Modify ↓
Opened 7 years ago
Closed 7 years ago
#15783 closed defect (fixed)
SecurityException prevents JOSM to start with Java 9 / WebStart
Reported by: | Don-vip | Owned by: | team |
---|---|---|---|
Priority: | major | Milestone: | 18.01 |
Component: | Core Webstart | Version: | |
Keywords: | security java9 nashorn | Cc: |
Description
While trying to investigate #15782 I played with WebStart and found a situation when JOSM cannot start with Java 9 (no problem with Java 10, but...)
Non blocking error, only on console:
2018-01-15 23:35:21.567 SEVERE: java.security.KeyStoreException: Windows-ROOT not found. Cause: java.security.NoSuchAlgorithmException: Error constructing KeyStore for Windows-ROOT using SunMSCAPI. Cause: java.lang.SecurityException: attempt to add a Permission to a readonly Permissions object java.security.KeyStoreException: Windows-ROOT not found at java.base/java.security.KeyStore.getInstance(KeyStore.java:878) at org.openstreetmap.josm.tools.PlatformHookWindows.getRootKeystore(PlatformHookWindows.java:337) at org.openstreetmap.josm.tools.PlatformHookWindows.getX509Certificate(PlatformHookWindows.java:443) at org.openstreetmap.josm.io.CertificateAmendment.addMissingCertificates(CertificateAmendment.java:147) at org.openstreetmap.josm.gui.MainApplication.mainJOSM(MainApplication.java:966) at org.openstreetmap.josm.gui.MainApplication$2.processArguments(MainApplication.java:279) at org.openstreetmap.josm.gui.MainApplication.main(MainApplication.java:846) at java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke0(Native Method) at java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62) at java.base/jdk.internal.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43) at java.base/java.lang.reflect.Method.invoke(Method.java:564) at jdk.javaws@9.0.1/com.sun.javaws.Launcher.executeApplication(Launcher.java:1741) at jdk.javaws@9.0.1/com.sun.javaws.Launcher.executeMainClass(Launcher.java:1677) at jdk.javaws@9.0.1/com.sun.javaws.Launcher.doLaunchApp(Launcher.java:1525) at jdk.javaws@9.0.1/com.sun.javaws.Launcher.run(Launcher.java:158) at java.base/java.lang.Thread.run(Thread.java:844) Caused by: java.security.NoSuchAlgorithmException: Error constructing KeyStore for Windows-ROOT using SunMSCAPI at jdk.crypto.mscapi/sun.security.mscapi.SunMSCAPI$ProviderService.newInstance(SunMSCAPI.java:120) at java.base/sun.security.jca.GetInstance.getInstance(GetInstance.java:236) at java.base/sun.security.jca.GetInstance.getInstance(GetInstance.java:164) at java.base/java.security.Security.getImpl(Security.java:697) at java.base/java.security.KeyStore.getInstance(KeyStore.java:875) ... 15 more Caused by: java.lang.SecurityException: attempt to add a Permission to a readonly Permissions object at java.base/java.security.Permissions.add(Permissions.java:128) at java.base/java.security.Policy.addStaticPerms(Policy.java:702) at java.base/java.security.Policy.getPermissions(Policy.java:689) at java.base/java.security.Policy.implies(Policy.java:737) at java.base/java.security.ProtectionDomain.implies(ProtectionDomain.java:323) at java.base/java.security.ProtectionDomain.impliesWithAltFilePerm(ProtectionDomain.java:355) at java.base/java.security.AccessControlContext.checkPermission(AccessControlContext.java:450) at java.base/java.security.AccessController.checkPermission(AccessController.java:895) at java.base/java.lang.SecurityManager.checkPermission(SecurityManager.java:558) at jdk.javaws@9.0.1/com.sun.javaws.security.JavaWebStartSecurity.checkPermission(JavaWebStartSecurity.java:237) at java.base/java.lang.SecurityManager.checkPropertyAccess(SecurityManager.java:1302) at java.base/java.lang.System.getProperty(System.java:774) at jdk.crypto.mscapi/sun.security.mscapi.KeyStore.lambda$new$0(KeyStore.java:205) at java.base/java.security.AccessController.doPrivileged(Native Method) at jdk.crypto.mscapi/sun.security.mscapi.KeyStore.<init>(KeyStore.java:204) at jdk.crypto.mscapi/sun.security.mscapi.KeyStore$ROOT.<init>(KeyStore.java:62) at jdk.crypto.mscapi/sun.security.mscapi.SunMSCAPI$ProviderService.newInstance(SunMSCAPI.java:91) ... 19 more
Blocking error, JOSM fails to start:
java.lang.SecurityException: attempt to add a Permission to a readonly Permissions object at java.base/java.security.Permissions.add(Permissions.java:128) at java.base/java.security.Policy.addStaticPerms(Policy.java:702) at java.base/java.security.Policy.getPermissions(Policy.java:689) at java.base/java.security.Policy.implies(Policy.java:737) at java.base/java.security.ProtectionDomain.implies(ProtectionDomain.java:323) at java.base/java.security.ProtectionDomain.impliesCreateAccessControlContext(ProtectionDomain.java:401) at java.base/java.security.AccessController.doPrivileged(Native Method) at jdk.scripting.nashorn/jdk.nashorn.internal.runtime.options.Options.getBooleanProperty(Options.java:154) at jdk.scripting.nashorn/jdk.nashorn.internal.runtime.options.Options.getBooleanProperty(Options.java:179) at jdk.scripting.nashorn/jdk.nashorn.internal.runtime.Context.<clinit>(Context.java:361) at jdk.scripting.nashorn/jdk.nashorn.api.scripting.NashornScriptEngineFactory.getScriptEngine(NashornScriptEngineFactory.java:150) at java.scripting/javax.script.ScriptEngineManager.getEngineByName(ScriptEngineManager.java:238) at org.openstreetmap.josm.data.validation.tests.OpeningHourTest.<clinit>(OpeningHourTest.java:38) at java.base/jdk.internal.reflect.NativeConstructorAccessorImpl.newInstance0(Native Method) at java.base/jdk.internal.reflect.NativeConstructorAccessorImpl.newInstance(NativeConstructorAccessorImpl.java:62) at java.base/jdk.internal.reflect.DelegatingConstructorAccessorImpl.newInstance(DelegatingConstructorAccessorImpl.java:45) at java.base/java.lang.reflect.Constructor.newInstance(Constructor.java:488) at org.openstreetmap.josm.data.validation.OsmValidator.addTest(OsmValidator.java:151) at org.openstreetmap.josm.data.validation.OsmValidator.<clinit>(OsmValidator.java:159) at org.openstreetmap.josm.Main$InitializationTask.call(Main.java:254) at org.openstreetmap.josm.Main$InitializationTask.call(Main.java:233) at java.base/java.util.concurrent.FutureTask.run(FutureTask.java:264) at java.base/java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1167) at java.base/java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:641) at java.base/java.lang.Thread.run(Thread.java:844)
Attachments (0)
Change History (3)
comment:1 by , 7 years ago
Keywords: | nashorn added |
---|
comment:2 by , 7 years ago
comment:3 by , 7 years ago
Resolution: | → fixed |
---|---|
Status: | new → closed |
Note:
See TracTickets
for help on using tickets.
In 13331/josm: