AccessControlException: access denied when logging into WebCenter Spaces

Similar Messages

• Get AccessControlException(access denied) when refresh page

  Our applet have AccessControlException when refresh the ie browser but the first time open no such a problem! And when we use other host which use a different proxy no such a problem either. Don't know why , is it the problem of proxy?
  any idea ? many thanks!
  here is the log:
  INFO - Wed Jan 16 16:09:30 EST 2008: getResponseTime Debug1-- openConnection time: 0ms
  network: Connecting https://hostname/_en.html with proxy=HTTP @ proxyname:8080
  network: Connecting https://hostname/_en.html with cookie "BCSI-CSA1021104=2"
  INFO - Wed Jan 16 16:09:34 EST 2008: getResponseTime Debug3-- getInputStream time: 4500ms
  liveconnect: Invoking JS method: ua
  INFO - Wed Jan 16 16:09:34 EST 2008: Log page URL -- https://hostname/result.html?timestamp=Wed Jan 16 16:09:34 EST 2008&ip=''&jvm=Sun Microsystems Inc.,1.5.0_14&os=Windows XP,5.1&echo_time=4500ms&UserAgent=Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 1.1.4322; .NET CLR 2.0.50727)
  INFO - Wed Jan 16 16:09:34 EST 2008: logUsrInfo Debug5-- openConnection time: 0ms
  INFO - Wed Jan 16 16:09:34 EST 2008: JVM version checking passed!
  +(the first time open page can pass!)+
  liveconnect: Invoking JS method: showApplication
  basic: Stopping applet ...
  basic: Finding information ...
  basic: Releasing classloader: sun.plugin.ClassLoaderInfo@134e4fb, refcount=0
  basic: Caching classloader: sun.plugin.ClassLoaderInfo@134e4fb
  basic: Current classloader cache size: 1
  basic: Done ...
  basic: Removed progress listener: sun.plugin.util.GrayBoxPainter@1be0f0a
  basic: Joining applet thread ...
  basic: Destroying applet ...
  basic: Disposing applet ...
  basic: Joined applet thread ...
  basic: Unregistered modality listener
  basic: Quiting applet ...
  basic: Registered modality listener
  liveconnect: Invoking JS method: document
  liveconnect: Invoking JS method: URL
  basic: Referencing classloader: sun.plugin.ClassLoaderInfo@134e4fb, refcount=1
  basic: Added progress listener: sun.plugin.util.GrayBoxPainter@50988
  basic: Loading applet ...
  basic: Initializing applet ...
  basic: Starting applet ...
  basic: Referencing classloader: sun.plugin.ClassLoaderInfo@134e4fb, refcount=2
  basic: Releasing classloader: sun.plugin.ClassLoaderInfo@134e4fb, refcount=1
  INFO - Wed Jan 16 16:09:44 EST 2008: getResponseTime Debug1-- openConnection time: 0ms
  network: Connecting https://hostname/fx-canada/login_detail_fr-ca.html with proxy=HTTP @ proxyname/
  network: Server https://hostname/fx-canada/login_detail_fr-ca.html requesting to set-cookie with "BCSI-CSA1021104=2; Path=/"
  INFO - Wed Jan 16 16:09:48 EST 2008: getResponseTime Debug4-- throw exception time: 4515ms
  WARN - Wed Jan 16 16:09:48 EST 2008: Cannot get system response time!
  java.security.AccessControlException: access denied (java.net.SocketPermission hostname:8080 connect,resolve)
  at java.security.AccessControlContext.checkPermission(Unknown Source)
  at java.security.AccessController.checkPermission(Unknown Source)
  at java.lang.SecurityManager.checkPermission(Unknown Source)
  at java.lang.SecurityManager.checkConnect(Unknown Source)
  at sun.net.www.protocol.https.AbstractDelegateHttpsURLConnection.proxiedConnect(Unknown Source)

  The security credentials for a JMS "send" operation are not taken from the username and password that you pass to the "createConnection" method, but from the security login context in effect when you call "send". So, if you want this to happen using a particular security context, you need to make sure that you have set this up before you make the call.
            There are a number of ways to do this in WLS. Your best bet would be to check the security documentation, or do ask on the security newsgroup for the best way to do this in 8.1.

• GF 3.1.1 - java.security.AccessControlException: access denied - server.log

  I am upgrading an old NB4.1 produced JSP system that runs on Netscape iplanet to NB7.0.1 built JSP system running on Glassfish 3.1.1. I have four main files: login.html, login.jsp, ApplicationRmiConnection, and MenuManager.jsp . Three of four are working. The login.html is only a startup means to be sent to the login.jsp. The ApplicationRmiConnection is a servlet called by the login.jsp. It reads a properties file, establishes connection with the RMI and database (currently on the OLD system (Netscape iplanet)) which it does quite well. After the ApplicationRmiConnection is established and working the MenuManager.jsp . The first output from the MenuManager.jsp is a series of application.log calls for verification of data passed in from the successful ApplicationRmiConnection database read.
  How does GF 3.1.1 loose AccessControl permissions to the server.log to which it is writing? All I am using is application.log statements and it coughs, chokes, and quits.
  My output stacktrace is:
  INFO: PWC1412: WebModule[null] ServletContext.log():ApplicationRmiConnect: getRealPath("/") = [C:\Program Files\glassfish\glassfish-3.1\glassfish\domains\domain1\applications\MyApplication\]
  INFO: PWC1412: WebModule[null] ServletContext.log():MenuMgr: sParms - RMI Connect = com.company.rmi.ServerAppClientAdapter@19ca6bc
  INFO: PWC1412: WebModule[null] ServletContext.log():MenuMgr: caught an Exception
  WARNING: StandardWrapperValve[jsp]: PWC1406: Servlet.service() for servlet jsp threw exception
  java.security.AccessControlException: access denied (java.io.FilePermission C:\Program Files\glassfish\glassfish-3.1\glassfish\domains\domain1\logs\server.log read)
  at java.security.AccessControlContext.checkPermission(AccessControlContext.java:323)
  at java.security.AccessController.checkPermission(AccessController.java:546)
  at java.lang.SecurityManager.checkPermission(SecurityManager.java:532)
  at java.lang.SecurityManager.checkRead(SecurityManager.java:871)
  at java.io.File.exists(File.java:731)
  at com.sun.enterprise.server.logging.GFFileHandler.publish(GFFileHandler.java:676)
  at java.util.logging.Logger.log(Logger.java:481)
  at com.sun.logging.LogDomains$1.log(LogDomains.java:354)
  at java.util.logging.Logger.doLog(Logger.java:503)
  at java.util.logging.Logger.logp(Logger.java:619)
  at com.sun.enterprise.web.logger.IASLogger.write(IASLogger.java:127)
  at com.sun.enterprise.web.logger.LoggerBase.log(LoggerBase.java:190)
  at com.sun.enterprise.web.logger.IASLogger.log(IASLogger.java:57)
  at org.apache.catalina.core.StandardContext.log(StandardContext.java:6828)
  at org.apache.catalina.core.ApplicationContext.log(ApplicationContext.java:449)
  at org.apache.catalina.core.ApplicationContextFacade.log(ApplicationContextFacade.java:359)
  at org.apache.jsp.MenuMgr_jsp._jspService(MenuMgr_jsp.java from :533)
  at org.apache.jasper.runtime.HttpJspBase.service(HttpJspBase.java:111)
  at javax.servlet.http.HttpServlet.service(HttpServlet.java:847)
  at org.apache.jasper.servlet.JspServletWrapper.service(JspServletWrapper.java:403)
  at org.apache.jasper.servlet.JspServlet.serviceJspFile(JspServlet.java:492)
  at org.apache.jasper.servlet.JspServlet.service(JspServlet.java:378)
  at javax.servlet.http.HttpServlet.service(HttpServlet.java:847)
  at org.apache.catalina.core.StandardWrapper.service(StandardWrapper.java:1539)
  at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:281)
  at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:175)
  at org.apache.catalina.core.StandardPipeline.doInvoke(StandardPipeline.java:655)
  at org.apache.catalina.core.StandardPipeline.invoke(StandardPipeline.java:595)
  at com.sun.enterprise.web.WebPipeline.invoke(WebPipeline.java:98)
  at com.sun.enterprise.web.PESessionLockingStandardPipeline.invoke(PESessionLockingStandardPipeline.java:91)
  at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:162)
  at org.apache.catalina.connector.CoyoteAdapter.doService(CoyoteAdapter.java:330)
  at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:231)
  at com.sun.enterprise.v3.services.impl.ContainerMapper.service(ContainerMapper.java:174)
  at com.sun.grizzly.http.ProcessorTask.invokeAdapter(ProcessorTask.java:828)
  at com.sun.grizzly.http.ProcessorTask.doProcess(ProcessorTask.java:725)
  at com.sun.grizzly.http.ProcessorTask.process(ProcessorTask.java:1019)
  at com.sun.grizzly.http.DefaultProtocolFilter.execute(DefaultProtocolFilter.java:225)
  at com.sun.grizzly.DefaultProtocolChain.executeProtocolFilter(DefaultProtocolChain.java:137)
  at com.sun.grizzly.DefaultProtocolChain.execute(DefaultProtocolChain.java:104)
  at com.sun.grizzly.DefaultProtocolChain.execute(DefaultProtocolChain.java:90)
  at com.sun.grizzly.http.HttpProtocolChain.execute(HttpProtocolChain.java:79)
  at com.sun.grizzly.ProtocolChainContextTask.doCall(ProtocolChainContextTask.java:54)
  at com.sun.grizzly.SelectionKeyContextTask.call(SelectionKeyContextTask.java:59)
  at com.sun.grizzly.ContextTask.run(ContextTask.java:71)
  at com.sun.grizzly.util.AbstractThreadPool$Worker.doWork(AbstractThreadPool.java:532)
  at com.sun.grizzly.util.AbstractThreadPool$Worker.run(AbstractThreadPool.java:513)
  at java.lang.Thread.run(Thread.java:662)

  The problem area has been found. We need to know the best method to replace the two lines of code we commented out. Here is what we found.
  Glassfish 3.1.1 Security does not play well with old RMI security (JDK1.2 vintage). Furthermore, once the old RMI security has messed with the mind of GF3.1.1 security the GF security truly believes it has in some cases no permission to read its own server.log file.
  Here is the offending code commented out in the Server Client Adapter (client wrapper):
  Note: this is legacy rmi code. i.e. manually executed rmic on the appropriate classfiles as this was originally created for java 1.2.
  // if(System.getSecurityManager() == null)
  // System.setSecurityManager(new RMISecurityManager());
  remote = (com.davisco.rmi.ServerAppServantAdapter_Stub)Naming.lookup(stringbuffer.toString());
  A thank you goes out to www.velocityreviews.com/forums/t276590-access-denied-java-lang-runtimepermission-createsecuritymanager.html even if it is five years old.
  Again, this is using the original version of RMI. How do we re-implement the RMI Security Manager without offending GF 3.1.1 security?

• Java.security.AccessControlException: access denied when loading from a jar

  Hello!
  I am trying to deploy an applet into a browser but I have encountered a security problem.
  The name of the applet is SWTInBrowser(not exactly mine, it's an example from the web).
  package my.applet;
  import org.eclipse.swt.awt.SWT_AWT;
  import java.applet.Applet;
  import java.awt.event.ActionListener;
  import java.awt.event.ActionEvent;
  import java.awt.Canvas;
  import org.eclipse.swt.widgets.Shell;
  import org.eclipse.swt.widgets.Display;
  import org.eclipse.swt.SWT;
  import org.eclipse.swt.widgets.Listener;
  import org.eclipse.swt.widgets.Event;
  import org.eclipse.swt.graphics.Point;
  import org.eclipse.swt.layout.FillLayout;
  public class SWTInBrowser extends Applet implements Runnable{
       public void init () {
             /* Create Example AWT and Swing widgets */
             java.awt.Button awtButton = new java.awt.Button("AWT Button");
             add(awtButton);
             awtButton.addActionListener(new ActionListener () {
              public void actionPerformed (ActionEvent event) {
               showStatus ("AWT Button Selected");
             javax.swing.JButton jButton = new javax.swing.JButton("Swing Button");
             add(jButton);
             jButton.addActionListener(new ActionListener () {
              public void actionPerformed (ActionEvent event) {
               showStatus ("Swing Button Selected");
             Thread swtUIThread = new Thread (this);
             swtUIThread.start ();
            public void run() {
             /* Create an SWT Composite from an AWT canvas to be the parent of the SWT
            widgets.
              * The AWT Canvas will be layed out by the Applet layout manager.  The
            layout of the
              * SWT widgets is handled by the application (see below).
             Canvas awtParent = new Canvas();
             add(awtParent);
             Display display = new Display();
             Shell swtParent = SWT_AWT.new_Shell(display, awtParent);
  //           Display display = swtParent.getDisplay();
             swtParent.setLayout(new FillLayout());
             /* Create SWT widget */
             org.eclipse.swt.widgets.Button swtButton = new
            org.eclipse.swt.widgets.Button(swtParent, SWT.PUSH);
             swtButton.setText("SWT Button");
             swtButton.addListener(SWT.Selection, new Listener() {
              public void handleEvent(Event event){
               showStatus("SWT Button selected.");
             swtButton.addListener(SWT.Dispose, new Listener() {
              public void handleEvent(Event event){
               System.out.println("Button was disposed.");
             // Size AWT Panel so that it is big enough to hold the SWT widgets
             Point size = swtParent.computeSize (SWT.DEFAULT, SWT.DEFAULT);
             awtParent.setSize(size.x + 2, size.y + 2);
             // Need to invoke the AWT layout manager or AWT and Swing
             // widgets will not be visible
             validate();
             // The SWT widget(s) require an event loop
             while (!swtParent.isDisposed()) {
              if (!display.readAndDispatch()) display.sleep ();
  }It works perfectly in the Applet Viewer, but not in the browser. In the browser, I only get two buttons working, the SWT button doesn't appear, because of this error:
  Exception in thread "Thread-21" java.lang.ExceptionInInitializerError
       at org.eclipse.swt.widgets.Display.<clinit>(Display.java:130)
       at my.applet.SWTInBrowser.run(SWTInBrowser.java:52)
       at java.lang.Thread.run(Unknown Source)
  Caused by: java.security.AccessControlException: access denied (java.util.PropertyPermission sun.arch.data.model read)
       at java.security.AccessControlContext.checkPermission(Unknown Source)
       at java.security.AccessController.checkPermission(Unknown Source)
       at java.lang.SecurityManager.checkPermission(Unknown Source)
       at java.lang.SecurityManager.checkPropertyAccess(Unknown Source)
       at java.lang.System.getProperty(Unknown Source)
       at org.eclipse.swt.internal.Library.loadLibrary(Library.java:167)
       at org.eclipse.swt.internal.Library.loadLibrary(Library.java:151)
       at org.eclipse.swt.internal.C.<clinit>(C.java:21)
       ... 3 moreI have exported the application in a jar, and in that jar I have put the swt.jar that the application need for the displaying of the third button, swt button.
  Here is also the HTML file:
  <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
  <html>
    <head>
      <meta http-equiv="Content-Type" content="text/html; charset=Cp1252"/>
      <title>
        Test
      </title>
    </head>
    <body>
      <p>
            <applet code="my.applet.SWTInBrowser"
                      archive="Test.jar"
                      width="1400" height="800">
            </applet>
      </p>
    </body>
  </html>Could anyone please help me solve this problem?

  This is in reply to the first post. I don't know what happened after.
  Caused by: java.security.AccessControlException: access denied (java.util.PropertyPermission sun.arch.data.model read)
       at java.security.AccessControlContext.checkPermission(Unknown Source)
       at java.security.AccessController.checkPermission(Unknown Source)
       at java.lang.SecurityManager.checkPermission(Unknown Source)
       at java.lang.SecurityManager.checkPropertyAccess(Unknown Source)
       at java.lang.System.getProperty(Unknown Source)
       at org.eclipse.swt.internal.Library.loadLibrary(Library.java:167)
       at org.eclipse.swt.internal.Library.loadLibrary(Library.java:151)
       at org.eclipse.swt.internal.C.<clinit>(C.java:21)
  If you read the above trace from bottom to top, it shows none of you classes, only classes from that Eclipse library, which seems to loadLibrary() a native DLL. In order to do this, it needs to call System.getProperty( "sun.arch.data.model" ). This call is not allowed from un unsigned applet. So I guess you need to sign the applet and this problem will go away. Many other problems may follow. Just read very very carefully all the related documentation, which I did not.

• Windows 2008 R2 intermittently getting access denied when logging in

  Hi, 
  I recently built 2 new Virtual Machines. They both run on Hyper-V (version 6.2x).
  One is Windows 2008 R2 standard and the other Windows 2008 R2 Datacenter. These are both remote desktop servers. 
  These are both connected to a domain. 
  The domain controller is linux/samba based, this will mimic the Windows NT4 style domain controller environment. 
  Within each Virtual Machine I have a remote desktop users group, that is a staff group. 
  Intermittently users get an access denied error when logging on. This only happens when logging on as domain users. 
  If this happened all the time, I might think the machine needed to be removed and re-added to the domain but as it's intermittent, I don't see the trust relationship as the problem. 
  Any ideas? 
  Thanks

  Hi,
  Thanks for your post in Windows Server Forum.
  Before providing you some information, I would like to get some more information to resolve your issue.
  - Have you notice any specific error when trying to remote login?
  - Did you check GPO setting option “Allow log on through Remote Desktop Services”
  As group policy and the user group are interrelated with each other. There are 2 types of user rights.
  (1)   Logon rights  (2) Privileges
  These two plays an important part in allowing an RDP session to the server. Also need to check in GPO Setting for more option.
  a. Allow log on through Remote Desktop Services : Users\Group must be added for Remote Session
  b. Deny log on through Remote Desktop Services : Users\Group must not be added for Remote Session
  For checking the setting in GPO follow below path:
  - Start > Run >gpedit.msc
  - Computer Configuration\Windows Settings\Security Settings\Local Policies\User Rights Assignment
  For more information, refer beneath article.
  “Allow Logon through Terminal Services (Remote Desktop Services)” group policy and “Remote Desktop Users” group.
  http://blogs.technet.com/b/askperf/archive/2011/09/09/allow-logon-through-terminal-services-group-policy-and-remote-desktop-users-group.aspx
  Hope This Helps!
  Thanks.

• I get an access denied error when logging into extension builder 2.1 on Flash Builder 4.6

  I get an access denied error when logging into extension builder. The error is: You are not eligible to use CSIDE1 services due to the Service Eligibility Requirements.. Very frustrating since there is no other option than to read the adobe legal docs.
  Before this started happening I was prompted to put in my birthday (WHO KNOWS WHY ADOBE NEEDS MY BIRTHDAY). I filled it in wrong and now this....
  PLEASE HELP

  Ok this problem is fixed.
  Info for anyone else who faces this problem.
  Apparently when adobe designed the extension builder installer package, they decided to get cute and try to figure out what version of the software, the extension builder package files should be installed into. So if you have FB4, FB4.6, and FB.7 there is no telling where it will go. Also if you try moving these folders somewhere else out of the applications directory, the installer will still find them on the system. I finally figured this out by watching my system log and seeing
  11/22/13 12:13:46.258 AM cp[70909]: Cannot make directory /Applications/Adobe Flash Builder 4.6/Adobe Flash Builder 4.6.app
        Location: /Users/myuser/Downloads/Adobe Flash Builder 4.6-adobegarbage/plugins/com.adobe.cside.ui_2.1.0.201304282312/icons: No such file or directory
  After removing every single instance of places the package installer was trying to use. It finally resolved to the correct FB4.6 location. Why adobe could'nt spend a little extra time add a destination selector in the package installer is beyond me, but hey i only wasted 3 days trying to figure this out.... Sadly it isnt the first time i've wasted copius amounts of time fighting Flashbuilder problems.
  Halligrimur, thank you for your help. It did lead to me solving the problem.

• HTTP tunneling T3 when using WebStart - java.security.AccessControlException: access denied

  Hi !
  WLS version: 5.1 with SP10
  Server OS: NT4
  Client distr.: Java WebStart
  Client OS: Windows 2000
  I get the following exception when I try to create a T3 connection
  (tunnelled through HTTP) to my WLS server:
  java.security.AccessControlException: access denied
  (java.util.PropertyPermission proxyHost read)
  at java.security.AccessControlContext.checkPermission(Unknown Source)
  at java.security.AccessController.checkPermission(Unknown Source)
  at java.lang.SecurityManager.checkPermission(Unknown Source)
  at java.lang.SecurityManager.checkPropertyAccess(Unknown Source)
  at java.lang.System.getProperty(Unknown Source)
  at weblogic.net.http.HttpClient.resetProperties(HttpClient.java:62)
  at weblogic.net.http.HttpClient.openServer(HttpClient.java:186)
  at weblogic.net.http.HttpClient.<init>(HttpClient.java:85)
  at weblogic.net.http.HttpClient.New(HttpClient.java:117)
  at weblogic.net.http.HttpURLConnection.connect(HttpURLConnection.java:97)
  at
  weblogic.net.http.HttpURLConnection.getOutputStream(HttpURLConnection.java:1
  44)
  at weblogic.socket.JVMSocketHTTPClient.sendMsg(JVMSocketHTTPClient.java:260)
  at weblogic.socket.JVMAbbrevSocket.sendOutMsg(JVMAbbrevSocket.java:348)
  at weblogic.socket.JVMAbbrevSocket.sendMsg(JVMAbbrevSocket.java:237)
  at weblogic.rjvm.ConnectionManager.sendMsg(ConnectionManager.java:420)
  at weblogic.rjvm.RJVMImpl.send(RJVMImpl.java:564)
  at
  weblogic.rjvm.MsgAbbrevOutputStream.flushAndSendRaw(MsgAbbrevOutputStream.ja
  va:155)
  at
  weblogic.rjvm.MsgAbbrevOutputStream.flushAndSend(MsgAbbrevOutputStream.java:
  163)
  at
  weblogic.rjvm.MsgAbbrevOutputStream.sendRecv(MsgAbbrevOutputStream.java:186)
  at
  weblogic.rmi.internal.BasicOutgoingRequest.sendRecv(BasicOutgoingRequest.jav
  a:23)
  at
  weblogic.rmi.extensions.AbstractRequest.sendReceive(AbstractRequest.java:73)
  at
  com.unitor.message.server.UserInformationServiceBeanHomeImpl_WLStub.create(U
  serInformationServiceBeanHomeImpl_WLStub.java:151)
  at
  com.unitor.message.server.UserInformationServiceBeanHomeImpl_ServiceStub.cre
  ate(UserInformationServiceBeanHomeImpl_ServiceStub.java:121)
  at
  com.unitor.message.beans.gui.MessageLogic.getUserInformationService(MessageL
  ogic.java:230)
  at
  com.unitor.message.beans.gui.MessageLogic.addUserInformation(MessageLogic.ja
  va:186)
  at com.unitor.message.beans.gui.MessageLogic.<init>(MessageLogic.java:104)
  at
  com.unitor.message.beans.gui.MessageApplication.internalStartApplication(Mes
  sageApplication.java:64)
  at
  com.unitor.ifs.util.gui.UnitorApplication.startApplication(UnitorApplication
  .java:167)
  at
  com.unitor.ifs.util.gui.DesktopApplication$ApplicationLoader.run(DesktopAppl
  ication.java:676)
  at
  com.unitor.ifs.util.gui.DesktopApplication.startApplication(DesktopApplicati
  on.java:303)
  at
  com.unitor.ifs.util.gui.UnitorDesktopAppStarter$SwingEventCall.run(UnitorDes
  ktopAppStarter.java:294)
  at java.awt.event.InvocationEvent.dispatch(Unknown Source)
  at java.awt.EventQueue.dispatchEvent(Unknown Source)
  at java.awt.EventDispatchThread.pumpOneEventForHierarchy(Unknown Source)
  at java.awt.EventDispatchThread.pumpEventsForHierarchy(Unknown Source)
  at java.awt.EventDispatchThread.pumpEvents(Unknown Source)
  at java.awt.EventDispatchThread.run(Unknown Source)
  The strange thing is that I can connect to my server if I run the client on
  NT4 !!!
  I solved the problem by modifying my local java.policy file with the
  following settings:
  // Test with HTTP tunnelling. 18.10.2001
  [email protected]
  permission java.util.PropertyPermission "proxyHost", "read";
  permission java.util.PropertyPermission "proxyPort", "read";
  permission java.util.PropertyPermission "http.proxyHost", "read";
  permission java.util.PropertyPermission "http.proxyPort", "read";
  permission java.net.SocketPermission "*","connect,resolve";
  // Test with HTTP tunnelling. 18.10.2001
  [email protected]
  Have someone else experienced the same or similar problems ?
  How can I make sure that the client gets access to read the properties
  http.proxyHost, http.proxyPort, proxyHost and proxyPort without telling the
  users of the client application to modify their java.policy files ?
  Any leads will be greatly appreciated !
  Regards
  Sten Richard

  This is in reply to the first post. I don't know what happened after.
  Caused by: java.security.AccessControlException: access denied (java.util.PropertyPermission sun.arch.data.model read)
       at java.security.AccessControlContext.checkPermission(Unknown Source)
       at java.security.AccessController.checkPermission(Unknown Source)
       at java.lang.SecurityManager.checkPermission(Unknown Source)
       at java.lang.SecurityManager.checkPropertyAccess(Unknown Source)
       at java.lang.System.getProperty(Unknown Source)
       at org.eclipse.swt.internal.Library.loadLibrary(Library.java:167)
       at org.eclipse.swt.internal.Library.loadLibrary(Library.java:151)
       at org.eclipse.swt.internal.C.<clinit>(C.java:21)
  If you read the above trace from bottom to top, it shows none of you classes, only classes from that Eclipse library, which seems to loadLibrary() a native DLL. In order to do this, it needs to call System.getProperty( "sun.arch.data.model" ). This call is not allowed from un unsigned applet. So I guess you need to sign the applet and this problem will go away. Many other problems may follow. Just read very very carefully all the related documentation, which I did not.

• Applet Error:java.security.AccessControlException: access denied

  Hi,
  I just successful deploy an business component project to oralce 8.1.6 as an EJB Session bean, and
  the test of application module is successful. In the same workspace, I create an new project with
  an applet(which contains only an grid control)as a client of the business component. Everything works
  fine within the Applet viewer, however, when I trying to load the applet in IE5.5 I got the following
  error message in java console:
  Java(TM) Plug-in
  Using JRE version 1.2.1
  User home directory = D:\Documents and Settings\ERic
  Proxy Configuration: no proxy
  JAR cache enabled.
  Failed to query environment: 'access denied (java.util.PropertyPermission jbo.debugoutput read)'
  Diagnostics: Silencing all diagnostic output (use -Djbo.debugoutput=console to see it)
  Failed to query environment: 'access denied (java.util.PropertyPermission jbo.logging.show.timing read)'
  Failed to query environment: 'access denied (java.util.PropertyPermission jbo.logging.show.function read)'
  Failed to query environment: 'access denied (java.util.PropertyPermission jbo.logging.show.level read)'
  Failed to query environment: 'access denied (java.util.PropertyPermission jbo.logging.show.linecount read)'
  Failed to query environment: 'access denied (java.util.PropertyPermission jbo.logging.trace.threshold read)'
  Failed to query environment: 'access denied (java.util.PropertyPermission jbo.jdbc.driver.verbose read)'
  java.lang.ExceptionInInitializerError: java.security.AccessControlException: access denied (java.util.PropertyPermission org.omg.CORBA.ORBClass read)
  at java.security.AccessControlContext.checkPermission(Compiled Code)
  at oracle.aurora.jndi.orb_dep.Orb.<clinit>(Orb.java:24)
  at oracle.aurora.jndi.sess_iiop.sess_iiopURLContext.<clinit>(sess_iiopURLContext.java:9)
  at javax.naming.spi.NamingManager.getURLObject(NamingManager.java:588)
  at javax.naming.spi.NamingManager.getURLContext(NamingManager.java:537)
  at javax.naming.InitialContext.getURLOrDefaultInitCtx(InitialContext.java:274)
  at javax.naming.InitialContext.lookup(InitialContext.java:349)
  at oracle.jbo.client.remote.ejb.aurora.AuroraEJBAmHomeImpl.connectToService(AuroraEJBAmHomeImpl.java:179)
  at oracle.jbo.client.remote.ejb.aurora.AuroraEJBAmHomeImpl.createSession(AuroraEJBAmHomeImpl.java:152)
  at oracle.jbo.client.remote.ejb.aurora.AuroraEJBAmHomeImpl.initRemoteHome(AuroraEJBAmHomeImpl.java:123)
  at oracle.jbo.client.remote.ejb.aurora.AuroraEJBAmHomeImpl.<init>(AuroraEJBAmHomeImpl.java:59)
  at oracle.jbo.client.remote.ejb.aurora.AuroraEJBInitialContext.createJboHome(AuroraEJBInitialContext.java:47)
  at oracle.jbo.common.JboInitialContext.lookup(JboInitialContext.java:72)
  at javax.naming.InitialContext.lookup(InitialContext.java:349)
  at oracle.dacf.dataset.SessionInfo._createAppModule(SessionInfo.java:2330)
  at oracle.dacf.dataset.SessionInfo.connect(SessionInfo.java:1799)
  at oracle.dacf.dataset.SessionInfo.openProducerObject(SessionInfo.java:1848)
  at oracle.dacf.dataset.ProducerObject.open(ProducerObject.java:94)
  at oracle.dacf.dataset.SessionInfo.publishSession(SessionInfo.java:1305)
  at oracle.dacf.dataset.SessionInfo.publishSession(SessionInfo.java:1287)
  at broadcastapplet.myBroadCastApplet.init(myBroadCastApplet.java:70)
  at sun.applet.AppletPanel.run(Compiled Code)
  at java.lang.Thread.run(Thread.java:479)
  The Oracle 8.1.6 runs on Win2000, I put the JAR & related zip files in the same machine's IIS webserver.
  Is anyone can help?
  ERic

  Hi Shaji,
  Are you calling a webservice from within an Xacute Query for your applet?  On first glance, it looks like a web service call is being rejected due to security permissions.  If you have a webservice call (or HTTP post/get), can you test it separately with the same credentials as the webpage is using?
  Regards,
  Mike

• Java.security..AccesscontrolException: access denied (java.util.PropertyP..

  I am trying to access the Cisco PIX device manager to get access to my firewall, but get the error message above when trying to start the applet: Is this a bug? Thankful for any input! See the Java concole output below:
  Java Plug-in 1.5.0_06
  Using JRE version 1.5.0_06 Java HotSpot(TM) Client VM
  User home directory = C:\Documents and Settings\Kari
  c: clear console window
  f: finalize objects on finalization queue
  g: garbage collect
  h: display this help message
  l: dump classloader list
  m: print memory usage
  o: trigger logging
  p: reload proxy configuration
  q: hide console
  r: reload policy configuration
  s: dump system and deployment properties
  t: dump thread list
  v: dump thread stack
  x: clear classloader cache
  0-5: set trace level to <n>
  Requesting URL: https://10.1.1.1/jploader.jar
  java.security.AccessControlException: access denied (java.util.PropertyPermission java.version read)
       at java.security.AccessControlContext.checkPermission(Unknown Source)
       at java.security.AccessController.checkPermission(Unknown Source)
       at java.lang.SecurityManager.checkPermission(Unknown Source)
       at java.lang.SecurityManager.checkPropertyAccess(Unknown Source)
       at java.lang.System.getProperty(Unknown Source)
       at com.cisco.pdm.e.c.q(Unknown Source)
       at com.cisco.pdm.e.c.h(Unknown Source)
       at com.cisco.pdm.a.byte(Unknown Source)
       at com.cisco.pdm.PDMApplet.start(Unknown Source)
       at com.cisco.nm.util.sgz.Env.start(Env.java:37)
       at com.cisco.nm.util.sgz.Loader.start(Loader.java:109)
       at sun.applet.AppletPanel.run(Unknown Source)
       at java.lang.Thread.run(Unknown Source)

  I had the same problem trying to open a Pix 506e through Internet Explorer.
  After downloading and installing and uninstalling again differt versions; the working solution for me was version JRE 1.4.2_07
  Be sure to download the 07, other versions of the 1.4.2 were not working!

• Java.security.AccessControlException: access denied ( CredentialAccessPermi

  Hello,
  I am using JDev 11g TP4 for WCS (web center). I just created an application using WebCenter template and added a new page with only Output text. I tried to run it, I got the following error:
  SEVERE: Server start failed processing configuration
  java.security.AccessControlException: access denied ( CredentialAccessPermission credstoressp.credstore.default.systemuser read)
  at java.security.AccessControlContext.checkPermission(AccessControlContext.java:264)
  at java.security.AccessController.checkPermission(AccessController.java:427)
  at oracle.security.jps.util.JpsAuth$AuthorizationMechanism$3.checkPermission(JpsAuth.java:256)
  at oracle.security.jps.util.JpsAuth$Diagnostic.checkPermission(JpsAuth.java:180)
  at oracle.security.jps.util.JpsAuth$AuthorizationMechanism$6.checkPermission(JpsAuth.java:280)
  at oracle.security.jps.util.JpsAuth.checkPermission(JpsAuth.java:315)
  at oracle.security.jps.util.JpsAuth.checkPermission(JpsAuth.java:338)
  at oracle.security.jps.internal.credstore.util.CsfUtil.checkPermission(CsfUtil.java:527)
  at oracle.security.jps.internal.credstore.ssp.SspCredentialStore.getCredential(SspCredentialStore.java:420)
  at oracle.security.jps.fmw.util.JpsFmwUtil.makeJpsSystemUser(JpsFmwUtil.java:221)
  at oracle.security.jps.fmw.JpsUserManager.initSystemUser(JpsUserManager.java:270)
  at oracle.security.jps.fmw.JpsUserManager.init(JpsUserManager.java:238)
  at oracle.security.jps.fmw.JpsUserManager.<init>(JpsUserManager.java:250)
  at oracle.security.jps.fmw.JpsUserManagerFactory$JpsUserManagerFactoryI.create(JpsUserManagerFactory.java:257)
  at com.evermind.server.deployment.UserManagerConfig$JAZN.construct(UserManagerConfig.java:635)
  at com.evermind.server.deployment.UserManagerConfig.delegatee(UserManagerConfig.java:253)
  at com.evermind.security.IndirectUserManager.getAdminUser(IndirectUserManager.java:126)
  at com.evermind.security.IndirectUserManager.getAdminUser(IndirectUserManager.java:126)
  at com.evermind.server.XMLApplicationServerConfig.setPassword(XMLApplicationServerConfig.java:3170)
  at com.evermind.server.XMLApplicationServerConfig.<init>(XMLApplicationServerConfig.java:246)
  at com.evermind.server.ApplicationServer.createConfig(ApplicationServer.java:661)
  at oracle.oc4j.server.ServerFactory$Worker.prepareConfig(ApplicationServerFactory.java:225)
  at oracle.oc4j.server.ServerFactory$Worker.start(ApplicationServerFactory.java:244)
  at oracle.oc4j.server.ServerFactory$Worker.run(ApplicationServerFactory.java:259)
  at java.lang.Thread.run(Thread.java:595)
  Jun 2, 2008 2:35:36 PM oracle.oc4j.util.SystemLog logNoStack
  SEVERE: Server exiting: ApplicationServer entered state FAILED_IN_CONFIG
  Anybody has experienced this before? Workaround?
  Thanks.

  I think I figured this out. Since I installed the TP4, I used this for developing other apps without WC enabled. I noticed that when I started JDev for the first time, it creates the embedded server (?) in a directory you specified in JDEV_USER_DIR env var automatically. When I changed my TP4 to use WC, the required libraries, etc. were not copied or built for WC. I think this caused the problem I had. By closing JDev and deleting the created embedded server and restarting JDev, it solved my problem.
  For TP4, the server directory looks like:
  system11.1.1.0.22.49.49
  I hope this will be useful for others that experience the same problem that I had.

• Java.security.AccessControlException: access denied (java.lang.RuntimePerm

  Hi, I am receiving the following error when I attempt to add a crypto provider.
  java.lang.ExceptionInInitializerError
       at sun.reflect.NativeConstructorAccessorImpl.newInstance0(Native Method)
       at sun.reflect.NativeConstructorAccessorImpl.newInstance(Unknown Source)
       at sun.reflect.DelegatingConstructorAccessorImpl.newInstance(Unknown Source)
       at java.lang.reflect.Constructor.newInstance(Unknown Source)
       at java.lang.Class.newInstance0(Unknown Source)
       at java.lang.Class.newInstance(Unknown Source)
       at sun.security.jca.ProviderConfig$3.run(Unknown Source)
       at java.security.AccessController.doPrivileged(Native Method)
       at sun.security.jca.ProviderConfig.doLoadProvider(Unknown Source)
       at sun.security.jca.ProviderConfig.getProvider(Unknown Source)
       at sun.security.jca.ProviderList.loadAll(Unknown Source)
       at sun.security.jca.ProviderList.removeInvalid(Unknown Source)
       at sun.security.jca.Providers.getFullProviderList(Unknown Source)
       at java.security.Security.removeProvider(Unknown Source)
       at com.gro.applet.GROAuthenticateApplet$2.run(GROAuthenticateApplet.java:192)
       at java.security.AccessController.doPrivileged(Native Method)
       at com.gro.applet.GROAuthenticateApplet.validateUser(GROAuthenticateApplet.java:181)
       at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
       at sun.reflect.NativeMethodAccessorImpl.invoke(Unknown Source)
       at sun.reflect.DelegatingMethodAccessorImpl.invoke(Unknown Source)
       at java.lang.reflect.Method.invoke(Unknown Source)
       at sun.plugin.javascript.JSInvoke.invoke(Unknown Source)
       at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
       at sun.reflect.NativeMethodAccessorImpl.invoke(Unknown Source)
       at sun.reflect.DelegatingMethodAccessorImpl.invoke(Unknown Source)
       at java.lang.reflect.Method.invoke(Unknown Source)
       at sun.plugin.javascript.JSClassLoader.invoke(Unknown Source)
       at sun.plugin.com.MethodDispatcher.invoke(Unknown Source)
       at sun.plugin.com.DispatchImpl.invokeImpl(Unknown Source)
       at sun.plugin.com.DispatchImpl$1.run(Unknown Source)
       at java.security.AccessController.doPrivileged(Native Method)
       at sun.plugin.com.DispatchImpl.invoke(Unknown Source)
  Caused by: java.security.AccessControlException: access denied (java.lang.RuntimePermission loadLibrary.sunmscapi)
       at java.security.AccessControlContext.checkPermission(Unknown Source)
       at java.security.AccessController.checkPermission(Unknown Source)
       at java.lang.SecurityManager.checkPermission(Unknown Source)
       at java.lang.SecurityManager.checkLink(Unknown Source)
       at java.lang.Runtime.loadLibrary0(Unknown Source)
       at java.lang.System.loadLibrary(Unknown Source)
       at sun.security.mscapi.SunMSCAPI$1.run(SunMSCAPI.java:34)
       at java.security.AccessController.doPrivileged(Native Method)
       at sun.security.mscapi.SunMSCAPI.<clinit>(SunMSCAPI.java:32)
       ... 32 more
  java.lang.Exception: java.lang.ExceptionInInitializerError
       at sun.plugin.com.DispatchImpl.invokeImpl(Unknown Source)
       at sun.plugin.com.DispatchImpl$1.run(Unknown Source)
       at java.security.AccessController.doPrivileged(Native Method)
       at sun.plugin.com.DispatchImpl.invoke(Unknown Source)I read somewhere that it is "Due to an additional dll that needs to be loaded for the Sun Java SE 6 JVM we get an exception during initialization"
  Does anyone have any other information on this bug?

  I have just bumped into this with a Webstart application.
  It seems to happen only on certain machines.
  Is there a solution to this problem?

• Not getting planning Applications when Log on Work space

  Hi Dear Experts,
  when log on Workspace to access Planning:
  its show showing
  Navigate ->Administration->User management
  instead if Select Navigate > Applications > Planning
  and iam not getting planning Applications when Log on Work space
  I have Just Installed Essbase and Planning into my machine .. and i have opened work space area and
  and i tried to create first application by using the following URL
  http://localhost:8300/HyperionPlanning/AppWizard.jsp
  iam getting not able create first application..
  can you please guide me how can i work with planing applications..
  thanks in advance
  Kishore

  Hi Kishore.
  From config utility, did you create an instance before trying to access.
  I mean "product instance registration" and "data source configuration"
  You can find it in the installation doc
  Sandeep Reddy Enti
  HCC
  http://analytiks.blogspot.com

• Can't solve problem with AccessControlException:access denied

  i am trying to develop an applet. a button is place to open file from the local system. before i have done this, the applet work perfectly fine, and after i have written a class for file reader and some methods in the applet class, it doesn't function probably. when the applet is being loaded, an error message say java.security.AccessControlException:access denied. i am not sure whether it is because i have tried to pass the class itself into other class as mark with **** below.
  many thanks for your help.
  tim
  ============================================
  public class TSP extends Applet implements ActionListener, MouseListener{
  public void actionPerformed(ActionEvent e){
  if(e.getSource() == inputFile && openFile()){
  //do whatever i want
  public boolean openFile() {
  //open the file chooser
  int returnVal = fChooser.showOpenDialog(TSP.this);
  if (returnVal == JFileChooser.APPROVE_OPTION) {
  tspSF = fChooser.getSelectedFile();
  System.out.println(tspSF.getName()+" is chosen");
  **** inputFile = new Input(this, errHandler);
  inputFile.readandinputdata(tspSF);
  return true;
  else return false;
  public init(){......}
  ==========================================
  public class Input{
  public Input(TSP tsp, ErrHandler errHandler){
  **** this.tsp = tsp;
  this.errHandler = errHandler;
  // method readandinputdata
  public void readandinputdata(File tspSF){
  try {
  input = new BufferedReader(new FileReader(tspSF));
  catch....
  try {
  //read in the first line
  data = input.readLine();
  while (data != null){
  st = new StringTokenizer(data);
  nodeNumber = tokenChanger.parseInt(st.nextToken());
       x = tokenChanger.parseInt(st.nextToken());
       y = tokenChanger.parseInt(st.nextToken());
       //store the x and y with some method in TSP class
  **** tsp.storeNodes(x, y);
       // read next time                    
       data = input.readLine();     
  }// end of while data != null
  closeFile();
  } // end of second scan
  catch.....
  }//end of readandinoputdata
  }

  Go to the MSDOS command prompt.
  Type in policytool.exe.
  This will bring up the .java.policy file.
  If not recognized do a search for policytool.exe.
  Backup your .java.policy file first.
  Edit the .java.policy file or credit a new one for your application.
  Codebase: "http://65.33.143.92/mydirectory/" which is
  C:\Inetpub\wwwroot\mydirectory or
  Codebase: file:///inetpub/wwwroot/mydirectory.
  I'm not sure about the Windows syntax.
  Add the permissions that you need.
  Then save the file.

• User settings to access network when logged on as service/batch

  Hi.
  We have been running Oracle Remote Agent (running external jobs on other host) on some linux-distros and have now started to do it on Windows as well.
  But when we have setup everything properly, we get an 'Access denied' when trying to access the network from the Remote Host.
  The way it works, in the database, you set up a credential with a user name and password. This information is then sent to the ETL (Remote Agent) which then starts the process as the user supplied in credentials.
  So the service it self is running as Local Service and then starts a process as another user. Technically, how this is done on Windows I don't know...
  Anyhow, the process starts fine and if we are not trying to access the network, it works fine.
  But as soon as we are trying to access a network share using UNC path (\\192.168.1.10\share\directory), we get an 'Acces is denied'
  The user we are using is an administrator. When doing a desktop login, this user can access the share without any problem.
  Is there any other settings/policy/property the user must have to be able to access the network when logged on but not from the desktop?
  Cheers
  Richard

  Have you checked the security logs on 192.168.1.10?
  You should see the entries showing what account is attempting to log on through a network connect.  You may need to grant the User Right for "Allow Access from Network" and you may be having basic folder permission errors.
  I'm curious if the process is using the machine account to hit the share or if it's the user account you're starting the process with.
  Chris Ream

• Re: java.security.AccessControlException: access denied (java.util.PropertyPermission weblogic.kernel.allowQueueThrottling read)

  This looks like it might be a bug in 6.1SP5,
            weblogic/kernel/Kernel.java at line 85.
            It's trying to do the right thing to ignore an exception if in
            an applet but it's ignoring the wrong exception
            (SecurityException, when it looks like the stack
            trace is throwing a java.security.AccessControlException).
            If you need a fix, this would need to go through support
            and be filed as a problem with WLS Core.
            "Ram Gopal" <[email protected]> wrote in message
            news:[email protected]...
            >
            > We are in the process of migrating from Weblogic 6.1 SP2 to SP5. We have
            an applet
            > that subscribes to a JMS Topic.
            > The applet is throwing the following exception with SP5:
            >
            > java.lang.ExceptionInInitializerError:
            java.security.AccessControlException: access
            > denied (java.util.PropertyPermission weblogic.kernel.allowQueueThrottling
            read)
            >
            > at java.security.AccessControlContext.checkPermission(Unknown Source)
            >
            > at java.security.AccessController.checkPermission(Unknown Source)
            >
            > at java.lang.SecurityManager.checkPermission(Unknown Source)
            >
            > at java.lang.SecurityManager.checkPropertyAccess(Unknown Source)
            >
            > at java.lang.System.getProperty(Unknown Source)
            >
            > at weblogic.kernel.Kernel.initAllowThrottleProp(Kernel.java:79)
            >
            > at weblogic.kernel.Kernel.<clinit>(Kernel.java:54)
            >
            > at
            weblogic.jndi.WLInitialContextFactoryDelegate.<init>(WLInitialContextFactory
            Delegate.java:166)
            >
            > at java.lang.Class.newInstance0(Native Method)
            >
            > at java.lang.Class.newInstance(Unknown Source)
            >
            > at
            weblogic.jndi.WLInitialContextFactory.getInitialContext(WLInitialContextFact
            ory.java:147)
            >
            > at javax.naming.spi.NamingManager.getInitialContext(Unknown Source)
            >
            > at javax.naming.InitialContext.getDefaultInitCtx(Unknown Source)
            >
            > at javax.naming.InitialContext.init(Unknown Source)
            >
            > at javax.naming.InitialContext.<init>(Unknown Source)
            >
            > at
            com.fedex.efm.frontend.model.JMSMessageProcessor.<init>(JMSMessageProcessor.
            java:266)
            >
            > at
            com.fedex.efm.frontend.view.EFMAbstractApplet.startMessageProcessor(EFMAbstr
            actApplet.java:81)
            >
            > at
            com.fedex.efm.frontend.view.EFMAbstractApplet.start(EFMAbstractApplet.java:1
            87)
            >
            > at com.fedex.efm.frontend.view.EFMApplet.start(EFMApplet.java:430)
            >
            > at sun.applet.AppletPanel.run(Unknown Source)
            >
            > at java.lang.Thread.run(Unknown Source)
            >
            >
            > Any ideas as to what I am missing?
            >
            > Thanks,
            > Ram
            

  I suggest going through customer support, I don't know what
            the resolution was. You might also try the security newsgroup,
            as no JMS code has been called by the application yet at
            the point the exception is thrown.
            Tom
            lee wrote:
            > All:
            > We are upgrading weblogic 6.0 to weblogic 6.1 and encounted exactly the same error. Just wondering if you guys were able to fix the issue with bea.
            >
            > Your response is highly appreciated.
            >
            > Thanks!
            >
            > Li