Skip to main content

Signed Applet throws security exception when publish advertisement

2 replies [Last post]
iqnone
Offline
Joined: 2008-03-19

hi
i have a signed applet, and i also have signed all 4 jxta jar libs. In the init function from applet i have something like

AdvertisementFactory.registerAdvertisementInstance(VeeXatPeerAdvertisement.getAdvertisementType(),
new VeeXatPeerAdvertisement.Instantiator());

NetworkConfigurator config = new NetworkConfigurator();

ConfigParams params = config.getPlatformConfig();

File file = new File("C:/VeeXatConfig");
deleteDirectory(file);
file.mkdir();

URI filestore = file.toURI();
NetPeerGroupFactory factory = new NetPeerGroupFactory(params, filestore);

m_peerGroup = factory.getInterface();
m_discoveryService = m_peerGroup.getDiscoveryService();

The directory C:/VeeXatConfig is created and i have files in it. Everything just works(i use sockets, to connect and comunicate with known peers, no problem there) except the discovery part. I have this function that starts the discovery

public void startDicovery(boolean searchIsOn, final String gender, final String country, final String location, final String description) {
m_sendDiscovery = searchIsOn;
if (m_sendDiscovery) {
Thread discoveryThread = new Thread(new Runnable() {

public void run() {
long advLifeTime = 60 * 2 * 1000;
long advExpiration = 60 * 3 * 1000;
VeeXatPeerAdvertisement adv = new VeeXatPeerAdvertisement();

adv.setID(ID.nullID);
adv.setType("request");
adv.setUsername(m_username);
adv.setSocketId(m_socketid);
adv.setCountry(country);
adv.setGender(gender);
adv.setDescription(description);
adv.setLocation(location);

System.out.println(adv.toString());
while (m_sendDiscovery) {
try {
System.out.println("sendig adv");
m_discoveryService.publish(adv, advLifeTime, advExpiration);
} catch (IOException ex) {
Logger.getLogger(VeeXatPeer.class.getName()).log(Level.SEVERE, null, ex);
}
try {
Thread.sleep(600000);
} catch (InterruptedException ex) {
Logger.getLogger(VeeXatPeer.class.getName()).log(Level.SEVERE, null, ex);
}
}
}
});
discoveryThread.start();
}
}

and the output is

<?xml version="1.0" encoding="UTF-8"?>

urn:jxta:jxta-Null

request

urn:jxta:uuid-5660E3783FF64A40A6BA9142A381AFB52F83E6E616BA4C98816E85161F55773304

IqNone

Male

Aruba

ssss

aaaaa

sendig adv
Jun 23, 2008 4:16:30 AM net.jxta.impl.cm.Cm save
WARNING: Failed to write Adv/cm19fa00f8209bf1ad4a3f24237cc4a53b0aaa7d8b 120,000 120,000
net.jxta.impl.xindice.core.filer.FilerException: Error opening advertisements-AdvDescription.idx
at net.jxta.impl.xindice.core.filer.Paged.open(Paged.java:607)
at net.jxta.impl.xindice.core.filer.BTree.open(BTree.java:152)
at net.jxta.impl.cm.Indexer.addToIndex(Indexer.java:350)
at net.jxta.impl.cm.Cm.save(Cm.java:686)
at net.jxta.impl.discovery.DiscoveryServiceImpl.publish(DiscoveryServiceImpl.java:761)
at net.jxta.impl.discovery.DiscoveryServiceInterface.publish(DiscoveryServiceInterface.java:213)
at peer.VeeXatPeer$2.run(VeeXatPeer.java:464)
at java.lang.Thread.run(Unknown Source)
Caused by: java.security.AccessControlException: access denied (java.io.FilePermission C:\VeeXatConfig\cm\jxta-NetGroup\advertisements-AdvDescription.idx read)
at java.security.AccessControlContext.checkPermission(Unknown Source)
at java.security.AccessController.checkPermission(Unknown Source)
at java.lang.SecurityManager.checkPermission(Unknown Source)
at java.lang.SecurityManager.checkRead(Unknown Source)
at java.io.File.exists(Unknown Source)
at net.jxta.impl.xindice.core.filer.Paged.exists(Paged.java:566)
at net.jxta.impl.xindice.core.filer.Paged.open(Paged.java:598)
... 7 more
Jun 23, 2008 4:16:30 AM peer.VeeXatPeer$2 run
SEVERE: null
java.io.IOException: Failed to write Adv/cm19fa00f8209bf1ad4a3f24237cc4a53b0aaa7d8b 120000 120000
at net.jxta.impl.cm.Cm.save(Cm.java:703)
at net.jxta.impl.discovery.DiscoveryServiceImpl.publish(DiscoveryServiceImpl.java:761)
at net.jxta.impl.discovery.DiscoveryServiceInterface.publish(DiscoveryServiceInterface.java:213)
at peer.VeeXatPeer$2.run(VeeXatPeer.java:464)
at java.lang.Thread.run(Unknown Source)
Caused by: net.jxta.impl.xindice.core.filer.FilerException: Error opening advertisements-AdvDescription.idx
at net.jxta.impl.xindice.core.filer.Paged.open(Paged.java:607)
at net.jxta.impl.xindice.core.filer.BTree.open(BTree.java:152)
at net.jxta.impl.cm.Indexer.addToIndex(Indexer.java:350)
at net.jxta.impl.cm.Cm.save(Cm.java:686)
... 4 more
Caused by: java.security.AccessControlException: access denied (java.io.FilePermission C:\VeeXatConfig\cm\jxta-NetGroup\advertisements-AdvDescription.idx read)
at java.security.AccessControlContext.checkPermission(Unknown Source)
at java.security.AccessController.checkPermission(Unknown Source)
at java.lang.SecurityManager.checkPermission(Unknown Source)
at java.lang.SecurityManager.checkRead(Unknown Source)
at java.io.File.exists(Unknown Source)
at net.jxta.impl.xindice.core.filer.Paged.exists(Paged.java:566)
at net.jxta.impl.xindice.core.filer.Paged.open(Paged.java:598)
... 7 more

I really need a solution for this, and fast! If it's something more complex i would also apreciate a step - by - step example, pls!

Reply viewing options

Select your preferred way to display the comments and click "Save settings" to activate your changes.
tackline
Offline
Joined: 2003-06-19

There's two problems here: The JavaScript is not signed and therefore should be always untrusted. Secondly the access control context (acc) is inherited when you create a thread. acc is only loosely related to the stack - doPrivileged and new threads change things.

iqnone
Offline
Joined: 2008-03-19

oh well, i got it. The function can't be public cause it can be called by javascript and also can't be called in threads created by public methods.