Home.... | log in.... | Pub my question! | Sign-up....
Java-index >> Desktop >> Core GUI APIs

JS calling applet method that has commons logging

I get a security error when some of my logging code is called from a method that was called by javascript. I have looked around at some of the forums but could not figure out a solution. All my jars are signed, and I even configured commons logging to only log to system.err and not the file system.

Thanks in advance, below is a lengthy trace:

Java Plug-in 1.5.0_06

Using JRE version 1.5.0_06 Java HotSpot(TM) Client VM

User home directory = C:\Documents and Settings\myName

-

c:clear console window

f:finalize objects on finalization queue

g:garbage collect

h:displaythis help message

l:dump classloader list

m:print memory usage

o:trigger logging

p:reload proxy configuration

q:hide console

r:reload policy configuration

s:dump system and deployment properties

t:dump thread list

v:dump thread stack

x:clear classloader cache

0-5: set trace level to <n>

-

Trace level set to 5: all ... completed.

basic: Cached file name: nighthawk-commons.jar-4f0d3933-647855f9.zip

basic: httpCompression =true

network: Connecting http://myURL/java/lib/log4j-1.2.13.jar with proxy=DIRECT

network: Connecting http://myURL/java/lib/log4j-1.2.13.jar with cookie "__utma=63064624.654926256.1146849106.1146849106.1146849106.1; __utmz=63064624.1146849106.1.1.utmccn=(direct)|utmcsr=(direct)|utmcmd=(none)"

basic: Downloading http://myURL/java/lib/log4j-1.2.13.jar to cache

basic: encoding =nullfor http://myURL/java/lib/log4j-1.2.13.jar

basic: Cached file name: log4j-1.2.13.jar-6a308831-33b80160.zip

basic: httpCompression =true

network: Connecting http://myURL/java/lib/commons-logging-1.1.jar with proxy=DIRECT

network: Connecting http://myURL/java/lib/commons-logging-1.1.jar with cookie "__utma=63064624.654926256.1146849106.1146849106.1146849106.1; __utmz=63064624.1146849106.1.1.utmccn=(direct)|utmcsr=(direct)|utmcmd=(none)"

basic: Downloading http://myURL/java/lib/commons-logging-1.1.jar to cache

basic: encoding =nullfor http://myURL/java/lib/commons-logging-1.1.jar

basic: Cached file name: commons-logging-1.1.jar-21fe76d4-7fdf768a.zip

basic: httpCompression =true

network: Connecting http://myURL/java/lib/ifd-common.jar with proxy=DIRECT

network: Connecting http://myURL/java/lib/ifd-common.jar with cookie "__utma=63064624.654926256.1146849106.1146849106.1146849106.1; __utmz=63064624.1146849106.1.1.utmccn=(direct)|utmcsr=(direct)|utmcmd=(none)"

basic: Downloading http://myURL/java/lib/ifd-common.jar to cache

basic: encoding =nullfor http://myURL/java/lib/ifd-common.jar

basic: Cached file name: ifd-common.jar-2da3fb14-607effe0.zip

security: Loading certificates from Deployment session certificate store

security: Loaded certificates from Deployment session certificate store

security: Checkingif certificate is in Deployment permanent certificate store

security: Loading certificates from Deployment session certificate store

security: Loaded certificates from Deployment session certificate store

security: Checkingif certificate is in Deployment permanent certificate store

security: Loading certificates from Deployment session certificate store

security: Loaded certificates from Deployment session certificate store

security: Checkingif certificate is in Deployment permanent certificate store

network: Connecting http://myURL/java/commons-logging.properties with proxy=DIRECT

network: Connecting http://myURL/java/commons-logging.properties with cookie "__utma=63064624.654926256.1146849106.1146849106.1146849106.1; __utmz=63064624.1146849106.1.1.utmccn=(direct)|utmcsr=(direct)|utmcmd=(none)"

network: Connecting http://myURL/java/META-INF/services/org.apache.commons.logging.LogFactory with proxy=DIRECT

network: Connecting http://myURL/java/META-INF/services/org.apache.commons.logging.LogFactory with cookie "__utma=63064624.654926256.1146849106.1146849106.1146849106.1; __utmz=63064624.1146849106.1.1.utmccn=(direct)|utmcsr=(direct)|utmcmd=(none)"

security: Loading certificates from Deployment session certificate store

security: Loaded certificates from Deployment session certificate store

security: Checkingif certificate is in Deployment permanent certificate store

network: Connecting http://myURL/java/log4j.xml with proxy=DIRECT

network: Connecting http://myURL/java/log4j.xml with cookie "__utma=63064624.654926256.1146849106.1146849106.1146849106.1; __utmz=63064624.1146849106.1.1.utmccn=(direct)|utmcsr=(direct)|utmcmd=(none)"

network: Connecting http://myURL/java/log4j.xml with proxy=DIRECT

network: Connecting http://myURL/java/log4j.xml with cookie "__utma=63064624.654926256.1146849106.1146849106.1146849106.1; __utmz=63064624.1146849106.1.1.utmccn=(direct)|utmcsr=(direct)|utmcmd=(none)"

network: Connecting http://myURL/java/org/apache/log4j/PatternLayoutBeanInfo.class with proxy=DIRECT

network: Connecting http://myURL/java/org/apache/log4j/PatternLayoutBeanInfo.class with cookie "__utma=63064624.654926256.1146849106.1146849106.1146849106.1; __utmz=63064624.1146849106.1.1.utmccn=(direct)|utmcsr=(direct)|utmcmd=(none)"

network: Connecting http://myURL/java/org/apache/log4j/PatternLayoutBeanInfo.class with proxy=DIRECT

network: Connecting http://myURL/java/org/apache/log4j/PatternLayoutBeanInfo.class with cookie "__utma=63064624.654926256.1146849106.1146849106.1146849106.1; __utmz=63064624.1146849106.1.1.utmccn=(direct)|utmcsr=(direct)|utmcmd=(none)"

network: Connecting http://myURL/java/org/apache/log4j/LayoutBeanInfo.class with proxy=DIRECT

network: Connecting http://myURL/java/org/apache/log4j/LayoutBeanInfo.class with cookie "__utma=63064624.654926256.1146849106.1146849106.1146849106.1; __utmz=63064624.1146849106.1.1.utmccn=(direct)|utmcsr=(direct)|utmcmd=(none)"

network: Connecting http://myURL/java/org/apache/log4j/LayoutBeanInfo.class with proxy=DIRECT

network: Connecting http://myURL/java/org/apache/log4j/LayoutBeanInfo.class with cookie "__utma=63064624.654926256.1146849106.1146849106.1146849106.1; __utmz=63064624.1146849106.1.1.utmccn=(direct)|utmcsr=(direct)|utmcmd=(none)"

network: Connecting http://myURL/java/java/lang/ObjectBeanInfo.class with proxy=DIRECT

network: Connecting http://myURL/java/java/lang/ObjectBeanInfo.class with cookie "__utma=63064624.654926256.1146849106.1146849106.1146849106.1; __utmz=63064624.1146849106.1.1.utmccn=(direct)|utmcsr=(direct)|utmcmd=(none)"

network: Connecting http://myURL/java/org/apache/log4j/RollingFileAppenderBeanInfo.class with proxy=DIRECT

network: Connecting http://myURL/java/org/apache/log4j/RollingFileAppenderBeanInfo.class with cookie "__utma=63064624.654926256.1146849106.1146849106.1146849106.1; __utmz=63064624.1146849106.1.1.utmccn=(direct)|utmcsr=(direct)|utmcmd=(none)"

network: Connecting http://myURL/java/org/apache/log4j/RollingFileAppenderBeanInfo.class with proxy=DIRECT

network: Connecting http://myURL/java/org/apache/log4j/RollingFileAppenderBeanInfo.class with cookie "__utma=63064624.654926256.1146849106.1146849106.1146849106.1; __utmz=63064624.1146849106.1.1.utmccn=(direct)|utmcsr=(direct)|utmcmd=(none)"

network: Connecting http://myURL/java/org/apache/log4j/FileAppenderBeanInfo.class with proxy=DIRECT

network: Connecting http://myURL/java/org/apache/log4j/FileAppenderBeanInfo.class with cookie "__utma=63064624.654926256.1146849106.1146849106.1146849106.1; __utmz=63064624.1146849106.1.1.utmccn=(direct)|utmcsr=(direct)|utmcmd=(none)"

network: Connecting http://myURL/java/org/apache/log4j/FileAppenderBeanInfo.class with proxy=DIRECT

network: Connecting http://myURL/java/org/apache/log4j/FileAppenderBeanInfo.class with cookie "__utma=63064624.654926256.1146849106.1146849106.1146849106.1; __utmz=63064624.1146849106.1.1.utmccn=(direct)|utmcsr=(direct)|utmcmd=(none)"

network: Connecting http://myURL/java/org/apache/log4j/WriterAppenderBeanInfo.class with proxy=DIRECT

network: Connecting http://myURL/java/org/apache/log4j/WriterAppenderBeanInfo.class with cookie "__utma=63064624.654926256.1146849106.1146849106.1146849106.1; __utmz=63064624.1146849106.1.1.utmccn=(direct)|utmcsr=(direct)|utmcmd=(none)"

network: Connecting http://myURL/java/org/apache/log4j/WriterAppenderBeanInfo.class with proxy=DIRECT

network: Connecting http://myURL/java/org/apache/log4j/WriterAppenderBeanInfo.class with cookie "__utma=63064624.654926256.1146849106.1146849106.1146849106.1; __utmz=63064624.1146849106.1.1.utmccn=(direct)|utmcsr=(direct)|utmcmd=(none)"

network: Connecting http://myURL/java/org/apache/log4j/AppenderSkeletonBeanInfo.class with proxy=DIRECT

network: Connecting http://myURL/java/org/apache/log4j/AppenderSkeletonBeanInfo.class with cookie "__utma=63064624.654926256.1146849106.1146849106.1146849106.1; __utmz=63064624.1146849106.1.1.utmccn=(direct)|utmcsr=(direct)|utmcmd=(none)"

network: Connecting http://myURL/java/org/apache/log4j/AppenderSkeletonBeanInfo.class with proxy=DIRECT

network: Connecting http://myURL/java/org/apache/log4j/AppenderSkeletonBeanInfo.class with cookie "__utma=63064624.654926256.1146849106.1146849106.1146849106.1; __utmz=63064624.1146849106.1.1.utmccn=(direct)|utmcsr=(direct)|utmcmd=(none)"

myURL

Communications starting up : myURL

network: Connecting http://myURL/java/com/ibm/uvm/tools/DebugSupport.class with proxy=DIRECT

network: Connecting http://myURL/java/com/ibm/uvm/tools/DebugSupport.class with cookie "__utma=63064624.654926256.1146849106.1146849106.1146849106.1; __utmz=63064624.1146849106.1.1.utmccn=(direct)|utmcsr=(direct)|utmcmd=(none)"

network: Connecting http://myURL/java/images/print.gif with proxy=DIRECT

network: Connecting http://myURL/java/images/print.gif with cookie "__utma=63064624.654926256.1146849106.1146849106.1146849106.1; __utmz=63064624.1146849106.1.1.utmccn=(direct)|utmcsr=(direct)|utmcmd=(none)"

basic: Cached file name: print.gif-58bd8db8-5a92d156.gif

network: Connecting http://myURL/java/images/rotateCW.gif with proxy=DIRECT

network: Connecting http://myURL/java/images/rotateCW.gif with cookie "__utma=63064624.654926256.1146849106.1146849106.1146849106.1; __utmz=63064624.1146849106.1.1.utmccn=(direct)|utmcsr=(direct)|utmcmd=(none)"

basic: Cached file name: rotateCW.gif-45ded66c-6afa3e99.gif

network: Connecting http://myURL/java/images/rotateCCW.gif with proxy=DIRECT

network: Connecting http://myURL/java/images/rotateCCW.gif with cookie "__utma=63064624.654926256.1146849106.1146849106.1146849106.1; __utmz=63064624.1146849106.1.1.utmccn=(direct)|utmcsr=(direct)|utmcmd=(none)"

basic: Cached file name: rotateCCW.gif-5605f4c7-28024094.gif

network: Connecting http://myURL/java/images/fitWidth.gif with proxy=DIRECT

network: Connecting http://myURL/java/images/fitWidth.gif with cookie "__utma=63064624.654926256.1146849106.1146849106.1146849106.1; __utmz=63064624.1146849106.1.1.utmccn=(direct)|utmcsr=(direct)|utmcmd=(none)"

basic: Cached file name: fitWidth.gif-4a7c6c92-608f7a32.gif

network: Connecting http://myURL/java/images/fitHeight.gif with proxy=DIRECT

network: Connecting http://myURL/java/images/fitHeight.gif with cookie "__utma=63064624.654926256.1146849106.1146849106.1146849106.1; __utmz=63064624.1146849106.1.1.utmccn=(direct)|utmcsr=(direct)|utmcmd=(none)"

basic: Cached file name: fitHeight.gif-3f2a3aa3-23652ab5.gif

network: Connecting http://myURL/java/images/actualSize.gif with proxy=DIRECT

network: Connecting http://myURL/java/images/actualSize.gif with cookie "__utma=63064624.654926256.1146849106.1146849106.1146849106.1; __utmz=63064624.1146849106.1.1.utmccn=(direct)|utmcsr=(direct)|utmcmd=(none)"

basic: Cached file name: actualSize.gif-620cf7cc-6cd94237.gif

network: Connecting http://myURL/java/images/reset.gif with proxy=DIRECT

network: Connecting http://myURL/java/images/reset.gif with cookie "__utma=63064624.654926256.1146849106.1146849106.1146849106.1; __utmz=63064624.1146849106.1.1.utmccn=(direct)|utmcsr=(direct)|utmcmd=(none)"

basic: Cached file name: reset.gif-3c79d75a-6c0eda10.gif

liveconnect: JavaScript: UniversalBrowserRead enabled

liveconnect: JavaScript: UniversalJavaPermission enabled

liveconnect: JavaScript: UniversalBrowserRead enabled

liveconnect: JavaScript: UniversalJavaPermission enabled

liveconnect: JavaScript: UniversalBrowserRead enabled

liveconnect: JavaScript: UniversalJavaPermission enabled

liveconnect: JavaScript: UniversalBrowserRead enabled

liveconnect: JavaScript: UniversalJavaPermission enabled

liveconnect: JavaScript: UniversalBrowserRead enabled

liveconnect: JavaScript: UniversalJavaPermission enabled

liveconnect: JavaScript: UniversalBrowserRead enabled

liveconnect: JavaScript: UniversalJavaPermission enabled

liveconnect: JavaScript: UniversalBrowserRead enabled

liveconnect: JavaScript: UniversalJavaPermission enabled

liveconnect: JavaScript: calling Java system code

liveconnect: JavaScript:default security policy = http://myURL

liveconnect: JavaScript: calling Java system code

liveconnect: JavaScript:default security policy = http://myURL

liveconnect: JavaScript: calling Java system code

liveconnect: JavaScript:default security policy = http://myURL

liveconnect: JavaScript: UniversalBrowserRead enabled

liveconnect: JavaScript:default security policy = http://myURL

myURL : 1199

network: Connecting socket://myURL:1199 with proxy=DIRECT

network: Connecting socket://someURL with proxy=DIRECT

Fax Viewer time = 4406

fsg val = net.nighthawk.ifd.common.fax.FaxStapleGroup@1f2be27

Exception in thread"Thread-2321" java.lang.ExceptionInInitializerError

at net.nighthawk.ifd.client.FaxViewPanel.openFaxImages(FaxViewPanel.java:262)

at net.nighthawk.ifd.client.FaxViewPanel.openFax(FaxViewPanel.java:217)

at net.nighthawk.ifd.client.FaxViewApplet$FaxOpener.run(FaxViewApplet.java:66)

at java.lang.Thread.run(Unknown Source)

Caused by: org.apache.commons.logging.LogConfigurationException: java.security.AccessControlException: access denied (java.lang.RuntimePermission getClassLoader) (Caused by java.security.AccessControlException: access denied (java.lang.RuntimePermission getClassLoader))

at org.apache.commons.logging.impl.LogFactoryImpl.newInstance(LogFactoryImpl.java:634)

at org.apache.commons.logging.impl.LogFactoryImpl.getInstance(LogFactoryImpl.java:333)

at org.apache.commons.logging.impl.LogFactoryImpl.getInstance(LogFactoryImpl.java:307)

at org.apache.commons.logging.LogFactory.getLog(LogFactory.java:645)

at net.nighthawk.ifd.common.util.TIFF60.<clinit>(TIFF60.java:65)

... 4 more

Caused by: java.security.AccessControlException: access denied (java.lang.RuntimePermission getClassLoader)

at java.security.AccessControlContext.checkPermission(Unknown Source)

at java.security.AccessController.checkPermission(Unknown Source)

at java.lang.SecurityManager.checkPermission(Unknown Source)

at java.lang.ClassLoader.getParent(Unknown Source)

at org.apache.commons.logging.impl.LogFactoryImpl.getLowestClassLoader(LogFactoryImpl.java:1250)

at org.apache.commons.logging.impl.LogFactoryImpl.getBaseClassLoader(LogFactoryImpl.java:1170)

at org.apache.commons.logging.impl.LogFactoryImpl.createLogFromClass(LogFactoryImpl.java:972)

at org.apache.commons.logging.impl.LogFactoryImpl.discoverLogImplementation(LogFactoryImpl.java:838)

at org.apache.commons.logging.impl.LogFactoryImpl.newInstance(LogFactoryImpl.java:601)

... 8 more

network: Connecting socket://someURL with proxy=DIRECT

network: Connecting socket://someURL with proxy=DIRECT

network: Connecting socket://someURL with proxy=DIRECT

network: Connecting socket://someURL with proxy=DIRECT

[19179 byte] By [MisterFlibblea] at [2007-10-2 21:47:31]
«« Crystal Report parameter fields
»» SELECT problem
# 1
Apparently something like this is required: http://www.snowbound.com/tech_tips/g_security_applet_java.htmlIs there a better way, or is this better documented by Sun somewhere?
MisterFlibblea at 2007-7-14 1:03:12 > top of Java-index,Desktop,Core GUI APIs...
# 2

So doing some more testing I uncovered that I am getting this Security error with Firefox 1.5.0.4 and Java 1.5.0_07.

Tested with IE -- NO error! Also did a test with the same firefox and Java 6 beta 2 and NO error!!!

So is this a bug that has been fixed for firefox in the latest java? I couldn't find a related bug in the Sun DB...can anyone shed some more light on this problem?

MisterFlibblea at 2007-7-14 1:03:12 > top of Java-index,Desktop,Core GUI APIs...
# 3

Solution:

After thinking awhile about how to work around this, I knew that when javascript calls a method on your applet, it goes through a different security framework. So I was thinking how to remove the actuall offending call from the exposed applet method, and I tried kicking off a new thread in that method to do the work. No luck. So the security framework must still look at threads created from the 'javascript' called method.

Plan B, use SwingUtilities.invokeLater to run my thread...whahoo! It worked!

MisterFlibblea at 2007-7-14 1:03:12 > top of Java-index,Desktop,Core GUI APIs...
# 4

This problem was submitted as a bug in 2004!!!!

See BUG ID: 5097873

SUN made the unbelievable determination that this was not a bug!!!

I'm having the same problem using the same browser and JRE mentioned above. I expect that all my clients will also have the same problem and bend my ear with howls of joy.

So invokeLater() works eh? Thanks -- I'll give that a try.

kenwarnera at 2007-7-14 1:03:12 > top of Java-index,Desktop,Core GUI APIs...
# 5
BTW: invokeLater(runnable) still causes the spew.Doesn't provide workaround.
kenwarnera at 2007-7-14 1:03:12 > top of Java-index,Desktop,Core GUI APIs...
Desktop
Core GUI APIs

Desktop New Topic

Desktop Hot Topic

Desktop

All Classified