Uploaded image for project: 'JDK'
  1. JDK
  2. JDK-6611565

AccessControlException when executing signed applets

    XMLWordPrintable

    Details

    • Type: Bug
    • Status: Closed
    • Priority: P3
    • Resolution: Duplicate
    • Affects Version/s: 6u2
    • Fix Version/s: None
    • Component/s: deploy
    • Labels:
    • Subcomponent:
    • CPU:
      x86
    • OS:
      windows_xp

      Description

      We have two signed applets embedded in one webpage, and when trying to access this webpage, occasionally we meet with security issues on both IE6 and FireFox. We did not see this problem on JREs 1.4.2 and 1.5.

      This is a trace:

      security: Checking if certificate is in Deployment denied certificate store
      security: Checking if certificate is in Deployment denied certificate store
      security: Checking if certificate is in Deployment permanent certificate store
      security: Checking if certificate is in Deployment permanent certificate store
      java.security.AccessControlException: access denied (java.util.PropertyPermission user.home read)
       at java.security.AccessControlContext.checkPermission(Unknown Source)
       at java.security.AccessController.checkPermission(Unknown Source)
       at java.lang.SecurityManager.checkPermission(Unknown Source)
       at java.lang.SecurityManager.checkPropertyAccess(Unknown Source)
       at java.lang.System.getProperty(Unknown Source)
       at com.ibm.asm.remotedisk.ClientInterface.setWorkingDir(Unknown Source)
       at com.ibm.asm.remotedisk.ClientInterface.setClientEnv(Unknown Source)
       at com.ibm.asm.remotedisk.RemoteDisk.init(Unknown Source)
       at sun.applet.AppletPanel.run(Unknown Source)
       at java.lang.Thread.run(Unknown Source)
                                        
      basic: Exception: java.security.AccessControlException: access denied (java.util.PropertyPermission user.home read)
      java.security.AccessControlException: access denied (java.util.PropertyPermission user.home read)
       at java.security.AccessControlContext.checkPermission(Unknown Source)
       at java.security.AccessController.checkPermission(Unknown Source)
       at java.lang.SecurityManager.checkPermission(Unknown Source)
       at java.lang.SecurityManager.checkPropertyAccess(Unknown Source)
       at java.lang.System.getProperty(Unknown Source)
       at com.ibm.asm.remotedisk.ClientInterface.setWorkingDir(Unknown Source)
       at com.ibm.asm.remotedisk.ClientInterface.setClientEnv(Unknown Source)
       at com.ibm.asm.remotedisk.RemoteDisk.init(Unknown Source)
       at sun.applet.AppletPanel.run(Unknown Source)
       at java.lang.Thread.run(Unknown Source)
                                                                               
      Recreation instructions:
                                                
      1. Disable JRE cache, delete certificate
      2. Open the webpag and choose always permit certificate on the security
         popup
      3. Close all browser windows, open webpage again
      4. You may encounter the problem. If not, repeat step 3.

      We did not see this behavior on JRE 1.4.2 and 1.5.
                                                                               
      This problem seriously impacts customers using our product with Java 6.

        Attachments

          Issue Links

            Activity

              People

              Assignee:
              dgu Dennis Gu (Inactive)
              Reporter:
              elarsen Erik Larsen (Inactive)
              Votes:
              0 Vote for this issue
              Watchers:
              0 Start watching this issue

                Dates

                Created:
                Updated:
                Resolved:
                Imported:
                Indexed: