Bug 38139257 - [38041090->25.03.3] Failed to restart services: java.lang.SecurityException due to Subject is not inherited from the parent thread

Redo //dev/coherence-ce/release/coherence-ce-v25.03/prj/... changelist 117247 + ce-main -> ce-v25.03 @117390

[git-p4: depot-paths = "//dev/coherence-ce/release/coherence-ce-v25.03/": change = 117400]

Author: lsho

prj/coherence-core-21/src/main/java/com/tangosol/net/security/DoAsAction.java

@@ -0,0 +1,67 @@
+/*
+ * Copyright (c) 2000, 2025, Oracle and/or its affiliates.
+ *
+ * Licensed under the Universal Permissive License v 1.0 as shown at
+ * https://oss.oracle.com/licenses/upl.
+ */
+package com.tangosol.net.security;
+
+import java.security.PrivilegedAction;
+
+import javax.security.auth.Subject;
+
+/**
+ * A helper class to expose the {@link Subject#doAs} call as a privileged action.
+ * <p>
+ * This is a Java21 version of this class which replaces the {@link Subject#doAs},
+ * which is deprecated with {@link Subject#callAs} in the coherence-core-21
+ * module and is built into the multi-release coherence.jar.
+ *
+ * Note: In case of Exception, Subject.callAs() wraps the Exception
+ * returned by action::run with the java.util.concurrent.CompletionException.
+ */
+public class DoAsAction<T>
+        implements PrivilegedAction<T>
+    {
+    /**
+     * Construct a privileged action.
+     *
+     * @param action  the action to run with privileges of the current subject
+     *
+     * @since 14.1.2.0.4
+     */
+    public DoAsAction(PrivilegedAction<T> action)
+        {
+        this(Subject.current(), action);
+        }
+    /**
+     * Construct a privileged action.
+     *
+     * @param subject  the subject that the specified action will run as
+     * @param action   the action to run with privileges of the specified subject
+     */
+    public DoAsAction(Subject subject, PrivilegedAction<T> action)
+        {
+        m_subject = subject;
+        m_action  = action;
+        }
+
+    @Override
+    public T run()
+        {
+        return Subject.callAs(m_subject, m_action::run);
+        }
+
+
+    // ----- data members ---------------------------------------------------
+
+    /**
+     * The subject that the specified action will run as.
+     */
+    private Subject m_subject;
+
+    /**
+     * The privileged action to be run as the specified subject.
+     */
+    private PrivilegedAction<T> m_action;
+    }

prj/coherence-core-21/src/main/java/com/tangosol/net/security/SecurityManagerWrapperImpl.java

@@ -0,0 +1,168 @@
+/*
+ * Copyright (c) 2000, 2025, Oracle and/or its affiliates.
+ *
+ * Licensed under the Universal Permissive License v 1.0 as shown at
+ * https://oss.oracle.com/licenses/upl.
+ */
+
+package com.tangosol.net.security;
+
+import javax.security.auth.Subject;
+
+import java.security.AccessController;
+import java.security.Permission;
+import java.security.PrivilegedAction;
+import java.security.PrivilegedActionException;
+import java.security.PrivilegedExceptionAction;
+
+import java.util.function.Supplier;
+
+/**
+ * A wrapper to handle the removal of Java's SecurityManger class.
+ * <p>
+ * This is a Java21 version of this class in the coherence-core-21
+ * module and is built into the multi-release coherence.jar.
+ *
+ * Note, In case of Exception, Subject.callAs() wraps the Exception
+ * returned by action::run with the java.util.concurrent.CompletionException.
+ *
+ * @author Jonathan Knight, lh 26/06/2025
+ * @since 14.1.2.0.4
+ */
+@SuppressWarnings("removal")
+public class SecurityManagerWrapperImpl
+        implements SecurityManagerWrapper
+    {
+    SecurityManagerWrapperImpl()
+        {
+        }
+
+    @Override
+    public Subject getCurrentSubject()
+        {
+        return Subject.current();
+        }
+
+    @Override
+    public boolean hasSecurityManager()
+        {
+        return System.getSecurityManager() != null;
+        }
+
+    @Override
+    public <T> T doIfSecure(PrivilegedAction<T> action)
+        {
+        if (hasSecurityManager())
+            {
+            if (action instanceof DoAsAction)
+                {
+                return AccessController.doPrivileged(action);
+                }
+
+            Subject subject = getCurrentSubject();
+            return AccessController.doPrivileged((PrivilegedAction<T>) () ->
+                    Subject.callAs(subject, action::run));
+            }
+        return action.run();
+        }
+
+    @Override
+    public <T> T doIfSecure(PrivilegedExceptionAction<T> action) throws Exception
+        {
+        if (hasSecurityManager())
+            {
+            if (action instanceof DoAsAction)
+                {
+                return AccessController.doPrivileged(action);
+                }
+
+            Subject subject = getCurrentSubject();
+            return AccessController.doPrivileged((PrivilegedExceptionAction<T>) () ->
+                    Subject.callAs(subject, action::run));
+            }
+        return action.run();
+        }
+
+    @Override
+    public void doIfSecure(PrivilegedAction<?> action, Runnable fallback)
+        {
+        if (hasSecurityManager())
+            {
+            if (action instanceof DoAsAction)
+                {
+                AccessController.doPrivileged(action);
+                }
+            else
+                {
+                Subject subject = getCurrentSubject();
+                AccessController.doPrivileged((PrivilegedAction) () ->
+                        Subject.callAs(subject, action::run));
+                }
+            }
+        else
+            {
+            fallback.run();
+            }
+        }
+
+    @Override
+    public <T> T doIfSecure(PrivilegedAction<T> action, Supplier<T> fallback)
+        {
+        if (hasSecurityManager())
+            {
+            if (action instanceof DoAsAction)
+                {
+                return AccessController.doPrivileged(action);
+                }
+            Subject subject = getCurrentSubject();
+            return AccessController.doPrivileged((PrivilegedAction<T>) () ->
+                    Subject.callAs(subject, action::run));
+            }
+        return fallback.get();
+        }
+
+    @Override
+    public <T> T doPrivileged(PrivilegedAction<T> action)
+        {
+        if (action instanceof DoAsAction)
+            {
+            return AccessController.doPrivileged(action);
+            }
+
+        Subject subject = getCurrentSubject();
+        return AccessController.doPrivileged((PrivilegedAction<T>) () ->
+                Subject.callAs(subject, action::run));
+        }
+
+    @Override
+    public <T> T doPrivileged(PrivilegedExceptionAction<T> action) throws PrivilegedActionException
+        {
+        if (action instanceof DoAsAction)
+            {
+            return AccessController.doPrivileged(action);
+            }
+
+        Subject subject = getCurrentSubject();
+        return AccessController.doPrivileged((PrivilegedExceptionAction<T>) () ->
+                Subject.callAs(subject, action::run));
+        }
+
+    @Override
+    public void checkPermission(Supplier<Permission> supplier)
+        {
+        checkPermission(supplier.get());
+        }
+
+    @Override
+    public void checkPermission(Permission permission)
+        {
+        SecurityManager security = System.getSecurityManager();
+        if (security != null)
+            {
+            if (permission != null)
+                {
+                security.checkPermission(permission);
+                }
+            }
+        }
+    }

prj/coherence-core/src/main/java/com/tangosol/net/security/SecurityManagerWrapperImpl.java

@@ -29,7 +29,7 @@
  * @author Jonathan Knight 25/01/2025
  */
 @SuppressWarnings("removal")
-class SecurityManagerWrapperImpl
+public class SecurityManagerWrapperImpl
         implements SecurityManagerWrapper
     {
     SecurityManagerWrapperImpl()
@@ -71,7 +71,7 @@ public <T> T doIfSecure(PrivilegedExceptionAction<T> action) throws Exception
         {
         if (hasSecurityManager())
             {
-            AccessController.doPrivileged(action);
+            return AccessController.doPrivileged(action);
             }
         return action.run();
         }
@@ -83,7 +83,10 @@ public void doIfSecure(PrivilegedAction<?> action, Runnable fallback)
             {
             AccessController.doPrivileged(action);
             }
-        fallback.run();
+        else
+            {
+            fallback.run();
+            }
         }
 
     @Override

prj/coherence-core/src/main/java/com/tangosol/util/Unsafe.java

@@ -11,7 +11,7 @@
 import com.oracle.coherence.common.base.Logger;
 import com.tangosol.coherence.config.Config;
 
-import com.tangosol.net.security.SecurityHelper;
+import com.tangosol.net.security.SecurityManagerWrapperImpl;
 
 import java.security.CodeSource;
 
@@ -62,7 +62,7 @@ public static Unsafe getUnsafe()
             {
             String sClassName = aStack[i].getClassName();
             // skip frames pertinent to use of Unsafe within a security block
-            if (!sClassName.startsWith("java.security"))
+            if (!sClassName.startsWith("java.security") && !sClassName.startsWith("javax.security"))
                 {
                 sCallingClass = sClassName;
                 break;
@@ -98,7 +98,7 @@ public static Unsafe getUnsafe()
 
         CodeSource srcUnsafe   = Unsafe.class.getProtectionDomain().getCodeSource();
         CodeSource srcCaller   = clzCaller.getProtectionDomain().getCodeSource();
-        CodeSource srcSecurity = SecurityHelper.getCodeSource();
+        CodeSource srcSecurity = SecurityManagerWrapperImpl.class.getProtectionDomain().getCodeSource();
         if (Base.equals(srcCaller, srcUnsafe) || Base.equals(srcCaller, srcSecurity))
             {
             return INSTANCE;