Discussions
Categories
- 382.3K All Categories
- 2.1K Data
- 208 Big Data Appliance
- 1.9K Data Science
- 447.9K Databases
- 220.9K General Database Discussions
- 3.7K Java and JavaScript in the Database
- 25 Multilingual Engine
- 522 MySQL Community Space
- 465 NoSQL Database
- 7.8K Oracle Database Express Edition (XE)
- 2.9K ORDS, SODA & JSON in the Database
- 492 SQLcl
- 3.9K SQL Developer Data Modeler
- 186.1K SQL & PL/SQL
- 21K SQL Developer
- 293.2K Development
- 7 Developer Projects
- 128 Programming Languages
- 290K Development Tools
- 96 DevOps
- 3K QA/Testing
- 645.6K Java
- 24 Java Learning Subscription
- 36.9K Database Connectivity
- 150 Java Community Process
- 104 Java 25
- 22.1K Java APIs
- 137.9K Java Development Tools
- 165.3K Java EE (Java Enterprise Edition)
- 16 Java Essentials
- 144 Java 8 Questions
- 85.9K Java Programming
- 79 Java Puzzle Ball
- 65.1K New To Java
- 1.7K Training / Learning / Certification
- 13.8K Java HotSpot Virtual Machine
- 94.2K Java SE
- 13.8K Java Security
- 198 Java User Groups
- 24 JavaScript - Nashorn
- Programs
- 261 LiveLabs
- 36 Workshops
- 10.2K Software
- 6.7K Berkeley DB Family
- 3.5K JHeadstart
- 5.8K Other Languages
- 2.3K Chinese
- 166 Deutsche Oracle Community
- 1.2K Español
- 1.9K Japanese
- 227 Portuguese
Getting security exception
Hi,
I am new to Java and learning the Java security. Following the java documentation tutorial (https://docs.oracle.com/javase/tutorial/security/userperm/index.html ) on creating special permission, I get an java.lang.SecurityException when I reach the end of the tutorial at (https://docs.oracle.com/javase/tutorial/security/userperm/kim.html ). Here is the content of the kim.policy file:
keystore "kim.keystore";
grant SignedBy "terry" {
permission
HighScorePermission
"SoccerGame", signedBy "chris";
};
grant SignedBy "chris" {
permission java.util.PropertyPermission
"user.home", "read";
permission java.io.FilePermission
"${user.home}${/}Downloads/TMP/scoreFile", "read,write";
permission
HighScorePermission
"*", signedBy "chris";
};
The stack trace:
Exception in thread "main" java.lang.SecurityException: class "HighScore"'s signer information does not match signer information of other classes in the same package
at java.base/java.lang.ClassLoader.checkCerts(ClassLoader.java:1151)
at java.base/java.lang.ClassLoader.preDefineClass(ClassLoader.java:906)
at java.base/java.lang.ClassLoader.defineClass(ClassLoader.java:1015)
at java.base/java.security.SecureClassLoader.defineClass(SecureClassLoader.java:151)
at java.base/jdk.internal.loader.BuiltinClassLoader.defineClass(BuiltinClassLoader.java:821)
at java.base/jdk.internal.loader.BuiltinClassLoader$4.run(BuiltinClassLoader.java:732)
at java.base/jdk.internal.loader.BuiltinClassLoader$4.run(BuiltinClassLoader.java:727)
at java.base/java.security.AccessController.doPrivileged(AccessController.java:312)
at java.base/jdk.internal.loader.BuiltinClassLoader.findClassOnClassPathOrNull(BuiltinClassLoader.java:740)
at java.base/jdk.internal.loader.BuiltinClassLoader.loadClassOrNull(BuiltinClassLoader.java:642)
at java.base/jdk.internal.loader.BuiltinClassLoader.loadClass(BuiltinClassLoader.java:600)
at java.base/jdk.internal.loader.ClassLoaders$AppClassLoader.loadClass(ClassLoaders.java:178)
at java.base/java.lang.ClassLoader.loadClass(ClassLoader.java:522)
at SoccerGame.setHighScore(SoccerGame.java:21)
at SoccerGame.main(SoccerGame.java:36)
For the sake of simplicity, I have removed all the package names from the source code (i.e. com.gamedev.games) and I renamed the class ExampleGames to SoccerGames. All the respective keys, keystores and certificates where generated according to the tutorial, however, I feel the security exception is due to the fact that jar files in this tutorial is signed by two different signers (according to the tutorial of course).
In addition, when I try to load the kim.policy into policytool, it can not find the class HighScorePermission which is located in terry.jar according to tutorial. From the windows command prompt, I have set the classpath to include the two jar file (terry.jar and hs.jar) in this tutorial.
I have invested a great deal to troubleshoot these two problems, alas reached the end of the rope and hopeless. At this junction, any insights, help or idea will be so great.
Thanks