

Show
Tammy Fong added a comment - Committed on: Portal 6.2.x GIT ID: 39f681dbd3919bee8be60a1bc39c07d818b7de92.
Hide
Permalink
Serena Song added a comment - - edited

PASSED Manual Testing using the following steps:

  1. Navigate to /portlet/test-pacl-portlet/docroot.
  2. Open view.jsp file.
  3. Add following java code in the file: 
    <%@ page import="org.codehaus.jackson.map.ObjectMapper" %>

<%ObjectMapper objectMapper = new ObjectMapper();%>
  4. Compile test-pacl-portlet from source.
  5. Have a Liferay Portal instance up and running.
  6. Deploy test-pacl-portlet war.
  7. Add test-pacl portlet to a page.

Reproduced on:
Tomcat 7.0 + MySQL 5. Portal 6.1.x EE GIT ID: a3e36d69884e2ef272b1c99d31169cd3c5c72077.
Plugin 6.1.x EE GIT ID: 49358a92cdc0de8da59496e68706e5e74c5b9c05.

Test PACL is temporarily unavailable and console will throws the exception in the description.

Fixed on:
Tomcat 7.0 + MySQL 5. Portal 6.1.x EE GIT ID: 687f73438841e924903e544694c3d281e2b84d1a.
Plugin 6.1.x EE GIT ID: 3ffe5afb8483637c3664ee78d04fb29d0f25f451.
Tomcat 7.0 + MySQL 5. Portal 6.2.x GIT ID: a0992fc0ccc718d4907082e62a964053a8304c2a.
Plugin 6.2.x EE GIT ID: 824dacb89e2c295a808011c219f4a7409a713b6a.

No exception occurs in the console and Test PACL portlet displays successfully.

Show
Serena Song added a comment - - edited PASSED Manual Testing using the following steps: Navigate to /portlet/test-pacl-portlet/docroot. Open view.jsp file. Add following java code in the file: <%@ page import="org.codehaus.jackson.map.ObjectMapper" %> <%ObjectMapper objectMapper = new ObjectMapper();%> Compile test-pacl-portlet from source. Have a Liferay Portal instance up and running. Deploy test-pacl-portlet war. Add test-pacl portlet to a page. Reproduced on: Tomcat 7.0 + MySQL 5. Portal 6.1.x EE GIT ID: a3e36d69884e2ef272b1c99d31169cd3c5c72077. Plugin 6.1.x EE GIT ID: 49358a92cdc0de8da59496e68706e5e74c5b9c05. Test PACL is temporarily unavailable and console will throws the exception in the description. Fixed on: Tomcat 7.0 + MySQL 5. Portal 6.1.x EE GIT ID: 687f73438841e924903e544694c3d281e2b84d1a. Plugin 6.1.x EE GIT ID: 3ffe5afb8483637c3664ee78d04fb29d0f25f451. Tomcat 7.0 + MySQL 5. Portal 6.2.x GIT ID: a0992fc0ccc718d4907082e62a964053a8304c2a. Plugin 6.2.x EE GIT ID: 824dacb89e2c295a808011c219f4a7409a713b6a. No exception occurs in the console and Test PACL portlet displays successfully.

People

Vote (0)
Watch (1)

Dates

  • Created:
    Updated:
    Resolved:
    Days since last comment:
    17 weeks, 3 days ago