Skip to Main Content
Forums

Java Security

Announcement

For appeals, questions and feedback about Oracle Forums, please email oracle-forums-moderators_us@oracle.com. Technical questions should be asked in the appropriate category. Thank you!

JWS not working after Java updates to JDK 1.6 update 24 (with apache felix)

841256Feb 20 2011 — edited Mar 2 2011
Hi,
I'm currently working on some JWS application, which heavily relies on Apache Felix. It was working spotless until recent security update which comes along with Java 1.6u24. Now my application dies just when Apache Felix is starting to work.

The exception being thrown is:

SEVERE: Permission denied: http://felix.extensions:9/META-INF/services/javax.xml.parsers.SAXParserFactory
java.lang.SecurityException: Permission denied: http://felix.extensions:9/META-INF/services/javax.xml.parsers.SAXParserFactory
at com.sun.deploy.security.DeployURLClassPath$UrlLoader.findResource(Unknown Source)
at com.sun.deploy.security.DeployURLClassPath.findResource(Unknown Source)
at java.net.URLClassLoader$2.run(Unknown Source)
at java.security.AccessController.doPrivileged(Native Method)
at java.net.URLClassLoader.findResource(Unknown Source)
at com.sun.jnlp.JNLPClassLoader.findResource(Unknown Source)
at java.lang.ClassLoader.getResource(Unknown Source)
at com.sun.jnlp.JNLPClassLoader.access$001(Unknown Source)
at com.sun.jnlp.JNLPClassLoader$1.run(Unknown Source)
at java.security.AccessController.doPrivileged(Native Method)
at com.sun.jnlp.JNLPClassLoader.getResource(Unknown Source)
at java.lang.ClassLoader.getResource(Unknown Source)
at com.sun.jnlp.JNLPClassLoader.access$001(Unknown Source)
at com.sun.jnlp.JNLPClassLoader$1.run(Unknown Source)
at java.security.AccessController.doPrivileged(Native Method)
at com.sun.jnlp.JNLPClassLoader.getResource(Unknown Source)
at java.lang.ClassLoader.getResourceAsStream(Unknown Source)
at javax.xml.parsers.SecuritySupport$4.run(Unknown Source)
at java.security.AccessController.doPrivileged(Native Method)
at javax.xml.parsers.SecuritySupport.getResourceAsStream(Unknown Source)
at javax.xml.parsers.FactoryFinder.findJarServiceProvider(Unknown Source)
at javax.xml.parsers.FactoryFinder.find(Unknown Source)
at javax.xml.parsers.SAXParserFactory.newInstance(Unknown Source)
(...)
at com.sun.javaws.Launcher.executeApplication(Unknown Source)
at com.sun.javaws.Launcher.executeMainClass(Unknown Source)
at com.sun.javaws.Launcher.doLaunchApp(Unknown Source)
at com.sun.javaws.Launcher.run(Unknown Source)
at java.lang.Thread.run(Unknown Source)

In javaws.policy, java.policy I have set up proper security rules to enable JWS to work out of sandbox by specifying:
grant {
permission java.security.AllPermission;
}

grant codeBase "http://felix.extensions:9/" {
permission java.security.AllPermission;
};

Also, I'm using maven's webstart-maven-plugin to create a JWS jnlp file. It's being property signed with security certificate. My resulting jnlp file has this part of configuration embedded:
<security>
<all-permissions />
</security>

Do You have any ideas what might be the problem?
Cheers
Comments
Locked Post
New comments cannot be posted to this locked post.
Post Details
Locked on Mar 30 2011
Added on Feb 20 2011
#other-security-apis-tools-and-issues
4 comments
898 views