You are viewing a plain text version of this content. The canonical link for it is here.
Posted to wsif-dev@ws.apache.org by "Luis Rivera (JIRA)" <ws...@ws.apache.org> on 2005/07/12 20:44:09 UTC
[jira] Created: (WSIF-70) Axis Client crashes the applet unless new permissions are added to the policy file (or a custom security manager is used)
Axis Client crashes the applet unless new permissions are added to the policy file (or a custom security manager is used)
-------------------------------------------------------------------------------------------------------------------------
Key: WSIF-70
URL: http://issues.apache.org/jira/browse/WSIF-70
Project: Axis-WSIF
Type: Bug
Components: Basic Architecture
Versions: current (nightly)
Environment: WindowsXP, Sun jdk1.5.0_03 (running client inside an applet), Axis 1.2.1, commons-logging-1.0.4, commons-httpclient-3.0-rc3, using ant 1.6.5 and a laptop IBM Thinkpad R51
Reporter: Luis Rivera
Priority: Blocker
To solve the following kind of exceptions,
***********************************************************************************************************
java.lang.ExceptionInInitializerError
at org.apache.commons.discovery.jdk.JDKHooks.<clinit>(JDKHooks.java:75)
at org.apache.commons.discovery.tools.DiscoverSingleton.find(DiscoverSingleton.java:412)
at org.apache.commons.discovery.tools.DiscoverSingleton.find(DiscoverSingleton.java:378)
at org.apache.axis.components.logger.LogFactory$1.run(LogFactory.java:45)
at java.security.AccessController.doPrivileged(Native Method)
at org.apache.axis.components.logger.LogFactory.getLogFactory(LogFactory.java:41)
at org.apache.axis.components.logger.LogFactory.<clinit>(LogFactory.java:33)
at org.apache.axis.handlers.BasicHandler.<clinit>(BasicHandler.java:43)
at org.apache.axis.client.Service.getAxisClient(Service.java:103)
at org.apache.axis.client.Service.<init>(Service.java:112)
at vcas.gui.wsdl.VCASLocator.<init>(Unknown Source)
at vcas.gui.vss.VSSApplet.init(Unknown Source)
at sun.applet.AppletPanel.run(AppletPanel.java:374)
at java.lang.Thread.run(Thread.java:595)
Caused by: java.security.AccessControlException: access denied (java.lang.RuntimePermission createClassLoader)
at java.security.AccessControlContext.checkPermission(AccessControlContext.java:264)
at java.security.AccessController.checkPermission(AccessController.java:427)
at java.lang.SecurityManager.checkPermission(SecurityManager.java:532)
at java.lang.SecurityManager.checkCreateClassLoader(SecurityManager.java:594)
at java.lang.ClassLoader.<init>(ClassLoader.java:225)
at org.apache.commons.discovery.jdk.PsuedoSystemClassLoader.<init>(PsuedoSystemClassLoader.java:73)
at org.apache.commons.discovery.jdk.JDK12Hooks.findSystemClassLoader(JDK12Hooks.java:215)
at org.apache.commons.discovery.jdk.JDK12Hooks.<clinit>(JDK12Hooks.java:73)
... 14 more
*********************************************************************************************************************************
I had to add the following permissions to a custom policy file.
********************************************************************************************************************************
permission java.lang.RuntimePermission "createClassLoader";
permission java.lang.RuntimePermission "getClassLoader";
permission java.util.PropertyPermission "org.apache.commons.discovery.log.level", "read";
permission java.util.PropertyPermission "axis.EngineConfigFactory","read";
permission java.util.PropertyPermission "org.apache.axis.EngineConfigurationFactory","read";
permission java.util.PropertyPermission "axis.ClientConfigFile","read";
permission java.util.PropertyPermission "axis.ServerConfigFile","read";
permission java.util.PropertyPermission "axis.xml.reuseParsers","read";
permission java.util.PropertyPermission "axis.attachments.implementation","read";
********************************************************************************************************************************
So, I see that part of the problem is appache commons logger and other libraries trying to read and write to files, including the commons logger used by axis. I wanted to know if there is a simple way to prevent this or if I there exist a version of the Axis library without these issues, so it can happily work inside the sandbox with the default permissions, I would be happy to try it.
Thanks in advance,
--Luis R.
--
This message is automatically generated by JIRA.
-
If you think it was sent incorrectly contact one of the administrators:
http://issues.apache.org/jira/secure/Administrators.jspa
-
For more information on JIRA, see:
http://www.atlassian.com/software/jira
[jira] Commented: (WSIF-70) Axis Client crashes the applet unless new permissions are added to the policy file (or a custom security manager is used)
Posted by "Luis Rivera (JIRA)" <ws...@ws.apache.org>.
[ http://issues.apache.org/jira/browse/WSIF-70?page=comments#action_12315776 ]
Luis Rivera commented on WSIF-70:
---------------------------------
Well, the list of permissions I have to add to the policy file has grown, this is the current list !!!
permission java.lang.RuntimePermission "createClassLoader";
permission java.lang.RuntimePermission "getClassLoader";
permission java.util.PropertyPermission "org.apache.commons.discovery.log.level", "read";
permission java.util.PropertyPermission "axis.EngineConfigFactory","read";
permission java.util.PropertyPermission "org.apache.axis.EngineConfigurationFactory","read";
permission java.util.PropertyPermission "axis.ClientConfigFile","read";
permission java.util.PropertyPermission "axis.ServerConfigFile","read";
permission java.util.PropertyPermission "axis.xml.reuseParsers","read";
permission java.util.PropertyPermission "http.nonProxyHosts","read";
permission java.util.PropertyPermission "http.proxyHost","read";
permission java.util.PropertyPermission "axis.byteBuffer.cacheIncrement","read";
permission java.util.PropertyPermission "axis.byteBuffer.residentMaxSize","read";
permission java.util.PropertyPermission "axis.byteBuffer.workBufferSize","read";
permission java.util.PropertyPermission "axis.byteBuffer.backing","read";
permission java.util.PropertyPermission "axis.attachments.implementation","read";
permission java.util.PropertyPermission "axis.attachments.implementation","read";
permission java.util.PropertyPermission "axis.http.client.maximum.connections.per.host","read";
permission java.util.PropertyPermission "axis.http.client.maximum.total.connections","read";
permission java.util.PropertyPermission "axis.http.client.connection.default.connection.timeout","read";
permission java.util.PropertyPermission "axis.http.client.connection.default.so.timeout","read";
permission java.util.PropertyPermission "axis.http.client.connection.pool.timeout","read";
permission java.util.PropertyPermission "java.protocol.handler.pkgs","read";
permission java.util.PropertyPermission "java.protocol.handler.pkgs","write";
> Axis Client crashes the applet unless new permissions are added to the policy file (or a custom security manager is used)
> -------------------------------------------------------------------------------------------------------------------------
>
> Key: WSIF-70
> URL: http://issues.apache.org/jira/browse/WSIF-70
> Project: Axis-WSIF
> Type: Bug
> Components: Basic Architecture
> Versions: current (nightly)
> Environment: WindowsXP, Sun jdk1.5.0_03 (running client inside an applet), Axis 1.2.1, commons-logging-1.0.4, commons-httpclient-3.0-rc3, using ant 1.6.5 and a laptop IBM Thinkpad R51
> Reporter: Luis Rivera
> Priority: Blocker
>
> To solve the following kind of exceptions,
> ***********************************************************************************************************
> java.lang.ExceptionInInitializerError
> at org.apache.commons.discovery.jdk.JDKHooks.<clinit>(JDKHooks.java:75)
> at org.apache.commons.discovery.tools.DiscoverSingleton.find(DiscoverSingleton.java:412)
> at org.apache.commons.discovery.tools.DiscoverSingleton.find(DiscoverSingleton.java:378)
> at org.apache.axis.components.logger.LogFactory$1.run(LogFactory.java:45)
> at java.security.AccessController.doPrivileged(Native Method)
> at org.apache.axis.components.logger.LogFactory.getLogFactory(LogFactory.java:41)
> at org.apache.axis.components.logger.LogFactory.<clinit>(LogFactory.java:33)
> at org.apache.axis.handlers.BasicHandler.<clinit>(BasicHandler.java:43)
> at org.apache.axis.client.Service.getAxisClient(Service.java:103)
> at org.apache.axis.client.Service.<init>(Service.java:112)
> at vcas.gui.wsdl.VCASLocator.<init>(Unknown Source)
> at vcas.gui.vss.VSSApplet.init(Unknown Source)
> at sun.applet.AppletPanel.run(AppletPanel.java:374)
> at java.lang.Thread.run(Thread.java:595)
> Caused by: java.security.AccessControlException: access denied (java.lang.RuntimePermission createClassLoader)
> at java.security.AccessControlContext.checkPermission(AccessControlContext.java:264)
> at java.security.AccessController.checkPermission(AccessController.java:427)
> at java.lang.SecurityManager.checkPermission(SecurityManager.java:532)
> at java.lang.SecurityManager.checkCreateClassLoader(SecurityManager.java:594)
> at java.lang.ClassLoader.<init>(ClassLoader.java:225)
> at org.apache.commons.discovery.jdk.PsuedoSystemClassLoader.<init>(PsuedoSystemClassLoader.java:73)
> at org.apache.commons.discovery.jdk.JDK12Hooks.findSystemClassLoader(JDK12Hooks.java:215)
> at org.apache.commons.discovery.jdk.JDK12Hooks.<clinit>(JDK12Hooks.java:73)
> ... 14 more
> *********************************************************************************************************************************
> I had to add the following permissions to a custom policy file.
> ********************************************************************************************************************************
> permission java.lang.RuntimePermission "createClassLoader";
> permission java.lang.RuntimePermission "getClassLoader";
> permission java.util.PropertyPermission "org.apache.commons.discovery.log.level", "read";
> permission java.util.PropertyPermission "axis.EngineConfigFactory","read";
> permission java.util.PropertyPermission "org.apache.axis.EngineConfigurationFactory","read";
> permission java.util.PropertyPermission "axis.ClientConfigFile","read";
> permission java.util.PropertyPermission "axis.ServerConfigFile","read";
> permission java.util.PropertyPermission "axis.xml.reuseParsers","read";
> permission java.util.PropertyPermission "axis.attachments.implementation","read";
> ********************************************************************************************************************************
> So, I see that part of the problem is appache commons logger and other libraries trying to read and write to files, including the commons logger used by axis. I wanted to know if there is a simple way to prevent this or if I there exist a version of the Axis library without these issues, so it can happily work inside the sandbox with the default permissions, I would be happy to try it.
> Thanks in advance,
> --Luis R.
--
This message is automatically generated by JIRA.
-
If you think it was sent incorrectly contact one of the administrators:
http://issues.apache.org/jira/secure/Administrators.jspa
-
For more information on JIRA, see:
http://www.atlassian.com/software/jira
[jira] Commented: (WSIF-70) Axis Client crashes the applet unless new permissions are added to the policy file (or a custom security manager is used)
Posted by "Luis Rivera (JIRA)" <ws...@ws.apache.org>.
[ http://issues.apache.org/jira/browse/WSIF-70?page=comments#action_12316874 ]
Luis Rivera commented on WSIF-70:
---------------------------------
A NullSecurityManager and signing the applet allows the applet to work. In order to get rid of the custom security manager would require modification of the axis packages. Here I repost the email I sent before and the reply from Mark. I'll add Mike's file as soon as I figure out what I am really patching.
*******************************************************************************************
We used applets with Axis and it was very tedious. The performance was very
bad due to all of the GET request originating from the classloaders as you
mention. One thing we did was to create a _Helper class for every class
that we used so that it actually could be found in the axis.jar file (e.g.
HashMap_Helper, Vector_Helper). These helper classes don't do anything
except exist so that the classloader doesn't try to go back to the server to
find them. We also hacked org.apache.axis.utils.ClassUtils so that it used
our helper classes instead of trying to find them (see attached).
We still could not eliminate all of the GET requests but they were reduced.
Good luck,
Mark
*******************************************************************************************
Hi,
Ok, I have spent the day looking at axis code, tyring to assest how much
work it would need to make my applets/axis work without the
NullSecurityManager. What I found was not pretty, because turns out that
getting rid of the logging code it's the easy part, the hard part is dealing
with the commons-discovery package that, not only uses the commong-logging
package extensively, but it in itself is the basis of the
EngineConfigurationFactoryFinder. The problem as I see it (a problem if you
are using an applet of course) is that the discovery creates a class loader
for each property or class it loads.
Now, I don't think I know the design that well to say that there is no easy
fix, but I see several options about how to deal with this:
1) Design an alternative AxisEngineApplet (instead of AxisEngine) to be used
by the Service class, which will not make use of the commons-discovery
package.
2) An alternative EngineConfigurationFactoryFinder? ... I don't know if this
could help, seems like you gain nothing as long as you use the
commons-discovery package.
3) Hack the discovery-commons package ... this is ugly, sounds more like
redesign than a hack. I don't think this is a good option, right?
4) Probably there is already a version that does something like this?
5) Get rid of applets and find another way to use AXIS-SOAP, Java and the
browser ... JavaScript? what other alternatives do I have?
Please let me know if any of this makes any sense. I would appreciate
comments one way or another.
Thanks in advance,
--Luis R.
> Axis Client crashes the applet unless new permissions are added to the policy file (or a custom security manager is used)
> -------------------------------------------------------------------------------------------------------------------------
>
> Key: WSIF-70
> URL: http://issues.apache.org/jira/browse/WSIF-70
> Project: Axis-WSIF
> Type: Bug
> Components: Basic Architecture
> Versions: current (nightly)
> Environment: WindowsXP, Sun jdk1.5.0_03 (running client inside an applet), Axis 1.2.1, commons-logging-1.0.4, commons-httpclient-3.0-rc3, using ant 1.6.5 and a laptop IBM Thinkpad R51
> Reporter: Luis Rivera
> Priority: Blocker
> Attachments: ClassUtils.java
>
> To solve the following kind of exceptions,
> ***********************************************************************************************************
> java.lang.ExceptionInInitializerError
> at org.apache.commons.discovery.jdk.JDKHooks.<clinit>(JDKHooks.java:75)
> at org.apache.commons.discovery.tools.DiscoverSingleton.find(DiscoverSingleton.java:412)
> at org.apache.commons.discovery.tools.DiscoverSingleton.find(DiscoverSingleton.java:378)
> at org.apache.axis.components.logger.LogFactory$1.run(LogFactory.java:45)
> at java.security.AccessController.doPrivileged(Native Method)
> at org.apache.axis.components.logger.LogFactory.getLogFactory(LogFactory.java:41)
> at org.apache.axis.components.logger.LogFactory.<clinit>(LogFactory.java:33)
> at org.apache.axis.handlers.BasicHandler.<clinit>(BasicHandler.java:43)
> at org.apache.axis.client.Service.getAxisClient(Service.java:103)
> at org.apache.axis.client.Service.<init>(Service.java:112)
> at vcas.gui.wsdl.VCASLocator.<init>(Unknown Source)
> at vcas.gui.vss.VSSApplet.init(Unknown Source)
> at sun.applet.AppletPanel.run(AppletPanel.java:374)
> at java.lang.Thread.run(Thread.java:595)
> Caused by: java.security.AccessControlException: access denied (java.lang.RuntimePermission createClassLoader)
> at java.security.AccessControlContext.checkPermission(AccessControlContext.java:264)
> at java.security.AccessController.checkPermission(AccessController.java:427)
> at java.lang.SecurityManager.checkPermission(SecurityManager.java:532)
> at java.lang.SecurityManager.checkCreateClassLoader(SecurityManager.java:594)
> at java.lang.ClassLoader.<init>(ClassLoader.java:225)
> at org.apache.commons.discovery.jdk.PsuedoSystemClassLoader.<init>(PsuedoSystemClassLoader.java:73)
> at org.apache.commons.discovery.jdk.JDK12Hooks.findSystemClassLoader(JDK12Hooks.java:215)
> at org.apache.commons.discovery.jdk.JDK12Hooks.<clinit>(JDK12Hooks.java:73)
> ... 14 more
> *********************************************************************************************************************************
> I had to add the following permissions to a custom policy file.
> ********************************************************************************************************************************
> permission java.lang.RuntimePermission "createClassLoader";
> permission java.lang.RuntimePermission "getClassLoader";
> permission java.util.PropertyPermission "org.apache.commons.discovery.log.level", "read";
> permission java.util.PropertyPermission "axis.EngineConfigFactory","read";
> permission java.util.PropertyPermission "org.apache.axis.EngineConfigurationFactory","read";
> permission java.util.PropertyPermission "axis.ClientConfigFile","read";
> permission java.util.PropertyPermission "axis.ServerConfigFile","read";
> permission java.util.PropertyPermission "axis.xml.reuseParsers","read";
> permission java.util.PropertyPermission "axis.attachments.implementation","read";
> ********************************************************************************************************************************
> So, I see that part of the problem is appache commons logger and other libraries trying to read and write to files, including the commons logger used by axis. I wanted to know if there is a simple way to prevent this or if I there exist a version of the Axis library without these issues, so it can happily work inside the sandbox with the default permissions, I would be happy to try it.
> Thanks in advance,
> --Luis R.
--
This message is automatically generated by JIRA.
-
If you think it was sent incorrectly contact one of the administrators:
http://issues.apache.org/jira/secure/Administrators.jspa
-
For more information on JIRA, see:
http://www.atlassian.com/software/jira
[jira] Updated: (WSIF-70) Axis Client crashes the applet unless new permissions are added to the policy file (or a custom security manager is used)
Posted by "Luis Rivera (JIRA)" <ws...@ws.apache.org>.
[ http://issues.apache.org/jira/browse/WSIF-70?page=all ]
Luis Rivera updated WSIF-70:
----------------------------
Attachment: ClassUtils.java
Luis,
We used applets with Axis and it was very tedious. The performance was very
bad due to all of the GET request originating from the classloaders as you
mention. One thing we did was to create a _Helper class for every class
that we used so that it actually could be found in the axis.jar file (e.g.
HashMap_Helper, Vector_Helper). These helper classes don't do anything
except exist so that the classloader doesn't try to go back to the server to
find them. We also hacked org.apache.axis.utils.ClassUtils so that it used
our helper classes instead of trying to find them (see attached).
We still could not eliminate all of the GET requests but they were reduced.
Good luck,
Mark
> Axis Client crashes the applet unless new permissions are added to the policy file (or a custom security manager is used)
> -------------------------------------------------------------------------------------------------------------------------
>
> Key: WSIF-70
> URL: http://issues.apache.org/jira/browse/WSIF-70
> Project: Axis-WSIF
> Type: Bug
> Components: Basic Architecture
> Versions: current (nightly)
> Environment: WindowsXP, Sun jdk1.5.0_03 (running client inside an applet), Axis 1.2.1, commons-logging-1.0.4, commons-httpclient-3.0-rc3, using ant 1.6.5 and a laptop IBM Thinkpad R51
> Reporter: Luis Rivera
> Priority: Blocker
> Attachments: ClassUtils.java
>
> To solve the following kind of exceptions,
> ***********************************************************************************************************
> java.lang.ExceptionInInitializerError
> at org.apache.commons.discovery.jdk.JDKHooks.<clinit>(JDKHooks.java:75)
> at org.apache.commons.discovery.tools.DiscoverSingleton.find(DiscoverSingleton.java:412)
> at org.apache.commons.discovery.tools.DiscoverSingleton.find(DiscoverSingleton.java:378)
> at org.apache.axis.components.logger.LogFactory$1.run(LogFactory.java:45)
> at java.security.AccessController.doPrivileged(Native Method)
> at org.apache.axis.components.logger.LogFactory.getLogFactory(LogFactory.java:41)
> at org.apache.axis.components.logger.LogFactory.<clinit>(LogFactory.java:33)
> at org.apache.axis.handlers.BasicHandler.<clinit>(BasicHandler.java:43)
> at org.apache.axis.client.Service.getAxisClient(Service.java:103)
> at org.apache.axis.client.Service.<init>(Service.java:112)
> at vcas.gui.wsdl.VCASLocator.<init>(Unknown Source)
> at vcas.gui.vss.VSSApplet.init(Unknown Source)
> at sun.applet.AppletPanel.run(AppletPanel.java:374)
> at java.lang.Thread.run(Thread.java:595)
> Caused by: java.security.AccessControlException: access denied (java.lang.RuntimePermission createClassLoader)
> at java.security.AccessControlContext.checkPermission(AccessControlContext.java:264)
> at java.security.AccessController.checkPermission(AccessController.java:427)
> at java.lang.SecurityManager.checkPermission(SecurityManager.java:532)
> at java.lang.SecurityManager.checkCreateClassLoader(SecurityManager.java:594)
> at java.lang.ClassLoader.<init>(ClassLoader.java:225)
> at org.apache.commons.discovery.jdk.PsuedoSystemClassLoader.<init>(PsuedoSystemClassLoader.java:73)
> at org.apache.commons.discovery.jdk.JDK12Hooks.findSystemClassLoader(JDK12Hooks.java:215)
> at org.apache.commons.discovery.jdk.JDK12Hooks.<clinit>(JDK12Hooks.java:73)
> ... 14 more
> *********************************************************************************************************************************
> I had to add the following permissions to a custom policy file.
> ********************************************************************************************************************************
> permission java.lang.RuntimePermission "createClassLoader";
> permission java.lang.RuntimePermission "getClassLoader";
> permission java.util.PropertyPermission "org.apache.commons.discovery.log.level", "read";
> permission java.util.PropertyPermission "axis.EngineConfigFactory","read";
> permission java.util.PropertyPermission "org.apache.axis.EngineConfigurationFactory","read";
> permission java.util.PropertyPermission "axis.ClientConfigFile","read";
> permission java.util.PropertyPermission "axis.ServerConfigFile","read";
> permission java.util.PropertyPermission "axis.xml.reuseParsers","read";
> permission java.util.PropertyPermission "axis.attachments.implementation","read";
> ********************************************************************************************************************************
> So, I see that part of the problem is appache commons logger and other libraries trying to read and write to files, including the commons logger used by axis. I wanted to know if there is a simple way to prevent this or if I there exist a version of the Axis library without these issues, so it can happily work inside the sandbox with the default permissions, I would be happy to try it.
> Thanks in advance,
> --Luis R.
--
This message is automatically generated by JIRA.
-
If you think it was sent incorrectly contact one of the administrators:
http://issues.apache.org/jira/secure/Administrators.jspa
-
For more information on JIRA, see:
http://www.atlassian.com/software/jira
[jira] Commented: (WSIF-70) Axis Client crashes the applet unless new permissions are added to the policy file (or a custom security manager is used)
Posted by "Luis Rivera (JIRA)" <ws...@ws.apache.org>.
[ http://issues.apache.org/jira/browse/WSIF-70?page=comments#action_12315812 ]
Luis Rivera commented on WSIF-70:
---------------------------------
Even using the jar file form this link
(http://cvs.apache.org/repository/commons-discovery/jars/)
I still get the following Exception (when creating a class loader inside an applet)
************************************************************************************************************
java.lang.ExceptionInInitializerError
at org.apache.commons.discovery.jdk.JDKHooks.<clinit>(JDKHooks.java:29)
at org.apache.commons.discovery.tools.DiscoverSingleton.find(DiscoverSingleton.java:366)
at org.apache.commons.discovery.tools.DiscoverSingleton.find(DiscoverSingleton.java:332)
at org.apache.axis.components.logger.LogFactory$1.run(LogFactory.java:45)
at java.security.AccessController.doPrivileged(Native Method)
at org.apache.axis.components.logger.LogFactory.getLogFactory(LogFactory.java:41)
at org.apache.axis.components.logger.LogFactory.<clinit>(LogFactory.java:33)
at org.apache.axis.handlers.BasicHandler.<clinit>(BasicHandler.java:43)
at org.apache.axis.client.Service.getAxisClient(Service.java:103)
at org.apache.axis.client.Service.<init>(Service.java:112)
at vcas.gui.wsdl.VCASLocator.<init>(Unknown Source)
at vcas.gui.vss.VSSApplet.init(Unknown Source)
at sun.applet.AppletPanel.run(AppletPanel.java:374)
at java.lang.Thread.run(Thread.java:595)
Caused by: java.security.AccessControlException: access denied (java.lang.RuntimePermission createClassLoader)
at java.security.AccessControlContext.checkPermission(AccessControlContext.java:264)
at java.security.AccessController.checkPermission(AccessController.java:427)
at java.lang.SecurityManager.checkPermission(SecurityManager.java:532)
at java.lang.SecurityManager.checkCreateClassLoader(SecurityManager.java:594)
at java.lang.ClassLoader.<init>(ClassLoader.java:225)
at org.apache.commons.discovery.jdk.PsuedoSystemClassLoader.<init>(PsuedoSystemClassLoader.java:27)
at org.apache.commons.discovery.jdk.JDK12Hooks.findSystemClassLoader(JDK12Hooks.java:213)
at org.apache.commons.discovery.jdk.JDK12Hooks.<clinit>(JDK12Hooks.java:38)
... 14 more
> Axis Client crashes the applet unless new permissions are added to the policy file (or a custom security manager is used)
> -------------------------------------------------------------------------------------------------------------------------
>
> Key: WSIF-70
> URL: http://issues.apache.org/jira/browse/WSIF-70
> Project: Axis-WSIF
> Type: Bug
> Components: Basic Architecture
> Versions: current (nightly)
> Environment: WindowsXP, Sun jdk1.5.0_03 (running client inside an applet), Axis 1.2.1, commons-logging-1.0.4, commons-httpclient-3.0-rc3, using ant 1.6.5 and a laptop IBM Thinkpad R51
> Reporter: Luis Rivera
> Priority: Blocker
>
> To solve the following kind of exceptions,
> ***********************************************************************************************************
> java.lang.ExceptionInInitializerError
> at org.apache.commons.discovery.jdk.JDKHooks.<clinit>(JDKHooks.java:75)
> at org.apache.commons.discovery.tools.DiscoverSingleton.find(DiscoverSingleton.java:412)
> at org.apache.commons.discovery.tools.DiscoverSingleton.find(DiscoverSingleton.java:378)
> at org.apache.axis.components.logger.LogFactory$1.run(LogFactory.java:45)
> at java.security.AccessController.doPrivileged(Native Method)
> at org.apache.axis.components.logger.LogFactory.getLogFactory(LogFactory.java:41)
> at org.apache.axis.components.logger.LogFactory.<clinit>(LogFactory.java:33)
> at org.apache.axis.handlers.BasicHandler.<clinit>(BasicHandler.java:43)
> at org.apache.axis.client.Service.getAxisClient(Service.java:103)
> at org.apache.axis.client.Service.<init>(Service.java:112)
> at vcas.gui.wsdl.VCASLocator.<init>(Unknown Source)
> at vcas.gui.vss.VSSApplet.init(Unknown Source)
> at sun.applet.AppletPanel.run(AppletPanel.java:374)
> at java.lang.Thread.run(Thread.java:595)
> Caused by: java.security.AccessControlException: access denied (java.lang.RuntimePermission createClassLoader)
> at java.security.AccessControlContext.checkPermission(AccessControlContext.java:264)
> at java.security.AccessController.checkPermission(AccessController.java:427)
> at java.lang.SecurityManager.checkPermission(SecurityManager.java:532)
> at java.lang.SecurityManager.checkCreateClassLoader(SecurityManager.java:594)
> at java.lang.ClassLoader.<init>(ClassLoader.java:225)
> at org.apache.commons.discovery.jdk.PsuedoSystemClassLoader.<init>(PsuedoSystemClassLoader.java:73)
> at org.apache.commons.discovery.jdk.JDK12Hooks.findSystemClassLoader(JDK12Hooks.java:215)
> at org.apache.commons.discovery.jdk.JDK12Hooks.<clinit>(JDK12Hooks.java:73)
> ... 14 more
> *********************************************************************************************************************************
> I had to add the following permissions to a custom policy file.
> ********************************************************************************************************************************
> permission java.lang.RuntimePermission "createClassLoader";
> permission java.lang.RuntimePermission "getClassLoader";
> permission java.util.PropertyPermission "org.apache.commons.discovery.log.level", "read";
> permission java.util.PropertyPermission "axis.EngineConfigFactory","read";
> permission java.util.PropertyPermission "org.apache.axis.EngineConfigurationFactory","read";
> permission java.util.PropertyPermission "axis.ClientConfigFile","read";
> permission java.util.PropertyPermission "axis.ServerConfigFile","read";
> permission java.util.PropertyPermission "axis.xml.reuseParsers","read";
> permission java.util.PropertyPermission "axis.attachments.implementation","read";
> ********************************************************************************************************************************
> So, I see that part of the problem is appache commons logger and other libraries trying to read and write to files, including the commons logger used by axis. I wanted to know if there is a simple way to prevent this or if I there exist a version of the Axis library without these issues, so it can happily work inside the sandbox with the default permissions, I would be happy to try it.
> Thanks in advance,
> --Luis R.
--
This message is automatically generated by JIRA.
-
If you think it was sent incorrectly contact one of the administrators:
http://issues.apache.org/jira/secure/Administrators.jspa
-
For more information on JIRA, see:
http://www.atlassian.com/software/jira
[jira] Commented: (WSIF-70) Axis Client crashes the applet unless new permissions are added to the policy file (or a custom security manager is used)
Posted by "Henry Chan (JIRA)" <ws...@ws.apache.org>.
[ http://issues.apache.org/jira/browse/WSIF-70?page=comments#action_12315639 ]
Henry Chan commented on WSIF-70:
--------------------------------
Definitely doesn't work with 1.5 in Applet mode, I wonder does it work as an application
under 1.5? Tried it with 1.4.2 and it works fine:
http://people.apache.org/~hchan/wsInvoker/wsInvokerApplet.html
I'll definitely look at 1.5 as soon as I get freed up
> Axis Client crashes the applet unless new permissions are added to the policy file (or a custom security manager is used)
> -------------------------------------------------------------------------------------------------------------------------
>
> Key: WSIF-70
> URL: http://issues.apache.org/jira/browse/WSIF-70
> Project: Axis-WSIF
> Type: Bug
> Components: Basic Architecture
> Versions: current (nightly)
> Environment: WindowsXP, Sun jdk1.5.0_03 (running client inside an applet), Axis 1.2.1, commons-logging-1.0.4, commons-httpclient-3.0-rc3, using ant 1.6.5 and a laptop IBM Thinkpad R51
> Reporter: Luis Rivera
> Priority: Blocker
>
> To solve the following kind of exceptions,
> ***********************************************************************************************************
> java.lang.ExceptionInInitializerError
> at org.apache.commons.discovery.jdk.JDKHooks.<clinit>(JDKHooks.java:75)
> at org.apache.commons.discovery.tools.DiscoverSingleton.find(DiscoverSingleton.java:412)
> at org.apache.commons.discovery.tools.DiscoverSingleton.find(DiscoverSingleton.java:378)
> at org.apache.axis.components.logger.LogFactory$1.run(LogFactory.java:45)
> at java.security.AccessController.doPrivileged(Native Method)
> at org.apache.axis.components.logger.LogFactory.getLogFactory(LogFactory.java:41)
> at org.apache.axis.components.logger.LogFactory.<clinit>(LogFactory.java:33)
> at org.apache.axis.handlers.BasicHandler.<clinit>(BasicHandler.java:43)
> at org.apache.axis.client.Service.getAxisClient(Service.java:103)
> at org.apache.axis.client.Service.<init>(Service.java:112)
> at vcas.gui.wsdl.VCASLocator.<init>(Unknown Source)
> at vcas.gui.vss.VSSApplet.init(Unknown Source)
> at sun.applet.AppletPanel.run(AppletPanel.java:374)
> at java.lang.Thread.run(Thread.java:595)
> Caused by: java.security.AccessControlException: access denied (java.lang.RuntimePermission createClassLoader)
> at java.security.AccessControlContext.checkPermission(AccessControlContext.java:264)
> at java.security.AccessController.checkPermission(AccessController.java:427)
> at java.lang.SecurityManager.checkPermission(SecurityManager.java:532)
> at java.lang.SecurityManager.checkCreateClassLoader(SecurityManager.java:594)
> at java.lang.ClassLoader.<init>(ClassLoader.java:225)
> at org.apache.commons.discovery.jdk.PsuedoSystemClassLoader.<init>(PsuedoSystemClassLoader.java:73)
> at org.apache.commons.discovery.jdk.JDK12Hooks.findSystemClassLoader(JDK12Hooks.java:215)
> at org.apache.commons.discovery.jdk.JDK12Hooks.<clinit>(JDK12Hooks.java:73)
> ... 14 more
> *********************************************************************************************************************************
> I had to add the following permissions to a custom policy file.
> ********************************************************************************************************************************
> permission java.lang.RuntimePermission "createClassLoader";
> permission java.lang.RuntimePermission "getClassLoader";
> permission java.util.PropertyPermission "org.apache.commons.discovery.log.level", "read";
> permission java.util.PropertyPermission "axis.EngineConfigFactory","read";
> permission java.util.PropertyPermission "org.apache.axis.EngineConfigurationFactory","read";
> permission java.util.PropertyPermission "axis.ClientConfigFile","read";
> permission java.util.PropertyPermission "axis.ServerConfigFile","read";
> permission java.util.PropertyPermission "axis.xml.reuseParsers","read";
> permission java.util.PropertyPermission "axis.attachments.implementation","read";
> ********************************************************************************************************************************
> So, I see that part of the problem is appache commons logger and other libraries trying to read and write to files, including the commons logger used by axis. I wanted to know if there is a simple way to prevent this or if I there exist a version of the Axis library without these issues, so it can happily work inside the sandbox with the default permissions, I would be happy to try it.
> Thanks in advance,
> --Luis R.
--
This message is automatically generated by JIRA.
-
If you think it was sent incorrectly contact one of the administrators:
http://issues.apache.org/jira/secure/Administrators.jspa
-
For more information on JIRA, see:
http://www.atlassian.com/software/jira