You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@myfaces.apache.org by "Wolfgang Klaus (JIRA)" <de...@myfaces.apache.org> on 2006/01/26 07:32:11 UTC
[jira] Commented: (MYFACES-324) WebXmlParser throws AccessControlException in secure Tomcat

    [ http://issues.apache.org/jira/browse/MYFACES-324?page=comments#action_12364062 ] 

Wolfgang Klaus commented on MYFACES-324:
----------------------------------------

The problem as described above is still present in MyFaces 1.1.1

When replacing the _EntityResolver everything works fine.

Can some please replace the _EntityResolver as described before.

You can reproduce this error very simple. 
Remove your network cable from your computer and try to start Tomcat in Security-Mode.

Thanks

> WebXmlParser throws AccessControlException in secure Tomcat
> -----------------------------------------------------------
>
>          Key: MYFACES-324
>          URL: http://issues.apache.org/jira/browse/MYFACES-324
>      Project: MyFaces
>         Type: Bug
>     Versions: 1.0.9m9
>  Environment: java 1.5.0_04
> tomcat 5.5.9
>     Reporter: Wolfgang Klaus
>      Fix For: 1.1.0

>
> Using MyfFaces in a secure tomcat throws AccessControlException in WebXmlParser
> Here the Stacktrace:
> 18:41:53,664 FATAL WebXmlParser:105 - Unable to parse web.xml
> java.security.AccessControlException: access denied (java.net.SocketPermission java.sun.com:80 connect,resolve)
>     at java.security.AccessControlContext.checkPermission(AccessControlContext.java:264)
>     at java.security.AccessController.checkPermission(AccessController.java:427)
>     at java.lang.SecurityManager.checkPermission(SecurityManager.java:532)
>     at java.lang.SecurityManager.checkConnect(SecurityManager.java:1034)
>     at sun.net.www.http.HttpClient.openServer(HttpClient.java:459)
>     at sun.net.www.http.HttpClient.<init>(HttpClient.java:214)
>     at sun.net.www.http.HttpClient.New(HttpClient.java:287)
>     at sun.net.www.http.HttpClient.New(HttpClient.java:299)
>     at sun.net.www.protocol.http.HttpURLConnection.getNewHttpClient(HttpURLConnection.java:792)
>     at sun.net.www.protocol.http.HttpURLConnection.plainConnect(HttpURLConnection.java:744)
>     at sun.net.www.protocol.http.HttpURLConnection.connect(HttpURLConnection.java:669)
>     at sun.net.www.protocol.http.HttpURLConnection.getInputStream(HttpURLConnection.java:913)
>     at com.sun.org.apache.xerces.internal.impl.XMLEntityManager.setupCurrentEntity(XMLEntityManager.java:973)
>     at com.sun.org.apache.xerces.internal.impl.XMLEntityManager.startEntity(XMLEntityManager.java:905)
>     at com.sun.org.apache.xerces.internal.impl.XMLEntityManager.startDTDEntity(XMLEntityManager.java:872)
>     at com.sun.org.apache.xerces.internal.impl.XMLDTDScannerImpl.setInputSource(XMLDTDScannerImpl.java:282)
>     at com.sun.org.apache.xerces.internal.impl.XMLDocumentScannerImpl$DTDDispatcher.dispatch(XMLDocumentScannerImpl.java:102
>     at com.sun.org.apache.xerces.internal.impl.XMLDocumentFragmentScannerImpl.scanDocument(XMLDocumentFragmentScannerImpl.ja
>     at com.sun.org.apache.xerces.internal.parsers.XML11Configuration.parse(XML11Configuration.java:834)
>     at com.sun.org.apache.xerces.internal.parsers.XML11Configuration.parse(XML11Configuration.java:764)
>     at com.sun.org.apache.xerces.internal.parsers.XMLParser.parse(XMLParser.java:148)
>     at com.sun.org.apache.xerces.internal.parsers.DOMParser.parse(DOMParser.java:250)
>     at com.sun.org.apache.xerces.internal.jaxp.DocumentBuilderImpl.parse(DocumentBuilderImpl.java:292)
>     at org.apache.myfaces.webapp.webxml.WebXmlParser.parse(WebXmlParser.java:90)
>     at org.apache.myfaces.webapp.webxml.WebXml.init(WebXml.java:143)
> After adding the following line to catalina.policy
> permission java.net.SocketPermission "java.sun.com:80", "connect";
> Parsing of web.xml works if the computer, on which tomcat is runnig, can make connects to the internet.
> But if the computer is not able to connect to internet (e.g. after a proxy) then the above Excpetion is thrown again.
> If you run in an not secure Tomcat you get an UnknownHostException. 
> The parser allways trys to connect to http://java.sun.com.
> The following changes in WebXmlParser solves the problem.
> disable Validating for the parser. (dbf.setValidating(false))
> Do we have to validate the web.xml file. Tomcat already parses and validates the web.xml. So if an
> error in web.xml tomcat already before get an error.
> The _EntityResolver try's to load the dtd-file and that is the problem.
> With following _EntityResolver everything works fine.
> private class _EntityResolver implements EntityResolver
>  {
>         public InputSource resolveEntity(String publicId, String systemId) throws IOException
>         {
>            return new InputSource(new StringReader(""));
>         }
> }

-- 
This message is automatically generated by JIRA.
-
If you think it was sent incorrectly contact one of the administrators:
   http://issues.apache.org/jira/secure/Administrators.jspa
-
For more information on JIRA, see:
   http://www.atlassian.com/software/jira