ddf icon indicating copy to clipboard operation
ddf copied to clipboard
verified publisher icon codice

WFS sources fail to become available when one of their FeatureTypes' schemas imports a schema that imports another schema

Open jrnorth opened this issue 6 years ago • 19 comments

Description

When any WFS source (1.0.0, 1.1.0, or 2.0.0) encounters a FeatureType whose schema (returned by the DescribeFeatureType operation and parsed when the source is initializing) imports a schema that imports a schema, an AccessControlException is thrown due to a lack of file read permissions. When Apache XmlSchema's DefaultURIResolver tries to resolve an import inside an imported schema, it tries to access it as a File first. Because the resolver does not have a file read permission, an AccessControlException is thrown and the source does not become available.

Steps to Reproduce

Note: I could not find a publicly available WFS source that has the necessary conditions to trigger this issue so I created a mock WFS source that does.

  1. Download the standalone Wiremock JAR: http://wiremock.org/docs/download-and-installation/
  2. Run the JAR.
  3. In the directory containing the Wiremock JAR there should now be a __files directory. Drop https://github.com/jrnorth/ddf/blob/4e243c5ceb30d563e485802ccc49367add040f88/catalog/spatial/wfs/spatial-wfs-common/src/test/resources/WFS_Capabilities.xml and https://github.com/jrnorth/ddf/blob/4e243c5ceb30d563e485802ccc49367add040f88/catalog/spatial/wfs/spatial-wfs-common/src/test/resources/AZWellLogs.xsd in that directory.
  4. There should also be a mappings directory. Drop https://github.com/jrnorth/ddf/blob/4e243c5ceb30d563e485802ccc49367add040f88/catalog/spatial/wfs/spatial-wfs-common/src/test/resources/mappings.json in that directory.
  5. Stop Wiremock and start it again.
  6. Run log:tail in the Karaf console.
  7. Create a WFS 1.1.0 source using the url http://localhost:8080.
  8. Enable the source.
  9. Verify you see Caused by: java.security.AccessControlException: access denied ("java.io.FilePermission" "http:/schemas.opengis.net/waterml/2.0/waterml2.xsd" "read") in the console logs.
  10. Verify the source does not become available.

Expected behavior :

The source successfully parses all its FeatureTypes' schemas and becomes available.

Actual behavior:

An AccessControlException is thrown from Apache XmlSchema's DefaultUriResolver due to a lack of file read permissions.

Reproduces how often:

100%

Platform and environment:

All platforms and Java versions

Affects versions

All versions that include the security manager (>= 2.12.0?)

jrnorth avatar May 08 '19 17:05 jrnorth

This issue has been automatically marked as stale because it has not had recent activity. It will be closed if no further activity occurs within 7 days. Thank you for your contributions.

stale[bot] avatar Mar 19 '20 19:03 stale[bot]

This issue has been automatically marked as stale because it has not had recent activity. It will be closed if no further activity occurs within 7 days. Thank you for your contributions.

stale[bot] avatar May 26 '20 17:05 stale[bot]

This issue has been automatically marked as stale because it has not had recent activity. It will be closed if no further activity occurs within 7 days. Thank you for your contributions.

stale[bot] avatar Jul 25 '20 21:07 stale[bot]

This issue has been automatically marked as stale because it has not had recent activity. It will be closed if no further activity occurs within 7 days. Thank you for your contributions.

stale[bot] avatar Sep 25 '20 16:09 stale[bot]

This issue has been automatically marked as stale because it has not had recent activity. It will be closed if no further activity occurs within 7 days. Thank you for your contributions.

stale[bot] avatar Nov 24 '20 19:11 stale[bot]

This issue has been automatically marked as stale because it has not had recent activity. It will be closed if no further activity occurs within 7 days. Thank you for your contributions.

stale[bot] avatar Jan 24 '21 00:01 stale[bot]

This issue has been automatically marked as stale because it has not had recent activity. It will be closed if no further activity occurs within 7 days. Thank you for your contributions.

stale[bot] avatar Mar 28 '21 06:03 stale[bot]

This issue has been automatically marked as stale because it has not had recent activity. It will be closed if no further activity occurs within 7 days. Thank you for your contributions.

stale[bot] avatar May 30 '21 13:05 stale[bot]

This issue has been automatically marked as stale because it has not had recent activity. It will be closed if no further activity occurs within 7 days. Thank you for your contributions.

stale[bot] avatar Jul 31 '21 20:07 stale[bot]

This issue has been automatically marked as stale because it has not had recent activity. It will be closed if no further activity occurs within 7 days. Thank you for your contributions.

stale[bot] avatar Nov 01 '21 04:11 stale[bot]

This issue has been automatically marked as stale because it has not had recent activity. It will be closed if no further activity occurs within 7 days. Thank you for your contributions.

stale[bot] avatar Jan 05 '22 15:01 stale[bot]

This issue has been automatically marked as stale because it has not had recent activity. It will be closed if no further activity occurs within 7 days. Thank you for your contributions.

stale[bot] avatar Mar 16 '22 04:03 stale[bot]

This issue has been automatically marked as stale because it has not had recent activity. It will be closed if no further activity occurs within 7 days. Thank you for your contributions.

stale[bot] avatar Jun 12 '22 13:06 stale[bot]

This issue has been automatically marked as stale because it has not had recent activity. It will be closed if no further activity occurs within 7 days. Thank you for your contributions.

stale[bot] avatar Sep 20 '22 22:09 stale[bot]

This issue has been automatically marked as stale because it has not had recent activity. It will be closed if no further activity occurs within 7 days. Thank you for your contributions.

stale[bot] avatar Nov 23 '22 04:11 stale[bot]

This issue has been automatically marked as stale because it has not had recent activity. It will be closed if no further activity occurs within 7 days. Thank you for your contributions.

stale[bot] avatar Mar 18 '23 14:03 stale[bot]

This issue has been automatically marked as stale because it has not had recent activity. It will be closed if no further activity occurs within 7 days. Thank you for your contributions.

stale[bot] avatar May 21 '23 14:05 stale[bot]

This issue has been automatically marked as stale because it has not had recent activity. It will be closed if no further activity occurs within 7 days. Thank you for your contributions.

stale[bot] avatar Sep 17 '23 17:09 stale[bot]