-Djava.security.manager=problems for service provider

Peter jini at zeus.net.au
Wed Mar 28 04:20:56 UTC 2018


It would be more correct to say, it wasn't noticed until recently.

The logger was recently added to our policy implementation as a todo 
item, previously it went to System.out.err.

The logger in our security manager, while a static field, has this comment:

/**
      * Logger is lazily loaded, the SecurityManager can be loaded prior to
      * the system ClassLoader, attempting to load a Logger will cause a
      * NullPointerException, when calling 
ClassLoader.getSystemClassLoader(),
      * in order to load the logger class.

Unfortunately we can't have the same lazy loading for the policy 
provider as all logging is related to parsing policy file syntax errors, 
all done prior to construction of the policy.

We could remove the Logger from the policy, but that makes tracking down 
policy syntax errors a problem usually after a period of running, rather 
than during start up.

We also need to ensure all classes the SecurityManager will cause to be 
loaded are loaded prior to the security manager constructor completing.

For example:

/* The following ensures the classes we need are loaded early to avoid
      * class loading deadlock */
     checkPermission(new RuntimePermission("setIO"), SMPrivilegedContext);

It seems the best advise is to simply avoid using 
-Djava.security.manager in our case.

Cheers,

Peter.


On 28/03/2018 11:50 AM, Peter wrote:
> Thanks Daniel,
>
> Ah yes, I see what's happening and why this only occurs when using 
> -Djava.security.manager=
>
> sun.misc.Launcher calls the security manager constructor from within 
> its constructor, which creates a recursive call back to the static 
> method Launcher.getLauncher(), which returns the uninitialized static 
> launcher field.
>
> CombinerSecurityManager checks during construction that the policy has 
> been instantiated and it also instantiates a Logger.  It could safely 
> lose the logger, but the policy must be fully instantiated before the 
> security manager is in force, otherwise it creates recursive calls in 
> the security manager implementation.
>
> The simplest fix would be to move the instantiation of SecurityManager 
> to  a static initializer in Launcher that occurs after the 
> construction of Launcher and setting of the static launcher field.
>
> This didn't become a problem until recently upgrading to the latest 
> Java 8 JDK, so not sure of the history here.
>
> Regards Peter.
>
> More comments inline below:
>
>> Hi,
>>
>> On 27/03/2018 14:06, Alan Bateman wrote:
>> >/  Moving this to security-dev.
>> />/
>> />/    From the stack trace, it looks like you are using JDK 8 or 
>> older. There
>> />/  are several changes in JDK 9 and newer in the PolicyFile code to 
>> how it
>> />/  loads its resources that may help with the issues you are seeing.
>> />/
>> />/  -Alan
>> /
>> [snip]
>>
>> >/       [java]     at java.util.logging.Logger.log(Logger.java:788)
>> />/       [java]     at 
>> org.apache.river.api.security.ConcurrentPolicyFile$2.run(ConcurrentPolicyFile.java:496)
>> /
>> In what logging is concerned, it's probably not a good idea to
>> use java.util.logging in a Policy/SecurityManager implementation
>> supplied on the command line as java.util.logging uses
>> doPrivileged and checks for permissions.
>
> Work arounds for that problem:
>
>    * Delegate logging to an executor.
>    * Use a thread local variable to detect trusted recursive calls.
>    * Only log messages during startup, when the policy or security
>      manager isn't active.
>
>
>> For the record the line that throws in the first stack trace
>> seems to be this one at LogManager.java:965
>>
>>       Class<?>  clz = 
>> ClassLoader.getSystemClassLoader().loadClass(word);
>>
>> The exception is caught and printed on System.err at line 981
>> allowing the caller to proceed - so it's not what is
>> causing the ExceptionInInitializerError, but it shows that
>> ClassLoader.getSystemClassLoader() is probably returning null
>> at this point, and it looks like it is the same issue you're
>> seeing at ResourceBundle.java:502 later on, which prevents the
>> CombinerSecurityManager to initialize.
>>
>>
>> Hopes this helps,
>>
>> -- daniel
>>
>>
>> >/
>> />/  On 27/03/2018 13:56, Peter Firmstone wrote:
>> />>/  Not sure if this is the right place to mention this.
>> />>/
>> />>/  Anyone notice that specifying a custom security manager at jvm 
>> start
>> />>/  up causes issues with service providers loading?   If using the 
>> sun
>> />>/  PolicyFile implementation, the policy doesn't load due to the 
>> provider
>> />>/  failure, I have a custom policy implementation that will allow 
>> the jvm
>> />>/  to run in this state, and other providers are also not loading, 
>> such
>> />>/  as the logger and JCE.
>> />>/
>> />>/  Note that it doesn't occur if the security manager is set
>> />>/  programmatically in the main method at start up, only if it's 
>> set via
>> />>/  command line option.
>> />>/
>> />>/  Examples of providers not loading:
>> />>/
>> />>/        [java] java.lang.NullPointerException
>> />>/        [java] Can't load log handler 
>> "java.util.logging.ConsoleHandler"
>> />>/        [java] java.lang.NullPointerException
>> />>/        [java] java.lang.NullPointerException
>> />>/        [java]     at
>> />>/  java.util.logging.LogManager$5.run(LogManager.java:965)
>> />>/        [java]     at 
>> java.security.AccessController.doPrivileged(Native
>> />>/  Method)
>> />>/        [java]     at
>> />>/  
>> java.util.logging.LogManager.loadLoggerHandlers(LogManager.java:958)
>> />>/        [java]     at
>> />>/  
>> java.util.logging.LogManager.initializeGlobalHandlers(LogManager.java:1578)
>> />>/
>> />>/        [java]     at
>> />>/  java.util.logging.LogManager.access$1500(LogManager.java:145)
>> />>/        [java]     at
>> />>/  
>> java.util.logging.LogManager$RootLogger.accessCheckedHandlers(LogManager.java:1667)
>> />>/
>> />>/        [java]     at 
>> java.util.logging.Logger.getHandlers(Logger.java:1777)
>> />>/        [java]     at java.util.logging.Logger.log(Logger.java:735)
>> />>/        [java]     at 
>> java.util.logging.Logger.doLog(Logger.java:765)
>> />>/        [java]     at java.util.logging.Logger.log(Logger.java:788)
>> />>/        [java]     at
>> />>/  
>> org.apache.river.api.security.ConcurrentPolicyFile$2.run(ConcurrentPolicyFile.java:496)
>> />>/
>> />>/        [java]     at
>> />>/  
>> org.apache.river.api.security.ConcurrentPolicyFile$2.run(ConcurrentPolicyFile.java:469)
>> />>/
>> />>/        [java]     at 
>> java.security.AccessController.doPrivileged(Native
>> />>/  Method)
>> />>/        [java]     at
>> />>/  
>> org.apache.river.api.security.ConcurrentPolicyFile.readPoliciesNoCheckGuard(ConcurrentPolicyFile.java:468)
>> />>/
>> />>/        [java]     at
>> />>/  
>> org.apache.river.api.security.ConcurrentPolicyFile.readPolicyPermissionGrants(ConcurrentPolicyFile.java:243)
>> />>/
>> />>/        [java]     at
>> />>/  
>> org.apache.river.api.security.ConcurrentPolicyFile.<init>(ConcurrentPolicyFile.java:253)
>> />>/
>> />>/        [java]     at
>> />>/  
>> org.apache.river.api.security.ConcurrentPolicyFile.<init>(ConcurrentPolicyFile.java:226)
>> />>/
>> />>/        [java]     at
>> />>/  
>> org.apache.river.api.security.CombinerSecurityManager.<init>(CombinerSecurityManager.java:154)
>> />>/
>> />>/        [java]     at
>> />>/  
>> org.apache.river.api.security.CombinerSecurityManager.<init>(CombinerSecurityManager.java:133)
>> />>/
>> />>/        [java]     at
>> />>/  
>> org.apache.river.tool.SecurityPolicyWriter.<init>(SecurityPolicyWriter.java:137)
>> />>/
>> />>/        [java]     at
>> />>/  
>> org.apache.river.tool.SecurityPolicyWriter.<init>(SecurityPolicyWriter.java:162)
>> />>/
>> />>/        [java]     at
>> />>/  sun.reflect.NativeConstructorAccessorImpl.newInstance0(Native 
>> Method)
>> />>/        [java]     at
>> />>/  
>> sun.reflect.NativeConstructorAccessorImpl.newInstance(NativeConstructorAccessorImpl.java:62)
>> />>/
>> />>/        [java]     at
>> />>/  
>> sun.reflect.DelegatingConstructorAccessorImpl.newInstance(DelegatingConstructorAccessorImpl.java:45)
>> />>/
>> />>/        [java]     at
>> />>/  java.lang.reflect.Constructor.newInstance(Constructor.java:423)
>> />>/        [java]     at java.lang.Class.newInstance(Class.java:442)
>> />>/        [java]     at sun.misc.Launcher.<init>(Launcher.java:93)
>> />>/        [java]     at sun.misc.Launcher.<clinit>(Launcher.java:54)
>> />>/        [java]     at
>> />>/  java.lang.ClassLoader.initSystemClassLoader(ClassLoader.java:1451)
>> />>/        [java]     at
>> />>/  java.lang.ClassLoader.getSystemClassLoader(ClassLoader.java:1436)
>> />>/
>> />>/
>> />>/        [java] Error occurred during initialization of VM
>> />>/        [java] java.lang.ExceptionInInitializerError
>> />>/        [java]     at
>> />>/  java.util.ResourceBundle.getLoader(ResourceBundle.java:482)
>> />>/        [java]     at
>> />>/  java.util.ResourceBundle.getBundle(ResourceBundle.java:783)
>> />>/        [java]     at
>> />>/  sun.security.util.ResourcesMgr$1.run(ResourcesMgr.java:47)
>> />>/        [java]     at
>> />>/  sun.security.util.ResourcesMgr$1.run(ResourcesMgr.java:44)
>> />>/        [java]     at 
>> java.security.AccessController.doPrivileged(Native
>> />>/  Method)
>> />>/        [java]     at
>> />>/  sun.security.util.ResourcesMgr.getString(ResourcesMgr.java:43)
>> />>/        [java]     at
>> />>/  
>> sun.security.provider.PolicyFile.addGrantEntry(PolicyFile.java:888)
>> />>/        [java]     at
>> />>/  sun.security.provider.PolicyFile.init(PolicyFile.java:626)
>> />>/        [java]     at
>> />>/  sun.security.provider.PolicyFile.access$400(PolicyFile.java:258)
>> />>/        [java]     at
>> />>/  sun.security.provider.PolicyFile$3.run(PolicyFile.java:521)
>> />>/        [java]     at
>> />>/  sun.security.provider.PolicyFile$3.run(PolicyFile.java:495)
>> />>/        [java]     at 
>> java.security.AccessController.doPrivileged(Native
>> />>/  Method)
>> />>/        [java]     at
>> />>/  
>> sun.security.provider.PolicyFile.initPolicyFile(PolicyFile.java:495)
>> />>/        [java]     at
>> />>/  
>> sun.security.provider.PolicyFile.initPolicyFile(PolicyFile.java:480)
>> />>/        [java]     at
>> />>/  sun.security.provider.PolicyFile.init(PolicyFile.java:439)
>> />>/        [java]     at
>> />>/  sun.security.provider.PolicyFile.<init>(PolicyFile.java:297)
>> />>/        [java]     at 
>> java.security.Policy.getPolicyNoCheck(Policy.java:196)
>> />>/        [java]     at 
>> java.security.Policy.getPolicy(Policy.java:154)
>> />>/        [java]     at 
>> net.jini.security.Security$7.run(Security.java:1054)
>> />>/        [java]     at 
>> net.jini.security.Security$7.run(Security.java:1052)
>> />>/        [java]     at 
>> java.security.AccessController.doPrivileged(Native
>> />>/  Method)
>> />>/        [java]     at
>> />>/  net.jini.security.Security.getPolicy(Security.java:1052)
>> />>/        [java]     at
>> />>/  net.jini.security.Security.getContext(Security.java:506)
>> />>/        [java]     at
>> />>/  
>> org.apache.river.api.security.CombinerSecurityManager.<init>(CombinerSecurityManager.java:140)
>> />>/
>> />>/        [java]     at
>> />>/  
>> org.apache.river.api.security.CombinerSecurityManager.<init>(CombinerSecurityManager.java:132)
>> />>/
>> />>/        [java]     at
>> />>/  
>> org.apache.river.tool.SecurityPolicyWriter.<init>(SecurityPolicyWriter.java:137)
>> />>/
>> />>/        [java]     at
>> />>/  
>> org.apache.river.tool.SecurityPolicyWriter.<init>(SecurityPolicyWriter.java:160)
>> />>/
>> />>/        [java]     at
>> />>/  sun.reflect.NativeConstructorAccessorImpl.newInstance0(Native 
>> Method)
>> />>/        [java]     at
>> />>/  
>> sun.reflect.NativeConstructorAccessorImpl.newInstance(NativeConstructorAccessorImpl.java:62)
>> />>/
>> />>/        [java]     at
>> />>/  
>> sun.reflect.DelegatingConstructorAccessorImpl.newInstance(DelegatingConstructorAccessorImpl.java:45)
>> />>/
>> />>/        [java]     at
>> />>/  java.lang.reflect.Constructor.newInstance(Constructor.java:423)
>> />>/        [java]     at java.lang.Class.newInstance(Class.java:442)
>> />>/        [java]     at sun.misc.Launcher.<init>(Launcher.java:93)
>> />>/        [java]     at sun.misc.Launcher.<clinit>(Launcher.java:54)
>> />>/        [java]     at
>> />>/  java.lang.ClassLoader.initSystemClassLoader(ClassLoader.java:1451)
>> />>/        [java]     at
>> />>/  java.lang.ClassLoader.getSystemClassLoader(ClassLoader.java:1436)
>> />>/        [java] Caused by: java.lang.NullPointerException
>> />>/        [java]     at
>> />>/  
>> java.util.ResourceBundle$RBClassLoader.<clinit>(ResourceBundle.java:502)
>> />>/        [java]     at
>> />>/  java.util.ResourceBundle.getLoader(ResourceBundle.java:482)
>> />>/        [java]     at
>> />>/  java.util.ResourceBundle.getBundle(ResourceBundle.java:783)
>> />>/        [java]     at
>> />>/  sun.security.util.ResourcesMgr$1.run(ResourcesMgr.java:47)
>> />>/        [java]     at
>> />>/  sun.security.util.ResourcesMgr$1.run(ResourcesMgr.java:44)
>> />>/        [java]     at 
>> java.security.AccessController.doPrivileged(Native
>> />>/  Method)
>> />>/        [java]     at
>> />>/  sun.security.util.ResourcesMgr.getString(ResourcesMgr.java:43)
>> />>/        [java]     at
>> />>/  
>> sun.security.provider.PolicyFile.addGrantEntry(PolicyFile.java:888)
>> />>/        [java]     at
>> />>/  sun.security.provider.PolicyFile.init(PolicyFile.java:626)
>> />>/        [java]     at
>> />>/  sun.security.provider.PolicyFile.access$400(PolicyFile.java:258)
>> />>/        [java]     at
>> />>/  sun.security.provider.PolicyFile$3.run(PolicyFile.java:521)
>> />>/        [java]     at
>> />>/  sun.security.provider.PolicyFile$3.run(PolicyFile.java:495)
>> />>/        [java]     at 
>> java.security.AccessController.doPrivileged(Native
>> />>/  Method)
>> />>/        [java]     at
>> />>/  
>> sun.security.provider.PolicyFile.initPolicyFile(PolicyFile.java:495)
>> />>/        [java]     at
>> />>/  
>> sun.security.provider.PolicyFile.initPolicyFile(PolicyFile.java:480)
>> />>/        [java]     at
>> />>/  sun.security.provider.PolicyFile.init(PolicyFile.java:439)
>> />>/        [java]     at
>> />>/  sun.security.provider.PolicyFile.<init>(PolicyFile.java:297)
>> />>/        [java]     at 
>> java.security.Policy.getPolicyNoCheck(Policy.java:196)
>> />>/        [java]     at 
>> java.security.Policy.getPolicy(Policy.java:154)
>> />>/        [java]     at 
>> net.jini.security.Security$7.run(Security.java:1054)
>> />>/        [java]     at 
>> net.jini.security.Security$7.run(Security.java:1052)
>> />>/        [java]     at 
>> java.security.AccessController.doPrivileged(Native
>> />>/  Method)
>> />>/        [java]     at
>> />>/  net.jini.security.Security.getPolicy(Security.java:1052)
>> />>/        [java]     at
>> />>/  net.jini.security.Security.getContext(Security.java:506)
>> />>/        [java] Unexpected exception:
>> />>/        [java]     at
>> />>/  
>> org.apache.river.api.security.CombinerSecurityManager.<init>(CombinerSecurityManager.java:140)
>> />>/
>> />>/        [java]     at
>> />>/  
>> org.apache.river.api.security.CombinerSecurityManager.<init>(CombinerSecurityManager.java:132)
>> />>/
>> />>/        [java]     at
>> />>/  
>> org.apache.river.tool.SecurityPolicyWriter.<init>(SecurityPolicyWriter.java:137)
>> />>/
>> />>/        [java]     at
>> />>/  
>> org.apache.river.tool.SecurityPolicyWriter.<init>(SecurityPolicyWriter.java:160)
>> />>/
>> />>/        [java]     at
>> />>/  sun.reflect.NativeConstructorAccessorImpl.newInstance0(Native 
>> Method)
>> />>/        [java]     at
>> />>/  
>> sun.reflect.NativeConstructorAccessorImpl.newInstance(NativeConstructorAccessorImpl.java:62)
>> />>/
>> />>/        [java]     at
>> />>/  
>> sun.reflect.DelegatingConstructorAccessorImpl.newInstance(DelegatingConstructorAccessorImpl.java:45)
>> />>/
>> />>/        [java]     at
>> />>/  java.lang.reflect.Constructor.newInstance(Constructor.java:423)
>> />>/        [java]     at java.lang.Class.newInstance(Class.java:442)
>> />>/        [java]     at sun.misc.Launcher.<init>(Launcher.java:93)
>> />>/        [java]     at sun.misc.Launcher.<clinit>(Launcher.java:54)
>> />>/        [java]     at
>> />>/  java.lang.ClassLoader.initSystemClassLoader(ClassLoader.java:1451)
>> />>/        [java]     at
>> />>/  java.lang.ClassLoader.getSystemClassLoader(ClassLoader.java:1436)
>> />>/
>> />>/
>> />>/
>> />>/        [java] java.lang.ExceptionInInitializerError
>> />>/        [java]     at
>> />>/  
>> javax.crypto.JceSecurityManager.<clinit>(JceSecurityManager.java:65)
>> />>/        [java]     at
>> />>/  javax.crypto.Cipher.getConfiguredPermission(Cipher.java:2586)
>> />>/        [java]     at
>> />>/  javax.crypto.Cipher.getMaxAllowedKeyLength(Cipher.java:2610)
>> />>/        [java]     at
>> />>/  
>> sun.security.ssl.CipherSuite$BulkCipher.isUnlimited(CipherSuite.java:535)
>> />>/        [java]     at
>> />>/  
>> sun.security.ssl.CipherSuite$BulkCipher.<init>(CipherSuite.java:507)
>> />>/        [java]     at
>> />>/  sun.security.ssl.CipherSuite.<clinit>(CipherSuite.java:614)
>> />>/        [java]     at
>> />>/  
>> sun.security.ssl.SSLContextImpl.getApplicableCipherSuiteList(SSLContextImpl.java:294)
>> />>/
>> />>/        [java]     at
>> />>/  sun.security.ssl.SSLContextImpl.access$100(SSLContextImpl.java:42)
>> />>/        [java]     at
>> />>/  
>> sun.security.ssl.SSLContextImpl$AbstractTLSContext.<clinit>(SSLContextImpl.java:425)
>> />>/
>> />>/        [java]     at java.lang.Class.forName0(Native Method)
>> />>/        [java]     at java.lang.Class.forName(Class.java:264)
>> />>/        [java]     at
>> />>/  java.security.Provider$Service.getImplClass(Provider.java:1634)
>> />>/        [java]     at
>> />>/  java.security.Provider$Service.newInstance(Provider.java:1592)
>> />>/        [java]     at
>> />>/  sun.security.jca.GetInstance.getInstance(GetInstance.java:236)
>> />>/        [java]     at
>> />>/  sun.security.jca.GetInstance.getInstance(GetInstance.java:164)
>> />>/        [java]     at
>> />>/  javax.net.ssl.SSLContext.getInstance(SSLContext.java:156)
>> />>/        [java]     at
>> />>/  
>> net.jini.jeri.ssl.Utilities.getServerSSLContextInfo(Utilities.java:712)
>> />>/        [java]     at
>> />>/  
>> net.jini.jeri.ssl.Utilities.getSupportedCipherSuites(Utilities.java:284)
>> />>/        [java]     at
>> />>/  
>> net.jini.jeri.ssl.SslEndpointImpl.getConnectionContexts(SslEndpointImpl.java:750)
>> />>/
>> />>/        [java]     at
>> />>/  
>> net.jini.jeri.ssl.SslEndpointImpl.getCallContext(SslEndpointImpl.java:326)
>> />>/
>> />>/        [java]     at
>> />>/  
>> net.jini.jeri.ssl.SslEndpointImpl.newRequest(SslEndpointImpl.java:185)
>> />>/        [java]     at
>> />>/  net.jini.jeri.ssl.SslEndpoint.newRequest(SslEndpoint.java:550)
>> />>/        [java]     at
>> />>/  
>> net.jini.jeri.BasicObjectEndpoint.newCall(BasicObjectEndpoint.java:421)
>> />>/        [java]     at
>> />>/  
>> net.jini.jeri.BasicInvocationHandler.invokeRemoteMethod(BasicInvocationHandler.java:688)
>> />>/
>> />>/        [java]     at
>> />>/  
>> net.jini.jeri.BasicInvocationHandler.invoke(BasicInvocationHandler.java:571)
>> />>/
>> />>/        [java]     at com.sun.proxy.$Proxy2.registerGroup(Unknown 
>> Source)
>> />>/        [java]     at
>> />>/  
>> org.apache.river.start.SharedActivationGroupDescriptor.create(SharedActivationGroupDescriptor.java:370)
>> />>/
>> />>/        [java]     at
>> />>/  
>> org.apache.river.qa.harness.SharedGroupAdmin.start(SharedGroupAdmin.java:204)
>> />>/
>> />>/        [java]     at
>> />>/  
>> org.apache.river.qa.harness.AdminManager.startService(AdminManager.java:639)
>> />>/
>> />>/        [java]     at
>> />>/  
>> org.apache.river.qa.harness.AdminManager.startService(AdminManager.java:660)
>> />>/
>> />>/        [java]     at
>> />>/  
>> org.apache.river.qa.harness.ActivatableServiceStarterAdmin.getServiceSharedLogDir(ActivatableServiceStarterAdmin.java:388)
>> />>/
>> />>/        [java]     at
>> />>/  
>> org.apache.river.qa.harness.ActivatableServiceStarterAdmin.start(ActivatableServiceStarterAdmin.java:224)
>> />>/
>> />>/        [java]     at
>> />>/  
>> org.apache.river.qa.harness.AdminManager.startService(AdminManager.java:639)
>> />>/
>> />>/        [java]     at
>> />>/  
>> org.apache.river.qa.harness.AdminManager.startService(AdminManager.java:660)
>> />>/
>> />>/        [java]     at
>> />>/  
>> org.apache.river.qa.harness.AdminManager.startLookupService(AdminManager.java:679)
>> />>/
>> />>/        [java]     at
>> />>/  
>> org.apache.river.test.spec.lookupservice.QATestRegistrar.construct(QATestRegistrar.java:458)
>> />>/
>> />>/        [java]     at
>> />>/  
>> org.apache.river.test.spec.lookupservice.test_set00.EvntLeaseExpiration.construct(EvntLeaseExpiration.java:88)
>> />>/
>> />>/        [java]     at
>> />>/  org.apache.river.qa.harness.MasterTest.doTest(MasterTest.java:228)
>> />>/        [java]     at
>> />>/  
>> org.apache.river.qa.harness.MasterTest.access$000(MasterTest.java:48)
>> />>/        [java]     at
>> />>/  org.apache.river.qa.harness.MasterTest$1.run(MasterTest.java:174)
>> />>/        [java]     at 
>> java.security.AccessController.doPrivileged(Native
>> />>/  Method)
>> />>/        [java]     at
>> />>/  javax.security.auth.Subject.doAsPrivileged(Subject.java:483)
>> />>/        [java]     at
>> />>/  
>> org.apache.river.qa.harness.MasterTest.doTestWithLogin(MasterTest.java:171)
>> />>/
>> />>/        [java]     at
>> />>/  org.apache.river.qa.harness.MasterTest.main(MasterTest.java:150)
>> />>/        [java] Caused by: java.lang.SecurityException: Can not 
>> initialize
>> />>/  cryptographic mechanism
>> />>/        [java]     at 
>> javax.crypto.JceSecurity.<clinit>(JceSecurity.java:93)
>> />>/        [java]     ... 44 more
>> />>/        [java] Caused by: java.lang.SecurityException: Cannot locate
>> />>/  policy or framework files!
>> />>/        [java]     at
>> />>/  
>> javax.crypto.JceSecurity.setupJurisdictionPolicies(JceSecurity.java:316)
>> />>/        [java]     at
>> />>/  javax.crypto.JceSecurity.access$000(JceSecurity.java:50)
>> />>/        [java]     at 
>> javax.crypto.JceSecurity$1.run(JceSecurity.java:85)
>> />>/        [java]     at 
>> java.security.AccessController.doPrivileged(Native
>> />>/  Method)
>> />>/        [java]     at 
>> javax.crypto.JceSecurity.<clinit>(JceSecurity.java:82)
>> />/
>> /
>



More information about the security-dev mailing list