Michael Elman wrote:
> Sure.
>
> Below is an exception I got running HelloWorldWebApp example using:
> SDK: 1.5.14
> Server: Tomcat 5.5.23 with default security settings (run "startup
> -security")
> Jersey: 0.7
>
> java.security.AccessControlException: access denied (java.lang.RuntimePermission accessDeclaredMembers)
> java.security.AccessControlContext.checkPermission(AccessControlContext.java:264)
>
> java.security.AccessController.checkPermission(AccessController.java:427)
> java.lang.SecurityManager.checkPermission(SecurityManager.java:532)
> java.lang.SecurityManager.checkMemberAccess(SecurityManager.java:1662)
>
> java.lang.Class.checkMemberAccess(Class.java:2125)
> java.lang.Class.getDeclaredMethods(Class.java:1762)
> com.sun.ws.rest.impl.modelapi.annotation.IntrospectionModeller.logNonPublicMethods(IntrospectionModeller.java:421)
<snip>
>
> As you can see it fails on java.lang.Class.getDeclaredMethods().
>
> If I run the injection code, it fails on f.setAccessible(true).
>
OK.
> As I know it's possible to grant specific permissions to a class,
> package or even jar or folder inside the war, so it's possible to solve
> this exception by granting the permissions to "com.sun.ws.rest" package
> or to jersey.jar
>
> Although, I'm wandering if I'm the only one who cares about the
> SecurityManager?
>
I think it is important to ensure that things work OK under such
circumstances: either documenting what needs to be done, fixing code if
possible, or when integrating into GF configuring things so that
permissions are granted. I have just sent some email asking some EE
experts...
Paul.
--
| ? + ? = To question
----------------\
Paul Sandoz
x38109
+33-4-76188109