You are viewing a plain text version of this content. The canonical link for it is here.
Posted to java-user@axis.apache.org by Christian Schröder <cs...@theta-soft.de> on 2004/11/09 06:03:11 UTC
java.security.AccessControlException
Hello!
I have written a java applet which should talk to a server (written in
C++) using Axis/SOAP.
When I launch the containing HTML page in my webbrowser, I get the
following stack trace in the java console:
java.lang.ExceptionInInitializerError
at
org.apache.commons.discovery.jdk.JDKHooks.<clinit>(JDKHooks.java:75)
at
org.apache.commons.discovery.tools.DiscoverSingleton.find(DiscoverSingleton.java:412)
at
org.apache.commons.discovery.tools.DiscoverSingleton.find(DiscoverSingleton.java:378)
at
org.apache.axis.components.logger.LogFactory$1.run(LogFactory.java:84)
at java.security.AccessController.doPrivileged(Native Method)
at
org.apache.axis.components.logger.LogFactory.getLogFactory(LogFactory.java:80)
at
org.apache.axis.components.logger.LogFactory.<clinit>(LogFactory.java:72)
at
org.apache.axis.handlers.BasicHandler.<clinit>(BasicHandler.java:81)
at org.apache.axis.client.Service.getAxisClient(Service.java:143)
at org.apache.axis.client.Service.<init>(Service.java:152)
at pmBackend_pkg.PmBackendLocator.<init>(PmBackendLocator.java:10)
at Main.init(Main.java:19)
at sun.applet.AppletPanel.run(AppletPanel.java:353)
at java.lang.Thread.run(Thread.java:534)
Caused by: java.security.AccessControlException: access denied
(java.lang.RuntimePermission createClassLoader)
at
java.security.AccessControlContext.checkPermission(AccessControlContext.java:269)
at
java.security.AccessController.checkPermission(AccessController.java:401)
at
java.lang.SecurityManager.checkPermission(SecurityManager.java:524)
at
java.lang.SecurityManager.checkCreateClassLoader(SecurityManager.java:586)
at java.lang.ClassLoader.<init>(ClassLoader.java:210)
at
org.apache.commons.discovery.jdk.PsuedoSystemClassLoader.<init>(PsuedoSystemClassLoader.java:73)
at
org.apache.commons.discovery.jdk.JDK12Hooks.findSystemClassLoader(JDK12Hooks.java:215)
at
org.apache.commons.discovery.jdk.JDK12Hooks.<clinit>(JDK12Hooks.java:73)
... 14 more
I have already found out that creating a file with special permission
and passing the name of this file as an argument to the AppletViewer
helps to prevent this problem when testing the applet. But what if the
applet should really run in a browser?
I first thought that the problem would be solved if the server where the
applet is hosted and the server it tries to talk to (the SOAP server)
were the same. But the problem still remains.
What can I do to get my applet running? Is it necessary that the user
grants some permissions? What exactly does Axis try to do that conflicts
with the permissions?
I didn't find anything about this in the docs. Each hint is appreciated!!
Christian
Re: java.security.AccessControlException
Posted by to...@gsk.com.
Sorry, I can't help any more. However, I'm surprised that any of the
commons libraries would try to install a custom class loader.
Tony
tony.q.weddle@gsk.com wrote:
> It has been a long time since I worked with applets but I think that
> an applet can open connections with the host that served the applet.
> In this case, if the web service is hosted on the same machine as the
> applet, you should have no problems in either loading classes from the
> server or accessing web services on the server. If you want to access
> resources on the client machine or on another host, then you would
> have problems.
>
That's exactly what I thought, so I put the jar file on the same server
that should serve the soap requests. But I still got the same exception.
After some research I found out that one of the libraries (I think it
was commons-logging) tries to install a custom class loader which is not
allowed in the sandbox. This topic has already been discussed in one of
the Axis mailing lists (see
http://www.mail-archive.com/axis-dev@ws.apache.org/msg03596.html).
As I have pointed out, the only way to get around this problem seems to
be signing the applet.
Christian
Re: java.security.AccessControlException
Posted by Christian Schröder <cs...@theta-soft.de>.
tony.q.weddle@gsk.com wrote:
> It has been a long time since I worked with applets but I think that
> an applet can open connections with the host that served the applet.
> In this case, if the web service is hosted on the same machine as the
> applet, you should have no problems in either loading classes from the
> server or accessing web services on the server. If you want to access
> resources on the client machine or on another host, then you would
> have problems.
>
That's exactly what I thought, so I put the jar file on the same server
that should serve the soap requests. But I still got the same exception.
After some research I found out that one of the libraries (I think it
was commons-logging) tries to install a custom class loader which is not
allowed in the sandbox. This topic has already been discussed in one of
the Axis mailing lists (see
http://www.mail-archive.com/axis-dev@ws.apache.org/msg03596.html).
As I have pointed out, the only way to get around this problem seems to
be signing the applet.
Christian
Re: java.security.AccessControlException
Posted by to...@gsk.com.
Christian,
It has been a long time since I worked with applets but I think that an
applet can open connections with the host that served the applet. In this
case, if the web service is hosted on the same machine as the applet, you
should have no problems in either loading classes from the server or
accessing web services on the server. If you want to access resources on
the client machine or on another host, then you would have problems.
Tony
Hi again ...
Ok, I should have been done some googling before asking the mailing list.
It seems that using Axis in an applet is only possible if the jar file
is signed. But for a signed jar file, the user must accept the
signature, and I believe that many users will not be willing to do that
(simply because they don't understand what all this signature stuff is
about). Besides, my jar file is about 1.5 MB because of all the
libraries needed by Axis. These two problems taken together bring me to
the conclusion that Axis is not applicable for creating SOAPing applets.
So my (probably last ...) question is: Does a "lightweight" SOAP
implementation exist, maybe as a spin-off of Axis? Wouldn't it be one of
the first things that come to mind to create a SOAPing applet??
Perhaps this idea is worth to spend some time on it. Maybe I will start
a project in this direction ...
Christian
Christian Schröder wrote:
> Hello!
> I have written a java applet which should talk to a server (written in
> C++) using Axis/SOAP.
> When I launch the containing HTML page in my webbrowser, I get the
> following stack trace in the java console:
>
> java.lang.ExceptionInInitializerError
> [...]
> Caused by: java.security.AccessControlException: access denied
> (java.lang.RuntimePermission createClassLoader)
> [...]
>
> I have already found out that creating a file with special permission
> and passing the name of this file as an argument to the AppletViewer
> helps to prevent this problem when testing the applet. But what if the
> applet should really run in a browser?
> I first thought that the problem would be solved if the server where
> the applet is hosted and the server it tries to talk to (the SOAP
> server) were the same. But the problem still remains.
> What can I do to get my applet running? Is it necessary that the user
> grants some permissions? What exactly does Axis try to do that
> conflicts with the permissions?
> I didn't find anything about this in the docs. Each hint is
appreciated!!
>
> Christian
>
Re: java.security.AccessControlException
Posted by Christian Schröder <cs...@theta-soft.de>.
Hi again ...
Ok, I should have been done some googling before asking the mailing list.
It seems that using Axis in an applet is only possible if the jar file
is signed. But for a signed jar file, the user must accept the
signature, and I believe that many users will not be willing to do that
(simply because they don't understand what all this signature stuff is
about). Besides, my jar file is about 1.5 MB because of all the
libraries needed by Axis. These two problems taken together bring me to
the conclusion that Axis is not applicable for creating SOAPing applets.
So my (probably last ...) question is: Does a "lightweight" SOAP
implementation exist, maybe as a spin-off of Axis? Wouldn't it be one of
the first things that come to mind to create a SOAPing applet??
Perhaps this idea is worth to spend some time on it. Maybe I will start
a project in this direction ...
Christian
Christian Schröder wrote:
> Hello!
> I have written a java applet which should talk to a server (written in
> C++) using Axis/SOAP.
> When I launch the containing HTML page in my webbrowser, I get the
> following stack trace in the java console:
>
> java.lang.ExceptionInInitializerError
> [...]
> Caused by: java.security.AccessControlException: access denied
> (java.lang.RuntimePermission createClassLoader)
> [...]
>
> I have already found out that creating a file with special permission
> and passing the name of this file as an argument to the AppletViewer
> helps to prevent this problem when testing the applet. But what if the
> applet should really run in a browser?
> I first thought that the problem would be solved if the server where
> the applet is hosted and the server it tries to talk to (the SOAP
> server) were the same. But the problem still remains.
> What can I do to get my applet running? Is it necessary that the user
> grants some permissions? What exactly does Axis try to do that
> conflicts with the permissions?
> I didn't find anything about this in the docs. Each hint is appreciated!!
>
> Christian
>