File APIs for Java Developers
Manipulate DOC, XLS, PPT, PDF and many others from your application.
http://aspose.com/file-tools
The moose likes Websphere and the fly likes Java 2 Security Access denied Error Access denied (java.io.FilePermission write) Big Moose Saloon
  Search | Java FAQ | Recent Topics | Flagged Topics | Hot Topics | Zero Replies
Register / Login


Win a copy of Spring in Action this week in the Spring forum!
JavaRanch » Java Forums » Products » Websphere
Bookmark "Java 2 Security Access denied Error Access denied (java.io.FilePermission write)" Watch "Java 2 Security Access denied Error Access denied (java.io.FilePermission write)" New topic
Author

Java 2 Security Access denied Error Access denied (java.io.FilePermission write)

Rahulaiit kumar
Greenhorn

Joined: May 20, 2008
Posts: 4
Hi,

We are implementing Java 2 Secuirty on our Web application using WAS 6.1.

The Was.policy file is :-


grant codeBase "file:${application}" {
permission java.io.FilePermission "/C:/WINDOWS/TEMP/-", "read, write, delete";
};



grant codeBase "file:spring-2.0.2.jar" {
permission java.lang.RuntimePermission "getClassLoader";
permission java.util.PropertyPermission "*", "read";
permission java.io.FilePermission "<>", "read";
permission java.lang.reflect.ReflectPermission "suppressAccessChecks";
permission com.ibm.websphere.security.WebSphereRuntimePermission "accessRuntimeClasses, AdminPermission";
};

grant codeBase "file:aspectjweaver-1.5.3.jar" {
permission java.lang.RuntimePermission "createClassLoader";
permission com.ibm.websphere.security.WebSphereRuntimePermission "accessRuntimeClasses";
};

grant codeBase "file:aspectjrt-1.5.3.jar" {
permission java.lang.RuntimePermission "*", "accessDeclaredMembers";
permission com.ibm.websphere.security.WebSphereRuntimePermission "accessRuntimeClasses";
};

grant codeBase "file:activation-impl.jar" {
permission java.io.FilePermission "${user.home}${/}.mime.types", "read";
permission java.io.FilePermission "${java.home}${/}lib${/}mime.types", "read";
};

grant codeBase "file:$syfact-administratro.war" {
permission java.io.FilePermission "/C:/WINDOWS/TEMP/-", "read, write, delete";
};


The error that we are getting is :-

8/7/08 17:54:14:433 IST] 00000026 SecurityManag W SECJ0314W: Current Java 2 Security policy reported a potential violation of Java 2 Security Permission. Please refer to InfoCenter for further information.

Permission:

C:\WINDOWS\TEMP\expwf35925.xml : Access denied (java.io.FilePermission C:\WINDOWS\TEMP\expwf35925.xml write)


Code:

com.syfact.mo.administrator.mwfs.ExportAction in {file:/C:/Program Files/IBM/WebSphere/AppServer1/profiles/AppSrv01/installedApps/d-10607Node01Cell/syfact-administrator_war.ear/syfact-administrator.war/WEB-INF/classes/}



Stack Trace:

java.security.AccessControlException: Access denied (java.io.FilePermission C:\WINDOWS\TEMP\expwf35925.xml write)
at java.security.AccessController.checkPermission(AccessController.java:104)
at java.lang.SecurityManager.checkPermission(SecurityManager.java:547)
at com.ibm.ws.security.core.SecurityManager.checkPermission(SecurityManager.java:189)
at java.lang.SecurityManager.checkWrite(SecurityManager.java:977)
at java.io.File.checkAndCreate(File.java:1372)
at java.io.File.createTempFile(File.java:1469)
at java.io.File.createTempFile(File.java:1506)
at com.syfact.mo.administrator.mwfs.ExportAction.doAction(ExportAction.java:110)
at com.syfact.web.servlet.Syfact.processStandardCommand(Syfact.java:362)
at com.syfact.web.servlet.Syfact.doPost(Syfact.java:287)
at com.syfact.web.servlet.Syfact.doGet(Syfact.java:158)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:743)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:856)
at com.ibm.ws.webcontainer.servlet.ServletWrapper.service(ServletWrapper.java:966)
at com.ibm.ws.webcontainer.servlet.ServletWrapper.service(ServletWrapper.java:907)
at com.ibm.ws.webcontainer.filter.WebAppFilterChain.doFilter(WebAppFilterChain.java:145)
at com.syfact.ConnectionFilter.doFilter(ConnectionFilter.java:40)
at com.ibm.ws.webcontainer.filter.FilterInstanceWrapper.doFilter(FilterInstanceWrapper.java:190)
at com.ibm.ws.webcontainer.filter.WebAppFilterChain.doFilter(WebAppFilterChain.java:130)
at com.ibm.ws.webcontainer.filter.WebAppFilterChain._doFilter(WebAppFilterChain.java:87)
at com.ibm.ws.webcontainer.filter.WebAppFilterManager.doFilter(WebAppFilterManager.java:696)
at com.ibm.ws.webcontainer.filter.WebAppFilterManager.doFilter(WebAppFilterManager.java:641)
at com.ibm.ws.webcontainer.servlet.ServletWrapper.handleRequest(ServletWrapper.java:475)
at com.ibm.ws.wswebcontainer.servlet.ServletWrapper.handleRequest(ServletWrapper.java:463)
at com.ibm.ws.webcontainer.webapp.WebApp.handleRequest(WebApp.java:3107)
at com.ibm.ws.webcontainer.webapp.WebGroup.handleRequest(WebGroup.java:238)
at com.ibm.ws.webcontainer.WebContainer.handleRequest(WebContainer.java:811)
at com.ibm.ws.wswebcontainer.WebContainer.handleRequest(WebContainer.java:1425)
at com.ibm.ws.webcontainer.channel.WCChannelLink.ready(WCChannelLink.java:92)
at com.ibm.ws.http.channel.inbound.impl.HttpInboundLink.handleDiscrimination(HttpInboundLink.java:465)
at com.ibm.ws.http.channel.inbound.impl.HttpInboundLink.handleNewInformation(HttpInboundLink.java:394)
at com.ibm.ws.http.channel.inbound.impl.HttpInboundLink.ready(HttpInboundLink.java:274)
at com.ibm.ws.tcp.channel.impl.NewConnectionInitialReadCallback.sendToDiscriminators(NewConnectionInitialReadCallback.java:214)
at com.ibm.ws.tcp.channel.impl.NewConnectionInitialReadCallback.complete(NewConnectionInitialReadCallback.java:113)
at com.ibm.ws.tcp.channel.impl.AioReadCompletionListener.futureCompleted(AioReadCompletionListener.java:152)
at com.ibm.io.async.AbstractAsyncFuture.invokeCallback(AbstractAsyncFuture.java:213)
at com.ibm.io.async.AbstractAsyncFuture.fireCompletionActions(AbstractAsyncFuture.java:195)
at com.ibm.io.async.AsyncFuture.completed(AsyncFuture.java:136)
at com.ibm.io.async.ResultHandler.complete(ResultHandler.java:193)
at com.ibm.io.async.ResultHandler.runEventProcessingLoop(ResultHandler.java:725)
at com.ibm.io.async.ResultHandler$2.run(ResultHandler.java:847)
at com.ibm.ws.util.ThreadPool$Worker.run(ThreadPool.java:1498)


Code Base Location:


[8/7/08 17:54:14:448 IST] 00000026 SystemOut O 2008-08-07 17:54:14,433 ERROR -> Unable to create temporary file
java.lang.SecurityException: Unable to create temporary file
at java.io.File.checkAndCreate(File.java:1377)
at java.io.File.createTempFile(File.java:1469)
at java.io.File.createTempFile(File.java:1506)
at com.syfact.mo.administrator.mwfs.ExportAction.doAction(ExportAction.java:110)
at com.syfact.web.servlet.Syfact.processStandardCommand(Syfact.java:362)
at com.syfact.web.servlet.Syfact.doPost(Syfact.java:287)
at com.syfact.web.servlet.Syfact.doGet(Syfact.java:158)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:743)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:856)
at com.ibm.ws.webcontainer.servlet.ServletWrapper.service(ServletWrapper.java:966)
at com.ibm.ws.webcontainer.servlet.ServletWrapper.service(ServletWrapper.java:907)
at com.ibm.ws.webcontainer.filter.WebAppFilterChain.doFilter(WebAppFilterChain.java:145)
at com.syfact.ConnectionFilter.doFilter(ConnectionFilter.java:40)
at com.ibm.ws.webcontainer.filter.FilterInstanceWrapper.doFilter(FilterInstanceWrapper.java:190)
at com.ibm.ws.webcontainer.filter.WebAppFilterChain.doFilter(WebAppFilterChain.java:130)
at com.ibm.ws.webcontainer.filter.WebAppFilterChain._doFilter(WebAppFilterChain.java:87)
at com.ibm.ws.webcontainer.filter.WebAppFilterManager.doFilter(WebAppFilterManager.java:696)
at com.ibm.ws.webcontainer.filter.WebAppFilterManager.doFilter(WebAppFilterManager.java:641)
at com.ibm.ws.webcontainer.servlet.ServletWrapper.handleRequest(ServletWrapper.java:475)
at com.ibm.ws.wswebcontainer.servlet.ServletWrapper.handleRequest(ServletWrapper.java:463)
at com.ibm.ws.webcontainer.webapp.WebApp.handleRequest(WebApp.java:3107)
at com.ibm.ws.webcontainer.webapp.WebGroup.handleRequest(WebGroup.java:238)
at com.ibm.ws.webcontainer.WebContainer.handleRequest(WebContainer.java:811)
at com.ibm.ws.wswebcontainer.WebContainer.handleRequest(WebContainer.java:1425)
at com.ibm.ws.webcontainer.channel.WCChannelLink.ready(WCChannelLink.java:92)
at com.ibm.ws.http.channel.inbound.impl.HttpInboundLink.handleDiscrimination(HttpInboundLink.java:465)
at com.ibm.ws.http.channel.inbound.impl.HttpInboundLink.handleNewInformation(HttpInboundLink.java:394)
at com.ibm.ws.http.channel.inbound.impl.HttpInboundLink.ready(HttpInboundLink.java:274)
at com.ibm.ws.tcp.channel.impl.NewConnectionInitialReadCallback.sendToDiscriminators(NewConnectionInitialReadCallback.java:214)
at com.ibm.ws.tcp.channel.impl.NewConnectionInitialReadCallback.complete(NewConnectionInitialReadCallback.java:113)
at com.ibm.ws.tcp.channel.impl.AioReadCompletionListener.futureCompleted(AioReadCompletionListener.java:152)
at com.ibm.io.async.AbstractAsyncFuture.invokeCallback(AbstractAsyncFuture.java:213)
at com.ibm.io.async.AbstractAsyncFuture.fireCompletionActions(AbstractAsyncFuture.java:195)
at com.ibm.io.async.AsyncFuture.completed(AsyncFuture.java:136)
at com.ibm.io.async.ResultHandler.complete(ResultHandler.java:193)
at com.ibm.io.async.ResultHandler.runEventProcessingLoop(ResultHandler.java:725)
at com.ibm.io.async.ResultHandler$2.run(ResultHandler.java:847)
at com.ibm.ws.util.ThreadPool$Worker.run(ThreadPool.java:1498)



We tried to specify the permission in server.policy file n java.policy file as well but problem did not got resolved.

Please suugest the solution.

Regards,
Rahul
 
I agree. Here's the link: http://aspose.com/file-tools
 
subject: Java 2 Security Access denied Error Access denied (java.io.FilePermission write)