Java.lang.SecurityException
Do anyone know what this exception is or when can it occur,
java.lang.SecurityException: Authentication for user system denied in realm wl_realm
at weblogic.security.acl.Realm.authenticate(Realm.java:212)
at weblogic.security.acl.Realm.getAuthenticatedName(Realm.java:233)
at weblogic.security.acl.internal.Security.authenticate(Security.java:125)
at weblogic.security.acl.internal.Security.verify(Security.java:87)
at weblogic.rmi.internal.BasicServerRef.handleRequest(BasicServerRef.java:237)
at weblogic.rmi.internal.BasicExecuteRequest.execute(BasicExecuteRequest.java:22)
at weblogic.kernel.ExecuteThread.execute(ExecuteThread.java:139)
at weblogic.kernel.ExecuteThread.run(ExecuteThread.java:120)
Thanks
Andri
You have WLS on both sides, right?
What's probably happening is that when you send a message, your sender's security context (the principals) is sent to the other WLS. The receiving WLS sees the principals but they were not validated by the receiving server so it complains.
One way to solve it is to enable domain trust between the two domains. That way, both sides will be able to leverage the other's principals. However, BEA does not recommend domain trust for production systems.
Another way is to look at how you're using JNDI on the sending side. JNDI uses a stack of security contexts. In your case, it seems to be picking up the current user which means you may not have set a username/password for JNDI when you make the call. If you were to set the username/password for a user known to the receiving side, your problem should go away.
Mike
Weblogic/J2EE Security Blog: http://monduke.com
Similar Messages
-
Java.lang.SecurityException: Jurisdiction policy files are not signed by t
Hi
*I am installing ECC6 onAIX 6.1 with oarcle 10g.*
*I am getting error in create secure store*
*Policy and security files are ok,*
aused by: java.lang.ExceptionInInitializerError
at java.lang.J9VMInternals.initialize(J9VMInternals.java:218)
at javax.crypto.Cipher.a(Unknown Source)
at javax.crypto.Cipher.getInstance(Unknown Source)
at iaik.security.provider.IAIK.a(Unknown Source)
at iaik.security.provider.IAIK.addAsJDK14Provider(Unknown Source)
at iaik.security.provider.IAIK.addAsJDK14Provider(Unknown Source)
at com.sap.security.core.server.secstorefs.Crypt.<clinit>(Crypt.java:82)
at java.lang.J9VMInternals.initializeImpl(Native Method)
at java.lang.J9VMInternals.initialize(J9VMInternals.java:196)
at com.sap.security.core.server.secstorefs.SecStoreFS.setSID(SecStoreFS.java:158)
at com.sap.security.core.server.secstorefs.SecStoreFS.handleCreate(SecStoreFS.java:804)
at com.sap.security.core.server.secstorefs.SecStoreFS.main(SecStoreFS.java:1274)
... 6 more
Caused by: java.lang.SecurityException: Cannot set up certs for trusted CAs
at javax.crypto.b.<clinit>(Unknown Source)
at java.lang.J9VMInternals.initializeImpl(Native Method)
at java.lang.J9VMInternals.initialize(J9VMInternals.java:196)
... 17 more
Caused by: java.lang.SecurityException: Jurisdiction policy files are not signed by trusted signers!
at javax.crypto.b.a(Unknown Source)
at javax.crypto.b.a(Unknown Source)
at javax.crypto.b.access$600(Unknown Source)
at javax.crypto.b$0.run(Unknown Source)
at java.security.AccessController.doPrivileged(AccessController.java:246)
... 20 more
ERROR 2009-07-07 14:10:47.063
CJSlibModule::writeError_impl()
CJS-30050 Cannot create the secure store. SOLUTION: See output of log file SecureStoreCreate.log:
SAP Secure Store in the File System - Copyright (c) 2003 SAP AG
java.lang.reflect.InvocationTargetException
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:88)
at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:61)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:60)
at java.lang.reflect.Method.invoke(Method.java:391)
at com.sap.engine.offline.OfflineToolStart.main(OfflineToolStart.java:81)
Caused by: java.lang.ExceptionInInitializerError
at java.lang.J9VMInternals.initialize(J9VMInternals.java:218)
at javax.crypto.Cipher.a(Unknown Source)
at javax.crypto.Cipher.getInstance(Unknown Source)
at iaik.security.provider.IAIK.a(Unknown Source)
at iaik.security.provider.IAIK.addAsJDK14Provider(Unknown Source)
at iaik.security.provider.IAIK.addAsJDK14Provider(Unknown Source)
at com.sap.security.core.server.secstorefs.Crypt.<clinit>(Crypt.java:82)
at java.lang.J9VMInternals.initializeImpl(Native Method)
at java.lang.J9VMInternals.initialize(J9VMInternals.java:196)
at com.sap.security.core.server.secstorefs.SecStoreFS.setSID(SecStoreFS.java:158)
at com.sap.security.core.server.secstorefs.SecStoreFS.handleCreate(SecStoreFS.java:804)
at com.sap.security.core.server.secstorefs.SecStoreFS.main(SecStoreFS.java:1274)
... 6 more
Caused by: java.lang.SecurityException: Cannot set up certs for trusted CAs
at javax.crypto.b.<clinit>(Unknown Source)
at java.lang.J9VMInternals.initializeImpl(Native Method)
at java.lang.J9VMInternals.initialize(J9VMInternals.java:196)
... 17 more
Caused by: java.lang.SecurityException: Jurisdiction policy files are not signed by trusted signers!
at javax.crypto.b.a(Unknown Source)
at javax.crypto.b.a(Unknown Source)
at javax.crypto.b.access$600(Unknown Source)
at javax.crypto.b$0.run(Unknown Source)
at java.security.AccessController.doPrivileged(AccessController.java:246)
... 20 more.
ERROR 2009-07-07 14:10:47.547 [sixxcstepexecute.cpp:960]
FCO-00011 The step createSecureStore with step key |NW_Onehost|ind|ind|ind|ind|0|0|NW_Onehost_System|ind|ind|ind|ind|2|0|NW_CreateDBandLoad|ind|ind|ind|ind|10|0|NW_SecureStore|ind|ind|ind|ind|8|0|createSecureStore was executed with status ERROR ( Last error reported by the step :Cannot create the secure store. SOLUTION: See output of log file SecureStoreCreate.log:
SAP Secure Store in the File System - Copyright (c) 2003 SAP AG
java.lang.reflect.InvocationTargetException
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:88)
at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:61)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:60)
at java.lang.reflect.Method.invoke(Method.java:391)
at com.sap.engine.offline.OfflineToolStart.main(OfflineToolStart.java:81)
Caused by: java.lang.ExceptionInInitializerError
at java.lang.J9VMInternals.initialize(J9VMInternals.java:218)
at javax.crypto.Cipher.a(Unknown Source)
at javax.crypto.Cipher.getInstance(Unknown Source)
at iaik.security.provider.IAIK.a(Unknown Source)
at iaik.security.provider.IAIK.addAsJDK14Provider(Unknown Source)
at iaik.security.provider.IAIK.addAsJDK14Provider(Unknown Source)
at com.sap.security.core.server.secstorefs.Crypt.<clinit>(Crypt.java:82)
at java.lang.J9VMInternals.initializeImpl(Native Method)
at java.lang.J9VMInternals.initialize(J9VMInternals.java:196)
at com.sap.security.core.server.secstorefs.SecStoreFS.setSID(SecStoreFS.java:158)
at com.sap.security.core.server.secstorefs.SecStoreFS.handleCreate(SecStoreFS.java:804)
at com.sap.security.core.server.secstorefs.SecStoreFS.main(SecStoreFS.java:1274)
... 6 more
Caused by: java.lang.SecurityException: Cannot set up certs for trusted CAs
at javax.crypto.b.<clinit>(Unknown Source)
at java.lang.J9VMInternals.initializeImpl(Native Method)
at java.lang.J9VMInternals.initialize(J9VMInternals.java:196)
... 17 more
Caused by: java.lang.SecurityException: Jurisdiction policy files are not signed by trusted signers!
at javax.crypto.b.a(Unknown Source)
at javax.crypto.b.a(Unknown Source)
at javax.crypto.b.access$600(Unknown Source)
at javax.crypto.b$0.run(Unknown Source)
at java.security.AccessController.doPrivileged(AccessController.java:246)
... 20 more.).
what could be the problem ?
Please give me the soluation
regards
VijayDear Juan
You are correct.
I downloaded correct file from IBM site , and Create Secure store step completed but innext step IMPORT JAVA DUMP
it gave error
n error occurred while processing service SAP ERP 6.0 Support Release 3 > SAP Systems > Oracle > Central System > Central System( Last error reported by the step : Execution of JLoad tool '/usr/java14_64/bin/java -classpath /swdump/tmpinst/sapinst_instdir/ERP/SYSTEM/ORA/CENTRAL/AS/install/sharedlib/launcher.jar -showversion -Xmx512m -Xj9 com.sap.engine.offline.OfflineToolStart com.sap.inst.jload.Jload /swdump/tmpinst/sapinst_instdir/ERP/SYSTEM/ORA/CENTRAL/AS/install/lib/iaik_jce.jar:/swdump/tmpinst/sapinst_instdir/ERP/SYSTEM/ORA/CENTRAL/AS/install/sharedlib/jload.jar:/swdump/tmpinst/sapinst_instdir/ERP/SYSTEM/ORA/CENTRAL/AS/install/sharedlib/antlr.jar:/swdump/tmpinst/sapinst_instdir/ERP/SYSTEM/ORA/CENTRAL/AS/install/sharedlib/exception.jar:/swdump/tmpinst/sapinst_instdir/ERP/SYSTEM/ORA/CENTRAL/AS/install/sharedlib/jddi.jar:/swdump/tmpinst/sapinst_instdir/ERP/SYSTEM/ORA/CENTRAL/AS/install/sharedlib/logging.jar:/swdump/tmpinst/sapinst_instdir/ERP/SYSTEM/ORA/CENTRAL/AS/install/sharedlib/offlineconfiguration.jar:/swdump/tmpinst/sapinst_instdir/ERP/SYSTEM/ORA/CENTRAL/AS/install/sharedlib/opensqlsta.jar:/swdump/tmpinst/sapinst_instdir/ERP/SYSTEM/ORA/CENTRAL/AS/install/sharedlib/tc_sec_secstorefs.jar:/oracle/client/10x_64/instantclient/ojdbc14.jar -sec AGQ,jdbc/pool/AGQ,/usr/sap/AGQ/SYS/global/security/data/SecStore.properties,/usr/sap/AGQ/SYS/global/security/data/SecStore.key -dataDir /swdump/NW7.0_SR3_JAVA_COMP_51033513/DATA_UNITS/JAVA_EXPORT_JDMP -job /swdump/tmpinst/sapinst_instdir/ERP/SYSTEM/ORA/CENTRAL/AS/IMPORT.XML -log jload.log' aborts with return code 1. SOLUTION: Check 'jload.log' and '/swdump/tmpinst/sapinst_instdir/ERP/SYSTEM/ORA/CENTRAL/AS/jload.java.log' for more information.
regards
vijjay -
Java.lang.SecurityException: while starting weblogic server
Hi,
I added a admin server on m/c 1 and a remote managed server on m/c 2. When i tried to start the admin server and the managed server and ping it using jmx, it get the following security error:
Any help regd. this would be appreciated.
Thanks,
beauser2005
<Oct 29, 2004 2:14:38 PM PDT> <Warning> <RMI> <BEA-080003> <RuntimeException thrown by rmi server: weblogic.rmi.internal.BasicServerRef@10c - hostID: '-833462563406253632S:172.20.30.37:[7001,7001,-1,-1,7001,-1,-1,0,0]:mydomain10:myserver10', oid: '268', implementation: 'weblogic.management.internal.RemoteMBeanServerImpl@191f022'
java.lang.SecurityException: [Security:090398]Invalid Subject: principals=[weblogic, Administrators].
java.lang.SecurityException: [Security:090398]Invalid Subject: principals=[weblogic, Administrators]
at weblogic.security.service.SecurityServiceManager.seal(SecurityServiceManager.java:680)
at weblogic.rjvm.MsgAbbrevInputStream.getSubject(MsgAbbrevInputStream.java:187)
at weblogic.rmi.internal.BasicServerRef.acceptRequest(BasicServerRef.java:827)
at weblogic.rmi.internal.BasicServerRef.dispatch(BasicServerRef.java:300)
at weblogic.rjvm.RJVMImpl.dispatchRequest(RJVMImpl.java:996)
at weblogic.rjvm.RJVMImpl.dispatch(RJVMImpl.java:917)
at weblogic.rjvm.ConnectionManagerServer.handleRJVM(ConnectionManagerServer.java:225)
at weblogic.rjvm.ConnectionManager.dispatch(ConnectionManager.java:794)
at weblogic.rjvm.t3.T3JVMConnection.dispatch(T3JVMConnection.java:742)
at weblogic.socket.NTSocketMuxer.processSockets(NTSocketMuxer.java:105)
at weblogic.socket.SocketReaderRequest.execute(SocketReaderRequest.java:32)
at weblogic.kernel.ExecuteThread.execute(ExecuteThread.java:219)
at weblogic.kernel.ExecuteThread.run(ExecuteThread.java:178)was able to solve this
there was corruption of reports config file -
Java.lang.SecurityException using a simple jar file
I created my small application using JDev 11.
Running from JDev it works well.
I created a simple jar file including all my classes and all libraries I used.
Whe I try to run that jar file I get :
java.lang.SecurityException: no manifiest section for signature file entry javax/mail/internet/AsciiOutputStream.classI didn't find any solution.
I worked hardly with JDev 10g but I never had such problem.
Tks
Tullio
Edited by: tullio0106 on Nov 25, 2008 2:22 PMI simply created a project containing some classes whish use java mail.
Then I modified the project creating, in the deployment wizard, a "Dependency Analysis" filegroup adding all my classes as well as libraries.
I uncheck the "Include Manifest" chek otherwise I would run into different problems (well documented in the forum).
The jar file is created but when I run the application I get the Security error.
If I remove java mail libraries (activation and java mail)from the list of used libraries and I add it to classpath it works fine.
I suspect the problem could be in Manifes merging.
Tks
Tullio -
Java.lang.SecurityException when granting java permission
DB version 11.1.07
We used this command to grant the following permission in development and stage environment with no problems.
exec dbms_java.grant_permission( 'SCHEMA', 'SYS:java.lang.RuntimePermission', 'getClassLoader', '' );
When the same command is run in production, it results in this.
ERROR at line 1:
ORA-29532: Java call terminated by uncaught Java exception:
java.lang.SecurityException: policy table update
SYS:java.lang.RuntimePermission, getClassLoader
ORA-06512: at "SYS.DBMS_JAVA", line 787
ORA-06512: at line 1
These commands were executed as SYS user in all environments. Any ideas what could be causing this?
Thanks.
UsmanEither you are only using a security manager in production or there is a difference in the permissions granted by the security domains (for example, .policy files).
-
Hi
I am getting this error when I am making an EJB method which resides in a different weblogic 9.1 server.
I have enaled the trust between my two domains. Set the required class path settings.
My client call is from a JSP , say client.jsp.
Here I get remote object of the EJB and calls the required method
Now
1) My EJB calls are succesful when I DO NOT secure it
2) but when I make it is secured , ie when I
include the jsp in secured URL ie. under <security-constraint><url-pattern>client.jsp</> in web.xml
, it gives me the follwing error
The stack trace is given below
java.lang.SecurityException: [Security:090398]Invalid Subject: principals=[com.ebreviate.security.wl9realm.EBRUser@a09a08, ess, everyone]
at weblogic.rjvm.ResponseImpl.unmarshalReturn(ResponseImpl.java:191)
at weblogic.rmi.cluster.ClusterableRemoteRef.invoke(ClusterableRemoteRef.java:315)
at weblogic.rmi.cluster.ClusterableRemoteRef.invoke(ClusterableRemoteRef.java:250)
at weblogic.jndi.internal.ServerNamingNode_910_WLStub.lookup(Unknown Source)
at weblogic.jndi.internal.WLContextImpl.lookup(WLContextImpl.java:374)
Truncated. see log file for complete stacktrace
Any idea why it is ?
Please let me know
Thanks
Binu
Edited by binurajkr at 01/25/2008 4:36 AMHi. Contact official BEA Support. This is likely
to be a known issue with a patch available to fix it.
Joe
binu raj wrote:
Hi
I am getting this error when I am making an EJB method which resides in a different weblogic 9.1 server.
I have enaled the trust between my two domains. Set the required class path settings.
My client call is from a JSP , say client.jsp.
Here I get remote object of the EJB and calls the required method
Now
1) My EJB calls are succesful when I DO NOT secure it
2) but when I make it is secured , ie when I
include the jsp in secured URL ie. under <security-constraint><url-pattern>client.jsp</> in web.xml
, it gives me the follwing error
The stack trace is given below
java.lang.SecurityException: [Security:090398]Invalid Subject: principals=[com.ebreviate.security.wl9realm.EBRUser@a09a08, ess, everyone]
at weblogic.rjvm.ResponseImpl.unmarshalReturn(ResponseImpl.java:191)
at weblogic.rmi.cluster.ClusterableRemoteRef.invoke(ClusterableRemoteRef.java:315)
at weblogic.rmi.cluster.ClusterableRemoteRef.invoke(ClusterableRemoteRef.java:250)
at weblogic.jndi.internal.ServerNamingNode_910_WLStub.lookup(Unknown Source)
at weblogic.jndi.internal.WLContextImpl.lookup(WLContextImpl.java:374)
Truncated. see log file for complete stacktrace
Any idea why it is ?
Please let me know
Thanks
Binu
Edited by binurajkr at 01/25/2008 4:36 AM -
Java.lang.SecurityException: [Security:090398]Invalid Subject
Hi
I am getting this error when I am making an EJB method which resides in a different weblogic 9.1 server.
I have enaled the trust between my two domains. Set the required class path settings.
My client call is from a JSP , say client.jsp.
Here I get remote object of the EJB and calls the required method
Now
1) My EJB calls are succesful when I DO NOT secure it
2) but when I make it is secured , ie when I
include the jsp in secured URL ie. under <security-constraint><url-pattern>client.jsp</> in web.xml
, it gives me the follwing error
The stack trace is given below
java.lang.SecurityException: [Security:090398]Invalid Subject: principals=[com.ebreviate.security.wl9realm.EBRUser@a09a08, ess, everyone]
at weblogic.rjvm.ResponseImpl.unmarshalReturn(ResponseImpl.java:191)
at weblogic.rmi.cluster.ClusterableRemoteRef.invoke(ClusterableRemoteRef.java:315)
at weblogic.rmi.cluster.ClusterableRemoteRef.invoke(ClusterableRemoteRef.java:250)
at weblogic.jndi.internal.ServerNamingNode_910_WLStub.lookup(Unknown Source)
at weblogic.jndi.internal.WLContextImpl.lookup(WLContextImpl.java:374)
Truncated. see log file for complete stacktrace
Any idea why it is ?
Please let me know
Thanks
BinuI got this issue resolved by setting
Context.SECURITY_PRINCIPAL, "" , before the RMI ejb call
Binu -
I have a class that is used to check the status of all managed server in a domain. I use this class to check on the status of multiple domains.
I have a for loop over all the domains and then invoke the method below, one for each domain (I instantiate the class anew for each domain)
The 1st domain connects and returns the status properly. However on subsequent iterations thru the look I get the following SecuriyException below. I have tried a number of things such as setting MBeanHome to null etc but this error repeats anytime I connect to N+1 domains.
Is there a fix for this.
Note: I am using WLS 8.1 SP3 thru 5. And I know the username & pwd is correct cause I can connect using to the admin console using the same username & password and am part of the Administrators group.
Exception on the client on N+1 connect attemp:
java.lang.SecurityException: [Security:090398]Invalid Subject: admin
at weblogic.rjvm.BasicOutboundRequest.sendReceive(BasicOutboundRequest.j
ava:108)
at weblogic.rmi.internal.BasicRemoteRef.invoke(BasicRemoteRef.java:137)
at weblogic.management.internal.AdminMBeanHomeImpl_815_WLStub.getDomainN
ame(Unknown Source)
Exception on the server:
####<Mar 28, 2006 2:59:51 PM CST> <Warning> <RMI> <htx6056> <AdminServer> <Execu
teThread: '2' for queue: 'weblogic.socket.Muxer'> <<WLS Kernel>> <> <BEA-080003>
<RuntimeException thrown by rmi server: weblogic.rmi.internal.BasicServerRef@10
2 - hostID: '-4547912678907759832S:htx6056.cce.hp.com:[10250,10250,10251,10251,1
0250,10251,-1,0,0]:arc_prd1:AdminServer', oid: '258', implementation: 'weblogic.
management.internal.AdminMBeanHomeImpl@1e22632'
java.lang.SecurityException: [Security:090398]Invalid Subject: admin.
java.lang.SecurityException: [Security:090398]Invalid Subject: admin
The code:
public void checkWebLogicServerState( String user, String pass, String url ) throws Exception {
MBeanHome home = Helper.getAdminMBeanHome( user, pass, url );
Set beans = home.getMBeansByType( "Server", home.getDomainName( ));
for( Iterator iter = beans.iterator( ); iter.hasNext( );){
WebLogicMBean bean = (WebLogicMBean)iter.next( );
WebLogicObjectName objName = bean.getObjectName( );
String serverName = objName.getName( );
String location = objName.getLocation( );
ServerRuntimeMBean serverRuntimeMBean = null;
try {
serverRuntimeMBean = (ServerRuntimeMBean)home.getMBean( serverName, "ServerRuntime", home.getDomainName( ), serverName);
String state = serverRuntimeMBean.getState( );
System.out.println( "\t[" + serverName + "] IS " + state + "." );
} catch( Exception ex ) {
System.out.println( "\t[" + serverName + "] IS NOT RUNNING." );
}I worked around the problem by removing the usage of the weblogic.management.Helper and using standard JNDI lookups instead.
Clearly there is a bug in the Helper class that stores securtiy information in a static variable since it cannot be re used within the same JVM/Classloader without sharing the security information.
Used instead:
Environment env = new Environment();
env.setProviderUrl( url );
env.setSecurityPrincipal( user );
env.setSecurityCredentials( pass );
Context ctx = env.getInitialContext( );
home = (MBeanHome)ctx.lookup( MBeanHome.ADMIN_JNDI_NAME ); -
HI,
I am trying to monitor multiple weblogic servers, I am getting the exception when the program is trying to read multiple domains of the same weblogic server version 8.1.
Can any one help me in getting this fix programatically using weblogic.management.*;
I have searched all the sites where I got only a perticular solution which states to maintain the same domain level credentials.
please reply me back if there is a programatical approach to fix this exception.
The exception is given below:
java.lang.SecurityException: [Security:090398]Invalid Subject: principals=[weblogic, Administrators]
at weblogic.rjvm.BasicOutboundRequest.sendReceive(BasicOutboundRequest.java:108)
at weblogic.rmi.internal.BasicRemoteRef.invoke(BasicRemoteRef.java:138)
at weblogic.management.internal.AdminMBeanHomeImpl_811_WLStub.getDomainName(Unknown Source)
at MonitorServers.getDataWeblogic(MonitorServers.java:138)
at MonitorServers.getServers(MonitorServers.java:89)
at MonitorServers.main(MonitorServers.java:352)
Caused by: java.lang.SecurityException: [Security:090398]Invalid Subject: principals=[weblogic, Administrators]
at weblogic.security.service.SecurityServiceManager.seal(SecurityServiceManager.java:682)
at weblogic.rjvm.MsgAbbrevInputStream.getSubject(MsgAbbrevInputStream.java:181)
at weblogic.rmi.internal.BasicServerRef.acceptRequest(BasicServerRef.java:814)
at weblogic.rmi.internal.BasicServerRef.dispatch(BasicServerRef.java:299)
at weblogic.rjvm.RJVMImpl.dispatchRequest(RJVMImpl.java:920)
at weblogic.rjvm.RJVMImpl.dispatch(RJVMImpl.java:841)
at weblogic.rjvm.ConnectionManagerServer.handleRJVM(ConnectionManagerServer.java:222)
at weblogic.rjvm.ConnectionManager.dispatch(ConnectionManager.java:794)
at weblogic.rjvm.t3.T3JVMConnection.dispatch(T3JVMConnection.java:570)
at weblogic.socket.NTSocketMuxer.processSockets(NTSocketMuxer.java:105)
at weblogic.socket.SocketReaderRequest.execute(SocketReaderRequest.java:32)
at weblogic.kernel.ExecuteThread.execute(ExecuteThread.java:197)
at weblogic.kernel.ExecuteThread.run(ExecuteThread.java:170)
Thanks in advanceHi,
I think that if you don't specify the credentials, the current one will be used to connect to the server.
Try to specify the guest identity by explicitely adding the following properties to override the current identity
properties.put(Context.SECURITY_PRINCIPAL, "");
properties.put(Context.SECURITY_CREDENTIALS, "");
Otherwise you will need to setup a trust between the servers.
I Hope this helps.
Giorgio Anastopoulos -
Java.lang.SecurityException: Security: Invalid Subject: principals
I am getting the following exception intermittently:
java.lang.SecurityException: Security: Invalid Subject: principals=[XXX, Administrators]
What i am doing is, i have two weblogic servers both running Weblogic 10.0 and running on different domains, a war is deployed on one server (server A) which sends a message to queue on another server (Server B), now everything works but if i restart B then A throws the above Security Exception while looking up the queue on Server B?? Any ideas why, i haven't configured any security credentials.
If i restart A after restarting B then everything works again but restarting all the servers each time one gets restarted is cumbersome,so does someone knows answer to the question above?
Edited by: user4828945 on Feb 11, 2009 5:41 PMIf you dont require authentication, then enable the global trust between the domains.
When this feature is enabled, identity is passed between WebLogic Server domains over an RMI connection without requiring authentication in the second domain. When inter-domain trust is enabled, transactions can commit across domains. A trust relationship is established when the Domain Credential for one domain matches the Domain Credential for another domain.
By default, the Domain Credential is randomly generated and therefore, no two domains will have the same Domain Credential. If you want two WebLogic Server domains to interoperate, you need to replace the generated credential with a credential you select, and set the same credential in each of the domains.
Link :[http://e-docs.bea.com/wls/docs100/ConsoleHelp/taskhelp/security/EnableGlobalTrustBetweenDomains.html] -
Java.lang.SecurityException: [Security:090398]
Hi All,
I am using Jdeveloper 11.1.1.3.
I am running my application and it runs fine. But after a couple of clicks, I get the following exception. Tried googling and oracle-ing the exception but can't really understand what it is. If someone can provide a solution that would be AWESOME but even if someone can explain what the error is, that would be really really helpful.
Oh and the WebLogic Server Version: 10.3.3.0 on server and client side.
Here's the error...
java.lang.SecurityException: [Security:090398]Invalid Subject: principals=[jdoe11, EFormDefault]
javax.el.ELException: java.lang.SecurityException: [Security:090398]Invalid Subject: principals=[jdoe11, EFormDefault]
at com.sun.el.parser.AstValue.invoke(AstValue.java:161)
at com.sun.el.MethodExpressionImpl.invoke(MethodExpressionImpl.java:283)
at oracle.adf.controller.internal.util.ELInterfaceImpl.invokeMethod(ELInterfaceImpl.java:168)
at oracle.adfinternal.controller.activity.MethodCallActivityLogic.execute(MethodCallActivityLogic.java:161)
at oracle.adfinternal.controller.engine.ControlFlowEngine.executeActivity(ControlFlowEngine.java:989)
at oracle.adfinternal.controller.engine.ControlFlowEngine.doRouting(ControlFlowEngine.java:878)
at oracle.adfinternal.controller.engine.ControlFlowEngine.doRouting(ControlFlowEngine.java:777)
at oracle.adfinternal.controller.engine.ControlFlowEngine.routeFromActivity(ControlFlowEngine.java:551)
at oracle.adfinternal.controller.engine.ControlFlowEngine.performControlFlow(ControlFlowEngine.java:147)
at oracle.adfinternal.controller.application.NavigationHandlerImpl.handleAdfcNavigation(NavigationHandlerImpl.java:109)
at oracle.adfinternal.controller.application.NavigationHandlerImpl.handleNavigation(NavigationHandlerImpl.java:78)
at com.sun.faces.application.ActionListenerImpl.processAction(ActionListenerImpl.java:130)
at org.apache.myfaces.trinidad.component.UIXCommand.broadcast(UIXCommand.java:190)
at oracle.adf.view.rich.component.fragment.UIXRegion.broadcast(UIXRegion.java:148)
at oracle.adf.view.rich.component.fragment.ContextSwitchingComponent$1.run(ContextSwitchingComponent.java:90)
at oracle.adf.view.rich.component.fragment.ContextSwitchingComponent._processPhase(ContextSwitchingComponent.java:309)
at oracle.adf.view.rich.component.fragment.ContextSwitchingComponent.broadcast(ContextSwitchingComponent.java:94)
at oracle.adf.view.rich.component.fragment.UIXInclude.broadcast(UIXInclude.java:97)
at oracle.adf.view.rich.component.fragment.ContextSwitchingComponent$1.run(ContextSwitchingComponent.java:90)
at oracle.adf.view.rich.component.fragment.ContextSwitchingComponent._processPhase(ContextSwitchingComponent.java:309)
at oracle.adf.view.rich.component.fragment.ContextSwitchingComponent.broadcast(ContextSwitchingComponent.java:94)
at oracle.adf.view.rich.component.fragment.UIXInclude.broadcast(UIXInclude.java:91)
at oracle.adfinternal.view.faces.lifecycle.LifecycleImpl.broadcastEvents(LifecycleImpl.java:812)
at oracle.adfinternal.view.faces.lifecycle.LifecycleImpl._executePhase(LifecycleImpl.java:292)
at oracle.adfinternal.view.faces.lifecycle.LifecycleImpl.execute(LifecycleImpl.java:177)
at javax.faces.webapp.FacesServlet.service(FacesServlet.java:265)
at weblogic.servlet.internal.StubSecurityHelper$ServletServiceAction.run(StubSecurityHelper.java:227)
at weblogic.servlet.internal.StubSecurityHelper.invokeServlet(StubSecurityHelper.java:125)
at weblogic.servlet.internal.ServletStubImpl.execute(ServletStubImpl.java:300)
at weblogic.servlet.internal.TailFilter.doFilter(TailFilter.java:26)
at weblogic.servlet.internal.FilterChainImpl.doFilter(FilterChainImpl.java:56)
at oracle.adf.model.servlet.ADFBindingFilter.doFilter(ADFBindingFilter.java:191)
at weblogic.servlet.internal.FilterChainImpl.doFilter(FilterChainImpl.java:56)
at oracle.adfinternal.view.faces.webapp.rich.RegistrationFilter.doFilter(RegistrationFilter.java:97)
at org.apache.myfaces.trinidadinternal.webapp.TrinidadFilterImpl$FilterListChain.doFilter(TrinidadFilterImpl.java:420)
at oracle.adfinternal.view.faces.activedata.AdsFilter.doFilter(AdsFilter.java:60)
at org.apache.myfaces.trinidadinternal.webapp.TrinidadFilterImpl$FilterListChain.doFilter(TrinidadFilterImpl.java:420)
at org.apache.myfaces.trinidadinternal.webapp.TrinidadFilterImpl._doFilterImpl(TrinidadFilterImpl.java:247)
at org.apache.myfaces.trinidadinternal.webapp.TrinidadFilterImpl.doFilter(TrinidadFilterImpl.java:157)
at org.apache.myfaces.trinidad.webapp.TrinidadFilter.doFilter(TrinidadFilter.java:92)
at weblogic.servlet.internal.FilterChainImpl.doFilter(FilterChainImpl.java:56)
at oracle.security.jps.ee.http.JpsAbsFilter$1.run(JpsAbsFilter.java:94)
at java.security.AccessController.doPrivileged(Native Method)
at oracle.security.jps.util.JpsSubject.doAsPrivileged(JpsSubject.java:313)
at oracle.security.jps.ee.util.JpsPlatformUtil.runJaasMode(JpsPlatformUtil.java:414)
at oracle.security.jps.ee.http.JpsAbsFilter.doFilter(JpsAbsFilter.java:138)
at oracle.security.jps.ee.http.JpsFilter.doFilter(JpsFilter.java:71)
at weblogic.servlet.internal.FilterChainImpl.doFilter(FilterChainImpl.java:56)
at oracle.adf.library.webapp.LibraryFilter.doFilter(LibraryFilter.java:159)
at weblogic.servlet.internal.FilterChainImpl.doFilter(FilterChainImpl.java:56)
at oracle.dms.wls.DMSServletFilter.doFilter(DMSServletFilter.java:330)
at weblogic.servlet.internal.FilterChainImpl.doFilter(FilterChainImpl.java:56)
at weblogic.servlet.internal.RequestEventsFilter.doFilter(RequestEventsFilter.java:27)
at weblogic.servlet.internal.FilterChainImpl.doFilter(FilterChainImpl.java:56)
at weblogic.servlet.internal.WebAppServletContext$ServletInvocationAction.doIt(WebAppServletContext.java:3684)
at weblogic.servlet.internal.WebAppServletContext$ServletInvocationAction.run(WebAppServletContext.java:3650)
at weblogic.security.acl.internal.AuthenticatedSubject.doAs(AuthenticatedSubject.java:321)
at weblogic.security.service.SecurityManager.runAs(SecurityManager.java:121)
at weblogic.servlet.internal.WebAppServletContext.securedExecute(WebAppServletContext.java:2268)
at weblogic.servlet.internal.WebAppServletContext.execute(WebAppServletContext.java:2174)
at weblogic.servlet.internal.ServletRequestImpl.run(ServletRequestImpl.java:1446)
at weblogic.work.ExecuteThread.execute(ExecuteThread.java:201)
at weblogic.work.ExecuteThread.run(ExecuteThread.java:173)
Caused by: java.lang.SecurityException: [Security:090398]Invalid Subject: principals=[jdoe11, EFormDefault]
at weblogic.security.service.SecurityServiceManager.seal(SecurityServiceManager.java:835)
at weblogic.security.service.IdentityUtility.authenticatedSubjectToIdentity(IdentityUtility.java:30)
at weblogic.security.service.RoleManager.getRoles(RoleManager.java:183)
at weblogic.security.service.AuthorizationManager.isAccessAllowed(AuthorizationManager.java:375)
at weblogic.rmi.provider.WorkContextAccessController.checkAccess(WorkContextAccessController.java:62)
at weblogic.workarea.spi.WorkContextAccessController.isAccessAllowed(WorkContextAccessController.java:38)
at weblogic.workarea.WorkContextLocalMap$WorkContextKeys.next(WorkContextLocalMap.java:356)
at weblogic.wsee.jaxws.workcontext.WorkContextTube.hasContext(WorkContextTube.java:67)
at weblogic.wsee.jaxws.workcontext.WorkContextClientTube.processRequest(WorkContextClientTube.java:38)
at com.sun.xml.ws.api.pipe.Fiber.__doRun(Fiber.java:604)
at com.sun.xml.ws.api.pipe.Fiber._doRun(Fiber.java:563)
at com.sun.xml.ws.api.pipe.Fiber.doRun(Fiber.java:548)
at com.sun.xml.ws.api.pipe.Fiber.runSync(Fiber.java:445)
at com.sun.xml.ws.client.Stub.process(Stub.java:259)
at com.sun.xml.ws.client.sei.SEIStub.doProcess(SEIStub.java:152)
at com.sun.xml.ws.client.sei.SyncMethodHandler.invoke(SyncMethodHandler.java:115)
at com.sun.xml.ws.client.sei.SyncMethodHandler.invoke(SyncMethodHandler.java:95)
at com.sun.xml.ws.client.sei.SEIStub.invoke(SEIStub.java:135)
at $Proxy157.retrieveForm(Unknown Source)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
at java.lang.reflect.Method.invoke(Method.java:597)
at weblogic.wsee.jaxws.spi.ClientInstance$ClientInstanceInvocationHandler.invoke(ClientInstance.java:363)
at $Proxy158.retrieveForm(Unknown Source)
at gov.atf.eforms.FormBase.retrieveForm(FormBase.java:206)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
at java.lang.reflect.Method.invoke(Method.java:597)
at com.sun.el.parser.AstValue.invoke(AstValue.java:157)
... 62 more
Edited by: HKG on Feb 25, 2011 8:01 AMHi,
difficult to say. From the error message it seems that there is something happening with the authenticated JAAS user. Does the problem reproduce in other applications (e.g. a test case ?)
Frank -
Java.lang.SecurityException when trying to execute Workflow-Java-API from Servlet
I'm trying to call some of the Oracle Workflow-Java-API Classes/Methods from a servlet running on OC4J.
The following Code-Sample is exactly copied from the WFTest Example shipped with Oracle-Workflow:
wfDB = new WFDB(user, ident, "jdbc:oracle:thin:@", "host:1521:tnsstring");
String charset = System.getProperty("CHARSET");
if (charset == null) {
charset = "UTF8";
ctx = new WFContext(wfDB, charset);
if (ctx.getDB().getConnection() == null) {
throw new Exception ("Keine Verbindung zum Workflow");
On OC4J integrated in JDeveloper everything works fine when i run my test-servlet with this code.
On 9ias with OC4J running on a SuSE-Linux Server i get the following Error:
java.lang.SecurityException: class "oracle.apps.fnd.wf.WFContext"'s signer information does not match signer information of other classes in the same package
at java.lang.ClassLoader.checkCerts(ClassLoader.java:554)
at java.lang.ClassLoader.defineClass(ClassLoader.java:482)
at java.security.SecureClassLoader.defineClass(SecureClassLoader.java:106)
at java.net.URLClassLoader.defineClass(URLClassLoader.java:243)
at java.net.URLClassLoader.access$100(URLClassLoader.java:51)
at java.net.URLClassLoader$1.run(URLClassLoader.java:190)
at java.security.AccessController.doPrivileged(Native Method)
at java.net.URLClassLoader.findClass(URLClassLoader.java:183)
at java.lang.ClassLoader.loadClass(ClassLoader.java:294)
at java.lang.ClassLoader.loadClass(ClassLoader.java:250)
at java.lang.ClassLoader.loadClassInternal(ClassLoader.java:310)
at oracle.apps.fnd.wf.engine.JdbcEngineAPI._sqlQueryText(JdbcEngineAPI.java)
at oracle.apps.fnd.wf.engine.EngineAPI.getItemTypes(EngineAPI.java)
at WorkflowData.doGet(WorkflowData.java:61)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:195)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:309)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:336)
at com.evermind[Oracle9iAS (1.0.2.2.1) Containers for J2EE].server.http.ServletRequestDispatcher.invoke(ServletRequestDispatcher.java:508)
at com.evermind[Oracle9iAS (1.0.2.2.1) Containers for J2EE].server.http.ServletRequestDispatcher.forwardInternal(ServletRequestDispatcher.java:177)
at com.evermind[Oracle9iAS (1.0.2.2.1) Containers for J2EE].server.http.HttpRequestHandler.processRequest(HttpRequestHandler.java:576)
at com.evermind[Oracle9iAS (1.0.2.2.1) Containers for J2EE].server.http.HttpRequestHandler.run(HttpRequestHandler.java:189)
at com.evermind[Oracle9iAS (1.0.2.2.1) Containers for J2EE].util.ThreadPoolThread.run(ThreadPoolThread.java:62)
As you can see, the first Workflow-API-Object (WFDB) gets correctly instantiated. But the second one crashes.
The java.policy and java.security files are exactly identical on both machines, my PC and the Linux-Server.
Where might be the problem ?
How can we fix this ?
thanks in advance for any help
Ralfokay, okay,
my/our own fault.
To prevent anyone else of makeing the same mistake, a short decription:
We stored the wf????.jar files inside the $JAVA_HOME/jre/lib/ext directory.
The correct way is to let them inside $ORACLE_HOME/jlib dir of the oracle db and extend the classpath, respectively add the following lines to 'orion-application.xml' of the app.
<library path="$ORACLE_HOME/jlib/wfapi.jar" />
<library path="$ORACLE_HOME/jlib/wfjava.jar" /> -
Java.lang.SecurityException when loading javax.activation.MimeType
Hi all,
I'm having this problem when trying to call a WebService in my Server;
java.lang.SecurityException: class "javax.activation.MimeType"'s signer information does not match signer information of other classes in the same package
at java.lang.ClassLoader.checkCerts(ClassLoader.java(Compiled Code))
at java.lang.ClassLoader.defineClass(ClassLoader.java(Compiled Code))
at java.security.SecureClassLoader.defineClass(SecureClassLoader.java(Compiled Code))
at java.net.URLClassLoader.defineClass(URLClassLoader.java(Compiled Code))
at java.net.URLClassLoader.access$500(URLClassLoader.java(Inlined Compiled Code))
at java.net.URLClassLoader$ClassFinder.run(URLClassLoader.java(Compiled Code))
at java.security.AccessController.doPrivileged1(Native Method)
at java.security.AccessController.doPrivileged(AccessController.java(Compiled Code))
at java.net.URLClassLoader.findClass(URLClassLoader.java(Compiled Code))
at java.lang.ClassLoader.loadClass(ClassLoader.java(Compiled Code))
at java.lang.ClassLoader.loadClass(ClassLoader.java(Compiled Code))
at sun.misc.Launcher$AppClassLoader.loadClass(Launcher.java(Compiled Code))
at java.lang.ClassLoader.loadClass(ClassLoader.java(Compiled Code))
at org.apache.soap.rpc.SOAPContext.addBodyPart(SOAPContext.java:344)
at org.apache.soap.rpc.SOAPContext.setRootPart(SOAPContext.java:403)
at org.apache.soap.rpc.SOAPContext.setRootPart(SOAPContext.java:442)
at org.apache.soap.rpc.SOAPContext.setRootPart(SOAPContext.java:417)
at org.apache.soap.transport.TransportMessage.save(TransportMessage.java:351)
at oracle.soap.transport.http.OracleSOAPHTTPConnection.send(OracleSOAPHTTPConnection.java:713)
at org.apache.soap.rpc.Call.invoke(Call.java:261)
It seems to work in my local machine (running on JDeveloper10G embedded server), but i cannot make it work in production server (version 10.1.2.0.2) ...
Any idea of what is going wrong? I know what the error means, but i don't know why it is raising.I've tried the webservice standalone (without a servlet frontend) and it seems to work, so i'll post this in the servlets forum.
Thanks. -
Java.lang.SecurityException: Cannot set up certs for trusted CAs
Hi,
The application iam working on encrypts & decrypts files. The application is deployed on a standalone OC4j container on solaris 5.8. I have downloaded the following jar files
jce1_2_2.jar
sunjce_provider.jar
local_policy.jar
US_export_policy.jar
and have declared them in the application.xml
when i run the application i get the following exception.
java.lang.ExceptionInInitializerError: java.lang.SecurityException: Cannot set up certs for trusted CAs: java.lang.SecurityException: Signer restraint check failed! at javax.crypto.SunJCE_b.<clinit>(DashoA6275) at javax.crypto.Cipher.a(DashoA6275) at javax.crypto.Cipher.getInstance(DashoA6275) at pdfDownload.jspService(_pdfDownload.java:215) [SRC:/pdfDownload.jsp:167] at com.orionserver[Oracle9iAS (9.0.3.0.0) Containers for J2EE].http.OrionHttpJspPage.service(OrionHttpJspPage.java:56) at oracle.jsp.runtimev2.JspPageTable.service(JspPageTable.java:317) at oracle.jsp.runtimev2.JspServlet.internalService(JspServlet.java:465) at oracle.jsp.runtimev2.JspServlet.service(JspServlet.java:379) at javax.servlet.http.HttpServlet.service(HttpServlet.java:853) at com.evermind[Oracle9iAS (9.0.3.0.0) Containers for J2EE].server.http.ServletRequestDispatcher.invoke(ServletRequestDispatcher.java:721) at com.evermind[Oracle9iAS (9.0.3.0.0) Containers for J2EE].server.http.ServletRequestDispatcher.forwardInternal(ServletRequestDispatcher.java:306) at com.evermind[Oracle9iAS (9.0.3.0.0) Containers for J2EE].server.http.HttpRequestHandler.processRequest(HttpRequestHandler.java:767) at com.evermind[Oracle9iAS (9.0.3.0.0) Containers for J2EE].server.http.HttpRequestHandler.run(HttpRequestHandler.java:259) at com.evermind[Oracle9iAS (9.0.3.0.0) Containers for J2EE].server.http.HttpRequestHandler.run(HttpRequestHandler.java:106) at EDU.oswego.cs.dl.util.concurrent.PooledExecutor$Worker.run(PooledExecutor.java:803) at java.lang.Thread.run(Thread.java:484)
Pls advise, is there any other setting that needs to be done ?
Thanks & Regards
ArunHi,
I got the solution for this. JCE 1.2.2 is supported on JDK 1.4.1 and JDK 1.4.2, but both of them have different unrestricted policy jars. I was able to solve the problem once I downloaded the unrestricted policy jars for JDK 1.4.2 (which is used by BEA 8.1 SP5) from the following URL : http://java.sun.com/j2se/1.4.2/download.html
Regards,
Prashant Kale. -
Java.lang.SecurityException while using RDBMSRealm in 5.1
Hi,
We are in the process of migrating our application from Weblogic 4.5.1
to Weblogic 5.1. When we try to set up RdbmsRealm as the delegate realm
for the server and start the server, we get the following exception:
java.lang.SecurityException: User "system" does not have Permission
"read" based on ACL "weblogic.workspace.system".
at weblogic.security.acl.Security.logAndThrow(Security.java:372)
at weblogic.security.acl.Security.checkPermission(Security.java:254)
at
weblogic.workspace.server.Workspace.checkPermission(Workspace.java:1169)
at weblogic.workspace.server.Workspace.checkRead(Workspace.java:1174)
at weblogic.workspace.server.Workspace.fetch(Workspace.java:208)
at
weblogic.jdbc.common.internal.ConnectionPool.startup(ConnectionPool.java:243)
at weblogic.jdbc.common.internal.JdbcInfo.initPools(JdbcInfo.java,
Compiled Code)
at weblogic.jdbc.common.internal.JdbcInfo.startup(JdbcInfo.java:200)
at weblogic.jdbc.common.internal.JdbcStartup.main(JdbcStartup.java:11)
at java.lang.reflect.Method.invoke(Native Method)
at weblogic.t3.srvr.StartupThread.runMain(StartupThread.java:219)
at weblogic.t3.srvr.StartupThread.doWork(StartupThread.java, Compiled
Code)
at
weblogic.t3.srvr.PropertyExecuteThread.run(PropertyExecuteThread.java:62)
The database has aclentries that grant read, write and reserve
permissions on weblogic.workspace.system to everyone. It is not clear
why the server still complains that user 'system' does not have
permissions. Is 'system' user not a part of everyone group by default? (
We are using the same acls we were using with Weblogic 4.5.1 ). Does
'everyone' group have all the users in it by default? Or has it changed?
Any suggestions welcome.
Thanks and Regards
Suresh BEither try setting weblogic.allow.read.weblogic.workspace=system
Or add the system user to the group 'everyone' in the database you use for
RDBMSRealm (Hmm, not sure if this will work or not.
If you are implementing a custom realm then you need to explicitly state
which members are in the 'everyone' group.
(I've recently had a similar problem . I actually chose a different
solution, by overriding the isMember(user) method in RDBMSGroup to always
return true if the group's name is 'everyone' - I had to override the method
anyway, for other reasons. If anyone as any input on why this is a really
bad idea please feel free to tell me)
terry
BSuresh <[email protected]> wrote in message
news:[email protected]...
Hi,
weblogic.allow.read.weblogic.workspace=everyone
weblogic.allow.write.weblogic.workspace=everyone
weblogic.allow.read.weblogic.workspace.system=everyone
weblogic.allow.write.weblogic.workspace.system=everyone
I tried having the above entries in the weblogic.properties file but theserver
complains that weblogic.workspace acl is defined both in the delegate andbackup
realm. And the result remains the same - java.lang.SecurityException.User
"system" does not have Permission "read" based on ACL
"weblogic.workspace.system".
Thanks
Suresh.B
KNK wrote:
Try setting the "read" and "write" permissions explicitly in
weblogic.properties file.
weblogic.allow.read.weblogic.workspace=everyone
weblogic.allow.write.weblogic.workspace=everyone
-- KNK --
A ten thousand miles journey begins with a single step. That single stephas
to be taken from where you are, worries are no solution to any problem.
"BSuresh" <[email protected]> wrote in message
news:[email protected]...
Hi,
We are in the process of migrating our application from Weblogic 4.5.1
to Weblogic 5.1. When we try to set up RdbmsRealm as the delegate
realm
for the server and start the server, we get the following exception:
java.lang.SecurityException: User "system" does not have Permission
"read" based on ACL "weblogic.workspace.system".
at weblogic.security.acl.Security.logAndThrow(Security.java:372)
at weblogic.security.acl.Security.checkPermission(Security.java:254)
at
weblogic.workspace.server.Workspace.checkPermission(Workspace.java:1169)
>>>
at weblogic.workspace.server.Workspace.checkRead(Workspace.java:1174)
at weblogic.workspace.server.Workspace.fetch(Workspace.java:208)
at
weblogic.jdbc.common.internal.ConnectionPool.startup(ConnectionPool.java:243
at weblogic.jdbc.common.internal.JdbcInfo.initPools(JdbcInfo.java,
Compiled Code)
at weblogic.jdbc.common.internal.JdbcInfo.startup(JdbcInfo.java:200)
at
weblogic.jdbc.common.internal.JdbcStartup.main(JdbcStartup.java:11)
at java.lang.reflect.Method.invoke(Native Method)
at weblogic.t3.srvr.StartupThread.runMain(StartupThread.java:219)
at weblogic.t3.srvr.StartupThread.doWork(StartupThread.java, Compiled
Code)
at
weblogic.t3.srvr.PropertyExecuteThread.run(PropertyExecuteThread.java:62)
>>>
The database has aclentries that grant read, write and reserve
permissions on weblogic.workspace.system to everyone. It is not clear
why the server still complains that user 'system' does not have
permissions. Is 'system' user not a part of everyone group by default?(
We are using the same acls we were using with Weblogic 4.5.1 ). Does
'everyone' group have all the users in it by default? Or has itchanged?
>>>
Any suggestions welcome.
Thanks and Regards
Suresh B -
Java.lang.SecurityException: The SunJCE provider may have been tampered.
Hello all,
I am getting this exception :
java.lang.SecurityException: The SunJCE provider may have been tampered.
at com.sun.crypto.provider.DESedeKeyFactory.<init>(DashoA6275)
while running a java application (not written by me), which apparently is trying to encrypt a byte array at this point.
Does this ring a bell for any one ?
I am using j2sdk1.4.2_08, after having to uninstall j2sdk1.4.2_10 due to some other problems with this release.
Thank you,
VinceUsing JDK1.6 you should not need to have sunjce_provider.jar or jce1_2_2.jar in the lib directory. The Sun provider comes as part of JDK1.6 and ALL applications pick it up automatically.
Maybe you are looking for
-
How do I add a jpg photo into the library
I am trying to animate a layer on top of a background, I've made the background layer the first in the back but when I animate it dissapeers. I can use one of the stock backgrounds from the library and it stays in thebackground while the other gif la
-
Invalid Form value passed?!
Hi there, We recently migrated to CF MX 7 from ol' CF 5. This error started appearing, and I'm not sure but maybe it is related to text encoding on the site. This error appears (sometimes!) when certain text is entered in the textarea box for posting
-
Pictures not fitting on screen in slideshow
Is there any way of ensuring that all pictures fit on the screen for a slideshow? The vertical ones in particular have tops or bottoms cut off. Sometimes it is a person's head! This occurs with or without the Ken Burns effect. Is it anything to do wi
-
I had basis create a new bex package. I cannot see it in the transport screen. Does the package have to be transorted before I can use it to for transports?
-
Mac mini home theater resource and OS survey
AVS Forum (AV Science Forum) is a free, discussion group Web site that offers a wealth of member-contributed information about home theater technology. Since June of 2005, it has offered a Mac subforum and the discussions in that group have increased