Jakarta EE 8 challenge, permissions.xml must also be added to EAR level

[scottmarlow]

To correctly resolve a failure in com.sun.ts.tests.securityapi.ham.sam.obtainbean.Client#testSAMObtainBean, the securityapi/ham/sam/obtainbean/build.xml should be changed to include the permissions.xml in the EAR (should also keep permissions.xml at the WAR level).

This is wrong in Jakarta platform TCK versions 8.0 - 8.0.1, this can be seen with a change that we are testing for (Red Hat) WildFly, where we need this test to be corrected (e.g. likely via a minor build.xml change).

The securityapi/idstore/idstorepermission/build.xml should also be changed to include the permissions.xml in the EAR (should also keep permissions.xml at the WAR level).

As per Jakarta EE 8 platform specification ApplicationProgrammingInterface (as well as section EE.6.2.2.6 of Java EE 8 platform spec), permissions must be declared at EAR level:

For applications packaged in an .ear file, the declaration of permissions must be at .ear file level. This permission set is applied to all modules and libraries packaged within the .ear file or within its contained modules. Any permissions.xml files within such packaged modules are ignored, regardless of whether a permissions.xml file has been supplied for the .ear file itself.

An example of the EAR correctly including the permissions.xml can be found in securityapi/idstore/customhandler/build.xml

[RohitKumarJain]

Hi @scottmarlow , I made the necessary changes, could you please help while reviewing this PR: #137 .

Thanks,
Rohit

[RohitKumarJain]

Hi @scottmarlow , I apologies for your inconvenience.
We made the necessary changes, could you please help while reviewing this PR:
#138

Thanks,
Rohit Jain

[scottmarlow]

Just noticed that the TCK process document mentions that challenges should be created via the specification.

I'll create a corresponding issue there as well.

[scottmarlow]

Addressed via specifications/pull/133 + eclipse-jakartaeetck-8.0.2.zip