JDK-6611565 : AccessControlException when executing signed applets
  • Type: Bug
  • Component: deploy
  • Sub-Component: plugin
  • Affected Version: 6u2
  • Priority: P3
  • Status: Closed
  • Resolution: Duplicate
  • OS: windows_xp
  • CPU: x86
  • Submitted: 2007-10-01
  • Updated: 2010-04-04
  • Resolved: 2007-10-04
Related Reports
Duplicate :  
Description
We have two signed applets embedded in one webpage, and when trying to access this webpage, occasionally we meet with security issues on both IE6 and FireFox. We did not see this problem on JREs 1.4.2 and 1.5.

This is a trace:                                                         

security: Checking if certificate is in Deployment denied certificate store
security: Checking if certificate is in Deployment denied certificate store
security: Checking if certificate is in Deployment permanent certificate store
security: Checking if certificate is in Deployment permanent certificate store
java.security.AccessControlException: access denied (java.util.PropertyPermission user.home read)                            
 at java.security.AccessControlContext.checkPermission(Unknown Source)   
 at java.security.AccessController.checkPermission(Unknown Source)       
 at java.lang.SecurityManager.checkPermission(Unknown Source)            
 at java.lang.SecurityManager.checkPropertyAccess(Unknown Source)        
 at java.lang.System.getProperty(Unknown Source)                         
 at com.ibm.asm.remotedisk.ClientInterface.setWorkingDir(Unknown Source)                                                                        
 at com.ibm.asm.remotedisk.ClientInterface.setClientEnv(Unknown Source)  
 at com.ibm.asm.remotedisk.RemoteDisk.init(Unknown Source)               
 at sun.applet.AppletPanel.run(Unknown Source)                           
 at java.lang.Thread.run(Unknown Source)
                                  
basic: Exception: java.security.AccessControlException: access denied (java.util.PropertyPermission user.home read)
java.security.AccessControlException: access denied (java.util.PropertyPermission user.home read)                            
 at java.security.AccessControlContext.checkPermission(Unknown Source)   
 at java.security.AccessController.checkPermission(Unknown Source)       
 at java.lang.SecurityManager.checkPermission(Unknown Source)            
 at java.lang.SecurityManager.checkPropertyAccess(Unknown Source)        
 at java.lang.System.getProperty(Unknown Source)                         
 at com.ibm.asm.remotedisk.ClientInterface.setWorkingDir(Unknown Source)
 at com.ibm.asm.remotedisk.ClientInterface.setClientEnv(Unknown Source)  
 at com.ibm.asm.remotedisk.RemoteDisk.init(Unknown Source)               
 at sun.applet.AppletPanel.run(Unknown Source)                           
 at java.lang.Thread.run(Unknown Source)                                 
                                                                         
Recreation instructions:
                                          
1. Disable JRE cache, delete certificate                                 
2. Open the webpag and choose always permit certificate on the security  
   popup                                                                    
3. Close all browser windows, open webpage again                         
4. You may encounter the problem. If not, repeat step 3.                 

We did not see this behavior on JRE 1.4.2 and 1.5.                                                                     
                                                                         
This problem seriously impacts customers using our product with Java 6.