We are trying to deploy an application, which is using JAAS. So we
enable the securityManager during the service startup
@Startup
@Singleton
public class ServiceInitializer
{
@PostConstruct
public void init()
{
Configuration.setConfiguration(new LoginModuleConfiguration());
Policy.setPolicy(new MyPolicy());
System.setSecurityManager(new SecurityManager());
Logger.getLogger(getClass()).info("SecurityContext initialized....");
}
@PreDestroy
void unsetSecurityManager()
{
System.setSecurityManager(null);
}
}
This is not a problem with a single application in our domain. When we
try to deploy another one we get various exceptions:
Exception during processing of event of type afterSessionAttributeAdded
for web module
StandardEngine[glassfish-web].StandardHost[server].StandardContext[/level5Webgui]
java.lang.RuntimeException: java.security.AccessControlException: access
denied ("java.security.SecurityPermission""setPolicy")
.....
Cannot start JMX connector JmxConnector config: { name = system,
Protocol = rmi_jrmp, Address = 0.0.0.0, Port = 8686, AcceptAll = false,
AuthRealmName = admin-realm, SecurityEnabled = false} having exception
java.lang.SecurityException: attempt to add a Permission to a readonly
Permissions object
SCHWERWIEGEND: java.lang.SecurityException: attempt to add a Permission
to a readonly Permissions object
Any ideas?
Tom