Why AccessControlException: Access denied on getting session?

hcl-bot · December 8, 2009, 3:28am

We using a small servlet that works fine under domino 7.0 and 8.0.After the update to Lotus Notes 8.5 we got randomly a java exception and our application produces a http 500 error.

I’ve searched the forum an checked our installation path for case sensitive writing.

Here my stack trace from the console:

08.12.2009 08:24:34 HTTP JVM: java.security.AccessControlException: Access denied (java.lang.RuntimePermission getClassLoader)

08.12.2009 08:24:34 HTTP JVM: at java.security.AccessController.checkPermission(AccessController.java:108)

08.12.2009 08:24:34 HTTP JVM: at java.lang.SecurityManager.checkPermission(SecurityManager.java:545)

08.12.2009 08:24:34 HTTP JVM: at java.lang.Thread.getContextClassLoader(Thread.java:456)

08.12.2009 08:24:34 HTTP JVM: at lotus.domino.JavaConnectLoader.currentJCLoader(Unknown Source)

08.12.2009 08:24:34 HTTP JVM: at lotus.domino.JavaConnectLoader.currentSecurityContext(Unknown Source)

08.12.2009 08:24:34 HTTP JVM: at lotus.domino.local.Session.checkJavaConnect(Unknown Source)

08.12.2009 08:24:34 HTTP JVM: at lotus.domino.local.Session.createSession(Unknown Source)

08.12.2009 08:24:34 HTTP JVM: at lotus.domino.NotesFactory.createSession(Unknown Source)

08.12.2009 08:24:34 HTTP JVM: at com.iq.notes.NotesLogger.log(NotesLogger.java:40)

08.12.2009 08:24:34 HTTP JVM: at com.iq.notes.NotesLogger.setLogStartTime(NotesLogger.java:33)

08.12.2009 08:24:34 HTTP JVM: at com.iq.servlets.HttpDownload.doGet(HttpDownload.java:92)

08.12.2009 08:24:34 HTTP JVM: at javax.servlet.http.HttpServlet.service(HttpServlet.java:499)

08.12.2009 08:24:34 HTTP JVM: at javax.servlet.http.HttpServlet.service(HttpServlet.java:588)

08.12.2009 08:24:34 HTTP JVM: at lotus.domino.servlet.DominoServletInvoker.executeServlet(DominoServletInvoker.java:296)

08.12.2009 08:24:34 HTTP JVM: at lotus.domino.servlet.DominoServletInvoker.service(DominoServletInvoker.java:237)

08.12.2009 08:24:34 HTTP JVM: at lotus.domino.servlet.ServletManager.service(ServletManager.java:258)

08.12.2009 08:24:34 HTTP JVM: java.lang.NullPointerException: null

hcl-bot · July 12, 2010, 7:02am

Subject: Same problem

I’m seeing the same problem with a Java servlet. It is only occurring on a test/QA server, and works fine on two dev servers. They were all recently upgraded from 8.0 to 8.5.1, but so far I can’t find any configuration differences between them. A restart of HTTP sometimes resolves the issue, but not for long.

hcl-bot · December 27, 2010, 3:06pm

Subject: java.policy file

Hi,

we started receiving this occasionally with a servlet after upgrading from 8.5.2 to 8.5.2FP1.

Based on this:

I’ve added this:

grant {

permission java.lang.RuntimePermission “getClassLoader”;

}

to java.policy file, don’t know yet if that solves it.

Panu

hcl-bot · February 1, 2011, 5:27am

Subject: java.policy - security violation

I can see IBM/Lotus guys quite easily accept security violation by accepting EVERY java code to get class loader.This is not a good solution.

In our environment 8.5.1 FP4, this happens after some java agents running at night. A servlet which runs perfectly after telling http to quit and loading it again, after midnight often generates java.security.AccessControlException: Access denied (java.lang.RuntimePermission getClassLoader).