Drat... I was hoping to see something much sooner, like 8u20
(obviously too late now) or 8u40. I'm unable to use Web Start
deployment because of this.
Is it necessary for these issues to be blocked from anonymous viewing?
Thanks for the update.
Scott
On Wed, Jun 11, 2014 at 11:57 AM, Kevin Rushforth
<kevin.rushfo...@oracle.com <mailto:kevin.rushfo...@oracle.com>> wrote:
These are now assigned to Dmitry Cherapanov who I have copied here
in case he isn't on the openjfx alias. They are both targeted to
JDK 9.
-- Kevin
Scott Palmer wrote:
I tried to send an email to Thomas asking about the status of
these issues
(they are not visible to me), but the email bounced (user
unknown). Could
someone let me know the status?
Thanks,
Scott
On Thu, Apr 17, 2014 at 1:25 AM, Thomas Ng
<thomas.v...@oracle.com <mailto:thomas.v...@oracle.com>> wrote:
Thanks for the report!
Two bugs created for this:
security manager and applet-desc webstart mode:
https://bugs.openjdk.java.net/browse/JDK-8040231
reflection in daemon thread:
https://bugs.openjdk.java.net/browse/JDK-8040699
-thomas
*From: *Scott Palmer <swpal...@gmail.com
<mailto:swpal...@gmail.com>>
*Subject: **All-Permissions not working properly with
sun.plugin2.applet.FXAppletSecurityManager*
*Date: *April 14, 2014 at 1:07:36 PM PDT
*To: *"openjfx-dev@openjdk.java.net
<mailto:openjfx-dev@openjdk.java.net>"
<openjfx-dev@openjdk.java.net
<mailto:openjfx-dev@openjdk.java.net>>
Can someone confirm that all-permissions is working for
JavaFX apps
that are launched via Web Start with Java 8.0 and use
daemon threads
in a Service?
I have a JNLP file that has:
<security>
<all-permissions/>
</security>
and the manifest of my app's jar has the following
instruction in my
Gradle script:
jar {
manifest {
attributes('Permissions': 'all-permissions',
'Codebase': '*')
}
}
I'm using the javafx gradle plugin and signing the jars...
e.g. I see this for every dependency and the main jar:
...
Signing (BLOB) C:\Users\scott\.m2\caches\path\to\some.jar
Signed as C:\Users\scott\dev\MyProject\build\libs\some.jar
...
I even tried System.setSecurityManager(null); in my
start() method
(and it lets me do it).
However, daemon threads started by my Service are unable
to use
reflection. (It is working in the main FX application
thread.) I see
the following stack trace in the Java console:
Caused by: java.security.AccessControlException: access
denied
("java.lang.reflect.ReflectPermission"
"suppressAccessChecks")
at
java.security.AccessControlContext.checkPermission(Unknown
Source)
at java.security.AccessController.checkPermission(Unknown
Source)
at java.lang.SecurityManager.checkPermission(Unknown Source)
at
sun.plugin2.applet.FXAppletSecurityManager.checkPermission(Unknown
Source)
at
java.lang.reflect.AccessibleObject.setAccessible(Unknown
Source)
Caused by: java.security.AccessControlException: access
denied
("java.lang.RuntimePermission" "accessDeclaredMembers")
at
java.security.AccessControlContext.checkPermission(Unknown
Source)
at java.security.AccessController.checkPermission(Unknown
Source)
at java.lang.SecurityManager.checkPermission(Unknown Source)
at
sun.plugin2.applet.FXAppletSecurityManager.checkPermission(Unknown
Source)
at java.lang.Class.checkMemberAccess(Unknown Source)
at java.lang.Class.getDeclaredMethod(Unknown Source)
at
ma.glasnost.orika.property.PropertyResolver.resolvePropertyType(PropertyResolver.java:304)
at
ma.glasnost.orika.property.PropertyResolver.processProperty(PropertyResolver.java:240)
at
ma.glasnost.orika.property.IntrospectorPropertyResolver.collectProperties(IntrospectorPropertyResolver.java:83)
... 33 more
I bring it up here because FXAppletSecurityManager is
involved and
this smells like a possible bug in plugin2
Regards,
Scott