Important Notice - Forums is archived
To simplify things and help our users to be more productive, we have archived the current forum and focus our efforts on helping developers on Stack Overflow. You can post new questions on Stack Overflow or join our Discord channel.

Vaadin lets you build secure, UX-first PWAs entirely in Java.
Free ebook & tutorial.
vaadin and security hardened jetty
Hello,
When I try to run my webapp under jetty configured with policy I get:
java.security.AccessControlException: access denied (java.util.PropertyPermission hu.prolan.slm.vaadin.Debug read)
at java.security.AccessControlContext.checkPermission(AccessControlContext.java:393)
No such file can be found under the unpacked webapp.
It might help to allow permission for it if I knew what this file is and where it comes from.
Thanks!
Zsolt
How about connecting a remote debugger to your Jetty and setting an exception breakpoint on AccessControlException?
Although I haven't really worked with these in years, I would guess the offending call is System.getProperty("hu.prolan.slm.vaadin.Debug") in your code, and your configuration only allows getting the values of certain properties - see the javadoc for PropertyPermission.
Henri Sara: How about connecting a remote debugger to your Jetty and setting an exception breakpoint on AccessControlException?
Although I haven't really worked with these in years, I would guess the offending call is System.getProperty("hu.prolan.slm.vaadin.Debug") in your code, and your configuration only allows getting the values of certain properties - see the javadoc for PropertyPermission.
Yes, you're right, that's a property. However it must be then a generated one, since in my code there is no such defined.
The problem, that I granted ALL permissions for the webapp. Since then I succeeded to reproduce it with tomcat too.
So the question now is: where this property comes from and why is not granted its access together with the webapp codebase.
Thanks for your attention!
Hi,
Try to change your policy permissions.
For jetty, take a look to their Tutorial about Web Application Policies.
For Tomcat see Configuring Tomcat With A SecurityManager
If you google java policy permissions web application you will find more information.
HTH,
Javi
Javier Serrano: Hi,
Try to change your policy permissions.
For jetty, take a look to their Tutorial about Web Application Policies.
For Tomcat see Configuring Tomcat With A SecurityManagerIf you google java policy permissions web application you will find more information.
Javi
Yes, I started ther, already read and followed those guides.
I discovered a typo that prevented webapp libs becoming granted.
Thanks