Uploaded image for project: 'PUBLIC - Liferay Portal Community Edition'
  1. PUBLIC - Liferay Portal Community Edition
  2. LPS-33047

PACL - As a developer I would like reasonable java operations such as classloading, reflection, native library access within libraries I include to not prevent me from developing plugins for the marketplace

    Details

      Description

      There are a great number of issues currently in developing plugins for the marketplace (which require PACL to be enabled).

      One only needs to browse http://www.liferay.com/community/forums/-/message_boards/category/10919228 to find multiple issues, mostly related to perfectly normal and acceptable java operations.

        Attachments

          Issue Links

          1.
          PACL - Rename PACLClassLoaderUtil to ClassLoaderUtil to begin uncluttering the portal of PACL naming Technical Task Closed Justin Choi  
           
          2.
          PACL - java.security.Policy based PACL implementation (a.k.a. PACLv2) Technical Task Closed Justin Choi  
           
          3.
          PACL - Centralize initialization of PACL into a private SecurityManagerUtil class Technical Task Closed Justin Choi  
           
          4.
          PACL - Use new SecurityManagerUtil and initialize as early as possible Technical Task Closed Justin Choi  
           
          5.
          PACL- Initialize the new java.security.Policy Technical Task Closed Justin Choi  
           
          6.
          PACL - Convert to boolean implies API method to match j.s.Policy Technical Task Closed Justin Choi  
           
          7.
          PACL - Implement a bean post processor which will process @DoPrivileged annotations Technical Task Closed Justin Choi  
           
          8.
          PACL - It's nessecary to initialize the portal security manager impl from the beginning in all cases Technical Task Closed Justin Choi  
           
          9.
          PACL - private interfaces to support proxies Technical Task Closed Justin Choi  
           
          10.
          PACL - Apply interfaces everywhere a cast to the impl exists Technical Task Closed Justin Choi  
           
          11.
          PACL - Private interface so that core code can unwrap privileged beans if needed Technical Task Closed Justin Choi  
           
          12.
          PACL - Move PACL specific classes into the pacl package Technical Task Closed Justin Choi  
           
          13.
          PACL - Algorithm for handling permission checks on accessibility changes in local code Technical Task Closed Justin Choi  
           
          14.
          PACL - AWTPermission support (richfaces uses AWT for image processing) Technical Task Closed Justin Choi  
           
          15.
          PACL - Document environment variable security property Technical Task Closed Justin Choi  
           
          16.
          PACL - deprecate PACLBeanHandler Technical Task Closed Brian Chan  
           
          17.
          PACL - deprecate CheckMemberAccessPermission Technical Task Closed Brian Chan  
           
          18.
          PACL - deprecate BaseReflectChecker Technical Task Closed Justin Choi  
           
          19.
          PACL - deprecate PACLTemplateWrapper Technical Task Closed Justin Choi  
           
          20.
          PACL - deprecate PACLAdvice Technical Task Closed Justin Choi  
           
          21.
          PACL - deprecate PACLClassUtil Technical Task Closed Justin Choi  
           
          22.
          PACL - rename inner PACLPortalLifecycle class Technical Task Closed Justin Choi  
           
          23.
          PACL - eliminate most occurences of PortalSecurityManagerThreadLocal Technical Task Closed Justin Choi  
           
          24.
          PACL - centralize and localize HookHotDeployListener security checks Technical Task Closed Justin Choi  
           
          25.
          PACL - remove uses of CheckerUtil.isAccessControllerDoPrivileged() Technical Task Closed Justin Choi  
           
          26.
          PACL - add method to get the policy on PortalSecurityManager interface Technical Task Closed Justin Choi  
           
          27.
          PACL - remove unused PACLPolicy.hasPortalService method Technical Task Closed Justin Choi  
           
          28.
          PACL - add missing getter to LogFactoryUtil - needed for pacl security Technical Task Closed Justin Choi  
           
          29.
          PACL - remove hard coded classnames from RuntimeChecker Technical Task Closed Justin Choi  
           
          30.
          PACL - unwrap HttpImpl if it's wrapped by DoPrivilegedBean Technical Task Closed Justin Choi  
           
          31.
          PACL - prevent a circularity error in CentralizedThreadLocal Technical Task Closed Justin Choi  
           
          32.
          PACL - add missing permission checks to ExpandoBridgeFactoryUtil Technical Task Closed Justin Choi  
           
          33.
          PACL - centralize getClassLoader permission check, make sure it doesn't break any native JVM checks Technical Task Closed Justin Choi  
           
          34.
          PACL - remove unused interface from InfrastructureUtil Technical Task Closed Justin Choi  
           
          35.
          PACL - add missing socket permission checks to HttpUtil Technical Task Closed Justin Choi  
           
          36.
          PACL - add missing permission checks to FileUtil Technical Task Closed Justin Choi  
           
          37.
          PACL - prevent FileAvailabilityUtil from causing an unnecessary FilePermission check Technical Task Closed Justin Choi  
           
          38.
          PACL - centralize PortalMessageBusPermission checking Technical Task Closed Justin Choi  
           
          39.
          PACL - centralize ThreadPoolExecutor checking Technical Task Closed Justin Choi  
           
          40.
          PACL - centralize DynamicQuery check Technical Task Closed Justin Choi  
           
          41.
          PACL - centralize the Service checks Technical Task Closed Justin Choi  
           
          42.
          PACL - implement security checks for PortletBagPool Technical Task Closed Justin Choi  
           
          43.
          PACL - implement cross-plugin security checks for BeanLocator Technical Task Closed Justin Choi  
           
          44.
          PACL - centralize PortalHookPermission checking Technical Task Closed Justin Choi  
           
          45.
          PACL - remove unused code from SecurityManagerUtil Technical Task Closed Justin Choi  
           
          46.
          PACL - remove remaining uses of PortalSecurityManagerThreadLocal in favour of access controllers Technical Task Closed Justin Choi  
           
          47.
          PACL - fast way to get the current PACLPolicy Technical Task Closed Justin Choi  
           
          48.
          PACL - ensure accessibility checks still work on public members Technical Task Closed Justin Choi  
           
          49.
          PACL - always execute macro library templates in context of the portal Technical Task Closed Justin Choi  
           
          50.
          PACL - method of detecting privileged callers Technical Task Closed Justin Choi  
           
          51.
          PACL - method to account for differences between JVM implementations Technical Task Closed Brian Chan  
           
          52.
          PACL - method for deep Liferay bean class detection Technical Task Closed Justin Choi  
           
          53.
          PACL - method to dynamically wrap objects with a privileged handler Technical Task Closed Justin Choi  
           
          54.
          PACL - template API abstraction to separate of context creation from initialization of utilities Technical Task Closed Justin Choi  
           
          55.
          PACL - template API abstraction to allow invoking a template in the correct security context using the access controller pattern Technical Task Closed Justin Choi  
           
          56.
          PACL - force "compilation" of the template within the context of the portal Technical Task Closed Justin Choi  
           
          57.
          PACL - register trusted protection domains as early as possible Technical Task Closed Justin Choi  
           
          58.
          PACL - DLUtil - all context utils that delegate to the portal may fail permission check Technical Task Closed Justin Choi  
           
          59.
          PACL - implement trusted caller support for SecurityChecker Technical Task Closed Justin Choi  
           
          60.
          PACL - implement trusted caller support for RuntimeChecker Technical Task Closed Justin Choi  
           
          61.
          PACL - implement trusted caller support for ReflectChecker Technical Task Closed Justin Choi  
           
          62.
          PACL - implement trusted caller support for PortalServiceChecker Technical Task Closed Justin Choi  
           
          63.
          PACL - implement trusted caller support for NetChecker Technical Task Closed Justin Choi  
           
          64.
          PACL - improve the performance of DoPrivilegedHandler Technical Task Closed Brian Chan  
           
          65.
          PACL - update the FileChecker with improved logic Technical Task Closed Justin Choi  
           
          66.
          PACL - implement trusted caller support for PortalRuntimeChecker Technical Task Closed Justin Choi  
           
          67.
          PACL - separate context classloader swaping from the PACL logic in DirectRequestDispatcherFactoryImpl Technical Task Closed Justin Choi  
           
          68.
          PACL - fix a small regression with the JSP compiler Technical Task Closed Justin Choi  
           
          69.
          PACL - fallback onto a locally instantiated, locally applicable java.security.Policy Technical Task Closed Justin Choi  
           
          70.
          PACL - fix identification of current JVM version Technical Task Closed Justin Choi  
           
          71.
          PACL - wrap objects with DoPrivileged proxy where appropriate Technical Task Closed Justin Choi  
           
          72.
          PACL - inject pacl into BeanLocatorImpl Technical Task Closed Justin Choi  
           
          73.
          PACL - add access controller to PACLRequestDispatcherWrapper Technical Task Closed Justin Choi  
           
          74.
          PACL - inject pacl into DataSourceFactoryImpl Technical Task Closed Justin Choi  
           
          75.
          PACL - inject pacl into HotDeployImpl Technical Task Closed Justin Choi  
           
          76.
          PACL - inject pacl into DirectRequestDispatcherFactoryImpl Technical Task Closed Justin Choi  
           
          77.
          PACL - inject pacl into TemplateContextHelper Technical Task Closed Justin Choi  
           
          78.
          PACL - inject pacl into PortalFilePermission Technical Task Closed Justin Choi  
           
          79.
          PACL - inject pacl into PortalHookPermission Technical Task Closed Justin Choi  
           
          80.
          PACL - inject pacl into PortalMessageBusPermission Technical Task Closed Justin Choi  
           
          81.
          PACL - the PortalMessageBusPermission only checks send Technical Task Closed Justin Choi  
           
          82.
          PACL - inject pacl into PortalRuntimePermission Technical Task Closed Justin Choi  
           
          83.
          PACL - inject pacl into PortalServicePermission Technical Task Closed Justin Choi  
           
          84.
          PACL - inject pacl into PortalSocketPermission Technical Task Closed Justin Choi  
           
          85.
          PACL - inject pacl into PortletApplicationContext Technical Task Closed Justin Choi  
           
          86.
          PACL - inject pacl into ServiceBeanAopProxy Technical Task Closed Justin Choi  
           
          87.
          PACL - pre-initialize classes Technical Task Closed Justin Choi  
           
          88.
          PACL - util-taglib should not be changing context classLoader Technical Task Closed Brian Chan  
           
          89.
          PACL - auto proxy finder and persistence when PACL is enabled Technical Task Closed Justin Choi  
           
          90.
          PACL - allow service builder plugins to unregister their MBeans Technical Task Closed Justin Choi  
           
          91.
          PACL - create a test suite for testing PACL Technical Task Closed Justin Choi  
           
          92.
          PACL - SQL tests Technical Task Closed Justin Choi  
           
          93.
          PACL - when calling the portal's BeanLocator the servletContextName is null Technical Task Closed Justin Choi  
           
          94.
          PACL - when we create PACLInitialContextFactoryBuilder we block the JVM from performing scheme based JNDI lookups Technical Task Closed Justin Choi  
           
          95.
          PACL - remaining tests Technical Task Closed Justin Choi  
           
          96.
          PACL - getPackage on a java proxy returns null Technical Task Closed Justin Choi  
           
          97.
          PACL - make sure BeanLocator beans are properly wrapped (avoid wrapping in VelocityBeanHandler when not a velocity bean) Technical Task Closed Justin Choi  
           
          98.
          PACL - prevent deep cascading permission checks on getClassLoader Technical Task Closed Justin Choi  
           
          99.
          PACL - fix test-pacl-portlet (not including SQL) Technical Task Closed Justin Choi  
           
          100.
          PACL - fix BeanLocatorTest to account for the bean being wrapped rather than not returned (so that i behaves like it did originally) Technical Task Closed Justin Choi  
           
          101.
          PACL - don't wrap the bean if it's the portal asking for it Technical Task Closed Justin Choi  
           
          102.
          PACL - SQL security checks for indexes Technical Task Closed Justin Choi  
           
          103.
          PACL - JDK 5 compliance Technical Task Closed Raymond Auge  
           

            Activity

              People

              • Votes:
                3 Vote for this issue
                Watchers:
                16 Start watching this issue

                Dates

                • Created:
                  Updated:
                  Resolved: