Access to Java class “byte” is prohibited.

This topic has 7 replies, 3 voices, and was last updated 3 weeks, 1 day ago by Jatinder Singh (AcceptingNewProjects).

  • Author
  • #28230

    In a groovy Script (OAth2 Access Token Modification), I’m trying to set a Authorization Header with the “Basic” scheme, like this:

    import org.forgerock.util.encode.Base64
    request.headers.add("Authorization", "Basic " + Base64.encode("user:test".bytes) )

    And getting the following exception:

    org.forgerock.openam.scripting.ThreadPoolScriptEvaluator:08/27/2020 02:07:37:140 PM CEST: Thread[http-bio-,5,main]: TransactionId[94db24b1-cd74-4a4c-8d8d-475af25ccab0-387545]
    ERROR: Script terminated with exception
    java.util.concurrent.ExecutionException: javax.script.ScriptException: javax.script.ScriptException: java.lang.SecurityException: Access to Java class "byte" is prohibited.

    I looked in the “Java class whitelist” and java.lang.Byte was there, I even added java.lang.Byte.TYPE to no avail.

    Product & Version: ForgeRock Access Management


    Primitive types like byte doesn’t (or shouldn’t) need to be whitelisted. I tried reproducing this in v6.5.2.3 and was able to reproduce. However, it’s not a problem in v7 and works as intended. I don’t have an immediate answer but this may be a problem with the underlying Groovy Sandbox.

     Scott Heger

    Probably related to which would explain why it works in v7.


    I forgot to link these bugs. Your issue might be related to the below JIRA bugs:

    So, the issue seem to have been resolved in v6.5.3+. If upgrading is not an answer in your scenario, you may want to open a ticket and see if a patch can be provided.


     Scott Heger



    Adding byte to the whitelist solved it.


    +1. Thanks for sharing.

Viewing 8 posts - 1 through 8 (of 8 total)

You must be logged in to reply to this topic.

©2020 ForgeRock - we provide an identity and access platform to secure every online relationship for the enterprise market, educational sector and even entire countries. Click to view our privacy policy and terms of use.

Log in with your credentials

Forgot your details?