Plutext

forums
https://www.docx4java.org/forums/

docx4j initialization errors due to JVM security manager

https://www.docx4java.org/forums/deployment-f22/docx4j-initialization-errors-due-to-jvm-security-manager-t1887.html

Page 1 of 1

docx4j initialization errors due to JVM security manager

PostPosted: Thu May 15, 2014 3:28 am
by aaronanderson
I am attempting to deploy docx4j/xlsx4j 3.1.0 to a cloud provider with a strict security manager installed. The initialization checks in the org.docx4j.jaxb.Context cause an attempt to load an internal JAXB JVM class which generates an AccessControlException which is not properly handled. I am going to try to use moxy as a work around since it appears these internal class checks are bypassed when it is present.



Code: Select all
...
Caused by: java.lang.ExceptionInInitializerError
   at org.docx4j.openpackaging.parts.JaxbXmlPart.<init>(JaxbXmlPart.java:85)
   at org.docx4j.openpackaging.parts.JaxbXmlPartXPathAware.<init>(JaxbXmlPartXPathAware.java:56)
   at org.docx4j.openpackaging.parts.SpreadsheetML.JaxbSmlPart.<init>(JaxbSmlPart.java:34)
   at org.docx4j.openpackaging.parts.SpreadsheetML.WorkbookPart.<init>(WorkbookPart.java:26)
   at org.docx4j.openpackaging.packages.SpreadsheetMLPackage.createPackage(SpreadsheetMLPackage.java:138)
   at com.somecompany.ReportXLSX4J.process(ReportXLSX4J.java:67)
   ... 50 more
Caused by: java.security.AccessControlException: access denied ("java.lang.RuntimePermission" "accessClassInPackage.com.sun.xml.internal.bind.marshaller")
   at java.security.AccessControlContext.checkPermission(AccessControlContext.java:372)
   at java.security.AccessController.checkPermission(AccessController.java:559)
   at java.lang.SecurityManager.checkPermission(SecurityManager.java:549)
   at java.lang.SecurityManager.checkPackageAccess(SecurityManager.java:1525)
   at java.lang.ClassLoader$1.run(ClassLoader.java:503)
   at java.lang.ClassLoader$1.run(ClassLoader.java:501)
   at java.security.AccessController.doPrivileged(Native Method)
   at java.lang.ClassLoader.checkPackageAccess(ClassLoader.java:501)
   at java.lang.ClassLoader.defineClass1(Native Method)
   at java.lang.ClassLoader.defineClass(ClassLoader.java:800)
   at java.security.SecureClassLoader.defineClass(SecureClassLoader.java:142)
   at java.net.URLClassLoader.defineClass(URLClassLoader.java:449)
   at java.net.URLClassLoader.access$100(URLClassLoader.java:71)
   at java.net.URLClassLoader$1.run(URLClassLoader.java:361)
   at java.net.URLClassLoader$1.run(URLClassLoader.java:355)
   at java.security.AccessController.doPrivileged(Native Method)
   at java.net.URLClassLoader.findClass(URLClassLoader.java:354)
   at java.lang.ClassLoader.loadClass(ClassLoader.java:425)
   at com.capeclear.capeconnect.application.impl.ESBClassLoader.loadClass(ESBClassLoader.java:52)
   at java.lang.ClassLoader.loadClass(ClassLoader.java:358)
   at org.docx4j.jaxb.NamespacePrefixMapperUtils.getPrefixMapper(NamespacePrefixMapperUtils.java:59)
   at org.docx4j.jaxb.Context.<clinit>(Context.java:103)
   ... 56 more

Re: docx4j initialization errors due to JVM security manager

PostPosted: Thu May 15, 2014 8:19 am
by jason
Interesting. Which could provider?

Let us know how you go.

If necessary, it may be possible to avoid the checks by modifying docx4j so that it reads a config file which specifies the jaxb implementation, rather than trying to work out for itself which JAXB implementation is present.
All times are UTC + 10 hours [ DST ]
Page 1 of 1
Powered by phpBB © 2000, 2002, 2005, 2007 phpBB Group
http://www.phpbb.com/