We are developing the application that requires loading images from the
net. Some sort of news reader. Several times I saw the following
exception on our logs:
---
java.lang.SecurityException
at java.lang.SecurityManager.checkPermission(Unknown Source)
at java.lang.SecurityManager.checkConnect(Unknown Source)
at sun.awt.image.URLImageSource.checkSecurity(Unknown Source)
at sun.awt.image.ToolkitImage.getHeight(Unknown Source)
...
---
It happens only to some images, I must admit. I decompiled the
ToolkitImage and URLImageSource classes to see what are the parameters
and found that security context is always set to NULL and the default
SecurityManager implementation throws SecurityException if the context
is not of an AccessControlContext type. In other words, it means that
there should always be an exception, but there's not and it's puzzling
me a bit.
Anyway, the main question is connected with what I decided to do. I
decided to install my own SecurityManager implementation on application
startup through the System.setSecurityManager() call. My implementation
*never* throws SecurityException. I realize that some security managers
installed by the system before my re-installation attempt could refuse
to be replaced, but it's not the point. I'm feeling a bit uneasy about
whether there are any negative implications connected with a security
manager always saying 'Yes'. Does anyone have any experience with this?
_______________________________________________
Do not post admin requests to the list. They will be ignored.
Java-dev mailing list (email@hidden)
Help/Unsubscribe/Update your Subscription:
http://lists.apple.com/mailman/options/java-dev/email@hidden
