From owner-freebsd-java@FreeBSD.ORG Mon Jan 9 13:34:50 2012 Return-Path: Delivered-To: freebsd-java@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 13EF3106566C for ; Mon, 9 Jan 2012 13:34:50 +0000 (UTC) (envelope-from achill@smadev.internal.net) Received: from smadev.internal.net (adsltrust.ath.forthnet.gr [194.219.204.174]) by mx1.freebsd.org (Postfix) with ESMTP id 237188FC0C for ; Mon, 9 Jan 2012 13:34:48 +0000 (UTC) Received: from smadev.internal.net (localhost [127.0.0.1]) by smadev.internal.net (8.14.4/8.14.4) with ESMTP id q09DYkQx076252 for ; Mon, 9 Jan 2012 15:34:46 +0200 (EET) (envelope-from achill@smadev.internal.net) Received: (from achill@localhost) by smadev.internal.net (8.14.4/8.14.4/Submit) id q09DYkek076251 for freebsd-java@freebsd.org; Mon, 9 Jan 2012 15:34:46 +0200 (EET) (envelope-from achill@smadev.internal.net) From: Achilleas Mantzios Organization: Dynacom Tankers Mgmt To: freebsd-java@freebsd.org Date: Mon, 9 Jan 2012 15:34:46 +0200 User-Agent: KMail/1.13.7 (FreeBSD/8.2-RELEASE-p3; KDE/4.7.3; amd64; ; ) MIME-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Message-Id: <201201091534.46341.achill@smadev.internal.net> Subject: applet security issue X-BeenThere: freebsd-java@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Porting Java to FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 09 Jan 2012 13:34:50 -0000 Hello java freebsd-ers! After struggling for hours in order to even see the digital signature security window appearing for my applet (and i did a lot of things, bundling all libs in one jar, re-signing, etc...) i got to the point where the applet starts, but then gives me a : java.security.AccessControlException: access denied (java.io.FilePermission /usr/local/jboss-6.0.0.Final/paidia2.jpg read) the stack trace is like : java.security.AccessControlException: access denied (java.io.FilePermission /usr/local/jboss-6.0.0.Final/paidia2.jpg read) at java.security.AccessControlContext.checkPermission(AccessControlContext.java:393) at java.security.AccessController.checkPermission(AccessController.java:553) at java.lang.SecurityManager.checkPermission(SecurityManager.java:549) at net.sourceforge.jnlp.runtime.JNLPSecurityManager.checkPermission(JNLPSecurityManager.java:284) at java.lang.SecurityManager.checkRead(SecurityManager.java:888) at java.io.File.isFile(File.java:793) at org.apache.commons.httpclient.methods.multipart.FilePartSource.(FilePartSource.java:67) at org.apache.commons.httpclient.methods.multipart.FilePartSource.(FilePartSource.java:88) at org.apache.commons.httpclient.methods.multipart.FilePart.(FilePart.java:178) at com.gatewaynet.web.applets.PhotoJApplet.actionPerformed(PhotoJApplet.java:285) PhotoJApplet.java:285 reads : FilePart filePart = new FilePart(thisfile.getName(),thisfile.getName(),thisfile,"image/jpeg",null); The funny thing is that the very same signed applet reads the contents of the /usr/local/jboss-6.0.0.Final/ without problem: String fname=imgPath + "/"+photos[i].filename; ImageIcon icon = new ImageIcon(fname); Its only when the IO is called from within apache's httpclient that i get the problem. (pls do not get confused, here jboss wears the hat of the dummy firefox user, nothing j2ee involved!) Any info would be great. -- Achilleas Mantzios IT DEPT