Java.lang.SecurityException

Do anyone know what this exception is or when can it occur,
java.lang.SecurityException: Authentication for user system denied in realm wl_realm
at weblogic.security.acl.Realm.authenticate(Realm.java:212)
at weblogic.security.acl.Realm.getAuthenticatedName(Realm.java:233)
at weblogic.security.acl.internal.Security.authenticate(Security.java:125)
at weblogic.security.acl.internal.Security.verify(Security.java:87)
at weblogic.rmi.internal.BasicServerRef.handleRequest(BasicServerRef.java:237)
at weblogic.rmi.internal.BasicExecuteRequest.execute(BasicExecuteRequest.java:22)
at weblogic.kernel.ExecuteThread.execute(ExecuteThread.java:139)
at weblogic.kernel.ExecuteThread.run(ExecuteThread.java:120)
Thanks
Andri

You have WLS on both sides, right?
          What's probably happening is that when you send a message, your sender's security context (the principals) is sent to the other WLS. The receiving WLS sees the principals but they were not validated by the receiving server so it complains.
          One way to solve it is to enable domain trust between the two domains. That way, both sides will be able to leverage the other's principals. However, BEA does not recommend domain trust for production systems.
          Another way is to look at how you're using JNDI on the sending side. JNDI uses a stack of security contexts. In your case, it seems to be picking up the current user which means you may not have set a username/password for JNDI when you make the call. If you were to set the username/password for a user known to the receiving side, your problem should go away.
          Mike
          Weblogic/J2EE Security Blog: http://monduke.com

Similar Messages

  • Java.lang.SecurityException: Jurisdiction policy files are not signed by t

    Hi
    *I am installing ECC6 onAIX 6.1 with oarcle 10g.*
    *I am getting error in create secure store*
    *Policy and security files are ok,*
    aused by: java.lang.ExceptionInInitializerError
            at java.lang.J9VMInternals.initialize(J9VMInternals.java:218)
            at javax.crypto.Cipher.a(Unknown Source)
            at javax.crypto.Cipher.getInstance(Unknown Source)
            at iaik.security.provider.IAIK.a(Unknown Source)
            at iaik.security.provider.IAIK.addAsJDK14Provider(Unknown Source)
            at iaik.security.provider.IAIK.addAsJDK14Provider(Unknown Source)
            at com.sap.security.core.server.secstorefs.Crypt.<clinit>(Crypt.java:82)
            at java.lang.J9VMInternals.initializeImpl(Native Method)
            at java.lang.J9VMInternals.initialize(J9VMInternals.java:196)
            at com.sap.security.core.server.secstorefs.SecStoreFS.setSID(SecStoreFS.java:158)
            at com.sap.security.core.server.secstorefs.SecStoreFS.handleCreate(SecStoreFS.java:804)
            at com.sap.security.core.server.secstorefs.SecStoreFS.main(SecStoreFS.java:1274)
            ... 6 more
    Caused by: java.lang.SecurityException: Cannot set up certs for trusted CAs
            at javax.crypto.b.<clinit>(Unknown Source)
            at java.lang.J9VMInternals.initializeImpl(Native Method)
            at java.lang.J9VMInternals.initialize(J9VMInternals.java:196)
            ... 17 more
    Caused by: java.lang.SecurityException: Jurisdiction policy files are not signed by trusted signers!
            at javax.crypto.b.a(Unknown Source)
            at javax.crypto.b.a(Unknown Source)
            at javax.crypto.b.access$600(Unknown Source)
            at javax.crypto.b$0.run(Unknown Source)
            at java.security.AccessController.doPrivileged(AccessController.java:246)
            ... 20 more
    ERROR      2009-07-07 14:10:47.063
               CJSlibModule::writeError_impl()
    CJS-30050  Cannot create the secure store. SOLUTION: See output of log file SecureStoreCreate.log:
    SAP Secure Store in the File System - Copyright (c) 2003 SAP AG
    java.lang.reflect.InvocationTargetException
            at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
            at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:88)
            at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:61)
            at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:60)
            at java.lang.reflect.Method.invoke(Method.java:391)
            at com.sap.engine.offline.OfflineToolStart.main(OfflineToolStart.java:81)
    Caused by: java.lang.ExceptionInInitializerError
            at java.lang.J9VMInternals.initialize(J9VMInternals.java:218)
            at javax.crypto.Cipher.a(Unknown Source)
            at javax.crypto.Cipher.getInstance(Unknown Source)
            at iaik.security.provider.IAIK.a(Unknown Source)
            at iaik.security.provider.IAIK.addAsJDK14Provider(Unknown Source)
            at iaik.security.provider.IAIK.addAsJDK14Provider(Unknown Source)
            at com.sap.security.core.server.secstorefs.Crypt.<clinit>(Crypt.java:82)
            at java.lang.J9VMInternals.initializeImpl(Native Method)
            at java.lang.J9VMInternals.initialize(J9VMInternals.java:196)
            at com.sap.security.core.server.secstorefs.SecStoreFS.setSID(SecStoreFS.java:158)
            at com.sap.security.core.server.secstorefs.SecStoreFS.handleCreate(SecStoreFS.java:804)
            at com.sap.security.core.server.secstorefs.SecStoreFS.main(SecStoreFS.java:1274)
            ... 6 more
    Caused by: java.lang.SecurityException: Cannot set up certs for trusted CAs
            at javax.crypto.b.<clinit>(Unknown Source)
            at java.lang.J9VMInternals.initializeImpl(Native Method)
            at java.lang.J9VMInternals.initialize(J9VMInternals.java:196)
            ... 17 more
    Caused by: java.lang.SecurityException: Jurisdiction policy files are not signed by trusted signers!
            at javax.crypto.b.a(Unknown Source)
            at javax.crypto.b.a(Unknown Source)
            at javax.crypto.b.access$600(Unknown Source)
            at javax.crypto.b$0.run(Unknown Source)
            at java.security.AccessController.doPrivileged(AccessController.java:246)
            ... 20 more.
    ERROR      2009-07-07 14:10:47.547 [sixxcstepexecute.cpp:960]
    FCO-00011  The step createSecureStore with step key |NW_Onehost|ind|ind|ind|ind|0|0|NW_Onehost_System|ind|ind|ind|ind|2|0|NW_CreateDBandLoad|ind|ind|ind|ind|10|0|NW_SecureStore|ind|ind|ind|ind|8|0|createSecureStore was executed with status ERROR ( Last error reported by the step :Cannot create the secure store. SOLUTION: See output of log file SecureStoreCreate.log:
    SAP Secure Store in the File System - Copyright (c) 2003 SAP AG
    java.lang.reflect.InvocationTargetException
            at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
            at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:88)
            at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:61)
            at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:60)
            at java.lang.reflect.Method.invoke(Method.java:391)
            at com.sap.engine.offline.OfflineToolStart.main(OfflineToolStart.java:81)
    Caused by: java.lang.ExceptionInInitializerError
            at java.lang.J9VMInternals.initialize(J9VMInternals.java:218)
            at javax.crypto.Cipher.a(Unknown Source)
            at javax.crypto.Cipher.getInstance(Unknown Source)
            at iaik.security.provider.IAIK.a(Unknown Source)
            at iaik.security.provider.IAIK.addAsJDK14Provider(Unknown Source)
            at iaik.security.provider.IAIK.addAsJDK14Provider(Unknown Source)
            at com.sap.security.core.server.secstorefs.Crypt.<clinit>(Crypt.java:82)
            at java.lang.J9VMInternals.initializeImpl(Native Method)
            at java.lang.J9VMInternals.initialize(J9VMInternals.java:196)
            at com.sap.security.core.server.secstorefs.SecStoreFS.setSID(SecStoreFS.java:158)
            at com.sap.security.core.server.secstorefs.SecStoreFS.handleCreate(SecStoreFS.java:804)
            at com.sap.security.core.server.secstorefs.SecStoreFS.main(SecStoreFS.java:1274)
            ... 6 more
    Caused by: java.lang.SecurityException: Cannot set up certs for trusted CAs
            at javax.crypto.b.<clinit>(Unknown Source)
            at java.lang.J9VMInternals.initializeImpl(Native Method)
            at java.lang.J9VMInternals.initialize(J9VMInternals.java:196)
            ... 17 more
    Caused by: java.lang.SecurityException: Jurisdiction policy files are not signed by trusted signers!
            at javax.crypto.b.a(Unknown Source)
            at javax.crypto.b.a(Unknown Source)
            at javax.crypto.b.access$600(Unknown Source)
            at javax.crypto.b$0.run(Unknown Source)
            at java.security.AccessController.doPrivileged(AccessController.java:246)
            ... 20 more.).
    what could be the problem ?
    Please give me the soluation
    regards
    Vijay

    Dear Juan
    You are correct.
    I downloaded correct file from IBM site , and Create Secure store step completed but innext step IMPORT JAVA DUMP
    it gave error
    n error occurred while processing service SAP ERP 6.0 Support Release 3 > SAP Systems > Oracle > Central System > Central System( Last error reported by the step : Execution of JLoad tool '/usr/java14_64/bin/java -classpath /swdump/tmpinst/sapinst_instdir/ERP/SYSTEM/ORA/CENTRAL/AS/install/sharedlib/launcher.jar -showversion -Xmx512m -Xj9 com.sap.engine.offline.OfflineToolStart com.sap.inst.jload.Jload /swdump/tmpinst/sapinst_instdir/ERP/SYSTEM/ORA/CENTRAL/AS/install/lib/iaik_jce.jar:/swdump/tmpinst/sapinst_instdir/ERP/SYSTEM/ORA/CENTRAL/AS/install/sharedlib/jload.jar:/swdump/tmpinst/sapinst_instdir/ERP/SYSTEM/ORA/CENTRAL/AS/install/sharedlib/antlr.jar:/swdump/tmpinst/sapinst_instdir/ERP/SYSTEM/ORA/CENTRAL/AS/install/sharedlib/exception.jar:/swdump/tmpinst/sapinst_instdir/ERP/SYSTEM/ORA/CENTRAL/AS/install/sharedlib/jddi.jar:/swdump/tmpinst/sapinst_instdir/ERP/SYSTEM/ORA/CENTRAL/AS/install/sharedlib/logging.jar:/swdump/tmpinst/sapinst_instdir/ERP/SYSTEM/ORA/CENTRAL/AS/install/sharedlib/offlineconfiguration.jar:/swdump/tmpinst/sapinst_instdir/ERP/SYSTEM/ORA/CENTRAL/AS/install/sharedlib/opensqlsta.jar:/swdump/tmpinst/sapinst_instdir/ERP/SYSTEM/ORA/CENTRAL/AS/install/sharedlib/tc_sec_secstorefs.jar:/oracle/client/10x_64/instantclient/ojdbc14.jar -sec AGQ,jdbc/pool/AGQ,/usr/sap/AGQ/SYS/global/security/data/SecStore.properties,/usr/sap/AGQ/SYS/global/security/data/SecStore.key -dataDir /swdump/NW7.0_SR3_JAVA_COMP_51033513/DATA_UNITS/JAVA_EXPORT_JDMP -job /swdump/tmpinst/sapinst_instdir/ERP/SYSTEM/ORA/CENTRAL/AS/IMPORT.XML -log jload.log' aborts with return code 1. SOLUTION: Check 'jload.log' and '/swdump/tmpinst/sapinst_instdir/ERP/SYSTEM/ORA/CENTRAL/AS/jload.java.log' for more information.
    regards
    vijjay

  • Java.lang.SecurityException: while starting weblogic server

    Hi,
    I added a admin server on m/c 1 and a remote managed server on m/c 2. When i tried to start the admin server and the managed server and ping it using jmx, it get the following security error:
    Any help regd. this would be appreciated.
    Thanks,
    beauser2005
    <Oct 29, 2004 2:14:38 PM PDT> <Warning> <RMI> <BEA-080003> <RuntimeException thrown by rmi server: weblogic.rmi.internal.BasicServerRef@10c - hostID: '-833462563406253632S:172.20.30.37:[7001,7001,-1,-1,7001,-1,-1,0,0]:mydomain10:myserver10', oid: '268', implementation: 'weblogic.management.internal.RemoteMBeanServerImpl@191f022'
    java.lang.SecurityException: [Security:090398]Invalid Subject: principals=[weblogic, Administrators].
    java.lang.SecurityException: [Security:090398]Invalid Subject: principals=[weblogic, Administrators]
         at weblogic.security.service.SecurityServiceManager.seal(SecurityServiceManager.java:680)
         at weblogic.rjvm.MsgAbbrevInputStream.getSubject(MsgAbbrevInputStream.java:187)
         at weblogic.rmi.internal.BasicServerRef.acceptRequest(BasicServerRef.java:827)
         at weblogic.rmi.internal.BasicServerRef.dispatch(BasicServerRef.java:300)
         at weblogic.rjvm.RJVMImpl.dispatchRequest(RJVMImpl.java:996)
         at weblogic.rjvm.RJVMImpl.dispatch(RJVMImpl.java:917)
         at weblogic.rjvm.ConnectionManagerServer.handleRJVM(ConnectionManagerServer.java:225)
         at weblogic.rjvm.ConnectionManager.dispatch(ConnectionManager.java:794)
         at weblogic.rjvm.t3.T3JVMConnection.dispatch(T3JVMConnection.java:742)
         at weblogic.socket.NTSocketMuxer.processSockets(NTSocketMuxer.java:105)
         at weblogic.socket.SocketReaderRequest.execute(SocketReaderRequest.java:32)
         at weblogic.kernel.ExecuteThread.execute(ExecuteThread.java:219)
         at weblogic.kernel.ExecuteThread.run(ExecuteThread.java:178)

    was able to solve this
    there was corruption of reports config file

  • Java.lang.SecurityException using a simple jar file

    I created my small application using JDev 11.
    Running from JDev it works well.
    I created a simple jar file including all my classes and all libraries I used.
    Whe I try to run that jar file I get :
    java.lang.SecurityException: no manifiest section for signature file entry javax/mail/internet/AsciiOutputStream.classI didn't find any solution.
    I worked hardly with JDev 10g but I never had such problem.
    Tks
    Tullio
    Edited by: tullio0106 on Nov 25, 2008 2:22 PM

    I simply created a project containing some classes whish use java mail.
    Then I modified the project creating, in the deployment wizard, a "Dependency Analysis" filegroup adding all my classes as well as libraries.
    I uncheck the "Include Manifest" chek otherwise I would run into different problems (well documented in the forum).
    The jar file is created but when I run the application I get the Security error.
    If I remove java mail libraries (activation and java mail)from the list of used libraries and I add it to classpath it works fine.
    I suspect the problem could be in Manifes merging.
    Tks
    Tullio

  • Java.lang.SecurityException when granting java permission

    DB version 11.1.07
    We used this command to grant the following permission in development and stage environment with no problems.
    exec dbms_java.grant_permission( 'SCHEMA', 'SYS:java.lang.RuntimePermission', 'getClassLoader', '' );
    When the same command is run in production, it results in this.
    ERROR at line 1:
    ORA-29532: Java call terminated by uncaught Java exception:
    java.lang.SecurityException: policy table update
    SYS:java.lang.RuntimePermission, getClassLoader
    ORA-06512: at "SYS.DBMS_JAVA", line 787
    ORA-06512: at line 1
    These commands were executed as SYS user in all environments. Any ideas what could be causing this?
    Thanks.
    Usman

    Either you are only using a security manager in production or there is a difference in the permissions granted by the security domains (for example, .policy files).

  • Java.lang.SecurityException: [Security:090398]Invalid Subject: WEBLOGIC 9.1

    Hi
    I am getting this error when I am making an EJB method which resides in a different weblogic 9.1 server.
    I have enaled the trust between my two domains. Set the required class path settings.
    My client call is from a JSP , say client.jsp.
    Here I get remote object of the EJB and calls the required method
    Now
    1) My EJB calls are succesful when I DO NOT secure it
    2) but when I make it is secured , ie when I
    include the jsp in secured URL ie. under <security-constraint><url-pattern>client.jsp</> in web.xml
    , it gives me the follwing error
    The stack trace is given below
    java.lang.SecurityException: [Security:090398]Invalid Subject: principals=[com.ebreviate.security.wl9realm.EBRUser@a09a08, ess, everyone]
    at weblogic.rjvm.ResponseImpl.unmarshalReturn(ResponseImpl.java:191)
    at weblogic.rmi.cluster.ClusterableRemoteRef.invoke(ClusterableRemoteRef.java:315)
    at weblogic.rmi.cluster.ClusterableRemoteRef.invoke(ClusterableRemoteRef.java:250)
    at weblogic.jndi.internal.ServerNamingNode_910_WLStub.lookup(Unknown Source)
    at weblogic.jndi.internal.WLContextImpl.lookup(WLContextImpl.java:374)
    Truncated. see log file for complete stacktrace
    Any idea why it is ?
    Please let me know
    Thanks
    Binu
    Edited by binurajkr at 01/25/2008 4:36 AM

    Hi. Contact official BEA Support. This is likely
    to be a known issue with a patch available to fix it.
    Joe
    binu raj wrote:
    Hi
    I am getting this error when I am making an EJB method which resides in a different weblogic 9.1 server.
    I have enaled the trust between my two domains. Set the required class path settings.
    My client call is from a JSP , say client.jsp.
    Here I get remote object of the EJB and calls the required method
    Now
    1) My EJB calls are succesful when I DO NOT secure it
    2) but when I make it is secured , ie when I
    include the jsp in secured URL ie. under <security-constraint><url-pattern>client.jsp</> in web.xml
    , it gives me the follwing error
    The stack trace is given below
    java.lang.SecurityException: [Security:090398]Invalid Subject: principals=[com.ebreviate.security.wl9realm.EBRUser@a09a08, ess, everyone]
    at weblogic.rjvm.ResponseImpl.unmarshalReturn(ResponseImpl.java:191)
    at weblogic.rmi.cluster.ClusterableRemoteRef.invoke(ClusterableRemoteRef.java:315)
    at weblogic.rmi.cluster.ClusterableRemoteRef.invoke(ClusterableRemoteRef.java:250)
    at weblogic.jndi.internal.ServerNamingNode_910_WLStub.lookup(Unknown Source)
    at weblogic.jndi.internal.WLContextImpl.lookup(WLContextImpl.java:374)
    Truncated. see log file for complete stacktrace
    Any idea why it is ?
    Please let me know
    Thanks
    Binu
    Edited by binurajkr at 01/25/2008 4:36 AM

  • Java.lang.SecurityException: [Security:090398]Invalid Subject

    Hi
              I am getting this error when I am making an EJB method which resides in a different weblogic 9.1 server.
              I have enaled the trust between my two domains. Set the required class path settings.
              My client call is from a JSP , say client.jsp.
              Here I get remote object of the EJB and calls the required method
              Now
              1) My EJB calls are succesful when I DO NOT secure it
              2) but when I make it is secured , ie when I
              include the jsp in secured URL ie. under <security-constraint><url-pattern>client.jsp</> in web.xml
              , it gives me the follwing error
              The stack trace is given below
              java.lang.SecurityException: [Security:090398]Invalid Subject: principals=[com.ebreviate.security.wl9realm.EBRUser@a09a08, ess, everyone]
              at weblogic.rjvm.ResponseImpl.unmarshalReturn(ResponseImpl.java:191)
              at weblogic.rmi.cluster.ClusterableRemoteRef.invoke(ClusterableRemoteRef.java:315)
              at weblogic.rmi.cluster.ClusterableRemoteRef.invoke(ClusterableRemoteRef.java:250)
              at weblogic.jndi.internal.ServerNamingNode_910_WLStub.lookup(Unknown Source)
              at weblogic.jndi.internal.WLContextImpl.lookup(WLContextImpl.java:374)
              Truncated. see log file for complete stacktrace
              Any idea why it is ?
              Please let me know
              Thanks
              Binu

    I got this issue resolved by setting
              Context.SECURITY_PRINCIPAL, "" , before the RMI ejb call
              Binu

  • Java.lang.SecurityException: [Security:090398]Invalid Subject: admin

    I have a class that is used to check the status of all managed server in a domain. I use this class to check on the status of multiple domains.
    I have a for loop over all the domains and then invoke the method below, one for each domain (I instantiate the class anew for each domain)
    The 1st domain connects and returns the status properly. However on subsequent iterations thru the look I get the following SecuriyException below. I have tried a number of things such as setting MBeanHome to null etc but this error repeats anytime I connect to N+1 domains.
    Is there a fix for this.
    Note: I am using WLS 8.1 SP3 thru 5. And I know the username & pwd is correct cause I can connect using to the admin console using the same username & password and am part of the Administrators group.
    Exception on the client on N+1 connect attemp:
    java.lang.SecurityException: [Security:090398]Invalid Subject: admin
    at weblogic.rjvm.BasicOutboundRequest.sendReceive(BasicOutboundRequest.j
    ava:108)
    at weblogic.rmi.internal.BasicRemoteRef.invoke(BasicRemoteRef.java:137)
    at weblogic.management.internal.AdminMBeanHomeImpl_815_WLStub.getDomainN
    ame(Unknown Source)
    Exception on the server:
    ####<Mar 28, 2006 2:59:51 PM CST> <Warning> <RMI> <htx6056> <AdminServer> <Execu
    teThread: '2' for queue: 'weblogic.socket.Muxer'> <<WLS Kernel>> <> <BEA-080003>
    <RuntimeException thrown by rmi server: weblogic.rmi.internal.BasicServerRef@10
    2 - hostID: '-4547912678907759832S:htx6056.cce.hp.com:[10250,10250,10251,10251,1
    0250,10251,-1,0,0]:arc_prd1:AdminServer', oid: '258', implementation: 'weblogic.
    management.internal.AdminMBeanHomeImpl@1e22632'
    java.lang.SecurityException: [Security:090398]Invalid Subject: admin.
    java.lang.SecurityException: [Security:090398]Invalid Subject: admin
    The code:
    public void checkWebLogicServerState( String user, String pass, String url ) throws Exception {
              MBeanHome home = Helper.getAdminMBeanHome( user, pass, url );
              Set beans = home.getMBeansByType( "Server", home.getDomainName( ));
              for( Iterator iter = beans.iterator( ); iter.hasNext( );){
                   WebLogicMBean bean = (WebLogicMBean)iter.next( );
                   WebLogicObjectName objName = bean.getObjectName( );
                   String serverName = objName.getName( );
                   String location = objName.getLocation( );
                   ServerRuntimeMBean serverRuntimeMBean = null;
                   try {
                        serverRuntimeMBean = (ServerRuntimeMBean)home.getMBean( serverName, "ServerRuntime", home.getDomainName( ), serverName);
                        String state = serverRuntimeMBean.getState( );
                        System.out.println( "\t[" + serverName + "] IS " + state + "." );
                   } catch( Exception ex ) {
                        System.out.println( "\t[" + serverName + "] IS NOT RUNNING." );
         }

    I worked around the problem by removing the usage of the weblogic.management.Helper and using standard JNDI lookups instead.
    Clearly there is a bug in the Helper class that stores securtiy information in a static variable since it cannot be re used within the same JVM/Classloader without sharing the security information.
    Used instead:
                   Environment env = new Environment();
                   env.setProviderUrl( url );
                   env.setSecurityPrincipal( user );
                   env.setSecurityCredentials( pass );
                   Context ctx = env.getInitialContext( );
                   home = (MBeanHome)ctx.lookup( MBeanHome.ADMIN_JNDI_NAME );

  • Java.lang.SecurityException: [Security:090398]Invalid Subject: principals=[

    HI,
    I am trying to monitor multiple weblogic servers, I am getting the exception when the program is trying to read multiple domains of the same weblogic server version 8.1.
    Can any one help me in getting this fix programatically using weblogic.management.*;
    I have searched all the sites where I got only a perticular solution which states to maintain the same domain level credentials.
    please reply me back if there is a programatical approach to fix this exception.
    The exception is given below:
    java.lang.SecurityException: [Security:090398]Invalid Subject: principals=[weblogic, Administrators]
         at weblogic.rjvm.BasicOutboundRequest.sendReceive(BasicOutboundRequest.java:108)
         at weblogic.rmi.internal.BasicRemoteRef.invoke(BasicRemoteRef.java:138)
         at weblogic.management.internal.AdminMBeanHomeImpl_811_WLStub.getDomainName(Unknown Source)
         at MonitorServers.getDataWeblogic(MonitorServers.java:138)
         at MonitorServers.getServers(MonitorServers.java:89)
         at MonitorServers.main(MonitorServers.java:352)
    Caused by: java.lang.SecurityException: [Security:090398]Invalid Subject: principals=[weblogic, Administrators]
         at weblogic.security.service.SecurityServiceManager.seal(SecurityServiceManager.java:682)
         at weblogic.rjvm.MsgAbbrevInputStream.getSubject(MsgAbbrevInputStream.java:181)
         at weblogic.rmi.internal.BasicServerRef.acceptRequest(BasicServerRef.java:814)
         at weblogic.rmi.internal.BasicServerRef.dispatch(BasicServerRef.java:299)
         at weblogic.rjvm.RJVMImpl.dispatchRequest(RJVMImpl.java:920)
         at weblogic.rjvm.RJVMImpl.dispatch(RJVMImpl.java:841)
         at weblogic.rjvm.ConnectionManagerServer.handleRJVM(ConnectionManagerServer.java:222)
         at weblogic.rjvm.ConnectionManager.dispatch(ConnectionManager.java:794)
         at weblogic.rjvm.t3.T3JVMConnection.dispatch(T3JVMConnection.java:570)
         at weblogic.socket.NTSocketMuxer.processSockets(NTSocketMuxer.java:105)
         at weblogic.socket.SocketReaderRequest.execute(SocketReaderRequest.java:32)
         at weblogic.kernel.ExecuteThread.execute(ExecuteThread.java:197)
         at weblogic.kernel.ExecuteThread.run(ExecuteThread.java:170)
    Thanks in advance

    Hi,
    I think that if you don't specify the credentials, the current one will be used to connect to the server.
    Try to specify the guest identity by explicitely adding the following properties to override the current identity
                   properties.put(Context.SECURITY_PRINCIPAL, "");
    properties.put(Context.SECURITY_CREDENTIALS, "");
    Otherwise you will need to setup a trust between the servers.
    I Hope this helps.
    Giorgio Anastopoulos

  • Java.lang.SecurityException: Security: Invalid Subject: principals

    I am getting the following exception intermittently:
    java.lang.SecurityException: Security: Invalid Subject: principals=[XXX, Administrators]
    What i am doing is, i have two weblogic servers both running Weblogic 10.0 and running on different domains, a war is deployed on one server (server A) which sends a message to queue on another server (Server B), now everything works but if i restart B then A throws the above Security Exception while looking up the queue on Server B?? Any ideas why, i haven't configured any security credentials.
    If i restart A after restarting B then everything works again but restarting all the servers each time one gets restarted is cumbersome,so does someone knows answer to the question above?
    Edited by: user4828945 on Feb 11, 2009 5:41 PM

    If you dont require authentication, then enable the global trust between the domains.
    When this feature is enabled, identity is passed between WebLogic Server domains over an RMI connection without requiring authentication in the second domain. When inter-domain trust is enabled, transactions can commit across domains. A trust relationship is established when the Domain Credential for one domain matches the Domain Credential for another domain.
    By default, the Domain Credential is randomly generated and therefore, no two domains will have the same Domain Credential. If you want two WebLogic Server domains to interoperate, you need to replace the generated credential with a credential you select, and set the same credential in each of the domains.
    Link :[http://e-docs.bea.com/wls/docs100/ConsoleHelp/taskhelp/security/EnableGlobalTrustBetweenDomains.html]

  • Java.lang.SecurityException: [Security:090398]

    Hi All,
    I am using Jdeveloper 11.1.1.3.
    I am running my application and it runs fine. But after a couple of clicks, I get the following exception. Tried googling and oracle-ing the exception but can't really understand what it is. If someone can provide a solution that would be AWESOME but even if someone can explain what the error is, that would be really really helpful.
    Oh and the WebLogic Server Version: 10.3.3.0 on server and client side.
    Here's the error...
    java.lang.SecurityException: [Security:090398]Invalid Subject: principals=[jdoe11, EFormDefault]
    javax.el.ELException: java.lang.SecurityException: [Security:090398]Invalid Subject: principals=[jdoe11, EFormDefault]
         at com.sun.el.parser.AstValue.invoke(AstValue.java:161)
         at com.sun.el.MethodExpressionImpl.invoke(MethodExpressionImpl.java:283)
         at oracle.adf.controller.internal.util.ELInterfaceImpl.invokeMethod(ELInterfaceImpl.java:168)
         at oracle.adfinternal.controller.activity.MethodCallActivityLogic.execute(MethodCallActivityLogic.java:161)
         at oracle.adfinternal.controller.engine.ControlFlowEngine.executeActivity(ControlFlowEngine.java:989)
         at oracle.adfinternal.controller.engine.ControlFlowEngine.doRouting(ControlFlowEngine.java:878)
         at oracle.adfinternal.controller.engine.ControlFlowEngine.doRouting(ControlFlowEngine.java:777)
         at oracle.adfinternal.controller.engine.ControlFlowEngine.routeFromActivity(ControlFlowEngine.java:551)
         at oracle.adfinternal.controller.engine.ControlFlowEngine.performControlFlow(ControlFlowEngine.java:147)
         at oracle.adfinternal.controller.application.NavigationHandlerImpl.handleAdfcNavigation(NavigationHandlerImpl.java:109)
         at oracle.adfinternal.controller.application.NavigationHandlerImpl.handleNavigation(NavigationHandlerImpl.java:78)
         at com.sun.faces.application.ActionListenerImpl.processAction(ActionListenerImpl.java:130)
         at org.apache.myfaces.trinidad.component.UIXCommand.broadcast(UIXCommand.java:190)
         at oracle.adf.view.rich.component.fragment.UIXRegion.broadcast(UIXRegion.java:148)
         at oracle.adf.view.rich.component.fragment.ContextSwitchingComponent$1.run(ContextSwitchingComponent.java:90)
         at oracle.adf.view.rich.component.fragment.ContextSwitchingComponent._processPhase(ContextSwitchingComponent.java:309)
         at oracle.adf.view.rich.component.fragment.ContextSwitchingComponent.broadcast(ContextSwitchingComponent.java:94)
         at oracle.adf.view.rich.component.fragment.UIXInclude.broadcast(UIXInclude.java:97)
         at oracle.adf.view.rich.component.fragment.ContextSwitchingComponent$1.run(ContextSwitchingComponent.java:90)
         at oracle.adf.view.rich.component.fragment.ContextSwitchingComponent._processPhase(ContextSwitchingComponent.java:309)
         at oracle.adf.view.rich.component.fragment.ContextSwitchingComponent.broadcast(ContextSwitchingComponent.java:94)
         at oracle.adf.view.rich.component.fragment.UIXInclude.broadcast(UIXInclude.java:91)
         at oracle.adfinternal.view.faces.lifecycle.LifecycleImpl.broadcastEvents(LifecycleImpl.java:812)
         at oracle.adfinternal.view.faces.lifecycle.LifecycleImpl._executePhase(LifecycleImpl.java:292)
         at oracle.adfinternal.view.faces.lifecycle.LifecycleImpl.execute(LifecycleImpl.java:177)
         at javax.faces.webapp.FacesServlet.service(FacesServlet.java:265)
         at weblogic.servlet.internal.StubSecurityHelper$ServletServiceAction.run(StubSecurityHelper.java:227)
         at weblogic.servlet.internal.StubSecurityHelper.invokeServlet(StubSecurityHelper.java:125)
         at weblogic.servlet.internal.ServletStubImpl.execute(ServletStubImpl.java:300)
         at weblogic.servlet.internal.TailFilter.doFilter(TailFilter.java:26)
         at weblogic.servlet.internal.FilterChainImpl.doFilter(FilterChainImpl.java:56)
         at oracle.adf.model.servlet.ADFBindingFilter.doFilter(ADFBindingFilter.java:191)
         at weblogic.servlet.internal.FilterChainImpl.doFilter(FilterChainImpl.java:56)
         at oracle.adfinternal.view.faces.webapp.rich.RegistrationFilter.doFilter(RegistrationFilter.java:97)
         at org.apache.myfaces.trinidadinternal.webapp.TrinidadFilterImpl$FilterListChain.doFilter(TrinidadFilterImpl.java:420)
         at oracle.adfinternal.view.faces.activedata.AdsFilter.doFilter(AdsFilter.java:60)
         at org.apache.myfaces.trinidadinternal.webapp.TrinidadFilterImpl$FilterListChain.doFilter(TrinidadFilterImpl.java:420)
         at org.apache.myfaces.trinidadinternal.webapp.TrinidadFilterImpl._doFilterImpl(TrinidadFilterImpl.java:247)
         at org.apache.myfaces.trinidadinternal.webapp.TrinidadFilterImpl.doFilter(TrinidadFilterImpl.java:157)
         at org.apache.myfaces.trinidad.webapp.TrinidadFilter.doFilter(TrinidadFilter.java:92)
         at weblogic.servlet.internal.FilterChainImpl.doFilter(FilterChainImpl.java:56)
         at oracle.security.jps.ee.http.JpsAbsFilter$1.run(JpsAbsFilter.java:94)
         at java.security.AccessController.doPrivileged(Native Method)
         at oracle.security.jps.util.JpsSubject.doAsPrivileged(JpsSubject.java:313)
         at oracle.security.jps.ee.util.JpsPlatformUtil.runJaasMode(JpsPlatformUtil.java:414)
         at oracle.security.jps.ee.http.JpsAbsFilter.doFilter(JpsAbsFilter.java:138)
         at oracle.security.jps.ee.http.JpsFilter.doFilter(JpsFilter.java:71)
         at weblogic.servlet.internal.FilterChainImpl.doFilter(FilterChainImpl.java:56)
         at oracle.adf.library.webapp.LibraryFilter.doFilter(LibraryFilter.java:159)
         at weblogic.servlet.internal.FilterChainImpl.doFilter(FilterChainImpl.java:56)
         at oracle.dms.wls.DMSServletFilter.doFilter(DMSServletFilter.java:330)
         at weblogic.servlet.internal.FilterChainImpl.doFilter(FilterChainImpl.java:56)
         at weblogic.servlet.internal.RequestEventsFilter.doFilter(RequestEventsFilter.java:27)
         at weblogic.servlet.internal.FilterChainImpl.doFilter(FilterChainImpl.java:56)
         at weblogic.servlet.internal.WebAppServletContext$ServletInvocationAction.doIt(WebAppServletContext.java:3684)
         at weblogic.servlet.internal.WebAppServletContext$ServletInvocationAction.run(WebAppServletContext.java:3650)
         at weblogic.security.acl.internal.AuthenticatedSubject.doAs(AuthenticatedSubject.java:321)
         at weblogic.security.service.SecurityManager.runAs(SecurityManager.java:121)
         at weblogic.servlet.internal.WebAppServletContext.securedExecute(WebAppServletContext.java:2268)
         at weblogic.servlet.internal.WebAppServletContext.execute(WebAppServletContext.java:2174)
         at weblogic.servlet.internal.ServletRequestImpl.run(ServletRequestImpl.java:1446)
         at weblogic.work.ExecuteThread.execute(ExecuteThread.java:201)
         at weblogic.work.ExecuteThread.run(ExecuteThread.java:173)
    Caused by: java.lang.SecurityException: [Security:090398]Invalid Subject: principals=[jdoe11, EFormDefault]
         at weblogic.security.service.SecurityServiceManager.seal(SecurityServiceManager.java:835)
         at weblogic.security.service.IdentityUtility.authenticatedSubjectToIdentity(IdentityUtility.java:30)
         at weblogic.security.service.RoleManager.getRoles(RoleManager.java:183)
         at weblogic.security.service.AuthorizationManager.isAccessAllowed(AuthorizationManager.java:375)
         at weblogic.rmi.provider.WorkContextAccessController.checkAccess(WorkContextAccessController.java:62)
         at weblogic.workarea.spi.WorkContextAccessController.isAccessAllowed(WorkContextAccessController.java:38)
         at weblogic.workarea.WorkContextLocalMap$WorkContextKeys.next(WorkContextLocalMap.java:356)
         at weblogic.wsee.jaxws.workcontext.WorkContextTube.hasContext(WorkContextTube.java:67)
         at weblogic.wsee.jaxws.workcontext.WorkContextClientTube.processRequest(WorkContextClientTube.java:38)
         at com.sun.xml.ws.api.pipe.Fiber.__doRun(Fiber.java:604)
         at com.sun.xml.ws.api.pipe.Fiber._doRun(Fiber.java:563)
         at com.sun.xml.ws.api.pipe.Fiber.doRun(Fiber.java:548)
         at com.sun.xml.ws.api.pipe.Fiber.runSync(Fiber.java:445)
         at com.sun.xml.ws.client.Stub.process(Stub.java:259)
         at com.sun.xml.ws.client.sei.SEIStub.doProcess(SEIStub.java:152)
         at com.sun.xml.ws.client.sei.SyncMethodHandler.invoke(SyncMethodHandler.java:115)
         at com.sun.xml.ws.client.sei.SyncMethodHandler.invoke(SyncMethodHandler.java:95)
         at com.sun.xml.ws.client.sei.SEIStub.invoke(SEIStub.java:135)
         at $Proxy157.retrieveForm(Unknown Source)
         at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
         at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
         at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
         at java.lang.reflect.Method.invoke(Method.java:597)
         at weblogic.wsee.jaxws.spi.ClientInstance$ClientInstanceInvocationHandler.invoke(ClientInstance.java:363)
         at $Proxy158.retrieveForm(Unknown Source)
         at gov.atf.eforms.FormBase.retrieveForm(FormBase.java:206)
         at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
         at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
         at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
         at java.lang.reflect.Method.invoke(Method.java:597)
         at com.sun.el.parser.AstValue.invoke(AstValue.java:157)
         ... 62 more
    Edited by: HKG on Feb 25, 2011 8:01 AM

    Hi,
    difficult to say. From the error message it seems that there is something happening with the authenticated JAAS user. Does the problem reproduce in other applications (e.g. a test case ?)
    Frank

  • Java.lang.SecurityException when trying to execute Workflow-Java-API from Servlet

    I'm trying to call some of the Oracle Workflow-Java-API Classes/Methods from a servlet running on OC4J.
    The following Code-Sample is exactly copied from the WFTest Example shipped with Oracle-Workflow:
    wfDB = new WFDB(user, ident, "jdbc:oracle:thin:@", "host:1521:tnsstring");
    String charset = System.getProperty("CHARSET");
    if (charset == null) {
    charset = "UTF8";
    ctx = new WFContext(wfDB, charset);
    if (ctx.getDB().getConnection() == null) {
    throw new Exception ("Keine Verbindung zum Workflow");
    On OC4J integrated in JDeveloper everything works fine when i run my test-servlet with this code.
    On 9ias with OC4J running on a SuSE-Linux Server i get the following Error:
    java.lang.SecurityException: class "oracle.apps.fnd.wf.WFContext"'s signer information does not match signer information of other classes in the same package
    at java.lang.ClassLoader.checkCerts(ClassLoader.java:554)
    at java.lang.ClassLoader.defineClass(ClassLoader.java:482)
    at java.security.SecureClassLoader.defineClass(SecureClassLoader.java:106)
    at java.net.URLClassLoader.defineClass(URLClassLoader.java:243)
    at java.net.URLClassLoader.access$100(URLClassLoader.java:51)
    at java.net.URLClassLoader$1.run(URLClassLoader.java:190)
    at java.security.AccessController.doPrivileged(Native Method)
    at java.net.URLClassLoader.findClass(URLClassLoader.java:183)
    at java.lang.ClassLoader.loadClass(ClassLoader.java:294)
    at java.lang.ClassLoader.loadClass(ClassLoader.java:250)
    at java.lang.ClassLoader.loadClassInternal(ClassLoader.java:310)
    at oracle.apps.fnd.wf.engine.JdbcEngineAPI._sqlQueryText(JdbcEngineAPI.java)
    at oracle.apps.fnd.wf.engine.EngineAPI.getItemTypes(EngineAPI.java)
    at WorkflowData.doGet(WorkflowData.java:61)
    at javax.servlet.http.HttpServlet.service(HttpServlet.java:195)
    at javax.servlet.http.HttpServlet.service(HttpServlet.java:309)
    at javax.servlet.http.HttpServlet.service(HttpServlet.java:336)
    at com.evermind[Oracle9iAS (1.0.2.2.1) Containers for J2EE].server.http.ServletRequestDispatcher.invoke(ServletRequestDispatcher.java:508)
    at com.evermind[Oracle9iAS (1.0.2.2.1) Containers for J2EE].server.http.ServletRequestDispatcher.forwardInternal(ServletRequestDispatcher.java:177)
    at com.evermind[Oracle9iAS (1.0.2.2.1) Containers for J2EE].server.http.HttpRequestHandler.processRequest(HttpRequestHandler.java:576)
    at com.evermind[Oracle9iAS (1.0.2.2.1) Containers for J2EE].server.http.HttpRequestHandler.run(HttpRequestHandler.java:189)
    at com.evermind[Oracle9iAS (1.0.2.2.1) Containers for J2EE].util.ThreadPoolThread.run(ThreadPoolThread.java:62)
    As you can see, the first Workflow-API-Object (WFDB) gets correctly instantiated. But the second one crashes.
    The java.policy and java.security files are exactly identical on both machines, my PC and the Linux-Server.
    Where might be the problem ?
    How can we fix this ?
    thanks in advance for any help
    Ralf

    okay, okay,
    my/our own fault.
    To prevent anyone else of makeing the same mistake, a short decription:
    We stored the wf????.jar files inside the $JAVA_HOME/jre/lib/ext directory.
    The correct way is to let them inside $ORACLE_HOME/jlib dir of the oracle db and extend the classpath, respectively add the following lines to 'orion-application.xml' of the app.
         <library path="$ORACLE_HOME/jlib/wfapi.jar" />
         <library path="$ORACLE_HOME/jlib/wfjava.jar" />

  • Java.lang.SecurityException when loading javax.activation.MimeType

    Hi all,
    I'm having this problem when trying to call a WebService in my Server;
    java.lang.SecurityException: class "javax.activation.MimeType"'s signer information does not match signer information of other classes in the same package     
    at java.lang.ClassLoader.checkCerts(ClassLoader.java(Compiled Code))
    at java.lang.ClassLoader.defineClass(ClassLoader.java(Compiled Code))
    at java.security.SecureClassLoader.defineClass(SecureClassLoader.java(Compiled Code))
    at java.net.URLClassLoader.defineClass(URLClassLoader.java(Compiled Code))
    at java.net.URLClassLoader.access$500(URLClassLoader.java(Inlined Compiled Code))
    at java.net.URLClassLoader$ClassFinder.run(URLClassLoader.java(Compiled Code))
    at java.security.AccessController.doPrivileged1(Native Method)
    at java.security.AccessController.doPrivileged(AccessController.java(Compiled Code))
    at java.net.URLClassLoader.findClass(URLClassLoader.java(Compiled Code))
    at java.lang.ClassLoader.loadClass(ClassLoader.java(Compiled Code))
    at java.lang.ClassLoader.loadClass(ClassLoader.java(Compiled Code))
    at sun.misc.Launcher$AppClassLoader.loadClass(Launcher.java(Compiled Code))
    at java.lang.ClassLoader.loadClass(ClassLoader.java(Compiled Code))
    at org.apache.soap.rpc.SOAPContext.addBodyPart(SOAPContext.java:344)
    at org.apache.soap.rpc.SOAPContext.setRootPart(SOAPContext.java:403)
    at org.apache.soap.rpc.SOAPContext.setRootPart(SOAPContext.java:442)
    at org.apache.soap.rpc.SOAPContext.setRootPart(SOAPContext.java:417)
    at org.apache.soap.transport.TransportMessage.save(TransportMessage.java:351)
    at oracle.soap.transport.http.OracleSOAPHTTPConnection.send(OracleSOAPHTTPConnection.java:713)
    at org.apache.soap.rpc.Call.invoke(Call.java:261)
    It seems to work in my local machine (running on JDeveloper10G embedded server), but i cannot make it work in production server (version 10.1.2.0.2) ...
    Any idea of what is going wrong? I know what the error means, but i don't know why it is raising.

    I've tried the webservice standalone (without a servlet frontend) and it seems to work, so i'll post this in the servlets forum.
    Thanks.

  • Java.lang.SecurityException: Cannot set up certs for trusted CAs

    Hi,
    The application iam working on encrypts & decrypts files. The application is deployed on a standalone OC4j container on solaris 5.8. I have downloaded the following jar files
    jce1_2_2.jar
    sunjce_provider.jar
    local_policy.jar
    US_export_policy.jar
    and have declared them in the application.xml
    when i run the application i get the following exception.
    java.lang.ExceptionInInitializerError: java.lang.SecurityException: Cannot set up certs for trusted CAs: java.lang.SecurityException: Signer restraint check failed! at javax.crypto.SunJCE_b.<clinit>(DashoA6275) at javax.crypto.Cipher.a(DashoA6275) at javax.crypto.Cipher.getInstance(DashoA6275) at pdfDownload.jspService(_pdfDownload.java:215) [SRC:/pdfDownload.jsp:167] at com.orionserver[Oracle9iAS (9.0.3.0.0) Containers for J2EE].http.OrionHttpJspPage.service(OrionHttpJspPage.java:56) at oracle.jsp.runtimev2.JspPageTable.service(JspPageTable.java:317) at oracle.jsp.runtimev2.JspServlet.internalService(JspServlet.java:465) at oracle.jsp.runtimev2.JspServlet.service(JspServlet.java:379) at javax.servlet.http.HttpServlet.service(HttpServlet.java:853) at com.evermind[Oracle9iAS (9.0.3.0.0) Containers for J2EE].server.http.ServletRequestDispatcher.invoke(ServletRequestDispatcher.java:721) at com.evermind[Oracle9iAS (9.0.3.0.0) Containers for J2EE].server.http.ServletRequestDispatcher.forwardInternal(ServletRequestDispatcher.java:306) at com.evermind[Oracle9iAS (9.0.3.0.0) Containers for J2EE].server.http.HttpRequestHandler.processRequest(HttpRequestHandler.java:767) at com.evermind[Oracle9iAS (9.0.3.0.0) Containers for J2EE].server.http.HttpRequestHandler.run(HttpRequestHandler.java:259) at com.evermind[Oracle9iAS (9.0.3.0.0) Containers for J2EE].server.http.HttpRequestHandler.run(HttpRequestHandler.java:106) at EDU.oswego.cs.dl.util.concurrent.PooledExecutor$Worker.run(PooledExecutor.java:803) at java.lang.Thread.run(Thread.java:484)
    Pls advise, is there any other setting that needs to be done ?
    Thanks & Regards
    Arun

    Hi,
    I got the solution for this. JCE 1.2.2 is supported on JDK 1.4.1 and JDK 1.4.2, but both of them have different unrestricted policy jars. I was able to solve the problem once I downloaded the unrestricted policy jars for JDK 1.4.2 (which is used by BEA 8.1 SP5) from the following URL : http://java.sun.com/j2se/1.4.2/download.html
    Regards,
    Prashant Kale.

  • Java.lang.SecurityException while using RDBMSRealm in 5.1

    Hi,
    We are in the process of migrating our application from Weblogic 4.5.1
    to Weblogic 5.1. When we try to set up RdbmsRealm as the delegate realm
    for the server and start the server, we get the following exception:
    java.lang.SecurityException: User "system" does not have Permission
    "read" based on ACL "weblogic.workspace.system".
    at weblogic.security.acl.Security.logAndThrow(Security.java:372)
    at weblogic.security.acl.Security.checkPermission(Security.java:254)
    at
    weblogic.workspace.server.Workspace.checkPermission(Workspace.java:1169)
    at weblogic.workspace.server.Workspace.checkRead(Workspace.java:1174)
    at weblogic.workspace.server.Workspace.fetch(Workspace.java:208)
    at
    weblogic.jdbc.common.internal.ConnectionPool.startup(ConnectionPool.java:243)
    at weblogic.jdbc.common.internal.JdbcInfo.initPools(JdbcInfo.java,
    Compiled Code)
    at weblogic.jdbc.common.internal.JdbcInfo.startup(JdbcInfo.java:200)
    at weblogic.jdbc.common.internal.JdbcStartup.main(JdbcStartup.java:11)
    at java.lang.reflect.Method.invoke(Native Method)
    at weblogic.t3.srvr.StartupThread.runMain(StartupThread.java:219)
    at weblogic.t3.srvr.StartupThread.doWork(StartupThread.java, Compiled
    Code)
    at
    weblogic.t3.srvr.PropertyExecuteThread.run(PropertyExecuteThread.java:62)
    The database has aclentries that grant read, write and reserve
    permissions on weblogic.workspace.system to everyone. It is not clear
    why the server still complains that user 'system' does not have
    permissions. Is 'system' user not a part of everyone group by default? (
    We are using the same acls we were using with Weblogic 4.5.1 ). Does
    'everyone' group have all the users in it by default? Or has it changed?
    Any suggestions welcome.
    Thanks and Regards
    Suresh B

    Either try setting weblogic.allow.read.weblogic.workspace=system
    Or add the system user to the group 'everyone' in the database you use for
    RDBMSRealm (Hmm, not sure if this will work or not.
    If you are implementing a custom realm then you need to explicitly state
    which members are in the 'everyone' group.
    (I've recently had a similar problem . I actually chose a different
    solution, by overriding the isMember(user) method in RDBMSGroup to always
    return true if the group's name is 'everyone' - I had to override the method
    anyway, for other reasons. If anyone as any input on why this is a really
    bad idea please feel free to tell me)
    terry
    BSuresh <[email protected]> wrote in message
    news:[email protected]...
    Hi,
    weblogic.allow.read.weblogic.workspace=everyone
    weblogic.allow.write.weblogic.workspace=everyone
    weblogic.allow.read.weblogic.workspace.system=everyone
    weblogic.allow.write.weblogic.workspace.system=everyone
    I tried having the above entries in the weblogic.properties file but theserver
    complains that weblogic.workspace acl is defined both in the delegate andbackup
    realm. And the result remains the same - java.lang.SecurityException.User
    "system" does not have Permission "read" based on ACL
    "weblogic.workspace.system".
    Thanks
    Suresh.B
    KNK wrote:
    Try setting the "read" and "write" permissions explicitly in
    weblogic.properties file.
    weblogic.allow.read.weblogic.workspace=everyone
    weblogic.allow.write.weblogic.workspace=everyone
    -- KNK --
    A ten thousand miles journey begins with a single step. That single stephas
    to be taken from where you are, worries are no solution to any problem.
    "BSuresh" <[email protected]> wrote in message
    news:[email protected]...
    Hi,
    We are in the process of migrating our application from Weblogic 4.5.1
    to Weblogic 5.1. When we try to set up RdbmsRealm as the delegate
    realm
    for the server and start the server, we get the following exception:
    java.lang.SecurityException: User "system" does not have Permission
    "read" based on ACL "weblogic.workspace.system".
    at weblogic.security.acl.Security.logAndThrow(Security.java:372)
    at weblogic.security.acl.Security.checkPermission(Security.java:254)
    at
    weblogic.workspace.server.Workspace.checkPermission(Workspace.java:1169)
    >>>
    at weblogic.workspace.server.Workspace.checkRead(Workspace.java:1174)
    at weblogic.workspace.server.Workspace.fetch(Workspace.java:208)
    at
    weblogic.jdbc.common.internal.ConnectionPool.startup(ConnectionPool.java:243
    at weblogic.jdbc.common.internal.JdbcInfo.initPools(JdbcInfo.java,
    Compiled Code)
    at weblogic.jdbc.common.internal.JdbcInfo.startup(JdbcInfo.java:200)
    at
    weblogic.jdbc.common.internal.JdbcStartup.main(JdbcStartup.java:11)
    at java.lang.reflect.Method.invoke(Native Method)
    at weblogic.t3.srvr.StartupThread.runMain(StartupThread.java:219)
    at weblogic.t3.srvr.StartupThread.doWork(StartupThread.java, Compiled
    Code)
    at
    weblogic.t3.srvr.PropertyExecuteThread.run(PropertyExecuteThread.java:62)
    >>>
    The database has aclentries that grant read, write and reserve
    permissions on weblogic.workspace.system to everyone. It is not clear
    why the server still complains that user 'system' does not have
    permissions. Is 'system' user not a part of everyone group by default?(
    We are using the same acls we were using with Weblogic 4.5.1 ). Does
    'everyone' group have all the users in it by default? Or has itchanged?
    >>>
    Any suggestions welcome.
    Thanks and Regards
    Suresh B

  • Java.lang.SecurityException: The SunJCE provider may have been tampered.

    Hello all,
    I am getting this exception :
    java.lang.SecurityException: The SunJCE provider may have been tampered.
         at com.sun.crypto.provider.DESedeKeyFactory.<init>(DashoA6275)
    while running a java application (not written by me), which apparently is trying to encrypt a byte array at this point.
    Does this ring a bell for any one ?
    I am using j2sdk1.4.2_08, after having to uninstall j2sdk1.4.2_10 due to some other problems with this release.
    Thank you,
    Vince

    Using JDK1.6 you should not need to have sunjce_provider.jar or jce1_2_2.jar in the lib directory. The Sun provider comes as part of JDK1.6 and ALL applications pick it up automatically.

Maybe you are looking for

  • How do I add a jpg photo into the library

    I am trying to animate a layer on top of a background, I've made the background layer the first in the back but when I animate it dissapeers. I can use one of the stock backgrounds from the library and it stays in thebackground while the other gif la

  • Invalid Form value passed?!

    Hi there, We recently migrated to CF MX 7 from ol' CF 5. This error started appearing, and I'm not sure but maybe it is related to text encoding on the site. This error appears (sometimes!) when certain text is entered in the textarea box for posting

  • Pictures not fitting on screen in slideshow

    Is there any way of ensuring that all pictures fit on the screen for a slideshow? The vertical ones in particular have tops or bottoms cut off. Sometimes it is a person's head! This occurs with or without the Ken Burns effect. Is it anything to do wi

  • New package creation

    I had basis create a new bex package. I cannot see it in the transport screen. Does the package have to be transorted before I can use it to for transports?

  • Mac mini home theater resource and OS survey

    AVS Forum (AV Science Forum) is a free, discussion group Web site that offers a wealth of member-contributed information about home theater technology. Since June of 2005, it has offered a Mac subforum and the discussions in that group have increased