java.security.AccessControlException: access denied (java.net.SocketPermission 127.0.0.1:8081 connect,resolve) - main reasons
Solution 1
Same trusted signed applet (Digicert certificate), works great on some PCs, doesn't work on other.
It isn't trusted by those other PCs, and wasn't accepted by the user as trusted when asked.
OR
This is my manifest.mf
Trusted-Library: true
Application-Name: MyApp
Name: MyName
Permissions: all-permissions
Created-By: 1.6.0_16 (Sun Microsystems Inc.)
Caller-Allowable-Codebase: *
Main-Class: MyClass
Codebase: *
If that's the complete manifest, this JAR isn't signed at all, let alone by a trusted certificate. It should be full of Name:
and SHA-256-Digest
entries.
Solution 2
go to path of java jdk and ./jre/lib/security/ open java policy file
then set the grant permission for SocketPermission
grant{
permission java.net.SocketPermission "localhost:8080", "connect,resolve";
}
then restart and run your code.
Andrea Baglioni
Updated on July 09, 2022Comments
-
Andrea Baglioni almost 2 years
What are the main reasons that cause the exception reported?
Same trusted signed applet (Digicert certificate), works great on some PCs, doesn't work on other. Exception occurs when i try to get an attachment stream through
URLConnection
Where it doesn't works, i resolve with
grant { permission java.security.AllPermission; };
in
java.policy
but i would like to avoid to update every PC.Could be a
port
(8081) issue? What should I investigate? -
user207421 almost 10 yearsIf he doesn't have permission to open a socket he certainly won't have permission to change the security manager.
-
Brett almost 10 yearsIf you set a security manager, you set it for all the applets in the process. Probably not a good idea. In general, you want to avoid globals.
-
Andrea Baglioni almost 10 yearsAs i said, jar file is signed with Digicert Certificate. This is my manifest.mf
Trusted-Library: true Application-Name: MyApp Name: MyName Permissions: all-permissions Created-By: 1.6.0_16 (Sun Microsystems Inc.) Caller-Allowable-Codebase: * Main-Class: MyClass Codebase: *
-
VOLVO almost 10 yearsYour jar file is signed by sun?
-
Andrea Baglioni almost 10 yearsNo, by DigiCert. Do you mean that i have to remove the line "Created by..." ?
-
VOLVO almost 10 yearsNo my friend. find same jar without sign. and sign by other certificate.
-
VOLVO almost 10 yearsand use this solution: public void method() { AccessController.doPrivileged(new PrivilegedAction() { public Object run() { // It will work if your applet is signed callWeb(); return null; } }); } private void callWeb() { }
-
Andrea Baglioni almost 10 yearsCommand that cause the problem is just in a Privileged block. But, sorry, why should I sign up with another certificate? My question is more general: why in a PC i have the problem and not in another one? What to investigate?
-
VOLVO almost 10 yearsI had a same problem with this certificate. Sun Microsystems Inc. And I have to sign by my self certificate. So test privileged block if problem does not solve sign that by other certificate.
-
Andrea Baglioni almost 10 yearsI think that could a problem related to something on PC (user rights or something else, that's why it doesn't happen on every PC), but i can't figure it out. I use Digicert certificate to accomplish with JRE 1.7 requirements, i used originally a self certificate.