Details
-
Bug
-
Resolution: Fixed
-
P2
-
1.4.2_09, 5.0
-
b27
-
generic, x86
-
generic, windows_xp
Backports
| Issue | Fix Version | Assignee | Priority | Status | Resolution | Resolved In Build |
|---|---|---|---|---|---|---|
| JDK-2123736 | 5.0u3 | Xueming Shen | P2 | Resolved | Fixed | b05 |
| JDK-2132552 | 1.4.2_12 | Abhijit Saha | P3 | Resolved | Fixed | b01 |
Description
Description:
FULL PRODUCT VERSION :
Sun Java System Application Server Enterprise Edition 8.1 (build b30-beta2)
FULL OS VERSION :
Windows XP
EXTRA RELEVANT SYSTEM CONFIGURATION :
korean locale
A DESCRIPTION OF THE PROBLEM :
When HttpServletRequest.setCharacterEncoding("KSC5601") is called from a servlet, java.security.AccessControlException is thrown.
HttpServletRequest.setCharacterEncoding() is implemented as follows:
// Ensure that the specified encoding is valid
byte buffer[] = new byte[1];
buffer[0] = (byte) 'a';
String dummy = new String(buffer, enc);
where 'enc' is the char encoding argument passed to HttpServletRequest.setCharacterEncoding().
String constructor throws java.security.AccessControlException, as shown in the following exception stack trace taken from the server log:
[#|2004-10-07T15:53:26.183+0900||sun-appserver-ee8.1|javax.enterprise.system.container.web|_ThreadID=13;|StandardWrapperValve[RequestParamExample]:
Servlet.service() for servlet RequestParamExample threw exception
java.security.AccessControlException: access denied
(java.lang.RuntimePermission charsetProvider)
at
java.security.AccessControlContext.checkPermission(AccessControlContext.java:269)
at
java.security.AccessController.checkPermission(AccessController.java:401)
at java.lang.SecurityManager.checkPermission(SecurityManager.java:524)
at java.nio.charset.spi.CharsetProvider.<init>(CharsetProvider.java:67)
at
sun.nio.cs.AbstractCharsetProvider.<init>(AbstractCharsetProvider.java:58)
at sun.nio.cs.ext.ExtendedCharsets.<init>(ExtendedCharsets.java:33)
at sun.nio.cs.ext.ExtendedCharsets.aliasesFor(ExtendedCharsets.java:372)
at sun.nio.cs.ext.EUC_KR.<init>(EUC_KR.java:25)
at sun.reflect.NativeConstructorAccessorImpl.newInstance0(Native Method)
at
sun.reflect.NativeConstructorAccessorImpl.newInstance(NativeConstructorAccessorImpl.java:39)
at
sun.reflect.DelegatingConstructorAccessorImpl.newInstance(DelegatingConstructorAccessorImpl.java:27)
at java.lang.reflect.Constructor.newInstance(Constructor.java:274)
at java.lang.Class.newInstance0(Class.java:308)
at java.lang.Class.newInstance(Class.java:261)
at
sun.nio.cs.AbstractCharsetProvider.lookup(AbstractCharsetProvider.java:130)
at
sun.nio.cs.AbstractCharsetProvider.charsetForName(AbstractCharsetProvider.java:145)
at java.nio.charset.Charset.lookupExtendedCharset(Charset.java:411)
at java.nio.charset.Charset.lookup(Charset.java:423)
at java.nio.charset.Charset.isSupported(Charset.java:448)
at java.lang.StringCoding.lookupCharset(StringCoding.java:82)
at java.lang.StringCoding.decode(StringCoding.java:211)
at java.lang.String.<init>(String.java:320)
at java.lang.String.<init>(String.java:346)
at
org.apache.coyote.tomcat5.CoyoteRequest.setCharacterEncoding(CoyoteRequest.java:1540)
at
org.apache.coyote.tomcat5.CoyoteRequestFacade.setCharacterEncoding(CoyoteRequestFacade.java:253)
at
samples.webapps.simple.servlet.RequestParamExample.doGet(RequestParamExample.java:26)
at
samples.webapps.simple.servlet.RequestParamExample.doPost(RequestParamExample.java:74)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:760)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:853)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at
sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
at
sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
at java.lang.reflect.Method.invoke(Method.java:324)
at org.apache.catalina.security.SecurityUtil$1.run(SecurityUtil.java:246)
at java.security.AccessController.doPrivileged(Native Method)
at javax.security.auth.Subject.doAsPrivileged(Subject.java:500)
at org.apache.catalina.security.SecurityUtil.execute(SecurityUtil.java:273)
at
org.apache.catalina.security.SecurityUtil.doAsPrivilege(SecurityUtil.java:162)
at
org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:236)
at
org.apache.catalina.core.ApplicationFilterChain.access$000(ApplicationFilterChain.java:55)
at
org.apache.catalina.core.ApplicationFilterChain$1.run(ApplicationFilterChain.java:145)
at java.security.AccessController.doPrivileged(Native Method)
at
org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:141)
at
org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:262)
at
org.apache.catalina.core.StandardPipeline.invoke(StandardPipeline.java:551)
at
org.apache.catalina.core.StandardContextValve.invokeInternal(StandardContextValve.java:225)
at
org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:173)
at
org.apache.catalina.core.StandardPipeline.invoke(StandardPipeline.java:551)
at
org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:161)
at
org.apache.catalina.core.StandardPipeline.invoke(StandardPipeline.java:551)
at org.apache.catalina.core.ContainerBase.invoke(ContainerBase.java:933)
at
com.sun.enterprise.web.connector.httpservice.HttpServiceProcessor.process(HttpServiceProcessor.java:167)
at
com.sun.enterprise.web.HttpServiceWebContainer.service(HttpServiceWebContainer.java:1738)
###@###.### 10/20/04 01:03 GMT
FULL PRODUCT VERSION :
Sun Java System Application Server Enterprise Edition 8.1 (build b30-beta2)
FULL OS VERSION :
Windows XP
EXTRA RELEVANT SYSTEM CONFIGURATION :
korean locale
A DESCRIPTION OF THE PROBLEM :
When HttpServletRequest.setCharacterEncoding("KSC5601") is called from a servlet, java.security.AccessControlException is thrown.
HttpServletRequest.setCharacterEncoding() is implemented as follows:
// Ensure that the specified encoding is valid
byte buffer[] = new byte[1];
buffer[0] = (byte) 'a';
String dummy = new String(buffer, enc);
where 'enc' is the char encoding argument passed to HttpServletRequest.setCharacterEncoding().
String constructor throws java.security.AccessControlException, as shown in the following exception stack trace taken from the server log:
[#|2004-10-07T15:53:26.183+0900||sun-appserver-ee8.1|javax.enterprise.system.container.web|_ThreadID=13;|StandardWrapperValve[RequestParamExample]:
Servlet.service() for servlet RequestParamExample threw exception
java.security.AccessControlException: access denied
(java.lang.RuntimePermission charsetProvider)
at
java.security.AccessControlContext.checkPermission(AccessControlContext.java:269)
at
java.security.AccessController.checkPermission(AccessController.java:401)
at java.lang.SecurityManager.checkPermission(SecurityManager.java:524)
at java.nio.charset.spi.CharsetProvider.<init>(CharsetProvider.java:67)
at
sun.nio.cs.AbstractCharsetProvider.<init>(AbstractCharsetProvider.java:58)
at sun.nio.cs.ext.ExtendedCharsets.<init>(ExtendedCharsets.java:33)
at sun.nio.cs.ext.ExtendedCharsets.aliasesFor(ExtendedCharsets.java:372)
at sun.nio.cs.ext.EUC_KR.<init>(EUC_KR.java:25)
at sun.reflect.NativeConstructorAccessorImpl.newInstance0(Native Method)
at
sun.reflect.NativeConstructorAccessorImpl.newInstance(NativeConstructorAccessorImpl.java:39)
at
sun.reflect.DelegatingConstructorAccessorImpl.newInstance(DelegatingConstructorAccessorImpl.java:27)
at java.lang.reflect.Constructor.newInstance(Constructor.java:274)
at java.lang.Class.newInstance0(Class.java:308)
at java.lang.Class.newInstance(Class.java:261)
at
sun.nio.cs.AbstractCharsetProvider.lookup(AbstractCharsetProvider.java:130)
at
sun.nio.cs.AbstractCharsetProvider.charsetForName(AbstractCharsetProvider.java:145)
at java.nio.charset.Charset.lookupExtendedCharset(Charset.java:411)
at java.nio.charset.Charset.lookup(Charset.java:423)
at java.nio.charset.Charset.isSupported(Charset.java:448)
at java.lang.StringCoding.lookupCharset(StringCoding.java:82)
at java.lang.StringCoding.decode(StringCoding.java:211)
at java.lang.String.<init>(String.java:320)
at java.lang.String.<init>(String.java:346)
at
org.apache.coyote.tomcat5.CoyoteRequest.setCharacterEncoding(CoyoteRequest.java:1540)
at
org.apache.coyote.tomcat5.CoyoteRequestFacade.setCharacterEncoding(CoyoteRequestFacade.java:253)
at
samples.webapps.simple.servlet.RequestParamExample.doGet(RequestParamExample.java:26)
at
samples.webapps.simple.servlet.RequestParamExample.doPost(RequestParamExample.java:74)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:760)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:853)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at
sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
at
sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
at java.lang.reflect.Method.invoke(Method.java:324)
at org.apache.catalina.security.SecurityUtil$1.run(SecurityUtil.java:246)
at java.security.AccessController.doPrivileged(Native Method)
at javax.security.auth.Subject.doAsPrivileged(Subject.java:500)
at org.apache.catalina.security.SecurityUtil.execute(SecurityUtil.java:273)
at
org.apache.catalina.security.SecurityUtil.doAsPrivilege(SecurityUtil.java:162)
at
org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:236)
at
org.apache.catalina.core.ApplicationFilterChain.access$000(ApplicationFilterChain.java:55)
at
org.apache.catalina.core.ApplicationFilterChain$1.run(ApplicationFilterChain.java:145)
at java.security.AccessController.doPrivileged(Native Method)
at
org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:141)
at
org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:262)
at
org.apache.catalina.core.StandardPipeline.invoke(StandardPipeline.java:551)
at
org.apache.catalina.core.StandardContextValve.invokeInternal(StandardContextValve.java:225)
at
org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:173)
at
org.apache.catalina.core.StandardPipeline.invoke(StandardPipeline.java:551)
at
org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:161)
at
org.apache.catalina.core.StandardPipeline.invoke(StandardPipeline.java:551)
at org.apache.catalina.core.ContainerBase.invoke(ContainerBase.java:933)
at
com.sun.enterprise.web.connector.httpservice.HttpServiceProcessor.process(HttpServiceProcessor.java:167)
at
com.sun.enterprise.web.HttpServiceWebContainer.service(HttpServiceWebContainer.java:1738)
###@###.### 10/20/04 01:03 GMT
Attachments
Issue Links
- backported by
-
JDK-2123736 String constructor with "KSC5601" encoding throws AccessControlException
-
- Resolved
-
-
-
- Resolved
-