This week's book giveaway is in the Servlets forum.
We're giving away four copies of Murach's Java Servlets and JSP and have Joel Murach on-line!
See this thread for details.
The moose likes Java in General and the fly likes Weird Policy Sub-class result - why? Big Moose Saloon
  Search | Java FAQ | Recent Topics | Flagged Topics | Hot Topics | Zero Replies
Register / Login


Win a copy of Murach's Java Servlets and JSP this week in the Servlets forum!
JavaRanch » Java Forums » Java » Java in General
Bookmark "Weird Policy Sub-class result - why?" Watch "Weird Policy Sub-class result - why?" New topic
Author

Weird Policy Sub-class result - why?

Robert Paris
Ranch Hand

Joined: Jul 28, 2002
Posts: 585
I have subclassed java.security.Policy, and if I don't override the "implies" method, then everything works without a problem. However, when I override the implies method and do nothing more than a system.out.println, I get a NullPointerException. Why is this? I'm guessing it has something to do with my accessing the passed in domain/permission creating another call to permission checking. If this is the case, I have two questions:
1. Since my Policy implementation has to be loaded by the System classloader (in order to be loaded as the system policy), why would it check a permission on it?
2. How would I (in the policy file) access things without a check?
The error I get is:
[java] access: access allowed (java.lang.RuntimePermission getProtectionDomain)
[java] java.lang.NullPointerException
[java] at java.security.ProtectionDomain.mergePermissions(Unknown Source)
[java] at java.security.ProtectionDomain.toString(Unknown Source)
[java] at java.lang.String.valueOf(Unknown Source)
[java] at java.io.PrintStream.print(Unknown Source)
[java] at java.io.PrintStream.println(Unknown Source)
[java] at MyPolicy$1.run(Unknown Source)
[java] at java.security.AccessController.doPrivileged(Native Method)
[java] at MyPolicy.implies(Unknown Source)
[java] at java.security.ProtectionDomain.implies(Unknown Source)
[java] at java.security.AccessControlContext.checkPermission(Unknown Source)
[java] at java.security.AccessController.checkPermission(Unknown Source)
[java] at java.lang.SecurityManager.checkPermission(Unknown Source)
[java] at java.lang.Runtime.addShutdownHook(Unknown Source)
[java] at TestPolicy.main(Unknown Source)
[java] Exception in thread "main"
A few things:
1. The reason you see AccessController.doPrivileged is that I tried to get that to solve the problem - no luck.
2. You'll notice it gives me the permission to check the domain, but then throws the NullPointer anyways.
3. The NullPointerException is thrown when it's checking to see if you have permission to do something and you're checking for a null permission (ex: acc.checkPermission( null ) )
Anyone know why this is happening and how I can overcome it?
Robert Paris
Ranch Hand

Joined: Jul 28, 2002
Posts: 585
I figured it out! And wow, this needs to be checked carefully:
If someone created their own PermissionCollection implementation and the method elements() returns null, it'll throw a NullPointerException straight up through your Policy Object's implies class! So you have to catch that if you ever do anything with the stuff passed in to your methods.
 
I agree. Here's the link: http://aspose.com/file-tools
 
subject: Weird Policy Sub-class result - why?
 
Similar Threads
Endless Loop from Security Check
Probably a stupid question, the benefit of policy files?
Class Loaders & Permissions
File Permission Error
How make true Singleton, even if loaded by Class.forName?