Add Wildfly security manager implementation

appclient/src/main/java/org/jboss/as/appclient/deployment/SecurityActions.java

@@ -22,8 +22,8 @@
 
 package org.jboss.as.appclient.deployment;
 
-import org.jboss.as.util.security.GetContextClassLoaderAction;
-import org.jboss.as.util.security.SetContextClassLoaderAction;
+import org.wildfly.security.manager.GetContextClassLoaderAction;
+import org.wildfly.security.manager.SetContextClassLoaderAction;
 
 import static java.lang.System.getSecurityManager;
 import static java.lang.Thread.currentThread;

appclient/src/main/java/org/jboss/as/appclient/service/SecurityActions.java

@@ -22,8 +22,8 @@
 
 package org.jboss.as.appclient.service;
 
-import org.jboss.as.util.security.GetContextClassLoaderAction;
-import org.jboss.as.util.security.SetContextClassLoaderAction;
+import org.wildfly.security.manager.GetContextClassLoaderAction;
+import org.wildfly.security.manager.SetContextClassLoaderAction;
 
 import static java.lang.System.getSecurityManager;
 import static java.lang.Thread.currentThread;

appclient/src/main/java/org/jboss/as/appclient/subsystem/SecurityActions.java

@@ -26,12 +26,12 @@
 import java.security.Security;
 import java.util.Map;
 import java.util.Properties;
-import org.jboss.as.util.security.AddGlobalSecurityProviderAction;
-import org.jboss.as.util.security.ClearPropertyAction;
-import org.jboss.as.util.security.GetEnvironmentAction;
-import org.jboss.as.util.security.GetSystemPropertiesAction;
-import org.jboss.as.util.security.ReadPropertyAction;
-import org.jboss.as.util.security.WritePropertyAction;
+import org.wildfly.security.manager.AddGlobalSecurityProviderAction;
+import org.wildfly.security.manager.ClearPropertyAction;
+import org.wildfly.security.manager.GetEnvironmentAction;
+import org.wildfly.security.manager.GetSystemPropertiesAction;
+import org.wildfly.security.manager.ReadPropertyAction;
+import org.wildfly.security.manager.WritePropertyAction;
 
 import static java.lang.System.clearProperty;
 import static java.lang.System.getProperties;

arquillian/protocol-jmx/src/main/java/org/jboss/as/arquillian/service/ArquillianService.java

@@ -37,8 +37,8 @@
 import org.jboss.as.server.deployment.DeploymentUnit;
 import org.jboss.as.server.deployment.Phase;
 import org.jboss.as.server.deployment.SetupAction;
-import org.jboss.as.util.security.GetContextClassLoaderAction;
-import org.jboss.as.util.security.SetContextClassLoaderAction;
+import org.wildfly.security.manager.GetContextClassLoaderAction;
+import org.wildfly.security.manager.SetContextClassLoaderAction;
 import org.jboss.logging.Logger;
 import org.jboss.modules.Module;
 import org.jboss.msc.service.AbstractServiceListener;

build/src/main/resources/modules/system/layers/base/org/jboss/as/security-util/main/module.xml

@@ -32,6 +32,7 @@
     </resources>
 
     <dependencies>
+        <module name="org.jboss.invocation"/>
         <module name="org.jboss.modules"/>
         <module name="javax.api"/>
         <module name="sun.jdk"/>

cli/src/main/java/org/jboss/as/cli/SecurityActions.java

@@ -21,8 +21,8 @@
  */
 package org.jboss.as.cli;
 
-import org.jboss.as.util.security.GetContextClassLoaderAction;
-import org.jboss.as.util.security.ReadPropertyAction;
+import org.wildfly.security.manager.GetContextClassLoaderAction;
+import org.wildfly.security.manager.ReadPropertyAction;
 
 import static java.lang.System.getProperty;
 import static java.lang.System.getSecurityManager;

cli/src/main/java/org/jboss/as/cli/gui/JConsoleCLIPlugin.java

@@ -42,7 +42,7 @@
 import org.jboss.as.cli.CommandContextFactory;
 import org.jboss.as.controller.client.ModelControllerClient;
 import org.jboss.as.controller.client.impl.ExistingChannelModelControllerClient;
-import org.jboss.as.util.security.GetAccessControlContextAction;
+import org.wildfly.security.manager.GetAccessControlContextAction;
 import org.jboss.dmr.ModelNode;
 import org.jboss.remoting3.Channel;
 import org.jboss.remoting3.Connection;

cli/src/main/java/org/jboss/as/cli/handlers/SecurityActions.java

@@ -21,9 +21,9 @@
  */
 package org.jboss.as.cli.handlers;
 
-import org.jboss.as.util.security.GetClassLoaderAction;
-import org.jboss.as.util.security.ReadEnvironmentPropertyAction;
-import org.jboss.as.util.security.ReadPropertyAction;
+import org.wildfly.security.manager.GetClassLoaderAction;
+import org.wildfly.security.manager.ReadEnvironmentPropertyAction;
+import org.wildfly.security.manager.ReadPropertyAction;
 
 import static java.lang.System.getProperty;
 import static java.lang.System.getSecurityManager;

cli/src/main/java/org/jboss/as/cli/handlers/module/SecurityActions.java

@@ -21,8 +21,8 @@
  */
 package org.jboss.as.cli.handlers.module;
 
-import org.jboss.as.util.security.ReadEnvironmentPropertyAction;
-import org.jboss.as.util.security.ReadPropertyAction;
+import org.wildfly.security.manager.ReadEnvironmentPropertyAction;
+import org.wildfly.security.manager.ReadPropertyAction;
 
 import static java.lang.System.getProperty;
 import static java.lang.System.getSecurityManager;

cli/src/main/java/org/jboss/as/cli/impl/CLIModelControllerClient.java

@@ -42,7 +42,7 @@
 import org.jboss.as.protocol.mgmt.ManagementChannelAssociation;
 import org.jboss.as.protocol.mgmt.ManagementChannelHandler;
 import org.jboss.as.protocol.mgmt.ManagementClientChannelStrategy;
-import org.jboss.as.util.security.GetAccessControlContextAction;
+import org.wildfly.security.manager.GetAccessControlContextAction;
 import org.jboss.dmr.ModelNode;
 import org.jboss.remoting3.Channel;
 import org.jboss.remoting3.CloseHandler;

cli/src/main/java/org/jboss/as/cli/impl/SecurityActions.java

@@ -21,11 +21,11 @@
  */
 package org.jboss.as.cli.impl;
 
-import org.jboss.as.util.security.AddShutdownHookAction;
-import org.jboss.as.util.security.GetClassLoaderAction;
-import org.jboss.as.util.security.ReadEnvironmentPropertyAction;
-import org.jboss.as.util.security.ReadPropertyAction;
-import org.jboss.as.util.security.WritePropertyAction;
+import org.wildfly.security.manager.AddShutdownHookAction;
+import org.wildfly.security.manager.GetClassLoaderAction;
+import org.wildfly.security.manager.ReadEnvironmentPropertyAction;
+import org.wildfly.security.manager.ReadPropertyAction;
+import org.wildfly.security.manager.WritePropertyAction;
 
 import static java.lang.Runtime.getRuntime;
 import static java.lang.System.getProperty;

clustering/api/src/main/java/org/jboss/as/clustering/SimpleMarshalledValue.java

@@ -30,8 +30,8 @@
 import java.io.ObjectOutput;
 import java.util.Arrays;
 
-import org.jboss.as.util.security.GetContextClassLoaderAction;
-import org.jboss.as.util.security.SetContextClassLoaderAction;
+import org.wildfly.security.manager.GetContextClassLoaderAction;
+import org.wildfly.security.manager.SetContextClassLoaderAction;
 import org.jboss.marshalling.Marshaller;
 import org.jboss.marshalling.Marshalling;
 import org.jboss.marshalling.SimpleDataInput;

clustering/infinispan/src/main/java/org/jboss/as/clustering/infinispan/affinity/KeyAffinityServiceFactoryService.java

@@ -32,7 +32,7 @@
 import org.infinispan.affinity.KeyAffinityServiceImpl;
 import org.infinispan.affinity.KeyGenerator;
 import org.infinispan.remoting.transport.Address;
-import org.jboss.as.util.security.GetAccessControlContextAction;
+import org.wildfly.security.manager.GetAccessControlContextAction;
 import org.jboss.msc.service.Service;
 import org.jboss.msc.service.ServiceName;
 import org.jboss.msc.service.StartContext;

connector/src/main/java/org/jboss/as/connector/services/resourceadapters/deployment/AbstractResourceAdapterDeploymentService.java

@@ -51,8 +51,8 @@
 import org.jboss.as.naming.ServiceBasedNamingStore;
 import org.jboss.as.naming.deployment.ContextNames;
 import org.jboss.as.naming.service.BinderService;
-import org.jboss.as.util.security.ClearContextClassLoaderAction;
-import org.jboss.as.util.security.SetContextClassLoaderFromClassAction;
+import org.wildfly.security.manager.ClearContextClassLoaderAction;
+import org.wildfly.security.manager.SetContextClassLoaderFromClassAction;
 import org.jboss.jca.common.api.metadata.ironjacamar.IronJacamar;
 import org.jboss.jca.common.api.metadata.ra.ConfigProperty;
 import org.jboss.jca.common.api.metadata.ra.Connector;

connector/src/main/java/org/jboss/as/connector/services/resourceadapters/deployment/SecurityActions.java

@@ -22,8 +22,8 @@
 
 package org.jboss.as.connector.services.resourceadapters.deployment;
 
-import org.jboss.as.util.security.GetContextClassLoaderAction;
-import org.jboss.as.util.security.SetContextClassLoaderAction;
+import org.wildfly.security.manager.GetContextClassLoaderAction;
+import org.wildfly.security.manager.SetContextClassLoaderAction;
 
 import static java.lang.System.getSecurityManager;
 import static java.lang.Thread.currentThread;

connector/src/main/java/org/jboss/as/connector/services/workmanager/WorkManagerService.java

@@ -30,7 +30,7 @@
 import java.util.concurrent.Executor;
 
 import org.jboss.as.connector.util.ConnectorServices;
-import org.jboss.as.util.security.ReadPropertyAction;
+import org.wildfly.security.manager.ReadPropertyAction;
 import org.jboss.jca.core.api.workmanager.WorkManager;
 import org.jboss.jca.core.security.DefaultCallback;
 import org.jboss.jca.core.spi.security.Callback;

connector/src/main/java/org/jboss/as/connector/subsystems/datasources/AbstractDataSourceService.java

@@ -42,9 +42,9 @@
 import org.jboss.as.connector.services.driver.InstalledDriver;
 import org.jboss.as.connector.services.driver.registry.DriverRegistry;
 import org.jboss.as.connector.util.Injection;
-import org.jboss.as.util.security.ClearContextClassLoaderAction;
-import org.jboss.as.util.security.GetClassLoaderAction;
-import org.jboss.as.util.security.SetContextClassLoaderFromClassAction;
+import org.wildfly.security.manager.ClearContextClassLoaderAction;
+import org.wildfly.security.manager.GetClassLoaderAction;
+import org.wildfly.security.manager.SetContextClassLoaderFromClassAction;
 import org.jboss.jca.adapters.jdbc.BaseWrapperManagedConnectionFactory;
 import org.jboss.jca.adapters.jdbc.local.LocalManagedConnectionFactory;
 import org.jboss.jca.adapters.jdbc.spi.ClassLoaderPlugin;

connector/src/main/java/org/jboss/as/connector/util/SecurityActions.java

@@ -20,9 +20,9 @@
 
 package org.jboss.as.connector.util;
 
-import org.jboss.as.util.security.GetContextClassLoaderAction;
-import org.jboss.as.util.security.ReadPropertyAction;
-import org.jboss.as.util.security.SetContextClassLoaderAction;
+import org.wildfly.security.manager.GetContextClassLoaderAction;
+import org.wildfly.security.manager.ReadPropertyAction;
+import org.wildfly.security.manager.SetContextClassLoaderAction;
 
 import static java.lang.System.getProperty;
 import static java.lang.System.getSecurityManager;

controller-client/pom.xml

@@ -58,8 +58,8 @@
             <artifactId>wildfly-protocol</artifactId>
         </dependency>
         <dependency>
-            <groupId>org.jboss.as</groupId>
-            <artifactId>jboss-as-security-util</artifactId>
+            <groupId>org.wildfly</groupId>
+            <artifactId>wildfly-security-util</artifactId>
         </dependency>
         <dependency>
             <groupId>org.jboss</groupId>

controller-client/src/main/java/org/jboss/as/controller/client/impl/ClientConfigurationImpl.java

@@ -23,8 +23,8 @@
 package org.jboss.as.controller.client.impl;
 
 import org.jboss.as.controller.client.ModelControllerClientConfiguration;
-import org.jboss.as.util.security.GetAccessControlContextAction;
-import org.jboss.as.util.security.ReadPropertyAction;
+import org.wildfly.security.manager.GetAccessControlContextAction;
+import org.wildfly.security.manager.ReadPropertyAction;
 import org.jboss.threads.JBossThreadFactory;
 
 import javax.net.ssl.SSLContext;

controller/src/main/java/org/jboss/as/controller/SecurityActions.java

@@ -22,9 +22,9 @@
 
 package org.jboss.as.controller;
 
-import org.jboss.as.util.security.ReadPropertyAction;
-import org.jboss.as.util.security.SetContextClassLoaderAction;
-import org.jboss.as.util.security.SetContextClassLoaderFromClassAction;
+import org.wildfly.security.manager.ReadPropertyAction;
+import org.wildfly.security.manager.SetContextClassLoaderAction;
+import org.wildfly.security.manager.SetContextClassLoaderFromClassAction;
 
 import static java.lang.System.getProperty;
 import static java.lang.System.getSecurityManager;

controller/src/main/java/org/jboss/as/controller/extension/SecurityActions.java

@@ -22,8 +22,8 @@
 
 package org.jboss.as.controller.extension;
 
-import org.jboss.as.util.security.SetContextClassLoaderAction;
-import org.jboss.as.util.security.SetContextClassLoaderFromClassAction;
+import org.wildfly.security.manager.SetContextClassLoaderAction;
+import org.wildfly.security.manager.SetContextClassLoaderFromClassAction;
 
 import static java.lang.System.getSecurityManager;
 import static java.lang.Thread.currentThread;

controller/src/main/java/org/jboss/as/controller/interfaces/OverallInterfaceCriteria.java

@@ -35,7 +35,7 @@
 import java.util.Set;
 
 import org.jboss.as.controller.ControllerLogger;
-import org.jboss.as.util.security.ReadPropertyAction;
+import org.wildfly.security.manager.ReadPropertyAction;
 
 import static java.lang.System.getProperty;
 import static java.lang.System.getSecurityManager;

controller/src/main/java/org/jboss/as/controller/interfaces/SecurityActions.java

@@ -25,7 +25,7 @@
 import static java.lang.System.getSecurityManager;
 import static java.security.AccessController.doPrivileged;
 
-import org.jboss.as.util.security.GetBooleanAction;
+import org.wildfly.security.manager.GetBooleanAction;
 
 /**
  * Security actions to perform possibly privileged operations.  No methods in

controller/src/main/java/org/jboss/as/controller/operations/common/SecurityActions.java

@@ -22,8 +22,8 @@
 
 package org.jboss.as.controller.operations.common;
 
-import org.jboss.as.util.security.SetContextClassLoaderAction;
-import org.jboss.as.util.security.SetContextClassLoaderFromClassAction;
+import org.wildfly.security.manager.SetContextClassLoaderAction;
+import org.wildfly.security.manager.SetContextClassLoaderFromClassAction;
 
 import static java.lang.System.getSecurityManager;
 import static java.lang.Thread.currentThread;

controller/src/main/java/org/jboss/as/controller/operations/global/SecurityActions.java

@@ -22,8 +22,8 @@
 
 package org.jboss.as.controller.operations.global;
 
-import org.jboss.as.util.security.SetContextClassLoaderAction;
-import org.jboss.as.util.security.SetContextClassLoaderFromClassAction;
+import org.wildfly.security.manager.SetContextClassLoaderAction;
+import org.wildfly.security.manager.SetContextClassLoaderFromClassAction;
 
 import static java.lang.System.getSecurityManager;
 import static java.lang.Thread.currentThread;

controller/src/main/java/org/jboss/as/controller/parsing/SecurityActions.java

@@ -22,8 +22,8 @@
 
 package org.jboss.as.controller.parsing;
 
-import org.jboss.as.util.security.SetContextClassLoaderAction;
-import org.jboss.as.util.security.SetContextClassLoaderFromClassAction;
+import org.wildfly.security.manager.SetContextClassLoaderAction;
+import org.wildfly.security.manager.SetContextClassLoaderFromClassAction;
 
 import static java.lang.System.getSecurityManager;
 import static java.lang.Thread.currentThread;

controller/src/main/java/org/jboss/as/controller/persistence/ConfigurationFile.java

@@ -37,7 +37,7 @@
 import java.util.regex.Pattern;
 
 import org.jboss.as.controller.persistence.ConfigurationPersister.SnapshotInfo;
-import org.jboss.as.util.security.ReadPropertyAction;
+import org.wildfly.security.manager.ReadPropertyAction;
 
 /**
  * Encapsulates the configuration file and manages its history

controller/src/main/java/org/jboss/as/controller/remote/AbstractModelControllerOperationHandlerFactoryService.java

@@ -30,7 +30,7 @@
 
 import org.jboss.as.controller.ModelController;
 import org.jboss.as.protocol.mgmt.support.ManagementChannelInitialization;
-import org.jboss.as.util.security.GetAccessControlContextAction;
+import org.wildfly.security.manager.GetAccessControlContextAction;
 import org.jboss.msc.service.Service;
 import org.jboss.msc.service.ServiceName;
 import org.jboss.msc.service.StartContext;

controller/src/main/java/org/jboss/as/controller/remote/SecurityActions.java

@@ -27,7 +27,7 @@
 import javax.security.auth.Subject;
 
 import org.jboss.as.controller.security.SecurityContext;
-import org.jboss.as.util.security.ReadPropertyAction;
+import org.wildfly.security.manager.ReadPropertyAction;
 
 import static java.lang.System.getProperty;
 import static java.lang.System.getSecurityManager;

deployment-scanner/src/main/java/org/jboss/as/server/deployment/scanner/DeploymentScannerAdd.java

@@ -46,7 +46,7 @@
 import org.jboss.as.controller.SimpleAttributeDefinition;
 import org.jboss.as.controller.registry.Resource;
 import org.jboss.as.controller.services.path.PathManager;
-import org.jboss.as.util.security.GetAccessControlContextAction;
+import org.wildfly.security.manager.GetAccessControlContextAction;
 import org.jboss.dmr.ModelNode;
 import org.jboss.msc.service.ServiceController;
 import org.jboss.msc.service.ServiceTarget;

domain-http/interface/src/main/java/org/jboss/as/domain/http/server/SecurityActions.java

@@ -22,7 +22,7 @@
 
 package org.jboss.as.domain.http.server;
 
-import org.jboss.as.util.security.ReadPropertyAction;
+import org.wildfly.security.manager.ReadPropertyAction;
 
 import static java.lang.System.getSecurityManager;
 import static java.security.AccessController.doPrivileged;

ee/src/main/java/org/jboss/as/ee/beanvalidation/SecurityActions.java

@@ -22,8 +22,8 @@
 
 package org.jboss.as.ee.beanvalidation;
 
-import org.jboss.as.util.security.GetContextClassLoaderAction;
-import org.jboss.as.util.security.SetContextClassLoaderAction;
+import org.wildfly.security.manager.GetContextClassLoaderAction;
+import org.wildfly.security.manager.SetContextClassLoaderAction;
 
 import static java.lang.System.getSecurityManager;
 import static java.lang.Thread.currentThread;

ee/src/main/java/org/jboss/as/ee/component/SecurityActions.java

@@ -22,8 +22,8 @@
 
 package org.jboss.as.ee.component;
 
-import org.jboss.as.util.security.GetContextClassLoaderAction;
-import org.jboss.as.util.security.SetContextClassLoaderAction;
+import org.wildfly.security.manager.GetContextClassLoaderAction;
+import org.wildfly.security.manager.SetContextClassLoaderAction;
 
 import static java.lang.System.getSecurityManager;
 import static java.lang.Thread.currentThread;

ee/src/main/java/org/jboss/as/ee/component/deployers/SecurityActions.java

@@ -23,8 +23,8 @@
 package org.jboss.as.ee.component.deployers;
 
 
-import org.jboss.as.util.security.GetContextClassLoaderAction;
-import org.jboss.as.util.security.SetContextClassLoaderAction;
+import org.wildfly.security.manager.GetContextClassLoaderAction;
+import org.wildfly.security.manager.SetContextClassLoaderAction;
 
 import static java.lang.System.getSecurityManager;
 import static java.lang.Thread.currentThread;

ee/src/main/java/org/jboss/as/ee/managedbean/processors/ManagedBeanAnnotationProcessor.java

@@ -46,6 +46,7 @@
 import org.jboss.as.server.deployment.DeploymentUnitProcessingException;
 import org.jboss.as.server.deployment.DeploymentUnitProcessor;
 import org.jboss.as.server.deployment.annotation.CompositeIndex;
+import org.wildfly.security.manager.AccessCheckingInterceptor;
 import org.jboss.invocation.ContextClassLoaderInterceptor;
 import org.jboss.invocation.ImmediateInterceptorFactory;
 import org.jboss.invocation.PrivilegedInterceptor;
@@ -118,6 +119,7 @@ public void configure(final DeploymentPhaseContext context, final ComponentConfi
                     configuration.addClientPreDestroyInterceptor(new ManagedBeanDestroyInterceptorFactory(contextKey), InterceptorOrder.ClientPreDestroy.INSTANCE_DESTROY);
                     final ClassLoader classLoader = componentConfiguration.getModuleClassLoader();
                     configuration.addViewInterceptor(PrivilegedInterceptor.getFactory(), InterceptorOrder.View.PRIVILEGED_INTERCEPTOR);
+                    configuration.addViewInterceptor(AccessCheckingInterceptor.getFactory(), InterceptorOrder.View.PRIVILEGED_INTERCEPTOR);
                     configuration.addViewInterceptor(new ImmediateInterceptorFactory(new ContextClassLoaderInterceptor(classLoader)), InterceptorOrder.View.TCCL_INTERCEPTOR);
                 }
             });