Spring 3.0.5 - java.awt.HeadlessException - com.trend.iwss.jscan

Question

I am migrating an application from 2.5.6 version to 3.0.5. First at all, I had to add the -Djava.awt.headless=true parameter to the virtual machine and when I r

Answer 1

This is the critical part:

at com.trend.iwss.jscan.runtime.NetworkPolicyRuntime.preFilter(NetworkPolicyRuntime.java:108)
at org.springframework.core.io.support.PropertiesLoaderUtils.loadAllProperties(PropertiesLoaderUtils.java:108)

You have some weird security software attached to your JVM, which is intercepting calls from Spring. It seems to be requiring that AWT is up and running, so that it can show a dialog box, which is moronic, and your headless config setting is making it fail.

Why did you add Djava.awt.headless=true to start with? What happens without it?

Answer 2

at com.trend.iwss.jscan.runtime.PolicyRuntime.showAllowDialog does say it all, some of the policy checking code wantts to show a confirm dialog, either the "jscan" lib is misconfigured or it is only intended for interactive use va a Swing UI. As it turned out in the discussion, the problem is caused by the code being run as an Java ppplet. The security restrictions for Applets cause the executing VM to interactively (via a SWING UI) ask the user for the permission of accessing local files. Local files and applets will hardly work anyway, so the best bet is that you need to bundle your resources (config files etc) into the applet jar and load them via the ClassLoader (e.g. getClass().getClassLoader().getResource("/path/to/props.properties"))

Answer 3

Today I faced the similar problem. I want to share my research, maybe it will be helpful for somebody.

The symptoms:

When you use any java software you get pop-up "Applet alert" "Applet is attempting to..." BUT you know that you don't use any applets.

If you press the "Stop Applet" button on pop-up or suppress pop-up using Djava.awt.headless=true or other way you will see in the log an error like

java.awt.HeadlessException
at java.awt.GraphicsEnvironment.checkHeadless(GraphicsEnvironment.java:159)
at java.awt.Window.<init>(Window.java:407)
at java.awt.Frame.<init>(Frame.java:402)
at java.awt.Frame.<init>(Frame.java:367)
at com.trend.iwss.jscan.runtime.BaseDialog.getActiveFrame(BaseDialog.java:75)
at com.trend.iwss.jscan.runtime.AllowDialog.make(AllowDialog.java:32)
at com.trend.iwss.jscan.runtime.PolicyRuntime.showAllowDialog(PolicyRuntime.java:325)
at com.trend.iwss.jscan.runtime.PolicyRuntime.stopActionInner(PolicyRuntime.java:240)
at com.trend.iwss.jscan.runtime.PolicyRuntime.stopAction(PolicyRuntime.java:172)
at com.trend.iwss.jscan.runtime.PolicyRuntime.stopAction(PolicyRuntime.java:165)
at com.trend.iwss.jscan.runtime.NetworkPolicyRuntime.checkURL(NetworkPolicyRuntime.java:284)
at com.trend.iwss.jscan.runtime.NetworkPolicyRuntime._preFilter(NetworkPolicyRuntime.java:164)
at com.trend.iwss.jscan.runtime.PolicyRuntime.preFilter(PolicyRuntime.java:132)
at com.trend.iwss.jscan.runtime.NetworkPolicyRuntime.preFilter(NetworkPolicyRuntime.java:108)
at org.springframework.core.io.support.PropertiesLoaderUtils.loadAllProperties(PropertiesLoaderUtils.java:108)
...

or

ActionServlet - Unable to initialize Struts ActionServlet due to an unexpected exception or error thrown, so marking the servlet as unavailable.  Most likely, this is due to an incorrect or missing library dependency. <com.trend.iwss.jscan.runtime.AppletTrapStopError: Applet disabled by IWSS Javascan site policy.>com.trend.iwss.jscan.runtime.AppletTrapStopError: Applet disabled by IWSS Javascan site policy.
    at com.trend.iwss.jscan.runtime.PolicyRuntime.stopApplet(PolicyRuntime.java:300)
    at com.trend.iwss.jscan.runtime.PolicyRuntime.stopActionInner(PolicyRuntime.java:254)
    at com.trend.iwss.jscan.runtime.PolicyRuntime.stopAction(PolicyRuntime.java:172)
    at com.trend.iwss.jscan.runtime.PolicyRuntime.stopAction(PolicyRuntime.java:165)
    at com.trend.iwss.jscan.runtime.NetworkPolicyRuntime.checkURL(NetworkPolicyRuntime.java:284)
    at com.trend.iwss.jscan.runtime.NetworkPolicyRuntime._preFilter(NetworkPolicyRuntime.java:164)
    at com.trend.iwss.jscan.runtime.PolicyRuntime.preFilter(PolicyRuntime.java:132)
    at com.trend.iwss.jscan.runtime.NetworkPolicyRuntime.preFilter(NetworkPolicyRuntime.java:108)
    at org.apache.commons.digester.Digester.createInputSourceFromURL(Digester.java:1971)
    ...

You can see that pop-up is created by the code from com.trend.iwss.jscan.runtime package.

The reason:

You are using jar that was downloaded from internet through Trend Micro InterScan Web Security Suite/Appliance proxy. This proxy make hooks in all jars that you download from internet, so that when they try to access files you see pop-up "Applet alert".

You may determine the affected jar by last stack-trace entrance before com.trend.iwss.jscan.runtime package. (In my case it is org.apache.commons.digester.Digester from commons-digester.jar, in masch's case it is org.springframework.core.io.support.PropertiesLoaderUtils from spring.jar)

Solution:

You have two options:

• You may download archived jar files. So they will not be affected by proxy.
• You may configure proxy not to modify downloading jar files.

Problem description on Trend Micro web site