Home/ Questions/Q 8444239
In Process

The Archive Base Latest Questions

Editorial Team
  • 0
Asked: 2026-06-10T09:21:20+00:00

I am trying to profile a sample program of JAAS which is here.(http://www.devx.com/getHelpOn/Article/9915/0/page/4). I

  • 0

I am trying to profile a sample program of JAAS which is here.(http://www.devx.com/getHelpOn/Article/9915/0/page/4). I downloaded the code and run it. Without profiling it runs just fine. The command to run that program looks like below:

java -cp SimpleAction.jar:SimpleAuthz.jar:SimpleLogMod.jar -Djava.security.manager -Djava.security.policy==SimpleJAAS.policy -Djava.security.auth.login.config==SimpleJAAS.config  com.gabhart.security.SimpleAuthz

But when I try to run it with java agent(to profile it), it gives me exception as below:

java.security.AccessControlException: access denied (java.util.PropertyPermission ch.usi.dag.jborat.liblist read)
    at java.security.AccessControlContext.checkPermission(AccessControlContext.java:374)
    at java.security.AccessController.checkPermission(AccessController.java:546)
    at java.lang.SecurityManager.checkPermission(SecurityManager.java:532)
    at java.lang.SecurityManager.checkPropertyAccess(SecurityManager.java:1285)
    at java.lang.System.getProperty(System.java:650)
    at ch.usi.dag.jborat.agent.JavaAgent.premain(JavaAgent.java:19)
    at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
    at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
    at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
    at java.lang.reflect.Method.invoke(Method.java:597)
    at sun.instrument.InstrumentationImpl.loadClassAndStartAgent(InstrumentationImpl.java:323)
    at sun.instrument.InstrumentationImpl.loadClassAndCallPremain(InstrumentationImpl.java:338)

however program runs fine, the profiler does not produce the output. I use the java profiler which not at all widely used. It profiles other java program/applications properly but not this one.

I use following command to run the sample JAAS program along with profiler: (Pl note that it is copied from the script file)

 **java  -javaagent:lib/jborat-agent.jar \
     -Dch.usi.dag.jborat.exclusionList="conf/exclusion.lst" \
      -Dch.usi.dag.jborat.liblist="conf/lib.lst" \
       -Dch.usi.dag.jp2.outputFilePrefix="JAAZexample_output" \
       -Dch.usi.dag.jborat.instrumentation="ch.usi.dag.jp2.instrument.AddInstrumentation" \
       -Dch.usi.dag.jp2.dumpers="ch.usi.dag.jp2.dump.xml.XmlDumper" \
         -Dch.usi.dag.jborat.codemergerList="conf/codemerger.lst" \
          -Xbootclasspath/p:./lib/Thread_JP2.jar:lib/jborat-runtime.jar:lib/jp2-runtime.jar/jp2.jar/jborat-agent.jar/jborat.jar**:SimpleAction.jar:SimpleAuthz.jar:SimpleLogMod.jar \
          -Djava.security.manager -Djava.security.policy==SimpleJAAS.policy \
          -Djava.security.auth.login.config==SimpleJAAS.config  com.gabhart.security.SimpleAuthz

Could someone please tell me why the specified exception is thrown and why does not my profiler produce output ?

Thanks.

Share

Leave an answer

You must login to add an answer.

Need An Account,

1 Answer

  1. Editorial Team

    You have enabled the SecurityManager (-Djava.security.manager) and specified a specific security policy (-Djava.security.policy==SimpleJAAS.policy). your agent’s code violates that security policy and therefore fails. you need to add a grant section to the policy file to allow the agent to do what it needs to do.

    for testing purposes, you could probably add something like this to your security policy (will allow the agent to do whatever it wants):

    grant codeBase "file:lib/jborat-agent.jar" {
  permission java.security.AllPermission;
};

    you may need to tweak the codeBase line to get all the necessary jars included.

    obviously, in a truly secure application, you probably wouldn’t want to do that, but would instead grant the agent the minimum privileges it needs to execute.

    • 0