Who is not granted???

[EdUarDo]

Hi,
How could I know which class has access denied to some permission when I get an access denied exception?

[Christophe Vanfleteren]

EdUarDo wrote:

What are you trying to, and in what environment (applets, java
webstart, ...).

Do you have a policy file, is the applet signed, is a securitymanager
running, ...?

In other words, give more information.

--
Kind regards,
Christophe Vanfleteren

[Andrew Thompson]

On Thu, 18 Mar 2004 13:46:03 +0100, EdUarDo wrote:

> How could I know which class has access denied
> to some permission when I get an access denied exception?

The Stacktrace is usually helpful in that regard

Exception.printStackTrace()* is your friend

* inherets it from
Throwable.printStackTrace()

--
Andrew Thompson
* http://www.PhySci.org/ Open-source software suite
* http://www.PhySci.org/codes/ Web & IT Help
* http://www.1point1C.org/ Science & Technology

[EdUarDo]

Andrew Thompson wrote:
> On Thu, 18 Mar 2004 13:46:03 +0100, EdUarDo wrote:
>
>
>>How could I know which class has access denied
>>to some permission when I get an access denied exception?
>
>
> The Stacktrace is usually helpful in that regard
>
> Exception.printStackTrace()* is your friend
>
> * inherets it from
> Throwable.printStackTrace()
>

The stack trace is:

java.security.AccessControlException: access denied (java.io.FilePermission
/home/eduardoyp/Aplicaciones/jakarta-tomcat-5.0.18/webapps/smulti/WEB-INF/classes/net/sf/cglib/MethodProxy$Generator.class
read)
at java.security.AccessControlContext.checkPermission(AccessControlContext.java:269)
at java.security.AccessController.checkPermission(AccessController.java:401)
at java.lang.SecurityManager.checkPermission(SecurityManager.java:524)
at java.lang.SecurityManager.checkRead(SecurityManager.java:863)
at java.io.File.exists(File.java:678)
at org.apache.naming.resources.FileDirContext.file(FileDirContext.java:873)
at org.apache.naming.resources.FileDirContext.lookup(FileDirContext.java:255)
at org.apache.naming.resources.ProxyDirContext.lookup(ProxyDirContext.java:334)
at org.apache.catalina.loader.WebappClassLoader.findResourceInternal(WebappClassLoader.java:1750)
at org.apache.catalina.loader.WebappClassLoader.findClassInternal(WebappClassLoader.java:1618)
at org.apache.catalina.loader.WebappClassLoader.findClass(WebappClassLoader.java:900)
at org.apache.catalina.loader.WebappClassLoader.loadClass(WebappClassLoader.java:1350)
at org.apache.catalina.loader.WebappClassLoader.loadClass(WebappClassLoader.java:1230)
at java.lang.ClassLoader.loadClassInternal(ClassLoader.java:302)
at net.sf.cglib.MetaClass.addMembers(MetaClass.java:119)
at net.sf.cglib.MetaClass.<init>(MetaClass.java:104)
at es.bancoval.bfci18n.support.database.TgrDescriptionMetaClass13.<init>(<generated>)
at sun.reflect.NativeConstructorAccessorImpl.newInstance0(Native Method)
at sun.reflect.NativeConstructorAccessorImpl.newInstance(NativeConstructorAccessorImpl.java:39)
at sun.reflect.DelegatingConstructorAccessorImpl.newInstance(DelegatingConstructorAccessorImpl.java:27)
at java.lang.reflect.Constructor.newInstance(Constructor.java:274)
at net.sf.cglib.MetaClass.getInstance(MetaClass.java:259)
at net.sf.hibernate.util.ReflectHelper.getMetaClass(ReflectHelper.java:319)
at net.sf.hibernate.persister.AbstractEntityPersister.<init>(AbstractEntityPersister.java:589)
at net.sf.hibernate.persister.EntityPersister.<init>(EntityPersister.java:665)
at net.sf.hibernate.persister.PersisterFactory.create(PersisterFactory.java:29)
at net.sf.hibernate.impl.SessionFactoryImpl.<init>(SessionFactoryImpl.java:207)
at net.sf.hibernate.cfg.Configuration.buildSessionFactory(Configuration.java:627)
at es.bancoval.bfci18n.support.database.DBBasicManager.<init>(DBBasicManager.java:23)
at es.bancoval.bfci18n.support.commands.GetProjects.execute(GetProjects.java:19)
at es.bancoval.bfci18n.support.controller.Helper.getProjects(Helper.java:455)
at es.bancoval.bfci18n.support.controller.MultiController.service(MultiController.java:74)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:856)
at sun.reflect.GeneratedMethodAccessor64.invoke(Unknown Source)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
at java.lang.reflect.Method.invoke(Method.java:324)
at org.apache.catalina.security.SecurityUtil$1.run(SecurityUtil.java:284)
at java.security.AccessController.doPrivileged(Native Method)
at javax.security.auth.Subject.doAsPrivileged(Subject.java:500)
at org.apache.catalina.security.SecurityUtil.execute(SecurityUtil.java:306)
at org.apache.catalina.security.SecurityUtil.doAsPrivilege(SecurityUtil.java:200)
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:278)
at org.apache.catalina.core.ApplicationFilterChain.access$000(ApplicationFilterChain.java:97)
at org.apache.catalina.core.ApplicationFilterChain$1.run(ApplicationFilterChain.java:187)
at java.security.AccessController.doPrivileged(Native Method)
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:183)
at es.bfc.base.filter.AuthenticateFilter.doFilter(AuthenticateFilter.java:115)
at es.bfc.base.filter.AbstractFilter.doFilter(AbstractFilter.java:71)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
at java.lang.reflect.Method.invoke(Method.java:324)
at org.apache.catalina.security.SecurityUtil$1.run(SecurityUtil.java:284)
at java.security.AccessController.doPrivileged(Native Method)
at javax.security.auth.Subject.doAsPrivileged(Subject.java:500)
at org.apache.catalina.security.SecurityUtil.execute(SecurityUtil.java:306)
at org.apache.catalina.security.SecurityUtil.doAsPrivilege(SecurityUtil.java:256)
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:230)
at org.apache.catalina.core.ApplicationFilterChain.access$000(ApplicationFilterChain.java:97)
at org.apache.catalina.core.ApplicationFilterChain$1.run(ApplicationFilterChain.java:187)
at java.security.AccessController.doPrivileged(Native Method)
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:183)
at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:257)
at org.apache.catalina.core.StandardValveContext.invokeNext(StandardValveContext.java:151)
at org.apache.catalina.core.StandardPipeline.invoke(StandardPipeline.java:564)
at org.apache.catalina.core.StandardContextValve.invokeInternal(StandardContextValve.java:245)
at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:199)
at org.apache.catalina.core.StandardValveContext.invokeNext(StandardValveContext.java:151)
at org.apache.catalina.core.StandardPipeline.invoke(StandardPipeline.java:564)
at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:195)
at org.apache.catalina.core.StandardValveContext.invokeNext(StandardValveContext.java:151)
at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:164)
at org.apache.catalina.core.StandardValveContext.invokeNext(StandardValveContext.java:149)
at org.apache.catalina.core.StandardPipeline.invoke(StandardPipeline.java:564)
at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:156)
at org.apache.catalina.core.StandardValveContext.invokeNext(StandardValveContext.java:151)
at org.apache.catalina.core.StandardPipeline.invoke(StandardPipeline.java:564)
at org.apache.catalina.core.ContainerBase.invoke(ContainerBase.java:972)
at org.apache.coyote.tomcat5.CoyoteAdapter.service(CoyoteAdapter.java:206)
at org.apache.coyote.http11.Http11Processor.process(Http11Processor.java:828)
at org.apache.coyote.http11.Http11Protocol$Http11ConnectionHandler.processConnection(Http11Protocol.java:700)
at org.apache.tomcat.util.net.TcpWorkerThread.runIt(PoolTcpEndpoint.java:584)
at org.apache.tomcat.util.threads.ThreadPool$ControlRunnable.run(ThreadPool.java:683)
at java.lang.Thread.run(Thread.java:534)

The problem is that I've granted with java.security.AllPermission several libraries like
hibernate, es.bancoval.*, es.bfc.*, org.apache.*, etc... Thus I'd like to know which is the class
which is not granted...

[Andrew Thompson]

On Thu, 18 Mar 2004 16:48:53 +0100, EdUarDo wrote:
> Andrew Thompson wrote:
>> On Thu, 18 Mar 2004 13:46:03 +0100, EdUarDo wrote:

..
>>>How could I know which class has access denied..?
..

>> The Stacktrace is usually helpful in that regard

..

> java.security.AccessControlException: access denied (java.io.FilePermission
> /home/eduardoyp/Aplicaciones/jakarta-tomcat-5.0.18/webapps/smulti/WEB-INF/classes/net/sf/cglib/MethodProxy$Generator.class
> read)

If I am reading this correctly (I have made mistakes)

net.sf.cglib.MethodProxy$Generator

..cannot be read

> The problem is that I've granted with java.security.AllPermission several libraries like
> hibernate, es.bancoval.*, es.bfc.*, org.apache.*, etc... Thus I'd like to know which is the class
> which is not granted...

See above.

[EdUarDo]

Andrew Thompson wrote:
> On Thu, 18 Mar 2004 16:48:53 +0100, EdUarDo wrote:
>
>>Andrew Thompson wrote:
>>
>>>On Thu, 18 Mar 2004 13:46:03 +0100, EdUarDo wrote:
>
> ..
>
>>>>How could I know which class has access denied..?
>
> ..
>
>>>The Stacktrace is usually helpful in that regard
>
> ..
>
>>java.security.AccessControlException: access denied (java.io.FilePermission
>>/home/eduardoyp/Aplicaciones/jakarta-tomcat-5.0.18/webapps/smulti/WEB-INF/classes/net/sf/cglib/MethodProxy$Generator.class
>>read)
>
>
> If I am reading this correctly (I have made mistakes)
>
> net.sf.cglib.MethodProxy$Generator
>
> ..cannot be read

yes, I know read stack traces, but in my policy file I've granted java.security.AllPermission to
any application running in my Tomcat... so why I got this Exception?

[EdUarDo]

I'm sorry if I'm expressing a bit hard, but I'm not speak english very well...

[Andrew Thompson]

On Thu, 18 Mar 2004 18:03:02 +0100, EdUarDo wrote:

> I'm sorry if I'm expressing a bit hard, but I'm not speak english very well...

You speak English enough, but you leave
out important details.

No mention at first of policy files.

[ I read your English OK,
I not read your mind! ;-) ]

[William Brogden]

"EdUarDo" <edu...@pesima.com> wrote in message
news:c3ckdt$26fh5i$1...@ID-202343.news.uni-berlin.de...

I just went through this trying to get a JavaSpaces connection working. It
turned out
that
1. Tomcat 5.0.19 did NOT handle policy correctly when on port 80 even though
it worked with port 8080 !!
2. Reverting back to Tomcat 4.1.30 worked whn my policy file specified the
application path.
grant codeBase "file:${catalina.home}/webapps/javaspace/WEB-INF/classes/-" {
permission java.security.AllPermission;
};

----== Posted via Newsfeed.Com - Unlimited-Uncensored-Secure Usenet News==----
http://www.newsfeed.com The #1 Newsgroup Service in the World! >100,000 Newsgroups
---= 19 East/West-Coast Specialized Servers - Total Privacy via Encryption =---

[EdUarDo]

> I just went through this trying to get a JavaSpaces connection working. It
> turned out
> that
> 1. Tomcat 5.0.19 did NOT handle policy correctly when on port 80 even though
> it worked with port 8080 !!
> 2. Reverting back to Tomcat 4.1.30 worked whn my policy file specified the
> application path.
> grant codeBase "file:${catalina.home}/webapps/javaspace/WEB-INF/classes/-" {
> permission java.security.AllPermission;
> };

Hi again :), I've managed to get my security working... I've tried the same configuration
on Tomcat 4.1.30 and it works fine!!, moreover it has pointed that there were some security
exceptions that Tomcat 5 don't told me.