You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@wicket.apache.org by "Zsolt Safrany (JIRA)" <ji...@apache.org> on 2011/03/24 20:30:12 UTC
[jira] [Commented] (WICKET-3050) AccessControlException thrown when
security manager denies access
[ https://issues.apache.org/jira/browse/WICKET-3050?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13010865#comment-13010865 ]
Zsolt Safrany commented on WICKET-3050:
---------------------------------------
As long there is no fix you can avoid the exception by disabling versioning. Simply call "setVersioned(false);" in your WebPage subclass.
In wicket when your Page is not versioned then all of its Components are also not versioned. If your Component is not versioned then UndoPageVersionManager won't try to clone your Component's model. Thus no exception will be thrown in GAE.
As a visual result your Page will not have any older versions just the current one thus the back button in your browser won't really have the real history.
Hope it helped.
> AccessControlException thrown when security manager denies access
> -----------------------------------------------------------------
>
> Key: WICKET-3050
> URL: https://issues.apache.org/jira/browse/WICKET-3050
> Project: Wicket
> Issue Type: Bug
> Environment: Google App Engine
> Reporter: Clint Checketts
> Assignee: Igor Vaynberg
> Priority: Trivial
> Attachments: enableReplaceObject_patch.txt
>
>
> Google App Engine locks down various environmental pieces. The ModelChange class tries to do some serialization which causes the exception.
> Caused by: java.security.AccessControlException: access denied (java.io.SerializablePermission enableSubstitution)
> at java.security.AccessControlContext.checkPermission(AccessControlContext.java:355)
> at java.security.AccessController.checkPermission(AccessController.java:567)
> at java.lang.SecurityManager.checkPermission(SecurityManager.java:549)
> at java.io.ObjectOutputStream.enableReplaceObject(ObjectOutputStream.java:609)
> at org.apache.wicket.util.lang.Objects$ReplaceObjectOutputStream.<init>(Objects.java:183)
> at org.apache.wicket.util.lang.Objects$ReplaceObjectOutputStream.<init>(Objects.java:174)
> at org.apache.wicket.util.lang.Objects.cloneModel(Objects.java:461)
> at org.apache.wicket.version.undo.ModelChange.<init>(ModelChange.java:103)
> at org.apache.wicket.version.undo.ChangeList.componentModelChanging(ChangeList.java:64)
> at org.apache.wicket.version.undo.UndoPageVersionManager.componentModelChanging(UndoPageVersionManager.java:123)
> at org.apache.wicket.Page.componentModelChanging(Page.java:1598)
> at org.apache.wicket.Component.modelChanging(Component.java:2206)
> at org.apache.wicket.Component.setDefaultModelObject(Component.java:3046)
> at org.apache.wicket.extensions.markup.html.tabs.TabbedPanel.setSelectedTab(TabbedPanel.java:338)
> at org.apache.wicket.extensions.markup.html.tabs.TabbedPanel$5.onClick(TabbedPanel.java:319)
> at org.apache.wicket.markup.html.link.Link.onLinkClicked(Link.java:224)
--
This message is automatically generated by JIRA.
For more information on JIRA, see: http://www.atlassian.com/software/jira