FULL PRODUCT VERSION : Java Plug-in 11.31.2.13 Using JRE version 1.8.0_31-b13 Java HotSpot(TM) Client VM ADDITIONAL OS VERSION INFORMATION : Microsoft Windows [Version 6.1.7601] A DESCRIPTION OF THE PROBLEM : The problem occurs with RMI Calls within an applet that uses RMI codebase. The RMI downloaded code runs in the sandbox: The host where the RMI server runs is the same as the host of the codebase. In this scenario the AccessControlException (see below) occurs when the deployment cache is already populated. After clearing the cache everythings works fine for one browser session. With previous Java Version (e. g. 1.8.0_25) this problem doesn't appear. CacheEntry[http://192.168.35.165:44066/jar/device/msr/jpos/chyjpos/chyjpos-service-dl.jar]: updateAvailable=false,lastModified=Thu Jan 01 01:00:00 CET 1970,length=288352 CacheEntry[http://192.168.35.165:44066/jar/device/cdm/cashpro/kbacashpro4-service-dl.jar]: updateAvailable=false,lastModified=Thu Jan 01 01:00:00 CET 1970,length=463931 java.security.AccessControlException: access denied ("java.io.FilePermission" "C:\Users\dea\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\59\3c5d5a3b-6d8e48ab" "read") at java.security.AccessControlContext.checkPermission(Unknown Source) at java.security.AccessController.checkPermission(Unknown Source) at java.lang.SecurityManager.checkPermission(Unknown Source) at sun.plugin2.applet.AWTAppletSecurityManager.checkPermission(Unknown Source) at java.lang.SecurityManager.checkRead(Unknown Source) at java.util.zip.ZipFile.<init>(Unknown Source) at java.util.zip.ZipFile.<init>(Unknown Source) at java.util.jar.JarFile.<init>(Unknown Source) at java.util.jar.JarFile.<init>(Unknown Source) at com.sun.deploy.security.EnhancedJarVerifier.validate(Unknown Source) at com.sun.deploy.cache.CacheEntry.getJarSigningData(Unknown Source) at com.sun.deploy.cache.CachedJarFile.getSigningData(Unknown Source) at com.sun.deploy.cache.CachedJarFile$JarFileEntry.getCodeSigners(Unknown Source) at sun.misc.URLClassPath$JarLoader$2.getCodeSigners(Unknown Source) at java.net.URLClassLoader.defineClass(Unknown Source) at java.net.URLClassLoader.access$100(Unknown Source) at java.net.URLClassLoader$1.run(Unknown Source) at java.net.URLClassLoader$1.run(Unknown Source) at java.security.AccessController.doPrivileged(Native Method) at java.net.URLClassLoader.findClass(Unknown Source) at java.lang.ClassLoader.loadClass(Unknown Source) at sun.rmi.server.LoaderHandler$Loader.loadClass(Unknown Source) at java.lang.ClassLoader.loadClass(Unknown Source) at java.lang.Class.forName0(Native Method) at java.lang.Class.forName(Unknown Source) at sun.rmi.server.LoaderHandler.loadClassForName(Unknown Source) at sun.rmi.server.LoaderHandler.loadClass(Unknown Source) at sun.rmi.server.LoaderHandler.loadClass(Unknown Source) at java.rmi.server.RMIClassLoader$2.loadClass(Unknown Source) at com.sun.deploy.util.DeployRMIClassLoaderSpi.loadClass(Unknown Source) at java.rmi.server.RMIClassLoader.loadClass(Unknown Source) at sun.rmi.server.MarshalInputStream.resolveClass(Unknown Source) at java.io.ObjectInputStream.readNonProxyDesc(Unknown Source) at java.io.ObjectInputStream.readClassDesc(Unknown Source) at java.io.ObjectInputStream.readOrdinaryObject(Unknown Source) at java.io.ObjectInputStream.readObject0(Unknown Source) at java.io.ObjectInputStream.readObject(Unknown Source) at java.rmi.MarshalledObject.get(Unknown Source) at com.sun.jini.reggie.Item.get(Item.java:122) at com.sun.jini.reggie.Item.toServiceItem(Item.java:158) at com.sun.jini.reggie.Matches.get(Matches.java:73) at com.sun.jini.reggie.RegistrarProxy.lookup(RegistrarProxy.java:102) at net.jini.lookup.ServiceDiscoveryManager.lookup(Unknown Source) at com.rubean.drubeans.app.device.discovery.impl.DeviceDiscovererImpl$InitialLookupTask.run(Unknown Source) at com.sun.jini.thread.TaskManager$TaskThread.run(Unknown Source) REGRESSION. Last worked in version 8u25 STEPS TO FOLLOW TO REPRODUCE THE PROBLEM : Perform Jini Service Discovery with Services offering service objects via RMI downloadable code. EXPECTED VERSUS ACTUAL BEHAVIOR : EXPECTED - Service Proxy Object is loaded correctly. ACTUAL - AccessControlException during class loading. ERROR MESSAGES/STACK TRACES THAT OCCUR : CacheEntry[http://192.168.35.165:44066/jar/device/msr/jpos/chyjpos/chyjpos-service-dl.jar]: updateAvailable=false,lastModified=Thu Jan 01 01:00:00 CET 1970,length=288352 CacheEntry[http://192.168.35.165:44066/jar/device/cdm/cashpro/kbacashpro4-service-dl.jar]: updateAvailable=false,lastModified=Thu Jan 01 01:00:00 CET 1970,length=463931 java.security.AccessControlException: access denied ("java.io.FilePermission" "C:\Users\dea\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\59\3c5d5a3b-6d8e48ab" "read") at java.security.AccessControlContext.checkPermission(Unknown Source) at java.security.AccessController.checkPermission(Unknown Source) at java.lang.SecurityManager.checkPermission(Unknown Source) at sun.plugin2.applet.AWTAppletSecurityManager.checkPermission(Unknown Source) at java.lang.SecurityManager.checkRead(Unknown Source) at java.util.zip.ZipFile.<init>(Unknown Source) at java.util.zip.ZipFile.<init>(Unknown Source) at java.util.jar.JarFile.<init>(Unknown Source) at java.util.jar.JarFile.<init>(Unknown Source) at com.sun.deploy.security.EnhancedJarVerifier.validate(Unknown Source) at com.sun.deploy.cache.CacheEntry.getJarSigningData(Unknown Source) at com.sun.deploy.cache.CachedJarFile.getSigningData(Unknown Source) at com.sun.deploy.cache.CachedJarFile$JarFileEntry.getCodeSigners(Unknown Source) at sun.misc.URLClassPath$JarLoader$2.getCodeSigners(Unknown Source) at java.net.URLClassLoader.defineClass(Unknown Source) at java.net.URLClassLoader.access$100(Unknown Source) at java.net.URLClassLoader$1.run(Unknown Source) at java.net.URLClassLoader$1.run(Unknown Source) at java.security.AccessController.doPrivileged(Native Method) at java.net.URLClassLoader.findClass(Unknown Source) at java.lang.ClassLoader.loadClass(Unknown Source) at sun.rmi.server.LoaderHandler$Loader.loadClass(Unknown Source) at java.lang.ClassLoader.loadClass(Unknown Source) at java.lang.Class.forName0(Native Method) at java.lang.Class.forName(Unknown Source) at sun.rmi.server.LoaderHandler.loadClassForName(Unknown Source) at sun.rmi.server.LoaderHandler.loadClass(Unknown Source) at sun.rmi.server.LoaderHandler.loadClass(Unknown Source) at java.rmi.server.RMIClassLoader$2.loadClass(Unknown Source) at com.sun.deploy.util.DeployRMIClassLoaderSpi.loadClass(Unknown Source) at java.rmi.server.RMIClassLoader.loadClass(Unknown Source) at sun.rmi.server.MarshalInputStream.resolveClass(Unknown Source) at java.io.ObjectInputStream.readNonProxyDesc(Unknown Source) at java.io.ObjectInputStream.readClassDesc(Unknown Source) at java.io.ObjectInputStream.readOrdinaryObject(Unknown Source) at java.io.ObjectInputStream.readObject0(Unknown Source) at java.io.ObjectInputStream.readObject(Unknown Source) at java.rmi.MarshalledObject.get(Unknown Source) at com.sun.jini.reggie.Item.get(Item.java:122) at com.sun.jini.reggie.Item.toServiceItem(Item.java:158) at com.sun.jini.reggie.Matches.get(Matches.java:73) at com.sun.jini.reggie.RegistrarProxy.lookup(RegistrarProxy.java:102) at net.jini.lookup.ServiceDiscoveryManager.lookup(Unknown Source) at com.rubean.drubeans.app.device.discovery.impl.DeviceDiscovererImpl$InitialLookupTask.run(Unknown Source) at com.sun.jini.thread.TaskManager$TaskThread.run(Unknown Source) REPRODUCIBILITY : This bug can be reproduced always.
|