In this tutorial we will discuss about SecurityException in Java. This exception is thrown by the security manager, in order to indicate a security violation.
The SecurityException class extends the RuntimeException class and thus, belongs to those exceptions that can be thrown during the operation of the Java Virtual Machine (JVM). It is an unchecked exception and thus, it does not need to be declared in a method’s or a constructor’s throws clause.
Finally the SecurityException class exists since the 1.0 version of Java.
The Structure of SecurityException
Constructors
SecurityException()SecurityException(String s)SecurityException(String message, Throwable cause)SecurityException(Throwable cause)
Creates an instance of the SecurityException class, setting null as its message.
Creates an instance of the SecurityException class, using the specified string as message. The string argument indicates the name of the class that threw the error.
Creates an instance of the SecurityException class, using the specified string as message and the specified Throwable as its cause.
Creates an instance of the SecurityException class, using the specified Throwable as its cause.
The SecurityException in Java
The SecurityException indicates that a security violation has occurred an thus, the application cannot be executed. A simple example is to use a package name that is already defined in Java.
For example, let’s create a simple hierarchy, where the parent directory is called java and the sub-directory is called util. Then, we create a sample Java class inside the java/util/ directory, which only prints a message:
Test.java:
package java.util;
class Test {
public static void main(String[] args) {
System.out.println("Hello World!");
}
}
We compile and execute our sample code by issuing the following commands:
javac java/util/Test.java java java.util.Test
A sample execution is shown below:
Exception in thread "main" java.lang.SecurityException: Prohibited package name: java.util at java.lang.ClassLoader.preDefineClass(ClassLoader.java:659) at java.lang.ClassLoader.defineClass(ClassLoader.java:758) at java.security.SecureClassLoader.defineClass(SecureClassLoader.java:142) at java.net.URLClassLoader.defineClass(URLClassLoader.java:455) at java.net.URLClassLoader.access$100(URLClassLoader.java:73) at java.net.URLClassLoader$1.run(URLClassLoader.java:367) at java.net.URLClassLoader$1.run(URLClassLoader.java:361) at java.security.AccessController.doPrivileged(Native Method) at java.net.URLClassLoader.findClass(URLClassLoader.java:360) at java.lang.ClassLoader.loadClass(ClassLoader.java:424) at sun.misc.Launcher$AppClassLoader.loadClass(Launcher.java:308) at java.lang.ClassLoader.loadClass(ClassLoader.java:357) at sun.launcher.LauncherHelper.checkAndLoadMain(LauncherHelper.java:495)
When the Java Virtual Machine (JVM) tries to load our class, it recognizes its package name as invalid and thus, a SecurityException is thrown.
How to deal with the SecurityException
- In the aforementioned case, it is sufficient to change the package name of your application, in order to be executed by the Java Virtual Machine (JVM). In general, you must avoid using package names that are reserved by Java.
- Sometimes, executing a
.jarfile can result in aSecurityExceptionbe possibly thrown. In such cases, you must verify that the.jarfile is properly signed, otherwise you will not be able to execute it. For more information on how to sign a.jarplease refer to the instructions here. - Finally, running an applet from an external source may also result in a
SecurityExceptionbe thrown. The most frequent reason is that Java applications are blocked by the underlying security settings. For more information on how to change these settings and how to update your Exception Site list, please refer to the instructions here.
thanks sir..
security exception is a rare topic i found in internet and the best of them are gets from your site..
Error: A JNI error has occurred, please check your installation and try again
Exception in thread “main” java.lang.SecurityException: no manifiest section for signature file entry javax/crypto/IllegalBlockSizeException.class
at sun.security.util.SignatureFileVerifier.verifySection(SignatureFileVerifier.java:440)
at sun.security.util.SignatureFileVerifier.processImpl(SignatureFileVerifier.java:295)
at sun.security.util.SignatureFileVerifier.process(SignatureFileVerifier.java:238)
at java.util.jar.JarVerifier.processEntry(JarVerifier.java:273)
at java.util.jar.JarVerifier.update(JarVerifier.java:228)
at java.util.jar.JarFile.initializeVerifier(JarFile.java:383)
at java.util.jar.JarFile.getInputStream(JarFile.java:450)
at sun.misc.URLClassPath$JarLoader$2.getInputStream(URLClassPath.java:940)
at sun.misc.Resource.cachedInputStream(Resource.java:77)
at sun.misc.Resource.getByteBuffer(Resource.java:160)
at java.net.URLClassLoader.defineClass(URLClassLoader.java:454)
at java.net.URLClassLoader.access$100(URLClassLoader.java:73)
at java.net.URLClassLoader$1.run(URLClassLoader.java:368)
at java.net.URLClassLoader$1.run(URLClassLoader.java:362)
at java.security.AccessController.doPrivileged(Native Method)
at java.net.URLClassLoader.findClass(URLClassLoader.java:361)
at java.lang.ClassLoader.loadClass(ClassLoader.java:424)
at sun.misc.Launcher$AppClassLoader.loadClass(Launcher.java:331)
at java.lang.ClassLoader.loadClass(ClassLoader.java:357)
at sun.launcher.LauncherHelper.checkAndLoadMain(LauncherHelper.java:495)
Getting this error in java project.
Thanks for posting this article. A lot of the File management files in the java.io package throw a SecurityException but never require it. Are some of times a SecurityException would be thrown is if the file had it’s access denied or if I pulled the flash drive out and the file was inaccessible? Or is that a different Exception that would handle those scenarios?