Granting SecurityPermissions to extension

menostos · October 23, 2017, 2:46pm

Hi

I try to develop an x-pack extension which, as it seems, requires SecurityPermission to insertProvider.BC.
So i put this in my x-pack-extension-security.policy:

grant {
  permission java.security.SecurityPermission "insertProvider.BC";
};

This is being picked up by the x-pack/extension install script, showing that it needs to grant these permissions.

However, when I start elasticsearch i'm still getting the following:

java.security.AccessControlException: access denied ("java.security.SecurityPermission" "insertProvider.BC")

Am I doing something wrong or has this been disabled for security reasons?

rjernst · October 23, 2017, 5:43pm

You need to wrap your code requiring the permission inside a doPrivileged block. Have you read the plugin author help page?

menostos · November 8, 2017, 3:42pm

Thought I did that, or the check for permission did already fail.
Nevermind it's working now.

system · December 6, 2017, 3:42pm

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.

Topic		Replies	Views
Continuous Installation of x-pack 5.0.1 Elasticsearch	3	770	January 9, 2017
Es-cluster install x-apck errors Elasticsearch	2	565	April 4, 2017
Trying to install x-pack on 5.4.1 and it is failing Elasticsearch	3	1436	July 7, 2017
Enabling X-Pack gives JVM error Elasticsearch	3	816	October 29, 2018
Custom X-PACK realm policy issue Elasticsearch	2	722	May 11, 2017

Granting SecurityPermissions to extension

Related topics