i have an applet, in eclipse everything works right, but, when i export the jar, and embed to my website(which i have to embed every jackson jar too), im getting this error:
com.fasterxml.jackson.databind.JsonMappingException: Can not access public ticket.Ticket() (from class ticket.Ticket; failed to set access: access denied ("java.lang.reflect.ReflectPermission" "suppressAccessChecks")
at com.fasterxml.jackson.databind.deser.DeserializerCache._createAndCache2(DeserializerCache.java:272)
at com.fasterxml.jackson.databind.deser.DeserializerCache._createAndCacheValueDeserializer(DeserializerCache.java:247)
at com.fasterxml.jackson.databind.deser.DeserializerCache.findValueDeserializer(DeserializerCache.java:146)
at com.fasterxml.jackson.databind.DeserializationContext.findRootValueDeserializer(DeserializationContext.java:322)
at com.fasterxml.jackson.databind.ObjectMapper._findRootDeserializer(ObjectMapper.java:2990)
at com.fasterxml.jackson.databind.ObjectMapper._readMapAndClose(ObjectMapper.java:2884)
at com.fasterxml.jackson.databind.ObjectMapper.readValue(ObjectMapper.java:2034)
at ticket.Main.init(Main.java:56)
at com.sun.deploy.uitoolkit.impl.awt.AWTAppletAdapter.init(Unknown Source)
at sun.plugin2.applet.Plugin2Manager$AppletExecutionRunnable.run(Unknown Source)
at java.lang.Thread.run(Unknown Source)
Caused by: java.lang.IllegalArgumentException: Can not access public ticket.Ticket() (from class ticket.Ticket; failed to set access: access denied ("java.lang.reflect.ReflectPermission" "suppressAccessChecks")
at com.fasterxml.jackson.databind.util.ClassUtil.checkAndFixAccess(ClassUtil.java:510)
at com.fasterxml.jackson.databind.deser.impl.CreatorCollector._fixAccess(CreatorCollector.java:203)
at com.fasterxml.jackson.databind.deser.impl.CreatorCollector.setDefaultConstructor(CreatorCollector.java:106)
at com.fasterxml.jackson.databind.deser.impl.CreatorCollector.setDefaultCreator(CreatorCollector.java:123)
at com.fasterxml.jackson.databind.deser.BasicDeserializerFactory._addDeserializerConstructors(BasicDeserializerFactory.java:369)
at com.fasterxml.jackson.databind.deser.BasicDeserializerFactory._constructDefaultValueInstantiator(BasicDeserializerFactory.java:315)
at com.fasterxml.jackson.databind.deser.BasicDeserializerFactory.findValueInstantiator(BasicDeserializerFactory.java:259)
at com.fasterxml.jackson.databind.deser.BeanDeserializerFactory.buildBeanDeserializer(BeanDeserializerFactory.java:263)
at com.fasterxml.jackson.databind.deser.BeanDeserializerFactory.createBeanDeserializer(BeanDeserializerFactory.java:168)
at com.fasterxml.jackson.databind.deser.DeserializerCache._createDeserializer2(DeserializerCache.java:401)
at com.fasterxml.jackson.databind.deser.DeserializerCache._createDeserializer(DeserializerCache.java:354)
at com.fasterxml.jackson.databind.deser.DeserializerCache._createAndCache2(DeserializerCache.java:267)
... 10 more
What can i do in this case?
An applet that attempts reflection would need to be digitally signed by the developer, and trusted by the user when prompted.
In addition to signing, you should be able to avoid this problem by disabling MapperFeature.CAN_OVERRIDE_ACCESS_MODIFIERS, (see javadoc). This prevents specific call that is failing for you; for non-applet use case this is important for access and performance reasons; but it requires that security manager allows it.
Related
I am trying to read a file stored in my computer from the app engine project which I am debugging in eclipse. But I am getting security exception with the following error:
java.security.AccessControlException: access denied ("java.io.FilePermission" ""D:\PROJECTS\LocBiz-AppEngine\war\Key\locbiz_key.json"" "read")
at java.security.AccessControlContext.checkPermission(Unknown Source)
at java.security.AccessController.checkPermission(Unknown Source)
at java.lang.SecurityManager.checkPermission(Unknown Source)
How do I read the file?
Put the files you want to read on the classpath and use the class loader to read them in
Foo.class.getResource("myfile");
A Java App Engine application's access to the classes in the Java standard library is limited to the whitelisted classes.
I am trying to access an api on a server. I am using jersey with java 1.6.
I have two environment with the same java version 1.6.
On the first everything works perfectly!
On the second (where I need to deploy the application) I have an error:
Exception in thread "main" java.security.AccessControlException: Access denied (
java.security.AllPermission <all permissions> <all actions>)
at java.security.AccessController.checkPermission(AccessController.java:
108)
at java.lang.SecurityManager.checkPermission(SecurityManager.java:533)
at java.net.URLClassLoader$9.run(URLClassLoader.java:924)
at java.security.AccessController.doPrivileged(AccessController.java:224
)
at java.net.URLClassLoader.getPermissions(URLClassLoader.java:922)
at java.security.SecureClassLoader.getPD(SecureClassLoader.java:101)
at java.security.SecureClassLoader.defineClass(SecureClassLoader.java:69
)
at java.net.URLClassLoader.defineClass(URLClassLoader.java:529)
at java.net.URLClassLoader.defineClass(URLClassLoader.java:440)
at java.net.URLClassLoader.access$300(URLClassLoader.java:68)
at java.net.URLClassLoader$ClassFinder.run(URLClassLoader.java:1027)
at java.security.AccessController.doPrivileged(AccessController.java:284
)
at java.net.URLClassLoader.findClass(URLClassLoader.java:418)
at java.lang.ClassLoader.loadClass(ClassLoader.java:660)
at java.lang.ClassLoader.loadClass(ClassLoader.java:626)
at java.lang.Class.forNameImpl(Native Method)
at java.lang.Class.forName(Class.java:172)
at org.eclipse.jdt.internal.jarinjarloader.JarRsrcLoader.main(JarRsrcLoa
der.java:56)
Has anyone encountered this problem before or might know how to resolve it?
I have created a .jar file which contains my classes together with classes which I have extracted from multiple Apache Tomcat jars. Then I have signed the jar and created a JNLP file with <security><all-permissions/>.
But when running my application, WebStart denies access to classes from my jar:
java.security.AccessControlException: access denied (java.lang.RuntimePermission accessClassInPackage.org.apache.catalina.deploy)
at java.security.AccessControlContext.checkPermission(AccessControlContext.java:393)
at java.security.AccessController.checkPermission(AccessController.java:553)
at java.lang.SecurityManager.checkPermission(SecurityManager.java:549)
at java.lang.SecurityManager.checkPackageAccess(SecurityManager.java:1529)
at sun.misc.Launcher$AppClassLoader.loadClass(Launcher.java:291)
at java.lang.ClassLoader.loadClass(ClassLoader.java:266)
at net.sourceforge.jnlp.runtime.JNLPClassLoader.loadClass(JNLPClassLoader.java:1018)
at java.lang.Class.getDeclaredMethods0(Native Method)
at java.lang.Class.privateGetDeclaredMethods(Class.java:2444)
at java.lang.Class.getMethod0(Class.java:2687)
at java.lang.Class.getMethod(Class.java:1620)
at org.apache.catalina.startup.SetPublicIdRule.begin(WebRuleSet.java:639)
at org.apache.tomcat.util.digester.Digester.startElement(Digester.java:1276)
... 33 more
Is this a bug in WebStart or why do I get this security exception?
Try clearing the security manager by calling:
System.setSecurityManager(null);
I have used this from a Java Web Start application to gain complete control but the application needs to be signed and have the
<security>
<all-permissions/>
</security>
as you stated correctly.
I am having some issues with Tomcat 6 on Ubuntu Karmic. It doesn't start the app failing with various errors.
The first on is:
Caused by: java.security.AccessControlException: access denied (java.util.PropertyPermission spring.security.strategy read)
at java.security.AccessControlContext.checkPermission(AccessControlContext.java:342)
at java.security.AccessController.checkPermission(AccessController.java:553)
at java.lang.SecurityManager.checkPermission(SecurityManager.java:549)
at java.lang.SecurityManager.checkPropertyAccess(SecurityManager.java:1302)
at java.lang.System.getProperty(System.java:669)
at org.springframework.security.core.context.SecurityContextHolder.<clinit>(SecurityContextHolder.java:53)
... 54 more
This is weird, because the very same app runs on Tomcat 6 on Lucid very well. The policy configuration file is the same, I checked. When I add the permission to the conf/policy.d/04webapps.policy file:
permission java.util.PropertyPermission "spring.security.strategy", "read";
it then fails with NoClassDefFoundError:
Caused by: java.lang.NoClassDefFoundError: Could not initialize class net.sf.cglib.proxy.Enhancer
Though cglib is in the lib directory of the war
Please help, I can't find any clue on the reason of this.
Ok, I got it now. By default, in Lucid tomcat runs without a security manager. By default in Karmic security manager is enabled. If it is enabled, you need to fine-tune it for your application needs.
UPDATE: I have submitted my question to the CXF User's mailing list, here.
UPDATE: I have currently signed all of my jars. I still can't seem to get CXF setup in a way that it can find the WSDL. My last attempt was to place the WSDL inside of my WAr file so I can access it through a web browser. I set the wsdllocation inside of the client to the URL (http://www.example.com/app/example.wsdl). I am now getting the following exception:
Exception in thread "AWT-EventQueue-0" java.lang.ExceptionInInitializerError
at com.sun.xml.internal.ws.util.xml.XmlUtil.createDefaultCatalogResolver(Unknown Source)
at com.sun.xml.internal.ws.client.WSServiceDelegate.parseWSDL(Unknown Source)
at com.sun.xml.internal.ws.client.WSServiceDelegate.<init>(Unknown Source)
at com.sun.xml.internal.ws.client.WSServiceDelegate.<init>(Unknown Source)
at com.sun.xml.internal.ws.spi.ProviderImpl.createServiceDelegate(Unknown Source)
at javax.xml.ws.Service.<init>(Unknown Source)
Googling has turned up pretty much nothing on this.
I am creating a web service client from a given WSDL using Apache CXF. I am running into problems however when trying to access the service, I get this exception:
Can not initialize the default wsdl from ../resource/example.wsdl
Exception in thread "AWT-EventQueue-0" java.security.AccessControlException: access denied (java.util.PropertyPermission user.dir read)
at java.security.AccessControlContext.checkPermission(Unknown Source)
at java.security.AccessController.checkPermission(Unknown Source)
at java.lang.SecurityManager.checkPermission(Unknown Source)
at java.lang.SecurityManager.checkPropertyAccess(Unknown Source)
I am not signing my web start application, and would prefer not to since I am not accessing any resources from the client's machine. The WSDL mentioned is packaged within my jar. The problem is caused by this from the CXF generated client code:
URL url = null;
try {
url = new URL("../resource/example.wsdl");
} catch (MalformedURLException e) {
System.err.println("Can not initialize the default wsdl from ../resource/example.wsdl");
// e.printStackTrace();
}
WSDL_LOCATION = url;
How can I correctly point CXF to this WSDL? I am also worried about the WebService annotation on the class:
#WebServiceClient(name = "Example",
wsdlLocation = "../resource/example.wsdl",
targetNamespace = "http://services.example.com/")
Do I also need to change this?
You are going to need to change that wsdlLocation to a classpath: reference.
use -wsdlLocation as shown here.
After a few mistakes and experimentation, I have managed to get everything to work properly. First, MAKE SURE that cxf.jar and wsdl4j.jar are actually on your classpath. I thought I had verified this, but because I was instantiating the client from inside a jar via webstart that was in itself packed in a WAR, I messed up the placement of the cxf runtime in my build process. Also, when specifying the wsdl location, I had to use "classpath:my.wsdl". I made it easy on myself and just put the wsdl in the same location as my source.
Hope this helps someone who might do the same thing at somepoint!