java.security.AccessControlException: access denied (java.lang.RuntimePermission accessClassInPackage.sun.misc)
13,472
Solution 1
There's a problem in your tomcat security configuration. Check if exists in ${catalina.home}/conf/catalina.policy the following lines :
grant {
// Precompiled JSPs need access to this package.
permission java.lang.RuntimePermission "accessClassInPackage.sun.misc";
permission java.lang.RuntimePermission "accessClassInPackage.sun.misc.*";
};
and add in ${catalina.home}/conf/policy.d/03.catalina.policy
// The permissions granted to your jar (ir.omicc ??)
grant codeBase "file:/path/to/the/ir.omicc.utilBox/your.jar" {
permission java.security.AllPermission;
};
it's a workaround but it's not secure.
Solution 2
It seems that the class ir.omicc.utilBox.PasswordService tries to use some class in the sun.misc package. If this class is one of your classes, then you should reimplement it without accessing the sun.misc classes. If not, then ask the developer/company who implemented this class to fix it. Using sun.misc classes is a very bad practice, which has always been discouraged.
Solution 3
I asssume the stack trace has been edited. You now need to grant your codebase the following permission:
java.util.PropertyPermission "hibernate.enable_specj_proprietary_syntax", "read";
or more probably "hibernate.*", "read, write";
Comments
-
MoienGK almost 2 years
So my hosting company changed their service to tomcat 7 with security manager, and from that time on I am getting this exception every time my application tries to connect to MySQL database with Hibernate. I don't know what to do, they ask me for my Tomcat permissions, but I have not defined anything special.
Can any one help me?
This is my stack trace:
org.apache.jasper.servlet.JspServletWrapper.handleJspException(JspServletWrapper.java:505) org.apache.jasper.servlet.JspServletWrapper.service(JspServletWrapper.java:398) org.apache.jasper.servlet.JspServlet.serviceJspFile(JspServlet.java:342) org.apache.jasper.servlet.JspServlet.service(JspServlet.java:267) javax.servlet.http.HttpServlet.service(HttpServlet.java:717) sun.reflect.GeneratedMethodAccessor134.invoke(Unknown Source) sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25) java.lang.reflect.Method.invoke(Method.java:597) org.apache.catalina.security.SecurityUtil$1.run(SecurityUtil.java:269) java.security.AccessController.doPrivileged(Native Method) javax.security.auth.Subject.doAsPrivileged(Subject.java:517) org.apache.catalina.security.SecurityUtil.execute(SecurityUtil.java:301) org.apache.catalina.security.SecurityUtil.doAsPrivilege(SecurityUtil.java:162) root cause javax.servlet.ServletException: java.lang.ExceptionInInitializerError org.apache.jasper.runtime.PageContextImpl.doHandlePageException(PageContextImpl.java:862) org.apache.jasper.runtime.PageContextImpl.access$1100(PageContextImpl.java:71) org.apache.jasper.runtime.PageContextImpl$12.run(PageContextImpl.java:778) java.security.AccessController.doPrivileged(Native Method) org.apache.jasper.runtime.PageContextImpl.handlePageException(PageContextImpl.java:776) org.apache.jsp.news_jsp._jspService(news_jsp.java:285) org.apache.jasper.runtime.HttpJspBase.service(HttpJspBase.java:70) javax.servlet.http.HttpServlet.service(HttpServlet.java:717) org.apache.jasper.servlet.JspServletWrapper.service(JspServletWrapper.java:374) org.apache.jasper.servlet.JspServlet.serviceJspFile(JspServlet.java:342) org.apache.jasper.servlet.JspServlet.service(JspServlet.java:267) javax.servlet.http.HttpServlet.service(HttpServlet.java:717) sun.reflect.GeneratedMethodAccessor134.invoke(Unknown Source) sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25) java.lang.reflect.Method.invoke(Method.java:597) org.apache.catalina.security.SecurityUtil$1.run(SecurityUtil.java:269) java.security.AccessController.doPrivileged(Native Method) javax.security.auth.Subject.doAsPrivileged(Subject.java:517) org.apache.catalina.security.SecurityUtil.execute(SecurityUtil.java:301) org.apache.catalina.security.SecurityUtil.doAsPrivilege(SecurityUtil.java:162) root cause java.lang.ExceptionInInitializerError ir.omicc.hibernate.util.HibernateUtil.buildSessionFactory(HibernateUtil.java:16) ir.omicc.hibernate.util.HibernateUtil.getSessionFactory(HibernateUtil.java:24) ir.omicc.classes.Publisher.getNews(Publisher.java:126) org.apache.jsp.news_jsp._jspService(news_jsp.java:221) org.apache.jasper.runtime.HttpJspBase.service(HttpJspBase.java:70) javax.servlet.http.HttpServlet.service(HttpServlet.java:717) org.apache.jasper.servlet.JspServletWrapper.service(JspServletWrapper.java:374) org.apache.jasper.servlet.JspServlet.serviceJspFile(JspServlet.java:342) org.apache.jasper.servlet.JspServlet.service(JspServlet.java:267) javax.servlet.http.HttpServlet.service(HttpServlet.java:717) sun.reflect.GeneratedMethodAccessor134.invoke(Unknown Source) sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25) java.lang.reflect.Method.invoke(Method.java:597) org.apache.catalina.security.SecurityUtil$1.run(SecurityUtil.java:269) java.security.AccessController.doPrivileged(Native Method) javax.security.auth.Subject.doAsPrivileged(Subject.java:517) org.apache.catalina.security.SecurityUtil.execute(SecurityUtil.java:301) org.apache.catalina.security.SecurityUtil.doAsPrivilege(SecurityUtil.java:162) root cause java.security.AccessControlException: access denied (java.util.PropertyPermission hibernate.enable_specj_proprietary_syntax read) java.security.AccessControlContext.checkPermission(AccessControlContext.java:323) java.security.AccessController.checkPermission(AccessController.java:546) java.lang.SecurityManager.checkPermission(SecurityManager.java:532) java.lang.SecurityManager.checkPropertyAccess(SecurityManager.java:1285) java.lang.System.getProperty(System.java:650) org.hibernate.cfg.Configuration.reset(Configuration.java:362) org.hibernate.cfg.Configuration.<init>(Configuration.java:296) org.hibernate.cfg.Configuration.<init>(Configuration.java:300) ir.omicc.hibernate.util.HibernateUtil.buildSessionFactory(HibernateUtil.java:12) ir.omicc.hibernate.util.HibernateUtil.getSessionFactory(HibernateUtil.java:24) ir.omicc.classes.Publisher.getNews(Publisher.java:126) org.apache.jsp.news_jsp._jspService(news_jsp.java:221) org.apache.jasper.runtime.HttpJspBase.service(HttpJspBase.java:70) javax.servlet.http.HttpServlet.service(HttpServlet.java:717) org.apache.jasper.servlet.JspServletWrapper.service(JspServletWrapper.java:374) org.apache.jasper.servlet.JspServlet.serviceJspFile(JspServlet.java:342) org.apache.jasper.servlet.JspServlet.service(JspServlet.java:267) javax.servlet.http.HttpServlet.service(HttpServlet.java:717) sun.reflect.GeneratedMethodAccessor134.invoke(Unknown Source) sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25) java.lang.reflect.Method.invoke(Method.java:597) org.apache.catalina.security.SecurityUtil$1.run(SecurityUtil.java:269) java.security.AccessController.doPrivileged(Native Method) javax.security.auth.Subject.doAsPrivileged(Subject.java:517) org.apache.catalina.security.SecurityUtil.execute(SecurityUtil.java:301) org.apache.catalina.security.SecurityUtil.doAsPrivilege(SecurityUtil.java:162)