Java.lang.SecurityException: invalid SHA1 signature file digest for com/cry

Similar Messages

• Java.lang.SecurityException: Invalid Subject: principals on ic.lookup

            Weblogic 7.0.1
            I establish two initialContext objects with credential like so:
            InitialContext ic = getInitialContext("t3://<ip>:<port>", "<username>",
            "<password>");
            InitialContext ic2 = getInitialContext("t3://<sameip>:<differentport>",
            "<username>", "<differentpassword>");
            protected InitialContext getInitialContext(String url, String user, String
            password) throws NamingException
            Hashtable env = new Hashtable();
            env.put(Context.INITIAL_CONTEXT_FACTORY, "weblogic.jndi.WLInitialContextFactory");
            env.put(Context.PROVIDER_URL, url);          
            env.put(Context.SECURITY_PRINCIPAL, user);
            env.put(Context.SECURITY_CREDENTIALS, password);
            return new InitialContext(env);
            Each of these servers has a jms queue I want to context to. When I try to do
            a lookup like this (ic):
            qconFactory = (QueueConnectionFactory) ic.lookup("my/Queue");
            I get this exception:
            java.lang.SecurityException: Invalid Subject: principals=[system2, Administrators]
            at weblogic.security.service.SecurityServiceManager.seal(SecurityServiceManager.java:943)
            at weblogic.rjvm.MsgAbbrevInputStream.getSubject(MsgAbbrevInputStream.java:147)
            at weblogic.rmi.internal.BasicServerRef.handleRequest(BasicServerRef.java:309)
            at weblogic.rmi.internal.BasicExecuteRequest.execute(BasicExecuteRequest.java:30)
            at weblogic.kernel.ExecuteThread.execute(ExecuteThread.java:153)
            at weblogic.kernel.ExecuteThread.run(ExecuteThread.java:134)
            End server side stack trace
            Here is the bad issue. The second lookup works (ic2):
            qconFactory = (QueueConnectionFactory) ic2.lookup("my/Queue");
            As a matter of fact if I try to create more contexts the last context always seems
            to work. Also if I do each of these lookups in a separate application they both
            work. Any ideas?
            

  Hi John,
            There may be a bug, but the fact that some code works in a previous
            version does not necessarily make this a given. For example, a new
            release may restrict applications based on a refinement or clarification
            in a J2EE spec. (Although in general, we try to make such changes
            without breaking current customer code.) Another example is an
            application that unknowingly depends on a bug that was in the previous
            version. That said, this is unrelated to JMS, as the exception occurs
            on a jndi lookup before any JMS code is invoked - I suggest posting to
            the security newsgroup and perhaps raising the issue with customer
            support.
            Tom, BEA
            john hutchinson wrote:
            > The code below works with other versions of WebLogic. It just doesn't work with
            > WebLogic7.0. I don't understand what one context object has to do with another.
            > The code below indicates two different context object. I can also catch the
            > exception when it is thrown re-establish the first context after the second works
            > and use then use the first so that would be useless security. So either there
            > is a bug in WebLogic's use of contexts or there is a bug in there security model.
            > If it works I've attached a sample application that does this.
            >
            >
            > Tom Barnes <[email protected]> wrote:
            >
            >>As with all versions of WebLogic, the security context is
            >>associated with the thread. So establishing a new one
            >>will replace the previous context associated with
            >>the thread. For more detailed information
            >>post to the weblogic.developer.interest.security newsgroup.
            >>
            >>Tom, BEA
            >>
            >>john hutchinson wrote:
            >>
            >>>Weblogic 7.0.1
            >>>
            >>>I establish two initialContext objects with credential like so:
            >>>
            >>> InitialContext ic = getInitialContext("t3://<ip>:<port>",
            >>
            >>"<username>",
            >>
            >>>"<password>");
            >>> InitialContext ic2 = getInitialContext("t3://<sameip>:<differentport>",
            >>>"<username>", "<differentpassword>");
            >>>
            >>> protected InitialContext getInitialContext(String url, String user,
            >>
            >>String
            >>
            >>>password) throws NamingException
            >>> {
            >>> Hashtable env = new Hashtable();
            >>> env.put(Context.INITIAL_CONTEXT_FACTORY, "weblogic.jndi.WLInitialContextFactory");
            >>> env.put(Context.PROVIDER_URL, url);          
            >>> env.put(Context.SECURITY_PRINCIPAL, user);
            >>> env.put(Context.SECURITY_CREDENTIALS, password);
            >>> return new InitialContext(env);
            >>> }
            >>>
            >>>Each of these servers has a jms queue I want to context to. When I
            >>
            >>try to do
            >>
            >>>a lookup like this (ic):
            >>>qconFactory = (QueueConnectionFactory) ic.lookup("my/Queue");
            >>>
            >>>I get this exception:
            >>>
            >>>java.lang.SecurityException: Invalid Subject: principals=[system2,
            >>
            >>Administrators]
            >>
            >>> at weblogic.security.service.SecurityServiceManager.seal(SecurityServiceManager.java:943)
            >>> at weblogic.rjvm.MsgAbbrevInputStream.getSubject(MsgAbbrevInputStream.java:147)
            >>> at weblogic.rmi.internal.BasicServerRef.handleRequest(BasicServerRef.java:309)
            >>> at weblogic.rmi.internal.BasicExecuteRequest.execute(BasicExecuteRequest.java:30)
            >>> at weblogic.kernel.ExecuteThread.execute(ExecuteThread.java:153)
            >>> at weblogic.kernel.ExecuteThread.run(ExecuteThread.java:134)
            >>>End server side stack trace
            >>>
            >>>Here is the bad issue. The second lookup works (ic2):
            >>>qconFactory = (QueueConnectionFactory) ic2.lookup("my/Queue");
            >>>
            >>>As a matter of fact if I try to create more contexts the last context
            >>
            >>always seems
            >>
            >>>to work. Also if I do each of these lookups in a separate application
            >>
            >>they both
            >>
            >>>work. Any ideas?
            >>>
            >>
            

• Configuring basic authentication in Jboss - java.lang.SecurityException

  Hi All,
  I am a jboss newbie and need to a simple username/password challenge to pop up when someone accesses my web app deployed on jboss. I was looking at UsersRolesLoginModule. I am using jboss-3.2.3 with jetty-4.2.14.
  All I did was the following 3 things.
  1) server/MyServer/conf/login-conf.xml
  Code:
  <?xml version='1.0'?>
  <!DOCTYPE policy PUBLIC
  "-//JBoss//DTD JBOSS Security Config 3.0//EN"
  "http://www.jboss.org/j2ee/dtd/security_config.dtd">
  <policy>
  <application-policy name = "myUsersRolesModule">
  <authentication>
  <login-module code="org.jboss.security.auth.spi.UsersRolesLoginModule"
  flag = "true" >
  <module-option name="hashAlgorithm">MD5</module-option>
  </login-module>
  </authentication>
  </application-policy>
  </policy>
  2) Create a users.properties file in the conf folder with the following entry.
  anand=kasi.
  3) Create a roles.properties file in the conf folder with the following entry
  anand=admin
  When Jboss starts up, I get the following exception.
  22:15:35,255 ERROR [PersistenceManager] Starting failed
  java.lang.SecurityException: Invalid authentication attempt, principal=null
  at org.jboss.resource.connectionmanager.BaseConnectionManager2.getSubjec
  t(BaseConnectionManager2.java:647)
  at org.jboss.resource.connectionmanager.BaseConnectionManager2.allocateC
  onnection(BaseConnectionManager2.java:476)
  Where do I set the principal. Is that the same as username????
  What am I not doing or doing wrong?? Any suggestions/pointers are highly appreciated. Any alternate solutions?? The simpler the better.
  Regards.
  Andy.

  You missing a option
  <module-option name="unauthenticatedIdentity">Anonymous</module-option>
  .

• Java.lang.SecurityException: SHA1 digest error

  Hi,
  I am trying to use pack200 on the signed jar file and it fails.
  I use the following steps:
  1. pack200 --repack --segment-limit=-1 --strip-debug test.jar
  2. jarsiner ... (long command to sign my JAR file)
  3. pack200 test.jar.pack.gz test.jarI have both files on the server and JNLPDownloadServlet finds compressed file and sends to to the client.
  The client can not validate signature
  com.sun.deploy.net.JARSigningException: Could not verify signing in resource:
  Wrapped exception is:
  java.lang.SecurityException: SHA1 digest error fo
  There is Bug opened: [5078608|http://bugs.sun.com/bugdatabase/view_bug.do?bug_id=5078608] but the workaround does not in 1.6.0.16 or 1.6.0.18.
  Any advice?

  Hi,
  same problem with java 1.6 on Windows XP
  "java.lang.SecurityException: SHA1 digest error for ..."
  Sometimes when I re-build and sign my jar using "jarsigner -verifier" to verify, it is not correctly deployed with java web start because one resource SHA1 digest has got an error.
  May be size of some binary resources in it (>20M) can have an effect ...
  Does anybody have an idea ?

• Java.lang.SecurityException using a simple jar file

  I created my small application using JDev 11.
  Running from JDev it works well.
  I created a simple jar file including all my classes and all libraries I used.
  Whe I try to run that jar file I get :
  java.lang.SecurityException: no manifiest section for signature file entry javax/mail/internet/AsciiOutputStream.classI didn't find any solution.
  I worked hardly with JDev 10g but I never had such problem.
  Tks
  Tullio
  Edited by: tullio0106 on Nov 25, 2008 2:22 PM

  I simply created a project containing some classes whish use java mail.
  Then I modified the project creating, in the deployment wizard, a "Dependency Analysis" filegroup adding all my classes as well as libraries.
  I uncheck the "Include Manifest" chek otherwise I would run into different problems (well documented in the forum).
  The jar file is created but when I run the application I get the Security error.
  If I remove java mail libraries (activation and java mail)from the list of used libraries and I add it to classpath it works fine.
  I suspect the problem could be in Manifes merging.
  Tks
  Tullio

• Java.lang.SecurityException: [Security:090398]Invalid Subject: WEBLOGIC 9.1

  Hi
  I am getting this error when I am making an EJB method which resides in a different weblogic 9.1 server.
  I have enaled the trust between my two domains. Set the required class path settings.
  My client call is from a JSP , say client.jsp.
  Here I get remote object of the EJB and calls the required method
  Now
  1) My EJB calls are succesful when I DO NOT secure it
  2) but when I make it is secured , ie when I
  include the jsp in secured URL ie. under <security-constraint><url-pattern>client.jsp</> in web.xml
  , it gives me the follwing error
  The stack trace is given below
  java.lang.SecurityException: [Security:090398]Invalid Subject: principals=[com.ebreviate.security.wl9realm.EBRUser@a09a08, ess, everyone]
  at weblogic.rjvm.ResponseImpl.unmarshalReturn(ResponseImpl.java:191)
  at weblogic.rmi.cluster.ClusterableRemoteRef.invoke(ClusterableRemoteRef.java:315)
  at weblogic.rmi.cluster.ClusterableRemoteRef.invoke(ClusterableRemoteRef.java:250)
  at weblogic.jndi.internal.ServerNamingNode_910_WLStub.lookup(Unknown Source)
  at weblogic.jndi.internal.WLContextImpl.lookup(WLContextImpl.java:374)
  Truncated. see log file for complete stacktrace
  Any idea why it is ?
  Please let me know
  Thanks
  Binu
  Edited by binurajkr at 01/25/2008 4:36 AM

  Hi. Contact official BEA Support. This is likely
  to be a known issue with a patch available to fix it.
  Joe
  binu raj wrote:
  Hi
  I am getting this error when I am making an EJB method which resides in a different weblogic 9.1 server.
  I have enaled the trust between my two domains. Set the required class path settings.
  My client call is from a JSP , say client.jsp.
  Here I get remote object of the EJB and calls the required method
  Now
  1) My EJB calls are succesful when I DO NOT secure it
  2) but when I make it is secured , ie when I
  include the jsp in secured URL ie. under <security-constraint><url-pattern>client.jsp</> in web.xml
  , it gives me the follwing error
  The stack trace is given below
  java.lang.SecurityException: [Security:090398]Invalid Subject: principals=[com.ebreviate.security.wl9realm.EBRUser@a09a08, ess, everyone]
  at weblogic.rjvm.ResponseImpl.unmarshalReturn(ResponseImpl.java:191)
  at weblogic.rmi.cluster.ClusterableRemoteRef.invoke(ClusterableRemoteRef.java:315)
  at weblogic.rmi.cluster.ClusterableRemoteRef.invoke(ClusterableRemoteRef.java:250)
  at weblogic.jndi.internal.ServerNamingNode_910_WLStub.lookup(Unknown Source)
  at weblogic.jndi.internal.WLContextImpl.lookup(WLContextImpl.java:374)
  Truncated. see log file for complete stacktrace
  Any idea why it is ?
  Please let me know
  Thanks
  Binu
  Edited by binurajkr at 01/25/2008 4:36 AM

• Java.lang.SecurityException: [Security:090398]Invalid Subject

  Hi
            I am getting this error when I am making an EJB method which resides in a different weblogic 9.1 server.
            I have enaled the trust between my two domains. Set the required class path settings.
            My client call is from a JSP , say client.jsp.
            Here I get remote object of the EJB and calls the required method
            Now
            1) My EJB calls are succesful when I DO NOT secure it
            2) but when I make it is secured , ie when I
            include the jsp in secured URL ie. under <security-constraint><url-pattern>client.jsp</> in web.xml
            , it gives me the follwing error
            The stack trace is given below
            java.lang.SecurityException: [Security:090398]Invalid Subject: principals=[com.ebreviate.security.wl9realm.EBRUser@a09a08, ess, everyone]
            at weblogic.rjvm.ResponseImpl.unmarshalReturn(ResponseImpl.java:191)
            at weblogic.rmi.cluster.ClusterableRemoteRef.invoke(ClusterableRemoteRef.java:315)
            at weblogic.rmi.cluster.ClusterableRemoteRef.invoke(ClusterableRemoteRef.java:250)
            at weblogic.jndi.internal.ServerNamingNode_910_WLStub.lookup(Unknown Source)
            at weblogic.jndi.internal.WLContextImpl.lookup(WLContextImpl.java:374)
            Truncated. see log file for complete stacktrace
            Any idea why it is ?
            Please let me know
            Thanks
            Binu

  I got this issue resolved by setting
            Context.SECURITY_PRINCIPAL, "" , before the RMI ejb call
            Binu

• Java.lang.SecurityException: [Security:090398]Invalid Subject - multithre..

  Hi
  I am getting java.lang.SecurityException: [Security:090398]Invalid Subject ... under the following scenario:
  - I have a simple dispatcher class which is starting a number of threads, every one of them sending messages to different Weblogic server.
  - The dispatcher class is a simple Java class, running from outside of Weblogic server; the authentication is done using the JNDI login.
  - The message sender threads create an InitialContext for each message being sent and the context is closed after succesfully sending the message.
  With just one message sender thread running, everything is OK.
  The problems appear when at least two threads run at the same time. What happens is that one of the threads sends messages successfully while the other ones fail with:
  java.lang.SecurityException: [Security:090398]Invalid Subject: principals=[user1, role1, role2, role3, role4]
  at weblogic.rjvm.BasicOutboundRequest.sendReceive(BasicOutboundRequest.java:108)
  at weblogic.rmi.internal.BasicRemoteRef.invoke(BasicRemoteRef.java:138)
  at weblogic.jms.dispatcher.DispatcherImpl_812_WLStub.dispatchSyncFuture(Unknown Source)
  at weblogic.jms.dispatcher.DispatcherWrapperState.dispatchSync(DispatcherWrapperState.java:339)
  at weblogic.jms.client.JMSConnection.createSessionInternal(JMSConnection.java:400)
  at weblogic.jms.client.JMSConnection.createTopicSession(JMSConnection.java:359)
  at com.delta.parser.test.TestMessageThread.sendMessage(TestMessageThread.java:54)
  at com.delta.parser.test.TestMessageThread.run(TestMessageThread.java:34)
  Caused by: java.lang.SecurityException: [Security:090398]Invalid Subject: principals=[user1, role1, role2, role3, role4]
  at weblogic.security.service.SecurityServiceManager.seal(SecurityServiceManager.java:682)
  at weblogic.rjvm.MsgAbbrevInputStream.getSubject(MsgAbbrevInputStream.java:182)
  at weblogic.rmi.internal.BasicServerRef.acceptRequest(BasicServerRef.java:825)
  at weblogic.rmi.internal.BasicServerRef.dispatch(BasicServerRef.java:300)
  at weblogic.rjvm.RJVMImpl.dispatchRequest(RJVMImpl.java:923)
  at weblogic.rjvm.RJVMImpl.dispatch(RJVMImpl.java:844)
  at weblogic.rjvm.ConnectionManagerServer.handleRJVM(ConnectionManagerServer.java:222)
  at weblogic.rjvm.ConnectionManager.dispatch(ConnectionManager.java:794)
  at weblogic.rjvm.t3.T3JVMConnection.dispatch(T3JVMConnection.java:570)
  at weblogic.socket.NTSocketMuxer.processSockets(NTSocketMuxer.java:105)
  at weblogic.socket.SocketReaderRequest.execute(SocketReaderRequest.java:32)
  at weblogic.kernel.ExecuteThread.execute(ExecuteThread.java:197)
  at weblogic.kernel.ExecuteThread.run(ExecuteThread.java:170)
  The environment is Weblogic 8.1 (WebLogic Platform Developer license) running on Windows XP Professional.
  In the classpath I have the following weblogic jar files: weblogic.jar, wlclient.jar, wljmsclient.jar.
  The code that is generating the exceptions is:
  /****************** Dispatcher ************************/
  package test;
  public class TestThreadDispatcher {
  public TestThreadDispatcher() {
  public static void main(String[] args) {
  TestThreadDispatcher instance = new TestThreadDispatcher();
  instance.doTest();
  private void doTest() {
  TestMessageThread t1 = new TestMessageThread("weblogic.jndi.WLInitialContextFactory",
  "t3://pc10:7001",
  "user1",
  "passwd");
  t1.start();
  TestMessageThread t2 = new TestMessageThread("weblogic.jndi.WLInitialContextFactory",
  "t3://sjn:7001",
  "user1",
  "passwd");
  t2.start();
  TestMessageThread t3 = new TestMessageThread("weblogic.jndi.WLInitialContextFactory",
  "t3://pc99:7001",
  "user1",
  "passwd");
  t3.start();
  /****************** Message sender thread **************/
  package test;
  import java.util.*;
  import javax.jms.*;
  import javax.naming.*;
  import com.delta.parser.util.*;
  public class TestMessageThread extends Thread implements ParserConstants {
  private Hashtable environment;
  public TestMessageThread(String initialFactory,
  String url,
  String principal,
  String credentials) {
  Hashtable env = new Hashtable();
  env.put(Context.INITIAL_CONTEXT_FACTORY,
  initialFactory);
  env.put(Context.PROVIDER_URL,
  url);
  env.put(Context.SECURITY_PRINCIPAL,
  principal);
  env.put(Context.SECURITY_CREDENTIALS,
  credentials);
  environment = env;
  public void run() {
  int cnt = 0;
  while(true) {
  sendMessage("" + cnt++);
  try {
  sleep(500);
  } catch (InterruptedException iex) {
  private void sendMessage(String text) {
  try {
  Context ctx = new InitialContext(environment);
  TopicConnectionFactory factory = (TopicConnectionFactory)
  ctx.lookup("javax.jms.TopicConnectionFactory");
  TopicConnection connection = factory.createTopicConnection();
  TopicSession session = connection.createTopicSession(false,
  javax.jms.Session.AUTO_ACKNOWLEDGE);
  Topic topic = (Topic)ctx.lookup("FileTopic");
  TopicPublisher publisher = session.createPublisher(topic);
  TextMessage message = session.createTextMessage(text);
  publisher.publish(message);
  System.out.println("Message " + text + " sent to " +
  environment.get(Context.PROVIDER_URL));
  ctx.close();
  catch (JMSException jmsex) {
  jmsex.printStackTrace();
  catch (NamingException nex) {
  nex.printStackTrace();
  catch (SecurityException scex) {
  scex.printStackTrace();
  Any workarounds for this?
  BTW, I also tried using weblogic.jndi.Environment to obtain an InitialContext and wrapping the code inside thread's run() into Security.runAs(subject, new PrivilegedAction() { ....}, without success.
  Thanks in advance
  Mirel Rata

  Hi Kiran,
  Thank you for replying.
  Unfortunately the fix you suggested did not solve the problem. The server version I'm using is 8.1.
  The application I'm sending messages from is a standalone Java application, does not run from inside Weblogic server.
  Any thoughts?
  Regards,
  Mirel Rata

• Java.lang.SecurityException: Jurisdiction policy files are not signed by t

  Hi
  *I am installing ECC6 onAIX 6.1 with oarcle 10g.*
  *I am getting error in create secure store*
  *Policy and security files are ok,*
  aused by: java.lang.ExceptionInInitializerError
          at java.lang.J9VMInternals.initialize(J9VMInternals.java:218)
          at javax.crypto.Cipher.a(Unknown Source)
          at javax.crypto.Cipher.getInstance(Unknown Source)
          at iaik.security.provider.IAIK.a(Unknown Source)
          at iaik.security.provider.IAIK.addAsJDK14Provider(Unknown Source)
          at iaik.security.provider.IAIK.addAsJDK14Provider(Unknown Source)
          at com.sap.security.core.server.secstorefs.Crypt.<clinit>(Crypt.java:82)
          at java.lang.J9VMInternals.initializeImpl(Native Method)
          at java.lang.J9VMInternals.initialize(J9VMInternals.java:196)
          at com.sap.security.core.server.secstorefs.SecStoreFS.setSID(SecStoreFS.java:158)
          at com.sap.security.core.server.secstorefs.SecStoreFS.handleCreate(SecStoreFS.java:804)
          at com.sap.security.core.server.secstorefs.SecStoreFS.main(SecStoreFS.java:1274)
          ... 6 more
  Caused by: java.lang.SecurityException: Cannot set up certs for trusted CAs
          at javax.crypto.b.<clinit>(Unknown Source)
          at java.lang.J9VMInternals.initializeImpl(Native Method)
          at java.lang.J9VMInternals.initialize(J9VMInternals.java:196)
          ... 17 more
  Caused by: java.lang.SecurityException: Jurisdiction policy files are not signed by trusted signers!
          at javax.crypto.b.a(Unknown Source)
          at javax.crypto.b.a(Unknown Source)
          at javax.crypto.b.access$600(Unknown Source)
          at javax.crypto.b$0.run(Unknown Source)
          at java.security.AccessController.doPrivileged(AccessController.java:246)
          ... 20 more
  ERROR      2009-07-07 14:10:47.063
             CJSlibModule::writeError_impl()
  CJS-30050  Cannot create the secure store. SOLUTION: See output of log file SecureStoreCreate.log:
  SAP Secure Store in the File System - Copyright (c) 2003 SAP AG
  java.lang.reflect.InvocationTargetException
          at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
          at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:88)
          at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:61)
          at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:60)
          at java.lang.reflect.Method.invoke(Method.java:391)
          at com.sap.engine.offline.OfflineToolStart.main(OfflineToolStart.java:81)
  Caused by: java.lang.ExceptionInInitializerError
          at java.lang.J9VMInternals.initialize(J9VMInternals.java:218)
          at javax.crypto.Cipher.a(Unknown Source)
          at javax.crypto.Cipher.getInstance(Unknown Source)
          at iaik.security.provider.IAIK.a(Unknown Source)
          at iaik.security.provider.IAIK.addAsJDK14Provider(Unknown Source)
          at iaik.security.provider.IAIK.addAsJDK14Provider(Unknown Source)
          at com.sap.security.core.server.secstorefs.Crypt.<clinit>(Crypt.java:82)
          at java.lang.J9VMInternals.initializeImpl(Native Method)
          at java.lang.J9VMInternals.initialize(J9VMInternals.java:196)
          at com.sap.security.core.server.secstorefs.SecStoreFS.setSID(SecStoreFS.java:158)
          at com.sap.security.core.server.secstorefs.SecStoreFS.handleCreate(SecStoreFS.java:804)
          at com.sap.security.core.server.secstorefs.SecStoreFS.main(SecStoreFS.java:1274)
          ... 6 more
  Caused by: java.lang.SecurityException: Cannot set up certs for trusted CAs
          at javax.crypto.b.<clinit>(Unknown Source)
          at java.lang.J9VMInternals.initializeImpl(Native Method)
          at java.lang.J9VMInternals.initialize(J9VMInternals.java:196)
          ... 17 more
  Caused by: java.lang.SecurityException: Jurisdiction policy files are not signed by trusted signers!
          at javax.crypto.b.a(Unknown Source)
          at javax.crypto.b.a(Unknown Source)
          at javax.crypto.b.access$600(Unknown Source)
          at javax.crypto.b$0.run(Unknown Source)
          at java.security.AccessController.doPrivileged(AccessController.java:246)
          ... 20 more.
  ERROR      2009-07-07 14:10:47.547 [sixxcstepexecute.cpp:960]
  FCO-00011  The step createSecureStore with step key |NW_Onehost|ind|ind|ind|ind|0|0|NW_Onehost_System|ind|ind|ind|ind|2|0|NW_CreateDBandLoad|ind|ind|ind|ind|10|0|NW_SecureStore|ind|ind|ind|ind|8|0|createSecureStore was executed with status ERROR ( Last error reported by the step :Cannot create the secure store. SOLUTION: See output of log file SecureStoreCreate.log:
  SAP Secure Store in the File System - Copyright (c) 2003 SAP AG
  java.lang.reflect.InvocationTargetException
          at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
          at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:88)
          at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:61)
          at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:60)
          at java.lang.reflect.Method.invoke(Method.java:391)
          at com.sap.engine.offline.OfflineToolStart.main(OfflineToolStart.java:81)
  Caused by: java.lang.ExceptionInInitializerError
          at java.lang.J9VMInternals.initialize(J9VMInternals.java:218)
          at javax.crypto.Cipher.a(Unknown Source)
          at javax.crypto.Cipher.getInstance(Unknown Source)
          at iaik.security.provider.IAIK.a(Unknown Source)
          at iaik.security.provider.IAIK.addAsJDK14Provider(Unknown Source)
          at iaik.security.provider.IAIK.addAsJDK14Provider(Unknown Source)
          at com.sap.security.core.server.secstorefs.Crypt.<clinit>(Crypt.java:82)
          at java.lang.J9VMInternals.initializeImpl(Native Method)
          at java.lang.J9VMInternals.initialize(J9VMInternals.java:196)
          at com.sap.security.core.server.secstorefs.SecStoreFS.setSID(SecStoreFS.java:158)
          at com.sap.security.core.server.secstorefs.SecStoreFS.handleCreate(SecStoreFS.java:804)
          at com.sap.security.core.server.secstorefs.SecStoreFS.main(SecStoreFS.java:1274)
          ... 6 more
  Caused by: java.lang.SecurityException: Cannot set up certs for trusted CAs
          at javax.crypto.b.<clinit>(Unknown Source)
          at java.lang.J9VMInternals.initializeImpl(Native Method)
          at java.lang.J9VMInternals.initialize(J9VMInternals.java:196)
          ... 17 more
  Caused by: java.lang.SecurityException: Jurisdiction policy files are not signed by trusted signers!
          at javax.crypto.b.a(Unknown Source)
          at javax.crypto.b.a(Unknown Source)
          at javax.crypto.b.access$600(Unknown Source)
          at javax.crypto.b$0.run(Unknown Source)
          at java.security.AccessController.doPrivileged(AccessController.java:246)
          ... 20 more.).
  what could be the problem ?
  Please give me the soluation
  regards
  Vijay

  Dear Juan
  You are correct.
  I downloaded correct file from IBM site , and Create Secure store step completed but innext step IMPORT JAVA DUMP
  it gave error
  n error occurred while processing service SAP ERP 6.0 Support Release 3 > SAP Systems > Oracle > Central System > Central System( Last error reported by the step : Execution of JLoad tool '/usr/java14_64/bin/java -classpath /swdump/tmpinst/sapinst_instdir/ERP/SYSTEM/ORA/CENTRAL/AS/install/sharedlib/launcher.jar -showversion -Xmx512m -Xj9 com.sap.engine.offline.OfflineToolStart com.sap.inst.jload.Jload /swdump/tmpinst/sapinst_instdir/ERP/SYSTEM/ORA/CENTRAL/AS/install/lib/iaik_jce.jar:/swdump/tmpinst/sapinst_instdir/ERP/SYSTEM/ORA/CENTRAL/AS/install/sharedlib/jload.jar:/swdump/tmpinst/sapinst_instdir/ERP/SYSTEM/ORA/CENTRAL/AS/install/sharedlib/antlr.jar:/swdump/tmpinst/sapinst_instdir/ERP/SYSTEM/ORA/CENTRAL/AS/install/sharedlib/exception.jar:/swdump/tmpinst/sapinst_instdir/ERP/SYSTEM/ORA/CENTRAL/AS/install/sharedlib/jddi.jar:/swdump/tmpinst/sapinst_instdir/ERP/SYSTEM/ORA/CENTRAL/AS/install/sharedlib/logging.jar:/swdump/tmpinst/sapinst_instdir/ERP/SYSTEM/ORA/CENTRAL/AS/install/sharedlib/offlineconfiguration.jar:/swdump/tmpinst/sapinst_instdir/ERP/SYSTEM/ORA/CENTRAL/AS/install/sharedlib/opensqlsta.jar:/swdump/tmpinst/sapinst_instdir/ERP/SYSTEM/ORA/CENTRAL/AS/install/sharedlib/tc_sec_secstorefs.jar:/oracle/client/10x_64/instantclient/ojdbc14.jar -sec AGQ,jdbc/pool/AGQ,/usr/sap/AGQ/SYS/global/security/data/SecStore.properties,/usr/sap/AGQ/SYS/global/security/data/SecStore.key -dataDir /swdump/NW7.0_SR3_JAVA_COMP_51033513/DATA_UNITS/JAVA_EXPORT_JDMP -job /swdump/tmpinst/sapinst_instdir/ERP/SYSTEM/ORA/CENTRAL/AS/IMPORT.XML -log jload.log' aborts with return code 1. SOLUTION: Check 'jload.log' and '/swdump/tmpinst/sapinst_instdir/ERP/SYSTEM/ORA/CENTRAL/AS/jload.java.log' for more information.
  regards
  vijjay

• Java.lang.SecurityException: [Security:090398]Invalid Subject: admin

  I have a class that is used to check the status of all managed server in a domain. I use this class to check on the status of multiple domains.
  I have a for loop over all the domains and then invoke the method below, one for each domain (I instantiate the class anew for each domain)
  The 1st domain connects and returns the status properly. However on subsequent iterations thru the look I get the following SecuriyException below. I have tried a number of things such as setting MBeanHome to null etc but this error repeats anytime I connect to N+1 domains.
  Is there a fix for this.
  Note: I am using WLS 8.1 SP3 thru 5. And I know the username & pwd is correct cause I can connect using to the admin console using the same username & password and am part of the Administrators group.
  Exception on the client on N+1 connect attemp:
  java.lang.SecurityException: [Security:090398]Invalid Subject: admin
  at weblogic.rjvm.BasicOutboundRequest.sendReceive(BasicOutboundRequest.j
  ava:108)
  at weblogic.rmi.internal.BasicRemoteRef.invoke(BasicRemoteRef.java:137)
  at weblogic.management.internal.AdminMBeanHomeImpl_815_WLStub.getDomainN
  ame(Unknown Source)
  Exception on the server:
  ####<Mar 28, 2006 2:59:51 PM CST> <Warning> <RMI> <htx6056> <AdminServer> <Execu
  teThread: '2' for queue: 'weblogic.socket.Muxer'> <<WLS Kernel>> <> <BEA-080003>
  <RuntimeException thrown by rmi server: weblogic.rmi.internal.BasicServerRef@10
  2 - hostID: '-4547912678907759832S:htx6056.cce.hp.com:[10250,10250,10251,10251,1
  0250,10251,-1,0,0]:arc_prd1:AdminServer', oid: '258', implementation: 'weblogic.
  management.internal.AdminMBeanHomeImpl@1e22632'
  java.lang.SecurityException: [Security:090398]Invalid Subject: admin.
  java.lang.SecurityException: [Security:090398]Invalid Subject: admin
  The code:
  public void checkWebLogicServerState( String user, String pass, String url ) throws Exception {
            MBeanHome home = Helper.getAdminMBeanHome( user, pass, url );
            Set beans = home.getMBeansByType( "Server", home.getDomainName( ));
            for( Iterator iter = beans.iterator( ); iter.hasNext( );){
                 WebLogicMBean bean = (WebLogicMBean)iter.next( );
                 WebLogicObjectName objName = bean.getObjectName( );
                 String serverName = objName.getName( );
                 String location = objName.getLocation( );
                 ServerRuntimeMBean serverRuntimeMBean = null;
                 try {
                      serverRuntimeMBean = (ServerRuntimeMBean)home.getMBean( serverName, "ServerRuntime", home.getDomainName( ), serverName);
                      String state = serverRuntimeMBean.getState( );
                      System.out.println( "\t[" + serverName + "] IS " + state + "." );
                 } catch( Exception ex ) {
                      System.out.println( "\t[" + serverName + "] IS NOT RUNNING." );
       }

  I worked around the problem by removing the usage of the weblogic.management.Helper and using standard JNDI lookups instead.
  Clearly there is a bug in the Helper class that stores securtiy information in a static variable since it cannot be re used within the same JVM/Classloader without sharing the security information.
  Used instead:
                 Environment env = new Environment();
                 env.setProviderUrl( url );
                 env.setSecurityPrincipal( user );
                 env.setSecurityCredentials( pass );
                 Context ctx = env.getInitialContext( );
                 home = (MBeanHome)ctx.lookup( MBeanHome.ADMIN_JNDI_NAME );

• Java.lang.SecurityException: [Security:090398]Invalid Subject: principals=[

  HI,
  I am trying to monitor multiple weblogic servers, I am getting the exception when the program is trying to read multiple domains of the same weblogic server version 8.1.
  Can any one help me in getting this fix programatically using weblogic.management.*;
  I have searched all the sites where I got only a perticular solution which states to maintain the same domain level credentials.
  please reply me back if there is a programatical approach to fix this exception.
  The exception is given below:
  java.lang.SecurityException: [Security:090398]Invalid Subject: principals=[weblogic, Administrators]
       at weblogic.rjvm.BasicOutboundRequest.sendReceive(BasicOutboundRequest.java:108)
       at weblogic.rmi.internal.BasicRemoteRef.invoke(BasicRemoteRef.java:138)
       at weblogic.management.internal.AdminMBeanHomeImpl_811_WLStub.getDomainName(Unknown Source)
       at MonitorServers.getDataWeblogic(MonitorServers.java:138)
       at MonitorServers.getServers(MonitorServers.java:89)
       at MonitorServers.main(MonitorServers.java:352)
  Caused by: java.lang.SecurityException: [Security:090398]Invalid Subject: principals=[weblogic, Administrators]
       at weblogic.security.service.SecurityServiceManager.seal(SecurityServiceManager.java:682)
       at weblogic.rjvm.MsgAbbrevInputStream.getSubject(MsgAbbrevInputStream.java:181)
       at weblogic.rmi.internal.BasicServerRef.acceptRequest(BasicServerRef.java:814)
       at weblogic.rmi.internal.BasicServerRef.dispatch(BasicServerRef.java:299)
       at weblogic.rjvm.RJVMImpl.dispatchRequest(RJVMImpl.java:920)
       at weblogic.rjvm.RJVMImpl.dispatch(RJVMImpl.java:841)
       at weblogic.rjvm.ConnectionManagerServer.handleRJVM(ConnectionManagerServer.java:222)
       at weblogic.rjvm.ConnectionManager.dispatch(ConnectionManager.java:794)
       at weblogic.rjvm.t3.T3JVMConnection.dispatch(T3JVMConnection.java:570)
       at weblogic.socket.NTSocketMuxer.processSockets(NTSocketMuxer.java:105)
       at weblogic.socket.SocketReaderRequest.execute(SocketReaderRequest.java:32)
       at weblogic.kernel.ExecuteThread.execute(ExecuteThread.java:197)
       at weblogic.kernel.ExecuteThread.run(ExecuteThread.java:170)
  Thanks in advance

  Hi,
  I think that if you don't specify the credentials, the current one will be used to connect to the server.
  Try to specify the guest identity by explicitely adding the following properties to override the current identity
                 properties.put(Context.SECURITY_PRINCIPAL, "");
  properties.put(Context.SECURITY_CREDENTIALS, "");
  Otherwise you will need to setup a trust between the servers.
  I Hope this helps.
  Giorgio Anastopoulos

• Java.lang.SecurityException: Security: Invalid Subject: principals

  I am getting the following exception intermittently:
  java.lang.SecurityException: Security: Invalid Subject: principals=[XXX, Administrators]
  What i am doing is, i have two weblogic servers both running Weblogic 10.0 and running on different domains, a war is deployed on one server (server A) which sends a message to queue on another server (Server B), now everything works but if i restart B then A throws the above Security Exception while looking up the queue on Server B?? Any ideas why, i haven't configured any security credentials.
  If i restart A after restarting B then everything works again but restarting all the servers each time one gets restarted is cumbersome,so does someone knows answer to the question above?
  Edited by: user4828945 on Feb 11, 2009 5:41 PM

  If you dont require authentication, then enable the global trust between the domains.
  When this feature is enabled, identity is passed between WebLogic Server domains over an RMI connection without requiring authentication in the second domain. When inter-domain trust is enabled, transactions can commit across domains. A trust relationship is established when the Domain Credential for one domain matches the Domain Credential for another domain.
  By default, the Domain Credential is randomly generated and therefore, no two domains will have the same Domain Credential. If you want two WebLogic Server domains to interoperate, you need to replace the generated credential with a credential you select, and set the same credential in each of the domains.
  Link :[http://e-docs.bea.com/wls/docs100/ConsoleHelp/taskhelp/security/EnableGlobalTrustBetweenDomains.html]

• Java.lang.SecurityException on maven build with Xtext and XCore from Mars

  Following the usual maven tutorial, and examples shown before in this forum, I'm attempting to upgrade a maven project that uses xtext and xcore to versions as present in a fresh Eclipse Mars install.
  When running the xtext-maven-plugin on the .xcore file, it gets to:
  [INFO] Validate and generate.
  [INFO] Starting validation for input: 'XCoG.xcore'
  [INFO] Starting generator for input: 'XCoG.xcore'
  and then reports (several hundred times)
  java.lang.SecurityException: class "org.eclipse.core.runtime.Plugin"'s signer information does not match signer information of other classes in the same package
  and nothing is generated.
  The relevant bit of the exception trace seems to be:
  org.eclipse.emf.codegen.ecore.genmodel.util.GenModelUtil.getJavaOptions(GenModelUtil.java:128)
  which is a line that references class JavaCore, which is an import from org.eclipse.jdt.core.
  The full debug log of the build seems to show there are two different version of org.eclipse.jdt.core in play,
  org.eclipse.jdt.core:jar:3.11.0.v20150602-1242 which is as released with Mars.
  org.eclipse.tycho:org.eclipse.jdt.core:jar:3.10.0.v20140604-1726 which is a dependency of org.eclipse.xtext:org.eclipse.xtext.xtext:jar:2.8.3,
  which comes because the pom.xml in org.eclipse.xtext.dependencies specifies:
  <dependency>
  <groupId>org.eclipse.tycho</groupId>
  <artifactId>org.eclipse.jdt.core</artifactId>
  <version>3.10.0.v20140604-1726</version>
  </dependency>
  is that an error? And is there any workaround?

  Just to dump the results here in case it helps someone else (or me next year):
  The signature conflict is between the jars org.eclipse.core.runtime 3.7.0 and org.eclipse.equinox.common 3.6.200, because both have the package org.eclipse.core.runtime, but only the former has class Plugin.
  org.eclipse.emf.codegen.ecore.genmodel.util.GenModelUtil references org.eclipse.jdt.core.JavaCore which references many classes from org.eclipse.core.runtime including Plugin. So it ends up with half of each package, hence the error.
  To get things to work, I needed to fiddle things until the bundle org.eclipse.core.runtime was searched before org.eclipse.equinox.common. This wasn't as simple as copying the example, as I was using tycho and there were other dependencies involved, but once I understood what was going on, it was just trial and error.
  Can't help but thing there is something fundamentally flawed about the design of one or more of OSGI, eclipse or tycho here given everything is so fragile. Beneath jar hell there is a deeper pit where things only work if jars are in the right order, and you can't directly specify the order...

• Java.lang.Exception: Invalid AD_TOP Oracle Applications 11i

  Hi,
  I have tried to complete Oracle Application 11i installation, but I have one problem.
  I have multi node installation with 2 nodes(Virtual nodes with OEL 4).
  First for database software and database and second for everything else.
  I have successfully finished installation on database node and everything passed fine,
  but when I have started installation with same configuration file (I have created it on the database node)
  on the second node
  I get the message in the log:
  Starting CVM on Middle Tier.....
  java.lang.Exception: Invalid AD_TOP
  and my installation process wafting along time.
  Can anybody help me with this problem.
  Thanks,
  Dragan.

  I have found on this location /baza/Stage11i/oraiAS/Disk1/ias/stage
  problematic archive Archive: 806_d2pm.zip
  I have tried to unzip problematic archive and I get:
  [root@maximus stage]# unzip 806_d2pm.zip
  Archive: 806_d2pm.zip
  replace d2pm/install/relnotes/relnotes.map? [y]es, [n]o, [A]ll, [N]one, [r]ename: n
  replace d2pm/install/relnotes/relnotes.vrf? [y]es, [n]o, [A]ll, [N]one, [r]ename: n
  replace d2pm/install/relnotes/relnotes.ins? [y]es, [n]o, [A]ll, [N]one, [r]ename: n
  replace d2pm/install/relnotes/partial.prd? [y]es, [n]o, [A]ll, [N]one, [r]ename: n
  replace d2pm/install/relnotes/partial.prd.PRE_P15? [y]es, [n]o, [A]ll, [N]one, [r]ename: n
  replace d2pm/install/relnotes/partial.prd.PRE_P16? [y]es, [n]o, [A]ll, [N]one, [r]ename: n
  [root@maximus stage]#
  What can I do now?
  Best regards,
  Dragan

• Java.lang.SecurityException: while starting weblogic server

  Hi,
  I added a admin server on m/c 1 and a remote managed server on m/c 2. When i tried to start the admin server and the managed server and ping it using jmx, it get the following security error:
  Any help regd. this would be appreciated.
  Thanks,
  beauser2005
  <Oct 29, 2004 2:14:38 PM PDT> <Warning> <RMI> <BEA-080003> <RuntimeException thrown by rmi server: weblogic.rmi.internal.BasicServerRef@10c - hostID: '-833462563406253632S:172.20.30.37:[7001,7001,-1,-1,7001,-1,-1,0,0]:mydomain10:myserver10', oid: '268', implementation: 'weblogic.management.internal.RemoteMBeanServerImpl@191f022'
  java.lang.SecurityException: [Security:090398]Invalid Subject: principals=[weblogic, Administrators].
  java.lang.SecurityException: [Security:090398]Invalid Subject: principals=[weblogic, Administrators]
       at weblogic.security.service.SecurityServiceManager.seal(SecurityServiceManager.java:680)
       at weblogic.rjvm.MsgAbbrevInputStream.getSubject(MsgAbbrevInputStream.java:187)
       at weblogic.rmi.internal.BasicServerRef.acceptRequest(BasicServerRef.java:827)
       at weblogic.rmi.internal.BasicServerRef.dispatch(BasicServerRef.java:300)
       at weblogic.rjvm.RJVMImpl.dispatchRequest(RJVMImpl.java:996)
       at weblogic.rjvm.RJVMImpl.dispatch(RJVMImpl.java:917)
       at weblogic.rjvm.ConnectionManagerServer.handleRJVM(ConnectionManagerServer.java:225)
       at weblogic.rjvm.ConnectionManager.dispatch(ConnectionManager.java:794)
       at weblogic.rjvm.t3.T3JVMConnection.dispatch(T3JVMConnection.java:742)
       at weblogic.socket.NTSocketMuxer.processSockets(NTSocketMuxer.java:105)
       at weblogic.socket.SocketReaderRequest.execute(SocketReaderRequest.java:32)
       at weblogic.kernel.ExecuteThread.execute(ExecuteThread.java:219)
       at weblogic.kernel.ExecuteThread.run(ExecuteThread.java:178)

  was able to solve this
  there was corruption of reports config file