I'm writing a plugin that provides authentication for Elasticsearch.
In current version of elasticsearch (5.1.1 and 5.1.2) it's not possible to turn off Security Manager and we have to grand permissions directly (for example in plugin-security.policy file) and wrap code in
> AccessController.doPrivileged( ).
But one of the libraries that I use runs background threads that are causing the security exception (java caffeine cache). So I don't have the ability to change the code causing the error.
Do we still have some workaround to turn off security manager?
There are options to set policies more global, but the problem that background threads don't have permission still stays.