Re: [logging] Commons logging in applets

Wed, 07 Jun 2006 09:01:46 -0700 

Hi Simon,
Thanks for your detailed response, it is nice to know someone cares. I suspect you are right, but for now I have a workaround which I have posted here: 
http://forum.java.sun.com/thread.jspa?threadID=742451
Basically pass any actual work (that subsequently will use commons logging) of to some thread dispatcher to run it. Just creating a new thread and starting it wont work because it started from the javascript called method. So something like an Executor or good ol' EventDispatchThread works for me.
I can try and find some time to get the source and do what you said, but I am just starting a new project now and can't guarantee I will be prompt about it. If you want to give me any info/links on submitting a JIRA bug report, or add to one you create, let me know as I have not done that before. 

Thanks!
-Aaron Bruegl



Simon Kitching wrote:

Hi Aaron,

Firstly, I presume this is commons-logging 1.1 you are using.

LogFactoryImpl.java:1250 in the 1.1 release is this line:
            // try the parent classloader
            currentCL = currentCL.getParent();
which does seem to be a likely cause for the exception you report.

I expect this is a problem with the commons-logging code. In order to
handle security restrictions right, any method that might have security
applied to it (like calling ClassLoader.getParent) should be done only
from within an AccessController. I guess the getLowestClassLoader method
isn't doing this.

When AccessController is not used, the entire call stack has to be
granted the necessary permission, rather than just the library
performing the call. I guess the "live connect" libs don't have the
appropriate privileges granted which is causing your problem (though I
could be wrong).

I suggest you download the commons-logging source, wrap the problem call
in the appropriate AccessController structure and see if this solves the
problem [there are several examples of AccessController use in the code
already]. If it does, then please raise a JIRA bug report with your
patch attached and I will apply it to the core code.

I will try to find some time to look into this myself, but unfortunately
that may not be for a while.

Regards,

Simon


On Mon, 2006-06-05 at 17:48 -0500, Aaron Bruegl wrote:

I think I may have found a workaround:
http://www.snowbound.com/tech_tips/g_security_applet_java.html


Aaron Bruegl wrote:
I get a security error when some of my logging code is called from a method that was called by javascript. I have looked around at some of the forums but could not figure out a solution. All my jars are signed, and I even configured commons logging to only log to system.err and not the file system.
While this is kind of an applet issue, maybe someone here has encountered this before, basically the offending line is: 
   at java.lang.ClassLoader.getParent(Unknown Source)
at org.apache.commons.logging.impl.LogFactoryImpl.getLowestClassLoader(LogFactoryImpl.java:1250)
Thanks in advance, below is a lengthy trace, the exception lies at the bottom: 


Java Plug-in 1.5.0_06
Using JRE version 1.5.0_06 Java HotSpot(TM) Client VM
User home directory = C:\Documents and Settings\myName


----------------------------------------------------
c:   clear console window
f:   finalize objects on finalization queue
g:   garbage collect
h:   display this help message
l:   dump classloader list
m:   print memory usage
o:   trigger logging
p:   reload proxy configuration
q:   hide console
r:   reload policy configuration
s:   dump system and deployment properties
t:   dump thread list
v:   dump thread stack
x:   clear classloader cache
0-5: set trace level to <n>
----------------------------------------------------

Trace level set to 5: all ... completed.
basic: Cached file name: nighthawk-commons.jar-4f0d3933-647855f9.zip
basic: httpCompression = true
network: Connecting http://myURL/java/lib/log4j-1.2.13.jar with proxy=DIRECT network: Connecting http://myURL/java/lib/log4j-1.2.13.jar with cookie "__utma=63064624.654926256.1146849106.1146849106.1146849106.1; __utmz=63064624.1146849106.1.1.utmccn=(direct)|utmcsr=(direct)|utmcmd=(none)" 
basic: Downloading http://myURL/java/lib/log4j-1.2.13.jar to cache
basic: encoding = null for http://myURL/java/lib/log4j-1.2.13.jar
basic: Cached file name: log4j-1.2.13.jar-6a308831-33b80160.zip
basic: httpCompression = true
network: Connecting http://myURL/java/lib/commons-logging-1.1.jar with proxy=DIRECT network: Connecting http://myURL/java/lib/commons-logging-1.1.jar with cookie "__utma=63064624.654926256.1146849106.1146849106.1146849106.1; __utmz=63064624.1146849106.1.1.utmccn=(direct)|utmcsr=(direct)|utmcmd=(none)" 
basic: Downloading http://myURL/java/lib/commons-logging-1.1.jar to cache
basic: encoding = null for http://myURL/java/lib/commons-logging-1.1.jar
basic: Cached file name: commons-logging-1.1.jar-21fe76d4-7fdf768a.zip
basic: httpCompression = true
network: Connecting http://myURL/java/lib/ifd-common.jar with proxy=DIRECT network: Connecting http://myURL/java/lib/ifd-common.jar with cookie "__utma=63064624.654926256.1146849106.1146849106.1146849106.1; __utmz=63064624.1146849106.1.1.utmccn=(direct)|utmcsr=(direct)|utmcmd=(none)" 
basic: Downloading http://myURL/java/lib/ifd-common.jar to cache
basic: encoding = null for http://myURL/java/lib/ifd-common.jar
basic: Cached file name: ifd-common.jar-2da3fb14-607effe0.zip
security: Loading certificates from Deployment session certificate store
security: Loaded certificates from Deployment session certificate store
security: Checking if certificate is in Deployment permanent certificate store 
security: Loading certificates from Deployment session certificate store
security: Loaded certificates from Deployment session certificate store
security: Checking if certificate is in Deployment permanent certificate store 
security: Loading certificates from Deployment session certificate store
security: Loaded certificates from Deployment session certificate store
security: Checking if certificate is in Deployment permanent certificate store network: Connecting http://myURL/java/commons-logging.properties with proxy=DIRECT network: Connecting http://myURL/java/commons-logging.properties with cookie "__utma=63064624.654926256.1146849106.1146849106.1146849106.1; __utmz=63064624.1146849106.1.1.utmccn=(direct)|utmcsr=(direct)|utmcmd=(none)" network: Connecting http://myURL/java/META-INF/services/org.apache.commons.logging.LogFactory with proxy=DIRECT network: Connecting http://myURL/java/META-INF/services/org.apache.commons.logging.LogFactory with cookie "__utma=63064624.654926256.1146849106.1146849106.1146849106.1; __utmz=63064624.1146849106.1.1.utmccn=(direct)|utmcsr=(direct)|utmcmd=(none)" 
security: Loading certificates from Deployment session certificate store
security: Loaded certificates from Deployment session certificate store
security: Checking if certificate is in Deployment permanent certificate store 
network: Connecting http://myURL/java/log4j.xml with proxy=DIRECT
network: Connecting http://myURL/java/log4j.xml with cookie "__utma=63064624.654926256.1146849106.1146849106.1146849106.1; __utmz=63064624.1146849106.1.1.utmccn=(direct)|utmcsr=(direct)|utmcmd=(none)" 
network: Connecting http://myURL/java/log4j.xml with proxy=DIRECT
network: Connecting http://myURL/java/log4j.xml with cookie "__utma=63064624.654926256.1146849106.1146849106.1146849106.1; __utmz=63064624.1146849106.1.1.utmccn=(direct)|utmcsr=(direct)|utmcmd=(none)" network: Connecting http://myURL/java/org/apache/log4j/PatternLayoutBeanInfo.class with proxy=DIRECT network: Connecting http://myURL/java/org/apache/log4j/PatternLayoutBeanInfo.class with cookie "__utma=63064624.654926256.1146849106.1146849106.1146849106.1; __utmz=63064624.1146849106.1.1.utmccn=(direct)|utmcsr=(direct)|utmcmd=(none)" network: Connecting http://myURL/java/org/apache/log4j/PatternLayoutBeanInfo.class with proxy=DIRECT network: Connecting http://myURL/java/org/apache/log4j/PatternLayoutBeanInfo.class with cookie "__utma=63064624.654926256.1146849106.1146849106.1146849106.1; __utmz=63064624.1146849106.1.1.utmccn=(direct)|utmcsr=(direct)|utmcmd=(none)" network: Connecting http://myURL/java/org/apache/log4j/LayoutBeanInfo.class with proxy=DIRECT network: Connecting http://myURL/java/org/apache/log4j/LayoutBeanInfo.class with cookie "__utma=63064624.654926256.1146849106.1146849106.1146849106.1; __utmz=63064624.1146849106.1.1.utmccn=(direct)|utmcsr=(direct)|utmcmd=(none)" network: Connecting http://myURL/java/org/apache/log4j/LayoutBeanInfo.class with proxy=DIRECT network: Connecting http://myURL/java/org/apache/log4j/LayoutBeanInfo.class with cookie "__utma=63064624.654926256.1146849106.1146849106.1146849106.1; __utmz=63064624.1146849106.1.1.utmccn=(direct)|utmcsr=(direct)|utmcmd=(none)" network: Connecting http://myURL/java/java/lang/ObjectBeanInfo.class with proxy=DIRECT network: Connecting http://myURL/java/java/lang/ObjectBeanInfo.class with cookie "__utma=63064624.654926256.1146849106.1146849106.1146849106.1; __utmz=63064624.1146849106.1.1.utmccn=(direct)|utmcsr=(direct)|utmcmd=(none)" network: Connecting http://myURL/java/org/apache/log4j/RollingFileAppenderBeanInfo.class with proxy=DIRECT network: Connecting http://myURL/java/org/apache/log4j/RollingFileAppenderBeanInfo.class with cookie "__utma=63064624.654926256.1146849106.1146849106.1146849106.1; __utmz=63064624.1146849106.1.1.utmccn=(direct)|utmcsr=(direct)|utmcmd=(none)" network: Connecting http://myURL/java/org/apache/log4j/RollingFileAppenderBeanInfo.class with proxy=DIRECT network: Connecting http://myURL/java/org/apache/log4j/RollingFileAppenderBeanInfo.class with cookie "__utma=63064624.654926256.1146849106.1146849106.1146849106.1; __utmz=63064624.1146849106.1.1.utmccn=(direct)|utmcsr=(direct)|utmcmd=(none)" network: Connecting http://myURL/java/org/apache/log4j/FileAppenderBeanInfo.class with proxy=DIRECT network: Connecting http://myURL/java/org/apache/log4j/FileAppenderBeanInfo.class with cookie "__utma=63064624.654926256.1146849106.1146849106.1146849106.1; __utmz=63064624.1146849106.1.1.utmccn=(direct)|utmcsr=(direct)|utmcmd=(none)" network: Connecting http://myURL/java/org/apache/log4j/FileAppenderBeanInfo.class with proxy=DIRECT network: Connecting http://myURL/java/org/apache/log4j/FileAppenderBeanInfo.class with cookie "__utma=63064624.654926256.1146849106.1146849106.1146849106.1; __utmz=63064624.1146849106.1.1.utmccn=(direct)|utmcsr=(direct)|utmcmd=(none)" network: Connecting http://myURL/java/org/apache/log4j/WriterAppenderBeanInfo.class with proxy=DIRECT network: Connecting http://myURL/java/org/apache/log4j/WriterAppenderBeanInfo.class with cookie "__utma=63064624.654926256.1146849106.1146849106.1146849106.1; __utmz=63064624.1146849106.1.1.utmccn=(direct)|utmcsr=(direct)|utmcmd=(none)" network: Connecting http://myURL/java/org/apache/log4j/WriterAppenderBeanInfo.class with proxy=DIRECT network: Connecting http://myURL/java/org/apache/log4j/WriterAppenderBeanInfo.class with cookie "__utma=63064624.654926256.1146849106.1146849106.1146849106.1; __utmz=63064624.1146849106.1.1.utmccn=(direct)|utmcsr=(direct)|utmcmd=(none)" network: Connecting http://myURL/java/org/apache/log4j/AppenderSkeletonBeanInfo.class with proxy=DIRECT network: Connecting http://myURL/java/org/apache/log4j/AppenderSkeletonBeanInfo.class with cookie "__utma=63064624.654926256.1146849106.1146849106.1146849106.1; __utmz=63064624.1146849106.1.1.utmccn=(direct)|utmcsr=(direct)|utmcmd=(none)" network: Connecting http://myURL/java/org/apache/log4j/AppenderSkeletonBeanInfo.class with proxy=DIRECT network: Connecting http://myURL/java/org/apache/log4j/AppenderSkeletonBeanInfo.class with cookie "__utma=63064624.654926256.1146849106.1146849106.1146849106.1; __utmz=63064624.1146849106.1.1.utmccn=(direct)|utmcsr=(direct)|utmcmd=(none)" 
myURL
Communications starting up : myURL
network: Connecting http://myURL/java/com/ibm/uvm/tools/DebugSupport.class with proxy=DIRECT network: Connecting http://myURL/java/com/ibm/uvm/tools/DebugSupport.class with cookie "__utma=63064624.654926256.1146849106.1146849106.1146849106.1; __utmz=63064624.1146849106.1.1.utmccn=(direct)|utmcsr=(direct)|utmcmd=(none)" 
network: Connecting http://myURL/java/images/print.gif with proxy=DIRECT
network: Connecting http://myURL/java/images/print.gif with cookie "__utma=63064624.654926256.1146849106.1146849106.1146849106.1; __utmz=63064624.1146849106.1.1.utmccn=(direct)|utmcsr=(direct)|utmcmd=(none)" 
basic: Cached file name: print.gif-58bd8db8-5a92d156.gif
network: Connecting http://myURL/java/images/rotateCW.gif with proxy=DIRECT network: Connecting http://myURL/java/images/rotateCW.gif with cookie "__utma=63064624.654926256.1146849106.1146849106.1146849106.1; __utmz=63064624.1146849106.1.1.utmccn=(direct)|utmcsr=(direct)|utmcmd=(none)" 
basic: Cached file name: rotateCW.gif-45ded66c-6afa3e99.gif
network: Connecting http://myURL/java/images/rotateCCW.gif with proxy=DIRECT network: Connecting http://myURL/java/images/rotateCCW.gif with cookie "__utma=63064624.654926256.1146849106.1146849106.1146849106.1; __utmz=63064624.1146849106.1.1.utmccn=(direct)|utmcsr=(direct)|utmcmd=(none)" 
basic: Cached file name: rotateCCW.gif-5605f4c7-28024094.gif
network: Connecting http://myURL/java/images/fitWidth.gif with proxy=DIRECT network: Connecting http://myURL/java/images/fitWidth.gif with cookie "__utma=63064624.654926256.1146849106.1146849106.1146849106.1; __utmz=63064624.1146849106.1.1.utmccn=(direct)|utmcsr=(direct)|utmcmd=(none)" 
basic: Cached file name: fitWidth.gif-4a7c6c92-608f7a32.gif
network: Connecting http://myURL/java/images/fitHeight.gif with proxy=DIRECT network: Connecting http://myURL/java/images/fitHeight.gif with cookie "__utma=63064624.654926256.1146849106.1146849106.1146849106.1; __utmz=63064624.1146849106.1.1.utmccn=(direct)|utmcsr=(direct)|utmcmd=(none)" 
basic: Cached file name: fitHeight.gif-3f2a3aa3-23652ab5.gif
network: Connecting http://myURL/java/images/actualSize.gif with proxy=DIRECT network: Connecting http://myURL/java/images/actualSize.gif with cookie "__utma=63064624.654926256.1146849106.1146849106.1146849106.1; __utmz=63064624.1146849106.1.1.utmccn=(direct)|utmcsr=(direct)|utmcmd=(none)" 
basic: Cached file name: actualSize.gif-620cf7cc-6cd94237.gif
network: Connecting http://myURL/java/images/reset.gif with proxy=DIRECT
network: Connecting http://myURL/java/images/reset.gif with cookie "__utma=63064624.654926256.1146849106.1146849106.1146849106.1; __utmz=63064624.1146849106.1.1.utmccn=(direct)|utmcsr=(direct)|utmcmd=(none)" 
basic: Cached file name: reset.gif-3c79d75a-6c0eda10.gif
liveconnect: JavaScript: UniversalBrowserRead enabled
liveconnect: JavaScript: UniversalJavaPermission enabled
liveconnect: JavaScript: UniversalBrowserRead enabled
liveconnect: JavaScript: UniversalJavaPermission enabled
liveconnect: JavaScript: UniversalBrowserRead enabled
liveconnect: JavaScript: UniversalJavaPermission enabled
liveconnect: JavaScript: UniversalBrowserRead enabled
liveconnect: JavaScript: UniversalJavaPermission enabled
liveconnect: JavaScript: UniversalBrowserRead enabled
liveconnect: JavaScript: UniversalJavaPermission enabled
liveconnect: JavaScript: UniversalBrowserRead enabled
liveconnect: JavaScript: UniversalJavaPermission enabled
liveconnect: JavaScript: UniversalBrowserRead enabled
liveconnect: JavaScript: UniversalJavaPermission enabled
liveconnect: JavaScript: calling Java system code
liveconnect: JavaScript: default security policy = http://myURL
liveconnect: JavaScript: calling Java system code
liveconnect: JavaScript: default security policy = http://myURL
liveconnect: JavaScript: calling Java system code
liveconnect: JavaScript: default security policy = http://myURL
liveconnect: JavaScript: UniversalBrowserRead enabled
liveconnect: JavaScript: default security policy = http://myURL
myURL : 1199
network: Connecting socket://myURL:1199 with proxy=DIRECT
network: Connecting socket://someURL with proxy=DIRECT
Fax Viewer time = 4406
fsg val = [EMAIL PROTECTED]
Exception in thread "Thread-2321" java.lang.ExceptionInInitializerError
at net.nighthawk.ifd.client.FaxViewPanel.openFaxImages(FaxViewPanel.java:262) at net.nighthawk.ifd.client.FaxViewPanel.openFax(FaxViewPanel.java:217) at net.nighthawk.ifd.client.FaxViewApplet$FaxOpener.run(FaxViewApplet.java:66) 
   at java.lang.Thread.run(Unknown Source)
Caused by: org.apache.commons.logging.LogConfigurationException: java.security.AccessControlException: access denied (java.lang.RuntimePermission getClassLoader) (Caused by java.security.AccessControlException: access denied (java.lang.RuntimePermission getClassLoader)) at org.apache.commons.logging.impl.LogFactoryImpl.newInstance(LogFactoryImpl.java:634) at org.apache.commons.logging.impl.LogFactoryImpl.getInstance(LogFactoryImpl.java:333) at org.apache.commons.logging.impl.LogFactoryImpl.getInstance(LogFactoryImpl.java:307) 
   at org.apache.commons.logging.LogFactory.getLog(LogFactory.java:645)
   at net.nighthawk.ifd.common.util.TIFF60.<clinit>(TIFF60.java:65)
   ... 4 more
Caused by: java.security.AccessControlException: access denied (java.lang.RuntimePermission getClassLoader) 
   at java.security.AccessControlContext.checkPermission(Unknown Source)
   at java.security.AccessController.checkPermission(Unknown Source)
   at java.lang.SecurityManager.checkPermission(Unknown Source)
   at java.lang.ClassLoader.getParent(Unknown Source)
at org.apache.commons.logging.impl.LogFactoryImpl.getLowestClassLoader(LogFactoryImpl.java:1250) at org.apache.commons.logging.impl.LogFactoryImpl.getBaseClassLoader(LogFactoryImpl.java:1170) at org.apache.commons.logging.impl.LogFactoryImpl.createLogFromClass(LogFactoryImpl.java:972) at org.apache.commons.logging.impl.LogFactoryImpl.discoverLogImplementation(LogFactoryImpl.java:838) at org.apache.commons.logging.impl.LogFactoryImpl.newInstance(LogFactoryImpl.java:601) 
   ... 8 more
network: Connecting socket://someURL with proxy=DIRECT
network: Connecting socket://someURL with proxy=DIRECT
network: Connecting socket://someURL with proxy=DIRECT
network: Connecting socket://someURL with proxy=DIRECT




---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]


---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

Reply via email to