Re: When is java.lang.SecurityException Thrown ??

[Jeff Greif]

These comments are rather speculative and not reflective of much expertise in this area   1.  Turn on some logging (or look in the logs that already exist) to see where the exception is thrown. 2.  Most likely, to use the client code you will need to set up a security policy that permits access to the reflection package. 3.  Most likely, things are more restricted on Solaris because some default policy forbids use of that package, and you have to override it.  Reflection has some degree of danger because it can break encapsulation. 4.  Doing the override of the security policy is sensible if you understand how your code uses reflection and know that it won't endanger the security of the client application or the machine in general.  If the use of reflection is happening inside third-party code you should try to understand it before opening things up, particularly if there are strong security requirements on the machine for other reasons.  Under these circumstances, you may not be allowed by either administrators or file permissions to change the security policy.  On such a machine, some kind of security audit of your code would probably be necessary in order for the policy to be altered so it could run. 5.  If you change the security policy, you should make the changes as small as possible to let your client run, and scope them as narrowly as possible to prevent other less well-intentioned programs from benefitting.   Jeff ----- Original Message ----- From: Dhanush Gopinath To: [EMAIL PROTECTED] Sent: Thursday, December 18, 2003 5:30 AM Subject: When is java.lang.SecurityException Thrown ?? Hi All   When I am running my client code I am getting an Exception called   java.lang.Security Exception : Prohibited package name java.lang.reflect   Any Idea When this is thrown ?