AccessControlException Despite plugin-security.policy


(Varun Sharma) #1

java.security.AccessControlException: access denied ("java.lang.RuntimePermission" "accessDeclaredMembers")
at java.security.AccessControlContext.checkPermission(AccessControlContext.java:472) ~[?:1.8.0_131]
at java.security.AccessController.checkPermission(AccessController.java:884) ~[?:1.8.0_131]
at java.lang.SecurityManager.checkPermission(SecurityManager.java:549) ~[?:1.8.0_131]
at java.lang.Class.checkMemberAccess(Class.java:2348) ~[?:1.8.0_131]
at java.lang.Class.getDeclaredConstructors(Class.java:2019) ~[?:1.8.0_131]
at com.fasterxml.jackson.databind.util.ClassUtil.getConstructors(ClassUtil.java:966) ~[?:?]
at com.fasterxml.jackson.databind.introspect.AnnotatedClass.resolveCreators(AnnotatedClass.java:443) ~[?:?]
at com.fasterxml.jackson.databind.introspect.AnnotatedClass.getStaticMethods(AnnotatedClass.java:314) ~[?:?]
at com.fasterxml.jackson.databind.introspect.BasicBeanDescription.getFactoryMethods(BasicBeanDescription.java:486) ~[?:?]
at com.fasterxml.jackson.databind.deser.BasicDeserializerFactory._addDeserializerFactoryMethods(BasicDeserializerFactory.java:669) ~[?:?]
at com.fasterxml.jackson.databind.deser.BasicDeserializerFactory._constructDefaultValueInstantiator(BasicDeserializerFactory.java:320) ~[?:?]
at com.fasterxml.jackson.databind.deser.BasicDeserializerFactory.findValueInstantiator(BasicDeserializerFactory.java:253) ~[?:?]
at com.fasterxml.jackson.databind.deser.BasicDeserializerFactory.createMapDeserializer(BasicDeserializerFactory.java:1159) ~[?:?]
at com.fasterxml.jackson.databind.deser.DeserializerCache._createDeserializer2(DeserializerCache.java:377) ~[?:?]
at com.fasterxml.jackson.databind.deser.DeserializerCache._createDeserializer(DeserializerCache.java:349) ~[?:?]
at com.fasterxml.jackson.databind.deser.DeserializerCache._createAndCache2(DeserializerCache.java:264) ~[?:?]
at com.fasterxml.jackson.databind.deser.DeserializerCache._createAndCacheValueDeserializer(DeserializerCache.java:244) ~[?:?]
at com.fasterxml.jackson.databind.deser.DeserializerCache.findValueDeserializer(DeserializerCache.java:142) ~[?:?]
at com.fasterxml.jackson.databind.DeserializationContext.findRootValueDeserializer(DeserializationContext.java:476) ~[?:?]
at com.fasterxml.jackson.databind.ObjectMapper._findRootDeserializer(ObjectMapper.java:3899) ~[?:?]
at com.fasterxml.jackson.databind.ObjectMapper._readValue(ObjectMapper.java:3765) ~[?:?]
at com.fasterxml.jackson.databind.ObjectMapper.readValue(ObjectMapper.java:2123) ~[?:?]
at com.fasterxml.jackson.core.JsonParser.readValueAs(JsonParser.java:1650) ~[jackson-core-2.8.6.jar:2.8.6]
at com.auth0.jwt.impl.JsonNodeClaim.asMap(JsonNodeClaim.java:109) ~[?:?]
at com.fico.elasticsearch.authenticate.accesscontrol.User.lambda$fetchRolesFromToken$0(User.java:23) ~[?:?]
at java.security.AccessController.doPrivileged(Native Method) ~[?:1.8.0_131]

Code :-

Map<String, Object> someMap = AccessController.doPrivileged((PrivilegedAction<Map<String, Object>>) () -> {
  Map<String, Object> temp1 = ((Claim) token.getClaim("some_claim")).asMap();
  return temp1 ;
});

However when I run this code before it, it doesn't get any error but mine does :-

SecurityManager sm = System.getSecurityManager();
if (sm != null) {
  // unprivileged code such as scripts do not have SpecialPermission
  sm.checkPermission(new SpecialPermission());
} 

I do have

permission java.lang.RuntimePermission "accessDeclaredMembers";

In my plugin-security.policy and other code which relies on "accessDeclaredMembers" works fine but this one doesn't.


(system) #2

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.