JDK-8064331 : JavaSecurityAccess.doIntersectionPrivilege() drops the information about the domain combiner of the stack ACC
- Type: Bug
- Component: core-svc
- Sub-Component: javax.management
- Affected Version: 6u39
- Priority: P3
- Status: Resolved
- Resolution: Fixed
- Submitted: 2014-11-07
- Updated: 2015-11-03
- Resolved: 2015-02-10
The Version table provides details related to the release that this issue/RFE will be addressed.
Unresolved : Release in which this issue/RFE will be addressed.
Resolved: Release in which this issue/RFE has been resolved.
Fixed : Release in which this issue/RFE has been fixed. The release containing this fix may be available for download as an Early Access Release or a General Availability Release.
To download the current JDK release, click here.
Unresolved : Release in which this issue/RFE will be addressed.
Resolved: Release in which this issue/RFE has been resolved.
Fixed : Release in which this issue/RFE has been fixed. The release containing this fix may be available for download as an Early Access Release or a General Availability Release.
To download the current JDK release, click here.
| JDK 6 | JDK 7 | JDK 8 | JDK 9 | Other |
|---|---|---|---|---|
| 6u101Fixed | 7u85Fixed | 8u60Fixed  |
9 b52Fixed |
openjdk7uFixed |
Related Reports
|
Relates :
|
Description
This issue was reported against the JMX functionality. When a user tries to do the following ``` AccessControlContext acc = AccessController.getContext(); Subject subject = Subject.getSubject(acc); ``` the subject is always null even though it should contain the currently authenticated Subject. The reason for this is the combination of the facts that JMX is using JavaSecurityAccess.doIntersectionPrivilege(actin, stackACC, savedACC) to invoke a code in the combined access control context and this method just drops the information about the domain combiner of the stack ACC. In turn, Subject.getSubject(acc) relies on a correct domain container used in the current ACC and fails.
Comments
|