Correct server side java.lang.SecurityException

HCL Domino Domino Forum
1

I have an agent I am building in Java (with the Java 1.5 option turned on) on a x64 Windows 2003 server running Domino 8.5.

The agent is a generic CSV file importer for Notes databases.

It triggers the following Java exception:

[

]


java.lang.SecurityException: not allowed to access or modify file: C:\WINDOWS\TEMP\eo61913801tm


	 at java.lang.Throwable.(Throwable.java:67)

	 at lotus.notes.AgentSecurityManager.checkRead(Unknown Source)

	 at java.io.File.exists(File.java:744)

	 at lotus.domino.local.EmbeddedObject.getTempFile(Unknown Source)

	 at lotus.domino.local.EmbeddedObject.getReader(Unknown Source)

	 at mojo.importer.MailController.processEmbeds(MailController.java:262)



[
]

when attempting to execute this code:

[

]


private void processEmbeds(List allEmbedded)


throws NotesException {

	

	

	try {

				

		//System.out.println("processEmbeds: begins, allEmbedded.size=" 

		//		+ Integer.toString(allEmbedded.size()));

		

		

		for (@SuppressWarnings("unchecked") Iterator<EmbeddedObject> it = allEmbedded.iterator(); it.hasNext(); ) {

			

			EmbeddedObject obj = null;

			try {

				obj = it.next();

				

				if (obj.getType() == EmbeddedObject.EMBED_ATTACHMENT) {

											

					//Map<String, Object> m = new HashMap<String, Object>();

					//m.put("FileSize", new Integer(obj.getFileSize()));

					//m.put("Name", obj.getName());

					

					//System.out.println("processEmbeds: " + Json.encode(m));		

					

					//doTheReaderThing(obj.getReader());

					

					Reader reader = obj.getReader();  // ***** TRIGGERS EXCEPTION *****

					

					importFile(reader, obj.getName());



							

				}

				else {

					//System.out.println("processEmbeds: Non attach embed");

						

				}

			} 

			finally {

				if (obj != null) {

					obj.recycle();

				}

			}

							

		}

	}

	finally {

		//System.out.println("processEmbeds: ends");

	}

}



[
]

The problematic line is marked. This agent executes successfully on workstations, but it needs to run as a scheduled agent server side (since it acts on inbound emails).

I have placed groups containing the agent signer (myself) in the server document’s Run unrestricted methods and operations and Run restricted LotusScript/Java agents fields.

Obviously, the Java security manager is rejecting the file read operation (for the temporary file it just created!), but I cannot figure out how to tell Domino to tell the security manager what operations are permitted.

How can I configure my server/agent/security manager to permit this operation?

Thanks very much.

(I apologize for the ugy formatting, the forum doesn’t allow much flexibility).

2

Subject: Runtime security level

Have you selected in then “Runtime security level” on the properties’s agent tab the level 2 or 3?