Note: This Java deployment guide describes features released prior to the Java SE 6 update 10 release. See Java Rich Internet Applications Development and Deployment for the latest information.
java.security.AccessControlException
Thrown In the
Execution of
java.beans.Introspector.setBeanInfoSearchPath()
MethodWhen running an applet in a browser by using the Sun Java™
Runtime Environment (JRE™) implementation, a
java.security.AccessControlException
is thrown in the
execution of the
java.beans.Introspector.setBeanInfoSearchPath() method
as shown below:
java.security.AccessControlException: access denied
(java.util.PropertyPermission * read,write)
at
java.security.AccessControlContext.checkPermission(Unknown
Source)
at
java.security.AccessController.checkPermission(Unknown
Source)
at
java.lang.SecurityManager.checkPermission(Unknown Source)
at
java.lang.SecurityManager.checkPropertiesAccess(Unknown
Source)
at
java.beans.Introspector.setBeanInfoSearchPath(Unknown Source)
at ....
The same applet runs without any error with the Microsoft Virtual Machine (VM).
The Introspector.setBeanInfoSearchPath()
method
call can change the list of package names used for finding
BeanInfo
classes. If more than one applet is running
in the VM, an untrusted applet could call this method to redirect
other applets to look up BeanInfo
in unexpected
packages. This is a flaw in security.
A security check for java.util.PropertyPermission
is added to Introspector.setBeanInfoSearchPath() method in the JRE
to address the security concern. If the applet is unsigned and it
calls this method, a
java.security.AccessControlException
is thrown.
To fix the above causes:
jarsigner
tool, so that the applet runs as a trusted
applet and has permissions to call the
Introspector.setBeanInfoSearchPath()
method.Introspector.setBeanInfoSearchPath()
. For example,
instead of relying on the BeanInfo
class search path,
use a fully qualified package name for searching the
BeanInfo
.See jarsigner, which is the JAR Signing and Verification Tool.