[ http://issues.apache.org/jira/browse/AXIS-2145?page=comments#action_12317816 ]
Luis Rivera commented on AXIS-2145: ----------------------------------- Ok, I cleaned up the mess of jars axis source and binary code from different apache sources. So, after sining all the axis jar file and all the needed commons packages (axis.jar, commons-logging.jar, commons-discovery.jar, commons-httpclient.jar, commons-codec.jar) it finally stopped throwing security exceptions when contacting the server. Now, I confirmed that the messages are getting through, but some messages are crasing my server and I am not sure if it's my client or just something that it's running bogus in the server side. I regenerated the code from the WSDL the same axis 1.3 code, but this time I noticed some types from WSDL are missing (some collection types) which not it looks were pushed to the holder classes. Is this by design? or there is something that changed by mistake to support applets? Anyway, I am still trying to test fully to make sure applets run without any problem. So far it looks like this is doing the trick :) > Axis Client crashes the applet unless new permissions are added to the policy > file (or a custom security manager is used) > ------------------------------------------------------------------------------------------------------------------------- > > Key: AXIS-2145 > URL: http://issues.apache.org/jira/browse/AXIS-2145 > Project: Apache Axis > Type: Bug > Components: Basic Architecture > Versions: current (nightly) > Environment: WindowsXP, Sun jdk1.5.0_03 (running client inside an applet), > Axis 1.2.1, commons-logging-1.0.4, commons-httpclient-3.0-rc3, using ant > 1.6.5 and a laptop IBM Thinkpad R51 > Reporter: Luis Rivera > Priority: Blocker > Attachments: ClassUtils.java > > To solve the following kind of exceptions, > *********************************************************************************************************** > java.lang.ExceptionInInitializerError > at > org.apache.commons.discovery.jdk.JDKHooks.<clinit>(JDKHooks.java:75) > at > org.apache.commons.discovery.tools.DiscoverSingleton.find(DiscoverSingleton.java:412) > at > org.apache.commons.discovery.tools.DiscoverSingleton.find(DiscoverSingleton.java:378) > at > org.apache.axis.components.logger.LogFactory$1.run(LogFactory.java:45) > at java.security.AccessController.doPrivileged(Native Method) > at > org.apache.axis.components.logger.LogFactory.getLogFactory(LogFactory.java:41) > at > org.apache.axis.components.logger.LogFactory.<clinit>(LogFactory.java:33) > at > org.apache.axis.handlers.BasicHandler.<clinit>(BasicHandler.java:43) > at org.apache.axis.client.Service.getAxisClient(Service.java:103) > at org.apache.axis.client.Service.<init>(Service.java:112) > at vcas.gui.wsdl.VCASLocator.<init>(Unknown Source) > at vcas.gui.vss.VSSApplet.init(Unknown Source) > at sun.applet.AppletPanel.run(AppletPanel.java:374) > at java.lang.Thread.run(Thread.java:595) > Caused by: java.security.AccessControlException: access denied > (java.lang.RuntimePermission createClassLoader) > at > java.security.AccessControlContext.checkPermission(AccessControlContext.java:264) > at > java.security.AccessController.checkPermission(AccessController.java:427) > at java.lang.SecurityManager.checkPermission(SecurityManager.java:532) > at > java.lang.SecurityManager.checkCreateClassLoader(SecurityManager.java:594) > at java.lang.ClassLoader.<init>(ClassLoader.java:225) > at > org.apache.commons.discovery.jdk.PsuedoSystemClassLoader.<init>(PsuedoSystemClassLoader.java:73) > at > org.apache.commons.discovery.jdk.JDK12Hooks.findSystemClassLoader(JDK12Hooks.java:215) > at > org.apache.commons.discovery.jdk.JDK12Hooks.<clinit>(JDK12Hooks.java:73) > ... 14 more > ********************************************************************************************************************************* > I had to add the following permissions to a custom policy file. > ******************************************************************************************************************************** > permission java.lang.RuntimePermission "createClassLoader"; > permission java.lang.RuntimePermission "getClassLoader"; > permission java.util.PropertyPermission > "org.apache.commons.discovery.log.level", "read"; > permission java.util.PropertyPermission > "axis.EngineConfigFactory","read"; > permission java.util.PropertyPermission > "org.apache.axis.EngineConfigurationFactory","read"; > permission java.util.PropertyPermission "axis.ClientConfigFile","read"; > permission java.util.PropertyPermission "axis.ServerConfigFile","read"; > permission java.util.PropertyPermission "axis.xml.reuseParsers","read"; > permission java.util.PropertyPermission > "axis.attachments.implementation","read"; > ******************************************************************************************************************************** > So, I see that part of the problem is appache commons logger and other > libraries trying to read and write to files, including the commons logger > used by axis. I wanted to know if there is a simple way to prevent this or if > I there exist a version of the Axis library without these issues, so it can > happily work inside the sandbox with the default permissions, I would be > happy to try it. > Thanks in advance, > --Luis R. -- This message is automatically generated by JIRA. - If you think it was sent incorrectly contact one of the administrators: http://issues.apache.org/jira/secure/Administrators.jspa - For more information on JIRA, see: http://www.atlassian.com/software/jira
