4 Replies Latest reply: Mar 3, 2008 3:40 AM by 807581 RSS

    Security Problems with Java System Application Server 9.1

    807581
      Hi All

      I am using Java System Application Server 9.1 over linux Red Hat Enterprise, my application has RMI, but when try to run de class appers the follow mistake:

      [#|2007-10-16T10:07:26.736-0500|SEVERE|sun-appserver9.1|org.apache.catalina.core.ContainerBase|_ThreadID=30;_ThreadName=ContainerBackgroundProcessor[StandardEngine[com.sun.appserv].StandardHost[server].StandardContext[AdminMenuWeb]];_RequestID=23427893-29bd-4f13-bb9b-515f41692f99;|Exception invoking periodic operation:
      java.lang.StackOverflowError
           at com.sun.enterprise.security.provider.PolicyFile.access$700(PolicyFile.java:296)
           at com.sun.enterprise.security.provider.PolicyFile$5.run(PolicyFile.java:1253)
           at com.sun.enterprise.security.provider.PolicyFile$5.run(PolicyFile.java:1252)
           at java.security.AccessController.doPrivileged(Native Method)
           at com.sun.enterprise.security.provider.PolicyFile.getPermissions(PolicyFile.java:1250)
           at com.sun.enterprise.security.provider.PolicyFile.getPermissions(PolicyFile.java:1198)
           at com.sun.enterprise.security.provider.PolicyFile.implies(PolicyFile.java:1153)
           at com.sun.enterprise.security.provider.BasePolicyWrapper.doImplies(BasePolicyWrapper.java:383)
           at com.sun.enterprise.security.provider.BasePolicyWrapper.implies(BasePolicyWrapper.java:243)
           at java.security.ProtectionDomain.implies(ProtectionDomain.java:213)
           at java.security.AccessControlContext.checkPermission(AccessControlContext.java:301)
           at java.security.AccessController.checkPermission(AccessController.java:546)
           at java.lang.SecurityManager.checkPermission(SecurityManager.java:532)
           at java.lang.SecurityManager.checkRead(SecurityManager.java:871)
           at java.io.File.isDirectory(File.java:752)
           at sun.net.www.ParseUtil.fileToEncodedURL(ParseUtil.java:242)
           at com.sun.enterprise.security.provider.PolicyFile.canonicalizeCodebase(PolicyFile.java:1827)
           at com.sun.enterprise.security.provider.PolicyFile.access$700(PolicyFile.java:296)
           at com.sun.enterprise.security.provider.PolicyFile$5.run(PolicyFile.java:1253)
           at com.sun.enterprise.security.provider.PolicyFile$5.run(PolicyFile.java:1252)
           at java.security.AccessController.doPrivileged(Native Method)
           at com.sun.enterprise.security.provider.PolicyFile.getPermissions(PolicyFile.java:1250)
           at com.sun.enterprise.security.provider.PolicyFile.getPermissions(PolicyFile.java:1198)
           at com.sun.enterprise.security.provider.PolicyFile.implies(PolicyFile.java:1153)
           at com.sun.enterprise.security.provider.BasePolicyWrapper.doImplies(BasePolicyWrapper.java:383)
           at com.sun.enterprise.security.provider.BasePolicyWrapper.implies(BasePolicyWrapper.java:243)
           at java.security.ProtectionDomain.implies(ProtectionDomain.java:213)
           at java.security.AccessControlContext.checkPermission(AccessControlContext.java:301)
           at java.security.AccessController.checkPermission(AccessController.java:546)
           at java.lang.SecurityManager.checkPermission(SecurityManager.java:532)
           at java.lang.SecurityManager.checkRead(SecurityManager.java:871)
           at java.io.File.isDirectory(File.java:752)
           at sun.net.www.ParseUtil.fileToEncodedURL(ParseUtil.java:242)
           at com.sun.enterprise.security.provider.PolicyFile.canonicalizeCodebase(PolicyFile.java:1827)
           at com.sun.enterprise.security.provider.PolicyFile.access$700(PolicyFile.java:296)
           at com.sun.enterprise.security.provider.PolicyFile$5.run(PolicyFile.java:1253)
           at com.sun.enterprise.security.provider.PolicyFile$5.run(PolicyFile.java:1252)
           at java.security.AccessController.doPrivileged(Native Method)
           at com.sun.enterprise.security.provider.PolicyFile.getPermissions(PolicyFile.java:1250)
           at com.sun.enterprise.security.provider.PolicyFile.getPermissions(PolicyFile.java:1198)
           at com.sun.enterprise.security.provider.PolicyFile.implies(PolicyFile.java:1153)
           at com.sun.enterprise.security.provider.BasePolicyWrapper.doImplies(BasePolicyWrapper.java:383)
           at com.sun.enterprise.security.provider.BasePolicyWrapper.implies(BasePolicyWrapper.java:243)
           at java.security.ProtectionDomain.implies(ProtectionDomain.java:213)
           at java.security.AccessControlContext.checkPermission(AccessControlContext.java:301)
           at java.security.AccessController.checkPermission(AccessController.java:546)
           at java.lang.SecurityManager.checkPermission(SecurityManager.java:532)
           at java.lang.SecurityManager.checkRead(SecurityManager.java:871)
           at java.io.File.isDirectory(File.java:752)
           at sun.net.www.ParseUtil.fileToEncodedURL(ParseUtil.java:242)
           at com.sun.enterprise.security.provider.PolicyFile.canonicalizeCodebase(PolicyFile.java:1827)
           at com.sun.enterprise.security.provider.PolicyFile.access$700(PolicyFile.java:296)
           at com.sun.enterprise.security.provider.PolicyFile$5.run(PolicyFile.java:1253)
           at com.sun.enterprise.security.provider.PolicyFile$5.run(PolicyFile.java:1252)
           at java.security.AccessController.doPrivileged(Native Method)
           at com.sun.enterprise.security.provider.PolicyFile.getPermissions(PolicyFile.java:1250)
           at com.sun.enterprise.security.provider.PolicyFile.getPermissions(PolicyFile.java:1198)
           at com.sun.enterprise.security.provider.PolicyFile.implies(PolicyFile.java:1153)
           at com.sun.enterprise.security.provider.BasePolicyWrapper.doImplies(BasePolicyWrapper.java:383)
           at com.sun.enterprise.security.provider.BasePolicyWrapper.implies(BasePolicyWrapper.java:243)
           at java.security.ProtectionDomain.implies(ProtectionDomain.java:213)
           at java.security.AccessControlContext.checkPermission(AccessControlContext.java:301)
           at java.security.AccessController.checkPermission(AccessController.java:546)
           at java.lang.SecurityManager.checkPermission(SecurityManager.java:532)
           at java.lang.SecurityManager.checkRead(SecurityManager.java:871)
           at java.io.File.isDirectory(File.java:752)
           at sun.net.www.ParseUtil.fileToEncodedURL(ParseUtil.java:242)
           at com.sun.enterprise.security.provider.PolicyFile.canonicalizeCodebase(PolicyFile.java:1827)
           at com.sun.enterprise.security.provider.PolicyFile.access$700(PolicyFile.java:296)
           at com.sun.enterprise.security.provider.PolicyFile$5.run(PolicyFile.java:1253)
           at com.sun.enterprise.security.provider.PolicyFile$5.run(PolicyFile.java:1252)
           at java.security.AccessController.doPrivileged(Native Method)
           at com.sun.enterprise.security.provider.PolicyFile.getPermissions(PolicyFile.java:1250)
           at com.sun.enterprise.security.provider.PolicyFile.getPermissions(PolicyFile.java:1198)
           at com.sun.enterprise.security.provider.PolicyFile.implies(PolicyFile.java:1153)
           at com.sun.enterprise.security.provider.BasePolicyWrapper.doImplies(BasePolicyWrapper.java:383)
           at com.sun.enterprise.security.provider.BasePolicyWrapper.implies(BasePolicyWrapper.java:243)
           at java.security.ProtectionDomain.implies(ProtectionDomain.java:213)
           at java.security.AccessControlContext.checkPermission(AccessControlContext.java:301)
           at java.security.AccessController.checkPermission(AccessController.java:546)
           at java.lang.SecurityManager.checkPermission(SecurityManager.java:532)
           at java.lang.SecurityManager.checkRead(SecurityManager.java:871)
           at java.io.File.isDirectory(File.java:752)
           at sun.net.www.ParseUtil.fileToEncodedURL(ParseUtil.java:242)
           at com.sun.enterprise.security.provider.PolicyFile.canonicalizeCodebase(PolicyFile.java:1827)
           at com.sun.enterprise.security.provider.PolicyFile.access$700(PolicyFile.java:296)
           at com.sun.enterprise.security.provider.PolicyFile$5.run(PolicyFile.java:1253)
           at com.sun.enterprise.security.provider.PolicyFile$5.run(PolicyFile.java:1252)
           at java.security.AccessController.doPrivileged(Native Method)
           at com.sun.enterprise.security.provider.PolicyFile.getPermissions(PolicyFile.java:1250)
           at com.sun.enterprise.security.provider.PolicyFile.getPermissions(PolicyFile.java:1198)
           at com.sun.enterprise.security.provider.PolicyFile.implies(PolicyFile.java:1153)
           at com.sun.enterprise.security.provider.BasePolicyWrapper.doImplies(BasePolicyWrapper.java:383)
           at com.sun.enterprise.security.provider.BasePolicyWrapper.implies(BasePolicyWrapper.java:243)
           at java.security.ProtectionDomain.implies(ProtectionDomain.java:213)
           at java.security.AccessControlContext.checkPermission(AccessControlContext.java:301)
           at java.security.AccessController.checkPermission(AccessController.java:546)
           at java.lang.SecurityManager.checkPermission(SecurityManager.java:532)
           at java.lang.SecurityManager.checkRead(SecurityManager.java:871)
           at java.io.File.isDirectory(File.java:752)
           at sun.net.www.ParseUtil.fileToEncodedURL(ParseUtil.java:242)
           at com.sun.enterprise.security.provider.PolicyFile.canonicalizeCodebase(PolicyFile.java:1827)
           at com.sun.enterprise.security.provider.PolicyFile.access$700(PolicyFile.java:296)
           at com.sun.enterprise.security.provider.PolicyFile$5.run(PolicyFile.java:1253)
           at com.sun.enterprise.security.provider.PolicyFile$5.run(PolicyFile.java:1252)
           at java.security.AccessController.doPrivileged(Native Method)
           at com.sun.enterprise.security.provider.PolicyFile.getPermissions(PolicyFile.java:1250)
           at com.sun.enterprise.security.provider.PolicyFile.getPermissions(PolicyFile.java:1198)
           at com.sun.enterprise.security.provider.PolicyFile.implies(PolicyFile.java:1153)
           at com.sun.enterprise.security.provider.BasePolicyWrapper.doImplies(BasePolicyWrapper.java:383)
           at com.sun.enterprise.security.provider.BasePolicyWrapper.implies(BasePolicyWrapper.java:243)
           at java.security.ProtectionDomain.implies(ProtectionDomain.java:213)
           at java.security.AccessControlContext.checkPermission(AccessControlContext.java:301)
           at java.security.AccessController.checkPermission(AccessController.java:546)
           at java.lang.SecurityManager.checkPermission(SecurityManager.java:532)
           at java.lang.SecurityManager.checkRead(SecurityManager.java:871)
           at java.io.File.isDirectory(File.java:752)
           at sun.net.www.ParseUtil.fileToEncodedURL(ParseUtil.java:242)
           at com.sun.enterprise.security.provider.PolicyFile.canonicalizeCodebase(PolicyFile.java:1827)
           at com.sun.enterprise.security.provider.PolicyFile.access$700(PolicyFile.java:296)
           at com.sun.enterprise.security.provider.PolicyFile$5.run(PolicyFile.java:1253)
           at com.sun.enterprise.security.provider.PolicyFile$5.run(PolicyFile.java:1252)
           at java.security.AccessController.doPrivileged(Native Method)
           at com.sun.enterprise.security.provider.PolicyFile.getPermissions(PolicyFile.java:1250)
           at com.sun.enterprise.security.provider.PolicyFile.getPermissions(PolicyFile.java:1198)
           at com.sun.enterprise.security.provider.PolicyFile.implies(PolicyFile.java:1153)
           at com.sun.enterprise.security.provider.BasePolicyWrapper.doImplies(BasePolicyWrapper.java:383)
           at com.sun.enterprise.security.provider.BasePolicyWrapper.implies(BasePolicyWrapper.java:243)
           at java.security.ProtectionDomain.implies(ProtectionDomain.java:213)
           at java.security.AccessControlContext.checkPermission(AccessControlContext.java:301)
           at java.security.AccessController.checkPermission(AccessController.java:546)
           at java.lang.SecurityManager.checkPermission(SecurityManager.java:532)
           at java.lang.SecurityManager.checkRead(SecurityManager.java:871)
           at java.io.File.isDirectory(File.java:752)
           at sun.net.www.ParseUtil.fileToEncodedURL(ParseUtil.java:242)
           at com.sun.enterprise.security.provider.PolicyFile.canonicalizeCodebase(PolicyFile.java:1827)
           at com.sun.enterprise.security.provider.PolicyFile.access$700(PolicyFile.java:296)
           at com.sun.enterprise.security.provider.PolicyFile$5.run(PolicyFile.java:1253)
           at com.sun.enterprise.security.provider.PolicyFile$5.run(PolicyFile.java:1252)
           at java.security.AccessController.doPrivileged(Native Method)
           at com.sun.enterprise.security.provider.PolicyFile.getPermissions(PolicyFile.java:1250)
           at com.sun.enterprise.security.provider.PolicyFile.getPermissions(PolicyFile.java:1198)
           at com.sun.enterprise.security.provider.PolicyFile.implies(PolicyFile.java:1153)
           at com.sun.enterprise.security.provider.BasePolicyWrapper.doImplies(BasePolicyWrapper.java:383)
           at com.sun.enterprise.security.provider.BasePolicyWrapper.implies(BasePolicyWrapper.java:243)
           at java.security.ProtectionDomain.implies(ProtectionDomain.java:213)
           at java.security.AccessControlContext.checkPermission(AccessControlContext.java:301)
           at java.security.AccessController.checkPermission(AccessController.java:546)
           at java.lang.SecurityManager.checkPermission(SecurityManager.java:532)
           at java.lang.SecurityManager.checkRead(SecurityManager.java:871)
           at java.io.File.isDirectory(File.java:752)
           at sun.net.www.ParseUtil.fileToEncodedURL(ParseUtil.java:242)
           at com.sun.enterprise.security.provider.PolicyFile.canonicalizeCodebase(PolicyFile.java:1827)
           at com.sun.enterprise.security.provider.PolicyFile.access$700(PolicyFile.java:296)
           at com.sun.enterprise.security.provider.PolicyFile$5.run(PolicyFile.java:1253)
           at com.sun.enterprise.security.provider.PolicyFile$5.run(PolicyFile.java:1252)
           at java.security.AccessController.doPrivileged(Native Method)
           at com.sun.enterprise.security.provider.PolicyFile.getPermissions(PolicyFile.java:1250)
           at com.sun.enterprise.security.provider.PolicyFile.getPermissions(PolicyFile.java:1198)
           at com.sun.enterprise.security.provider.PolicyFile.implies(PolicyFile.java:1153)
           at com.sun.enterprise.security.provider.BasePolicyWrapper.doImplies(BasePolicyWrapper.java:383)
           at com.sun.enterprise.security.provider.BasePolicyWrapper.implies(BasePolicyWrapper.java:243)
           at java.security.ProtectionDomain.implies(ProtectionDomain.java:213)
           at java.security.AccessControlContext.checkPermission(AccessControlContext.java:301)
           at java.security.AccessController.checkPermission(AccessController.java:546)
           at java.lang.SecurityManager.checkPermission(SecurityManager.java:532)
           at java.lang.SecurityManager.checkRead(SecurityManager.java:871)
           at java.io.File.isDirectory(File.java:752)
           at sun.net.www.ParseUtil.fileToEncodedURL(ParseUtil.java:242)
           at com.sun.enterprise.security.provider.PolicyFile.canonicalizeCodebase(PolicyFile.java:1827)
           at com.sun.enterprise.security.provider.PolicyFile.access$700(PolicyFile.java:296)
           at com.sun.enterprise.security.provider.PolicyFile$5.run(PolicyFile.java:1253)
           at com.sun.enterprise.security.provider.PolicyFile$5.run(PolicyFile.java:1252)
           at java.security.AccessController.doPrivileged(Native Method)
           at com.sun.enterprise.security.provider.PolicyFile.getPermissions(PolicyFile.java:1250)
           at com.sun.enterprise.security.provider.PolicyFile.getPermissions(PolicyFile.java:1198)
           at com.sun.enterprise.security.provider.PolicyFile.implies(PolicyFile.java:1153)
           at com.sun.enterprise.security.provider.BasePolicyWrapper.doImplies(BasePolicyWrapper.java:383)
           at com.sun.enterprise.security.provider.BasePolicyWrapper.implies(BasePolicyWrapper.java:243)
           at java.security.ProtectionDomain.implies(ProtectionDomain.java:213)
           at java.security.AccessControlContext.checkPermission(AccessControlContext.java:301)
           at java.security.AccessController.checkPermission(AccessController.java:546)
           at java.lang.SecurityManager.checkPermission(SecurityManager.java:532)
           at java.lang.SecurityManager.checkRead(SecurityManager.java:871)
           at java.io.File.isDirectory(File.java:752)
           at sun.net.www.ParseUtil.fileToEncodedURL(ParseUtil.java:242)
           at com.sun.enterprise.security.provider.PolicyFile.canonicalizeCodebase(PolicyFile.java:1827)
           at com.sun.enterprise.security.provider.PolicyFile.access$700(PolicyFile.java:296)
           at com.sun.enterprise.security.provider.PolicyFile$5.run(PolicyFile.java:1253)
           at com.sun.enterprise.security.provider.PolicyFile$5.run(PolicyFile.java:1252)
           at java.security.AccessController.doPrivileged(Native Method)
           at com.sun.enterprise.security.provider.PolicyFile.getPermissions(PolicyFile.java:1250)
           at com.sun.enterprise.security.provider.PolicyFile.getPermissions(PolicyFile.java:1198)
           at com.sun.enterprise.security.provider.PolicyFile.implies(PolicyFile.java:1153)
           at com.sun.enterprise.security.provider.BasePolicyWrapper.doImplies(BasePolicyWrapper.java:383)
           at com.sun.enterprise.security.provider.BasePolicyWrapper.implies(BasePolicyWrapper.java:243)
           at java.security.ProtectionDomain.implies(ProtectionDomain.java:213)
           at java.security.AccessControlContext.checkPermission(AccessControlContext.java:301)
           at java.security.AccessController.checkPermission(AccessController.java:546)
           at java.lang.SecurityManager.checkPermission(SecurityManager.java:532)
           at java.lang.SecurityManager.checkRead(SecurityManager.java:871)
           at java.io.File.isDirectory(File.java:752)
           at sun.net.www.ParseUtil.fileToEncodedURL(ParseUtil.java:242)
           at com.sun.enterprise.security.provider.PolicyFile.canonicalizeCodebase(PolicyFile.java:1827)
           at com.sun.enterprise.security.provider.PolicyFile.access$700(PolicyFile.java:296)
           at com.sun.enterprise.security.provider.PolicyFile$5.run(PolicyFile.java:1253)
           at com.sun.enterprise.security.provider.PolicyFile$5.run(PolicyFile.java:1252)
           at java.security.AccessController.doPrivileged(Native Method)
           at com.sun.enterprise.security.provider.PolicyFile.getPermissions(PolicyFile.java:1250)
           at com.sun.enterprise.security.provider.PolicyFile.getPermissions(PolicyFile.java:1198)
           at com.sun.enterprise.security.provider.PolicyFile.implies(PolicyFile.java:1153)
           at com.sun.enterprise.security.provider.BasePolicyWrapper.doImplies(BasePolicyWrapper.java:383)
           at com.sun.enterprise.security.provider.BasePolicyWrapper.implies(BasePolicyWrapper.java:243)
           at java.security.ProtectionDomain.implies(ProtectionDomain.java:213)
           at java.security.AccessControlContext.checkPermission(AccessControlContext.java:301)
           at java.security.AccessController.checkPermission(AccessController.java:546)
           at java.lang.SecurityManager.checkPermission(SecurityManager.java:532)
           at java.lang.SecurityManager.checkRead(SecurityManager.java:871)
           at java.io.File.isDirectory(File.java:752)
           at sun.net.www.ParseUtil.fileToEncodedURL(ParseUtil.java:242)
           at com.sun.enterprise.security.provider.PolicyFile.canonicalizeCodebase(PolicyFile.java:1827)
           at com.sun.enterprise.security.provider.PolicyFile.access$700(PolicyFile.java:296)
           at com.sun.enterprise.security.provider.PolicyFile$5.run(PolicyFile.java:1253)
           at com.sun.enterprise.security.provider.PolicyFile$5.run(PolicyFile.java:1252)
           at java.security.AccessController.doPrivileged(Native Method)
           at com.sun.enterprise.security.provider.PolicyFile.getPermissions(PolicyFile.java:1250)
           at com.sun.enterprise.security.provider.PolicyFile.getPermissions(PolicyFile.java:1198)
           at com.sun.enterprise.security.provider.PolicyFile.implies(PolicyFile.java:1153)
           at com.sun.enterprise.security.provider.BasePolicyWrapper.doImplies(BasePolicyWrapper.java:383)
           at com.sun.enterprise.security.provider.BasePolicyWrapper.implies(BasePolicyWrapper.java:243)
           at java.security.ProtectionDomain.implies(ProtectionDomain.java:213)
           at java.security.AccessControlContext.checkPermission(AccessControlContext.java:301)
           at java.security.AccessController.checkPermission(AccessController.java:546)
           at java.lang.SecurityManager.checkPermission(SecurityManager.java:532)
           at java.lang.SecurityManager.checkRead(SecurityManager.java:871)
           at java.io.File.isDirectory(File.java:752)
           at sun.net.www.ParseUtil.fileToEncodedURL(ParseUtil.java:242)
           at com.sun.enterprise.security.provider.PolicyFile.canonicalizeCodebase(PolicyFile.java:1827)
           at com.sun.enterprise.security.provider.PolicyFile.access$700(PolicyFile.java:296)
           at com.sun.enterprise.security.provider.PolicyFile$5.run(PolicyFile.java:1253)
           at com.sun.enterprise.security.provider.PolicyFile$5.run(PolicyFile.java:1252)
           at java.security.AccessController.doPrivileged(Native Method)
           at com.sun.enterprise.security.provider.PolicyFile.getPermissions(PolicyFile.java:1250)
           at com.sun.enterprise.security.provider.PolicyFile.getPermissions(PolicyFile.java:1198)
           at com.sun.enterprise.security.provider.PolicyFile.implies(PolicyFile.java:1153)
           at com.sun.enterprise.security.provider.BasePolicyWrapper.doImplies(BasePolicyWrapper.java:383)
           at com.sun.enterprise.security.provider.BasePolicyWrapper.implies(BasePolicyWrapper.java:243)
           at java.security.ProtectionDomain.implies(ProtectionDomain.java:213)
           at java.security.AccessControlContext.checkPermission(AccessControlContext.java:301)
           at java.security.AccessController.checkPermission(AccessController.java:546)
           at java.lang.SecurityManager.checkPermission(SecurityManager.java:532)
           at java.lang.SecurityManager.checkRead(SecurityManager.java:871)
           at java.io.File.isDirectory(File.java:752)
           at sun.net.www.ParseUtil.fileToEncodedURL(ParseUtil.java:242)
           at com.sun.enterprise.security.provider.PolicyFile.canonicalizeCodebase(PolicyFile.java:1827)
           at com.sun.enterprise.security.provider.PolicyFile.access$700(PolicyFile.java:296)
           at com.sun.enterprise.security.provider.PolicyFile$5.run(PolicyFile.java:1253)
           at com.sun.enterprise.security.provider.PolicyFile$5.run(PolicyFile.java:1252)
           at java.security.AccessController.doPrivileged(Native Method)
           at com.sun.enterprise.security.provider.PolicyFile.getPermissions(PolicyFile.java:1250)
           at com.sun.enterprise.security.provider.PolicyFile.getPermissions(PolicyFile.java:1198)
           at com.sun.enterprise.security.provider.PolicyFile.implies(PolicyFile.java:1153)
           at com.sun.enterprise.security.provider.BasePolicyWrapper.doImplies(BasePolicyWrapper.java:383)
           at com.sun.enterprise.security.provider.BasePolicyWrapper.implies(BasePolicyWrapper.java:243)
           at java.security.ProtectionDomain.implies(ProtectionDomain.java:213)
           at java.security.AccessControlContext.checkPermission(AccessControlContext.java:301)
           at java.security.AccessController.checkPermission(AccessController.java:546)
           at java.lang.SecurityManager.checkPermission(SecurityManager.java:532)
           at java.lang.SecurityManager.checkRead(SecurityManager.java:871)
           at java.io.File.isDirectory(File.java:752)
           at sun.net.www.ParseUtil.fileToEncodedURL(ParseUtil.java:242)
           at com.sun.enterprise.security.provider.PolicyFile.canonicalizeCodebase(PolicyFile.java:1827)
           at com.sun.enterprise.security.provider.PolicyFile.access$700(PolicyFile.java:296)
           at com.sun.enterprise.security.provider.PolicyFile$5.run(PolicyFile.java:1253)
           at com.sun.enterprise.security.provider.PolicyFile$5.run(PolicyFile.java:1252)
           at java.security.AccessController.doPrivileged(Native Method)
           at com.sun.enterprise.security.provider.PolicyFile.getPermissions(PolicyFile.java:1250)
           at com.sun.enterprise.security.provider.PolicyFile.getPermissions(PolicyFile.java:1198)
           at com.sun.enterprise.security.provider.PolicyFile.implies(PolicyFile.java:1153)
           at com.sun.enterprise.security.provider.BasePolicyWrapper.doImplies(BasePolicyWrapper.java:383)
           at com.sun.enterprise.security.provider.BasePolicyWrapper.implies(BasePolicyWrapper.java:243)
           at java.security.ProtectionDomain.implies(ProtectionDomain.java:213)
           at java.security.AccessControlContext.checkPermission(AccessControlContext.java:301)
           at java.security.AccessController.checkPermission(AccessController.java:546)
           at java.lang.SecurityManager.checkPermission(SecurityManager.java:532)
           at java.lang.SecurityManager.checkRead(SecurityManager.java:871)
           at java.io.File.isDirectory(File.java:752)
           at sun.net.www.ParseUtil.fileToEncodedURL(ParseUtil.java:242)
           at com.sun.enterprise.security.provider.PolicyFile.canonicalizeCodebase(PolicyFile.java:1827)
           at com.sun.enterprise.security.provider.PolicyFile.access$700(PolicyFile.java:296)
           at com.sun.enterprise.security.provider.PolicyFile$5.run(PolicyFile.java:1253)
           at com.sun.enterprise.security.provider.PolicyFile$5.run(PolicyFile.java:1252)
           at java.security.AccessController.doPrivileged(Native Method)
           at com.sun.enterprise.security.provider.PolicyFile.getPermissions(PolicyFile.java:1250)
           at com.sun.enterprise.security.provider.PolicyFile.getPermissions(PolicyFile.java:1198)
           at com.sun.enterprise.security.provider.PolicyFile.implies(PolicyFile.java:1153)
           at com.sun.enterprise.security.provider.BasePolicyWrapper.doImplies(BasePolicyWrapper.java:383)
           at com.sun.enterprise.security.provider.BasePolicyWrapper.implies(BasePolicyWrapper.java:243)
           at java.security.ProtectionDomain.implies(ProtectionDomain.java:213)
           at java.security.AccessControlContext.checkPermission(AccessControlContext.java:301)
           at java.security.AccessController.checkPermission(AccessController.java:546)
           at java.lang.SecurityManager.checkPermission(SecurityManager.java:532)
           at java.lang.SecurityManager.checkRead(SecurityManager.java:871)
           at java.io.File.isDirectory(File.java:752)
           at sun.net.www.ParseUtil.fileToEncodedURL(ParseUtil.java:242)
           at com.sun.enterprise.security.provider.PolicyFile.canonicalizeCodebase(PolicyFile.java:1827)
           at com.sun.enterprise.security.provider.PolicyFile.access$700(PolicyFile.java:296)
           at com.sun.enterprise.security.provider.PolicyFile$5.run(PolicyFile.java:1253)
           at com.sun.enterprise.security.provider.PolicyFile$5.run(PolicyFile.java:1252)
           at java.security.AccessController.doPrivileged(Native Method)
           at com.sun.enterprise.security.provider.PolicyFile.getPermissions(PolicyFile.java:1250)
           at com.sun.enterprise.security.provider.PolicyFile.getPermissions(PolicyFile.java:1198)
           at com.sun.enterprise.security.provider.PolicyFile.implies(PolicyFile.java:1153)
           at com.sun.enterprise.security.provider.BasePolicyWrapper.doImplies(BasePolicyWrapper.java:383)
           at com.sun.enterprise.security.provider.BasePolicyWrapper.implies(BasePolicyWrapper.java:243)
           at java.security.ProtectionDomain.implies(ProtectionDomain.java:213)
           at java.security.AccessControlContext.checkPermission(AccessControlContext.java:301)
           at java.security.AccessController.checkPermission(AccessController.java:546)
           at java.lang.SecurityManager.checkPermission(SecurityManager.java:532)
           at java.lang.SecurityManager.checkRead(SecurityManager.java:871)
           at java.io.File.isDirectory(File.java:752)
           at sun.net.www.ParseUtil.fileToEncodedURL(ParseUtil.java:242)
           at com.sun.enterprise.security.provider.PolicyFile.canonicalizeCodebase(PolicyFile.java:1827)
           at com.sun.enterprise.security.provider.PolicyFile.access$700(PolicyFile.java:296)
           at com.sun.enterprise.security.provider.PolicyFile$5.run(PolicyFile.java:1253)
           at com.sun.enterprise.security.provider.PolicyFile$5.run(PolicyFile.java:1252)
           at java.security.AccessController.doPrivileged(Native Method)
           at com.sun.enterprise.security.provider.PolicyFile.getPermissions(PolicyFile.java:1250)
           at com.sun.enterprise.security.provider.PolicyFile.getPermissions(PolicyFile.java:1198)
           at com.sun.enterprise.security.provider.PolicyFile.implies(PolicyFile.java:1153)
           at com.sun.enterprise.security.provider.BasePolicyWrapper.doImplies(BasePolicyWrapper.java:383)
           at com.sun.enterprise.security.provider.BasePolicyWrapper.implies(BasePolicyWrapper.java:243)
           at java.security.ProtectionDomain.implies(ProtectionDomain.java:213)
           at java.security.AccessControlContext.checkPermission(AccessControlContext.java:301)
           at java.security.AccessController.checkPermission(AccessController.java:546)
           at java.lang.SecurityManager.checkPermission(SecurityManager.java:532)
           at java.lang.SecurityManager.checkRead(SecurityManager.java:871)
           at java.io.File.isDirectory(File.java:752)
           at sun.net.www.ParseUtil.fileToEncodedURL(ParseUtil.java:242)
           at com.sun.enterprise.security.provider.PolicyFile.canonicalizeCodebase(PolicyFile.java:1827)
           at com.sun.enterprise.security.provider.PolicyFile.access$700(PolicyFile.java:296)
           at com.sun.enterprise.security.provider.PolicyFile$5.run(PolicyFile.java:1253)
           at com.sun.enterprise.security.provider.PolicyFile$5.run(PolicyFile.java:1252)
           at java.security.AccessController.doPrivileged(Native Method)
           at com.sun.enterprise.security.provider.PolicyFile.getPermissions(PolicyFile.java:1250)
           at com.sun.enterprise.security.provider.PolicyFile.getPermissions(PolicyFile.java:1198)
           at com.sun.enterprise.security.provider.PolicyFile.implies(PolicyFile.java:1153)
           at com.sun.enterprise.security.provider.BasePolicyWrapper.doImplies(BasePolicyWrapper.java:383)
           at com.sun.enterprise.security.provider.BasePolicyWrapper.implies(BasePolicyWrapper.java:243)
           at java.security.ProtectionDomain.implies(ProtectionDomain.java:213)
           at java.security.AccessControlContext.checkPermission(AccessControlContext.java:301)
           at java.security.AccessController.checkPermission(AccessController.java:546)
           at java.lang.SecurityManager.checkPermission(SecurityManager.java:532)
           at java.lang.SecurityManager.checkRead(SecurityManager.java:871)
           at java.io.File.isDirectory(File.java:752)
           at sun.net.www.ParseUtil.fileToEncodedURL(ParseUtil.java:242)
           at com.sun.enterprise.security.provider.PolicyFile.canonicalizeCodebase(PolicyFile.java:1827)
           at com.sun.enterprise.security.provider.PolicyFile.access$700(PolicyFile.java:296)
           at com.sun.enterprise.security.provider.PolicyFile$5.run(PolicyFile.java:1253)
           at com.sun.enterprise.security.provider.PolicyFile$5.run(PolicyFile.java:1252)
           at java.security.AccessController.doPrivileged(Native Method)
           at com.sun.enterprise.security.provider.PolicyFile.getPermissions(PolicyFile.java:1250)
           at com.sun.enterprise.security.provider.PolicyFile.getPermissions(PolicyFile.java:1198)
           at com.sun.enterprise.security.provider.PolicyFile.implies(PolicyFile.java:1153)
           at com.sun.enterprise.security.provider.BasePolicyWrapper.doImplies(BasePolicyWrapper.java:383)
           at com.sun.enterprise.security.provider.BasePolicyWrapper.implies(BasePolicyWrapper.java:243)
           at java.security.ProtectionDomain.implies(ProtectionDomain.java:213)
           at java.security.AccessControlContext.checkPermission(AccessControlContext.java:301)
           at java.security.AccessController.checkPermission(AccessController.java:546)
           at java.lang.SecurityManager.checkPermission(SecurityManager.java:532)
           at java.lang.SecurityManager.checkRead(SecurityManager.java:871)
           at java.io.File.isDirectory(File.java:752)
           at sun.net.www.ParseUtil.fileToEncodedURL(ParseUtil.java:242)
           at com.sun.enterprise.security.provider.PolicyFile.canonicalizeCodebase(PolicyFile.java:1827)
           at com.sun.enterprise.security.provider.PolicyFile.access$700(PolicyFile.java:296)
           at com.sun.enterprise.security.provider.PolicyFile$5.run(PolicyFile.jav
        • 1. Re: Security Problems with Java System Application Server 9.1
          807581
          We will investigate this problem, so please send us your "domains/domain1/config/server.policy" and also the sample application if possible with which we can reproduce this issue.

          In the meantime, please see if disabling security manager helps to workaround your problem. To disable security manager, go to admin GUI, and select Configuration->Security and uncheck the "Security Manager Enabled " checkbox.
          • 2. Re: Security Problems with Java System Application Server 9.1
            807581
            With the security manager ON, you can also change the default JACC provider implementation class to com.sun.enterprise.security.provider.BasePolicyWrapper . This would then use the sun.security.PolicyFile for its policy file implementation, which may not have this issue. The way to do it in admin gui would be

            Configuration->Security->JACC Providers->default->PolicyProvider (change the name of the class from PolicyWrapper to BasePolicyWrapper).
            • 3. Re: Security Problems with Java System Application Server 9.1
              807581
              Hello All

              I Checked the option Security Enabled and works fine.

              Thanks for response
              • 4. Re: Security Problems with Java System Application Server 9.1
                807581
                Hi, I am facing the exact same problem trying to run a web app in glassfish v2 UR1 accessing a remote GigaSpaces JavaSpace from the web app. However, the problem described arises when I run the app server without a SecurityManager. After I have enabled the SecurityManager (-Djava.security.manager) the web app still did not run but this time simply because the SecurityMangager did not grant the permissions required by the application. After I granted ALL PERMISSIONS to the app the problem was gone.

                Any thoughts?

                Kai