this is not an error. the permission check failed because the request came in on an unprotected transport. the web container uses this permission check to determine when to automatically redirect the request to the protected port, which will force an ssl handlshake, after which the permission check will be repeated, and will succeed (if the handshake proceeds).
The info message comes from the policy system, which writes a generic log message when a permission check fails. The log msg identifies the permission that was being checked and the protection domain for which the permission check failed.
"no signer certificates" is a characteristic of the protection domain. It indicates that the protection domain was not loaded from a signed jar. The identity of the code signer, (i.e., the party considered to be the source of the code) can be one factor in the deterimation of whether a permission should be granted to code.
Ron
[Message sent by forum member 'monzillo' (monzillo)]
http://forums.java.net/jive/thread.jspa?messageID=264067