[logback-dev] [JIRA] Created: (LBCLASSIC-304) Moving from log4j to logback classic breaks java.policy.security behavior
Andrew Bourgeois (JIRA)
noreply-jira at qos.ch
Fri Nov 4 01:13:12 CET 2011
Moving from log4j to logback classic breaks java.policy.security behavior
-------------------------------------------------------------------------
Key: LBCLASSIC-304
URL: http://jira.qos.ch/browse/LBCLASSIC-304
Project: logback-classic
Issue Type: Bug
Affects Versions: 1.0.0
Environment: CentOS 5.7
Reporter: Andrew Bourgeois
Assignee: Logback dev list
Hello
Simply replacing the log4j libraries with the logback ones breaks my RMI server at runtime.
Please take the following code:
public static void main(String[] args) throws Exception {
System.setProperty("java.security.policy", "./src/main/config/java.policy");
logger.debug("Policy location: {}", System.getProperty("java.security.policy"));
if (System.getSecurityManager() == null) {
System.setSecurityManager(new RMISecurityManager());
}
System.setProperty("java.security.policy", "./src/main/config/java.policy");
}
And the following stacktrace:
01:05:37.702 [main] DEBUG be.removed.fun.removed.TestMain - Policy location: ./src/main/config/java.policy
Exception in thread "main" java.security.AccessControlException: access denied (java.util.PropertyPermission java.security.policy write)
at java.security.AccessControlContext.checkPermission(AccessControlContext.java:323)
at java.security.AccessController.checkPermission(AccessController.java:546)
at java.lang.SecurityManager.checkPermission(SecurityManager.java:532)
at java.lang.System.setProperty(System.java:725)
at be.removed.fun.removed.TestMain.main(TestMain.java:18)
Somehow logback broke it, I can't even set a property anymore while I was able to read it before (I tested it, reading properties give the same results).
FYI: If I put the "java.policy" file into my $JAVA_HOME/jre/lib/security, the file IS taken into account.
POM.xml before operation:
<dependency>
<groupId>org.slf4j</groupId>
<artifactId>slf4j-api</artifactId>
<version>1.6.0</version>
</dependency>
<dependency>
<groupId>log4j</groupId>
<artifactId>log4j</artifactId>
<version>1.2.16</version>
</dependency>
<dependency>
<groupId>org.slf4j</groupId>
<artifactId>slf4j-log4j12</artifactId>
<version>1.6.0</version>
</dependency>
POM.xml after operation:
<dependency>
<groupId>org.slf4j</groupId>
<artifactId>slf4j-api</artifactId>
<version>1.6.0</version>
</dependency>
<dependency>
<groupId>ch.qos.logback</groupId>
<artifactId>logback-core</artifactId>
<version>1.0.0</version>
</dependency>
<dependency>
<groupId>ch.qos.logback</groupId>
<artifactId>logback-classic</artifactId>
<version>1.0.0</version>
</dependency>
Andrew
--
This message is automatically generated by JIRA.
-
If you think it was sent incorrectly contact one of the administrators: http://jira.qos.ch/secure/Administrators.jspa
-
For more information on JIRA, see: http://www.atlassian.com/software/jira
More information about the logback-dev
mailing list