Glassfish SecurityManager.checkPermission

After configuring Hudson to run in a Glassfish with security manager enabled I started to have problems in other applications, specially web applications using reflection to access private fields in Java classes. Over the web I noticed a lot of people struggling with the same issue (Seam, GWT, Vaadin, etc). The problem is caused because most of the modern frameworks tries to access Java private fields directly - perhaps motivated by the popularity of type-unsafe languages or just designed for better performance. The frameworks designer expect to have this freedom but the Security Manager imposes strict rules against that. Applications based on these frameworks running on a secure Glassfish will eventually throw an exception like: java.security.AccessControlException: access denied (java.lang.reflect.ReflectPermission suppressAccessChecks) at java.security.AccessControlContext.checkPermission(AccessControlContext.java:323) at java.security.AccessController.checkPermission(AccessController.java:546) at java.lang.SecurityManager.checkPermission(SecurityManager.java:532) .. .. [#|2010-01-02T11:28:34.681+0100|WARNING|glassfishv3.0|org.directwebremoting.dwrp.BaseCallMarshaller|_ThreadID=30;_ThreadName=Thread-1;|--Erroring: batchId[1] message[java.lang.IllegalAccessError: Class com.sun.xml.bind.v2.runtim...

Date: January, 02 2010
Url: http://www.java.net/blog/felipegaucho/archive/2010/01/02/glassfish-securitymanagercheckpermission

Others News