-
Notifications
You must be signed in to change notification settings - Fork 63
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Jakarta EE 8 challenge, permissions.xml must also be added to EAR level #139
Comments
I agree that the test is buggy and should be excluded for Jakarta EE 8 and fixed for Jakarta EE 9. Ideally, a negative test would also be added to verify that the permissions.xml is ignored when included in a war file in an ear file. |
@scottmarlow It looks like this challenge is being accepted and worked on via several other Issues and PRs. Is the work complete? Should we close this Issue? And, if so, which other Issue or PR was used to resolve this TCK problem? Thanks! |
To keep the ball rolling on this, I created the jakartaee/specifications/pull request#133. |
@kwsutter TCK 8.0.2 has now passed the Full Platform + Web Profile tests. jakartaee/specifications/pull/133 is merged and eclipse-jakartaeetck-8.0.2.zip is available, so I think this challenge is now complete. The challenge should be closed as accepted (as per TCK 1.0 process). I do have the ability to close this challenge but I do not have "label" permissions, so someone else should label this as accepted. @bshannon can you please label this challenge as accepted? Thanks, |
Thanks @bshannon + @kwsutter + @starksm64 for your help with this challenge! |
To correctly resolve a failure in com.sun.ts.tests.securityapi.ham.sam.obtainbean.Client#testSAMObtainBean, the securityapi/ham/sam/obtainbean/build.xml should be changed to include the permissions.xml in the EAR (should also keep permissions.xml at the WAR level).
This is wrong in Jakarta platform TCK versions 8.0 - 8.0.1, this can be seen with a change that we are testing for (Red Hat) WildFly, where we need this test to be corrected (e.g. likely via a minor build.xml change).
The securityapi/idstore/idstorepermission/build.xml should also be changed to include the permissions.xml in the EAR.
As per Jakarta EE 8 platform specification ApplicationProgrammingInterface (as well as section EE.6.2.2.6 of Java EE 8 platform spec), permissions must be declared at EAR level:
For applications packaged in an .ear file, the declaration of permissions must be at .ear file level. This permission set is applied to all modules and libraries packaged within the .ear file or within its contained modules. Any permissions.xml files within such packaged modules are ignored, regardless of whether a permissions.xml file has been supplied for the .ear file itself.
An example of the EAR correctly including the permissions.xml can be found in securityapi/idstore/customhandler/build.xml
This issue is a clone of jakartaee-tck/issues#132.
The (ant) build.xml fix is already made via pull#138.
The text was updated successfully, but these errors were encountered: