https://kotlinlang.org logo
#coroutines
Title
# coroutines
n

nikolaymetchev

01/28/2018, 8:04 PM
Hello Everyone, We are using JNLP for one of our swing apps. We decided to try and add kotlin coroutines to the app and found that somehow the security settings of Java/JNLP stopped working as expected. We found all sorts of security exceptions started happening of the form
Copy code
java.security.AccessControlException: access denied ("java.util.PropertyPermission" "os.name" "read")
. We were able to mitigate some of them by wrapping certain calls in
Copy code
AccessController.doPrivileged(...)
, but that only pushed the problem furthe down and eventually we got NullPointerExceptions deep in our swing code
Copy code
java.lang.NullPointerException
               at javax.swing.SizeRequirements.calculateAlignedPositions(Unknown Source)
               at javax.swing.BoxLayout.layoutContainer(Unknown Source)
               at java.awt.Container.layout(Unknown Source)
               at java.awt.Container.doLayout(Unknown Source)
               at java.awt.Container.validateTree(Unknown Source)
               at java.awt.Container.validateTree(Unknown Source)
               at java.awt.Container.validate(Unknown Source)
               at java.awt.CardLayout.first(Unknown Source)
Once we reverted the code back to using SwingWorker all those security exceptions disappeared. We are using Oracle Java 8 build 162 with kotlin 1.2.21 and coroutines swing version 0.22. Please let me know if this is a known problem and if I should bother trying to create a bug report for Jetbrains. Many thanks.
l

louiscad

01/28/2018, 9:57 PM
Hi @nikolaymetchev, I don't know much about the context, but I'm wondering if you're getting exceptions because some access to some parts of the JNLP framework are confined to certain threads. Could you provide us more information about this?
n

nikolaymetchev

01/28/2018, 10:04 PM
We are creating on fat jar which pulls in all dependencies. This jar is then signed with our trusted key. As far as JNLP is concerned everything is the same context and it is signed and trusted. The JNLP itself has the following security tag
Copy code
<security>
    <all-permissions/>
  </security>
e

elizarov

01/29/2018, 6:57 AM
It would be great if you find a way to reproduce this problem on a self-contained example. If that’s related to your use of
kotlinx.coroutines
library, then, please report it to http://github.com/kotlin/kotlinx.coroutines/issues
Though, frankly, at the moment I have not idea how it can be related.
n

nikolaymetchev

01/29/2018, 9:06 AM
Thanks @elizarov, I need to find time to create a simple version of the problem. I'm quite busy at the moment, but I promise to do it as soon as I can.
@elizarov I have managed to reproduce the bug: https://github.com/Kotlin/kotlinx.coroutines/issues/216
9 Views