[jboss-user] [Security & JAAS/JBoss] - EJB & java web start application security issue
michalzel
do-not-reply at jboss.com
Tue Oct 10 11:09:59 EDT 2006
Hello!
I made java application which performs access to EJB(3.0) remote component. To have classes dynamicly loaded from server I put:
| URL policyResource = Main.class.getResource ("/client.policy");
| System.setProperty("java.security.policy",policyResource.toString ());
| System.setSecurityManager (new RMISecurityManager ());
| Thread.currentThread ().setContextClassLoader (RMIClassLoader.getClassLoader ("http://127.0.0.1:8083/"));
|
I grant all permisions to client and application works fine.
When I run it from a web start I got:
| (some AWT stuff)
| Caused by: java.security.AccessControlException: access denied (java.lang.RuntimePermission accessDeclaredMembers)
| at java.security.AccessControlContext.checkPermission(Unknown Source)
| at java.security.AccessController.checkPermission(Unknown Source)
| at java.lang.SecurityManager.checkPermission(Unknown Source)
| at java.lang.SecurityManager.checkMemberAccess(Unknown Source)
| at java.lang.Class.checkMemberAccess(Unknown Source)
| at java.lang.Class.getDeclaredMethods(Unknown Source)
| at org.jboss.aop.util.MethodHashing.getInterfaceHashes(MethodHashing.java:150)
| at org.jboss.aop.util.MethodHashing.calculateHash(MethodHashing.java:219)
| at org.jboss.ejb3.ProxyUtils.<clinit>(ProxyUtils.java:65)
| ... 44 more
| Exception in thread "AWT-EventQueue-0" java.lang.NoClassDefFoundError
| at org.jboss.ejb3.stateless.StatelessRemoteProxy.invoke(StatelessRemoteProxy.java:79)
| at $Proxy0.findData(Unknown Source)
| at fetching.EJBRowSetDataFetcher.refreshData(EJBRowSetDataFetcher.java:63)
|
I signed all jars and put following:
| <security>
| <all-permissions/>
| </security>
|
In jnlp file. What may be the cause?
Sorry if it is wrong forum, but I found it the closest to exception message.
regards
Michal
View the original post : http://www.jboss.com/index.html?module=bb&op=viewtopic&p=3977268#3977268
Reply to the post : http://www.jboss.com/index.html?module=bb&op=posting&mode=reply&p=3977268
More information about the jboss-user
mailing list