Java.lang.SecurityException: [Security:090398]Invalid Subject: WEBLOGIC 9.1

Hi
I am getting this error when I am making an EJB method which resides in a different weblogic 9.1 server.
I have enaled the trust between my two domains. Set the required class path settings.
My client call is from a JSP , say client.jsp.
Here I get remote object of the EJB and calls the required method
Now
1) My EJB calls are succesful when I DO NOT secure it
2) but when I make it is secured , ie when I
include the jsp in secured URL ie. under <security-constraint><url-pattern>client.jsp</> in web.xml
, it gives me the follwing error
The stack trace is given below
java.lang.SecurityException: [Security:090398]Invalid Subject: principals=[com.ebreviate.security.wl9realm.EBRUser@a09a08, ess, everyone]
at weblogic.rjvm.ResponseImpl.unmarshalReturn(ResponseImpl.java:191)
at weblogic.rmi.cluster.ClusterableRemoteRef.invoke(ClusterableRemoteRef.java:315)
at weblogic.rmi.cluster.ClusterableRemoteRef.invoke(ClusterableRemoteRef.java:250)
at weblogic.jndi.internal.ServerNamingNode_910_WLStub.lookup(Unknown Source)
at weblogic.jndi.internal.WLContextImpl.lookup(WLContextImpl.java:374)
Truncated. see log file for complete stacktrace
Any idea why it is ?
Please let me know
Thanks
Binu
Edited by binurajkr at 01/25/2008 4:36 AM

Hi. Contact official BEA Support. This is likely
to be a known issue with a patch available to fix it.
Joe
binu raj wrote:
Hi
I am getting this error when I am making an EJB method which resides in a different weblogic 9.1 server.
I have enaled the trust between my two domains. Set the required class path settings.
My client call is from a JSP , say client.jsp.
Here I get remote object of the EJB and calls the required method
Now
1) My EJB calls are succesful when I DO NOT secure it
2) but when I make it is secured , ie when I
include the jsp in secured URL ie. under <security-constraint><url-pattern>client.jsp</> in web.xml
, it gives me the follwing error
The stack trace is given below
java.lang.SecurityException: [Security:090398]Invalid Subject: principals=[com.ebreviate.security.wl9realm.EBRUser@a09a08, ess, everyone]
at weblogic.rjvm.ResponseImpl.unmarshalReturn(ResponseImpl.java:191)
at weblogic.rmi.cluster.ClusterableRemoteRef.invoke(ClusterableRemoteRef.java:315)
at weblogic.rmi.cluster.ClusterableRemoteRef.invoke(ClusterableRemoteRef.java:250)
at weblogic.jndi.internal.ServerNamingNode_910_WLStub.lookup(Unknown Source)
at weblogic.jndi.internal.WLContextImpl.lookup(WLContextImpl.java:374)
Truncated. see log file for complete stacktrace
Any idea why it is ?
Please let me know
Thanks
Binu
Edited by binurajkr at 01/25/2008 4:36 AM

Similar Messages

  • Java.lang.SecurityException: [Security:090398]Invalid Subject

    Hi
              I am getting this error when I am making an EJB method which resides in a different weblogic 9.1 server.
              I have enaled the trust between my two domains. Set the required class path settings.
              My client call is from a JSP , say client.jsp.
              Here I get remote object of the EJB and calls the required method
              Now
              1) My EJB calls are succesful when I DO NOT secure it
              2) but when I make it is secured , ie when I
              include the jsp in secured URL ie. under <security-constraint><url-pattern>client.jsp</> in web.xml
              , it gives me the follwing error
              The stack trace is given below
              java.lang.SecurityException: [Security:090398]Invalid Subject: principals=[com.ebreviate.security.wl9realm.EBRUser@a09a08, ess, everyone]
              at weblogic.rjvm.ResponseImpl.unmarshalReturn(ResponseImpl.java:191)
              at weblogic.rmi.cluster.ClusterableRemoteRef.invoke(ClusterableRemoteRef.java:315)
              at weblogic.rmi.cluster.ClusterableRemoteRef.invoke(ClusterableRemoteRef.java:250)
              at weblogic.jndi.internal.ServerNamingNode_910_WLStub.lookup(Unknown Source)
              at weblogic.jndi.internal.WLContextImpl.lookup(WLContextImpl.java:374)
              Truncated. see log file for complete stacktrace
              Any idea why it is ?
              Please let me know
              Thanks
              Binu

    I got this issue resolved by setting
              Context.SECURITY_PRINCIPAL, "" , before the RMI ejb call
              Binu

  • Java.lang.SecurityException: [Security:090398]Invalid Subject: admin

    I have a class that is used to check the status of all managed server in a domain. I use this class to check on the status of multiple domains.
    I have a for loop over all the domains and then invoke the method below, one for each domain (I instantiate the class anew for each domain)
    The 1st domain connects and returns the status properly. However on subsequent iterations thru the look I get the following SecuriyException below. I have tried a number of things such as setting MBeanHome to null etc but this error repeats anytime I connect to N+1 domains.
    Is there a fix for this.
    Note: I am using WLS 8.1 SP3 thru 5. And I know the username & pwd is correct cause I can connect using to the admin console using the same username & password and am part of the Administrators group.
    Exception on the client on N+1 connect attemp:
    java.lang.SecurityException: [Security:090398]Invalid Subject: admin
    at weblogic.rjvm.BasicOutboundRequest.sendReceive(BasicOutboundRequest.j
    ava:108)
    at weblogic.rmi.internal.BasicRemoteRef.invoke(BasicRemoteRef.java:137)
    at weblogic.management.internal.AdminMBeanHomeImpl_815_WLStub.getDomainN
    ame(Unknown Source)
    Exception on the server:
    ####<Mar 28, 2006 2:59:51 PM CST> <Warning> <RMI> <htx6056> <AdminServer> <Execu
    teThread: '2' for queue: 'weblogic.socket.Muxer'> <<WLS Kernel>> <> <BEA-080003>
    <RuntimeException thrown by rmi server: weblogic.rmi.internal.BasicServerRef@10
    2 - hostID: '-4547912678907759832S:htx6056.cce.hp.com:[10250,10250,10251,10251,1
    0250,10251,-1,0,0]:arc_prd1:AdminServer', oid: '258', implementation: 'weblogic.
    management.internal.AdminMBeanHomeImpl@1e22632'
    java.lang.SecurityException: [Security:090398]Invalid Subject: admin.
    java.lang.SecurityException: [Security:090398]Invalid Subject: admin
    The code:
    public void checkWebLogicServerState( String user, String pass, String url ) throws Exception {
              MBeanHome home = Helper.getAdminMBeanHome( user, pass, url );
              Set beans = home.getMBeansByType( "Server", home.getDomainName( ));
              for( Iterator iter = beans.iterator( ); iter.hasNext( );){
                   WebLogicMBean bean = (WebLogicMBean)iter.next( );
                   WebLogicObjectName objName = bean.getObjectName( );
                   String serverName = objName.getName( );
                   String location = objName.getLocation( );
                   ServerRuntimeMBean serverRuntimeMBean = null;
                   try {
                        serverRuntimeMBean = (ServerRuntimeMBean)home.getMBean( serverName, "ServerRuntime", home.getDomainName( ), serverName);
                        String state = serverRuntimeMBean.getState( );
                        System.out.println( "\t[" + serverName + "] IS " + state + "." );
                   } catch( Exception ex ) {
                        System.out.println( "\t[" + serverName + "] IS NOT RUNNING." );
         }

    I worked around the problem by removing the usage of the weblogic.management.Helper and using standard JNDI lookups instead.
    Clearly there is a bug in the Helper class that stores securtiy information in a static variable since it cannot be re used within the same JVM/Classloader without sharing the security information.
    Used instead:
                   Environment env = new Environment();
                   env.setProviderUrl( url );
                   env.setSecurityPrincipal( user );
                   env.setSecurityCredentials( pass );
                   Context ctx = env.getInitialContext( );
                   home = (MBeanHome)ctx.lookup( MBeanHome.ADMIN_JNDI_NAME );

  • Java.lang.SecurityException: [Security:090398]Invalid Subject: principals=[

    HI,
    I am trying to monitor multiple weblogic servers, I am getting the exception when the program is trying to read multiple domains of the same weblogic server version 8.1.
    Can any one help me in getting this fix programatically using weblogic.management.*;
    I have searched all the sites where I got only a perticular solution which states to maintain the same domain level credentials.
    please reply me back if there is a programatical approach to fix this exception.
    The exception is given below:
    java.lang.SecurityException: [Security:090398]Invalid Subject: principals=[weblogic, Administrators]
         at weblogic.rjvm.BasicOutboundRequest.sendReceive(BasicOutboundRequest.java:108)
         at weblogic.rmi.internal.BasicRemoteRef.invoke(BasicRemoteRef.java:138)
         at weblogic.management.internal.AdminMBeanHomeImpl_811_WLStub.getDomainName(Unknown Source)
         at MonitorServers.getDataWeblogic(MonitorServers.java:138)
         at MonitorServers.getServers(MonitorServers.java:89)
         at MonitorServers.main(MonitorServers.java:352)
    Caused by: java.lang.SecurityException: [Security:090398]Invalid Subject: principals=[weblogic, Administrators]
         at weblogic.security.service.SecurityServiceManager.seal(SecurityServiceManager.java:682)
         at weblogic.rjvm.MsgAbbrevInputStream.getSubject(MsgAbbrevInputStream.java:181)
         at weblogic.rmi.internal.BasicServerRef.acceptRequest(BasicServerRef.java:814)
         at weblogic.rmi.internal.BasicServerRef.dispatch(BasicServerRef.java:299)
         at weblogic.rjvm.RJVMImpl.dispatchRequest(RJVMImpl.java:920)
         at weblogic.rjvm.RJVMImpl.dispatch(RJVMImpl.java:841)
         at weblogic.rjvm.ConnectionManagerServer.handleRJVM(ConnectionManagerServer.java:222)
         at weblogic.rjvm.ConnectionManager.dispatch(ConnectionManager.java:794)
         at weblogic.rjvm.t3.T3JVMConnection.dispatch(T3JVMConnection.java:570)
         at weblogic.socket.NTSocketMuxer.processSockets(NTSocketMuxer.java:105)
         at weblogic.socket.SocketReaderRequest.execute(SocketReaderRequest.java:32)
         at weblogic.kernel.ExecuteThread.execute(ExecuteThread.java:197)
         at weblogic.kernel.ExecuteThread.run(ExecuteThread.java:170)
    Thanks in advance

    Hi,
    I think that if you don't specify the credentials, the current one will be used to connect to the server.
    Try to specify the guest identity by explicitely adding the following properties to override the current identity
                   properties.put(Context.SECURITY_PRINCIPAL, "");
    properties.put(Context.SECURITY_CREDENTIALS, "");
    Otherwise you will need to setup a trust between the servers.
    I Hope this helps.
    Giorgio Anastopoulos

  • Java.lang.SecurityException: [Security:090398]Invalid Subject - multithre..

    Hi
    I am getting java.lang.SecurityException: [Security:090398]Invalid Subject ... under the following scenario:
    - I have a simple dispatcher class which is starting a number of threads, every one of them sending messages to different Weblogic server.
    - The dispatcher class is a simple Java class, running from outside of Weblogic server; the authentication is done using the JNDI login.
    - The message sender threads create an InitialContext for each message being sent and the context is closed after succesfully sending the message.
    With just one message sender thread running, everything is OK.
    The problems appear when at least two threads run at the same time. What happens is that one of the threads sends messages successfully while the other ones fail with:
    java.lang.SecurityException: [Security:090398]Invalid Subject: principals=[user1, role1, role2, role3, role4]
    at weblogic.rjvm.BasicOutboundRequest.sendReceive(BasicOutboundRequest.java:108)
    at weblogic.rmi.internal.BasicRemoteRef.invoke(BasicRemoteRef.java:138)
    at weblogic.jms.dispatcher.DispatcherImpl_812_WLStub.dispatchSyncFuture(Unknown Source)
    at weblogic.jms.dispatcher.DispatcherWrapperState.dispatchSync(DispatcherWrapperState.java:339)
    at weblogic.jms.client.JMSConnection.createSessionInternal(JMSConnection.java:400)
    at weblogic.jms.client.JMSConnection.createTopicSession(JMSConnection.java:359)
    at com.delta.parser.test.TestMessageThread.sendMessage(TestMessageThread.java:54)
    at com.delta.parser.test.TestMessageThread.run(TestMessageThread.java:34)
    Caused by: java.lang.SecurityException: [Security:090398]Invalid Subject: principals=[user1, role1, role2, role3, role4]
    at weblogic.security.service.SecurityServiceManager.seal(SecurityServiceManager.java:682)
    at weblogic.rjvm.MsgAbbrevInputStream.getSubject(MsgAbbrevInputStream.java:182)
    at weblogic.rmi.internal.BasicServerRef.acceptRequest(BasicServerRef.java:825)
    at weblogic.rmi.internal.BasicServerRef.dispatch(BasicServerRef.java:300)
    at weblogic.rjvm.RJVMImpl.dispatchRequest(RJVMImpl.java:923)
    at weblogic.rjvm.RJVMImpl.dispatch(RJVMImpl.java:844)
    at weblogic.rjvm.ConnectionManagerServer.handleRJVM(ConnectionManagerServer.java:222)
    at weblogic.rjvm.ConnectionManager.dispatch(ConnectionManager.java:794)
    at weblogic.rjvm.t3.T3JVMConnection.dispatch(T3JVMConnection.java:570)
    at weblogic.socket.NTSocketMuxer.processSockets(NTSocketMuxer.java:105)
    at weblogic.socket.SocketReaderRequest.execute(SocketReaderRequest.java:32)
    at weblogic.kernel.ExecuteThread.execute(ExecuteThread.java:197)
    at weblogic.kernel.ExecuteThread.run(ExecuteThread.java:170)
    The environment is Weblogic 8.1 (WebLogic Platform Developer license) running on Windows XP Professional.
    In the classpath I have the following weblogic jar files: weblogic.jar, wlclient.jar, wljmsclient.jar.
    The code that is generating the exceptions is:
    /****************** Dispatcher ************************/
    package test;
    public class TestThreadDispatcher {
    public TestThreadDispatcher() {
    public static void main(String[] args) {
    TestThreadDispatcher instance = new TestThreadDispatcher();
    instance.doTest();
    private void doTest() {
    TestMessageThread t1 = new TestMessageThread("weblogic.jndi.WLInitialContextFactory",
    "t3://pc10:7001",
    "user1",
    "passwd");
    t1.start();
    TestMessageThread t2 = new TestMessageThread("weblogic.jndi.WLInitialContextFactory",
    "t3://sjn:7001",
    "user1",
    "passwd");
    t2.start();
    TestMessageThread t3 = new TestMessageThread("weblogic.jndi.WLInitialContextFactory",
    "t3://pc99:7001",
    "user1",
    "passwd");
    t3.start();
    /****************** Message sender thread **************/
    package test;
    import java.util.*;
    import javax.jms.*;
    import javax.naming.*;
    import com.delta.parser.util.*;
    public class TestMessageThread extends Thread implements ParserConstants {
    private Hashtable environment;
    public TestMessageThread(String initialFactory,
    String url,
    String principal,
    String credentials) {
    Hashtable env = new Hashtable();
    env.put(Context.INITIAL_CONTEXT_FACTORY,
    initialFactory);
    env.put(Context.PROVIDER_URL,
    url);
    env.put(Context.SECURITY_PRINCIPAL,
    principal);
    env.put(Context.SECURITY_CREDENTIALS,
    credentials);
    environment = env;
    public void run() {
    int cnt = 0;
    while(true) {
    sendMessage("" + cnt++);
    try {
    sleep(500);
    } catch (InterruptedException iex) {
    private void sendMessage(String text) {
    try {
    Context ctx = new InitialContext(environment);
    TopicConnectionFactory factory = (TopicConnectionFactory)
    ctx.lookup("javax.jms.TopicConnectionFactory");
    TopicConnection connection = factory.createTopicConnection();
    TopicSession session = connection.createTopicSession(false,
    javax.jms.Session.AUTO_ACKNOWLEDGE);
    Topic topic = (Topic)ctx.lookup("FileTopic");
    TopicPublisher publisher = session.createPublisher(topic);
    TextMessage message = session.createTextMessage(text);
    publisher.publish(message);
    System.out.println("Message " + text + " sent to " +
    environment.get(Context.PROVIDER_URL));
    ctx.close();
    catch (JMSException jmsex) {
    jmsex.printStackTrace();
    catch (NamingException nex) {
    nex.printStackTrace();
    catch (SecurityException scex) {
    scex.printStackTrace();
    Any workarounds for this?
    BTW, I also tried using weblogic.jndi.Environment to obtain an InitialContext and wrapping the code inside thread's run() into Security.runAs(subject, new PrivilegedAction() { ....}, without success.
    Thanks in advance
    Mirel Rata

    Hi Kiran,
    Thank you for replying.
    Unfortunately the fix you suggested did not solve the problem. The server version I'm using is 8.1.
    The application I'm sending messages from is a standalone Java application, does not run from inside Weblogic server.
    Any thoughts?
    Regards,
    Mirel Rata

  • Java.lang.SecurityException: [Security:090398]

    Hi All,
    I am using Jdeveloper 11.1.1.3.
    I am running my application and it runs fine. But after a couple of clicks, I get the following exception. Tried googling and oracle-ing the exception but can't really understand what it is. If someone can provide a solution that would be AWESOME but even if someone can explain what the error is, that would be really really helpful.
    Oh and the WebLogic Server Version: 10.3.3.0 on server and client side.
    Here's the error...
    java.lang.SecurityException: [Security:090398]Invalid Subject: principals=[jdoe11, EFormDefault]
    javax.el.ELException: java.lang.SecurityException: [Security:090398]Invalid Subject: principals=[jdoe11, EFormDefault]
         at com.sun.el.parser.AstValue.invoke(AstValue.java:161)
         at com.sun.el.MethodExpressionImpl.invoke(MethodExpressionImpl.java:283)
         at oracle.adf.controller.internal.util.ELInterfaceImpl.invokeMethod(ELInterfaceImpl.java:168)
         at oracle.adfinternal.controller.activity.MethodCallActivityLogic.execute(MethodCallActivityLogic.java:161)
         at oracle.adfinternal.controller.engine.ControlFlowEngine.executeActivity(ControlFlowEngine.java:989)
         at oracle.adfinternal.controller.engine.ControlFlowEngine.doRouting(ControlFlowEngine.java:878)
         at oracle.adfinternal.controller.engine.ControlFlowEngine.doRouting(ControlFlowEngine.java:777)
         at oracle.adfinternal.controller.engine.ControlFlowEngine.routeFromActivity(ControlFlowEngine.java:551)
         at oracle.adfinternal.controller.engine.ControlFlowEngine.performControlFlow(ControlFlowEngine.java:147)
         at oracle.adfinternal.controller.application.NavigationHandlerImpl.handleAdfcNavigation(NavigationHandlerImpl.java:109)
         at oracle.adfinternal.controller.application.NavigationHandlerImpl.handleNavigation(NavigationHandlerImpl.java:78)
         at com.sun.faces.application.ActionListenerImpl.processAction(ActionListenerImpl.java:130)
         at org.apache.myfaces.trinidad.component.UIXCommand.broadcast(UIXCommand.java:190)
         at oracle.adf.view.rich.component.fragment.UIXRegion.broadcast(UIXRegion.java:148)
         at oracle.adf.view.rich.component.fragment.ContextSwitchingComponent$1.run(ContextSwitchingComponent.java:90)
         at oracle.adf.view.rich.component.fragment.ContextSwitchingComponent._processPhase(ContextSwitchingComponent.java:309)
         at oracle.adf.view.rich.component.fragment.ContextSwitchingComponent.broadcast(ContextSwitchingComponent.java:94)
         at oracle.adf.view.rich.component.fragment.UIXInclude.broadcast(UIXInclude.java:97)
         at oracle.adf.view.rich.component.fragment.ContextSwitchingComponent$1.run(ContextSwitchingComponent.java:90)
         at oracle.adf.view.rich.component.fragment.ContextSwitchingComponent._processPhase(ContextSwitchingComponent.java:309)
         at oracle.adf.view.rich.component.fragment.ContextSwitchingComponent.broadcast(ContextSwitchingComponent.java:94)
         at oracle.adf.view.rich.component.fragment.UIXInclude.broadcast(UIXInclude.java:91)
         at oracle.adfinternal.view.faces.lifecycle.LifecycleImpl.broadcastEvents(LifecycleImpl.java:812)
         at oracle.adfinternal.view.faces.lifecycle.LifecycleImpl._executePhase(LifecycleImpl.java:292)
         at oracle.adfinternal.view.faces.lifecycle.LifecycleImpl.execute(LifecycleImpl.java:177)
         at javax.faces.webapp.FacesServlet.service(FacesServlet.java:265)
         at weblogic.servlet.internal.StubSecurityHelper$ServletServiceAction.run(StubSecurityHelper.java:227)
         at weblogic.servlet.internal.StubSecurityHelper.invokeServlet(StubSecurityHelper.java:125)
         at weblogic.servlet.internal.ServletStubImpl.execute(ServletStubImpl.java:300)
         at weblogic.servlet.internal.TailFilter.doFilter(TailFilter.java:26)
         at weblogic.servlet.internal.FilterChainImpl.doFilter(FilterChainImpl.java:56)
         at oracle.adf.model.servlet.ADFBindingFilter.doFilter(ADFBindingFilter.java:191)
         at weblogic.servlet.internal.FilterChainImpl.doFilter(FilterChainImpl.java:56)
         at oracle.adfinternal.view.faces.webapp.rich.RegistrationFilter.doFilter(RegistrationFilter.java:97)
         at org.apache.myfaces.trinidadinternal.webapp.TrinidadFilterImpl$FilterListChain.doFilter(TrinidadFilterImpl.java:420)
         at oracle.adfinternal.view.faces.activedata.AdsFilter.doFilter(AdsFilter.java:60)
         at org.apache.myfaces.trinidadinternal.webapp.TrinidadFilterImpl$FilterListChain.doFilter(TrinidadFilterImpl.java:420)
         at org.apache.myfaces.trinidadinternal.webapp.TrinidadFilterImpl._doFilterImpl(TrinidadFilterImpl.java:247)
         at org.apache.myfaces.trinidadinternal.webapp.TrinidadFilterImpl.doFilter(TrinidadFilterImpl.java:157)
         at org.apache.myfaces.trinidad.webapp.TrinidadFilter.doFilter(TrinidadFilter.java:92)
         at weblogic.servlet.internal.FilterChainImpl.doFilter(FilterChainImpl.java:56)
         at oracle.security.jps.ee.http.JpsAbsFilter$1.run(JpsAbsFilter.java:94)
         at java.security.AccessController.doPrivileged(Native Method)
         at oracle.security.jps.util.JpsSubject.doAsPrivileged(JpsSubject.java:313)
         at oracle.security.jps.ee.util.JpsPlatformUtil.runJaasMode(JpsPlatformUtil.java:414)
         at oracle.security.jps.ee.http.JpsAbsFilter.doFilter(JpsAbsFilter.java:138)
         at oracle.security.jps.ee.http.JpsFilter.doFilter(JpsFilter.java:71)
         at weblogic.servlet.internal.FilterChainImpl.doFilter(FilterChainImpl.java:56)
         at oracle.adf.library.webapp.LibraryFilter.doFilter(LibraryFilter.java:159)
         at weblogic.servlet.internal.FilterChainImpl.doFilter(FilterChainImpl.java:56)
         at oracle.dms.wls.DMSServletFilter.doFilter(DMSServletFilter.java:330)
         at weblogic.servlet.internal.FilterChainImpl.doFilter(FilterChainImpl.java:56)
         at weblogic.servlet.internal.RequestEventsFilter.doFilter(RequestEventsFilter.java:27)
         at weblogic.servlet.internal.FilterChainImpl.doFilter(FilterChainImpl.java:56)
         at weblogic.servlet.internal.WebAppServletContext$ServletInvocationAction.doIt(WebAppServletContext.java:3684)
         at weblogic.servlet.internal.WebAppServletContext$ServletInvocationAction.run(WebAppServletContext.java:3650)
         at weblogic.security.acl.internal.AuthenticatedSubject.doAs(AuthenticatedSubject.java:321)
         at weblogic.security.service.SecurityManager.runAs(SecurityManager.java:121)
         at weblogic.servlet.internal.WebAppServletContext.securedExecute(WebAppServletContext.java:2268)
         at weblogic.servlet.internal.WebAppServletContext.execute(WebAppServletContext.java:2174)
         at weblogic.servlet.internal.ServletRequestImpl.run(ServletRequestImpl.java:1446)
         at weblogic.work.ExecuteThread.execute(ExecuteThread.java:201)
         at weblogic.work.ExecuteThread.run(ExecuteThread.java:173)
    Caused by: java.lang.SecurityException: [Security:090398]Invalid Subject: principals=[jdoe11, EFormDefault]
         at weblogic.security.service.SecurityServiceManager.seal(SecurityServiceManager.java:835)
         at weblogic.security.service.IdentityUtility.authenticatedSubjectToIdentity(IdentityUtility.java:30)
         at weblogic.security.service.RoleManager.getRoles(RoleManager.java:183)
         at weblogic.security.service.AuthorizationManager.isAccessAllowed(AuthorizationManager.java:375)
         at weblogic.rmi.provider.WorkContextAccessController.checkAccess(WorkContextAccessController.java:62)
         at weblogic.workarea.spi.WorkContextAccessController.isAccessAllowed(WorkContextAccessController.java:38)
         at weblogic.workarea.WorkContextLocalMap$WorkContextKeys.next(WorkContextLocalMap.java:356)
         at weblogic.wsee.jaxws.workcontext.WorkContextTube.hasContext(WorkContextTube.java:67)
         at weblogic.wsee.jaxws.workcontext.WorkContextClientTube.processRequest(WorkContextClientTube.java:38)
         at com.sun.xml.ws.api.pipe.Fiber.__doRun(Fiber.java:604)
         at com.sun.xml.ws.api.pipe.Fiber._doRun(Fiber.java:563)
         at com.sun.xml.ws.api.pipe.Fiber.doRun(Fiber.java:548)
         at com.sun.xml.ws.api.pipe.Fiber.runSync(Fiber.java:445)
         at com.sun.xml.ws.client.Stub.process(Stub.java:259)
         at com.sun.xml.ws.client.sei.SEIStub.doProcess(SEIStub.java:152)
         at com.sun.xml.ws.client.sei.SyncMethodHandler.invoke(SyncMethodHandler.java:115)
         at com.sun.xml.ws.client.sei.SyncMethodHandler.invoke(SyncMethodHandler.java:95)
         at com.sun.xml.ws.client.sei.SEIStub.invoke(SEIStub.java:135)
         at $Proxy157.retrieveForm(Unknown Source)
         at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
         at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
         at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
         at java.lang.reflect.Method.invoke(Method.java:597)
         at weblogic.wsee.jaxws.spi.ClientInstance$ClientInstanceInvocationHandler.invoke(ClientInstance.java:363)
         at $Proxy158.retrieveForm(Unknown Source)
         at gov.atf.eforms.FormBase.retrieveForm(FormBase.java:206)
         at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
         at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
         at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
         at java.lang.reflect.Method.invoke(Method.java:597)
         at com.sun.el.parser.AstValue.invoke(AstValue.java:157)
         ... 62 more
    Edited by: HKG on Feb 25, 2011 8:01 AM

    Hi,
    difficult to say. From the error message it seems that there is something happening with the authenticated JAAS user. Does the problem reproduce in other applications (e.g. a test case ?)
    Frank

  • Security Problem when call EJB in servlet:[Security:090398]Invalid Subject

    Hi guys,
    I have several years experience with Java and EJB developing,but still I cann't explain this problem although I already knew the fix...
    Please,can anyone help me to explain why? Thanks very much!
    Ok,the problem is when I call a remote EJB in one method ,that is everything about EJB is in one method,then everything is ok.But when I just return the
    *remote service object from an helper class's static method, and call the service in servlet ,then I get java.lang.SecurityException: [Security:090398]Invalid Subject: principals=[sundan076],which sundan076 is username login into the web application.*
    The right way, call method directCall(param) ; The wrong way, call  method staticToolCall(final Map param) .
    public class EJBServletClient extends HttpServlet
         protected void doGet(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException
              this.doPost(request, response);
         protected void doPost(HttpServletRequest request, HttpServletResponse response) throws ServletException,
                   IOException
              try
                   Map<String, String> param = new HashMap<String, String>();
                   param.put("CTS_CUSTOMER_ID", request.getParameter("CTS_CUSTOMER_ID"));
                   param.put("CTS_TASK_ID", request.getParameter("CTS_TASK_ID"));
                   param.put("SERIALNO", request.getParameter("SERIALNO"));
                   param.put("CUSTOMER_SERVICE_UM", request.getParameter("CUSTOMER_SERVICE_UM"));
                   Map result = this.directCall(param);
                   System.out.println(result);
              } catch (Exception e)
                   e.printStackTrace();
                   throw new ServletException(e);
         private Map directCall(Map param) throws Exception
              Context context = null;
              try
                   Properties p = new Properties();
                   p.put(Context.PROVIDER_URL, "t3://10.25.32.13:31256");
                   p.put(Context.INITIAL_CONTEXT_FACTORY, "weblogic.jndi.WLInitialContextFactory");
                   p.put(Context.SECURITY_PRINCIPAL, "username");
                   p.put(Context.SECURITY_CREDENTIALS, "password");
                   context = new InitialContext(p);
                   BizApplyServiceHome home = (BizApplyServiceHome) PortableRemoteObject.narrow(
                             context.lookup("ejb/rcs-css/BizApplyService"), BizApplyServiceHome.class);
                   BizApplyService bizApplyService = home.create();
                   return bizApplyService.modifyApplyCustomerInfo(param);
              } finally
                   if (context != null)
                        context.close();
         private Map staticToolCall(final Map param) throws Exception
              BizApplyService bizApplyService = EJBTool.getBizApplyService();
              return bizApplyService.modifyApplyCustomerInfo(param);
    public class EJBTool
         public static BizApplyService getBizApplyService() throws Exception
              Context context = null;
              try
                   Properties p = new Properties();
                   p.put(Context.PROVIDER_URL, "t3://10.25.32.13:31256");
                   p.put(Context.INITIAL_CONTEXT_FACTORY, "weblogic.jndi.WLInitialContextFactory");
                   p.put(Context.SECURITY_PRINCIPAL, "username");
                   p.put(Context.SECURITY_CREDENTIALS, "password");
                   context = new InitialContext(p);
                   BizApplyServiceHome home = (BizApplyServiceHome) PortableRemoteObject.narrow(
                             context.lookup("ejb/rcs-css/BizApplyService"), BizApplyServiceHome.class);
                   return home.create();
              } finally
                   if (context != null)
                        context.close();
    java.lang.SecurityException: [Security:090398]Invalid Subject: principals=[sundan076]
         at weblogic.rjvm.ResponseImpl.unmarshalReturn(ResponseImpl.java:234)
         at weblogic.rmi.cluster.ClusterableRemoteRef.invoke(ClusterableRemoteRef.java:348)
         at weblogic.rmi.cluster.ClusterableRemoteRef.invoke(ClusterableRemoteRef.java:259)
         at com.pingan.rcs.css.biz.service.remote.ejb.bizApplyService_u7jjbk_EOImpl_1032_WLStub.modifyApplyCustomerInfo(Unknown Source)
         at com.pingan.pafax.web.EJBServletClient.staticToolCall(EJBServletClient.java:80)
         at com.pingan.pafax.web.EJBServletClient.doPost(EJBServletClient.java:43)
         at javax.servlet.http.HttpServlet.service(HttpServlet.java:727)
         at javax.servlet.http.HttpServlet.service(HttpServlet.java:820)
         at weblogic.servlet.internal.StubSecurityHelper$ServletServiceAction.run(StubSecurityHelper.java:227)
         at weblogic.servlet.internal.StubSecurityHelper.invokeServlet(StubSecurityHelper.java:125)
         at weblogic.servlet.internal.ServletStubImpl.execute(ServletStubImpl.java:292)
         at weblogic.servlet.internal.ServletStubImpl.execute(ServletStubImpl.java:175)
         at weblogic.servlet.internal.WebAppServletContext$ServletInvocationAction.run(WebAppServletContext.java:3594)
         at weblogic.security.acl.internal.AuthenticatedSubject.doAs(AuthenticatedSubject.java:321)
         at weblogic.security.service.SecurityManager.runAs(SecurityManager.java:121)
         at weblogic.servlet.internal.WebAppServletContext.securedExecute(WebAppServletContext.java:2202)
         at weblogic.servlet.internal.WebAppServletContext.execute(WebAppServletContext.java:2108)
         at weblogic.servlet.internal.ServletRequestImpl.run(ServletRequestImpl.java:1432)
         at weblogic.work.ExecuteThread.execute(ExecuteThread.java:201)
         at weblogic.work.ExecuteThread.run(ExecuteThread.java:173)
    Caused by: java.lang.SecurityException: [Security:090398]Invalid Subject: principals=[sundan076]
         at weblogic.security.service.SecurityServiceManager.seal(SecurityServiceManager.java:835)
         at weblogic.security.service.SecurityServiceManager.getSealedSubjectFromWire(SecurityServiceManager.java:524)
         at weblogic.rjvm.MsgAbbrevInputStream.getSubject(MsgAbbrevInputStream.java:315)
         at weblogic.rmi.internal.BasicServerRef.acceptRequest(BasicServerRef.java:875)
         at weblogic.rmi.internal.BasicServerRef.dispatch(BasicServerRef.java:310)
         at weblogic.rmi.cluster.ClusterableServerRef.dispatch(ClusterableServerRef.java:242)
         at weblogic.rjvm.RJVMImpl.dispatchRequest(RJVMImpl.java:1138)
         at weblogic.rjvm.RJVMImpl.dispatch(RJVMImpl.java:1020)
         at weblogic.rjvm.ConnectionManagerServer.handleRJVM(ConnectionManagerServer.java:240)
         at weblogic.rjvm.ConnectionManager.dispatch(ConnectionManager.java:882)
         at weblogic.rjvm.MsgAbbrevJVMConnection.dispatch(MsgAbbrevJVMConnection.java:453)
         at weblogic.rjvm.t3.MuxableSocketT3.dispatch(MuxableSocketT3.java:322)
         at weblogic.socket.BaseAbstractMuxableSocket.dispatch(BaseAbstractMuxableSocket.java:298)
         at weblogic.socket.SocketMuxer.readReadySocketOnce(SocketMuxer.java:915)
         at weblogic.socket.SocketMuxer.readReadySocket(SocketMuxer.java:854)
         at weblogic.socket.EPollSocketMuxer.dataReceived(EPollSocketMuxer.java:215)
         at weblogic.socket.EPollSocketMuxer.processSockets(EPollSocketMuxer.java:177)
         at weblogic.socket.SocketReaderRequest.run(SocketReaderRequest.java:29)
         at weblogic.socket.SocketReaderRequest.execute(SocketReaderRequest.java:42)
         at weblogic.kernel.ExecuteThread.execute(ExecuteThread.java:145)
         at weblogic.kernel.ExecuteThread.run(ExecuteThread.java:117)
    Edited by: 993478 on 2013-3-12 下午8:40

    I tried your way,it works! Still ,does anyone know why staticToolCall() raised exception?
    By the way,here is the code as you suggested:
    public class EJBServletClient extends HttpServlet
         protected void doPost(HttpServletRequest request, HttpServletResponse response) throws ServletException,
                   IOException
              Context context = null;
              try
                   Map<String, String> param = new HashMap<String, String>();
                   param.put("CTS_CUSTOMER_ID", request.getParameter("CTS_CUSTOMER_ID"));
                   param.put("CTS_TASK_ID", request.getParameter("CTS_TASK_ID"));
                   param.put("SERIALNO", request.getParameter("SERIALNO"));
                   param.put("CUSTOMER_SERVICE_UM", request.getParameter("CUSTOMER_SERVICE_UM"));
                   //Map result = this.staticToolCall(param);
                   Properties p = new Properties();
                   p.put(Context.PROVIDER_URL, "t3://10.25.32.13:31256");
                   p.put(Context.INITIAL_CONTEXT_FACTORY, "weblogic.jndi.WLInitialContextFactory");
                   p.put(Context.SECURITY_PRINCIPAL, "username");
                   p.put(Context.SECURITY_CREDENTIALS, "password");
                   context = new InitialContext(p);
                   Map result=EJBTool.modifyApplyCustomerInfo(context, param);
                   System.out.println(result);
              } catch (Exception e)
                   e.printStackTrace();
                   throw new ServletException(e);
              }finally
                   if (context != null)
                        try{context.close();} catch (NamingException e){e.printStackTrace();}
    public class EJBTool
         public static Map modifyApplyCustomerInfo(Context context, Map param) throws Exception
              BizApplyServiceHome home = (BizApplyServiceHome) PortableRemoteObject.narrow(
                        context.lookup("ejb/rcs-css/BizApplyService"), BizApplyServiceHome.class);
              BizApplyService bizApplyService = home.create();
              Map result = bizApplyService.modifyApplyCustomerInfo(param);
              return result;
    }

  • [Security:090398] Invalid Subject error in clustered deployment

    Hi,
              I have a simple Java client that calls an EJB which works fine when the EJB is deployed on a non-clustered server, but it fails intermittently with a [Security:090398]Invalid Subject: ... error when the EJB is deployed on a clustered server. Looking at the log files, it seems that one of the two servers in the cluster is throwing the exception consistently. I believe the servers are in the same domain, but since I've migrated the WL 6.1 config.xml file to 8.1 perhaps there is something I missed.
              Also, I noticed that the two servers in the cluster are able to see each other. The messages about the other node joining the cluster are in both logs.
              Here's the exception on the client side:
              java.lang.SecurityException: [Security:090398]Invalid Subject: principals=[system]
                   at weblogic.rjvm.BasicOutboundRequest.sendReceive(BasicOutboundRequest.java:108)
                   at weblogic.rmi.cluster.ReplicaAwareRemoteRef.invoke(ReplicaAwareRemoteRef.java:284)
                   at weblogic.rmi.cluster.ReplicaAwareRemoteRef.invoke(ReplicaAwareRemoteRef.java:244)
                   at com.kiodex.ejb.security.PrincipalOpsBean_21hnly_HomeImpl_813_WLStub.create(Unknown Source)
                   at com.kiodex.wlclient.WeblogicClusterClient.main(WeblogicClusterClient.java:41)
                   at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
                   at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
                   at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
                   at java.lang.reflect.Method.invoke(Method.java:324)
                   at com.intellij.rt.execution.application.AppMain.main(AppMain.java:78)
              Caused by: java.lang.SecurityException: [Security:090398]Invalid Subject: principals=[system]
                   at weblogic.security.service.SecurityServiceManager.seal(SecurityServiceManager.java:680)
                   at weblogic.rjvm.MsgAbbrevInputStream.getSubject(MsgAbbrevInputStream.java:187)
                   at weblogic.rmi.internal.BasicServerRef.acceptRequest(BasicServerRef.java:827)
                   at weblogic.rmi.internal.BasicServerRef.dispatch(BasicServerRef.java:300)
                   at weblogic.rjvm.RJVMImpl.dispatchRequest(RJVMImpl.java:996)
                   at weblogic.rjvm.RJVMImpl.dispatch(RJVMImpl.java:917)
                   at weblogic.rjvm.ConnectionManagerServer.handleRJVM(ConnectionManagerServer.java:225)
                   at weblogic.rjvm.ConnectionManager.dispatch(ConnectionManager.java:794)
                   at weblogic.rjvm.t3.T3JVMConnection.dispatch(T3JVMConnection.java:742)
                   at weblogic.socket.SocketMuxer.readReadySocketOnce(SocketMuxer.java:682)
                   at weblogic.socket.SocketMuxer.readReadySocket(SocketMuxer.java:628)
                   at weblogic.socket.PosixSocketMuxer.processSockets(PosixSocketMuxer.java:123)
                   at weblogic.socket.SocketReaderRequest.execute(SocketReaderRequest.java:32)
                   at weblogic.kernel.ExecuteThread.execute(ExecuteThread.java:219)
                   at weblogic.kernel.ExecuteThread.run(ExecuteThread.java:178)
              Here is the server-side exception:
              ####<Sep 17, 2004 4:44:17 PM EDT> <Warning> <RMI> <titanic> <titanic> <ExecuteThread: '0' for queue: 'weblogic.socket.Muxer'> <<WLS Kernel>> <> <BEA-080003> <RuntimeException thrown by rmi server:
              weblogic.rmi.cluster.ClusterableServerRef@12e - hostID: '2921525709399114632S:10.0.14.10:[23770,23770,-1,-1,-1,-1,-1,0,0]:hindenburg.nis.kiodex.com:23770,titanic.nis.kiodex.com:23770:RiskWorkbenc
              h:titanic', oid: '302', implementation: 'com.kiodex.ejb.security.PrincipalOpsBean_21hnly_HomeImpl@120a9d6'
              java.lang.SecurityException: [Security:090398]Invalid Subject: principals=[system].
              java.lang.SecurityException: [Security:090398]Invalid Subject: principals=[system]
              at weblogic.security.service.SecurityServiceManager.seal(SecurityServiceManager.java:680)
              at weblogic.rjvm.MsgAbbrevInputStream.getSubject(MsgAbbrevInputStream.java:187)
              at weblogic.rmi.internal.BasicServerRef.acceptRequest(BasicServerRef.java:827)
              at weblogic.rmi.internal.BasicServerRef.dispatch(BasicServerRef.java:300)
              at weblogic.rjvm.RJVMImpl.dispatchRequest(RJVMImpl.java:996)
              at weblogic.rjvm.RJVMImpl.dispatch(RJVMImpl.java:917)
              at weblogic.rjvm.ConnectionManagerServer.handleRJVM(ConnectionManagerServer.java:225)
              at weblogic.rjvm.ConnectionManager.dispatch(ConnectionManager.java:794)
              at weblogic.rjvm.t3.T3JVMConnection.dispatch(T3JVMConnection.java:742)
              at weblogic.socket.SocketMuxer.readReadySocketOnce(SocketMuxer.java:682)
              at weblogic.socket.SocketMuxer.readReadySocket(SocketMuxer.java:628)
              at weblogic.socket.PosixSocketMuxer.processSockets(PosixSocketMuxer.java:123)
              at weblogic.socket.SocketReaderRequest.execute(SocketReaderRequest.java:32)
              at weblogic.kernel.ExecuteThread.execute(ExecuteThread.java:219)
              at weblogic.kernel.ExecuteThread.run(ExecuteThread.java:178)
              Any ideas?

    Hi Joshua,
              Make sure that
              a) Servers in the cluster are in the same domain;
              b) Server in the cluster are named differently.
              Also, check this:
              http://www.viewtier.com/newsgroups/thread.jspa?threadID=4&tstart=0
              http://support.bea.com/support_news/product_troubleshooting/Investigating_Domain_Trust_Issues_Pattern.html
              Regards,
              Slava Imeshev
              "Joshua Davis" <[email protected]> wrote in message news:32871939.1095455911574.JavaMail.root@jserv5...
              > Hi,
              >
              > I have a simple Java client that calls an EJB which works fine when the EJB is deployed on a non-clustered server, but it fails
              intermittently with a [Security:090398]Invalid Subject: ... error when the EJB is deployed on a clustered server. Looking at the
              log files, it seems that one of the two servers in the cluster is throwing the exception consistently. I believe the servers are
              in the same domain, but since I've migrated the WL 6.1 config.xml file to 8.1 perhaps there is something I missed.
              >
              > Also, I noticed that the two servers in the cluster are able to see each other. The messages about the other node joining the
              cluster are in both logs.
              >
              > Here's the exception on the client side:
              > java.lang.SecurityException: [Security:090398]Invalid Subject: principals=[system]
              > at weblogic.rjvm.BasicOutboundRequest.sendReceive(BasicOutboundRequest.java:108)
              > at weblogic.rmi.cluster.ReplicaAwareRemoteRef.invoke(ReplicaAwareRemoteRef.java:284)
              > at weblogic.rmi.cluster.ReplicaAwareRemoteRef.invoke(ReplicaAwareRemoteRef.java:244)
              > at com.kiodex.ejb.security.PrincipalOpsBean_21hnly_HomeImpl_813_WLStub.create(Unknown Source)
              > at com.kiodex.wlclient.WeblogicClusterClient.main(WeblogicClusterClient.java:41)
              > at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
              > at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
              > at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
              > at java.lang.reflect.Method.invoke(Method.java:324)
              > at com.intellij.rt.execution.application.AppMain.main(AppMain.java:78)
              > Caused by: java.lang.SecurityException: [Security:090398]Invalid Subject: principals=[system]
              > at weblogic.security.service.SecurityServiceManager.seal(SecurityServiceManager.java:680)
              > at weblogic.rjvm.MsgAbbrevInputStream.getSubject(MsgAbbrevInputStream.java:187)
              > at weblogic.rmi.internal.BasicServerRef.acceptRequest(BasicServerRef.java:827)
              > at weblogic.rmi.internal.BasicServerRef.dispatch(BasicServerRef.java:300)
              > at weblogic.rjvm.RJVMImpl.dispatchRequest(RJVMImpl.java:996)
              > at weblogic.rjvm.RJVMImpl.dispatch(RJVMImpl.java:917)
              > at weblogic.rjvm.ConnectionManagerServer.handleRJVM(ConnectionManagerServer.java:225)
              > at weblogic.rjvm.ConnectionManager.dispatch(ConnectionManager.java:794)
              > at weblogic.rjvm.t3.T3JVMConnection.dispatch(T3JVMConnection.java:742)
              > at weblogic.socket.SocketMuxer.readReadySocketOnce(SocketMuxer.java:682)
              > at weblogic.socket.SocketMuxer.readReadySocket(SocketMuxer.java:628)
              > at weblogic.socket.PosixSocketMuxer.processSockets(PosixSocketMuxer.java:123)
              > at weblogic.socket.SocketReaderRequest.execute(SocketReaderRequest.java:32)
              > at weblogic.kernel.ExecuteThread.execute(ExecuteThread.java:219)
              > at weblogic.kernel.ExecuteThread.run(ExecuteThread.java:178)
              >
              > Here is the server-side exception:
              >
              > ####<Sep 17, 2004 4:44:17 PM EDT> <Warning> <RMI> <titanic> <titanic> <ExecuteThread: '0' for queue: 'weblogic.socket.Muxer'>
              <<WLS Kernel>> <> <BEA-080003> <RuntimeException thrown by rmi server:
              > weblogic.rmi.cluster.ClusterableServerRef@12e - hostID:
              '2921525709399114632S:10.0.14.10:[23770,23770,-1,-1,-1,-1,-1,0,0]:hindenburg.nis.kiodex.com:23770,titanic.nis.kiodex.com:23770:RiskW
              orkbenc
              > h:titanic', oid: '302', implementation: 'com.kiodex.ejb.security.PrincipalOpsBean_21hnly_HomeImpl@120a9d6'
              > java.lang.SecurityException: [Security:090398]Invalid Subject: principals=[system].
              > java.lang.SecurityException: [Security:090398]Invalid Subject: principals=[system]
              > at weblogic.security.service.SecurityServiceManager.seal(SecurityServiceManager.java:680)
              > at weblogic.rjvm.MsgAbbrevInputStream.getSubject(MsgAbbrevInputStream.java:187)
              > at weblogic.rmi.internal.BasicServerRef.acceptRequest(BasicServerRef.java:827)
              > at weblogic.rmi.internal.BasicServerRef.dispatch(BasicServerRef.java:300)
              > at weblogic.rjvm.RJVMImpl.dispatchRequest(RJVMImpl.java:996)
              > at weblogic.rjvm.RJVMImpl.dispatch(RJVMImpl.java:917)
              > at weblogic.rjvm.ConnectionManagerServer.handleRJVM(ConnectionManagerServer.java:225)
              > at weblogic.rjvm.ConnectionManager.dispatch(ConnectionManager.java:794)
              > at weblogic.rjvm.t3.T3JVMConnection.dispatch(T3JVMConnection.java:742)
              > at weblogic.socket.SocketMuxer.readReadySocketOnce(SocketMuxer.java:682)
              > at weblogic.socket.SocketMuxer.readReadySocket(SocketMuxer.java:628)
              > at weblogic.socket.PosixSocketMuxer.processSockets(PosixSocketMuxer.java:123)
              > at weblogic.socket.SocketReaderRequest.execute(SocketReaderRequest.java:32)
              > at weblogic.kernel.ExecuteThread.execute(ExecuteThread.java:219)
              > at weblogic.kernel.ExecuteThread.run(ExecuteThread.java:178)
              >
              > Any ideas?
              

  • Security 090398 Invalid Subject and TOPLINK-4002 error.

    Hi,
    I am running a soa application with SOA 11g and keep getting below exceptions from soa weblogic admin console. I can still run the application but don't know how to clean the error. any suggestions how to fix the issue? Thanks in advance.
    Call: SQLCall(INSERT INTO COMPOSITE_INSTANCE_FAULT (ID, COMPOSITE_INSTANCE_ID, B
    R_CATEGORY, UNIQUE_ID, BINDING_TYPE, CPST_PARTITION_DATE) VALUES (?, ?, ?, ?, ?,
    Query: InsertObjectQuery(oracle.integration.platform.instance.CompositeInstanceF
    [TopLink Warning]: 2011.07.26 16:17:05.729--ClientSession(99855179)--Exception [
    Internal Exception: java.sql.SQLException: java.lang.SecurityException: [Securit
    Error Code: 0
    ####<Jul 26, 2011 3:38:07 PM EDT> <Error> <oracle.integration.platform.instance> <DRSSBRA2913> <AdminServer> <weblogic.work.j2ee.J2EEWorkManager$WorkWithListener@3ac9b3c> <Tksmau5l3NSXhDfOeb7L7ubmyW6lsKrbQVo8ckt0> <> <e893b723eb6fbe4f:-3bb14c3b:13157b3753d:-8000-000000000001b6fa> <1311709087384> <BEA-000000> <oracle.integration.platform.instance.store.DOStore$RetryableException: Exception [TOPLINK-4002] (Oracle TopLink - 11g Release 1 (11.1.1.4.0) (Build 101210)): oracle.toplink.exceptions.DatabaseException
    Internal Exception: java.sql.SQLException: java.lang.SecurityException: [Security:090398]Invalid Subject: principals=[Tksmau5l3NSXhDfOeb7L7ubmyW6lsKrbQVo8ckt0]
    Error Code: 0
         at oracle.integration.platform.instance.store.DOStore.put(DOStore.java:179)
         at oracle.integration.platform.instance.error.DOObjectExceptionHandler.recover(DOObjectExceptionHandler.java:41)
         at oracle.integration.platform.instance.error.FileBackedExceptionHandler.recoverObjects(FileBackedExceptionHandler.java:309)
         at oracle.integration.platform.instance.error.FileBackedExceptionHandler.recover(FileBackedExceptionHandler.java:301)
         at oracle.integration.platform.instance.error.FileBackedExceptionHandler.run(FileBackedExceptionHandler.java:355)
         at oracle.integration.platform.blocks.executor.WorkManagerExecutor$1.run(WorkManagerExecutor.java:120)
         at weblogic.work.j2ee.J2EEWorkManager$WorkWithListener.run(J2EEWorkManager.java:183)
         at weblogic.work.DaemonWorkThread.run(DaemonWorkThread.java:30)
    Caused by: Exception [TOPLINK-4002] (Oracle TopLink - 11g Release 1 (11.1.1.4.0) (Build 101210)): oracle.toplink.exceptions.DatabaseException
    Internal Exception: java.sql.SQLException: java.lang.SecurityException: [Security:090398]Invalid Subject: principals=[Tksmau5l3NSXhDfOeb7L7ubmyW6lsKrbQVo8ckt0]
    Error Code: 0
         at oracle.toplink.exceptions.DatabaseException.sqlException(DatabaseException.java:282)
         at oracle.toplink.jndi.JNDIConnector.connect(JNDIConnector.java:128)
         at oracle.toplink.jndi.JNDIConnector.connect(JNDIConnector.java:84)
         at oracle.toplink.sessions.DatasourceLogin.connectToDatasource(DatasourceLogin.java:153)
         at oracle.toplink.internal.databaseaccess.DatasourceAccessor.connectInternal(DatasourceAccessor.java:273)
         at oracle.toplink.internal.databaseaccess.DatabaseAccessor.connectInternal(DatabaseAccessor.java:231)
         at oracle.toplink.internal.databaseaccess.DatasourceAccessor.reconnect(DatasourceAccessor.java:478)
         at oracle.toplink.internal.databaseaccess.DatabaseAccessor.reconnect(DatabaseAccessor.java:1347)
         at oracle.toplink.internal.databaseaccess.DatasourceAccessor.incrementCallCount(DatasourceAccessor.java:251)
         at oracle.toplink.internal.databaseaccess.DatasourceAccessor.rollbackTransaction(DatasourceAccessor.java:580)
         at oracle.toplink.internal.databaseaccess.DatabaseAccessor.rollbackTransaction(DatabaseAccessor.java:1406)
         at oracle.toplink.internal.sessions.AbstractSession.basicRollbackTransaction(AbstractSession.java:369)
         at oracle.toplink.threetier.ClientSession.basicRollbackTransaction(ClientSession.java:135)
         at oracle.toplink.internal.sessions.AbstractSession.rollbackTransaction(AbstractSession.java:3003)
         at oracle.toplink.internal.sessions.UnitOfWorkImpl.rollbackTransaction(UnitOfWorkImpl.java:4486)
         at oracle.toplink.internal.sessions.UnitOfWorkImpl.rollbackTransaction(UnitOfWorkImpl.java:4507)
         at oracle.toplink.internal.sessions.UnitOfWorkImpl.commitToDatabase(UnitOfWorkImpl.java:1384)
         at oracle.toplink.internal.sessions.UnitOfWorkImpl.commitToDatabaseWithChangeSet(UnitOfWorkImpl.java:1427)
         at oracle.toplink.internal.sessions.UnitOfWorkImpl.commitRootUnitOfWork(UnitOfWorkImpl.java:1173)
         at oracle.toplink.internal.sessions.UnitOfWorkImpl.commit(UnitOfWorkImpl.java:945)
         at oracle.integration.platform.instance.store.DOStore.put(DOStore.java:176)
         at oracle.integration.platform.instance.error.DOObjectExceptionHandler.recover(DOObjectExceptionHandler.java:40)
         at oracle.integration.platform.instance.error.FileBackedExceptionHandler.recoverObjects(FileBackedExceptionHandler.java:308)
         ... 5 more
    Caused by: java.sql.SQLException: java.lang.SecurityException: [Security:090398]Invalid Subject: principals=[Tksmau5l3NSXhDfOeb7L7ubmyW6lsKrbQVo8ckt0]
         at weblogic.jdbc.common.internal.JDBCUtil.wrapAndThrowResourceException(JDBCUtil.java:259)
         at weblogic.jdbc.common.internal.RmiDataSource.getPoolConnection(RmiDataSource.java:352)
         at weblogic.jdbc.common.internal.RmiDataSource.getConnection(RmiDataSource.java:369)
         at oracle.toplink.jndi.JNDIConnector.connect(JNDIConnector.java:123)
         ... 26 more
    Caused by: java.lang.SecurityException: [Security:090398]Invalid Subject: principals=[Tksmau5l3NSXhDfOeb7L7ubmyW6lsKrbQVo8ckt0]
         at weblogic.security.service.SecurityServiceManager.seal(SecurityServiceManager.java:833)
         at weblogic.security.service.IdentityUtility.authenticatedSubjectToIdentity(IdentityUtility.java:30)
         at weblogic.security.service.RoleManager.getRoles(RoleManager.java:183)
         at weblogic.security.service.AuthorizationManager.isAccessAllowed(AuthorizationManager.java:375)
         at weblogic.jdbc.common.internal.JDBCUtil.checkPermission(JDBCUtil.java:231)
         at weblogic.jdbc.common.internal.ConnectionPool.doAuthorizationCheck(ConnectionPool.java:443)
         at weblogic.jdbc.common.internal.ConnectionPool.reserve(ConnectionPool.java:344)
         at weblogic.jdbc.common.internal.ConnectionPool.reserve(ConnectionPool.java:324)
         at weblogic.jdbc.common.internal.ConnectionPoolManager.reserve(ConnectionPoolManager.java:94)
         at weblogic.jdbc.common.internal.RmiDataSource.getPoolConnection(RmiDataSource.java:350)
         at weblogic.jdbc.common.internal.RmiDataSource.getConnection(RmiDataSource.java:369)
         at oracle.toplink.jndi.JNDIConnector.connect(JNDIConnector.java:123)
         at oracle.toplink.jndi.JNDIConnector.connect(JNDIConnector.java:84)
         at oracle.toplink.sessions.DatasourceLogin.connectToDatasource(DatasourceLogin.java:153)
         at oracle.toplink.internal.databaseaccess.DatasourceAccessor.connectInternal(DatasourceAccessor.java:273)
         at oracle.toplink.internal.databaseaccess.DatabaseAccessor.connectInternal(DatabaseAccessor.java:231)
         at oracle.toplink.internal.databaseaccess.DatasourceAccessor.reconnect(DatasourceAccessor.java:478)
         at oracle.toplink.internal.databaseaccess.DatabaseAccessor.reconnect(DatabaseAccessor.java:1348)
         at oracle.toplink.internal.databaseaccess.DatasourceAccessor.incrementCallCount(DatasourceAccessor.java:251)
         at oracle.toplink.internal.databaseaccess.DatasourceAccessor.rollbackTransaction(DatasourceAccessor.java:580)
         at oracle.toplink.internal.databaseaccess.DatabaseAccessor.rollbackTransaction(DatabaseAccessor.java:1407)
         at oracle.toplink.internal.sessions.AbstractSession.basicRollbackTransaction(AbstractSession.java:369)
         at oracle.toplink.threetier.ClientSession.basicRollbackTransaction(ClientSession.java:135)
         at oracle.toplink.internal.sessions.AbstractSession.rollbackTransaction(AbstractSession.java:3003)
         at oracle.toplink.internal.sessions.UnitOfWorkImpl.rollbackTransaction(UnitOfWorkImpl.java:4487)
         at oracle.toplink.internal.sessions.UnitOfWorkImpl.rollbackTransaction(UnitOfWorkImpl.java:4508)
         at oracle.toplink.internal.sessions.UnitOfWorkImpl.commitToDatabase(UnitOfWorkImpl.java:1385)
         at oracle.toplink.internal.sessions.UnitOfWorkImpl.commitToDatabaseWithChangeSet(UnitOfWorkImpl.java:1427)
         at oracle.toplink.internal.sessions.UnitOfWorkImpl.commitRootUnitOfWork(UnitOfWorkImpl.java:1173)
         at oracle.toplink.internal.sessions.UnitOfWorkImpl.commit(UnitOfWorkImpl.java:945)
         at oracle.integration.platform.instance.store.DOStore.put(DOStore.java:176)
         at oracle.integration.platform.instance.error.DOObjectExceptionHandler.recover(DOObjectExceptionHandler.java:41)
         at oracle.integration.platform.instance.error.FileBackedExceptionHandler.recoverObjects(FileBackedExceptionHandler.java:309)
         ... 5 more
    >
    Regards,
    Kelvin.

    I had the same issue, it got resolved after closing the Context in finally block

  • Java.lang.SecurityException: Security: Invalid Subject: principals

    I am getting the following exception intermittently:
    java.lang.SecurityException: Security: Invalid Subject: principals=[XXX, Administrators]
    What i am doing is, i have two weblogic servers both running Weblogic 10.0 and running on different domains, a war is deployed on one server (server A) which sends a message to queue on another server (Server B), now everything works but if i restart B then A throws the above Security Exception while looking up the queue on Server B?? Any ideas why, i haven't configured any security credentials.
    If i restart A after restarting B then everything works again but restarting all the servers each time one gets restarted is cumbersome,so does someone knows answer to the question above?
    Edited by: user4828945 on Feb 11, 2009 5:41 PM

    If you dont require authentication, then enable the global trust between the domains.
    When this feature is enabled, identity is passed between WebLogic Server domains over an RMI connection without requiring authentication in the second domain. When inter-domain trust is enabled, transactions can commit across domains. A trust relationship is established when the Domain Credential for one domain matches the Domain Credential for another domain.
    By default, the Domain Credential is randomly generated and therefore, no two domains will have the same Domain Credential. If you want two WebLogic Server domains to interoperate, you need to replace the generated credential with a credential you select, and set the same credential in each of the domains.
    Link :[http://e-docs.bea.com/wls/docs100/ConsoleHelp/taskhelp/security/EnableGlobalTrustBetweenDomains.html]

  • Java.lang.SecurityException: [Security:090391]Null User Identity

    Hello,
    I have deployed .ear file to the Weblogic9.2 server while doing "check .ear -->Start-->Servicing all request".Getting the following Error message:
    *java.lang.SecurityException: [Security:090391]Null User Identity
    *Errors were encountered while performing this operation.
    LOG:
    <Jun 10, 2009 11:12:50 AM IST> <Error> <Deployer> <BEA-149265> <Failure occured in the execution of deployment request with ID '1244612561983' for task '3'. E
    rror is: 'weblogic.management.DeploymentException: '
    weblogic.management.DeploymentException:
    at weblogic.application.internal.BaseDeployment.throwAppException(BaseDeployment.java:86)
    at weblogic.application.internal.BaseDeployment.activate(BaseDeployment.java:214)
    at weblogic.application.internal.DeploymentStateChecker.activate(DeploymentStateChecker.java:154)
    at weblogic.deploy.internal.targetserver.AppContainerInvoker.activate(AppContainerInvoker.java:80)
    at weblogic.deploy.internal.targetserver.operations.AbstractOperation.activate(AbstractOperation.java:566)
    Truncated. see log file for complete stacktrace
    java.lang.SecurityException: [Security:090391]Null User Identity
    at weblogic.security.service.SecurityManager.runAs(SecurityManager.java:118)
    at weblogic.application.internal.flow.BaseLifecycleFlow$BaseAction.invoke(BaseLifecycleFlow.java:95)
    at weblogic.application.internal.flow.BaseLifecycleFlow.postStart(BaseLifecycleFlow.java:62)
    at weblogic.application.internal.flow.TailLifecycleFlow.activate(TailLifecycleFlow.java:33)
    at weblogic.application.internal.BaseDeployment$2.next(BaseDeployment.java:635)
    Truncated. see log file for complete stacktrace
    >
    <Jun 10, 2009 11:12:50 AM IST> <Error> <Deployer> <BEA-149202> <Encountered an exception while attempting to commit the 7 task for the application 'pfmEAR'.>
    <Jun 10, 2009 11:12:50 AM IST> <Warning> <Deployer> <BEA-149004> <Failures were detected while initiating start task for application 'pfmEAR'.>
    <Jun 10, 2009 11:12:50 AM IST> <Warning> <Deployer> <BEA-149078> <Stack trace for message 149004
    weblogic.management.DeploymentException:
    at weblogic.application.internal.BaseDeployment.throwAppException(BaseDeployment.java:86)
    at weblogic.application.internal.BaseDeployment.activate(BaseDeployment.java:214)
    at weblogic.application.internal.DeploymentStateChecker.activate(DeploymentStateChecker.java:154)
    at weblogic.deploy.internal.targetserver.AppContainerInvoker.activate(AppContainerInvoker.java:80)
    at weblogic.deploy.internal.targetserver.operations.AbstractOperation.activate(AbstractOperation.java:566)
    Truncated. see log file for complete stacktrace
    java.lang.SecurityException: [Security:090391]Null User Identity
    at weblogic.security.service.SecurityManager.runAs(SecurityManager.java:118)
    at weblogic.application.internal.flow.BaseLifecycleFlow$BaseAction.invoke(BaseLifecycleFlow.java:95)
    at weblogic.application.internal.flow.BaseLifecycleFlow.postStart(BaseLifecycleFlow.java:62)
    at weblogic.application.internal.flow.TailLifecycleFlow.activate(TailLifecycleFlow.java:33)
    at weblogic.application.internal.BaseDeployment$2.next(BaseDeployment.java:635)
    Truncated. see log file for complete stacktrace
    Please help in resolving this.

    Exactly the file output file is binary. Do a vi on it, you'll see what I mean. To push this through our patching system it needs to be in it's xml format like in the BICatalogUtil.sh. To my understanding that archive is a compressed archive of the xml files (stored like the backend). I need to figure out how to uncompress so it can feed through our patching system.
    Would be better if we could just get the BICatalogUtil.sh error resolved as that method does work (most of the time).

  • Java.lang.SecurityException: Security violation, expect: 514, actual: 0

    [import] Connect to http://bi-internal.oracleoutsourcing.com/xmlpserver using *****
    [import] Import "****.xdo" from "****" to "****.xdo"
    Command Error: import->importObject
    java.lang.SecurityException: Security violation: ****.xdo, user: ****, expect: 514, actual: 0
    Done.
    How do I debug this further? If I re-run several times it eventually starts working.
    Edited by: mcarter on May 24, 2013 9:30 AM

    Exactly the file output file is binary. Do a vi on it, you'll see what I mean. To push this through our patching system it needs to be in it's xml format like in the BICatalogUtil.sh. To my understanding that archive is a compressed archive of the xml files (stored like the backend). I need to figure out how to uncompress so it can feed through our patching system.
    Would be better if we could just get the BICatalogUtil.sh error resolved as that method does work (most of the time).

  • Java.lang.SecurityException: while starting weblogic server

    Hi,
    I added a admin server on m/c 1 and a remote managed server on m/c 2. When i tried to start the admin server and the managed server and ping it using jmx, it get the following security error:
    Any help regd. this would be appreciated.
    Thanks,
    beauser2005
    <Oct 29, 2004 2:14:38 PM PDT> <Warning> <RMI> <BEA-080003> <RuntimeException thrown by rmi server: weblogic.rmi.internal.BasicServerRef@10c - hostID: '-833462563406253632S:172.20.30.37:[7001,7001,-1,-1,7001,-1,-1,0,0]:mydomain10:myserver10', oid: '268', implementation: 'weblogic.management.internal.RemoteMBeanServerImpl@191f022'
    java.lang.SecurityException: [Security:090398]Invalid Subject: principals=[weblogic, Administrators].
    java.lang.SecurityException: [Security:090398]Invalid Subject: principals=[weblogic, Administrators]
         at weblogic.security.service.SecurityServiceManager.seal(SecurityServiceManager.java:680)
         at weblogic.rjvm.MsgAbbrevInputStream.getSubject(MsgAbbrevInputStream.java:187)
         at weblogic.rmi.internal.BasicServerRef.acceptRequest(BasicServerRef.java:827)
         at weblogic.rmi.internal.BasicServerRef.dispatch(BasicServerRef.java:300)
         at weblogic.rjvm.RJVMImpl.dispatchRequest(RJVMImpl.java:996)
         at weblogic.rjvm.RJVMImpl.dispatch(RJVMImpl.java:917)
         at weblogic.rjvm.ConnectionManagerServer.handleRJVM(ConnectionManagerServer.java:225)
         at weblogic.rjvm.ConnectionManager.dispatch(ConnectionManager.java:794)
         at weblogic.rjvm.t3.T3JVMConnection.dispatch(T3JVMConnection.java:742)
         at weblogic.socket.NTSocketMuxer.processSockets(NTSocketMuxer.java:105)
         at weblogic.socket.SocketReaderRequest.execute(SocketReaderRequest.java:32)
         at weblogic.kernel.ExecuteThread.execute(ExecuteThread.java:219)
         at weblogic.kernel.ExecuteThread.run(ExecuteThread.java:178)

    was able to solve this
    there was corruption of reports config file

  • Java.lang.IllegalStateException: Session already invalidated

    why do i get
    java.lang.IllegalStateException: Session already invalidated
    at
    weblogic.servlet.internal.session.SessionData.invalidate(SessionData.java:)
    when iam using bea 8.1 and not in bea 5.1 .. I dont get this exception when session timesout in bea 5.1
    Can u pl tell me
    Hemalatha

    You receive this exception when yo call to session.invalidate and the session is already invalidated. Many method in session throws this exception. You can find it in
    http://java.sun.com/products/servlet/2.2/javadoc/javax/servlet/http/HttpSession.html
    When you call call request.getSession(false) you can know if the user has any session. true - to create a new session for this request if necessary; false to return null if there's no current session

  • WLS  hang after java.lang.IllegalStateException: HttpSession is invalid occured

    Hi, all:
    I often got messages like below and server going to hang after got these message.
    ####<2004/6/15 PM time > <Error> <Kernel> <xxx.xxx.com.tw> <myserver> <ExecuteThread:
    '18' for queue: 'default'> <> <> <000000> <ExecuteRequest failed>
    java.lang.IllegalStateException: HttpSession is invalid
    at weblogic.servlet.internal.session.SessionData.getAttribute(SessionData.java:162)
    at weblogic.servlet.internal.session.SessionData.getValue(SessionData.java:134)
    at weblogic.servlet.internal.ServletRequestImpl.getRemoteUser(ServletRequestImpl.java:814)
    at weblogic.servlet.logging.CLFLogger.log(CLFLogger.java:60)
    at weblogic.servlet.logging.LogManagerHttp.log(LogManagerHttp.java:293)
    at weblogic.servlet.internal.HttpServer.log(HttpServer.java:670)
    at weblogic.servlet.internal.ServletResponseImpl.send(ServletResponseImpl.java:851)
    at weblogic.servlet.internal.ServletRequestImpl.execute(ServletRequestImpl.java:1636)
    at weblogic.kernel.ExecuteThread.execute(ExecuteThread.java:137)
    at weblogic.kernel.ExecuteThread.run(ExecuteThread.java:120)
    I know 6.0 SP2 is stop-continued, but it's still production server before we upgrade
    it.
    did any one can told me what should I modify or set ?
    Thanks for any response.

    Hi Eddy,
    "Eddy Vina" <[email protected]> wrote in message news:3fbc46c2$[email protected]..
    I get randomly in my application "java.lang.IllegalStateException: HttpSession
    is invalid" exception thrown when I call getAttribute() method on a HttpSession
    instance.
    weblogic.servlet.internal.session.SessionData.getAttribute(SessionData.java:410)
    Any feedback to avoid this problem is greately appreciatedThis happens because getAttribute(...) is called on an invalidated
    session. The session could have timed out or been invalidated
    explicitly by the moment the call was made.
    That may happen if you "cache" session objects.
    Hope this helps.
    Regards,
    Slava Imeshev

Maybe you are looking for

  • Deleting a row from a Parent VO gives NullPointerException

    I am using JDev 11.1.1.2.0 Deleting a row from a Parent VO gives NullPointerException raised from oracle.jbo.server.EntityImpl.vetoRemoveWithDetails(EntityImpl.java:8214) Here is my implementation: There are two Entity Objects(Named "Parent" and "Chi

  • Change font in Hangman widget

    Is there anyway to change the font for the letters in the hangman widget?  I love the game, but the font is really hard to read.  I am working with low level literacy learners, and this would be a fantastic game, but the font has to be cleaner so it

  • This accessory is not supported by this iPhone

    I have a Sony personal audio docking systyem RDP-XF100IP and all of a sudden when I place my iPhone 4s into the station to listen to music I get a popup saying that this accessory is not supported by this iPhone.  I have had the system for quite a fe

  • Reverse conversion

    I have met a Flashpapaer file on the net. http://www.uvm.dk/minist/documents/raad.swf I can grab it and downoad it to my pc. But I would like to change it to the word document it was orginally. Is this possible? I have tried to print it with a pdf-pr

  • Hi, new user to Premiere Pro 5, File is being imported with audio delay

    Quick and probably easy question! I'm attempting to put together an actor's demo reel. For some reason when I import one of the videos I need , the audio is a second ahead of the video. The clip's audio/video is in synch in my video library so I know