Welcome to OStack Knowledge Sharing Community for programmer and developer-Open, Learning and Share
Welcome To Ask or Share your Answers For Others

Categories

0 votes
845 views
in Technique[技术] by (71.8m points)

oracle - java.security.AccessControlException: access denied ("java.security.SecurityPermission" "authProvider.SunMSCAPI")

Till morning everything working fine in my applet. I took Java update and everything stopped. I'm dealing with digital certificate using applet. Here is my stack trace. I followed some oracle article but didn't work.

https://blogs.oracle.com/java-platform-group/entry/liveconnect_changes_in_7u45 http://docs.oracle.com/javase/7/docs/technotes/guides/jweb/manifest.html#trusted_library http://www.oracle.com/technetwork/java/javase/7u45-relnotes-2016950.html

Java Plug-in 10.45.2.18
Using JRE version 1.7.0_45-b18 Java HotSpot(TM) Client VM
User home directory = C:Usersvicky.thakor

java.security.AccessControlException: access denied ("java.security.SecurityPermission" "authProvider.SunMSCAPI")
    at java.security.AccessControlContext.checkPermission(Unknown Source)
    at java.security.AccessController.checkPermission(Unknown Source)
    at java.lang.SecurityManager.checkPermission(Unknown Source)
    at sun.plugin2.applet.AWTAppletSecurityManager.checkPermission(Unknown Source)
    at sun.security.mscapi.KeyStore.engineLoad(KeyStore.java:755)
    at sun.security.mscapi.KeyStore$MY.engineLoad(KeyStore.java:62)
    at java.security.KeyStore.load(Unknown Source)
    at SecurityApplet.initializeBrowserKeyStore(SecurityApplet.java:162)
    at SecurityApplet.isCertificateInstalled(SecurityApplet.java:268)
    at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
    at sun.reflect.NativeMethodAccessorImpl.invoke(Unknown Source)
    at sun.reflect.DelegatingMethodAccessorImpl.invoke(Unknown Source)
    at java.lang.reflect.Method.invoke(Unknown Source)
    at sun.plugin.javascript.Trampoline.invoke(Unknown Source)
    at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
    at sun.reflect.NativeMethodAccessorImpl.invoke(Unknown Source)
    at sun.reflect.DelegatingMethodAccessorImpl.invoke(Unknown Source)
    at java.lang.reflect.Method.invoke(Unknown Source)
    at sun.plugin.javascript.JSClassLoader.invoke(Unknown Source)
    at sun.plugin2.liveconnect.JavaClass$MethodInfo.invoke(Unknown Source)
    at sun.plugin2.liveconnect.JavaClass$MemberBundle.invoke(Unknown Source)
    at sun.plugin2.liveconnect.JavaClass.invoke0(Unknown Source)
    at sun.plugin2.liveconnect.JavaClass.invoke(Unknown Source)
    at sun.plugin2.main.client.LiveConnectSupport$PerAppletInfo$DefaultInvocationDelegate.invoke(Unknown Source)
    at sun.plugin2.main.client.LiveConnectSupport$PerAppletInfo$3.run(Unknown Source)
    at java.security.AccessController.doPrivileged(Native Method)
    at sun.plugin2.main.client.LiveConnectSupport$PerAppletInfo.doObjectOp(Unknown Source)
    at sun.plugin2.main.client.LiveConnectSupport$PerAppletInfo$LiveConnectWorker.run(Unknown Source)
    at java.lang.Thread.run(Unknown Source)

.java.policy file I'm creating in public void init() method of applet. Its before accessing anything in applet.

grant
{
permission java.security.AllPermission;
permission java.io.FilePermission "<<ALL FILES>>", "read";
permission java.io.FilePermission "<<ALL FILES>>", "write";
permission java.util.PropertyPermission "*", "read, write";
permission java.util.PropertyPermission "user.home", "read";
permission java.util.PropertyPermission "user.dir", "read";
permission java.lang.RuntimePermission "modifyThread";
permission java.lang.RuntimePermission "*";
};

Update: 18th Nov, 2013

Its not working even if using code signing certificate

enter image description here

See Question&Answers more detail:os

与恶龙缠斗过久,自身亦成为恶龙;凝视深渊过久,深渊将回以凝视…
Welcome To Ask or Share your Answers For Others

1 Answer

0 votes
by (71.8m points)

I cannot comment yet so am putting this as an answer instead.

  1. I believe creating the .java.policy file in your applet will be too late - the plugin will have already started up and read the policy files before running any of your code.

  2. You could sign your applet and use a jnlp file to assign permissions in the security element


与恶龙缠斗过久,自身亦成为恶龙;凝视深渊过久,深渊将回以凝视…
Welcome to OStack Knowledge Sharing Community for programmer and developer-Open, Learning and Share
Click Here to Ask a Question

...