You are viewing a plain text version of this content. The canonical link for it is here.

Posted to users@tomcat.apache.org by ra...@iflexsolutions.com on 2005/11/21 12:44:39 UTC

java.security.AccessControlException: access denied (java.security.SecurityPermission insertProvider.SunJCE)

Hi,

 

I am having a problem in using Security(JCE) packages in an Applet. I am
using IE and TomCat5.0 for deployment.

 

The same piece of code(reproduced below) run as a Java Application in
Eclipse works fine.

 

However, when the same applet is loaded through a .jsp page in IE, the
following exception is thrown -

 

 

java.security.AccessControlException: access denied
(java.security.SecurityPermission insertProvider.SunJCE)

            at
java.security.AccessControlContext.checkPermission(Unknown Source)

            at java.security.AccessController.checkPermission(Unknown
Source)

            at java.lang.SecurityManager.checkPermission(Unknown Source)

            at java.lang.SecurityManager.checkSecurityAccess(Unknown
Source)

            at
sun.plugin.security.ActivatorSecurityManager.checkSecurityAccess(Unknown
Source)

            at java.security.Security.check(Unknown Source)

            at java.security.Security.insertProviderAt(Unknown Source)

            at java.security.Security.addProvider(Unknown Source)

            at
ClientSecurity.ClientMD5Digest.base64hashString(ClientMD5Digest.java:44)

            at sun.reflect.NativeMethodAccessorImpl.invoke0(Native
Method)

            at sun.reflect.NativeMethodAccessorImpl.invoke(Unknown
Source)

            at sun.reflect.DelegatingMethodAccessorImpl.invoke(Unknown
Source)

            at java.lang.reflect.Method.invoke(Unknown Source)

            at sun.plugin.javascript.invoke.JSInvoke.invoke(Unknown
Source)

            at sun.reflect.NativeMethodAccessorImpl.invoke0(Native
Method)

            at sun.reflect.NativeMethodAccessorImpl.invoke(Unknown
Source)

            at sun.reflect.DelegatingMethodAccessorImpl.invoke(Unknown
Source)

            at java.lang.reflect.Method.invoke(Unknown Source)

            at sun.plugin.javascript.JSClassLoader.invoke(Unknown
Source)

            at sun.plugin.com.MethodDispatcher.invoke(Unknown Source)

            at sun.plugin.com.DispatchImpl.invokeImpl(Unknown Source)

            at sun.plugin.com.DispatchImpl$1.run(Unknown Source)

            at java.security.AccessController.doPrivileged(Native
Method)

            at sun.plugin.com.DispatchImpl.invoke(Unknown Source)

java.lang.Exception: java.security.AccessControlException: access denied
(java.security.SecurityPermission insertProvider.SunJCE)

            at sun.plugin.com.DispatchImpl.invokeImpl(Unknown Source)

            at sun.plugin.com.DispatchImpl$1.run(Unknown Source)

            at java.security.AccessController.doPrivileged(Native
Method)

            at sun.plugin.com.DispatchImpl.invoke(Unknown Source)

 

The relevant piece of code resulting in this exception is -

 

https://mytestapp.com/MyServletContainer/index.jsp makes a call to the
Applet as follows -

 

newtext = HashUtil.base64hashString(TxnXml);

 

The applet is defined as follows -

 

<applet name="HashUtil" code="ClientSecurity.ClientMD5Digest.class"

      archive="base64.jar" width="0" height="0" alt="" ></applet>

 

 

The applet code is as follows -

 

public static String base64hashString(String in_str)

      {

            System.out.println("Loading com.sun.* package class");

            Security.addProvider(new com.sun.crypto.provider.SunJCE());

            

            String s = "";

            try {

                  in_str = in_str.toUpperCase();

                  

                  MessageDigest m =
MessageDigest.getInstance(hash_method);

                  byte[] encDigest =
encryptDigest(m.digest(in_str.getBytes()));

                  

                  //s = Base64.encode(m.digest(in_str.getBytes()));

                  s = Base64.encode(encDigest);

 

            } catch(Exception e){

                  e.printStackTrace();

            }

            

            return s;

      }

 

 

private static byte[] encryptDigest(byte[] toBeEncrypted) {

            byte[] ret_array = null;

            try {

                  Cipher l_cipher = Cipher.getInstance(enc_algorithm);

                  SecretKeySpec skspec = new SecretKeySpec(seed,
enc_algorithm);

                  l_cipher.init(Cipher.ENCRYPT_MODE, skspec);

                  ret_array = l_cipher.doFinal(toBeEncrypted);

                  l_cipher = null;

                  skspec = null;

                  

            } catch (Exception e) {

                  e.printStackTrace();

            }

            return ret_array;       

      }

 

I have added the SecurityPermission entries for InsertProvider.SunJCE
etc in the server.policy file as suggested in some google results.

 

Nothing seem to work.....Any help would be greatly
appreciated......fast......

 

Regards,

Rakesh.

Re: java.security.AccessControlException: access denied (java.security.SecurityPermission insertProvider.SunJCE)

Posted by Chen Jerry <te...@gmail.com>.

Hi Rakesh,

I suppose this statement is not allowed in the default sand box:

Security.addProvider(new com.sun.crypto.provider.SunJCE());

Maybe you can singature your jar to expand your applet's privilege.

Regards,

Jerry

2005/11/21, rakesh.raja@iflexsolutions.com <ra...@iflexsolutions.com>:
>
> Hi,
>
>
>
> I am having a problem in using Security(JCE) packages in an Applet. I am
> using IE and TomCat5.0 for deployment.
>
>
>
> The same piece of code(reproduced below) run as a Java Application in
> Eclipse works fine.
>
>
>
> However, when the same applet is loaded through a .jsp page in IE, the
> following exception is thrown -
>
>
>
>
>
> java.security.AccessControlException: access denied
> (java.security.SecurityPermission insertProvider.SunJCE)
>
> at
> java.security.AccessControlContext.checkPermission(Unknown Source)
>
> at java.security.AccessController.checkPermission(Unknown
> Source)
>
> at java.lang.SecurityManager.checkPermission(Unknown Source)
>
> at java.lang.SecurityManager.checkSecurityAccess(Unknown
> Source)
>
> at
> sun.plugin.security.ActivatorSecurityManager.checkSecurityAccess(Unknown
> Source)
>
> at java.security.Security.check(Unknown Source)
>
> at java.security.Security.insertProviderAt(Unknown Source)
>
> at java.security.Security.addProvider(Unknown Source)
>
> at
> ClientSecurity.ClientMD5Digest.base64hashString(ClientMD5Digest.java:44)
>
> at sun.reflect.NativeMethodAccessorImpl.invoke0(Native
> Method)
>
> at sun.reflect.NativeMethodAccessorImpl.invoke(Unknown
> Source)
>
> at sun.reflect.DelegatingMethodAccessorImpl.invoke(Unknown
> Source)
>
> at java.lang.reflect.Method.invoke(Unknown Source)
>
> at sun.plugin.javascript.invoke.JSInvoke.invoke(Unknown
> Source)
>
> at sun.reflect.NativeMethodAccessorImpl.invoke0(Native
> Method)
>
> at sun.reflect.NativeMethodAccessorImpl.invoke(Unknown
> Source)
>
> at sun.reflect.DelegatingMethodAccessorImpl.invoke(Unknown
> Source)
>
> at java.lang.reflect.Method.invoke(Unknown Source)
>
> at sun.plugin.javascript.JSClassLoader.invoke(Unknown
> Source)
>
> at sun.plugin.com.MethodDispatcher.invoke(Unknown Source)
>
> at sun.plugin.com.DispatchImpl.invokeImpl(Unknown Source)
>
> at sun.plugin.com.DispatchImpl$1.run(Unknown Source)
>
> at java.security.AccessController.doPrivileged(Native
> Method)
>
> at sun.plugin.com.DispatchImpl.invoke(Unknown Source)
>
> java.lang.Exception: java.security.AccessControlException: access denied
> (java.security.SecurityPermission insertProvider.SunJCE)
>
> at sun.plugin.com.DispatchImpl.invokeImpl(Unknown Source)
>
> at sun.plugin.com.DispatchImpl$1.run(Unknown Source)
>
> at java.security.AccessController.doPrivileged(Native
> Method)
>
> at sun.plugin.com.DispatchImpl.invoke(Unknown Source)
>
>
>
> The relevant piece of code resulting in this exception is -
>
>
>
> https://mytestapp.com/MyServletContainer/index.jsp makes a call to the
> Applet as follows -
>
>
>
> newtext = HashUtil.base64hashString(TxnXml);
>
>
>
> The applet is defined as follows -
>
>
>
> <applet name="HashUtil" code="ClientSecurity.ClientMD5Digest.class"
>
> archive="base64.jar" width="0" height="0" alt="" ></applet>
>
>
>
>
>
> The applet code is as follows -
>
>
>
> public static String base64hashString(String in_str)
>
> {
>
> System.out.println("Loading com.sun.* package class");
>
> Security.addProvider(new com.sun.crypto.provider.SunJCE());
>
>
>
> String s = "";
>
> try {
>
> in_str = in_str.toUpperCase();
>
>
>
> MessageDigest m =
> MessageDigest.getInstance(hash_method);
>
> byte[] encDigest =
> encryptDigest(m.digest(in_str.getBytes()));
>
>
>
> //s = Base64.encode(m.digest(in_str.getBytes()));
>
> s = Base64.encode(encDigest);
>
>
>
> } catch(Exception e){
>
> e.printStackTrace();
>
> }
>
>
>
> return s;
>
> }
>
>
>
>
>
> private static byte[] encryptDigest(byte[] toBeEncrypted) {
>
> byte[] ret_array = null;
>
> try {
>
> Cipher l_cipher = Cipher.getInstance(enc_algorithm);
>
> SecretKeySpec skspec = new SecretKeySpec(seed,
> enc_algorithm);
>
> l_cipher.init(Cipher.ENCRYPT_MODE, skspec);
>
> ret_array = l_cipher.doFinal(toBeEncrypted);
>
> l_cipher = null;
>
> skspec = null;
>
>
>
> } catch (Exception e) {
>
> e.printStackTrace();
>
> }
>
> return ret_array;
>
> }
>
>
>
> I have added the SecurityPermission entries for InsertProvider.SunJCE
> etc in the server.policy file as suggested in some google results.
>
>
>
> Nothing seem to work.....Any help would be greatly
> appreciated......fast......
>
>
>
> Regards,
>
> Rakesh.
>
>
>