Discussions
Categories
- 196.8K All Categories
- 2.2K Data
- 238 Big Data Appliance
- 1.9K Data Science
- 450.3K Databases
- 221.7K General Database Discussions
- 3.8K Java and JavaScript in the Database
- 31 Multilingual Engine
- 550 MySQL Community Space
- 478 NoSQL Database
- 7.9K Oracle Database Express Edition (XE)
- 3K ORDS, SODA & JSON in the Database
- 544 SQLcl
- 4K SQL Developer Data Modeler
- 187K SQL & PL/SQL
- 21.3K SQL Developer
- 295.8K Development
- 17 Developer Projects
- 138 Programming Languages
- 292.5K Development Tools
- 107 DevOps
- 3.1K QA/Testing
- 646K Java
- 28 Java Learning Subscription
- 37K Database Connectivity
- 155 Java Community Process
- 105 Java 25
- 22.1K Java APIs
- 138.1K Java Development Tools
- 165.3K Java EE (Java Enterprise Edition)
- 18 Java Essentials
- 160 Java 8 Questions
- 86K Java Programming
- 80 Java Puzzle Ball
- 65.1K New To Java
- 1.7K Training / Learning / Certification
- 13.8K Java HotSpot Virtual Machine
- 94.3K Java SE
- 13.8K Java Security
- 204 Java User Groups
- 24 JavaScript - Nashorn
- Programs
- 437 LiveLabs
- 38 Workshops
- 10.2K Software
- 6.7K Berkeley DB Family
- 3.5K JHeadstart
- 5.7K Other Languages
- 2.3K Chinese
- 171 Deutsche Oracle Community
- 1.1K Español
- 1.9K Japanese
- 232 Portuguese
Getting security exception
Hi,
I am new to Java and learning the Java security. Following the java documentation tutorial (https://docs.oracle.com/javase/tutorial/security/userperm/index.html ) on creating special permission, I get an java.lang.SecurityException when I reach the end of the tutorial at (https://docs.oracle.com/javase/tutorial/security/userperm/kim.html ). Here is the content of the kim.policy file:
keystore "kim.keystore";
grant SignedBy "terry" {
permission
HighScorePermission
"SoccerGame", signedBy "chris";
};
grant SignedBy "chris" {
permission java.util.PropertyPermission
"user.home", "read";
permission java.io.FilePermission
"${user.home}${/}Downloads/TMP/scoreFile", "read,write";
permission
HighScorePermission
"*", signedBy "chris";
};
The stack trace:
Exception in thread "main" java.lang.SecurityException: class "HighScore"'s signer information does not match signer information of other classes in the same package
at java.base/java.lang.ClassLoader.checkCerts(ClassLoader.java:1151)
at java.base/java.lang.ClassLoader.preDefineClass(ClassLoader.java:906)
at java.base/java.lang.ClassLoader.defineClass(ClassLoader.java:1015)
at java.base/java.security.SecureClassLoader.defineClass(SecureClassLoader.java:151)
at java.base/jdk.internal.loader.BuiltinClassLoader.defineClass(BuiltinClassLoader.java:821)
at java.base/jdk.internal.loader.BuiltinClassLoader$4.run(BuiltinClassLoader.java:732)
at java.base/jdk.internal.loader.BuiltinClassLoader$4.run(BuiltinClassLoader.java:727)
at java.base/java.security.AccessController.doPrivileged(AccessController.java:312)
at java.base/jdk.internal.loader.BuiltinClassLoader.findClassOnClassPathOrNull(BuiltinClassLoader.java:740)
at java.base/jdk.internal.loader.BuiltinClassLoader.loadClassOrNull(BuiltinClassLoader.java:642)
at java.base/jdk.internal.loader.BuiltinClassLoader.loadClass(BuiltinClassLoader.java:600)
at java.base/jdk.internal.loader.ClassLoaders$AppClassLoader.loadClass(ClassLoaders.java:178)
at java.base/java.lang.ClassLoader.loadClass(ClassLoader.java:522)
at SoccerGame.setHighScore(SoccerGame.java:21)
at SoccerGame.main(SoccerGame.java:36)
For the sake of simplicity, I have removed all the package names from the source code (i.e. com.gamedev.games) and I renamed the class ExampleGames to SoccerGames. All the respective keys, keystores and certificates where generated according to the tutorial, however, I feel the security exception is due to the fact that jar files in this tutorial is signed by two different signers (according to the tutorial of course).
In addition, when I try to load the kim.policy into policytool, it can not find the class HighScorePermission which is located in terry.jar according to tutorial. From the windows command prompt, I have set the classpath to include the two jar file (terry.jar and hs.jar) in this tutorial.
I have invested a great deal to troubleshoot these two problems, alas reached the end of the rope and hopeless. At this junction, any insights, help or idea will be so great.
Thanks