Java Security Exception


exception

javax.servlet.ServletException: Servlet.init() for servlet Hypermail threw exception
org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:102)
org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:293)
org.apache.jk.server.JkCoyoteHandler.invoke(JkCoyoteHandler.java:190)
org.apache.jk.common.HandlerRequest.invoke(HandlerRequest.java:291)
org.apache.jk.common.ChannelSocket.invoke(ChannelSocket.java:769)
org.apache.jk.common.ChannelSocket.processConnection(ChannelSocket.java:698)
org.apache.jk.common.ChannelSocket$SocketConnection.runIt(ChannelSocket.java:891)
org.apache.tomcat.util.threads.ThreadPool$ControlRunnable.run(ThreadPool.java:690)
java.lang.Thread.run(Thread.java:619)


root cause

java.security.AccessControlException: access denied (java.util.PropertyPermission com.vaadin.terminal.gwt.server.Debug read)
java.security.AccessControlContext.checkPermission(AccessControlContext.java:323)
java.security.AccessController.checkPermission(AccessController.java:546)
java.lang.SecurityManager.checkPermission(SecurityManager.java:532)
java.lang.SecurityManager.checkPropertyAccess(SecurityManager.java:1285)
java.lang.System.getProperty(System.java:650)
com.vaadin.terminal.gwt.server.AbstractApplicationServlet.getSystemProperty(AbstractApplicationServlet.java:301)
com.vaadin.terminal.gwt.server.AbstractApplicationServlet.getApplicationOrSystemProperty(AbstractApplicationServlet.java:332)
com.vaadin.terminal.gwt.server.AbstractApplicationServlet.checkProductionMode(AbstractApplicationServlet.java:244)
com.vaadin.terminal.gwt.server.AbstractApplicationServlet.init(AbstractApplicationServlet.java:225)
com.vaadin.terminal.gwt.server.ApplicationServlet.init(ApplicationServlet.java:54)
sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
java.lang.reflect.Method.invoke(Method.java:597)
org.apache.catalina.security.SecurityUtil$1.run(SecurityUtil.java:269)
java.security.AccessController.doPrivileged(Native Method)
javax.security.auth.Subject.doAsPrivileged(Subject.java:517)
org.apache.catalina.security.SecurityUtil.execute(SecurityUtil.java:301)
org.apache.catalina.security.SecurityUtil.doAsPrivilege(SecurityUtil.java:162)
org.apache.catalina.security.SecurityUtil.doAsPrivilege(SecurityUtil.java:115)
org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:102)
org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:293)
org.apache.jk.server.JkCoyoteHandler.invoke(JkCoyoteHandler.java:190)
org.apache.jk.common.HandlerRequest.invoke(HandlerRequest.java:291)
org.apache.jk.common.ChannelSocket.invoke(ChannelSocket.java:769)
org.apache.jk.common.ChannelSocket.processConnection(ChannelSocket.java:698)
org.apache.jk.common.ChannelSocket$SocketConnection.runIt(ChannelSocket.java:891)
org.apache.tomcat.util.threads.ThreadPool$ControlRunnable.run(ThreadPool.java:690)
java.lang.Thread.run(Thread.java:619)

I know it is connected to the security update from java-1.5 but I don’t know how to handle.
What I found in google about granting permissions on codeBase basis didn’t work.

same exception on my machine, I’m vaadin newbie
any hint?

exported as WAR to: Debian Lenny, tomcat 5.5, java 1.6.0_12 testing server
however everything works ok on my local dev. machine, win 7, tomcat 5.5, java 1.6.0_17

You would get this error at least when you are running the tomcat with the security turned on. In that case you must specify the permission for Vaadin application in Tomcat’s policy file.

Here is a
very
old thread describing what I found at that time to be IT Mill Toolkit’s minimum permissions:

http://vaadin.com/forum/-/message_boards/message/18113

However, I think they might still apply if you just replace the com.itmill.toolkit.* with com.vaadin.*