Search code examples
javasecurityappletaccesscontrolexception

Signed Jar & doPrivileged doesn't solve access control exception


I am trying to invoke the file chooser option and get the file name as a input. But I am getting the java AccessControlException. This works fine when I launch the applet with a web browser but throw exception when tried with applet viewer.

I have tried the following

  1. Signed the JAR using keytool and jarsigner JDK1.6.24
  2. Use AccessController.doPrivileged.

But I am still getting the same exception as follows.

    Exception in thread "AWT-EventQueue-1" java.security.AccessControlException: acc
ess denied (java.util.PropertyPermission user.dir read)
        at java.security.AccessControlContext.checkPermission(AccessControlConte
xt.java:374)
        at java.security.AccessController.checkPermission(AccessController.java:
546)
        at java.lang.SecurityManager.checkPermission(SecurityManager.java:532)
        at java.lang.SecurityManager.checkPropertyAccess(SecurityManager.java:12
85)
        at java.lang.System.getProperty(System.java:650)
        at java.io.Win32FileSystem.getUserPath(Win32FileSystem.java:296)
        at java.io.Win32FileSystem.resolve(Win32FileSystem.java:312)
        at java.io.File.getAbsolutePath(File.java:501)
        at javax.swing.filechooser.WindowsFileSystemView.isFloppyDrive(FileSyste
mView.java:734)
        at javax.swing.plaf.basic.BasicFileChooserUI$BasicFileView.getIcon(Basic
FileChooserUI.java:1200)
        at javax.swing.JFileChooser.getIcon(JFileChooser.java:1538)
        at javax.swing.plaf.metal.MetalFileChooserUI$DirectoryComboBoxRenderer.g
etListCellRendererComponent(MetalFileChooserUI.java:854)
        at javax.swing.plaf.basic.BasicListUI.updateLayoutState(BasicListUI.java
:1344)
        at javax.swing.plaf.basic.BasicListUI.maybeUpdateLayoutState(BasicListUI
.java:1294)
        at javax.swing.plaf.basic.BasicListUI$Handler.valueChanged(BasicListUI.j
ava:2611)
        at javax.swing.DefaultListSelectionModel.fireValueChanged(DefaultListSel
ectionModel.java:167)
        at javax.swing.DefaultListSelectionModel.fireValueChanged(DefaultListSel
ectionModel.java:147)
        at javax.swing.DefaultListSelectionModel.fireValueChanged(DefaultListSel
ectionModel.java:194)
        at javax.swing.DefaultListSelectionModel.changeSelection(DefaultListSele
ctionModel.java:388)
        at javax.swing.DefaultListSelectionModel.changeSelection(DefaultListSele
ctionModel.java:398)
        at javax.swing.DefaultListSelectionModel.setSelectionInterval(DefaultLis
tSelectionModel.java:442)
        at javax.swing.JList.setSelectedIndex(JList.java:2179)
        at javax.swing.plaf.basic.BasicComboPopup.setListSelection(BasicComboPop
up.java:1126)
        at javax.swing.plaf.basic.BasicComboPopup.access$300(BasicComboPopup.jav
a:46)
        at javax.swing.plaf.basic.BasicComboPopup$Handler.itemStateChanged(Basic
ComboPopup.java:964)
        at javax.swing.JComboBox.fireItemStateChanged(JComboBox.java:1205)
        at javax.swing.JComboBox.selectedItemChanged(JComboBox.java:1262)
        at javax.swing.JComboBox.contentsChanged(JComboBox.java:1309)
        at javax.swing.AbstractListModel.fireContentsChanged(AbstractListModel.j
ava:100)
        at javax.swing.plaf.metal.MetalFileChooserUI$DirectoryComboBoxModel.setS
electedItem(MetalFileChooserUI.java:1001)
        at javax.swing.plaf.metal.MetalFileChooserUI$DirectoryComboBoxModel.addI
tem(MetalFileChooserUI.java:972)
        at javax.swing.plaf.metal.MetalFileChooserUI$DirectoryComboBoxModel.acce
ss$900(MetalFileChooserUI.java:897)
        at javax.swing.plaf.metal.MetalFileChooserUI.doDirectoryChanged(MetalFil
eChooserUI.java:648)
        at javax.swing.plaf.metal.MetalFileChooserUI.access$1200(MetalFileChoose
rUI.java:38)
        at javax.swing.plaf.metal.MetalFileChooserUI$5.propertyChange(MetalFileC
hooserUI.java:734)
        at java.beans.PropertyChangeSupport.firePropertyChange(PropertyChangeSup
port.java:339)
        at java.beans.PropertyChangeSupport.firePropertyChange(PropertyChangeSup
port.java:276)
        at java.awt.Component.firePropertyChange(Component.java:8154)
        at javax.swing.JFileChooser.setCurrentDirectory(JFileChooser.java:568)
        at javax.swing.JFileChooser.<init>(JFileChooser.java:334)
        at javax.swing.JFileChooser.<init>(JFileChooser.java:286)
        at StegnoMainFrame.selectFileAction(StegnoMainFrame.java:596)
        at StegnoMainFrame.access$800(StegnoMainFrame.java:48)
        at StegnoMainFrame$4.actionPerformed(StegnoMainFrame.java:201)
        at javax.swing.AbstractButton.fireActionPerformed(AbstractButton.java:19
95)
        at javax.swing.AbstractButton$Handler.actionPerformed(AbstractButton.jav
a:2318)
        at javax.swing.DefaultButtonModel.fireActionPerformed(DefaultButtonModel
.java:387)
        at javax.swing.DefaultButtonModel.setPressed(DefaultButtonModel.java:242
)
        at javax.swing.plaf.basic.BasicButtonListener.mouseReleased(BasicButtonL
istener.java:236)
        at java.awt.Component.processMouseEvent(Component.java:6289)
        at javax.swing.JComponent.processMouseEvent(JComponent.java:3267)
        at java.awt.Component.processEvent(Component.java:6054)
        at java.awt.Container.processEvent(Container.java:2041)
        at java.awt.Component.dispatchEventImpl(Component.java:4652)
        at java.awt.Container.dispatchEventImpl(Container.java:2099)
        at java.awt.Component.dispatchEvent(Component.java:4482)
        at java.awt.LightweightDispatcher.retargetMouseEvent(Container.java:4577
)
        at java.awt.LightweightDispatcher.processMouseEvent(Container.java:4238)

        at java.awt.LightweightDispatcher.dispatchEvent(Container.java:4168)
        at java.awt.Container.dispatchEventImpl(Container.java:2085)
        at java.awt.Component.dispatchEvent(Component.java:4482)
        at java.awt.EventQueue.dispatchEventImpl(EventQueue.java:644)
        at java.awt.EventQueue.access$000(EventQueue.java:85)
        at java.awt.EventQueue$1.run(EventQueue.java:603)
        at java.awt.EventQueue$1.run(EventQueue.java:601)
        at java.security.AccessController.doPrivileged(Native Method)
        at java.security.AccessControlContext$1.doIntersectionPrivilege(AccessCo
ntrolContext.java:87)
        at java.security.AccessControlContext$1.doIntersectionPrivilege(AccessCo
ntrolContext.java:98)
        at java.awt.EventQueue$2.run(EventQueue.java:617)
        at java.awt.EventQueue$2.run(EventQueue.java:615)
        at java.security.AccessController.doPrivileged(Native Method)
        at java.security.AccessControlContext$1.doIntersectionPrivilege(AccessCo
ntrolContext.java:87)
        at java.awt.EventQueue.dispatchEvent(EventQueue.java:614)
        at java.awt.EventDispatchThread.pumpOneEventForFilters(EventDispatchThre
ad.java:269)
        at java.awt.EventDispatchThread.pumpEventsForFilter(EventDispatchThread.
java:184)
        at java.awt.EventDispatchThread.pumpEventsForHierarchy(EventDispatchThre
ad.java:174)
        at java.awt.EventDispatchThread.pumpEvents(EventDispatchThread.java:169)

        at java.awt.EventDispatchThread.pumpEvents(EventDispatchThread.java:161)

        at java.awt.EventDispatchThread.run(EventDispatchThread.java:122)

Please find my code part of code where I used doPrivileged.

private boolean selectFileAction(final String titleTextIn, final JTextField fileLocIn, final boolean allowFileFilter, 
        final boolean setOutFile)
{
    String isOkSelected = "false";
    final JFileChooser chooser = new JFileChooser();
    isOkSelected = (String) AccessController.doPrivileged(new PrivilegedAction() {
        public Object run() {
            if (allowFileFilter)
            {
                FileNameExtensionFilter filter = new FileNameExtensionFilter("GIF Images", "gif");
                chooser.setFileFilter(filter);
            }
            if (setOutFile)
            {
                if (hideRadiButton.isSelected())
                {
                    if (titleTextIn.contains("Key"))
                        chooser.setSelectedFile(new File("enckey"));
                    else
                        chooser.setSelectedFile(new File("output.gif"));
                }
                else
                    chooser.setSelectedFile(new File("output.txt"));
            }
            chooser.setDialogTitle(titleTextIn);
            int returnVal = chooser.showOpenDialog(getContentPane());
            boolean tempSelected = false;
            if(returnVal == JFileChooser.APPROVE_OPTION) {
                tempSelected = true;
                fileLocIn.setText(chooser.getSelectedFile().getAbsolutePath());
            }
            System.loadLibrary("awt");
            return tempSelected;
        }
    });


    return Boolean.parseBoolean(isOkSelected);
}

Solution

  • This works fine when I launch the applet with a webbrowser

    So no (real) problem then.

    ..but throw exception when tried with appletviewer.

    Recent versions of applet viewer as configured by the SDK are sand-boxed even if the code is signed and you select the menu options to trust it. Applet viewer when launched from an IDE generally has a security policy that has all permissions (even if not signed).