Granting SecurityPermissions to extension

menostos · October 23, 2017, 2:46pm

Hi

I try to develop an x-pack extension which, as it seems, requires SecurityPermission to insertProvider.BC.
So i put this in my x-pack-extension-security.policy:

grant {
  permission java.security.SecurityPermission "insertProvider.BC";
};

This is being picked up by the x-pack/extension install script, showing that it needs to grant these permissions.

However, when I start elasticsearch i'm still getting the following:

java.security.AccessControlException: access denied ("java.security.SecurityPermission" "insertProvider.BC")

Am I doing something wrong or has this been disabled for security reasons?

rjernst · October 23, 2017, 5:43pm

You need to wrap your code requiring the permission inside a doPrivileged block. Have you read the plugin author help page?

menostos · November 8, 2017, 3:42pm

Thought I did that, or the check for permission did already fail.
Nevermind it's working now.

system · December 6, 2017, 3:42pm

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.