Sometimes: java.lang.SecurityException: Permission denied
Hello,
we are using a lot of signed applets in our Web application (used web server: JBoss 5.1).
For example we use an applet in javascript code and call some of applet's methods. The called java methods are privileged code.
Since Update to JRE 1.6.0_24 we are getting sometimes:
Permission denied: null
java.lang.SecurityException: Permission denied: null
at sun.plugin2.applet.Plugin2Manager$AppletExecutionRunnable.run(Unknown Source)
at java.lang.Thread.run(Unknown Source)
Ausnahme: java.lang.SecurityException: Permission denied: null
java.net.MalformedURLException: no protocol: ./Test.jar
at java.net.URL.<init>(Unknown Source)
at java.net.URL.<init>(Unknown Source)
at sun.plugin.util.GrayBoxPainter.setProgressFilter(Unknown Source)
at sun.plugin2.applet.Plugin2Manager.setupGrayBoxPainter(Unknown Source)
at sun.plugin2.applet.Plugin2Manager.showAppletException(Unknown Source)
at sun.plugin2.applet.Plugin2Manager$AppletExecutionRunnable.run(Unknown Source)
at java.lang.Thread.run(Unknown Source)
Test.jar is signed. Most of the time Test.jar can be found. The problem seems to appear in case of new JVM (and new java console).
We arent't operating on the local file system.
Are there any ideas, known problems?
Thanks in advance.
We've encountered the same problem
exception: Permission denied: null.
java.lang.SecurityException: Permission denied: null
at sun.plugin2.applet.Plugin2Manager$AppletExecutionRunnable.run(Unknown Source)
at java.lang.Thread.run(Unknown Source)
Exception: java.lang.SecurityException: Permission denied: null
But seems to me, that the issue is related to combination of Java6 update 24 and Firefox 3.6.14. We tested on two stations, first FF3.6.14, java6u24, second FF3.6.14, java6u23. On the first station we got exception, but on the second java works fine. After reinstaling java on the first stations to verstion 6u23, everything works fine.
Similar Messages
-
Hi,
When I try to start up the WebLogic server by running a startup script
in the WebLogic server root directory, I am getting the following
error:
<Apr 23, 2003 1:15:11 PM EDT> <Critical> <WebLogicServer> <000364>
<Server failed during initialization.
Exception:java.lang.SecurityException: Authentication denied: Boot
identity not valid
java.lang.SecurityException: Authentication denied: Boot identity not
valid
at weblogic.security.service.SecurityServiceManager.doBootAuthorization(SecurityServiceManager.java:1074)
at weblogic.security.service.SecurityServiceManager.initialize(SecurityServiceManager.java:1216)
at weblogic.t3.srvr.T3Srvr.initialize1(T3Srvr.java:723)
at weblogic.t3.srvr.T3Srvr.initialize(T3Srvr.java:594)
at weblogic.t3.srvr.T3Srvr.run(T3Srvr.java:282)
at weblogic.Server.main(Server.java:32)
>
<Apr 23, 2003 1:15:11 PM EDT> <Emergency> <WebLogicServer> <000342>
<Unable to initialize the server: Fatal initialization exception
Throwable: java.lang.SecurityException: Authentication denied: Boot
identity not valid
java.lang.SecurityException: Authentication denied: Boot identity not
valid
at weblogic.security.service.SecurityServiceManager.doBootAuthorization(SecurityServiceManager.java:1074)
at weblogic.security.service.SecurityServiceManager.initialize(SecurityServiceManager.java:1216)
at weblogic.t3.srvr.T3Srvr.initialize1(T3Srvr.java:723)
at weblogic.t3.srvr.T3Srvr.initialize(T3Srvr.java:594)
at weblogic.t3.srvr.T3Srvr.run(T3Srvr.java:282)
at weblogic.Server.main(Server.java:32)
>
The WebLogic Server did not start up properly.
Exception raised:
java.lang.SecurityException: Authentication denied: Boot identity not
valid
at weblogic.security.service.SecurityServiceManager.doBootAuthorization(SecurityServiceManager.java:1074)
at weblogic.security.service.SecurityServiceManager.initialize(SecurityServiceManager.java:1216)
at weblogic.t3.srvr.T3Srvr.initialize1(T3Srvr.java:723)
at weblogic.t3.srvr.T3Srvr.initialize(T3Srvr.java:594)
at weblogic.t3.srvr.T3Srvr.run(T3Srvr.java:282)
at weblogic.Server.main(Server.java:32)
Reason: Fatal initialization exception
Throwable: java.lang.SecurityException: Authentication denied: Boot
identity not valid
java.lang.SecurityException: Authentication denied: Boot identity not
valid
at weblogic.security.service.SecurityServiceManager.doBootAuthorization(SecurityServiceManager.java:1074)
at weblogic.security.service.SecurityServiceManager.initialize(SecurityServiceManager.java:1216)
at weblogic.t3.srvr.T3Srvr.initialize1(T3Srvr.java:723)
at weblogic.t3.srvr.T3Srvr.initialize(T3Srvr.java:594)
at weblogic.t3.srvr.T3Srvr.run(T3Srvr.java:282)
at weblogic.Server.main(Server.java:32)
I am also pasting below the source code of the startup script that I
am using to start WebLogic server:
#!/bin/sh
# This script is used to start WebLogic Server.
# To create your own start script for your domain, simply set the
SERVER_NAME
# variable to your server name then call this script from your domain
# directory.
# This script sets the following variables before starting WebLogic
Server:
# WL_HOME - The root directory of your WebLogic installation
# JAVA_HOME - Location of the version of Java used to start
WebLogic
# Server. This variable must point to the root
directory of a
# JDK installation and will be set for you by the
installer.
# See the WebLogic platform support page
# (http://e-docs.bea.com/wls/platforms/index.html)
for an up-to-date list of
# supported JVMs on your platform.
# PATH - Adds the JDK and WebLogic directories to the system
path.
# CLASSPATH - Adds the JDK and WebLogic jars to the classpath.
# JAVA_OPTIONS - Java command-line options for running the server.
# Other variables that startWLS takes are:
# ADMIN_URL - If this variable is set, the server started will be
a
# managed server, and will look to the url specified
(i.e.
# http://localhost:7001) as the admin server.
# WLS_USER - Admin username for server startup
# WLS_PW - Cleartext password for server startup
# STARTMODE - Set to true for production mode servers, false for
# development mode
# JAVA_OPTIONS - Java command-line options for running the server.
(These
# will be tagged on to the end of the JAVA_VM and
MEM_ARGS)
# JAVA_VM - The java arg specifying the VM to run. (i.e.
-server,
# -hotspot, etc.)
# MEM_ARGS - The variable to override the standard memory
arguments
# passed to java
# PRE_CLASSPATH - Path style variable to be added to the beginning of
the
# CLASSPATH
# POST_CLASSPATH - Path style variable to be added to the end of the
# CLASSPATH
# PRE_PATH - Path style variable to be added to the beginning of
the
# PATH
# POST_PATH - Path style variable to be added to the end of the
PATH
# Alternately, this script will take the first two positional
parameters and
# set them to SERVER_NAME and ADMIN_URL. For instance, you could call
this
# script: "sh startWLS.sh myserver http://localhost:7001" to start a
# managed server named myserver, or just "sh startWLS.sh myserver"
# to start a server named myserver.
# jDriver for Oracle users: This script assumes that native libraries
required
# for jDriver for Oracle have been installed in the proper location
and that
# your os specific library path variable (i.e.
LD_LIBRARY_PATH/solaris,
# SHLIB_PATH/hpux, etc...) has been set appropriately. Also note that
this
# script defaults to the oci817_8 version of the shared libraries. If
this is
# not the version you need, please adjust the library path variable
# accordingly.
# For additional information, refer to the WebLogic Server
Administration Guide
# (http://e-docs.bea.com/wls/docs70/adminguide/startstop.html).
WL_HOME="/usr/local/bea/weblogic700"
JAVA_HOME="/usr/local/bea/jdk131_06"
. ${WL_HOME}/common/bin/commEnv.sh
# Check that the WebLogic classes are where we expect them to be
if [ ! -f "${WL_HOME}/server/lib/weblogic.jar" ]; then
echo
echo "The WebLogic Server wasn't found in directory
${WL_HOME}/server."
echo "Please edit your script so that the WL_HOME variable points"
echo "to the WebLogic installation directory."
# Check that java is where we expect it to be
elif [ ! -d "${JAVA_HOME}/bin" ]; then
echo
echo "The JDK wasn't found in directory ${JAVA_HOME}."
echo "Please edit your script so that the JAVA_HOME variable"
echo "points to the location of your JDK."
else
# Grab some file descriptors.
if [ ! -n "`uname -s |grep -i cygwin || uname -s |grep -i windows_nt`"
]; then
maxfiles=`ulimit -H -n`
if [ !$? -a "${maxfiles}" != 1024 ]; then
if [ "${maxfiles}" = "unlimited" ]; then
maxfiles=1025
fi
if [ "${maxfiles}" -lt 1024 ]; then
ulimit -n ${maxfiles}
else
ulimit -n 1024
fi
fi
fi
# Set first two positional parameters to SERVER_NAME and ADMIN_URL
if [ -n "${1}" -a "${SERVER_NAME}" = "" ]; then
SERVER_NAME="${1}"
fi
if [ -n "${2}" -a "${ADMIN_URL}" = "" ]; then
ADMIN_URL="${2}"
fi
# Figure out how to use our shared libraries
case `uname -s` in
AIX)
if [ -n "${LIBPATH}" ]; then
LIBPATH="${LIBPATH}:${WL_HOME}/server/lib/aix:${WL_HOME}/server/lib/aix/oci817_8"
else
LIBPATH="${WL_HOME}/server/lib/aix:${WL_HOME}/server/lib/aix/oci817_8"
fi
PATH="${WL_HOME}/server/lib/aix:${PATH}"
export LIBPATH PATH
export AIXTHREAD_SCOPE=S
export AIXTHREAD_MUTEX_DEBUG=OFF
export AIXTHREAD_RWLOCK_DEBUG=OFF
export AIXTHREAD_COND_DEBUG=OFF
echo "LIBPATH=${LIBPATH}"
HP-UX)
if [ -n "${SHLIB_PATH}" ]; then
SHLIB_PATH="${SHLIB_PATH}:${WL_HOME}/server/lib/hpux11:${WL_HOME}/server/lib/hpux11/oci817_8"
else
SHLIB_PATH="${WL_HOME}/server/lib/hpux11:${WL_HOME}/server/lib/hpux11/oci817_8"
fi
PATH="${WL_HOME}/server/lib/hpux11:${PATH}"
export SHLIB_PATH PATH
echo "SHLIB_PATH=${SHLIB_PATH}"
IRIX)
if [ -n "${LD_LIBRARY_PATH}" ]; then
LD_LIBRARY_PATH="${LD_LIBRARY_PATH}:${WL_HOME}/server/lib/irix"
else
LD_LIBRARY_PATH="${WL_HOME}/server/lib/irix"
fi
PATH="${WL_HOME}/server/lib/irix:${PATH}"
export LD_LIBRARY_PATH PATH
echo "LD_LIBRARY_PATH=${LD_LIBRARY_PATH}"
LINUX|Linux)
arch=`uname -m`
if [ -n "${LD_LIBRARY_PATH}" ]; then
LD_LIBRARY_PATH="${LD_LIBRARY_PATH}:${WL_HOME}/server/lib/linux/${arch}:${WL_HOME}/server/lib/linux/${arch}/oci817_8"
else
LD_LIBRARY_PATH="${WL_HOME}/server/lib/linux/${arch}:${WL_HOME}/server/lib/linux/${arch}/oci817_8"
fi
PATH="${WL_HOME}/server/lib/linux:${PATH}"
export LD_LIBRARY_PATH PATH
echo "LD_LIBRARY_PATH=${LD_LIBRARY_PATH}"
OSF1)
if [ -n "${LD_LIBRARY_PATH}" ]; then
LD_LIBRARY_PATH="${LD_LIBRARY_PATH}:${WL_HOME}/server/lib/tru64unix"
else
LD_LIBRARY_PATH="${WL_HOME}/server/lib/tru64unix"
fi
PATH="${WL_HOME}/server/lib/tru64unix:${PATH}"
export LD_LIBRARY_PATH PATH
echo "LD_LIBRARY_PATH=${LD_LIBRARY_PATH}"
SunOS)
if [ -n "${LD_LIBRARY_PATH}" ]; then
LD_LIBRARY_PATH="${LD_LIBRARY_PATH}:${WL_HOME}/server/lib/solaris:${WL_HOME}/server/lib/solaris/oci817_8"
else
LD_LIBRARY_PATH="${WL_HOME}/server/lib/solaris:${WL_HOME}/server/lib/solaris/oci817_8"
fi
PATH="${WL_HOME}/server/lib/solaris:${PATH}"
export LD_LIBRARY_PATH PATH
echo "LD_LIBRARY_PATH=${LD_LIBRARY_PATH}"
if [ "${JAVA_VM}" = "" ]
then
# JAVA_VM=-server
JAVA_VM=${COMM_SERVER_VM}
fi
Windows_NT*)
if [ "${JAVA_VM}" = "" ]
then
# JAVA_VM=-hotspot
JAVA_VM=${COMM_VM}
fi
PATHSEP=\;
CLASSPATHSEP=\;
CYGWIN*)
if [ "${JAVA_VM}" = "" ]
then
# JAVA_VM=-hotspot
JAVA_VM=${COMM_VM}
fi
CLASSPATHSEP=\;
echo "$0: Don't know how to set the shared library path for `uname
-s`. "
esac
if [ "${MEM_ARGS}" = "" ]
then
MEM_ARGS="-Xms32m -Xmx200m"
fi
if [ "${PATHSEP}" = "" ]; then
PATHSEP=:
fi
if [ "${CLASSPATHSEP}" = "" ]; then
CLASSPATHSEP=:
fi
CLASSPATH="${JAVA_HOME}/lib/tools.jar${CLASSPATHSEP}${WL_HOME}/server${CLASSPATHSEP}${WL_HOME}/server/lib/weblogic_sp.jar${CLASSPATHSEP}${WL_H
OME}/server/lib/weblogic.jar${CLASSPATHSEP}${CLASSPATH}"
# If we are on an old version of Cygnus we need to turn <letter>:/ in
the path
# to //<letter>/
if [ `uname -s` = "CYGWIN32/NT" ]; then
WL_HOME=`echo $WL_HOME | sed "s#\([a-zA-Z]\):#//\1#g"`
JAVA_HOME=`echo $JAVA_HOME | sed "s#\([a-zA-Z]\):#//\1#g"`
fi
# If we are on an new version of Cygnus we need to turn <letter>:/ in
the path
# to /cygdrive/<letter>/
if [ -n "`uname -s |grep -i cygwin_`" ]; then
WL_HOME=`echo $WL_HOME | sed "s#\([a-zA-Z]\):#/cygdrive/\1#g"`
JAVA_HOME=`echo $JAVA_HOME | sed "s#\([a-zA-Z]\):#/cygdrive/\1#g"`
fi
PATH=".${PATHSEP}${WL_HOME}/server/bin${PATHSEP}${JAVA_HOME}/jre/bin${PATHSEP}${JAVA_HOME}/bin${PATHSEP}${PATH}"
# Import extended environment
if [ -f extEnv.sh ]; then
. extEnv.sh
fi
if [ ! -z "${EXT_PRE_CLASSPATH}" ]; then
CLASSPATH="${EXT_PRE_CLASSPATH}${CLASSPATHSEP}${CLASSPATH}"
fi
if [ ! -z "${EXT_POST_CLASSPATH}" ]; then
CLASSPATH="${CLASSPATH}${CLASSPATHSEP}${EXT_POST_CLASSPATH}"
fi
if [ ! -z "${EXT_PRE_PATH}" ]; then
PATH="${EXT_PRE_PATH}${PATHSEP}${PATH}"
fi
if [ ! -z "${EXT_POST_PATH}" ]; then
PATH="${PATH}${PATHSEP}${EXT_POST_PATH}"
fi
# Get PRE and POST environment
if [ ! -z "${PRE_CLASSPATH}" ]; then
CLASSPATH="${PRE_CLASSPATH}${CLASSPATHSEP}${CLASSPATH}"
fi
if [ ! -z "${POST_CLASSPATH}" ]; then
CLASSPATH="${CLASSPATH}${CLASSPATHSEP}${POST_CLASSPATH}"
fi
if [ ! -z "${PRE_PATH}" ]; then
PATH="${PRE_PATH}${PATHSEP}${PATH}"
fi
if [ ! -z "${POST_PATH}" ]; then
PATH="${PATH}${PATHSEP}${POST_PATH}"
fi
echo CLASSPATH=${CLASSPATH}
echo
echo PATH=${PATH}
echo
echo "***************************************************"
echo "* To start WebLogic Server, use a username and *"
echo "* password assigned to an admin-level user. For *"
echo "* server administration, use the WebLogic Server *"
echo "* console at http://<hostname>:<port>/console *"
echo "***************************************************"
if [ "$ADMIN_URL" != "" ]
then
set -x
"${JAVA_HOME}/bin/java" ${JAVA_VM} ${MEM_ARGS} ${JAVA_OPTIONS}
-classpath "${CLASSPATH}" -Dweblogic.Name=${SERVER_NAME}
-Dbea.home="/usr/local
/bea" -Dweblogic.management.username=${WLS_USER}
-Dweblogic.management.password=${WLS_PW}
-Dweblogic.management.server=${ADMIN_URL} -Dweblogic
.ProductionModeEnabled=${STARTMODE}
-Djava.security.policy="${WL_HOME}/server/lib/weblogic.policy"
weblogic.Server
else
set -x
"${JAVA_HOME}/bin/java" ${JAVA_VM} ${MEM_ARGS} ${JAVA_OPTIONS}
-classpath "${CLASSPATH}" -Dweblogic.Name=${SERVER_NAME}
-Dbea.home="/usr/local
/bea" -Dweblogic.management.username=${WLS_USER}
-Dweblogic.management.password=${WLS_PW}
-Dweblogic.ProductionModeEnabled=${STARTMODE} -Djava
.security.policy="${WL_HOME}/server/lib/weblogic.policy"
weblogic.Server
fi
set +x
fi
--------------END OF SCRIPT----------
So can you please look at the exception and the above-pasted source
code of the startup script file and let me know what needs to be done
to fix the error?
Thanks,
KalpanaSenthil,
What may have happened is that the boot identity (e.g., the "weblogic" user) is no longer in the realm. Or, you added a second authenticator which has a Control Flag of Required but the weblogic user cannot be found there.
If it's the first scenario, add the weblogic user (and his inclusion in the Administrators group) to the data store for your authenticator.
If it's the second scenario, you need to change the Control Flag to something less drastic such as Sufficient. In this case, you can't make the change in WebLogic Console since you can't boot your server. Have a look in config.xml and see if your newly created authenticator is listed there. If it is, change the Control Flag and try to reboot the server.
Otherwise, copy config.xml.booted to config.xml and start your server. You'll have to re-do your security realm changes, though.
HTH,
Mike -
Java.lang.SecurityException: showDocument url permission denied
Hi,
We get below given error in one of the java application when we use the java version which is higher than 1.6.0_24.
java.lang.SecurityException: showDocument url permission denied
at sun.plugin2.main.client.MessagePassingExecutionContext.showDocument(Unknown Source)
at sun.plugin2.applet.Plugin2Manager$AppletContextImpl.showDocument(Unknown Source)
at vrts.CreateCrystalReports.createTransmittal(CreateCrystalReports.java:52)
at vrts.JFrameOldProjectWizard.createTransmittalAndOCS(JFrameOldProjectWizard.java:289)
at vrts.JFrameOldProjectWizard$6.actionPerformed(JFrameOldProjectWizard.java:240)
at javax.swing.AbstractButton.fireActionPerformed(Unknown Source)
We get this error in below given code where it tries to open a HTML file.
appletContext.showDocument(urlObj,"_blank");
Can you please provide solution for this issue so that code should work in any java versions.
Thanks,
Swathi
Edited by: 988624 on Feb 17, 2013 11:06 PMI have to ask. Is the applet signed?
-
Java.lang.SecurityException when granting java permission
DB version 11.1.07
We used this command to grant the following permission in development and stage environment with no problems.
exec dbms_java.grant_permission( 'SCHEMA', 'SYS:java.lang.RuntimePermission', 'getClassLoader', '' );
When the same command is run in production, it results in this.
ERROR at line 1:
ORA-29532: Java call terminated by uncaught Java exception:
java.lang.SecurityException: policy table update
SYS:java.lang.RuntimePermission, getClassLoader
ORA-06512: at "SYS.DBMS_JAVA", line 787
ORA-06512: at line 1
These commands were executed as SYS user in all environments. Any ideas what could be causing this?
Thanks.
UsmanEither you are only using a security manager in production or there is a difference in the permissions granted by the security domains (for example, .policy files).
-
Getting this security exception when trying to pull a message from one weblogic
instance JMS queue, and sending the message (via a MDB) to another machine's JMS
queue.
Ex. Here's the scenario.
Two Windows2000Server machines,
one at ip ... xxx.xxx.x.16,
second machine at ... xxx.xxx.x.17.
MDB pulls message off of a JMS queue on 16. MDB sends the message to .17 box.
ON the .17 machine (the receiver) I get the following exception
weblogic.transaction.internal.CoordinatorImpl@31406b>
java.lang.SecurityException: Authentication for user system denied in realm wl_realm
at weblogic.security.acl.Realm.authenticate(Realm.java:212)
at weblogic.security.acl.Realm.getAuthenticatedName(Realm.java:233)
at weblogic.security.acl.internal.Security.authenticate(Security.java:125)
at weblogic.security.acl.internal.Security.verify(Security.java:87)
at weblogic.rmi.internal.BasicRequestHandler.handleRequest(BasicRequestHandler.java:76)
at weblogic.rmi.internal.BasicExecuteRequest.execute(BasicExecuteRequest.java:17)
at weblogic.kernel.ExecuteThread.execute(ExecuteThread.java:137)
at weblogic.kernel.ExecuteThread.run(ExecuteThread.java:120)
ON the sending maching .16, I get the following exception.
####<Apr 3, 2002 9:46:24 AM CST> <Error> <RJVM> <testweblogic> <OptiSoftAppServer>
<ExecuteThread: '96' for queue: 'default'> <> <> <000000> <Unsolicited error response
for: '-1'>
The messages appear to show up on the destination machine, but are these error
messages valid, or just bogus?
Thanks,
Eric.
Why is that? Your suggestion worked but I don't understand why.
When our MDB on machineA did the JNDI lookup to MachineB we set the
credentials to a valid user/password on MachineB.
My speculation: Since the MDB on machineA is already in a transaction
any other JNDI calls use the credentials for the MDB's transactions,
ignoring any other credentials we might try to set explicitly. If my
speculation is correct then that would explain by the passwords for the
user "system" would have to be the same between servers.
Is there a good place to read up on this?
Thanks
Tom
Rajesh Mirchandani wrote:
> Make sure you have the same system password for the 2 instances of WLS on seperate boxes.
>
> Tom Barnes wrote:
>
>
>>Or post to the EJB newsgroup (which "owns" MDBs).
>>
>>Tom Barnes wrote:
>>
>>
>>>I think there is a username/password field configurable in the MDB descriptor that
>>>might help here??? Other than that, I suggest posting to the security newsgroup.
>>>
>>>Tom
>>>
>>>Eric Babin wrote:
>>>
>>>
>>>>Getting this security exception when trying to pull a message from one weblogic
>>>>instance JMS queue, and sending the message (via a MDB) to another machine's JMS
>>>>queue.
>>>>
>>>>Ex. Here's the scenario.
>>>>
>>>> Two Windows2000Server machines,
>>>> one at ip ... xxx.xxx.x.16,
>>>> second machine at ... xxx.xxx.x.17.
>>>>
>>>> MDB pulls message off of a JMS queue on 16. MDB sends the message to .17 box.
>>>>
>>>>
>>>>ON the .17 machine (the receiver) I get the following exception
>>>>
>>>>weblogic.transaction.internal.CoordinatorImpl@31406b>
>>>>java.lang.SecurityException: Authentication for user system denied in realm wl_realm
>>>> at weblogic.security.acl.Realm.authenticate(Realm.java:212)
>>>> at weblogic.security.acl.Realm.getAuthenticatedName(Realm.java:233)
>>>> at weblogic.security.acl.internal.Security.authenticate(Security.java:125)
>>>> at weblogic.security.acl.internal.Security.verify(Security.java:87)
>>>> at weblogic.rmi.internal.BasicRequestHandler.handleRequest(BasicRequestHandler.java:76)
>>>> at weblogic.rmi.internal.BasicExecuteRequest.execute(BasicExecuteRequest.java:17)
>>>> at weblogic.kernel.ExecuteThread.execute(ExecuteThread.java:137)
>>>> at weblogic.kernel.ExecuteThread.run(ExecuteThread.java:120)
>>>>
>>>>ON the sending maching .16, I get the following exception.
>>>>
>>>>####<Apr 3, 2002 9:46:24 AM CST> <Error> <RJVM> <testweblogic> <OptiSoftAppServer>
>>>><ExecuteThread: '96' for queue: 'default'> <> <> <000000> <Unsolicited error response
>>>>for: '-1'>
>>>>
>>>>The messages appear to show up on the destination machine, but are these error
>>>>messages valid, or just bogus?
>>>>
>>>>Thanks,
>>>>
>>>>Eric.
>>>>
>
> --
> Rajesh Mirchandani
> Developer Relations Engineer
> BEA Support
>
>
>
-
Hi,
I am using WL60SP2 on Windows NT 4.0.
I am trying to call a bean from my startup class. The code is as follows
home = lookupHome();
messageSubscriber = (MessageSubscriber) narrow(home.create(),
MessageSubscriber.class);
Right at this point the Weblogic server is throwing the following error.
java.lang.SecurityException: Authentication for user guest denied in
realm wl_realm
<<no stack trace available>>
I know this has something to do with the security. In WL50 I would have
gone to the weblogic.policy file to fix it. With WL60 I know I have to
change something on the console but am not sure.
Please help.
Thanks
RajGo into the console and make sure the GuestDisabled property = false
http://e-docs.bea.com/wls/docs61/////ConsoleHelp/security.html
Joe Jerry
Raj Kathlesar wrote:
Hi,
I am using WL60SP2 on Windows NT 4.0.
I am trying to call a bean from my startup class. The code is as follows
home = lookupHome();
messageSubscriber = (MessageSubscriber) narrow(home.create(),
MessageSubscriber.class);
Right at this point the Weblogic server is throwing the following error.
java.lang.SecurityException: Authentication for user guest denied in
realm wl_realm
<<no stack trace available>>
I know this has something to do with the security. In WL50 I would have
gone to the weblogic.policy file to fix it. With WL60 I know I have to
change something on the console but am not sure.
Please help.
Thanks
Raj -
Java.lang.SecurityException: Authentication for user null denied in realm
Hello,
We have the following exceptionj on WLS 6.1 SP3 on Win2K:
javax.naming.AuthenticationException. Root exception is
java.lang.SecurityException: Authentication for user null denied in realm
weblogic
at weblogic.security.acl.Realm.authenticate(Realm.java:212)
at weblogic.security.acl.Realm.getAuthenticatedName(Realm.java:233)
at
weblogic.security.acl.internal.Security.authenticate(Security.java:135)
at
weblogic.jndi.WLInitialContextFactoryDelegate.pushUser(WLInitialContextFactoryDelegate.java:518)
at
weblogic.jndi.WLInitialContextFactoryDelegate.newContext(WLInitialContextFactoryDelegate.java:362)
at
weblogic.jndi.WLInitialContextFactoryDelegate.getInitialContext(WLInitialContextFactoryDelegate.java:334)
at
weblogic.jndi.WLInitialContextFactoryDelegate.getInitialContext(WLInitialContextFactoryDelegate.java:211)
at
weblogic.jndi.WLInitialContextFactory.getInitialContext(WLInitialContextFactory.java:149)
at
javax.naming.spi.NamingManager.getInitialContext(NamingManager.java:660)
at
javax.naming.InitialContext.getDefaultInitCtx(InitialContext.java:241)
at javax.naming.InitialContext.init(InitialContext.java:217)
at javax.naming.InitialContext.<init>(InitialContext.java:173)
at
And it seems that this exception happens after the introduction of a JAAS module
for an external call.
What strikes me is that the WLS samples use System.setProperty... and I was wondering
if this could be the cause of our problem, because the rest of the application
does not use JAAS, and that may be it screws up the realm with WLS....
Any idea?
Cheers,
ThierryHello,
We have the following exceptionj on WLS 6.1 SP3 on Win2K:
javax.naming.AuthenticationException. Root exception is
java.lang.SecurityException: Authentication for user null denied in realm
weblogic
at weblogic.security.acl.Realm.authenticate(Realm.java:212)
at weblogic.security.acl.Realm.getAuthenticatedName(Realm.java:233)
at
weblogic.security.acl.internal.Security.authenticate(Security.java:135)
at
weblogic.jndi.WLInitialContextFactoryDelegate.pushUser(WLInitialContextFactoryDelegate.java:518)
at
weblogic.jndi.WLInitialContextFactoryDelegate.newContext(WLInitialContextFactoryDelegate.java:362)
at
weblogic.jndi.WLInitialContextFactoryDelegate.getInitialContext(WLInitialContextFactoryDelegate.java:334)
at
weblogic.jndi.WLInitialContextFactoryDelegate.getInitialContext(WLInitialContextFactoryDelegate.java:211)
at
weblogic.jndi.WLInitialContextFactory.getInitialContext(WLInitialContextFactory.java:149)
at
javax.naming.spi.NamingManager.getInitialContext(NamingManager.java:660)
at
javax.naming.InitialContext.getDefaultInitCtx(InitialContext.java:241)
at javax.naming.InitialContext.init(InitialContext.java:217)
at javax.naming.InitialContext.<init>(InitialContext.java:173)
at
And it seems that this exception happens after the introduction of a JAAS module
for an external call.
What strikes me is that the WLS samples use System.setProperty... and I was wondering
if this could be the cause of our problem, because the rest of the application
does not use JAAS, and that may be it screws up the realm with WLS....
Any idea?
Cheers,
Thierry -
Environment: WLS61 SP2
Two WLS61 servers on different machines. User test1 is authenticated against LDAP
on server_1, then tries
to execute a class (from JSP) that calls EJB on server_2. The environment properties
for the call to EJB on server_2 to are setup as follows (Note that user test2 is
used to call EJB on server_2. User test2 exists in the wl_realm on server2):
env.put(Context.INITIAL_CONTEXT_FACTORY, "weblogic.jndi.WLInitialContextFactory");
env.put(Context.PROVIDER_URL, "t3://server2:7001");
env.put(Context.SECURITY_AUTHENTICATION, "simple");
env.put(Context.SECURITY_PRINCIPAL, "test2");
env.put(Context.SECURITY_CREDENTIALS, "somepass");
The call results in the following exception raised on server_2. Why is test1 id used
if test2 is explicitly specified for the call? User test1 does not exist on server_2.
<Jul 13, 2002 11:37:31 AM EDT> <Warning> <Dispatcher> <RuntimeException thrown by
rmi server: 'weblo
gic.rmi.cluster.ClusterableServerRef@111 - jvmid: '4783591120128354231S:xxx.xxx.xxx.xxx:[7001,7001,7002,7
002,7001,7002,-1]:mydomain:myserver', oid: '271', implementation: '[BaseEJBObject]
home: c
om.test.TestEJB_jvjalv_HomeImpl@7583b9''
java.lang.SecurityException: Authentication for user test1 denied in realm wl_realm
at weblogic.security.acl.Realm.authenticate(Realm.java:212)
at weblogic.security.acl.Realm.getAuthenticatedName(Realm.java:233)
at weblogic.security.acl.internal.Security.authenticate(Security.java:125)
at weblogic.security.acl.internal.Security.verify(Security.java:87)
at weblogic.rmi.internal.BasicServerRef.handleRequest(BasicServerRef.java:237)
at weblogic.rmi.internal.BasicExecuteRequest.execute(BasicExecuteRequest.java:22)
at weblogic.kernel.ExecuteThread.execute(ExecuteThread.java:139)
at weblogic.kernel.ExecuteThread.run(ExecuteThread.java:120)If you are using JNDI authentication, make sure you close the context before
you get another context.
In WLS, stack of authenticated users will be maintained per thread. Now when
user is authenticated, it will be pushed into the stack. When you close the
context it will be popped out. In your case it seems like somehow test1 user's
idenitity is set on the thread which is calling the EJB on server2.
use weblogic.security.acl.Security.getCurrentUser() to get the current
user associated with the thread.
I hope this helps.
-utpal -
I am looking for some help to deploy the application in weblogic6.0.
This is what i did during the application deployment.
Create a new directory under config as a new application.
D:\bea\wlserver6.0\config\test
under test created two other directories applications and logs.
Under the applications directory copied .ear and .war files.
Under the test i copied config.xml, all the *.pem starttest.cmd, fileRealam.properties
files. Modified the config.xml with my application, domain and the server. Modified
the settest.cmd with the new domain and server name.
when i do startup, it is prompting for the password and i entered what ever i mentioned
during the installation.
And getting the following error.
Thanks alot for any suggestions.
D:\bea\wlserver6.0\config\test>startTest.cmd
D:\bea\wlserver6.0>set PATH=.\bin;D:\bea\jdk130\bin;C:\RATIONAL\RATION~1\NUTCROO
T\bin;C:\RATIONAL\RATION~1\NUTCROOT\bin\x11;C:\RATIONAL\RATION~1\NUTCROOT\mksnt;
C:\WINNT\system32;C:\WINNT;C:\WINNT\System32\Wbem;C:\Program Files\Dell\Resoluti
on Assistant\Common\bin;C:\PROGRA~1\MICROS~4\Office;C:\PROGRA~1\ULTRAE~1;C:\Rati
onal\common;C:\Rational\Rational Test;C:\jdk1.3\bin;C:\Ant\bin;
D:\bea\wlserver6.0>set CLASSPATH=.;.\lib\weblogic_sp.jar;.\lib\weblogic.jar
D:\bea\wlserver6.0>D:\bea\jdk130\bin\java -hotspot -ms64m -mx64m -classpath .;.\
lib\weblogic_sp.jar;.\lib\weblogic.jar -Dweblogic.Domain=test -Dweblogic.Name=te
stServer -Dbea.home=D:\bea -Dcloudscape.system.home=./samples/eval/cloudscape/da
ta -Djava.security.policy==D:\bea\wlserver6.0/lib/weblogic.policy weblogic.Serve
r
Enter password to boot weblogic server:password
Starting WebLogic Server ....
<Feb 14, 2001 12:13:04 PM EST> <Notice> <Management> <Loading configuration file
.\config\test\config.xml ...>
<Feb 14, 2001 12:13:06 PM EST> <Info> <Logging> <Only log messages of severity "
Error" or worse will be displayed in this window. This can be changed at Admin C
onsole> test> Servers> testServer> Logging> Debugging> Stdout severity threshold
>
<Feb 14, 2001 12:13:08 PM EST> <Emergency> <Server> <Unable to initialize the se
rver: 'Fatal initialization exception
Throwable: java.lang.SecurityException: Authentication for user system denied in
realm weblogic
java.lang.SecurityException: Authentication for user system denied in realm webl
ogic
at weblogic.security.acl.Realm.authenticate(Realm.java:209)
at weblogic.security.acl.Realm.getAuthenticatedName(Realm.java:229)
at weblogic.security.acl.internal.Security.authenticate(Security.java:11
3)
at weblogic.security.SecurityService.initializeSuid(SecurityService.java
:293)
at weblogic.security.SecurityService.initialize(SecurityService.java:123
at weblogic.t3.srvr.T3Srvr.initialize(T3Srvr.java:343)
at weblogic.t3.srvr.T3Srvr.run(T3Srvr.java:169)
at weblogic.Server.main(Server.java:35)
'>
The WebLogic Server did not start up properly.
Exception raised: java.lang.SecurityException: Authentication for user system de
nied in realm weblogic
java.lang.SecurityException: Authentication for user system denied in realm webl
ogic
at weblogic.security.acl.Realm.authenticate(Realm.java:209)
at weblogic.security.acl.Realm.getAuthenticatedName(Realm.java:229)
at weblogic.security.acl.internal.Security.authenticate(Security.java:11
3)
at weblogic.security.SecurityService.initializeSuid(SecurityService.java
:293)
at weblogic.security.SecurityService.initialize(SecurityService.java:123
at weblogic.t3.srvr.T3Srvr.initialize(T3Srvr.java:343)
at weblogic.t3.srvr.T3Srvr.run(T3Srvr.java:169)
at weblogic.Server.main(Server.java:35)
Reason: Fatal initialization exception
D:\bea\wlserver6.0>goto finish
D:\bea\wlserver6.0>cd config\test
D:\bea\wlserver6.0\config\test>ENDLOCAL
D:\bea\wlserver6.0\config\test>Seen this, may give a clue?
Server Known Problems Change Request Number Description
042556
The weblogic.Admin command now requires the user and password options. For example:
java weblogic.Admin -username system -password gumby1234
The username "system" is required for most functions (for example: VERSION). If
you do not specify -username system, you will get the following error:
Exception in thread "main" java.lang.SecurityException: Authentication for user
system denied in realm weblogic
<<no stack trace available>>
"lazar" <[email protected]> wrote:
>
I would also like to know, if there is a fix for it.
Thanks
Lazar
Greg Layton <[email protected]> wrote:
Did you ever get an answer to this. If so could you share it with me.ThanksGreg -
I am experiencing this error when a servlet or JSP is preloaded on the web
server and the init method of the preloaded item results in a call to the
app server. If I don't preload and then manually invoke the JSP or servlet
after the web server completely loads the call to the app server does not
produce the exception. The only security differences between the web and
app servers are the console and system passwords. I can fix the problem by
making the passwords (system and console) the same across the board, but
find it hard to believe that this is the true solution. I would prefer
sticking with the default security settings.
I've poured through hundreds of messages. I can find similar problems but
not this exact problem.
Any ideas would truly be appreciated!
More information:...
App and Web server are both wls 6.1.1.0 running on the same SUN Solaris box.
Both are using the basic, out of the box, security.
The App server has SSL disabled.
The exception reported in the app server's log is:
java.lang.SecurityException: Authentication for user system denied in realm
wl_realm
at weblogic.security.acl.Realm.authenticate(Realm.java:212)
at weblogic.security.acl.Realm.getAuthenticatedName(Realm.java:233)
at
weblogic.security.acl.internal.Security.authenticate(Security.java:125)
at weblogic.security.acl.internal.Security.verify(Security.java:87)
at
weblogic.rmi.internal.BasicServerRef.handleRequest(BasicServerRef.java:235)
at
weblogic.rmi.internal.BasicExecuteRequest.execute(BasicExecuteRequest.java:2
2)
at weblogic.kernel.ExecuteThread.execute(ExecuteThread.java:139)
at weblogic.kernel.ExecuteThread.run(ExecuteThread.java:120)
The exception reported in the web server's log is:
java.lang.SecurityException: Authentication for user system denied in realm
wl_realm
at
weblogic.rmi.internal.BasicOutboundRequest.sendReceive(BasicOutboundRequest.
java:85)
at
weblogic.rmi.cluster.ReplicaAwareRemoteRef.invoke(ReplicaAwareRemoteRef.java
:255)
at
weblogic.rmi.cluster.ReplicaAwareRemoteRef.invoke(ReplicaAwareRemoteRef.java
:222)
at weblogic.rmi.internal.ProxyStub.invoke(ProxyStub.java:35)
at $Proxy54.lookup(Unknown Source)
at
weblogic.jndi.internal.WLContextImpl.lookup(WLContextImpl.java:323)
at javax.naming.InitialContext.lookup(InitialContext.java:350)
at
com.qwest.tmmt.manager.client.MDMAdapter.getEJBHome(MDMAdapter.java:197)
at
com.qwest.tmmt.manager.client.MDMAdapter.<init>(MDMAdapter.java:64)
at
com.qwest.tmmt.manager.client.ManagerFactory.createMetaDataManager(ManagerFa
ctory.java:305)
at
com.qwest.insite.util.ClientMetaDataCache.<init>(ClientMetaDataCache.java:53
at
com.qwest.insite.util.ClientMetaDataCache.getInstance(ClientMetaDataCache.ja
va:106)
at
com.qwest.insite.metadata.startup.MetaDataServlet.init(MetaDataServlet.java:
30)
at
weblogic.servlet.internal.ServletStubImpl.createServlet(ServletStubImpl.java
:700)
at
weblogic.servlet.internal.ServletStubImpl.createInstances(ServletStubImpl.ja
va:643)
at
weblogic.servlet.internal.ServletStubImpl.prepareServlet(ServletStubImpl.jav
a:588)
at
weblogic.servlet.internal.WebAppServletContext.preloadServlet(WebAppServletC
ontext.java:2203)
at
weblogic.servlet.internal.WebAppServletContext.preloadServlets(WebAppServlet
Context.java:2147)
at
weblogic.servlet.internal.WebAppServletContext.init(WebAppServletContext.jav
a:884)
at
weblogic.servlet.internal.WebAppServletContext.<init>(WebAppServletContext.j
ava:807)
at
weblogic.servlet.internal.HttpServer.loadWebApp(HttpServer.java:421)
at weblogic.j2ee.WebAppComponent.deploy(WebAppComponent.java:74)
at weblogic.j2ee.Application.addComponent(Application.java:160)
at weblogic.j2ee.J2EEService.addDeployment(J2EEService.java:117)
at
weblogic.management.mbeans.custom.DeploymentTarget.addDeployment(DeploymentT
arget.java:329)
at
weblogic.management.mbeans.custom.DeploymentTarget.addDeployment(DeploymentT
arget.java:144)
at
weblogic.management.mbeans.custom.WebServer.addWebDeployment(WebServer.java:
76)
at java.lang.reflect.Method.invoke(Native Method)
at
weblogic.management.internal.DynamicMBeanImpl.invokeLocally(DynamicMBeanImpl
.java:608)
at
weblogic.management.internal.DynamicMBeanImpl.invoke(DynamicMBeanImpl.java:5
92)
at
weblogic.management.internal.ConfigurationMBeanImpl.invoke(ConfigurationMBea
nImpl.java:352)
at
com.sun.management.jmx.MBeanServerImpl.invoke(MBeanServerImpl.java:1555)
at
com.sun.management.jmx.MBeanServerImpl.invoke(MBeanServerImpl.java:1523)
at
weblogic.management.internal.MBeanProxy.invoke(MBeanProxy.java:449)
at
weblogic.management.internal.MBeanProxy.invoke(MBeanProxy.java:190)
at $Proxy33.addWebDeployment(Unknown Source)
at
weblogic.management.configuration.WebServerMBean_CachingStub.addWebDeploymen
t(WebServerMBean_CachingStub.java:1094)
at
weblogic.management.mbeans.custom.DeploymentTarget.addDeployment(DeploymentT
arget.java:315)
at
weblogic.management.mbeans.custom.DeploymentTarget.addDeployments(Deployment
Target.java:279)
at
weblogic.management.mbeans.custom.DeploymentTarget.updateServerDeployments(D
eploymentTarget.java:233)
at
weblogic.management.mbeans.custom.DeploymentTarget.updateDeployments(Deploym
entTarget.java:193)
at java.lang.reflect.Method.invoke(Native Method)
at
weblogic.management.internal.DynamicMBeanImpl.invokeLocally(DynamicMBeanImpl
.java:608)
at
weblogic.management.internal.DynamicMBeanImpl.invoke(DynamicMBeanImpl.java:5
92)
at
weblogic.management.internal.ConfigurationMBeanImpl.invoke(ConfigurationMBea
nImpl.java:352)
at
com.sun.management.jmx.MBeanServerImpl.invoke(MBeanServerImpl.java:1555)
at
com.sun.management.jmx.MBeanServerImpl.invoke(MBeanServerImpl.java:1523)
at
weblogic.management.internal.MBeanProxy.invoke(MBeanProxy.java:449)
at
weblogic.management.internal.MBeanProxy.invoke(MBeanProxy.java:190)
at $Proxy32.updateDeployments(Unknown Source)
at
weblogic.management.configuration.ServerMBean_CachingStub.updateDeployments(
ServerMBean_CachingStub.java:2734)
at
weblogic.management.mbeans.custom.ApplicationManager.startConfigManager(Appl
icationManager.java:362)
at
weblogic.management.mbeans.custom.ApplicationManager.start(ApplicationManage
r.java:154)
at java.lang.reflect.Method.invoke(Native Method)
at
weblogic.management.internal.DynamicMBeanImpl.invokeLocally(DynamicMBeanImpl
.java:608)
at
weblogic.management.internal.DynamicMBeanImpl.invoke(DynamicMBeanImpl.java:5
92)
at
weblogic.management.internal.ConfigurationMBeanImpl.invoke(ConfigurationMBea
nImpl.java:352)
at
com.sun.management.jmx.MBeanServerImpl.invoke(MBeanServerImpl.java:1555)
at
com.sun.management.jmx.MBeanServerImpl.invoke(MBeanServerImpl.java:1523)
at
weblogic.management.internal.MBeanProxy.invoke(MBeanProxy.java:449)
at
weblogic.management.internal.MBeanProxy.invoke(MBeanProxy.java:190)
at $Proxy45.start(Unknown Source)
at
weblogic.management.configuration.ApplicationManagerMBean_CachingStub.start(
ApplicationManagerMBean_CachingStub.java:480)
at
weblogic.management.Admin.startApplicationManager(Admin.java:1151)
at weblogic.management.Admin.finish(Admin.java:570)
at weblogic.t3.srvr.T3Srvr.start(T3Srvr.java:506)
at weblogic.t3.srvr.T3Srvr.run(T3Srvr.java:203)
at weblogic.Server.main(Server.java:35)
Thanks,
Jed ZimmerYou're correct. I meant the DOMAIN_SYSTEM_PASSWORD password in my
<domain-name>domain.ksh file. The DOMAIN_SYSTEM_PASSWORD value (if
specified) has to match the system user's password or else the server will
not start/stop.
I have determined more since my post. A startup class also produces the
same error. I have minimized my environments as follows and still receive
the exception, and a soon as I synchronize the system users' passwords on
the app/web server the problem goes away. Or, I can keep the passwords
different and just not access the app server EJBs until after the web server
finished loading, which also causes the error to go away. I'm just confused
about what I might be doing wrong.
Steps to produce the error:
App server:
- Installed from 6.1.1.0 from scratch and started it up.
- Changed the system user's password from the admin console, persisting the
changes.
- Modified logging settings to see more info in the log files.
- Disabled instrument stack traces.
- Stopped/Started the app server
Web server:
- Installed from 6.1.1.0 from scratch and started it up.
- Modified logging settings to see more info in the log files.
- Disabled instrument stack traces.
- Added a servlet to the DefaultWebApp_insiteserver application
- specified name and class
- the load on startup setting defaulted to zero, which will cause the
preloading
- Added 3 jar files to the classpath to support the EJB call
- Stopped/Started the web server
When the web server loads the servlet loads and tries to locate the EJB on
the app server. The app server throws the security exception. The app/web
servers are both running on the same SUN box, have the same IP address
(different ports) and I'm using non-SSL. Each server is it's own WLS
environment. The only installed file that is shared it the
weblogic_domain_registry.dat file in the root directory. As for security,
I'm doing nothing except changing one password (system user on the app
server).
I then tried to manually upgrade the app/web servers to 6.1.2.0 by updating
the WEBLOGIC_ROOT in the respective xxxxdomain.ksh files. Same problem.
I then cleanly reinstalled the app/web servers using version 6.1.2.0 and
configured as above. Same problem.
Let me know if I need to provide additional details.
Thanks,
Jed Zimmer
"Joseph Nguyen" <[email protected]> wrote in message
news:[email protected]...
>
"Jed Zimmer" <[email protected]> wrote in message
news:[email protected]...
I am experiencing this error when a servlet or JSP is preloaded on the
web
server and the init method of the preloaded item results in a call tothe
app server. If I don't preload and then manually invoke the JSP orservlet
after the web server completely loads the call to the app server does
not
produce the exception. The only security differences between the weband
app servers are the console and system passwords. I can fix the problemby
making the passwords (system and console) the same across the board, but
find it hard to believe that this is the true solutionI don't quite understand what you mean by "console" password? Are you
talking about the admin console? If so then it's confusing because youhave
to log into the console using the system user. If you can clarify morehere
it would great.
Joseph Nguyen
BEA Support
. I would prefer
sticking with the default security settings.
I've poured through hundreds of messages. I can find similar problems
but
not this exact problem.
Any ideas would truly be appreciated!
More information:...
App and Web server are both wls 6.1.1.0 running on the same SUN Solarisbox.
Both are using the basic, out of the box, security.
The App server has SSL disabled.
The exception reported in the app server's log is:
java.lang.SecurityException: Authentication for user system denied inrealm
wl_realm
at weblogic.security.acl.Realm.authenticate(Realm.java:212)
atweblogic.security.acl.Realm.getAuthenticatedName(Realm.java:233)
at
weblogic.security.acl.internal.Security.authenticate(Security.java:125)
atweblogic.security.acl.internal.Security.verify(Security.java:87)
at
weblogic.rmi.internal.BasicServerRef.handleRequest(BasicServerRef.java:235)
at
weblogic.rmi.internal.BasicExecuteRequest.execute(BasicExecuteRequest.java:2
2)
at weblogic.kernel.ExecuteThread.execute(ExecuteThread.java:139)
at weblogic.kernel.ExecuteThread.run(ExecuteThread.java:120)
The exception reported in the web server's log is:
java.lang.SecurityException: Authentication for user system denied inrealm
wl_realm
at
weblogic.rmi.internal.BasicOutboundRequest.sendReceive(BasicOutboundRequest.
java:85)
at
weblogic.rmi.cluster.ReplicaAwareRemoteRef.invoke(ReplicaAwareRemoteRef.java
:255)
at
weblogic.rmi.cluster.ReplicaAwareRemoteRef.invoke(ReplicaAwareRemoteRef.java
:222)
at weblogic.rmi.internal.ProxyStub.invoke(ProxyStub.java:35)
at $Proxy54.lookup(Unknown Source)
at
weblogic.jndi.internal.WLContextImpl.lookup(WLContextImpl.java:323)
at javax.naming.InitialContext.lookup(InitialContext.java:350)
at
com.qwest.tmmt.manager.client.MDMAdapter.getEJBHome(MDMAdapter.java:197)
at
com.qwest.tmmt.manager.client.MDMAdapter.<init>(MDMAdapter.java:64)
at
com.qwest.tmmt.manager.client.ManagerFactory.createMetaDataManager(ManagerFa
ctory.java:305)
at
com.qwest.insite.util.ClientMetaDataCache.<init>(ClientMetaDataCache.java:53
at
com.qwest.insite.util.ClientMetaDataCache.getInstance(ClientMetaDataCache.ja
va:106)
at
com.qwest.insite.metadata.startup.MetaDataServlet.init(MetaDataServlet.java:
30)
at
weblogic.servlet.internal.ServletStubImpl.createServlet(ServletStubImpl.java
:700)
at
weblogic.servlet.internal.ServletStubImpl.createInstances(ServletStubImpl.ja
va:643)
at
weblogic.servlet.internal.ServletStubImpl.prepareServlet(ServletStubImpl.jav
a:588)
at
weblogic.servlet.internal.WebAppServletContext.preloadServlet(WebAppServletC
ontext.java:2203)
at
weblogic.servlet.internal.WebAppServletContext.preloadServlets(WebAppServlet
Context.java:2147)
at
weblogic.servlet.internal.WebAppServletContext.init(WebAppServletContext.jav
a:884)
at
weblogic.servlet.internal.WebAppServletContext.<init>(WebAppServletContext.j
ava:807)
at
weblogic.servlet.internal.HttpServer.loadWebApp(HttpServer.java:421)
at weblogic.j2ee.WebAppComponent.deploy(WebAppComponent.java:74)
at weblogic.j2ee.Application.addComponent(Application.java:160)
at weblogic.j2ee.J2EEService.addDeployment(J2EEService.java:117)
at
weblogic.management.mbeans.custom.DeploymentTarget.addDeployment(DeploymentT
arget.java:329)
at
weblogic.management.mbeans.custom.DeploymentTarget.addDeployment(DeploymentT
arget.java:144)
at
weblogic.management.mbeans.custom.WebServer.addWebDeployment(WebServer.java:
76)
at java.lang.reflect.Method.invoke(Native Method)
at
weblogic.management.internal.DynamicMBeanImpl.invokeLocally(DynamicMBeanImpl
.java:608)
at
weblogic.management.internal.DynamicMBeanImpl.invoke(DynamicMBeanImpl.java:5
92)
at
weblogic.management.internal.ConfigurationMBeanImpl.invoke(ConfigurationMBea
nImpl.java:352)
at
com.sun.management.jmx.MBeanServerImpl.invoke(MBeanServerImpl.java:1555)
at
com.sun.management.jmx.MBeanServerImpl.invoke(MBeanServerImpl.java:1523)
at
weblogic.management.internal.MBeanProxy.invoke(MBeanProxy.java:449)
at
weblogic.management.internal.MBeanProxy.invoke(MBeanProxy.java:190)
at $Proxy33.addWebDeployment(Unknown Source)
at
weblogic.management.configuration.WebServerMBean_CachingStub.addWebDeploymen
t(WebServerMBean_CachingStub.java:1094)
at
weblogic.management.mbeans.custom.DeploymentTarget.addDeployment(DeploymentT
arget.java:315)
at
weblogic.management.mbeans.custom.DeploymentTarget.addDeployments(Deployment
Target.java:279)
at
weblogic.management.mbeans.custom.DeploymentTarget.updateServerDeployments(D
eploymentTarget.java:233)
at
weblogic.management.mbeans.custom.DeploymentTarget.updateDeployments(Deploym
entTarget.java:193)
at java.lang.reflect.Method.invoke(Native Method)
at
weblogic.management.internal.DynamicMBeanImpl.invokeLocally(DynamicMBeanImpl
.java:608)
at
weblogic.management.internal.DynamicMBeanImpl.invoke(DynamicMBeanImpl.java:5
92)
at
weblogic.management.internal.ConfigurationMBeanImpl.invoke(ConfigurationMBea
nImpl.java:352)
at
com.sun.management.jmx.MBeanServerImpl.invoke(MBeanServerImpl.java:1555)
at
com.sun.management.jmx.MBeanServerImpl.invoke(MBeanServerImpl.java:1523)
at
weblogic.management.internal.MBeanProxy.invoke(MBeanProxy.java:449)
at
weblogic.management.internal.MBeanProxy.invoke(MBeanProxy.java:190)
at $Proxy32.updateDeployments(Unknown Source)
at
weblogic.management.configuration.ServerMBean_CachingStub.updateDeployments(
ServerMBean_CachingStub.java:2734)
at
weblogic.management.mbeans.custom.ApplicationManager.startConfigManager(Appl
icationManager.java:362)
at
weblogic.management.mbeans.custom.ApplicationManager.start(ApplicationManage
r.java:154)
at java.lang.reflect.Method.invoke(Native Method)
at
weblogic.management.internal.DynamicMBeanImpl.invokeLocally(DynamicMBeanImpl
.java:608)
at
weblogic.management.internal.DynamicMBeanImpl.invoke(DynamicMBeanImpl.java:5
92)
at
weblogic.management.internal.ConfigurationMBeanImpl.invoke(ConfigurationMBea
nImpl.java:352)
at
com.sun.management.jmx.MBeanServerImpl.invoke(MBeanServerImpl.java:1555)
at
com.sun.management.jmx.MBeanServerImpl.invoke(MBeanServerImpl.java:1523)
at
weblogic.management.internal.MBeanProxy.invoke(MBeanProxy.java:449)
at
weblogic.management.internal.MBeanProxy.invoke(MBeanProxy.java:190)
at $Proxy45.start(Unknown Source)
at
weblogic.management.configuration.ApplicationManagerMBean_CachingStub.start(
ApplicationManagerMBean_CachingStub.java:480)
at
weblogic.management.Admin.startApplicationManager(Admin.java:1151)
at weblogic.management.Admin.finish(Admin.java:570)
at weblogic.t3.srvr.T3Srvr.start(T3Srvr.java:506)
at weblogic.t3.srvr.T3Srvr.run(T3Srvr.java:203)
at weblogic.Server.main(Server.java:35)
Thanks,
Jed Zimmer -
We have started getting the above error message in a system that has worked happily
for the past 6 months or so (and continues to work happily from our disaster recovery
environment). I should probably add that this occurs when we are attempting to
write to the database via the connection pool.
Anyone have any ideas?
Thanks
Andrew
The full stack trace is
javax.naming.AuthenticationException. Root exception is java.lang.SecurityException:
Authentication for user system denied in realm weblogic
<<no stack trace available>>
31-Jan-02 00:04:41 GMT Warning Adapter RuntimeException
thrown by rmi server(class com.esure.ibis.a
ccesslayer.sb.useraccess.UserAccessBeanEOImpl)
[265127279722
6064825S:hfxesure17:[7005,7005,7002,7002,7005,7002,-1]:esure
prdwls/296]: [BaseEJBObject]
home: com.esure.ibis.accesslaye
r.sb.useraccess.UserAccessBeanHomeImpl@4b741e
com.esure.ibis.util.IbisException: NamingException occurred in UserAccess Session
Bean::validateUser()
at com.esure.ibis.accesslayer.sb.useraccess.UserAccessBean.validateUser(UserAccessBean.java:192)
at com.esure.ibis.accesslayer.sb.useraccess.UserAccessBeanImpl.validateUser(UserAccessBeanImpl.java:110)
at com.esure.ibis.accesslayer.sb.useraccess.UserAccessBeanEOImpl.validateUser(UserAccessBeanEOImpl.java:31)
at com.esure.ibis.accesslayer.sb.useraccess.UserAccessBeanEOImpl_WLSkel.invoke(UserAccessBeanEOImpl_WLSkel.java:202)
at weblogic.rmi.internal.BasicServerAdapter.invoke(BasicServerAdapter.java:373)
at weblogic.rmi.cluster.ReplicaAwareServerRef.invoke(ReplicaAwareServerRef.java:128)
at weblogic.rmi.internal.BasicServerAdapter.invoke(BasicServerAdapter.java:237)
at weblogic.rmi.internal.BasicRequestHandler.handleRequest(BasicRequestHandler.java:118)
at weblogic.rmi.internal.BasicExecuteRequest.execute(BasicExecuteRequest.java:17)
at weblogic.kernel.ExecuteThread.execute(ExecuteThread.java:137)
at weblogic.kernel.ExecuteThread.run(ExecuteThread.java:120)We have started getting the above error message in a system that has worked happily
for the past 6 months or so (and continues to work happily from our disaster recovery
environment). I should probably add that this occurs when we are attempting to
write to the database via the connection pool.
Anyone have any ideas?
Thanks
Andrew
The full stack trace is
javax.naming.AuthenticationException. Root exception is java.lang.SecurityException:
Authentication for user system denied in realm weblogic
<<no stack trace available>>
31-Jan-02 00:04:41 GMT Warning Adapter RuntimeException
thrown by rmi server(class com.esure.ibis.a
ccesslayer.sb.useraccess.UserAccessBeanEOImpl)
[265127279722
6064825S:hfxesure17:[7005,7005,7002,7002,7005,7002,-1]:esure
prdwls/296]: [BaseEJBObject]
home: com.esure.ibis.accesslaye
r.sb.useraccess.UserAccessBeanHomeImpl@4b741e
com.esure.ibis.util.IbisException: NamingException occurred in UserAccess Session
Bean::validateUser()
at com.esure.ibis.accesslayer.sb.useraccess.UserAccessBean.validateUser(UserAccessBean.java:192)
at com.esure.ibis.accesslayer.sb.useraccess.UserAccessBeanImpl.validateUser(UserAccessBeanImpl.java:110)
at com.esure.ibis.accesslayer.sb.useraccess.UserAccessBeanEOImpl.validateUser(UserAccessBeanEOImpl.java:31)
at com.esure.ibis.accesslayer.sb.useraccess.UserAccessBeanEOImpl_WLSkel.invoke(UserAccessBeanEOImpl_WLSkel.java:202)
at weblogic.rmi.internal.BasicServerAdapter.invoke(BasicServerAdapter.java:373)
at weblogic.rmi.cluster.ReplicaAwareServerRef.invoke(ReplicaAwareServerRef.java:128)
at weblogic.rmi.internal.BasicServerAdapter.invoke(BasicServerAdapter.java:237)
at weblogic.rmi.internal.BasicRequestHandler.handleRequest(BasicRequestHandler.java:118)
at weblogic.rmi.internal.BasicExecuteRequest.execute(BasicExecuteRequest.java:17)
at weblogic.kernel.ExecuteThread.execute(ExecuteThread.java:137)
at weblogic.kernel.ExecuteThread.run(ExecuteThread.java:120) -
Oracle9i error - java.lang.SecurityException: ORBSingleton: access denied
I have installed Oracle 9.2.0.1 on Linux Fedora Core 4 and every time i try to start the Oracle Management Server i get the following error in my oms.nohup log file:
Error starting Oracle Management Server. ORBSingleton: access denied
java.lang.SecurityException: ORBSingleton: access denied
at com.sun.corba.se.internal.corba.ORBSingleton.connect(ORBSingleton.java:309)
I have seen that a lot of other people have had this error, but i've never seen a solution for it! Thanks in advance for any help =)
NickHy Nick,
I found this:
Problem was fixed by deinstalling Enterprise Manager components and
reinstalling them in a dedicated Enterpise Manager ORACLE_HOME.
and:
1) Do a fresh install of a complete 9.2.0.1 RDBMS and this should not be on top of a previous home ,
2) Configure a dedicated listener for just installed 9.2.0.1 database
listening on physical hostname ,
3) Run EMCA to configure the OMS on physical hostname, previously configured listener and freshly installed 9.2.0.1 database ,
4) Check the symbolic links for $ORACLE_HOME/jre/1.1.8/bin/javakey and $ORACLE_HOME/jre/1.1.8/bin/rmi.registry are OK ,
5) open oemctl file and check whether PATH is set correctly to $ORACLE_HOME/jre/1.1.8/bin .
regards Dietmar -
Hi All,
I have a custom security class (deployed in an application) that uses JAAS
to login, i have to set the Configuration in my security handler like this
Configuration.setConfiguration(new MyConfiguration());
This fails with
java.lang.SecurityException: No Permission to set the Configuration
How do i give this class the permission to set configuration???
Thanks,
Akonobody knows?
-
Uncaught exception: Static initializer: java/lang/SecurityException
So i'm trying to compile some code of a small game for Doja.
The code compiles fine but when i load it in the emulator i get the following eror:
Uncaught exception java/lang/Error: Static initializer: java/lang/SecurityException.
Now i haven't seen that before. I looked into it and first i thought there must be some static initializer block in some class but there isn't.
Now i'm kinda stumped. What else can be the problem?A security exception is usually thrown when you try to use some function of the API that you're not allowed to use.
For example, if the user has not given your application permission to connect to the internet, but you try to do so.
Sometimes this error can be resolved by turning on the appropriate option in the ADF file.
Cheers,
Sam -
Java.lang.SecurityException while using RDBMSRealm in 5.1
Hi,
We are in the process of migrating our application from Weblogic 4.5.1
to Weblogic 5.1. When we try to set up RdbmsRealm as the delegate realm
for the server and start the server, we get the following exception:
java.lang.SecurityException: User "system" does not have Permission
"read" based on ACL "weblogic.workspace.system".
at weblogic.security.acl.Security.logAndThrow(Security.java:372)
at weblogic.security.acl.Security.checkPermission(Security.java:254)
at
weblogic.workspace.server.Workspace.checkPermission(Workspace.java:1169)
at weblogic.workspace.server.Workspace.checkRead(Workspace.java:1174)
at weblogic.workspace.server.Workspace.fetch(Workspace.java:208)
at
weblogic.jdbc.common.internal.ConnectionPool.startup(ConnectionPool.java:243)
at weblogic.jdbc.common.internal.JdbcInfo.initPools(JdbcInfo.java,
Compiled Code)
at weblogic.jdbc.common.internal.JdbcInfo.startup(JdbcInfo.java:200)
at weblogic.jdbc.common.internal.JdbcStartup.main(JdbcStartup.java:11)
at java.lang.reflect.Method.invoke(Native Method)
at weblogic.t3.srvr.StartupThread.runMain(StartupThread.java:219)
at weblogic.t3.srvr.StartupThread.doWork(StartupThread.java, Compiled
Code)
at
weblogic.t3.srvr.PropertyExecuteThread.run(PropertyExecuteThread.java:62)
The database has aclentries that grant read, write and reserve
permissions on weblogic.workspace.system to everyone. It is not clear
why the server still complains that user 'system' does not have
permissions. Is 'system' user not a part of everyone group by default? (
We are using the same acls we were using with Weblogic 4.5.1 ). Does
'everyone' group have all the users in it by default? Or has it changed?
Any suggestions welcome.
Thanks and Regards
Suresh BEither try setting weblogic.allow.read.weblogic.workspace=system
Or add the system user to the group 'everyone' in the database you use for
RDBMSRealm (Hmm, not sure if this will work or not.
If you are implementing a custom realm then you need to explicitly state
which members are in the 'everyone' group.
(I've recently had a similar problem . I actually chose a different
solution, by overriding the isMember(user) method in RDBMSGroup to always
return true if the group's name is 'everyone' - I had to override the method
anyway, for other reasons. If anyone as any input on why this is a really
bad idea please feel free to tell me)
terry
BSuresh <[email protected]> wrote in message
news:[email protected]...
Hi,
weblogic.allow.read.weblogic.workspace=everyone
weblogic.allow.write.weblogic.workspace=everyone
weblogic.allow.read.weblogic.workspace.system=everyone
weblogic.allow.write.weblogic.workspace.system=everyone
I tried having the above entries in the weblogic.properties file but theserver
complains that weblogic.workspace acl is defined both in the delegate andbackup
realm. And the result remains the same - java.lang.SecurityException.User
"system" does not have Permission "read" based on ACL
"weblogic.workspace.system".
Thanks
Suresh.B
KNK wrote:
Try setting the "read" and "write" permissions explicitly in
weblogic.properties file.
weblogic.allow.read.weblogic.workspace=everyone
weblogic.allow.write.weblogic.workspace=everyone
-- KNK --
A ten thousand miles journey begins with a single step. That single stephas
to be taken from where you are, worries are no solution to any problem.
"BSuresh" <[email protected]> wrote in message
news:[email protected]...
Hi,
We are in the process of migrating our application from Weblogic 4.5.1
to Weblogic 5.1. When we try to set up RdbmsRealm as the delegate
realm
for the server and start the server, we get the following exception:
java.lang.SecurityException: User "system" does not have Permission
"read" based on ACL "weblogic.workspace.system".
at weblogic.security.acl.Security.logAndThrow(Security.java:372)
at weblogic.security.acl.Security.checkPermission(Security.java:254)
at
weblogic.workspace.server.Workspace.checkPermission(Workspace.java:1169)
>>>
at weblogic.workspace.server.Workspace.checkRead(Workspace.java:1174)
at weblogic.workspace.server.Workspace.fetch(Workspace.java:208)
at
weblogic.jdbc.common.internal.ConnectionPool.startup(ConnectionPool.java:243
at weblogic.jdbc.common.internal.JdbcInfo.initPools(JdbcInfo.java,
Compiled Code)
at weblogic.jdbc.common.internal.JdbcInfo.startup(JdbcInfo.java:200)
at
weblogic.jdbc.common.internal.JdbcStartup.main(JdbcStartup.java:11)
at java.lang.reflect.Method.invoke(Native Method)
at weblogic.t3.srvr.StartupThread.runMain(StartupThread.java:219)
at weblogic.t3.srvr.StartupThread.doWork(StartupThread.java, Compiled
Code)
at
weblogic.t3.srvr.PropertyExecuteThread.run(PropertyExecuteThread.java:62)
>>>
The database has aclentries that grant read, write and reserve
permissions on weblogic.workspace.system to everyone. It is not clear
why the server still complains that user 'system' does not have
permissions. Is 'system' user not a part of everyone group by default?(
We are using the same acls we were using with Weblogic 4.5.1 ). Does
'everyone' group have all the users in it by default? Or has itchanged?
>>>
Any suggestions welcome.
Thanks and Regards
Suresh B
Maybe you are looking for
-
New iMac 24" 2.8GHz plagued with problems
I ordered a new iMac 24" 2.8GHz with 2GB RAM, 500GB Hard drive, on September 16th (last day for the academic Adobe CS3 deal, and the iPod deal (but unfortunately too early for me to get Leopard)). Not my first Mac (oh how I love my IIcx), but my firs
-
My Smart Cover no longer puts my iPad to sleep, any ideas?
-
Multiple Invoices Multiple SO?
Hi All, I would just like to ask. Can a Sales Order have multiple Invoices? Can an Invoice have multiple Sales Orders? Can there be multiple Configurable Materials in one Sales Order? Thanks and best regards, KLL Message was edited by: KLL
-
Hello, I want to develop an article management (users can upload a pdf and input informations about the resource like author, category, year, publisher, ... ). I have a resource and for this resource several customer properties like author, category,
-
Adobe reader multi language installer..
Is there any adobe reader installer that supports all language?