[bz-1403939] JBWS-3905 / JBWS-3920 / JBWS-3921 @javax.jws.Oneway caus…

…es security-context to be lost
jbossws · Nov 29, 2017 · 01801c8 · 01801c8
1 parent 2bc367c
commit 01801c8
Show file tree

Hide file tree

Showing 5 changed files with 52 additions and 2 deletions.
diff --git a/modules/client/src/main/java/org/jboss/wsf/stack/cxf/client/Constants.java b/modules/client/src/main/java/org/jboss/wsf/stack/cxf/client/Constants.java
@@ -40,6 +40,7 @@ public class Constants
    public static final String CXF_QUEUE_LOW_WATER_MARK_PROP = "lowWaterMark";
    public static final String CXF_QUEUE_DEQUEUE_TIMEOUT_PROP = "dequeueTimeout";
    public static final String CXF_POLICY_ALTERNATIVE_SELECTOR_PROP = "cxf.policy.alternativeSelector";
+   public static final String CXF_FEATURES_PROP = "cxf.features";
    public static final String CXF_MANAGEMENT_ENABLED = "cxf.management.enabled";
    public static final String CXF_MANAGEMENT_INSTALL_RESPONSE_TIME_INTERCEPTORS = "cxf.management.installResponseTimeInterceptors";
    public static final String CXF_WS_DISCOVERY_ENABLED = "cxf.ws-discovery.enabled";

diff --git a/...es/client/src/main/java/org/jboss/wsf/stack/cxf/client/configuration/SecurityActions.java b/...es/client/src/main/java/org/jboss/wsf/stack/cxf/client/configuration/SecurityActions.java
@@ -23,6 +23,8 @@
 
 import java.security.AccessController;
 import java.security.PrivilegedAction;
+import java.security.PrivilegedActionException;
+import java.security.PrivilegedExceptionAction;
 
 /**
  * 
@@ -117,4 +119,35 @@ public String run()
       return AccessController.doPrivileged(action);
    }
 
+   /** 
+    * Load a class using the provided classloader
+    * 
+    * @param name
+    * @return
+    * @throws PrivilegedActionException
+    */
+   static Class<?> loadClass(final ClassLoader cl, final String name) throws PrivilegedActionException, ClassNotFoundException
+   {   
+      SecurityManager sm = System.getSecurityManager();
+      if (sm == null)
+      {   
+         return cl.loadClass(name);
+      }   
+      else
+      {   
+         return AccessController.doPrivileged(new PrivilegedExceptionAction<Class<?>>() {
+            public Class<?> run() throws PrivilegedActionException
+            {   
+               try 
+               {   
+                  return cl.loadClass(name);
+               }   
+               catch (Exception e)
+               {   
+                  throw new PrivilegedActionException(e);
+               }   
+            }   
+         }); 
+      }   
+   }   
 }
diff --git a/modules/server/pom.xml b/modules/server/pom.xml
@@ -30,6 +30,18 @@
       <groupId>org.jboss.spec.javax.servlet</groupId>
       <artifactId>jboss-servlet-api_3.0_spec</artifactId>
     </dependency>
+    <dependency>
+      <groupId>org.jboss.spec.javax.security.jacc</groupId>
+      <artifactId>jboss-jacc-api_1.4_spec</artifactId>
+      <scope>compile</scope>
+      <exclusions>
+        <exclusion>
+          <groupId>sun-jaxb</groupId>
+          <artifactId>jaxb-api</artifactId>
+        </exclusion>
+      </exclusions>
+    </dependency>
+
     <!-- jbossws dependencies -->
     <dependency>
       <groupId>org.jboss.ws</groupId>

diff --git a/modules/server/src/main/java/org/jboss/wsf/stack/cxf/configuration/BusHolder.java b/modules/server/src/main/java/org/jboss/wsf/stack/cxf/configuration/BusHolder.java
@@ -165,8 +165,6 @@ public void configure(ResourceResolver resolver, Configurer configurer, JBossWeb
 
       //[JBWS-3135] enable decoupled faultTo. This is an optional feature in cxf and we need this to be default to make it same behavior with native stack
       bus.setProperty("org.apache.cxf.ws.addressing.decoupled_fault_support", true);
-
-      FeatureUtils.addFeatures(bus, bus, props);
    }
 
 

diff --git a/pom.xml b/pom.xml
@@ -88,6 +88,7 @@
     <io.undertow.version>1.0.0.Beta33</io.undertow.version>
     <jaxb.api.version>1.0.4.Final</jaxb.api.version>
     <jaxb.impl.version>2.2.6</jaxb.impl.version>
+    <jacc.api.version>1.0.1.Final</jacc.api.version>
     <jaxrpc.api.version>1.0.1.Final</jaxrpc.api.version>
     <jaxws.api.version>2.0.2.Final</jaxws.api.version>
     <jsr181.api.version>1.0-MR1</jsr181.api.version>
@@ -908,6 +909,11 @@
         </exclusions>
       </dependency>
 
+      <dependency>
+        <groupId>org.jboss.spec.javax.security.jacc</groupId>
+        <artifactId>jboss-jacc-api_1.4_spec</artifactId>
+        <version>${jacc.api.version}</version>
+      </dependency>
       <dependency>
         <groupId>org.jboss.spec.javax.xml.rpc</groupId>
         <artifactId>jboss-jaxrpc-api_1.1_spec</artifactId>