Home

Add a comment

 

Avatar: Philippe Dey

Re: Java in Notes/Domino Explained: On Java Security and how it relates to Notes/Domino

Hi Mikkel,

Thanks for this post! Very useful!

I am currently facing a case were I also get an AccessControlException, but in a slightly different context. In my Web application (Domino-based), I use an applet which is loaded with JWS. The JNLP file and all the classes I use are stored as JAR files in a "resources applet" design element of my database. The JARs are all signed with the same certificate and the manifest file of all JARs contains the "Trusted-Library: true" parameter. Everything was fine with my applet, until the day I tried to add a third-party JAR containing a new Swing L&F to be used in my applet. As soon as I have added this JAR (also signed with my certificate), I have been unable to run my applet with Java 1.6 (works fine with 1.7). The plug-in first warns about "mixed signed and unsigned code", then the following error occurs :

<p style="margin-left: 40px;">java.security.AccessControlException: access denied (java.lang.RuntimePermission accessClassInPackage.sun.swing.plaf.synth)

There is perhaps a reflection call somewhere in the code of the third-party L&F, but as I don't have the sources, it is difficult to say. Anyway, I have been in contact with the support team of the company selling this L&F and after some tests, we have spotted that my applet was running file as soon as the JNLP and JARs files were moved outside the database. Even adding the files as simple "resource files" design element was not enough to prevent the errors at runtime. So, I have placed all my files in the "domino\html\" folder of my Domino server, and everything was fine without any error regarding the security.

Now, to return to the original subject of your post (sorry for this long explanation), my question is, do you have an idea of what is controlling the privileges of Java resources when those resources are design elements of a database?

If you are curious to test it yourself, I can even provide you a small sample. Just tell me.


Re: Java in Notes/Domino Explained: On Java Security and how it relates to Notes/Domino


Title
Body
HTML : b, strong, i, em, blockquote, br, p, pre, a href="", ul, ol, li, sub, sup
OpenID Login
Name
E-mail address
Website
Remember me Yes  No 

E-mail addresses are not publicly displayed, so please only leave your e-mail address if you would like to be notified when new comments are added to this blog entry (you can opt-out later).