[jcifs] java.security.AccessControlException
Parag Chikmath
chikmath at us.ibm.com
Wed Aug 18 19:05:40 GMT 2004
Hello,
We're trying to use the jcifs pkg in our product so that our linux systems can
communicate with samba and
windows unc shares. The JVM security manager for our product does not allow the
System.getProperties()
call and also does not allow setting any system properties.
Hence, the calls to System.getProperties() and System.setProperty in
jcifs/Config.java fail.
The foll is the excep stack :
Uncaught exception in thread Thread[TWGServer,5,ServiceThreadGroup]
java.lang.ExceptionInInitializerError
at java.lang.Class.forName1(Native Method)
at java.lang.Class.forName(Class.java:180)
at jcifs.smb.SmbFile.<clinit>(SmbFile.java:361)
at java.lang.Class.forName1(Native Method)
at java.lang.Class.forName(Class.java:180)
at com.tivoli.twg.softwaredist.SMBClassChecker.checkClass
(SMBClassChecker.java:130)
at
com.tivoli.twg.softwaredist.TWGSwDistServerExtension.InitClassInstances
(TWGSwDistServerExtension.java:223)
at com.tivoli.twg.engine.TWGExtension.InitClassInstances
(TWGExtension.java:802)
at com.tivoli.twg.engine.TWGExtension.DoInitClassInstances
(TWGExtension.java:607)
at com.tivoli.twg.engine.TWGServer.run(TWGServer.java:468)
Caused by: java.security.AccessControlException: access denied
(java.util.PropertyPermission * read,write)
at java.security.AccessControlContext.checkPermission
(AccessControlContext.java(Compiled Code))
at java.security.AccessController.checkPermission(AccessController.java
(Compiled Code))
at java.lang.SecurityManager.checkPermission(SecurityManager.java
(Compiled Code))
at java.lang.SecurityManager.checkPropertiesAccess
(SecurityManager.java:1257)
at java.lang.System.getProperties(System.java:564)
at jcifs.Config.load(Config.java:142)
at jcifs.Config.<clinit>(Config.java:67)
... 10 more
Terminating JVM due to exception
Is it possible to change the jcifs code to keep the security manager happy, as
follows :
1. Reading each individual System property rather than the system Properties
object itself.
2. In the registerSmbURLHandler() method in Config.java, the
java.protocol.handler.pkgs system property is being set
irrespective of whether this property already contains the "jcifs" string.
Instead, a parsing of this property could
be done to look for the string "jcifs" and then set this property only if its
null or if it does not already
contain the "jcifs" string. That way, one could set this property to "jcifs"
externally and the call to
System.getProperty to register the smb url handler could be avoided.
Or, we could make the above changes to jcifs and send it your way. Since this
is holding up further development of our
product, we'd like to know what are the chances of these changes being approved
by the group so we can make further
decisions.
Thank You.
Sincerely
Parag Chikmath
More information about the jcifs
mailing list