commons-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
Subject [jira] Closed: (JELLY-90) SecurityException when using Jelly in applet or JAWS sandbox
Date Thu, 12 Aug 2004 07:37:19 GMT

   The following issue has been closed.

   Resolver: dion gillard
       Date: Thu, 12 Aug 2004 12:36 AM

Done before
View the issue:

Here is an overview of the issue:
        Key: JELLY-90
    Summary: SecurityException when using Jelly in applet or JAWS sandbox
       Type: Bug

     Status: Closed
   Priority: Major
 Resolution: FIXED

    Project: jelly
             core / taglib.core
   Fix Fors:

   Reporter: Scott Howlett

    Created: Mon, 6 Oct 2003 11:32 AM
    Updated: Thu, 12 Aug 2004 12:36 AM

Using Jelly in a sandboxed Java Web Start application or an applet raises a SecurityException
because a JellyContext calls system.getProperties() when it is initialized to set up the "systemScope"
context variable.

Placing that statement inside a try / catch block that swallows the SecurityException solves
the problem for me.

Of course this means that "systemScope" is unavailable in these contexts, but that seems to
be a fair compromise, especially since findVariable() does a System.getProperty() as a last
resort anyway (and this one *is* properly encased in a block that catches SecurityException).

The relevant bit of code is JellyContext.init:

    private void init() {
        variables.put("context", this);
        try {
            variables.put("systemScope", System.getProperties());
        catch (SecurityException e) {
            // ignore security exceptions

This message is automatically generated by JIRA.

If you think it was sent incorrectly contact one of the administrators:

If you want more information on JIRA, or have a bug to report see:

To unsubscribe, e-mail:
For additional commands, e-mail:

View raw message