This week's book giveaway is in the Cloud/Virtualizaton forum.
We're giving away four copies of Mesos in Action and have Roger Ignazio on-line!
See this thread for details.
Win a copy of Mesos in Action this week in the Cloud/Virtualizaton forum!
  • Post Reply
  • Bookmark Topic Watch Topic
  • New Topic

Using xstream with JWS

 
Aaron Roberts
Ranch Hand
Posts: 174
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
I've got an app that uses xstream (http://xstream.codehaus.org/) to serialize objects in and out for me. I can jar my application up and run it fine. When I try to deploy it using java web start, I get a security error.

Caused by: java.security.AccessControlException: access denied (java.lang.RuntimePermission accessDeclaredMembers)
at java.security.AccessControlContext.checkPermission(Unknown Source)
at java.security.AccessController.checkPermission(Unknown Source)
at java.lang.SecurityManager.checkPermission(Unknown Source)
at java.lang.SecurityManager.checkMemberAccess(Unknown Source)
at java.lang.Class.checkMemberAccess(Unknown Source)
at java.lang.Class.getDeclaredFields(Unknown Source)
at com.thoughtworks.xstream.core.JVM.<clinit>(JVM.java:24)

Has anyone used xstream with jws?

Thanks,
Aaron
 
Gregg Bolinger
GenRocket Founder
Ranch Hand
Posts: 15302
6
Chrome IntelliJ IDE Mac OS X
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
JWS apps run in the same security sandbox as applets run in. Are you serializing these objects to the file system? If so, you'll need to make sure ALL your JAR files used by JWS have been signed. Also, you'll need to specify access in your jnlp file as such:


Each application is, by default, run in a restricted execution environment, similar to the Applet sandbox. The security element can be used to request unrestricted access.

If the all-permissions element is specified, the application will have full access to the client machine and local network. If an application requests full access, then all JAR files must be signed. The user will be prompted to accept the certificate the first time the application is launched.


which is taken from the documentation here.
 
  • Post Reply
  • Bookmark Topic Watch Topic
  • New Topic