Bug 1126489

Summary: [GSS] (6.4.0) Marshalling fails on objects that require permissions in their readObject
Product: [JBoss] JBoss Enterprise Application Platform 6 Reporter: Brad Maxwell <bmaxwell>
Component: RemotingAssignee: Brad Maxwell <bmaxwell>
Status: CLOSED CURRENTRELEASE QA Contact: Jitka Kozana <jkudrnac>
Severity: unspecified Docs Contact:
Priority: unspecified    
Version: 6.3.0CC: kkhan, lthon
Target Milestone: DR1   
Target Release: EAP 6.4.0   
Hardware: Unspecified   
OS: Unspecified   
Whiteboard:
Fixed In Version: Doc Type: Bug Fix
Doc Text:
With the Java Security manager enabled, the java.security.AccessControlException was thrown when a java.util.Calendar object was passed as an argument or response from an EJB method, even with a java security policy that provides the necessary permissions. This issue has been fixed in this release. The exception is no longer thrown and the marshalling and EJB call succeed.
 Story Points: ---
Clone Of:
: 1126528 (view as bug list) Environment:
Last Closed: 2019-08-19 12:38:36 UTC Type: Bug
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:
Bug Depends On:    
Bug Blocks: 1122329, 1126528    

Description Brad Maxwell 2014-08-04 14:32:47 UTC 
The JRE java.util.Calendar object in its readObject requires the permission accessClassInPackage.sun.util.calendar which causes Marshalling to fail.

http://bugs.java.com/bugdatabase/view_bug.do?bug_id=4921945

java.security.AccessControlException: access denied ("java.io.SerializablePermission" "enableSubclassImplementation")
at java.security.AccessControlContext.checkPermission(AccessControlContext.java:372) [rt.jar:1.7.0_51]
at java.security.AccessController.checkPermission(AccessController.java:559) [rt.jar:1.7.0_51]
at java.lang.SecurityManager.checkPermission(SecurityManager.java:549) [rt.jar:1.7.0_51]
at java.io.ObjectInputStream.<init>(ObjectInputStream.java:322) [rt.jar:1.7.0_51]
at org.jboss.marshalling.MarshallerObjectInputStream.<init>(MarshallerObjectInputStream.java:49)
at org.jboss.marshalling.cloner.SerializingCloner$StepObjectInputStream.<init>(SerializingCloner.java:583)
at org.jboss.marshalling.cloner.SerializingCloner.initSerializableClone(SerializingCloner.java:307)
Comment 1 JBoss JIRA Server 2014-08-04 16:04:46 UTC 
David Lloyd <david.lloyd> updated the status of jira JBMAR-165 to Resolved
Comment 3 Kabir Khan 2014-08-26 20:20:42 UTC 
Should be fixed by remoting upgrade to 1.4.8 https://bugzilla.redhat.com/show_bug.cgi?id=1122329
Comment 4 Ladislav Thon 2014-09-26 07:47:50 UTC 
Verified with EAP 6.4.0.DR2.