oracle - java.security.AccessControlException: access denied ("java.security.SecurityPermission" "authProvider.SunMSCAPI")

Question

Till morning everything working fine in my applet. I took Java update and everything stopped. I'm dealing with digital certificate using applet. Here is my stack trace. I followed some oracle article but didn't work.

https://blogs.oracle.com/java-platform-group/entry/liveconnect_changes_in_7u45 http://docs.oracle.com/javase/7/docs/technotes/guides/jweb/manifest.html#trusted_library http://www.oracle.com/technetwork/java/javase/7u45-relnotes-2016950.html

Java Plug-in 10.45.2.18
Using JRE version 1.7.0_45-b18 Java HotSpot(TM) Client VM
User home directory = C:Usersvicky.thakor

---

java.security.AccessControlException: access denied ("java.security.SecurityPermission" "authProvider.SunMSCAPI")
    at java.security.AccessControlContext.checkPermission(Unknown Source)
    at java.security.AccessController.checkPermission(Unknown Source)
    at java.lang.SecurityManager.checkPermission(Unknown Source)
    at sun.plugin2.applet.AWTAppletSecurityManager.checkPermission(Unknown Source)
    at sun.security.mscapi.KeyStore.engineLoad(KeyStore.java:755)
    at sun.security.mscapi.KeyStore$MY.engineLoad(KeyStore.java:62)
    at java.security.KeyStore.load(Unknown Source)
    at SecurityApplet.initializeBrowserKeyStore(SecurityApplet.java:162)
    at SecurityApplet.isCertificateInstalled(SecurityApplet.java:268)
    at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
    at sun.reflect.NativeMethodAccessorImpl.invoke(Unknown Source)
    at sun.reflect.DelegatingMethodAccessorImpl.invoke(Unknown Source)
    at java.lang.reflect.Method.invoke(Unknown Source)
    at sun.plugin.javascript.Trampoline.invoke(Unknown Source)
    at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
    at sun.reflect.NativeMethodAccessorImpl.invoke(Unknown Source)
    at sun.reflect.DelegatingMethodAccessorImpl.invoke(Unknown Source)
    at java.lang.reflect.Method.invoke(Unknown Source)
    at sun.plugin.javascript.JSClassLoader.invoke(Unknown Source)
    at sun.plugin2.liveconnect.JavaClass$MethodInfo.invoke(Unknown Source)
    at sun.plugin2.liveconnect.JavaClass$MemberBundle.invoke(Unknown Source)
    at sun.plugin2.liveconnect.JavaClass.invoke0(Unknown Source)
    at sun.plugin2.liveconnect.JavaClass.invoke(Unknown Source)
    at sun.plugin2.main.client.LiveConnectSupport$PerAppletInfo$DefaultInvocationDelegate.invoke(Unknown Source)
    at sun.plugin2.main.client.LiveConnectSupport$PerAppletInfo$3.run(Unknown Source)
    at java.security.AccessController.doPrivileged(Native Method)
    at sun.plugin2.main.client.LiveConnectSupport$PerAppletInfo.doObjectOp(Unknown Source)
    at sun.plugin2.main.client.LiveConnectSupport$PerAppletInfo$LiveConnectWorker.run(Unknown Source)
    at java.lang.Thread.run(Unknown Source)

---

.java.policy file I'm creating in public void init() method of applet. Its before accessing anything in applet.

grant
{
permission java.security.AllPermission;
permission java.io.FilePermission "<<ALL FILES>>", "read";
permission java.io.FilePermission "<<ALL FILES>>", "write";
permission java.util.PropertyPermission "*", "read, write";
permission java.util.PropertyPermission "user.home", "read";
permission java.util.PropertyPermission "user.dir", "read";
permission java.lang.RuntimePermission "modifyThread";
permission java.lang.RuntimePermission "*";
};

---

Update: 18th Nov, 2013

Its not working even if using code signing certificate

Answer 1

I cannot comment yet so am putting this as an answer instead.

1. I believe creating the .java.policy file in your applet will be too late - the plugin will have already started up and read the policy files before running any of your code.

2. You could sign your applet and use a jnlp file to assign permissions in the security element