Details
-
Bug
-
Resolution: Fixed
-
P3
-
7
-
b58
-
x86
-
windows_xp
Backports
| Issue | Fix Version | Assignee | Priority | Status | Resolution | Resolved In Build |
|---|---|---|---|---|---|---|
| JDK-2230615 | 7u21 | Nam Nguyen | P3 | Closed | Fixed | b01 |
| JDK-8000288 | 7u10 | Nam Nguyen | P3 | Closed | Fixed | b12 |
| JDK-8017344 | 6u65 | Vikram Aroskar | P3 | Closed | Fixed | b01 |
| JDK-8005149 | 6u60 | Vikram Aroskar | P3 | Closed | Fixed | b01 |
| JDK-8012137 | 6u43 | Vikram Aroskar | P3 | Resolved | Fixed | b60 |
Description
FULL PRODUCT VERSION :
1.7.0_06
ADDITIONAL OS VERSION INFORMATION :
Windows XP Version 5.1.2600
A DESCRIPTION OF THE PROBLEM :
With 1.7.0_04 and 1.7.0_05 our Java Web Start application would launch and run fine.
With 1.7.0_06 almost every session using the application results in a java.lang.SecurityException with a message like "class "XXXXX" does not match trust level of other classes in the same package". Sometimes the message causes Java Web Start to fail to launch the application. Other times the application starts and encounters the error while being used.
We tried to workaround by clearing the user's Java Application Temporary Files (cache), which at first seemed to help, but then the problem began occurring again.
The stack trace is like:
java.lang.SecurityException: class "X.X.X.XXXXX" does not match trust level of other classes in the same package
at com.sun.deploy.security.CPCallbackHandler$ChildElement.checkResource(Unknown Source)
at com.sun.deploy.security.DeployURLClassPath$JarLoader.checkResource(Unknown Source)
at com.sun.deploy.security.DeployURLClassPath$JarLoader.getResource(Unknown Source)
at com.sun.deploy.security.DeployURLClassPath.getResource(Unknown Source)
at java.net.URLClassLoader$1.run(Unknown Source)
at java.net.URLClassLoader$1.run(Unknown Source)
at java.security.AccessController.doPrivileged(Native Method)
at java.net.URLClassLoader.findClass(Unknown Source)
at com.sun.jnlp.JNLPClassLoader.findClass(Unknown Source)
at java.lang.ClassLoader.loadClass(Unknown Source)
at java.lang.ClassLoader.loadClass(Unknown Source)
at java.lang.ClassLoader.defineClass1(Native Method)
at java.lang.ClassLoader.defineClass(Unknown Source)
at java.security.SecureClassLoader.defineClass(Unknown Source)
at java.net.URLClassLoader.defineClass(Unknown Source)
at java.net.URLClassLoader.access$100(Unknown Source)
at java.net.URLClassLoader$1.run(Unknown Source)
at java.net.URLClassLoader$1.run(Unknown Source)
at java.security.AccessController.doPrivileged(Native Method)
at java.net.URLClassLoader.findClass(Unknown Source)
at com.sun.jnlp.JNLPClassLoader.findClass(Unknown Source)
at java.lang.ClassLoader.loadClass(Unknown Source)
at java.lang.ClassLoader.loadClass(Unknown Source)
at com.isone.sms.isouser.main.ui.LaunchAction.<clinit>(LaunchAction.java:231)
at com.isone.sms.isouser.main.ui.ApplicationManager.<init>(ApplicationManager.java:137)
at com.isone.sms.isouser.main.ui.ApplicationManager.main(ApplicationManager.java:274)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at sun.reflect.NativeMethodAccessorImpl.invoke(Unknown Source)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(Unknown Source)
at java.lang.reflect.Method.invoke(Unknown Source)
at com.sun.javaws.Launcher.executeApplication(Unknown Source)
at com.sun.javaws.Launcher.executeMainClass(Unknown Source)
at com.sun.javaws.Launcher.doLaunchApp(Unknown Source)
at com.sun.javaws.Launcher.run(Unknown Source)
at java.lang.Thread.run(Unknown Source)
Maybe 1.7.0_06 has a regression of the fix in http://bugs.sun.com/view_bug.do?bug_id=6967414?
REGRESSION. Last worked in version 7
STEPS TO FOLLOW TO REPRODUCE THE PROBLEM :
Error occurs just by launching the Java Web Start application using 1.7.0_06. The SecurityException is often thrown as soon as the application's main method constructs an object and causes a few more classes to load.
EXPECTED VERSUS ACTUAL BEHAVIOR :
EXPECTED -
No SecurityException.
ACTUAL -
SecurityException listed above.
ERROR MESSAGES/STACK TRACES THAT OCCUR :
java.lang.SecurityException: class "com.isone.swing.IsoFrame" does not match trust level of other classes in the same package
at com.sun.deploy.security.CPCallbackHandler$ChildElement.checkResource(Unknown Source)
at com.sun.deploy.security.DeployURLClassPath$JarLoader.checkResource(Unknown Source)
at com.sun.deploy.security.DeployURLClassPath$JarLoader.getResource(Unknown Source)
at com.sun.deploy.security.DeployURLClassPath.getResource(Unknown Source)
at java.net.URLClassLoader$1.run(Unknown Source)
at java.net.URLClassLoader$1.run(Unknown Source)
at java.security.AccessController.doPrivileged(Native Method)
at java.net.URLClassLoader.findClass(Unknown Source)
at com.sun.jnlp.JNLPClassLoader.findClass(Unknown Source)
at java.lang.ClassLoader.loadClass(Unknown Source)
at java.lang.ClassLoader.loadClass(Unknown Source)
at java.lang.ClassLoader.defineClass1(Native Method)
at java.lang.ClassLoader.defineClass(Unknown Source)
at java.security.SecureClassLoader.defineClass(Unknown Source)
at java.net.URLClassLoader.defineClass(Unknown Source)
at java.net.URLClassLoader.access$100(Unknown Source)
at java.net.URLClassLoader$1.run(Unknown Source)
at java.net.URLClassLoader$1.run(Unknown Source)
at java.security.AccessController.doPrivileged(Native Method)
at java.net.URLClassLoader.findClass(Unknown Source)
at com.sun.jnlp.JNLPClassLoader.findClass(Unknown Source)
at java.lang.ClassLoader.loadClass(Unknown Source)
at java.lang.ClassLoader.loadClass(Unknown Source)
at com.isone.sms.isouser.main.ui.LaunchAction.<clinit>(LaunchAction.java:231)
at com.isone.sms.isouser.main.ui.ApplicationManager.<init>(ApplicationManager.java:137)
at com.isone.sms.isouser.main.ui.ApplicationManager.main(ApplicationManager.java:274)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at sun.reflect.NativeMethodAccessorImpl.invoke(Unknown Source)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(Unknown Source)
at java.lang.reflect.Method.invoke(Unknown Source)
at com.sun.javaws.Launcher.executeApplication(Unknown Source)
at com.sun.javaws.Launcher.executeMainClass(Unknown Source)
at com.sun.javaws.Launcher.doLaunchApp(Unknown Source)
at com.sun.javaws.Launcher.run(Unknown Source)
at java.lang.Thread.run(Unknown Source)
REPRODUCIBILITY :
This bug can be reproduced always.
---------- BEGIN SOURCE ----------
Don't have time to create a demonstration application.
---------- END SOURCE ----------
CUSTOMER SUBMITTED WORKAROUND :
Have not found one.
1.7.0_06
ADDITIONAL OS VERSION INFORMATION :
Windows XP Version 5.1.2600
A DESCRIPTION OF THE PROBLEM :
With 1.7.0_04 and 1.7.0_05 our Java Web Start application would launch and run fine.
With 1.7.0_06 almost every session using the application results in a java.lang.SecurityException with a message like "class "XXXXX" does not match trust level of other classes in the same package". Sometimes the message causes Java Web Start to fail to launch the application. Other times the application starts and encounters the error while being used.
We tried to workaround by clearing the user's Java Application Temporary Files (cache), which at first seemed to help, but then the problem began occurring again.
The stack trace is like:
java.lang.SecurityException: class "X.X.X.XXXXX" does not match trust level of other classes in the same package
at com.sun.deploy.security.CPCallbackHandler$ChildElement.checkResource(Unknown Source)
at com.sun.deploy.security.DeployURLClassPath$JarLoader.checkResource(Unknown Source)
at com.sun.deploy.security.DeployURLClassPath$JarLoader.getResource(Unknown Source)
at com.sun.deploy.security.DeployURLClassPath.getResource(Unknown Source)
at java.net.URLClassLoader$1.run(Unknown Source)
at java.net.URLClassLoader$1.run(Unknown Source)
at java.security.AccessController.doPrivileged(Native Method)
at java.net.URLClassLoader.findClass(Unknown Source)
at com.sun.jnlp.JNLPClassLoader.findClass(Unknown Source)
at java.lang.ClassLoader.loadClass(Unknown Source)
at java.lang.ClassLoader.loadClass(Unknown Source)
at java.lang.ClassLoader.defineClass1(Native Method)
at java.lang.ClassLoader.defineClass(Unknown Source)
at java.security.SecureClassLoader.defineClass(Unknown Source)
at java.net.URLClassLoader.defineClass(Unknown Source)
at java.net.URLClassLoader.access$100(Unknown Source)
at java.net.URLClassLoader$1.run(Unknown Source)
at java.net.URLClassLoader$1.run(Unknown Source)
at java.security.AccessController.doPrivileged(Native Method)
at java.net.URLClassLoader.findClass(Unknown Source)
at com.sun.jnlp.JNLPClassLoader.findClass(Unknown Source)
at java.lang.ClassLoader.loadClass(Unknown Source)
at java.lang.ClassLoader.loadClass(Unknown Source)
at com.isone.sms.isouser.main.ui.LaunchAction.<clinit>(LaunchAction.java:231)
at com.isone.sms.isouser.main.ui.ApplicationManager.<init>(ApplicationManager.java:137)
at com.isone.sms.isouser.main.ui.ApplicationManager.main(ApplicationManager.java:274)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at sun.reflect.NativeMethodAccessorImpl.invoke(Unknown Source)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(Unknown Source)
at java.lang.reflect.Method.invoke(Unknown Source)
at com.sun.javaws.Launcher.executeApplication(Unknown Source)
at com.sun.javaws.Launcher.executeMainClass(Unknown Source)
at com.sun.javaws.Launcher.doLaunchApp(Unknown Source)
at com.sun.javaws.Launcher.run(Unknown Source)
at java.lang.Thread.run(Unknown Source)
Maybe 1.7.0_06 has a regression of the fix in http://bugs.sun.com/view_bug.do?bug_id=6967414?
REGRESSION. Last worked in version 7
STEPS TO FOLLOW TO REPRODUCE THE PROBLEM :
Error occurs just by launching the Java Web Start application using 1.7.0_06. The SecurityException is often thrown as soon as the application's main method constructs an object and causes a few more classes to load.
EXPECTED VERSUS ACTUAL BEHAVIOR :
EXPECTED -
No SecurityException.
ACTUAL -
SecurityException listed above.
ERROR MESSAGES/STACK TRACES THAT OCCUR :
java.lang.SecurityException: class "com.isone.swing.IsoFrame" does not match trust level of other classes in the same package
at com.sun.deploy.security.CPCallbackHandler$ChildElement.checkResource(Unknown Source)
at com.sun.deploy.security.DeployURLClassPath$JarLoader.checkResource(Unknown Source)
at com.sun.deploy.security.DeployURLClassPath$JarLoader.getResource(Unknown Source)
at com.sun.deploy.security.DeployURLClassPath.getResource(Unknown Source)
at java.net.URLClassLoader$1.run(Unknown Source)
at java.net.URLClassLoader$1.run(Unknown Source)
at java.security.AccessController.doPrivileged(Native Method)
at java.net.URLClassLoader.findClass(Unknown Source)
at com.sun.jnlp.JNLPClassLoader.findClass(Unknown Source)
at java.lang.ClassLoader.loadClass(Unknown Source)
at java.lang.ClassLoader.loadClass(Unknown Source)
at java.lang.ClassLoader.defineClass1(Native Method)
at java.lang.ClassLoader.defineClass(Unknown Source)
at java.security.SecureClassLoader.defineClass(Unknown Source)
at java.net.URLClassLoader.defineClass(Unknown Source)
at java.net.URLClassLoader.access$100(Unknown Source)
at java.net.URLClassLoader$1.run(Unknown Source)
at java.net.URLClassLoader$1.run(Unknown Source)
at java.security.AccessController.doPrivileged(Native Method)
at java.net.URLClassLoader.findClass(Unknown Source)
at com.sun.jnlp.JNLPClassLoader.findClass(Unknown Source)
at java.lang.ClassLoader.loadClass(Unknown Source)
at java.lang.ClassLoader.loadClass(Unknown Source)
at com.isone.sms.isouser.main.ui.LaunchAction.<clinit>(LaunchAction.java:231)
at com.isone.sms.isouser.main.ui.ApplicationManager.<init>(ApplicationManager.java:137)
at com.isone.sms.isouser.main.ui.ApplicationManager.main(ApplicationManager.java:274)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at sun.reflect.NativeMethodAccessorImpl.invoke(Unknown Source)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(Unknown Source)
at java.lang.reflect.Method.invoke(Unknown Source)
at com.sun.javaws.Launcher.executeApplication(Unknown Source)
at com.sun.javaws.Launcher.executeMainClass(Unknown Source)
at com.sun.javaws.Launcher.doLaunchApp(Unknown Source)
at com.sun.javaws.Launcher.run(Unknown Source)
at java.lang.Thread.run(Unknown Source)
REPRODUCIBILITY :
This bug can be reproduced always.
---------- BEGIN SOURCE ----------
Don't have time to create a demonstration application.
---------- END SOURCE ----------
CUSTOMER SUBMITTED WORKAROUND :
Have not found one.
Attachments
Issue Links
- backported by
-
JDK-8012137 1.7.0_06 update causes random "trust level" SecurityExceptions in checkResource
-
- Resolved
-
-
-
- Closed
-
-
-
- Closed
-
-
-
- Closed
-
-
-
- Closed
-