Hello Everyone, We are using JNLP for one of our swing apps. We decided to try and add kotlin coroutines to the app and found that somehow the security settings of Java/JNLP stopped working as expected. We found all sorts of security exceptions started happening of the form

java.security.AccessControlException: access denied ("java.util.PropertyPermission" "os.name" "read")

. We were able to mitigate some of them by wrapping certain calls in

AccessController.doPrivileged(...)

, but that only pushed the problem furthe down and eventually we got NullPointerExceptions deep in our swing code

java.lang.NullPointerException
               at javax.swing.SizeRequirements.calculateAlignedPositions(Unknown Source)
               at javax.swing.BoxLayout.layoutContainer(Unknown Source)
               at java.awt.Container.layout(Unknown Source)
               at java.awt.Container.doLayout(Unknown Source)
               at java.awt.Container.validateTree(Unknown Source)
               at java.awt.Container.validateTree(Unknown Source)
               at java.awt.Container.validate(Unknown Source)
               at java.awt.CardLayout.first(Unknown Source)

Once we reverted the code back to using SwingWorker all those security exceptions disappeared. We are using Oracle Java 8 build 162 with kotlin 1.2.21 and coroutines swing version 0.22. Please let me know if this is a known problem and if I should bother trying to create a bug report for Jetbrains. Many thanks.

Hi @nikolaymetchev, I don't know much about the context, but I'm wondering if you're getting exceptions because some access to some parts of the JNLP framework are confined to certain threads. Could you provide us more information about this?

We are creating on fat jar which pulls in all dependencies. This jar is then signed with our trusted key. As far as JNLP is concerned everything is the same context and it is signed and trusted. The JNLP itself has the following security tag

<security>
    <all-permissions/>
  </security>

It would be great if you find a way to reproduce this problem on a self-contained example. If that’s related to your use of

kotlinx.coroutines

library, then, please report it to http://github.com/kotlin/kotlinx.coroutines/issues

Thanks @elizarov, I need to find time to create a simple version of the problem. I'm quite busy at the moment, but I promise to do it as soon as I can.