Hi all, I am trying to deploy my gwt app to tomcat6 under ubuntu 9.10 and get the (i suppose known to many of you) "java.security.AccessControlException: access denied" error (Full exception can be found at the end). I have searched the net in general and found that the Java default security permissions are preventing the serializer from accessing my classes private members (they do have getters and setters) and that i should add to tomcat policy with a file at /etc/tomcat6/policy.d/60gwt.policy the following: grant codeBase "file:/var/lib/tomcat6/webapps/-" { permission java.security.AllPermission; }
Although i have done that (and i understand the implications) i still get the same error, no matter how many times i restart the server. The next step would problably be to disable tomcats security manager completely but this app will eventually go into production and i d like to know what's going on here. Also, i'd rather not make any member variables public... Any ideas? cheers
SEVERE: Exception while dispatching incoming RPC call java.security.AccessControlException: access denied (java.lang.reflect.ReflectPermission suppressAccessChecks) at java.security.AccessControlContext.checkPermission (AccessControlContext.java:323) at java.security.AccessController.checkPermission (AccessController.java:546) at java.lang.SecurityManager.checkPermission(SecurityManager.java: 532) at java.lang.reflect.AccessibleObject.setAccessible (AccessibleObject.java:107) at com.google.gwt.user.server.rpc.impl.ServerSerializationStreamWriter.seriali zeClass (ServerSerializationStreamWriter.java:694) at com.google.gwt.user.server.rpc.impl.ServerSerializationStreamWriter.seriali zeImpl (ServerSerializationStreamWriter.java:730) at com.google.gwt.user.server.rpc.impl.ServerSerializationStreamWriter.seriali zeClass (ServerSerializationStreamWriter.java:712) at com.google.gwt.user.server.rpc.impl.ServerSerializationStreamWriter.seriali zeImpl (ServerSerializationStreamWriter.java:730) at com.google.gwt.user.server.rpc.impl.ServerSerializationStreamWriter.seriali ze (ServerSerializationStreamWriter.java:612) at com.google.gwt.user.client.rpc.impl.AbstractSerializationStreamWriter.write Object (AbstractSerializationStreamWriter.java:129) at com.google.gwt.user.server.rpc.impl.ServerSerializationStreamWriter $ValueWriter$8.write(ServerSerializationStreamWriter.java:152) at com.google.gwt.user.server.rpc.impl.ServerSerializationStreamWriter.seriali zeValue (ServerSerializationStreamWriter.java:534) at com.google.gwt.user.server.rpc.RPC.encodeResponse(RPC.java:609) at com.google.gwt.user.server.rpc.RPC.encodeResponseForFailure (RPC.java:383) at com.google.gwt.user.server.rpc.RPC.invokeAndEncodeResponse (RPC.java:581) at com.google.gwt.user.server.rpc.RemoteServiceServlet.processCall (RemoteServiceServlet.java:188) at com.google.gwt.user.server.rpc.RemoteServiceServlet.processPost (RemoteServiceServlet.java:224) at com.google.gwt.user.server.rpc.AbstractRemoteServiceServlet.doPost (AbstractRemoteServiceServlet.java:62) at javax.servlet.http.HttpServlet.service(HttpServlet.java:637) at javax.servlet.http.HttpServlet.service(HttpServlet.java:717) at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) at sun.reflect.NativeMethodAccessorImpl.invoke (NativeMethodAccessorImpl.java:39) at sun.reflect.DelegatingMethodAccessorImpl.invoke (DelegatingMethodAccessorImpl.java:25) at java.lang.reflect.Method.invoke(Method.java:597) at org.apache.catalina.security.SecurityUtil$1.run(SecurityUtil.java: 269) at java.security.AccessController.doPrivileged(Native Method) at javax.security.auth.Subject.doAsPrivileged(Subject.java:517) at org.apache.catalina.security.SecurityUtil.execute (SecurityUtil.java:301) at org.apache.catalina.security.SecurityUtil.doAsPrivilege (SecurityUtil.java:162) at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter (ApplicationFilterChain.java:283) at org.apache.catalina.core.ApplicationFilterChain.access$000 (ApplicationFilterChain.java:56) at org.apache.catalina.core.ApplicationFilterChain$1.run (ApplicationFilterChain.java:189) at java.security.AccessController.doPrivileged(Native Method) at org.apache.catalina.core.ApplicationFilterChain.doFilter (ApplicationFilterChain.java:185) at org.apache.catalina.core.StandardWrapperValve.invoke (StandardWrapperValve.java:233) at org.apache.catalina.core.StandardContextValve.invoke (StandardContextValve.java:191) at org.apache.catalina.core.StandardHostValve.invoke (StandardHostValve.java:128) at org.apache.catalina.valves.ErrorReportValve.invoke (ErrorReportValve.java:102) at org.apache.catalina.core.StandardEngineValve.invoke (StandardEngineValve.java:109) at org.apache.catalina.connector.CoyoteAdapter.service (CoyoteAdapter.java:293) at org.apache.coyote.http11.Http11Processor.process (Http11Processor.java:849) at org.apache.coyote.http11.Http11Protocol $Http11ConnectionHandler.process(Http11Protocol.java:583) at org.apache.tomcat.util.net.JIoEndpoint$Worker.run(JIoEndpoint.java: 454) at java.lang.Thread.run(Thread.java:619)