1 Reply Latest reply on Aug 2, 2002 12:47 PM by Adrian Brock

    java.security.AccessControlException

    Christoph Pressleitner Newbie

      Hi,

      I've written an small application, which accesses some ejb's. If I start the application local everything works fine except the authentification ... every user/password combination is accepted ...

      If I try to start the application using webstart there's a java.security.AccessControlException thrown if any method of the EJB is called (in my case a finder-method).

      It looks like the user is not recognized by the server ... I am using the UsersRolesLoginModule.

      In both cases the behaviour is not correct. Did I get anything wrong?

      The main goal is to distribute the application client using WebStart so I have to get that running ASAP.

      complete text of the Exception:
      ava.security.AccessControlException: access denied (java.lang.RuntimePermission org.jboss.security.SecurityAssociation.getPrincipalInfo)
      at java.security.AccessControlContext.checkPermission(AccessControlContext.java:272)
      at java.security.AccessController.checkPermission(AccessController.java:399)
      at java.lang.SecurityManager.checkPermission(SecurityManager.java:545)
      at org.jboss.security.SecurityAssociation.getPrincipal(SecurityAssociation.java:109)
      at org.jboss.proxy.SecurityInterceptor.invoke(SecurityInterceptor.java:72)
      at org.jboss.proxy.ejb.HomeInterceptor.invoke(HomeInterceptor.java:185)
      at org.jboss.proxy.ClientContainer.invoke(ClientContainer.java:76)
      at $Proxy1.findByVariant(Unknown Source)
      at at.softsolution.efact.client.AngebotspositionPanel.setSumme(AngebotspositionPanel.java:366)
      at at.softsolution.efact.client.AngebotspositionPanel.setAngebotspositionHome(AngebotspositionPanel.java:51)
      at at.softsolution.efact.client.AngebotspositionDialog.setContext(AngebotspositionDialog.java:408)
      at at.softsolution.efact.client.KundenuebersichtPanel.setContext(KundenuebersichtPanel.java:496)
      at at.softsolution.efact.client.AngebotePanel.setContext(AngebotePanel.java:739)
      at at.softsolution.efact.client.EFactFrame.initContext(EFactFrame.java:238)
      at at.softsolution.efact.client.EFactFrame.main(EFactFrame.java:75)
      at java.lang.reflect.Method.invoke(Native Method)
      at com.sun.javaws.Launcher.executeApplication(Unknown Source)
      at com.sun.javaws.Launcher.executeMainClass(Unknown Source)
      at com.sun.javaws.Launcher.continueLaunch(Unknown Source)
      at com.sun.javaws.Launcher.handleApplicationDesc(Unknown Source)
      at com.sun.javaws.Launcher.handleLaunchFile(Unknown Source)
      at com.sun.javaws.Launcher.run(Unknown Source)
      at java.lang.Thread.run(Thread.java:484)

      Thanks,
      Chris

        • 1. Re: java.security.AccessControlException
          Adrian Brock Master

          Your first problem sounds like a config problem.
          Do you have the quickstart guide from sourceforge?

          The second problem is due to your webstart application
          running in a sandbox. You can read the jdk docs about
          what this means.
          JBoss needs to transport the security info to the
          server, but retrieving that information is a privileged
          action.

          There is information in the webstart docs about signing
          the jars and configuring your application to run
          with the necessary authority.

          I've never used webstart so I can't give you an example.

          Regards,
          Adrian