JDom2 not usable within applet #93
Comments
|
OK, I can follow that this is a problem (I did not realize that System properties were a problem....). My question is "Where else broken?" I have searched for System.getProperty() and there are only a few places.... but, once I have fixed those, is there some way to test for other issues? |
Make access to this process a checked system.
|
Hi Robert. Can you please pull the 'fix' package from https://github.com/hunterhacker/jdom/downloads jdom-2.x-issue93.zip and also inspect the code changes. Perhaps you can test it all for us. Give us some feedback. Thanks It will take a month before I release 2.0.4.... Rolf |
|
hi rolf, i've just downloaded your changes and will give you feedback as soon as cu, Am 12.09.2012 13:20, schrieb Rolf:
Dipl.-Ing. Robert Eisner Groiss Informatics GmbH Phone: ++43 463 504694-11 FN 168125v LG Klagenfurt | UID ATU44898401 |
|
hi rolf, sorry, but i have no idea how to test for other problems in an applet It seems that code analysis is the only way to do that. Therefore oracle I hope this will help, Am 12.09.2012 12:43, schrieb Rolf:
Dipl.-Ing. Robert Eisner Groiss Informatics GmbH Phone: ++43 463 504694-11 FN 168125v LG Klagenfurt | UID ATU44898401 |
|
hi rolf, Thanks for your prompt fix, the new code looks good and works fine cu, Am 12.09.2012 13:20, schrieb Rolf:
Dipl.-Ing. Robert Eisner Groiss Informatics GmbH Phone: ++43 463 504694-11 FN 168125v LG Klagenfurt | UID ATU44898401 |
|
Issue resolved.... great. I will leave the jdom-2.x-issue93.zip package available for a while, but I don't want to release 2.0.4 until October at least.... I want to wait for 2.0.3 to get some more exposure first, and I don't consider this issue (#93) to be a massive showstopper (it's been broken since the very first 2.x build, and there's now the hotfix available). I will do the traditional JDOM 2.x "wait-a-while-in-case-something-else-shows-up" and if nothing else shows up, I will release 2.0.4 with this fix in October sometime. |
hi,
since jdom2 using jdom in an applet is not possible anymore because it accesses system properties for which the sandbox does not grant access. I found the following 2 cases:
Caused by: java.security.AccessControlException: access denied (java.util.PropertyPermission org.jdom2.output.LineSeparator read)
at java.security.AccessControlContext.checkPermission(Unknown Source)
at java.security.AccessController.checkPermission(Unknown Source)
at java.lang.SecurityManager.checkPermission(Unknown Source)
at java.lang.SecurityManager.checkPropertyAccess(Unknown Source)
at java.lang.System.getProperty(Unknown Source)
at org.jdom2.output.LineSeparator.getDefaultLineSeparator(LineSeparator.java:163)
at org.jdom2.output.LineSeparator.(LineSeparator.java:156)
... 22 more
Exception: java.lang.RuntimeException: java.lang.ExceptionInInitializerError
Caused by: java.security.AccessControlException: access denied (java.util.PropertyPermission org.jdom2.xpath.XPathFactory read)
at java.security.AccessControlContext.checkPermission(Unknown Source)
at java.security.AccessController.checkPermission(Unknown Source)
at java.lang.SecurityManager.checkPermission(Unknown Source)
at java.lang.SecurityManager.checkPropertyAccess(Unknown Source)
at java.lang.System.getProperty(Unknown Source)
at org.jdom2.xpath.XPathFactory.(XPathFactory.java:101)
... 22 more
Exception: java.lang.RuntimeException: java.lang.ExceptionInInitializerError
The problem is, that both calls of the System.getProperty(..) are made in the declaration of attributes of that classes.
I know that the permissions for the sandbox can be changed but that must be done by each user using that applet. Most users are not allowed to change that permissions by their company rules, so this is no possible solution in my case.
cu,
robert.
The text was updated successfully, but these errors were encountered: