Betwixt security permissions

classic Classic list List threaded Threaded
2 messages Options
Reply | Threaded
Open this post in threaded view
|

Betwixt security permissions

stewart.daniels
Hi,

 

When deploying a simple application to Sun App Server 8.1 I  get the
following stack trace

 

access denied (java.util.PropertyPermission * read,write)
java.security.AccessControlContext.checkPermission(AccessControlContext.
java:269)
java.security.AccessController.checkPermission(AccessController.java:401
)
java.lang.SecurityManager.checkPermission(SecurityManager.java:524)
java.lang.SecurityManager.checkPropertiesAccess(SecurityManager.java:124
3)
java.beans.Introspector.setBeanInfoSearchPath(Introspector.java:286)
org.apache.commons.betwixt.XMLIntrospector.introspect(XMLIntrospector.ja
va:548)
org.apache.commons.betwixt.XMLIntrospector.introspect(XMLIntrospector.ja
va:481)
org.apache.commons.betwixt.io.AbstractBeanWriter.writeBean(AbstractBeanW
riter.java:242)
org.apache.commons.betwixt.io.AbstractBeanWriter.write(AbstractBeanWrite
r.java:144)
org.apache.commons.betwixt.io.BeanWriter.write(BeanWriter.java:190)

 

from this code

 

public ActionForward execute(ActionMapping mapping, ActionForm form,

           HttpServletRequest request, HttpServletResponse response)
throws Exception

    {

         try

         {

             // create write and set basic properties

            StringWriter sWriter = new StringWriter();

            BeanWriter writer = new BeanWriter(sWriter);

 
writer.getXMLIntrospector().setAttributesForPrimitives(true);

            writer.enablePrettyPrint();

            writer.setWriteIDs(false);

 

            // set a custom name mapper for attributes

            writer.getXMLIntrospector().setAttributeNameMapper(new
HyphenatedNameMapper());

            // set a custom name mapper for elements

            writer.getXMLIntrospector().setElementNameMapper(new
DecapitalizeNameMapper());

 

            //get the bean

            net.homeip.sdaniels.MemberRemoteHome bean =
lookupMemberBean();

            //net.homeip.sdaniels.HelloRemote bean = lookupHelloBean();

           

            // write out the bean

            writer.write(bean); /***************** This lines causes the
error **********/

            writer.flush();

            writer.close();

           

            //get the string

            String xmls = sWriter.toString();

           

            //add the string to the request object

            request.setAttribute("xmlString",xmls);

           

            return mapping.findForward("success");  

           

         }

         catch(Exception ex)

         {

             request.setAttribute("error", ex);

             return mapping.findForward("failed");

         }

    }

 

As the reader/writer doesn't touch the file system this seems strange.

Can some one explain?

 

Stewart

 

 



This message is for the designated recipient only and may contain privileged, proprietary, or otherwise private information.  If you have received it in error, please notify the sender immediately and delete the original.  Any other use of the email by you is prohibited.
Reply | Threaded
Open this post in threaded view
|

Re: Betwixt security permissions

Martin van den Bemt
Hi Stewert,

On the configuration of the xmlintrospector specify that you do want to
use the beaninfosearchpath (which by default is cleared, because classes
that have beaninfo classes present in the searchpath will cause massive
xml files (esp the swing/awt classes are famous for this).
Just call getConfiguation().setUseBeanInfoSearchPath(true) on the
XMLIntrospector to not run into this security exception. If your xml
hasn't the right outcome when using the infosearchpath, you will have to
lift this restriction in the security policy of the Sun app server..

Hope this helps, if you didn't already solve it yourself.

Mvgr,
Martin


[hidden email] wrote:

> Hi,
>
>  
>
> When deploying a simple application to Sun App Server 8.1 I  get the
> following stack trace
>
>  
>
> access denied (java.util.PropertyPermission * read,write)
> java.security.AccessControlContext.checkPermission(AccessControlContext.
> java:269)
> java.security.AccessController.checkPermission(AccessController.java:401
> )
> java.lang.SecurityManager.checkPermission(SecurityManager.java:524)
> java.lang.SecurityManager.checkPropertiesAccess(SecurityManager.java:124
> 3)
> java.beans.Introspector.setBeanInfoSearchPath(Introspector.java:286)
> org.apache.commons.betwixt.XMLIntrospector.introspect(XMLIntrospector.ja
> va:548)
> org.apache.commons.betwixt.XMLIntrospector.introspect(XMLIntrospector.ja
> va:481)
> org.apache.commons.betwixt.io.AbstractBeanWriter.writeBean(AbstractBeanW
> riter.java:242)
> org.apache.commons.betwixt.io.AbstractBeanWriter.write(AbstractBeanWrite
> r.java:144)
> org.apache.commons.betwixt.io.BeanWriter.write(BeanWriter.java:190)
>
>  
>
> from this code
>
>  
>
> public ActionForward execute(ActionMapping mapping, ActionForm form,
>
>            HttpServletRequest request, HttpServletResponse response)
> throws Exception
>
>     {
>
>          try
>
>          {
>
>              // create write and set basic properties
>
>             StringWriter sWriter = new StringWriter();
>
>             BeanWriter writer = new BeanWriter(sWriter);
>
>  
> writer.getXMLIntrospector().setAttributesForPrimitives(true);
>
>             writer.enablePrettyPrint();
>
>             writer.setWriteIDs(false);
>
>  
>
>             // set a custom name mapper for attributes
>
>             writer.getXMLIntrospector().setAttributeNameMapper(new
> HyphenatedNameMapper());
>
>             // set a custom name mapper for elements
>
>             writer.getXMLIntrospector().setElementNameMapper(new
> DecapitalizeNameMapper());
>
>  
>
>             //get the bean
>
>             net.homeip.sdaniels.MemberRemoteHome bean =
> lookupMemberBean();
>
>             //net.homeip.sdaniels.HelloRemote bean = lookupHelloBean();
>
>            
>
>             // write out the bean
>
>             writer.write(bean); /***************** This lines causes the
> error **********/
>
>             writer.flush();
>
>             writer.close();
>
>            
>
>             //get the string
>
>             String xmls = sWriter.toString();
>
>            
>
>             //add the string to the request object
>
>             request.setAttribute("xmlString",xmls);
>
>            
>
>             return mapping.findForward("success");  
>
>            
>
>          }
>
>          catch(Exception ex)
>
>          {
>
>              request.setAttribute("error", ex);
>
>              return mapping.findForward("failed");
>
>          }
>
>     }
>
>  
>
> As the reader/writer doesn't touch the file system this seems strange.
>
> Can some one explain?
>
>  
>
> Stewart
>
>  
>
>  
>
>
>
> This message is for the designated recipient only and may contain privileged, proprietary, or otherwise private information.  If you have received it in error, please notify the sender immediately and delete the original.  Any other use of the email by you is prohibited.
>

---------------------------------------------------------------------
To unsubscribe, e-mail: [hidden email]
For additional commands, e-mail: [hidden email]