History | Log In     View a printable version of the current page.  
Issue Details (XML | Word | Printable)

Key: JANINO-104
Type: Bug Bug
Status: Resolved Resolved
Resolution: Fixed
Priority: Major Major
Assignee: Arno Unkrig
Reporter: Mohammad Rezaei
Votes: 0
Watchers: 0
Operations

If you were logged in you would be able to see more operations.
Janino

AccessControlException thrown with Janino compiled code under Java Webstart

Created: 18/Oct/07 09:47 PM   Updated: 20/Dec/07 02:33 PM
Component/s: None
Affects Version/s: None
Fix Version/s: 2.5.12

Time Tracking:
Not Specified

Environment: Janino 2.5.9, Java Webstart, jnlp file includes all-permissions

Patch Submitted: Yes


 Description  « Hide
Under webstart, Janino compiled code does not inherit the protection domain of the current code and causes the SecurityManager to throw AccessControlException when doing something non-trivial, e.g. network access.

The same bug was found and fixed in Jel recently. The original report is here:
http://www.nabble.com/-Help-jel--java.security.AccessControlException-t4579923.html

The fix is a one-liner. When calling defineClass, the protection domain must be specified. In the Janino codebase 2.5.9, ByteArrayClassLoader, line 87 should be changed to add an extra parameter:

return super.defineClass(
name,
data, 0, data.length,
this.getClass().getProtectionDomain() // add this line
);

The original Jel report includes a nice test case.



 All   Comments   Work Log   Change History      Sort Order: Ascending order - Click to sort in descending order
Arno Unkrig - 20/Dec/07 02:33 PM
Done; please test.