You are viewing a plain text version of this content. The canonical link for it is here.
Posted to users@tomcat.apache.org by ra...@iflexsolutions.com on 2005/11/21 12:44:39 UTC
java.security.AccessControlException: access denied (java.security.SecurityPermission insertProvider.SunJCE)
Hi,
I am having a problem in using Security(JCE) packages in an Applet. I am
using IE and TomCat5.0 for deployment.
The same piece of code(reproduced below) run as a Java Application in
Eclipse works fine.
However, when the same applet is loaded through a .jsp page in IE, the
following exception is thrown -
java.security.AccessControlException: access denied
(java.security.SecurityPermission insertProvider.SunJCE)
at
java.security.AccessControlContext.checkPermission(Unknown Source)
at java.security.AccessController.checkPermission(Unknown
Source)
at java.lang.SecurityManager.checkPermission(Unknown Source)
at java.lang.SecurityManager.checkSecurityAccess(Unknown
Source)
at
sun.plugin.security.ActivatorSecurityManager.checkSecurityAccess(Unknown
Source)
at java.security.Security.check(Unknown Source)
at java.security.Security.insertProviderAt(Unknown Source)
at java.security.Security.addProvider(Unknown Source)
at
ClientSecurity.ClientMD5Digest.base64hashString(ClientMD5Digest.java:44)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native
Method)
at sun.reflect.NativeMethodAccessorImpl.invoke(Unknown
Source)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(Unknown
Source)
at java.lang.reflect.Method.invoke(Unknown Source)
at sun.plugin.javascript.invoke.JSInvoke.invoke(Unknown
Source)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native
Method)
at sun.reflect.NativeMethodAccessorImpl.invoke(Unknown
Source)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(Unknown
Source)
at java.lang.reflect.Method.invoke(Unknown Source)
at sun.plugin.javascript.JSClassLoader.invoke(Unknown
Source)
at sun.plugin.com.MethodDispatcher.invoke(Unknown Source)
at sun.plugin.com.DispatchImpl.invokeImpl(Unknown Source)
at sun.plugin.com.DispatchImpl$1.run(Unknown Source)
at java.security.AccessController.doPrivileged(Native
Method)
at sun.plugin.com.DispatchImpl.invoke(Unknown Source)
java.lang.Exception: java.security.AccessControlException: access denied
(java.security.SecurityPermission insertProvider.SunJCE)
at sun.plugin.com.DispatchImpl.invokeImpl(Unknown Source)
at sun.plugin.com.DispatchImpl$1.run(Unknown Source)
at java.security.AccessController.doPrivileged(Native
Method)
at sun.plugin.com.DispatchImpl.invoke(Unknown Source)
The relevant piece of code resulting in this exception is -
https://mytestapp.com/MyServletContainer/index.jsp makes a call to the
Applet as follows -
newtext = HashUtil.base64hashString(TxnXml);
The applet is defined as follows -
<applet name="HashUtil" code="ClientSecurity.ClientMD5Digest.class"
archive="base64.jar" width="0" height="0" alt="" ></applet>
The applet code is as follows -
public static String base64hashString(String in_str)
{
System.out.println("Loading com.sun.* package class");
Security.addProvider(new com.sun.crypto.provider.SunJCE());
String s = "";
try {
in_str = in_str.toUpperCase();
MessageDigest m =
MessageDigest.getInstance(hash_method);
byte[] encDigest =
encryptDigest(m.digest(in_str.getBytes()));
//s = Base64.encode(m.digest(in_str.getBytes()));
s = Base64.encode(encDigest);
} catch(Exception e){
e.printStackTrace();
}
return s;
}
private static byte[] encryptDigest(byte[] toBeEncrypted) {
byte[] ret_array = null;
try {
Cipher l_cipher = Cipher.getInstance(enc_algorithm);
SecretKeySpec skspec = new SecretKeySpec(seed,
enc_algorithm);
l_cipher.init(Cipher.ENCRYPT_MODE, skspec);
ret_array = l_cipher.doFinal(toBeEncrypted);
l_cipher = null;
skspec = null;
} catch (Exception e) {
e.printStackTrace();
}
return ret_array;
}
I have added the SecurityPermission entries for InsertProvider.SunJCE
etc in the server.policy file as suggested in some google results.
Nothing seem to work.....Any help would be greatly
appreciated......fast......
Regards,
Rakesh.
Re: java.security.AccessControlException: access denied (java.security.SecurityPermission insertProvider.SunJCE)
Posted by Chen Jerry <te...@gmail.com>.
Hi Rakesh,
I suppose this statement is not allowed in the default sand box:
Security.addProvider(new com.sun.crypto.provider.SunJCE());
Maybe you can singature your jar to expand your applet's privilege.
Regards,
Jerry
2005/11/21, rakesh.raja@iflexsolutions.com <ra...@iflexsolutions.com>:
>
> Hi,
>
>
>
> I am having a problem in using Security(JCE) packages in an Applet. I am
> using IE and TomCat5.0 for deployment.
>
>
>
> The same piece of code(reproduced below) run as a Java Application in
> Eclipse works fine.
>
>
>
> However, when the same applet is loaded through a .jsp page in IE, the
> following exception is thrown -
>
>
>
>
>
> java.security.AccessControlException: access denied
> (java.security.SecurityPermission insertProvider.SunJCE)
>
> at
> java.security.AccessControlContext.checkPermission(Unknown Source)
>
> at java.security.AccessController.checkPermission(Unknown
> Source)
>
> at java.lang.SecurityManager.checkPermission(Unknown Source)
>
> at java.lang.SecurityManager.checkSecurityAccess(Unknown
> Source)
>
> at
> sun.plugin.security.ActivatorSecurityManager.checkSecurityAccess(Unknown
> Source)
>
> at java.security.Security.check(Unknown Source)
>
> at java.security.Security.insertProviderAt(Unknown Source)
>
> at java.security.Security.addProvider(Unknown Source)
>
> at
> ClientSecurity.ClientMD5Digest.base64hashString(ClientMD5Digest.java:44)
>
> at sun.reflect.NativeMethodAccessorImpl.invoke0(Native
> Method)
>
> at sun.reflect.NativeMethodAccessorImpl.invoke(Unknown
> Source)
>
> at sun.reflect.DelegatingMethodAccessorImpl.invoke(Unknown
> Source)
>
> at java.lang.reflect.Method.invoke(Unknown Source)
>
> at sun.plugin.javascript.invoke.JSInvoke.invoke(Unknown
> Source)
>
> at sun.reflect.NativeMethodAccessorImpl.invoke0(Native
> Method)
>
> at sun.reflect.NativeMethodAccessorImpl.invoke(Unknown
> Source)
>
> at sun.reflect.DelegatingMethodAccessorImpl.invoke(Unknown
> Source)
>
> at java.lang.reflect.Method.invoke(Unknown Source)
>
> at sun.plugin.javascript.JSClassLoader.invoke(Unknown
> Source)
>
> at sun.plugin.com.MethodDispatcher.invoke(Unknown Source)
>
> at sun.plugin.com.DispatchImpl.invokeImpl(Unknown Source)
>
> at sun.plugin.com.DispatchImpl$1.run(Unknown Source)
>
> at java.security.AccessController.doPrivileged(Native
> Method)
>
> at sun.plugin.com.DispatchImpl.invoke(Unknown Source)
>
> java.lang.Exception: java.security.AccessControlException: access denied
> (java.security.SecurityPermission insertProvider.SunJCE)
>
> at sun.plugin.com.DispatchImpl.invokeImpl(Unknown Source)
>
> at sun.plugin.com.DispatchImpl$1.run(Unknown Source)
>
> at java.security.AccessController.doPrivileged(Native
> Method)
>
> at sun.plugin.com.DispatchImpl.invoke(Unknown Source)
>
>
>
> The relevant piece of code resulting in this exception is -
>
>
>
> https://mytestapp.com/MyServletContainer/index.jsp makes a call to the
> Applet as follows -
>
>
>
> newtext = HashUtil.base64hashString(TxnXml);
>
>
>
> The applet is defined as follows -
>
>
>
> <applet name="HashUtil" code="ClientSecurity.ClientMD5Digest.class"
>
> archive="base64.jar" width="0" height="0" alt="" ></applet>
>
>
>
>
>
> The applet code is as follows -
>
>
>
> public static String base64hashString(String in_str)
>
> {
>
> System.out.println("Loading com.sun.* package class");
>
> Security.addProvider(new com.sun.crypto.provider.SunJCE());
>
>
>
> String s = "";
>
> try {
>
> in_str = in_str.toUpperCase();
>
>
>
> MessageDigest m =
> MessageDigest.getInstance(hash_method);
>
> byte[] encDigest =
> encryptDigest(m.digest(in_str.getBytes()));
>
>
>
> //s = Base64.encode(m.digest(in_str.getBytes()));
>
> s = Base64.encode(encDigest);
>
>
>
> } catch(Exception e){
>
> e.printStackTrace();
>
> }
>
>
>
> return s;
>
> }
>
>
>
>
>
> private static byte[] encryptDigest(byte[] toBeEncrypted) {
>
> byte[] ret_array = null;
>
> try {
>
> Cipher l_cipher = Cipher.getInstance(enc_algorithm);
>
> SecretKeySpec skspec = new SecretKeySpec(seed,
> enc_algorithm);
>
> l_cipher.init(Cipher.ENCRYPT_MODE, skspec);
>
> ret_array = l_cipher.doFinal(toBeEncrypted);
>
> l_cipher = null;
>
> skspec = null;
>
>
>
> } catch (Exception e) {
>
> e.printStackTrace();
>
> }
>
> return ret_array;
>
> }
>
>
>
> I have added the SecurityPermission entries for InsertProvider.SunJCE
> etc in the server.policy file as suggested in some google results.
>
>
>
> Nothing seem to work.....Any help would be greatly
> appreciated......fast......
>
>
>
> Regards,
>
> Rakesh.
>
>
>