java plugin problem
pkumar13
I'm using the java plugin to display an applet. I seem to be having a
security problem but can't figure out why. I use the applet to fetch a
serialized object from a servlet. When I try to cast this object to
its type, I get the following exception.
java.security.AccessControlException: access denied
(java.lang.RuntimePermission accessClassInPackage.sun.util.calendar)
at java.security.AccessControlContext.checkPermission(AccessControlContext.java:272)
at java.security.AccessController.checkPermission(AccessController.java:399)
at java.lang.SecurityManager.checkPermission(SecurityManager.java:545)
at java.lang.SecurityManager.checkPackageAccess(SecurityManager.java:1501)
at sun.applet.AppletSecurity.checkPackageAccess(AppletSecurity.java:169)
at sun.applet.AppletClassLoader.loadClass(AppletClassLoader.java:105)
at java.lang.ClassLoader.loadClass(ClassLoader.java:253)
at java.lang.ClassLoader.loadClassInternal(ClassLoader.java:313)
at java.lang.Class.forName0(Native Method)
at java.lang.Class.forName(Class.java:195)
My java.policy file is as follows:
******************************************************************************************
// Standard extensions get all permissions by default
grant codeBase "file:${java.home}/lib/ext/*" {
permission java.security.AllPermission;
};
// default permissions granted to all domains
grant {
// Allows any thread to stop itself using the
java.lang.Thread.stop()
// method that takes no argument.
// Note that this permission is granted by default only to
remain
// backwards compatible.
// It is strongly recommended that you either remove this
permission
// from this policy file or further restrict it to code
sources
// that you specify, because Thread.stop() is potentially
unsafe.
// See "http://java.sun.com/notes" for more information.
permission java.lang.RuntimePermission "stopThread";
// allows anyone to listen on un-privileged ports
permission java.net.SocketPermission "localhost:1024-",
"listen";
// "standard" properies that can be read by anyone
permission java.util.PropertyPermission "java.version",
"read";
permission java.util.PropertyPermission "java.vendor", "read";
permission java.util.PropertyPermission "java.vendor.url",
"read";
permission java.util.PropertyPermission "java.class.version",
"read";
permission java.util.PropertyPermission "os.name", "read";
permission java.util.PropertyPermission "os.version", "read";
permission java.util.PropertyPermission "os.arch", "read";
permission java.util.PropertyPermission "file.separator",
"read";
permission java.util.PropertyPermission "path.separator",
"read";
permission java.util.PropertyPermission "line.separator",
"read";
permission java.util.PropertyPermission
"java.specification.version", "read";
permission java.util.PropertyPermission
"java.specification.vendor", "read";
permission java.util.PropertyPermission
"java.specification.name", "read";
permission java.util.PropertyPermission
"java.vm.specification.version", "read";
permission java.util.PropertyPermission
"java.vm.specification.vendor", "read";
permission java.util.PropertyPermission
"java.vm.specification.name", "read";
permission java.util.PropertyPermission "java.vm.version",
"read";
permission java.util.PropertyPermission "java.vm.vendor",
"read";
permission java.util.PropertyPermission "java.vm.name",
"read";
};
*******************************************************************************************
Changing the java.policy file to the following fixes the problem:
*********************************************************************************************
// Standard extensions get all permissions by default
grant codeBase "file:${java.home}/lib/ext/*" {
permission java.security.AllPermission;
};
// default permissions granted to all domains
grant {
permission java.security.AllPermission "", "";
};
**********************************************************************************
The old java.policy file seems to work for other applets and I'd like
that policy file to remain in place.
Any help will be appreciated.
Thanks!
Prashant