java.security.AccessControlException : access denied (java.util.PropertyPermission http.agent read)

Question

I have a non-signed java applet interacting with the same host. Every time I click on an element in my page, the applet (which is a third part applet I have no control on) should load data from a URL. I say should, because for some files, I get

java.security.AccessControlException : access denied (java.util.PropertyPermission http.agent read)

and some other files are correctly loaded. All files are correctly readable and downloadable from the web server, and they are very simple text files.

I also found that, in some cases, files that previously returned the error are now loaded and continue to load, so it seems a cache is involved somehow.

Does any of you have an idea of what's going on here ? The behavior seems to be absolutely random, and I have no way of performing debug on this thing. Note: I used this applet to perform many other "single shot" file access, and it never gave me any problem. The only apparent difference I have is that now I do it "on-demand" via a javascript event.

What could be the cause, in the java of the applet or anywhere else ?

Answer 1

The applet is broken. It is trying to access the value of a property that the sandbox security rules say that it cannot.

Report this to the supplier of the applet, and ask for a bug fix or workaround.

Answer 2

Some http and https URL handlers use the http.agent to set the User-Agent header.

The correct way to handle this would be to make a copy of this particular system property available whether the permission is granted or not (as with a number of others). However, what has been done is to add it on to the permissions give to applets and JNLP apps. This means that if any code is loaded through another mechanism (say a call from JavaScript over LiveConnect), it wont have the permissions and there might be a failure. If the item is already cached, then there wont be a need to write a HTTP header, and therefore the property need not be read.