openjdk team mailing list archive

Thread
Date

Bug#644094: icedtea-plugin: Fails to load any java applet due to AccessControlException

To: Debian Bug Tracking System <submit@xxxxxxxxxxxxxxx>
From: Frederik Himpe <fhimpe@xxxxxxxxxx>
Date: Sun, 02 Oct 2011 19:54:02 +0200
Delivered-to: submit@xxxxxxxxxxxxxxx
Reply-to: Frederik Himpe <fhimpe@xxxxxxxxxx>, 644094@xxxxxxxxxxxxxxx
Resent-cc: OpenJDK Team <openjdk@xxxxxxxxxxxxxxxxxxx>
Resent-date: Sun, 02 Oct 2011 17:57:01 +0000
Resent-from: Frederik Himpe <fhimpe@xxxxxxxxxx>
Resent-message-id: <handler.644094.B.131757804622373@xxxxxxxxxxxxxxx>
Resent-sender: Debian BTS <debbugs@xxxxxxxxxxxxxxxxx>
Resent-to: debian-bugs-dist@xxxxxxxxxxxxxxxx

Package: icedtea-plugin
Version: 1.1.3-1
Severity: grave
Justification: renders package unusable

icedtea-plugin fails to load any applet in Iceweasel 7. For example,
http://java.com/en/download/testjava.jsp

The console contains these errors:

java version "1.6.0_23"
OpenJDK Runtime Environment (IcedTea6 1.11pre) (6b23~pre9-2)
OpenJDK 64-Bit Server VM (build 20.0-b11, mixed mode)
Exception in thread "main" java.lang.ExceptionInInitializerError
        at sun.reflect.NativeConstructorAccessorImpl.newInstance0(Native
Method)
        at
sun.reflect.NativeConstructorAccessorImpl.newInstance(NativeConstructorAccessorImpl.java:57)
        at
sun.reflect.DelegatingConstructorAccessorImpl.newInstance(DelegatingConstructorAccessorImpl.java:45)
        at java.lang.reflect.Constructor.newInstance(Constructor.java:532)
        at sun.security.jca.ProviderConfig$3.run(ProviderConfig.java:262)
        at sun.security.jca.ProviderConfig$3.run(ProviderConfig.java:244)
        at java.security.AccessController.doPrivileged(Native Method)
        at
sun.security.jca.ProviderConfig.doLoadProvider(ProviderConfig.java:244)
        at sun.security.jca.ProviderConfig.getProvider(ProviderConfig.java:224)
        at sun.security.jca.ProviderList.getProvider(ProviderList.java:232)
        at sun.security.jca.ProviderList.getService(ProviderList.java:330)
        at sun.security.jca.GetInstance.getInstance(GetInstance.java:157)
        at java.security.Security.getImpl(Security.java:696)
        at
java.security.AlgorithmParameters.getInstance(AlgorithmParameters.java:130)
        at sun.security.x509.AlgorithmId.decodeParams(AlgorithmId.java:121)
        at sun.security.x509.AlgorithmId.<init>(AlgorithmId.java:114)
        at sun.security.x509.AlgorithmId.parse(AlgorithmId.java:381)
        at sun.security.x509.X509Key.parse(X509Key.java:168)
        at
sun.security.x509.CertificateX509Key.<init>(CertificateX509Key.java:75)
        at sun.security.x509.X509CertInfo.parse(X509CertInfo.java:705)
        at sun.security.x509.X509CertInfo.<init>(X509CertInfo.java:169)
        at sun.security.x509.X509CertImpl.parse(X509CertImpl.java:1747)
        at sun.security.x509.X509CertImpl.<init>(X509CertImpl.java:196)
        at
sun.security.provider.X509Factory.engineGenerateCertificate(X509Factory.java:107)
        at
java.security.cert.CertificateFactory.generateCertificate(CertificateFactory.java:322)
        at sun.security.provider.JavaKeyStore.engineLoad(JavaKeyStore.java:763)
        at
sun.security.provider.JavaKeyStore$JKS.engineLoad(JavaKeyStore.java:55)
        at java.security.KeyStore.load(KeyStore.java:1201)
        at
net.sourceforge.jnlp.security.KeyStores.createKeyStoreFromFile(KeyStores.java:369)
        at
net.sourceforge.jnlp.security.KeyStores.getKeyStore(KeyStores.java:135)
        at
net.sourceforge.jnlp.security.KeyStores.getKeyStore(KeyStores.java:114)
        at
net.sourceforge.jnlp.security.KeyStores.getCAKeyStores(KeyStores.java:191)
        at
net.sourceforge.jnlp.security.VariableX509TrustManager.<init>(VariableX509TrustManager.java:118)
        at
net.sourceforge.jnlp.security.VariableX509TrustManager.getInstance(VariableX509TrustManager.java:407)
        at
net.sourceforge.jnlp.runtime.JNLPRuntime.initialize(JNLPRuntime.java:224)
        at
sun.applet.PluginAppletSecurityContext.<init>(PluginAppletSecurityContext.java:245)
        at sun.applet.PluginMain.main(PluginMain.java:109)
Caused by: java.security.AccessControlException: access denied
(java.lang.RuntimePermission accessClassInPackage.sun.security.util)
        at
java.security.AccessControlContext.checkPermission(AccessControlContext.java:393)
        at
java.security.AccessController.checkPermission(AccessController.java:553)
        at java.lang.SecurityManager.checkPermission(SecurityManager.java:549)
        at
net.sourceforge.jnlp.runtime.JNLPSecurityManager.checkPermission(JNLPSecurityManager.java:285)
        at
java.lang.SecurityManager.checkPackageAccess(SecurityManager.java:1529)
        at java.lang.ClassLoader$1.run(ClassLoader.java:345)
        at java.security.AccessController.doPrivileged(Native Method)
        at java.lang.ClassLoader.checkPackageAccess(ClassLoader.java:343)
        at sun.security.pkcs11.SunPKCS11.<clinit>(SunPKCS11.java:63)
        ... 37 more



-- System Information:
Debian Release: wheezy/sid
  APT prefers testing
  APT policy: (300, 'testing'), (200, 'unstable'), (1, 'experimental')
Architecture: amd64 (x86_64)

Kernel: Linux 3.0.0-1-amd64 (SMP w/2 CPU cores)
Locale: LANG=en_GB.UTF-8, LC_CTYPE=en_GB.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash

Versions of packages icedtea-plugin depends on:
ii  icedtea-netx        1.1.3-1    
ii  libatk1.0-0         2.0.1-2    
ii  libc6               2.13-21    
ii  libcairo2           1.10.2-6.1 
ii  libfontconfig1      2.8.0-3    
ii  libfreetype6        2.4.6-2    
ii  libgcc1             1:4.6.1-4  
ii  libgdk-pixbuf2.0-0  2.24.0-1   
ii  libglib2.0-0        2.28.6-1   
ii  libgtk2.0-0         2.24.4-3   
ii  libpango1.0-0       1.28.4-3   
ii  libstdc++6          4.6.1-4    
ii  openjdk-6-jre       6b23~pre9-2

icedtea-plugin recommends no packages.

icedtea-plugin suggests no packages.

-- no debconf information

Follow ups

Bug#644094: Bug#644094: icedtea-plugin: Fails to load any java applet due to AccessControlException
From: Damien Raude-Morvan, 2011-10-04