[Bug 1482] New: Property access fails when JNLP is remote, works when local

bugzilla-daemon at icedtea.classpath.org bugzilla-daemon at icedtea.classpath.org
Wed Jun 19 06:11:58 PDT 2013 

http://icedtea.classpath.org/bugzilla/show_bug.cgi?id=1482

            Bug ID: 1482
           Summary: Property access fails when JNLP is remote, works when
                    local
    Classification: Unclassified
           Product: IcedTea-Web
           Version: unspecified
          Hardware: x86_64
                OS: Linux
            Status: NEW
          Severity: normal
          Priority: P3
         Component: NetX (javaws)
          Assignee: omajid at redhat.com
          Reporter: aleksi.kallio at csc.fi
                CC: unassigned at icedtea.classpath.org

I have an application that reads system property "user.home" and sets another
property based on that (to dynamically set Log4j logging dir). This fails with
IcedTea-web on remote JNLP files. The property I am setting ends up empty and
Log4j tries to log to the filesystem root, which gives naturally "permission
denied".

If the file is downloaded and codebase/href updated to local, then it starts to
work. It also works on Oracle JRE javaws.

The applications has "all-permissions" and the JAR is signed with a trusted
certificate.

So is there something funny happening in security manager when properties are
being accessed?

The local version of JNLP looks like this:

$ cat chipster-local.jnlp
<?xml version="1.0" encoding="UTF-8"?>
<jnlp codebase="file:." href="chipster-local.jnlp" spec="1.0">
  <information>
    <title>Chipster</title>
  </information>
  <security>
    <all-permissions/>
  </security>
  <resources>
    <jar download="eager" href="http://chipster.csc.fi/lib/chipster-all.jar"/>
  </resources>
  <application-desc main-class="fi.csc.microarray.MicroarrayMain">
      <argument>client</argument>
      <argument>-config</argument>
      <argument>http://chipster.csc.fi/chipster-config.xml</argument>
        <argument>-module</argument>
        <argument>fi.csc.microarray.module.chipster.MicroarrayModule</argument>
  </application-desc>
</jnlp>

The only difference between normal (remote) and local is:

$ diff chipster.jnlp chipster-local.jnlp
2c2
< <jnlp codebase="http://chipster.csc.fi" href="chipster.jnlp" spec="1.0">
---
> <jnlp codebase="file:." href="chipster-local.jnlp" spec="1.0">


And the end result of using these is:

$ javaws chipster-local.jnlp => WORKS
$ javaws chipster.jnlp => FAILS
$ javaws http://chipster.csc.fi/chipster.jnlp => FAILS

(also downloading the JAR and doing "java -jar" works)

-- 
You are receiving this mail because:
You are on the CC list for the bug.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://mail.openjdk.java.net/pipermail/distro-pkg-dev/attachments/20130619/d3e7c503/attachment.html

More information about the distro-pkg-dev mailing list