You are viewing a plain text version of this content. The canonical link for it is here.

Posted to soap-user@ws.apache.org by Bobby <bo...@alve.com> on 2001/03/21 18:58:04 UTC

Security exception

Hi,

I'm using soap in a java applet and I'm getting a security exception.
Apparently a class in the soap implementation tries to read the system
property user.name which is not accessible to applets by default. I'm
running the applet in the appletviewer and Sun's jdk1.3. Here is the
relevant part of the stack trace:

java.security.AccessControlException: access denied
(java.util.PropertyPermission user.name read)
        at
java.security.AccessControlContext.checkPermission(AccessControlContext.java
:272)
        at
java.security.AccessController.checkPermission(AccessController.java:399)
        at
java.lang.SecurityManager.checkPermission(SecurityManager.java:545)
        at
java.lang.SecurityManager.checkPropertyAccess(SecurityManager.java:1278)
        at java.lang.System.getProperty(System.java:560)
        at
org.apache.soap.util.mime.MimeUtils.getUniqueValue(MimeUtils.java:84)
        at org.apache.soap.rpc.SOAPContext.setRootPart(SOAPContext.java:375)
        at org.apache.soap.rpc.SOAPContext.setRootPart(SOAPContext.java:418)
        at org.apache.soap.rpc.SOAPContext.setRootPart(SOAPContext.java:393)
        at
org.apache.soap.transport.TransportMessage.save(TransportMessage.java:303)
        at
org.apache.soap.transport.http.SOAPHTTPConnection.send(SOAPHTTPConnection.ja
va:207)
        at org.apache.soap.rpc.Call.invoke(Call.java:203)

Can you help me find a workaround other than signing the applet and
modifying the default security policy?
Thanks.

-- Bobby