PreviousNext…

The JVM in 9.0.1

With the release of version 9.0.1, IBM have updated the Domino JVM to release 6 SR14. This is important, because SR14 brings some new security requirements with it. You can read the detail in the relevant technote, Security Bulletin: IBM Notes & Domino fixes for multiple vulnerabilities in IBM JRE. When I tried to run some code that uses FOP to render a PDF, I felt the impact of this change. Given that XML processing is a pretty common requirement in Domino Java agents the world over, you may want to do some testing.

Fortunately, for once there are no weird error messages involved. You get something pretty straightforward and “actionable”:

Use of the extension element '<element>' is not allowed when Java security is 
enabled. To override this, set the 
com.ibm.xtq.processor.overrideSecureProcessing property to true. 
This override only affects XSLT processing.

(Replace element with what ever extension your code uses—in my case this is a docx4j PDF converter).

So, as the error suggests, you need to modify system properties. There are a number of ways you can do this of course, depending on the platform and your organisation’s environment. Me, I tweaked the relevant property directly in the boot-strapping code for my agent:

System.setProperty("com.ibm.xtq.processor.overrideSecureProcessing", "true");

// Then if you want to review system props, ensure they're set:
Properties props = System.getProperties();
System.out.println("System properties now: " + props.toString(), 1);

Read more: Java system properties tutorial.

Comments on this post are now closed.

About

I’m a software architect / developer / general IT wrangler specialising in web, mobile web and middleware using things like node.js, Java, C#, PHP, HTML5 and more.

Best described as a simpleton, but kindly. You can read more here.

";