Sometimes: java.lang.SecurityException: Permission denied

Hello,
we are using a lot of signed applets in our Web application (used web server: JBoss 5.1).
For example we use an applet in javascript code and call some of applet's methods. The called java methods are privileged code.
Since Update to JRE 1.6.0_24 we are getting sometimes:
Permission denied: null
java.lang.SecurityException: Permission denied: null
     at sun.plugin2.applet.Plugin2Manager$AppletExecutionRunnable.run(Unknown Source)
     at java.lang.Thread.run(Unknown Source)
Ausnahme: java.lang.SecurityException: Permission denied: null
java.net.MalformedURLException: no protocol: ./Test.jar
     at java.net.URL.<init>(Unknown Source)
     at java.net.URL.<init>(Unknown Source)
     at sun.plugin.util.GrayBoxPainter.setProgressFilter(Unknown Source)
     at sun.plugin2.applet.Plugin2Manager.setupGrayBoxPainter(Unknown Source)
     at sun.plugin2.applet.Plugin2Manager.showAppletException(Unknown Source)
     at sun.plugin2.applet.Plugin2Manager$AppletExecutionRunnable.run(Unknown Source)
     at java.lang.Thread.run(Unknown Source)
Test.jar is signed. Most of the time Test.jar can be found. The problem seems to appear in case of new JVM (and new java console).
We arent't operating on the local file system.
Are there any ideas, known problems?
Thanks in advance.

We've encountered the same problem
exception: Permission denied: null.
java.lang.SecurityException: Permission denied: null
at sun.plugin2.applet.Plugin2Manager$AppletExecutionRunnable.run(Unknown Source)
at java.lang.Thread.run(Unknown Source)
Exception: java.lang.SecurityException: Permission denied: null
But seems to me, that the issue is related to combination of Java6 update 24 and Firefox 3.6.14. We tested on two stations, first FF3.6.14, java6u24, second FF3.6.14, java6u23. On the first station we got exception, but on the second java works fine. After reinstaling java on the first stations to verstion 6u23, everything works fine.

Similar Messages

  • Java.lang.SecurityException: Authentication denied: Boot identity not valid

    Hi,
    When I try to start up the WebLogic server by running a startup script
    in the WebLogic server root directory, I am getting the following
    error:
    <Apr 23, 2003 1:15:11 PM EDT> <Critical> <WebLogicServer> <000364>
    <Server failed during initialization.
    Exception:java.lang.SecurityException: Authentication denied: Boot
    identity not valid
    java.lang.SecurityException: Authentication denied: Boot identity not
    valid
    at weblogic.security.service.SecurityServiceManager.doBootAuthorization(SecurityServiceManager.java:1074)
    at weblogic.security.service.SecurityServiceManager.initialize(SecurityServiceManager.java:1216)
    at weblogic.t3.srvr.T3Srvr.initialize1(T3Srvr.java:723)
    at weblogic.t3.srvr.T3Srvr.initialize(T3Srvr.java:594)
    at weblogic.t3.srvr.T3Srvr.run(T3Srvr.java:282)
    at weblogic.Server.main(Server.java:32)
    >
    <Apr 23, 2003 1:15:11 PM EDT> <Emergency> <WebLogicServer> <000342>
    <Unable to initialize the server: Fatal initialization exception
    Throwable: java.lang.SecurityException: Authentication denied: Boot
    identity not valid
    java.lang.SecurityException: Authentication denied: Boot identity not
    valid
    at weblogic.security.service.SecurityServiceManager.doBootAuthorization(SecurityServiceManager.java:1074)
    at weblogic.security.service.SecurityServiceManager.initialize(SecurityServiceManager.java:1216)
    at weblogic.t3.srvr.T3Srvr.initialize1(T3Srvr.java:723)
    at weblogic.t3.srvr.T3Srvr.initialize(T3Srvr.java:594)
    at weblogic.t3.srvr.T3Srvr.run(T3Srvr.java:282)
    at weblogic.Server.main(Server.java:32)
    >
    The WebLogic Server did not start up properly.
    Exception raised:
    java.lang.SecurityException: Authentication denied: Boot identity not
    valid
    at weblogic.security.service.SecurityServiceManager.doBootAuthorization(SecurityServiceManager.java:1074)
    at weblogic.security.service.SecurityServiceManager.initialize(SecurityServiceManager.java:1216)
    at weblogic.t3.srvr.T3Srvr.initialize1(T3Srvr.java:723)
    at weblogic.t3.srvr.T3Srvr.initialize(T3Srvr.java:594)
    at weblogic.t3.srvr.T3Srvr.run(T3Srvr.java:282)
    at weblogic.Server.main(Server.java:32)
    Reason: Fatal initialization exception
    Throwable: java.lang.SecurityException: Authentication denied: Boot
    identity not valid
    java.lang.SecurityException: Authentication denied: Boot identity not
    valid
    at weblogic.security.service.SecurityServiceManager.doBootAuthorization(SecurityServiceManager.java:1074)
    at weblogic.security.service.SecurityServiceManager.initialize(SecurityServiceManager.java:1216)
    at weblogic.t3.srvr.T3Srvr.initialize1(T3Srvr.java:723)
    at weblogic.t3.srvr.T3Srvr.initialize(T3Srvr.java:594)
    at weblogic.t3.srvr.T3Srvr.run(T3Srvr.java:282)
    at weblogic.Server.main(Server.java:32)
    I am also pasting below the source code of the startup script that I
    am using to start WebLogic server:
    #!/bin/sh
    # This script is used to start WebLogic Server.
    # To create your own start script for your domain, simply set the
    SERVER_NAME
    # variable to your server name then call this script from your domain
    # directory.
    # This script sets the following variables before starting WebLogic
    Server:
    # WL_HOME - The root directory of your WebLogic installation
    # JAVA_HOME - Location of the version of Java used to start
    WebLogic
    # Server. This variable must point to the root
    directory of a
    # JDK installation and will be set for you by the
    installer.
    # See the WebLogic platform support page
    # (http://e-docs.bea.com/wls/platforms/index.html)
    for an up-to-date list of
    # supported JVMs on your platform.
    # PATH - Adds the JDK and WebLogic directories to the system
    path.
    # CLASSPATH - Adds the JDK and WebLogic jars to the classpath.
    # JAVA_OPTIONS - Java command-line options for running the server.
    # Other variables that startWLS takes are:
    # ADMIN_URL - If this variable is set, the server started will be
    a
    # managed server, and will look to the url specified
    (i.e.
    # http://localhost:7001) as the admin server.
    # WLS_USER - Admin username for server startup
    # WLS_PW - Cleartext password for server startup
    # STARTMODE - Set to true for production mode servers, false for
    # development mode
    # JAVA_OPTIONS - Java command-line options for running the server.
    (These
    # will be tagged on to the end of the JAVA_VM and
    MEM_ARGS)
    # JAVA_VM - The java arg specifying the VM to run. (i.e.
    -server,
    # -hotspot, etc.)
    # MEM_ARGS - The variable to override the standard memory
    arguments
    # passed to java
    # PRE_CLASSPATH - Path style variable to be added to the beginning of
    the
    # CLASSPATH
    # POST_CLASSPATH - Path style variable to be added to the end of the
    # CLASSPATH
    # PRE_PATH - Path style variable to be added to the beginning of
    the
    # PATH
    # POST_PATH - Path style variable to be added to the end of the
    PATH
    # Alternately, this script will take the first two positional
    parameters and
    # set them to SERVER_NAME and ADMIN_URL. For instance, you could call
    this
    # script: "sh startWLS.sh myserver http://localhost:7001" to start a
    # managed server named myserver, or just "sh startWLS.sh myserver"
    # to start a server named myserver.
    # jDriver for Oracle users: This script assumes that native libraries
    required
    # for jDriver for Oracle have been installed in the proper location
    and that
    # your os specific library path variable (i.e.
    LD_LIBRARY_PATH/solaris,
    # SHLIB_PATH/hpux, etc...) has been set appropriately. Also note that
    this
    # script defaults to the oci817_8 version of the shared libraries. If
    this is
    # not the version you need, please adjust the library path variable
    # accordingly.
    # For additional information, refer to the WebLogic Server
    Administration Guide
    # (http://e-docs.bea.com/wls/docs70/adminguide/startstop.html).
    WL_HOME="/usr/local/bea/weblogic700"
    JAVA_HOME="/usr/local/bea/jdk131_06"
    . ${WL_HOME}/common/bin/commEnv.sh
    # Check that the WebLogic classes are where we expect them to be
    if [ ! -f "${WL_HOME}/server/lib/weblogic.jar" ]; then
    echo
    echo "The WebLogic Server wasn't found in directory
    ${WL_HOME}/server."
    echo "Please edit your script so that the WL_HOME variable points"
    echo "to the WebLogic installation directory."
    # Check that java is where we expect it to be
    elif [ ! -d "${JAVA_HOME}/bin" ]; then
    echo
    echo "The JDK wasn't found in directory ${JAVA_HOME}."
    echo "Please edit your script so that the JAVA_HOME variable"
    echo "points to the location of your JDK."
    else
    # Grab some file descriptors.
    if [ ! -n "`uname -s |grep -i cygwin || uname -s |grep -i windows_nt`"
    ]; then
    maxfiles=`ulimit -H -n`
    if [ !$? -a "${maxfiles}" != 1024 ]; then
    if [ "${maxfiles}" = "unlimited" ]; then
    maxfiles=1025
    fi
    if [ "${maxfiles}" -lt 1024 ]; then
    ulimit -n ${maxfiles}
    else
    ulimit -n 1024
    fi
    fi
    fi
    # Set first two positional parameters to SERVER_NAME and ADMIN_URL
    if [ -n "${1}" -a "${SERVER_NAME}" = "" ]; then
    SERVER_NAME="${1}"
    fi
    if [ -n "${2}" -a "${ADMIN_URL}" = "" ]; then
    ADMIN_URL="${2}"
    fi
    # Figure out how to use our shared libraries
    case `uname -s` in
    AIX)
    if [ -n "${LIBPATH}" ]; then
    LIBPATH="${LIBPATH}:${WL_HOME}/server/lib/aix:${WL_HOME}/server/lib/aix/oci817_8"
    else
    LIBPATH="${WL_HOME}/server/lib/aix:${WL_HOME}/server/lib/aix/oci817_8"
    fi
    PATH="${WL_HOME}/server/lib/aix:${PATH}"
    export LIBPATH PATH
    export AIXTHREAD_SCOPE=S
    export AIXTHREAD_MUTEX_DEBUG=OFF
    export AIXTHREAD_RWLOCK_DEBUG=OFF
    export AIXTHREAD_COND_DEBUG=OFF
    echo "LIBPATH=${LIBPATH}"
    HP-UX)
    if [ -n "${SHLIB_PATH}" ]; then
    SHLIB_PATH="${SHLIB_PATH}:${WL_HOME}/server/lib/hpux11:${WL_HOME}/server/lib/hpux11/oci817_8"
    else
    SHLIB_PATH="${WL_HOME}/server/lib/hpux11:${WL_HOME}/server/lib/hpux11/oci817_8"
    fi
    PATH="${WL_HOME}/server/lib/hpux11:${PATH}"
    export SHLIB_PATH PATH
    echo "SHLIB_PATH=${SHLIB_PATH}"
    IRIX)
    if [ -n "${LD_LIBRARY_PATH}" ]; then
    LD_LIBRARY_PATH="${LD_LIBRARY_PATH}:${WL_HOME}/server/lib/irix"
    else
    LD_LIBRARY_PATH="${WL_HOME}/server/lib/irix"
    fi
    PATH="${WL_HOME}/server/lib/irix:${PATH}"
    export LD_LIBRARY_PATH PATH
    echo "LD_LIBRARY_PATH=${LD_LIBRARY_PATH}"
    LINUX|Linux)
    arch=`uname -m`
    if [ -n "${LD_LIBRARY_PATH}" ]; then
    LD_LIBRARY_PATH="${LD_LIBRARY_PATH}:${WL_HOME}/server/lib/linux/${arch}:${WL_HOME}/server/lib/linux/${arch}/oci817_8"
    else
    LD_LIBRARY_PATH="${WL_HOME}/server/lib/linux/${arch}:${WL_HOME}/server/lib/linux/${arch}/oci817_8"
    fi
    PATH="${WL_HOME}/server/lib/linux:${PATH}"
    export LD_LIBRARY_PATH PATH
    echo "LD_LIBRARY_PATH=${LD_LIBRARY_PATH}"
    OSF1)
    if [ -n "${LD_LIBRARY_PATH}" ]; then
    LD_LIBRARY_PATH="${LD_LIBRARY_PATH}:${WL_HOME}/server/lib/tru64unix"
    else
    LD_LIBRARY_PATH="${WL_HOME}/server/lib/tru64unix"
    fi
    PATH="${WL_HOME}/server/lib/tru64unix:${PATH}"
    export LD_LIBRARY_PATH PATH
    echo "LD_LIBRARY_PATH=${LD_LIBRARY_PATH}"
    SunOS)
    if [ -n "${LD_LIBRARY_PATH}" ]; then
    LD_LIBRARY_PATH="${LD_LIBRARY_PATH}:${WL_HOME}/server/lib/solaris:${WL_HOME}/server/lib/solaris/oci817_8"
    else
    LD_LIBRARY_PATH="${WL_HOME}/server/lib/solaris:${WL_HOME}/server/lib/solaris/oci817_8"
    fi
    PATH="${WL_HOME}/server/lib/solaris:${PATH}"
    export LD_LIBRARY_PATH PATH
    echo "LD_LIBRARY_PATH=${LD_LIBRARY_PATH}"
    if [ "${JAVA_VM}" = "" ]
    then
    # JAVA_VM=-server
    JAVA_VM=${COMM_SERVER_VM}
    fi
    Windows_NT*)
    if [ "${JAVA_VM}" = "" ]
    then
    # JAVA_VM=-hotspot
    JAVA_VM=${COMM_VM}
    fi
    PATHSEP=\;
    CLASSPATHSEP=\;
    CYGWIN*)
    if [ "${JAVA_VM}" = "" ]
    then
    # JAVA_VM=-hotspot
    JAVA_VM=${COMM_VM}
    fi
    CLASSPATHSEP=\;
    echo "$0: Don't know how to set the shared library path for `uname
    -s`. "
    esac
    if [ "${MEM_ARGS}" = "" ]
    then
    MEM_ARGS="-Xms32m -Xmx200m"
    fi
    if [ "${PATHSEP}" = "" ]; then
    PATHSEP=:
    fi
    if [ "${CLASSPATHSEP}" = "" ]; then
    CLASSPATHSEP=:
    fi
    CLASSPATH="${JAVA_HOME}/lib/tools.jar${CLASSPATHSEP}${WL_HOME}/server${CLASSPATHSEP}${WL_HOME}/server/lib/weblogic_sp.jar${CLASSPATHSEP}${WL_H
    OME}/server/lib/weblogic.jar${CLASSPATHSEP}${CLASSPATH}"
    # If we are on an old version of Cygnus we need to turn <letter>:/ in
    the path
    # to //<letter>/
    if [ `uname -s` = "CYGWIN32/NT" ]; then
    WL_HOME=`echo $WL_HOME | sed "s#\([a-zA-Z]\):#//\1#g"`
    JAVA_HOME=`echo $JAVA_HOME | sed "s#\([a-zA-Z]\):#//\1#g"`
    fi
    # If we are on an new version of Cygnus we need to turn <letter>:/ in
    the path
    # to /cygdrive/<letter>/
    if [ -n "`uname -s |grep -i cygwin_`" ]; then
    WL_HOME=`echo $WL_HOME | sed "s#\([a-zA-Z]\):#/cygdrive/\1#g"`
    JAVA_HOME=`echo $JAVA_HOME | sed "s#\([a-zA-Z]\):#/cygdrive/\1#g"`
    fi
    PATH=".${PATHSEP}${WL_HOME}/server/bin${PATHSEP}${JAVA_HOME}/jre/bin${PATHSEP}${JAVA_HOME}/bin${PATHSEP}${PATH}"
    # Import extended environment
    if [ -f extEnv.sh ]; then
    . extEnv.sh
    fi
    if [ ! -z "${EXT_PRE_CLASSPATH}" ]; then
    CLASSPATH="${EXT_PRE_CLASSPATH}${CLASSPATHSEP}${CLASSPATH}"
    fi
    if [ ! -z "${EXT_POST_CLASSPATH}" ]; then
    CLASSPATH="${CLASSPATH}${CLASSPATHSEP}${EXT_POST_CLASSPATH}"
    fi
    if [ ! -z "${EXT_PRE_PATH}" ]; then
    PATH="${EXT_PRE_PATH}${PATHSEP}${PATH}"
    fi
    if [ ! -z "${EXT_POST_PATH}" ]; then
    PATH="${PATH}${PATHSEP}${EXT_POST_PATH}"
    fi
    # Get PRE and POST environment
    if [ ! -z "${PRE_CLASSPATH}" ]; then
    CLASSPATH="${PRE_CLASSPATH}${CLASSPATHSEP}${CLASSPATH}"
    fi
    if [ ! -z "${POST_CLASSPATH}" ]; then
    CLASSPATH="${CLASSPATH}${CLASSPATHSEP}${POST_CLASSPATH}"
    fi
    if [ ! -z "${PRE_PATH}" ]; then
    PATH="${PRE_PATH}${PATHSEP}${PATH}"
    fi
    if [ ! -z "${POST_PATH}" ]; then
    PATH="${PATH}${PATHSEP}${POST_PATH}"
    fi
    echo CLASSPATH=${CLASSPATH}
    echo
    echo PATH=${PATH}
    echo
    echo "***************************************************"
    echo "* To start WebLogic Server, use a username and *"
    echo "* password assigned to an admin-level user. For *"
    echo "* server administration, use the WebLogic Server *"
    echo "* console at http://<hostname>:<port>/console *"
    echo "***************************************************"
    if [ "$ADMIN_URL" != "" ]
    then
    set -x
    "${JAVA_HOME}/bin/java" ${JAVA_VM} ${MEM_ARGS} ${JAVA_OPTIONS}
    -classpath "${CLASSPATH}" -Dweblogic.Name=${SERVER_NAME}
    -Dbea.home="/usr/local
    /bea" -Dweblogic.management.username=${WLS_USER}
    -Dweblogic.management.password=${WLS_PW}
    -Dweblogic.management.server=${ADMIN_URL} -Dweblogic
    .ProductionModeEnabled=${STARTMODE}
    -Djava.security.policy="${WL_HOME}/server/lib/weblogic.policy"
    weblogic.Server
    else
    set -x
    "${JAVA_HOME}/bin/java" ${JAVA_VM} ${MEM_ARGS} ${JAVA_OPTIONS}
    -classpath "${CLASSPATH}" -Dweblogic.Name=${SERVER_NAME}
    -Dbea.home="/usr/local
    /bea" -Dweblogic.management.username=${WLS_USER}
    -Dweblogic.management.password=${WLS_PW}
    -Dweblogic.ProductionModeEnabled=${STARTMODE} -Djava
    .security.policy="${WL_HOME}/server/lib/weblogic.policy"
    weblogic.Server
    fi
    set +x
    fi
    --------------END OF SCRIPT----------
    So can you please look at the exception and the above-pasted source
    code of the startup script file and let me know what needs to be done
    to fix the error?
    Thanks,
    Kalpana

    Senthil,
    What may have happened is that the boot identity (e.g., the "weblogic" user) is no longer in the realm. Or, you added a second authenticator which has a Control Flag of Required but the weblogic user cannot be found there.
    If it's the first scenario, add the weblogic user (and his inclusion in the Administrators group) to the data store for your authenticator.
    If it's the second scenario, you need to change the Control Flag to something less drastic such as Sufficient. In this case, you can't make the change in WebLogic Console since you can't boot your server. Have a look in config.xml and see if your newly created authenticator is listed there. If it is, change the Control Flag and try to reboot the server.
    Otherwise, copy config.xml.booted to config.xml and start your server. You'll have to re-do your security realm changes, though.
    HTH,
    Mike

  • Java.lang.SecurityException: showDocument url permission denied

    Hi,
    We get below given error in one of the java application when we use the java version which is higher than 1.6.0_24.
    java.lang.SecurityException: showDocument url permission denied
    at sun.plugin2.main.client.MessagePassingExecutionContext.showDocument(Unknown Source)
    at sun.plugin2.applet.Plugin2Manager$AppletContextImpl.showDocument(Unknown Source)
    at vrts.CreateCrystalReports.createTransmittal(CreateCrystalReports.java:52)
    at vrts.JFrameOldProjectWizard.createTransmittalAndOCS(JFrameOldProjectWizard.java:289)
    at vrts.JFrameOldProjectWizard$6.actionPerformed(JFrameOldProjectWizard.java:240)
    at javax.swing.AbstractButton.fireActionPerformed(Unknown Source)
    We get this error in below given code where it tries to open a HTML file.
    appletContext.showDocument(urlObj,"_blank");
    Can you please provide solution for this issue so that code should work in any java versions.
    Thanks,
    Swathi
    Edited by: 988624 on Feb 17, 2013 11:06 PM

    I have to ask. Is the applet signed?

  • Java.lang.SecurityException when granting java permission

    DB version 11.1.07
    We used this command to grant the following permission in development and stage environment with no problems.
    exec dbms_java.grant_permission( 'SCHEMA', 'SYS:java.lang.RuntimePermission', 'getClassLoader', '' );
    When the same command is run in production, it results in this.
    ERROR at line 1:
    ORA-29532: Java call terminated by uncaught Java exception:
    java.lang.SecurityException: policy table update
    SYS:java.lang.RuntimePermission, getClassLoader
    ORA-06512: at "SYS.DBMS_JAVA", line 787
    ORA-06512: at line 1
    These commands were executed as SYS user in all environments. Any ideas what could be causing this?
    Thanks.
    Usman

    Either you are only using a security manager in production or there is a difference in the permissions granted by the security domains (for example, .policy files).

  • Java.lang.SecurityException: Authentication for user system denied in realm wl_realm Error.

              Getting this security exception when trying to pull a message from one weblogic
              instance JMS queue, and sending the message (via a MDB) to another machine's JMS
              queue.
              Ex. Here's the scenario.
              Two Windows2000Server machines,
              one at ip ... xxx.xxx.x.16,
              second machine at ... xxx.xxx.x.17.
              MDB pulls message off of a JMS queue on 16. MDB sends the message to .17 box.
              ON the .17 machine (the receiver) I get the following exception
              weblogic.transaction.internal.CoordinatorImpl@31406b>
              java.lang.SecurityException: Authentication for user system denied in realm wl_realm
                   at weblogic.security.acl.Realm.authenticate(Realm.java:212)
                   at weblogic.security.acl.Realm.getAuthenticatedName(Realm.java:233)
                   at weblogic.security.acl.internal.Security.authenticate(Security.java:125)
                   at weblogic.security.acl.internal.Security.verify(Security.java:87)
                   at weblogic.rmi.internal.BasicRequestHandler.handleRequest(BasicRequestHandler.java:76)
                   at weblogic.rmi.internal.BasicExecuteRequest.execute(BasicExecuteRequest.java:17)
                   at weblogic.kernel.ExecuteThread.execute(ExecuteThread.java:137)
                   at weblogic.kernel.ExecuteThread.run(ExecuteThread.java:120)
              ON the sending maching .16, I get the following exception.
              ####<Apr 3, 2002 9:46:24 AM CST> <Error> <RJVM> <testweblogic> <OptiSoftAppServer>
              <ExecuteThread: '96' for queue: 'default'> <> <> <000000> <Unsolicited error response
              for: '-1'>
              The messages appear to show up on the destination machine, but are these error
              messages valid, or just bogus?
              Thanks,
              Eric.
              

    Why is that? Your suggestion worked but I don't understand why.
              When our MDB on machineA did the JNDI lookup to MachineB we set the
              credentials to a valid user/password on MachineB.
              My speculation: Since the MDB on machineA is already in a transaction
              any other JNDI calls use the credentials for the MDB's transactions,
              ignoring any other credentials we might try to set explicitly. If my
              speculation is correct then that would explain by the passwords for the
              user "system" would have to be the same between servers.
              Is there a good place to read up on this?
              Thanks
              Tom
              Rajesh Mirchandani wrote:
              > Make sure you have the same system password for the 2 instances of WLS on seperate boxes.
              >
              > Tom Barnes wrote:
              >
              >
              >>Or post to the EJB newsgroup (which "owns" MDBs).
              >>
              >>Tom Barnes wrote:
              >>
              >>
              >>>I think there is a username/password field configurable in the MDB descriptor that
              >>>might help here??? Other than that, I suggest posting to the security newsgroup.
              >>>
              >>>Tom
              >>>
              >>>Eric Babin wrote:
              >>>
              >>>
              >>>>Getting this security exception when trying to pull a message from one weblogic
              >>>>instance JMS queue, and sending the message (via a MDB) to another machine's JMS
              >>>>queue.
              >>>>
              >>>>Ex. Here's the scenario.
              >>>>
              >>>> Two Windows2000Server machines,
              >>>> one at ip ... xxx.xxx.x.16,
              >>>> second machine at ... xxx.xxx.x.17.
              >>>>
              >>>> MDB pulls message off of a JMS queue on 16. MDB sends the message to .17 box.
              >>>>
              >>>>
              >>>>ON the .17 machine (the receiver) I get the following exception
              >>>>
              >>>>weblogic.transaction.internal.CoordinatorImpl@31406b>
              >>>>java.lang.SecurityException: Authentication for user system denied in realm wl_realm
              >>>> at weblogic.security.acl.Realm.authenticate(Realm.java:212)
              >>>> at weblogic.security.acl.Realm.getAuthenticatedName(Realm.java:233)
              >>>> at weblogic.security.acl.internal.Security.authenticate(Security.java:125)
              >>>> at weblogic.security.acl.internal.Security.verify(Security.java:87)
              >>>> at weblogic.rmi.internal.BasicRequestHandler.handleRequest(BasicRequestHandler.java:76)
              >>>> at weblogic.rmi.internal.BasicExecuteRequest.execute(BasicExecuteRequest.java:17)
              >>>> at weblogic.kernel.ExecuteThread.execute(ExecuteThread.java:137)
              >>>> at weblogic.kernel.ExecuteThread.run(ExecuteThread.java:120)
              >>>>
              >>>>ON the sending maching .16, I get the following exception.
              >>>>
              >>>>####<Apr 3, 2002 9:46:24 AM CST> <Error> <RJVM> <testweblogic> <OptiSoftAppServer>
              >>>><ExecuteThread: '96' for queue: 'default'> <> <> <000000> <Unsolicited error response
              >>>>for: '-1'>
              >>>>
              >>>>The messages appear to show up on the destination machine, but are these error
              >>>>messages valid, or just bogus?
              >>>>
              >>>>Thanks,
              >>>>
              >>>>Eric.
              >>>>
              >
              > --
              > Rajesh Mirchandani
              > Developer Relations Engineer
              > BEA Support
              >
              >
              >
              

  • Java.lang.SecurityException: Authentication for user guest denied in realm wl_realm

    Hi,
    I am using WL60SP2 on Windows NT 4.0.
    I am trying to call a bean from my startup class. The code is as follows
    home = lookupHome();
    messageSubscriber = (MessageSubscriber) narrow(home.create(),
    MessageSubscriber.class);
    Right at this point the Weblogic server is throwing the following error.
    java.lang.SecurityException: Authentication for user guest denied in
    realm wl_realm
    <<no stack trace available>>
    I know this has something to do with the security. In WL50 I would have
    gone to the weblogic.policy file to fix it. With WL60 I know I have to
    change something on the console but am not sure.
    Please help.
    Thanks
    Raj

    Go into the console and make sure the GuestDisabled property = false
    http://e-docs.bea.com/wls/docs61/////ConsoleHelp/security.html
    Joe Jerry
    Raj Kathlesar wrote:
    Hi,
    I am using WL60SP2 on Windows NT 4.0.
    I am trying to call a bean from my startup class. The code is as follows
    home = lookupHome();
    messageSubscriber = (MessageSubscriber) narrow(home.create(),
    MessageSubscriber.class);
    Right at this point the Weblogic server is throwing the following error.
    java.lang.SecurityException: Authentication for user guest denied in
    realm wl_realm
    <<no stack trace available>>
    I know this has something to do with the security. In WL50 I would have
    gone to the weblogic.policy file to fix it. With WL60 I know I have to
    change something on the console but am not sure.
    Please help.
    Thanks
    Raj

  • Java.lang.SecurityException: Authentication for user null denied in realm

    Hello,
    We have the following exceptionj on WLS 6.1 SP3 on Win2K:
    javax.naming.AuthenticationException. Root exception is
    java.lang.SecurityException: Authentication for user null denied in realm
    weblogic
    at weblogic.security.acl.Realm.authenticate(Realm.java:212)
    at weblogic.security.acl.Realm.getAuthenticatedName(Realm.java:233)
    at
    weblogic.security.acl.internal.Security.authenticate(Security.java:135)
    at
    weblogic.jndi.WLInitialContextFactoryDelegate.pushUser(WLInitialContextFactoryDelegate.java:518)
    at
    weblogic.jndi.WLInitialContextFactoryDelegate.newContext(WLInitialContextFactoryDelegate.java:362)
    at
    weblogic.jndi.WLInitialContextFactoryDelegate.getInitialContext(WLInitialContextFactoryDelegate.java:334)
    at
    weblogic.jndi.WLInitialContextFactoryDelegate.getInitialContext(WLInitialContextFactoryDelegate.java:211)
    at
    weblogic.jndi.WLInitialContextFactory.getInitialContext(WLInitialContextFactory.java:149)
    at
    javax.naming.spi.NamingManager.getInitialContext(NamingManager.java:660)
    at
    javax.naming.InitialContext.getDefaultInitCtx(InitialContext.java:241)
    at javax.naming.InitialContext.init(InitialContext.java:217)
    at javax.naming.InitialContext.<init>(InitialContext.java:173)
    at
    And it seems that this exception happens after the introduction of a JAAS module
    for an external call.
    What strikes me is that the WLS samples use System.setProperty... and I was wondering
    if this could be the cause of our problem, because the rest of the application
    does not use JAAS, and that may be it screws up the realm with WLS....
    Any idea?
    Cheers,
    Thierry

    Hello,
    We have the following exceptionj on WLS 6.1 SP3 on Win2K:
    javax.naming.AuthenticationException. Root exception is
    java.lang.SecurityException: Authentication for user null denied in realm
    weblogic
    at weblogic.security.acl.Realm.authenticate(Realm.java:212)
    at weblogic.security.acl.Realm.getAuthenticatedName(Realm.java:233)
    at
    weblogic.security.acl.internal.Security.authenticate(Security.java:135)
    at
    weblogic.jndi.WLInitialContextFactoryDelegate.pushUser(WLInitialContextFactoryDelegate.java:518)
    at
    weblogic.jndi.WLInitialContextFactoryDelegate.newContext(WLInitialContextFactoryDelegate.java:362)
    at
    weblogic.jndi.WLInitialContextFactoryDelegate.getInitialContext(WLInitialContextFactoryDelegate.java:334)
    at
    weblogic.jndi.WLInitialContextFactoryDelegate.getInitialContext(WLInitialContextFactoryDelegate.java:211)
    at
    weblogic.jndi.WLInitialContextFactory.getInitialContext(WLInitialContextFactory.java:149)
    at
    javax.naming.spi.NamingManager.getInitialContext(NamingManager.java:660)
    at
    javax.naming.InitialContext.getDefaultInitCtx(InitialContext.java:241)
    at javax.naming.InitialContext.init(InitialContext.java:217)
    at javax.naming.InitialContext.<init>(InitialContext.java:173)
    at
    And it seems that this exception happens after the introduction of a JAAS module
    for an external call.
    What strikes me is that the WLS samples use System.setProperty... and I was wondering
    if this could be the cause of our problem, because the rest of the application
    does not use JAAS, and that may be it screws up the realm with WLS....
    Any idea?
    Cheers,
    Thierry

  • Java.lang.SecurityException: Authentication for user test1 denied in realm wl_realm

    Environment: WLS61 SP2
    Two WLS61 servers on different machines. User test1 is authenticated against LDAP
    on server_1, then tries
    to execute a class (from JSP) that calls EJB on server_2. The environment properties
    for the call to EJB on server_2 to are setup as follows (Note that user test2 is
    used to call EJB on server_2. User test2 exists in the wl_realm on server2):
    env.put(Context.INITIAL_CONTEXT_FACTORY, "weblogic.jndi.WLInitialContextFactory");
    env.put(Context.PROVIDER_URL, "t3://server2:7001");
    env.put(Context.SECURITY_AUTHENTICATION, "simple");
    env.put(Context.SECURITY_PRINCIPAL, "test2");
    env.put(Context.SECURITY_CREDENTIALS, "somepass");
    The call results in the following exception raised on server_2. Why is test1 id used
    if test2 is explicitly specified for the call? User test1 does not exist on server_2.
    <Jul 13, 2002 11:37:31 AM EDT> <Warning> <Dispatcher> <RuntimeException thrown by
    rmi server: 'weblo
    gic.rmi.cluster.ClusterableServerRef@111 - jvmid: '4783591120128354231S:xxx.xxx.xxx.xxx:[7001,7001,7002,7
    002,7001,7002,-1]:mydomain:myserver', oid: '271', implementation: '[BaseEJBObject]
    home: c
    om.test.TestEJB_jvjalv_HomeImpl@7583b9''
    java.lang.SecurityException: Authentication for user test1 denied in realm wl_realm
    at weblogic.security.acl.Realm.authenticate(Realm.java:212)
    at weblogic.security.acl.Realm.getAuthenticatedName(Realm.java:233)
    at weblogic.security.acl.internal.Security.authenticate(Security.java:125)
    at weblogic.security.acl.internal.Security.verify(Security.java:87)
    at weblogic.rmi.internal.BasicServerRef.handleRequest(BasicServerRef.java:237)
    at weblogic.rmi.internal.BasicExecuteRequest.execute(BasicExecuteRequest.java:22)
    at weblogic.kernel.ExecuteThread.execute(ExecuteThread.java:139)
    at weblogic.kernel.ExecuteThread.run(ExecuteThread.java:120)

    If you are using JNDI authentication, make sure you close the context before
    you get another context.
    In WLS, stack of authenticated users will be maintained per thread. Now when
    user is authenticated, it will be pushed into the stack. When you close the
    context it will be popped out. In your case it seems like somehow test1 user's
    idenitity is set on the thread which is calling the EJB on server2.
    use weblogic.security.acl.Security.getCurrentUser() to get the current
    user associated with the thread.
    I hope this helps.
    -utpal

  • Java.lang.SecurityException: Authentication for user system denied in realm weblogic

    I am looking for some help to deploy the application in weblogic6.0.
    This is what i did during the application deployment.
    Create a new directory under config as a new application.
    D:\bea\wlserver6.0\config\test
    under test created two other directories applications and logs.
    Under the applications directory copied .ear and .war files.
    Under the test i copied config.xml, all the *.pem starttest.cmd, fileRealam.properties
    files. Modified the config.xml with my application, domain and the server. Modified
    the settest.cmd with the new domain and server name.
    when i do startup, it is prompting for the password and i entered what ever i mentioned
    during the installation.
    And getting the following error.
    Thanks alot for any suggestions.
    D:\bea\wlserver6.0\config\test>startTest.cmd
    D:\bea\wlserver6.0>set PATH=.\bin;D:\bea\jdk130\bin;C:\RATIONAL\RATION~1\NUTCROO
    T\bin;C:\RATIONAL\RATION~1\NUTCROOT\bin\x11;C:\RATIONAL\RATION~1\NUTCROOT\mksnt;
    C:\WINNT\system32;C:\WINNT;C:\WINNT\System32\Wbem;C:\Program Files\Dell\Resoluti
    on Assistant\Common\bin;C:\PROGRA~1\MICROS~4\Office;C:\PROGRA~1\ULTRAE~1;C:\Rati
    onal\common;C:\Rational\Rational Test;C:\jdk1.3\bin;C:\Ant\bin;
    D:\bea\wlserver6.0>set CLASSPATH=.;.\lib\weblogic_sp.jar;.\lib\weblogic.jar
    D:\bea\wlserver6.0>D:\bea\jdk130\bin\java -hotspot -ms64m -mx64m -classpath .;.\
    lib\weblogic_sp.jar;.\lib\weblogic.jar -Dweblogic.Domain=test -Dweblogic.Name=te
    stServer -Dbea.home=D:\bea -Dcloudscape.system.home=./samples/eval/cloudscape/da
    ta -Djava.security.policy==D:\bea\wlserver6.0/lib/weblogic.policy weblogic.Serve
    r
    Enter password to boot weblogic server:password
    Starting WebLogic Server ....
    <Feb 14, 2001 12:13:04 PM EST> <Notice> <Management> <Loading configuration file
    .\config\test\config.xml ...>
    <Feb 14, 2001 12:13:06 PM EST> <Info> <Logging> <Only log messages of severity "
    Error" or worse will be displayed in this window. This can be changed at Admin C
    onsole> test> Servers> testServer> Logging> Debugging> Stdout severity threshold
    >
    <Feb 14, 2001 12:13:08 PM EST> <Emergency> <Server> <Unable to initialize the se
    rver: 'Fatal initialization exception
    Throwable: java.lang.SecurityException: Authentication for user system denied in
    realm weblogic
    java.lang.SecurityException: Authentication for user system denied in realm webl
    ogic
    at weblogic.security.acl.Realm.authenticate(Realm.java:209)
    at weblogic.security.acl.Realm.getAuthenticatedName(Realm.java:229)
    at weblogic.security.acl.internal.Security.authenticate(Security.java:11
    3)
    at weblogic.security.SecurityService.initializeSuid(SecurityService.java
    :293)
    at weblogic.security.SecurityService.initialize(SecurityService.java:123
    at weblogic.t3.srvr.T3Srvr.initialize(T3Srvr.java:343)
    at weblogic.t3.srvr.T3Srvr.run(T3Srvr.java:169)
    at weblogic.Server.main(Server.java:35)
    '>
    The WebLogic Server did not start up properly.
    Exception raised: java.lang.SecurityException: Authentication for user system de
    nied in realm weblogic
    java.lang.SecurityException: Authentication for user system denied in realm webl
    ogic
    at weblogic.security.acl.Realm.authenticate(Realm.java:209)
    at weblogic.security.acl.Realm.getAuthenticatedName(Realm.java:229)
    at weblogic.security.acl.internal.Security.authenticate(Security.java:11
    3)
    at weblogic.security.SecurityService.initializeSuid(SecurityService.java
    :293)
    at weblogic.security.SecurityService.initialize(SecurityService.java:123
    at weblogic.t3.srvr.T3Srvr.initialize(T3Srvr.java:343)
    at weblogic.t3.srvr.T3Srvr.run(T3Srvr.java:169)
    at weblogic.Server.main(Server.java:35)
    Reason: Fatal initialization exception
    D:\bea\wlserver6.0>goto finish
    D:\bea\wlserver6.0>cd config\test
    D:\bea\wlserver6.0\config\test>ENDLOCAL
    D:\bea\wlserver6.0\config\test>

    Seen this, may give a clue?
    Server Known Problems Change Request Number Description
    042556
    The weblogic.Admin command now requires the user and password options. For example:
    java weblogic.Admin -username system -password gumby1234
    The username "system" is required for most functions (for example: VERSION). If
    you do not specify -username system, you will get the following error:
    Exception in thread "main" java.lang.SecurityException: Authentication for user
    system denied in realm weblogic
    <<no stack trace available>>
    "lazar" <[email protected]> wrote:
    >
    I would also like to know, if there is a fix for it.
    Thanks
    Lazar
    Greg Layton <[email protected]> wrote:
    Did you ever get an answer to this. If so could you share it with me.ThanksGreg

  • Java.lang.SecurityException: Authentication for user system denied in realm wl_realm

    I am experiencing this error when a servlet or JSP is preloaded on the web
    server and the init method of the preloaded item results in a call to the
    app server. If I don't preload and then manually invoke the JSP or servlet
    after the web server completely loads the call to the app server does not
    produce the exception. The only security differences between the web and
    app servers are the console and system passwords. I can fix the problem by
    making the passwords (system and console) the same across the board, but
    find it hard to believe that this is the true solution. I would prefer
    sticking with the default security settings.
    I've poured through hundreds of messages. I can find similar problems but
    not this exact problem.
    Any ideas would truly be appreciated!
    More information:...
    App and Web server are both wls 6.1.1.0 running on the same SUN Solaris box.
    Both are using the basic, out of the box, security.
    The App server has SSL disabled.
    The exception reported in the app server's log is:
    java.lang.SecurityException: Authentication for user system denied in realm
    wl_realm
    at weblogic.security.acl.Realm.authenticate(Realm.java:212)
    at weblogic.security.acl.Realm.getAuthenticatedName(Realm.java:233)
    at
    weblogic.security.acl.internal.Security.authenticate(Security.java:125)
    at weblogic.security.acl.internal.Security.verify(Security.java:87)
    at
    weblogic.rmi.internal.BasicServerRef.handleRequest(BasicServerRef.java:235)
    at
    weblogic.rmi.internal.BasicExecuteRequest.execute(BasicExecuteRequest.java:2
    2)
    at weblogic.kernel.ExecuteThread.execute(ExecuteThread.java:139)
    at weblogic.kernel.ExecuteThread.run(ExecuteThread.java:120)
    The exception reported in the web server's log is:
    java.lang.SecurityException: Authentication for user system denied in realm
    wl_realm
    at
    weblogic.rmi.internal.BasicOutboundRequest.sendReceive(BasicOutboundRequest.
    java:85)
    at
    weblogic.rmi.cluster.ReplicaAwareRemoteRef.invoke(ReplicaAwareRemoteRef.java
    :255)
    at
    weblogic.rmi.cluster.ReplicaAwareRemoteRef.invoke(ReplicaAwareRemoteRef.java
    :222)
    at weblogic.rmi.internal.ProxyStub.invoke(ProxyStub.java:35)
    at $Proxy54.lookup(Unknown Source)
    at
    weblogic.jndi.internal.WLContextImpl.lookup(WLContextImpl.java:323)
    at javax.naming.InitialContext.lookup(InitialContext.java:350)
    at
    com.qwest.tmmt.manager.client.MDMAdapter.getEJBHome(MDMAdapter.java:197)
    at
    com.qwest.tmmt.manager.client.MDMAdapter.<init>(MDMAdapter.java:64)
    at
    com.qwest.tmmt.manager.client.ManagerFactory.createMetaDataManager(ManagerFa
    ctory.java:305)
    at
    com.qwest.insite.util.ClientMetaDataCache.<init>(ClientMetaDataCache.java:53
    at
    com.qwest.insite.util.ClientMetaDataCache.getInstance(ClientMetaDataCache.ja
    va:106)
    at
    com.qwest.insite.metadata.startup.MetaDataServlet.init(MetaDataServlet.java:
    30)
    at
    weblogic.servlet.internal.ServletStubImpl.createServlet(ServletStubImpl.java
    :700)
    at
    weblogic.servlet.internal.ServletStubImpl.createInstances(ServletStubImpl.ja
    va:643)
    at
    weblogic.servlet.internal.ServletStubImpl.prepareServlet(ServletStubImpl.jav
    a:588)
    at
    weblogic.servlet.internal.WebAppServletContext.preloadServlet(WebAppServletC
    ontext.java:2203)
    at
    weblogic.servlet.internal.WebAppServletContext.preloadServlets(WebAppServlet
    Context.java:2147)
    at
    weblogic.servlet.internal.WebAppServletContext.init(WebAppServletContext.jav
    a:884)
    at
    weblogic.servlet.internal.WebAppServletContext.<init>(WebAppServletContext.j
    ava:807)
    at
    weblogic.servlet.internal.HttpServer.loadWebApp(HttpServer.java:421)
    at weblogic.j2ee.WebAppComponent.deploy(WebAppComponent.java:74)
    at weblogic.j2ee.Application.addComponent(Application.java:160)
    at weblogic.j2ee.J2EEService.addDeployment(J2EEService.java:117)
    at
    weblogic.management.mbeans.custom.DeploymentTarget.addDeployment(DeploymentT
    arget.java:329)
    at
    weblogic.management.mbeans.custom.DeploymentTarget.addDeployment(DeploymentT
    arget.java:144)
    at
    weblogic.management.mbeans.custom.WebServer.addWebDeployment(WebServer.java:
    76)
    at java.lang.reflect.Method.invoke(Native Method)
    at
    weblogic.management.internal.DynamicMBeanImpl.invokeLocally(DynamicMBeanImpl
    .java:608)
    at
    weblogic.management.internal.DynamicMBeanImpl.invoke(DynamicMBeanImpl.java:5
    92)
    at
    weblogic.management.internal.ConfigurationMBeanImpl.invoke(ConfigurationMBea
    nImpl.java:352)
    at
    com.sun.management.jmx.MBeanServerImpl.invoke(MBeanServerImpl.java:1555)
    at
    com.sun.management.jmx.MBeanServerImpl.invoke(MBeanServerImpl.java:1523)
    at
    weblogic.management.internal.MBeanProxy.invoke(MBeanProxy.java:449)
    at
    weblogic.management.internal.MBeanProxy.invoke(MBeanProxy.java:190)
    at $Proxy33.addWebDeployment(Unknown Source)
    at
    weblogic.management.configuration.WebServerMBean_CachingStub.addWebDeploymen
    t(WebServerMBean_CachingStub.java:1094)
    at
    weblogic.management.mbeans.custom.DeploymentTarget.addDeployment(DeploymentT
    arget.java:315)
    at
    weblogic.management.mbeans.custom.DeploymentTarget.addDeployments(Deployment
    Target.java:279)
    at
    weblogic.management.mbeans.custom.DeploymentTarget.updateServerDeployments(D
    eploymentTarget.java:233)
    at
    weblogic.management.mbeans.custom.DeploymentTarget.updateDeployments(Deploym
    entTarget.java:193)
    at java.lang.reflect.Method.invoke(Native Method)
    at
    weblogic.management.internal.DynamicMBeanImpl.invokeLocally(DynamicMBeanImpl
    .java:608)
    at
    weblogic.management.internal.DynamicMBeanImpl.invoke(DynamicMBeanImpl.java:5
    92)
    at
    weblogic.management.internal.ConfigurationMBeanImpl.invoke(ConfigurationMBea
    nImpl.java:352)
    at
    com.sun.management.jmx.MBeanServerImpl.invoke(MBeanServerImpl.java:1555)
    at
    com.sun.management.jmx.MBeanServerImpl.invoke(MBeanServerImpl.java:1523)
    at
    weblogic.management.internal.MBeanProxy.invoke(MBeanProxy.java:449)
    at
    weblogic.management.internal.MBeanProxy.invoke(MBeanProxy.java:190)
    at $Proxy32.updateDeployments(Unknown Source)
    at
    weblogic.management.configuration.ServerMBean_CachingStub.updateDeployments(
    ServerMBean_CachingStub.java:2734)
    at
    weblogic.management.mbeans.custom.ApplicationManager.startConfigManager(Appl
    icationManager.java:362)
    at
    weblogic.management.mbeans.custom.ApplicationManager.start(ApplicationManage
    r.java:154)
    at java.lang.reflect.Method.invoke(Native Method)
    at
    weblogic.management.internal.DynamicMBeanImpl.invokeLocally(DynamicMBeanImpl
    .java:608)
    at
    weblogic.management.internal.DynamicMBeanImpl.invoke(DynamicMBeanImpl.java:5
    92)
    at
    weblogic.management.internal.ConfigurationMBeanImpl.invoke(ConfigurationMBea
    nImpl.java:352)
    at
    com.sun.management.jmx.MBeanServerImpl.invoke(MBeanServerImpl.java:1555)
    at
    com.sun.management.jmx.MBeanServerImpl.invoke(MBeanServerImpl.java:1523)
    at
    weblogic.management.internal.MBeanProxy.invoke(MBeanProxy.java:449)
    at
    weblogic.management.internal.MBeanProxy.invoke(MBeanProxy.java:190)
    at $Proxy45.start(Unknown Source)
    at
    weblogic.management.configuration.ApplicationManagerMBean_CachingStub.start(
    ApplicationManagerMBean_CachingStub.java:480)
    at
    weblogic.management.Admin.startApplicationManager(Admin.java:1151)
    at weblogic.management.Admin.finish(Admin.java:570)
    at weblogic.t3.srvr.T3Srvr.start(T3Srvr.java:506)
    at weblogic.t3.srvr.T3Srvr.run(T3Srvr.java:203)
    at weblogic.Server.main(Server.java:35)
    Thanks,
    Jed Zimmer

    You're correct. I meant the DOMAIN_SYSTEM_PASSWORD password in my
    <domain-name>domain.ksh file. The DOMAIN_SYSTEM_PASSWORD value (if
    specified) has to match the system user's password or else the server will
    not start/stop.
    I have determined more since my post. A startup class also produces the
    same error. I have minimized my environments as follows and still receive
    the exception, and a soon as I synchronize the system users' passwords on
    the app/web server the problem goes away. Or, I can keep the passwords
    different and just not access the app server EJBs until after the web server
    finished loading, which also causes the error to go away. I'm just confused
    about what I might be doing wrong.
    Steps to produce the error:
    App server:
    - Installed from 6.1.1.0 from scratch and started it up.
    - Changed the system user's password from the admin console, persisting the
    changes.
    - Modified logging settings to see more info in the log files.
    - Disabled instrument stack traces.
    - Stopped/Started the app server
    Web server:
    - Installed from 6.1.1.0 from scratch and started it up.
    - Modified logging settings to see more info in the log files.
    - Disabled instrument stack traces.
    - Added a servlet to the DefaultWebApp_insiteserver application
    - specified name and class
    - the load on startup setting defaulted to zero, which will cause the
    preloading
    - Added 3 jar files to the classpath to support the EJB call
    - Stopped/Started the web server
    When the web server loads the servlet loads and tries to locate the EJB on
    the app server. The app server throws the security exception. The app/web
    servers are both running on the same SUN box, have the same IP address
    (different ports) and I'm using non-SSL. Each server is it's own WLS
    environment. The only installed file that is shared it the
    weblogic_domain_registry.dat file in the root directory. As for security,
    I'm doing nothing except changing one password (system user on the app
    server).
    I then tried to manually upgrade the app/web servers to 6.1.2.0 by updating
    the WEBLOGIC_ROOT in the respective xxxxdomain.ksh files. Same problem.
    I then cleanly reinstalled the app/web servers using version 6.1.2.0 and
    configured as above. Same problem.
    Let me know if I need to provide additional details.
    Thanks,
    Jed Zimmer
    "Joseph Nguyen" <[email protected]> wrote in message
    news:[email protected]...
    >
    "Jed Zimmer" <[email protected]> wrote in message
    news:[email protected]...
    I am experiencing this error when a servlet or JSP is preloaded on the
    web
    server and the init method of the preloaded item results in a call tothe
    app server. If I don't preload and then manually invoke the JSP orservlet
    after the web server completely loads the call to the app server does
    not
    produce the exception. The only security differences between the weband
    app servers are the console and system passwords. I can fix the problemby
    making the passwords (system and console) the same across the board, but
    find it hard to believe that this is the true solutionI don't quite understand what you mean by "console" password? Are you
    talking about the admin console? If so then it's confusing because youhave
    to log into the console using the system user. If you can clarify morehere
    it would great.
    Joseph Nguyen
    BEA Support
    . I would prefer
    sticking with the default security settings.
    I've poured through hundreds of messages. I can find similar problems
    but
    not this exact problem.
    Any ideas would truly be appreciated!
    More information:...
    App and Web server are both wls 6.1.1.0 running on the same SUN Solarisbox.
    Both are using the basic, out of the box, security.
    The App server has SSL disabled.
    The exception reported in the app server's log is:
    java.lang.SecurityException: Authentication for user system denied inrealm
    wl_realm
    at weblogic.security.acl.Realm.authenticate(Realm.java:212)
    atweblogic.security.acl.Realm.getAuthenticatedName(Realm.java:233)
    at
    weblogic.security.acl.internal.Security.authenticate(Security.java:125)
    atweblogic.security.acl.internal.Security.verify(Security.java:87)
    at
    weblogic.rmi.internal.BasicServerRef.handleRequest(BasicServerRef.java:235)
    at
    weblogic.rmi.internal.BasicExecuteRequest.execute(BasicExecuteRequest.java:2
    2)
    at weblogic.kernel.ExecuteThread.execute(ExecuteThread.java:139)
    at weblogic.kernel.ExecuteThread.run(ExecuteThread.java:120)
    The exception reported in the web server's log is:
    java.lang.SecurityException: Authentication for user system denied inrealm
    wl_realm
    at
    weblogic.rmi.internal.BasicOutboundRequest.sendReceive(BasicOutboundRequest.
    java:85)
    at
    weblogic.rmi.cluster.ReplicaAwareRemoteRef.invoke(ReplicaAwareRemoteRef.java
    :255)
    at
    weblogic.rmi.cluster.ReplicaAwareRemoteRef.invoke(ReplicaAwareRemoteRef.java
    :222)
    at weblogic.rmi.internal.ProxyStub.invoke(ProxyStub.java:35)
    at $Proxy54.lookup(Unknown Source)
    at
    weblogic.jndi.internal.WLContextImpl.lookup(WLContextImpl.java:323)
    at javax.naming.InitialContext.lookup(InitialContext.java:350)
    at
    com.qwest.tmmt.manager.client.MDMAdapter.getEJBHome(MDMAdapter.java:197)
    at
    com.qwest.tmmt.manager.client.MDMAdapter.<init>(MDMAdapter.java:64)
    at
    com.qwest.tmmt.manager.client.ManagerFactory.createMetaDataManager(ManagerFa
    ctory.java:305)
    at
    com.qwest.insite.util.ClientMetaDataCache.<init>(ClientMetaDataCache.java:53
    at
    com.qwest.insite.util.ClientMetaDataCache.getInstance(ClientMetaDataCache.ja
    va:106)
    at
    com.qwest.insite.metadata.startup.MetaDataServlet.init(MetaDataServlet.java:
    30)
    at
    weblogic.servlet.internal.ServletStubImpl.createServlet(ServletStubImpl.java
    :700)
    at
    weblogic.servlet.internal.ServletStubImpl.createInstances(ServletStubImpl.ja
    va:643)
    at
    weblogic.servlet.internal.ServletStubImpl.prepareServlet(ServletStubImpl.jav
    a:588)
    at
    weblogic.servlet.internal.WebAppServletContext.preloadServlet(WebAppServletC
    ontext.java:2203)
    at
    weblogic.servlet.internal.WebAppServletContext.preloadServlets(WebAppServlet
    Context.java:2147)
    at
    weblogic.servlet.internal.WebAppServletContext.init(WebAppServletContext.jav
    a:884)
    at
    weblogic.servlet.internal.WebAppServletContext.<init>(WebAppServletContext.j
    ava:807)
    at
    weblogic.servlet.internal.HttpServer.loadWebApp(HttpServer.java:421)
    at weblogic.j2ee.WebAppComponent.deploy(WebAppComponent.java:74)
    at weblogic.j2ee.Application.addComponent(Application.java:160)
    at weblogic.j2ee.J2EEService.addDeployment(J2EEService.java:117)
    at
    weblogic.management.mbeans.custom.DeploymentTarget.addDeployment(DeploymentT
    arget.java:329)
    at
    weblogic.management.mbeans.custom.DeploymentTarget.addDeployment(DeploymentT
    arget.java:144)
    at
    weblogic.management.mbeans.custom.WebServer.addWebDeployment(WebServer.java:
    76)
    at java.lang.reflect.Method.invoke(Native Method)
    at
    weblogic.management.internal.DynamicMBeanImpl.invokeLocally(DynamicMBeanImpl
    .java:608)
    at
    weblogic.management.internal.DynamicMBeanImpl.invoke(DynamicMBeanImpl.java:5
    92)
    at
    weblogic.management.internal.ConfigurationMBeanImpl.invoke(ConfigurationMBea
    nImpl.java:352)
    at
    com.sun.management.jmx.MBeanServerImpl.invoke(MBeanServerImpl.java:1555)
    at
    com.sun.management.jmx.MBeanServerImpl.invoke(MBeanServerImpl.java:1523)
    at
    weblogic.management.internal.MBeanProxy.invoke(MBeanProxy.java:449)
    at
    weblogic.management.internal.MBeanProxy.invoke(MBeanProxy.java:190)
    at $Proxy33.addWebDeployment(Unknown Source)
    at
    weblogic.management.configuration.WebServerMBean_CachingStub.addWebDeploymen
    t(WebServerMBean_CachingStub.java:1094)
    at
    weblogic.management.mbeans.custom.DeploymentTarget.addDeployment(DeploymentT
    arget.java:315)
    at
    weblogic.management.mbeans.custom.DeploymentTarget.addDeployments(Deployment
    Target.java:279)
    at
    weblogic.management.mbeans.custom.DeploymentTarget.updateServerDeployments(D
    eploymentTarget.java:233)
    at
    weblogic.management.mbeans.custom.DeploymentTarget.updateDeployments(Deploym
    entTarget.java:193)
    at java.lang.reflect.Method.invoke(Native Method)
    at
    weblogic.management.internal.DynamicMBeanImpl.invokeLocally(DynamicMBeanImpl
    .java:608)
    at
    weblogic.management.internal.DynamicMBeanImpl.invoke(DynamicMBeanImpl.java:5
    92)
    at
    weblogic.management.internal.ConfigurationMBeanImpl.invoke(ConfigurationMBea
    nImpl.java:352)
    at
    com.sun.management.jmx.MBeanServerImpl.invoke(MBeanServerImpl.java:1555)
    at
    com.sun.management.jmx.MBeanServerImpl.invoke(MBeanServerImpl.java:1523)
    at
    weblogic.management.internal.MBeanProxy.invoke(MBeanProxy.java:449)
    at
    weblogic.management.internal.MBeanProxy.invoke(MBeanProxy.java:190)
    at $Proxy32.updateDeployments(Unknown Source)
    at
    weblogic.management.configuration.ServerMBean_CachingStub.updateDeployments(
    ServerMBean_CachingStub.java:2734)
    at
    weblogic.management.mbeans.custom.ApplicationManager.startConfigManager(Appl
    icationManager.java:362)
    at
    weblogic.management.mbeans.custom.ApplicationManager.start(ApplicationManage
    r.java:154)
    at java.lang.reflect.Method.invoke(Native Method)
    at
    weblogic.management.internal.DynamicMBeanImpl.invokeLocally(DynamicMBeanImpl
    .java:608)
    at
    weblogic.management.internal.DynamicMBeanImpl.invoke(DynamicMBeanImpl.java:5
    92)
    at
    weblogic.management.internal.ConfigurationMBeanImpl.invoke(ConfigurationMBea
    nImpl.java:352)
    at
    com.sun.management.jmx.MBeanServerImpl.invoke(MBeanServerImpl.java:1555)
    at
    com.sun.management.jmx.MBeanServerImpl.invoke(MBeanServerImpl.java:1523)
    at
    weblogic.management.internal.MBeanProxy.invoke(MBeanProxy.java:449)
    at
    weblogic.management.internal.MBeanProxy.invoke(MBeanProxy.java:190)
    at $Proxy45.start(Unknown Source)
    at
    weblogic.management.configuration.ApplicationManagerMBean_CachingStub.start(
    ApplicationManagerMBean_CachingStub.java:480)
    at
    weblogic.management.Admin.startApplicationManager(Admin.java:1151)
    at weblogic.management.Admin.finish(Admin.java:570)
    at weblogic.t3.srvr.T3Srvr.start(T3Srvr.java:506)
    at weblogic.t3.srvr.T3Srvr.run(T3Srvr.java:203)
    at weblogic.Server.main(Server.java:35)
    Thanks,
    Jed Zimmer

  • Javax.naming.AuthenticationException.  Root exception is java.lang.SecurityException: Authentication for user system denied in realm weblogic

    We have started getting the above error message in a system that has worked happily
    for the past 6 months or so (and continues to work happily from our disaster recovery
    environment). I should probably add that this occurs when we are attempting to
    write to the database via the connection pool.
    Anyone have any ideas?
    Thanks
    Andrew
    The full stack trace is
    javax.naming.AuthenticationException. Root exception is java.lang.SecurityException:
    Authentication for user system denied in realm weblogic
         <<no stack trace available>>
    31-Jan-02 00:04:41 GMT Warning Adapter RuntimeException
    thrown by rmi server(class com.esure.ibis.a
    ccesslayer.sb.useraccess.UserAccessBeanEOImpl)
    [265127279722
    6064825S:hfxesure17:[7005,7005,7002,7002,7005,7002,-1]:esure
    prdwls/296]: [BaseEJBObject]
    home: com.esure.ibis.accesslaye
    r.sb.useraccess.UserAccessBeanHomeImpl@4b741e
    com.esure.ibis.util.IbisException: NamingException occurred in UserAccess Session
    Bean::validateUser()
         at com.esure.ibis.accesslayer.sb.useraccess.UserAccessBean.validateUser(UserAccessBean.java:192)
         at com.esure.ibis.accesslayer.sb.useraccess.UserAccessBeanImpl.validateUser(UserAccessBeanImpl.java:110)
         at com.esure.ibis.accesslayer.sb.useraccess.UserAccessBeanEOImpl.validateUser(UserAccessBeanEOImpl.java:31)
         at com.esure.ibis.accesslayer.sb.useraccess.UserAccessBeanEOImpl_WLSkel.invoke(UserAccessBeanEOImpl_WLSkel.java:202)
         at weblogic.rmi.internal.BasicServerAdapter.invoke(BasicServerAdapter.java:373)
         at weblogic.rmi.cluster.ReplicaAwareServerRef.invoke(ReplicaAwareServerRef.java:128)
         at weblogic.rmi.internal.BasicServerAdapter.invoke(BasicServerAdapter.java:237)
         at weblogic.rmi.internal.BasicRequestHandler.handleRequest(BasicRequestHandler.java:118)
         at weblogic.rmi.internal.BasicExecuteRequest.execute(BasicExecuteRequest.java:17)
         at weblogic.kernel.ExecuteThread.execute(ExecuteThread.java:137)
         at weblogic.kernel.ExecuteThread.run(ExecuteThread.java:120)

    We have started getting the above error message in a system that has worked happily
    for the past 6 months or so (and continues to work happily from our disaster recovery
    environment). I should probably add that this occurs when we are attempting to
    write to the database via the connection pool.
    Anyone have any ideas?
    Thanks
    Andrew
    The full stack trace is
    javax.naming.AuthenticationException. Root exception is java.lang.SecurityException:
    Authentication for user system denied in realm weblogic
         <<no stack trace available>>
    31-Jan-02 00:04:41 GMT Warning Adapter RuntimeException
    thrown by rmi server(class com.esure.ibis.a
    ccesslayer.sb.useraccess.UserAccessBeanEOImpl)
    [265127279722
    6064825S:hfxesure17:[7005,7005,7002,7002,7005,7002,-1]:esure
    prdwls/296]: [BaseEJBObject]
    home: com.esure.ibis.accesslaye
    r.sb.useraccess.UserAccessBeanHomeImpl@4b741e
    com.esure.ibis.util.IbisException: NamingException occurred in UserAccess Session
    Bean::validateUser()
         at com.esure.ibis.accesslayer.sb.useraccess.UserAccessBean.validateUser(UserAccessBean.java:192)
         at com.esure.ibis.accesslayer.sb.useraccess.UserAccessBeanImpl.validateUser(UserAccessBeanImpl.java:110)
         at com.esure.ibis.accesslayer.sb.useraccess.UserAccessBeanEOImpl.validateUser(UserAccessBeanEOImpl.java:31)
         at com.esure.ibis.accesslayer.sb.useraccess.UserAccessBeanEOImpl_WLSkel.invoke(UserAccessBeanEOImpl_WLSkel.java:202)
         at weblogic.rmi.internal.BasicServerAdapter.invoke(BasicServerAdapter.java:373)
         at weblogic.rmi.cluster.ReplicaAwareServerRef.invoke(ReplicaAwareServerRef.java:128)
         at weblogic.rmi.internal.BasicServerAdapter.invoke(BasicServerAdapter.java:237)
         at weblogic.rmi.internal.BasicRequestHandler.handleRequest(BasicRequestHandler.java:118)
         at weblogic.rmi.internal.BasicExecuteRequest.execute(BasicExecuteRequest.java:17)
         at weblogic.kernel.ExecuteThread.execute(ExecuteThread.java:137)
         at weblogic.kernel.ExecuteThread.run(ExecuteThread.java:120)

  • Oracle9i error - java.lang.SecurityException: ORBSingleton: access denied

    I have installed Oracle 9.2.0.1 on Linux Fedora Core 4 and every time i try to start the Oracle Management Server i get the following error in my oms.nohup log file:
    Error starting Oracle Management Server. ORBSingleton: access denied
    java.lang.SecurityException: ORBSingleton: access denied
    at com.sun.corba.se.internal.corba.ORBSingleton.connect(ORBSingleton.java:309)
    I have seen that a lot of other people have had this error, but i've never seen a solution for it! Thanks in advance for any help =)
    Nick

    Hy Nick,
    I found this:
    Problem was fixed by deinstalling Enterprise Manager components and
    reinstalling them in a dedicated Enterpise Manager ORACLE_HOME.
    and:
    1) Do a fresh install of a complete 9.2.0.1 RDBMS and this should not be on top of a previous home ,
    2) Configure a dedicated listener for just installed 9.2.0.1 database
    listening on physical hostname ,
    3) Run EMCA to configure the OMS on physical hostname, previously configured listener and freshly installed 9.2.0.1 database ,
    4) Check the symbolic links for $ORACLE_HOME/jre/1.1.8/bin/javakey and $ORACLE_HOME/jre/1.1.8/bin/rmi.registry are OK ,
    5) open oemctl file and check whether PATH is set correctly to $ORACLE_HOME/jre/1.1.8/bin .
    regards Dietmar

  • Javax.security.auth.login.Configuration.setConfiguration() fails with  java.lang.SecurityException: No Permission to set the Configuration

    Hi All,
    I have a custom security class (deployed in an application) that uses JAAS
    to login, i have to set the Configuration in my security handler like this
    Configuration.setConfiguration(new MyConfiguration());
    This fails with
    java.lang.SecurityException: No Permission to set the Configuration
    How do i give this class the permission to set configuration???
    Thanks,
    Ako

    nobody knows?

  • Uncaught exception: Static initializer: java/lang/SecurityException

    So i'm trying to compile some code of a small game for Doja.
    The code compiles fine but when i load it in the emulator i get the following eror:
    Uncaught exception java/lang/Error: Static initializer: java/lang/SecurityException.
    Now i haven't seen that before. I looked into it and first i thought there must be some static initializer block in some class but there isn't.
    Now i'm kinda stumped. What else can be the problem?

    A security exception is usually thrown when you try to use some function of the API that you're not allowed to use.
    For example, if the user has not given your application permission to connect to the internet, but you try to do so.
    Sometimes this error can be resolved by turning on the appropriate option in the ADF file.
    Cheers,
    Sam

  • Java.lang.SecurityException while using RDBMSRealm in 5.1

    Hi,
    We are in the process of migrating our application from Weblogic 4.5.1
    to Weblogic 5.1. When we try to set up RdbmsRealm as the delegate realm
    for the server and start the server, we get the following exception:
    java.lang.SecurityException: User "system" does not have Permission
    "read" based on ACL "weblogic.workspace.system".
    at weblogic.security.acl.Security.logAndThrow(Security.java:372)
    at weblogic.security.acl.Security.checkPermission(Security.java:254)
    at
    weblogic.workspace.server.Workspace.checkPermission(Workspace.java:1169)
    at weblogic.workspace.server.Workspace.checkRead(Workspace.java:1174)
    at weblogic.workspace.server.Workspace.fetch(Workspace.java:208)
    at
    weblogic.jdbc.common.internal.ConnectionPool.startup(ConnectionPool.java:243)
    at weblogic.jdbc.common.internal.JdbcInfo.initPools(JdbcInfo.java,
    Compiled Code)
    at weblogic.jdbc.common.internal.JdbcInfo.startup(JdbcInfo.java:200)
    at weblogic.jdbc.common.internal.JdbcStartup.main(JdbcStartup.java:11)
    at java.lang.reflect.Method.invoke(Native Method)
    at weblogic.t3.srvr.StartupThread.runMain(StartupThread.java:219)
    at weblogic.t3.srvr.StartupThread.doWork(StartupThread.java, Compiled
    Code)
    at
    weblogic.t3.srvr.PropertyExecuteThread.run(PropertyExecuteThread.java:62)
    The database has aclentries that grant read, write and reserve
    permissions on weblogic.workspace.system to everyone. It is not clear
    why the server still complains that user 'system' does not have
    permissions. Is 'system' user not a part of everyone group by default? (
    We are using the same acls we were using with Weblogic 4.5.1 ). Does
    'everyone' group have all the users in it by default? Or has it changed?
    Any suggestions welcome.
    Thanks and Regards
    Suresh B

    Either try setting weblogic.allow.read.weblogic.workspace=system
    Or add the system user to the group 'everyone' in the database you use for
    RDBMSRealm (Hmm, not sure if this will work or not.
    If you are implementing a custom realm then you need to explicitly state
    which members are in the 'everyone' group.
    (I've recently had a similar problem . I actually chose a different
    solution, by overriding the isMember(user) method in RDBMSGroup to always
    return true if the group's name is 'everyone' - I had to override the method
    anyway, for other reasons. If anyone as any input on why this is a really
    bad idea please feel free to tell me)
    terry
    BSuresh <[email protected]> wrote in message
    news:[email protected]...
    Hi,
    weblogic.allow.read.weblogic.workspace=everyone
    weblogic.allow.write.weblogic.workspace=everyone
    weblogic.allow.read.weblogic.workspace.system=everyone
    weblogic.allow.write.weblogic.workspace.system=everyone
    I tried having the above entries in the weblogic.properties file but theserver
    complains that weblogic.workspace acl is defined both in the delegate andbackup
    realm. And the result remains the same - java.lang.SecurityException.User
    "system" does not have Permission "read" based on ACL
    "weblogic.workspace.system".
    Thanks
    Suresh.B
    KNK wrote:
    Try setting the "read" and "write" permissions explicitly in
    weblogic.properties file.
    weblogic.allow.read.weblogic.workspace=everyone
    weblogic.allow.write.weblogic.workspace=everyone
    -- KNK --
    A ten thousand miles journey begins with a single step. That single stephas
    to be taken from where you are, worries are no solution to any problem.
    "BSuresh" <[email protected]> wrote in message
    news:[email protected]...
    Hi,
    We are in the process of migrating our application from Weblogic 4.5.1
    to Weblogic 5.1. When we try to set up RdbmsRealm as the delegate
    realm
    for the server and start the server, we get the following exception:
    java.lang.SecurityException: User "system" does not have Permission
    "read" based on ACL "weblogic.workspace.system".
    at weblogic.security.acl.Security.logAndThrow(Security.java:372)
    at weblogic.security.acl.Security.checkPermission(Security.java:254)
    at
    weblogic.workspace.server.Workspace.checkPermission(Workspace.java:1169)
    >>>
    at weblogic.workspace.server.Workspace.checkRead(Workspace.java:1174)
    at weblogic.workspace.server.Workspace.fetch(Workspace.java:208)
    at
    weblogic.jdbc.common.internal.ConnectionPool.startup(ConnectionPool.java:243
    at weblogic.jdbc.common.internal.JdbcInfo.initPools(JdbcInfo.java,
    Compiled Code)
    at weblogic.jdbc.common.internal.JdbcInfo.startup(JdbcInfo.java:200)
    at
    weblogic.jdbc.common.internal.JdbcStartup.main(JdbcStartup.java:11)
    at java.lang.reflect.Method.invoke(Native Method)
    at weblogic.t3.srvr.StartupThread.runMain(StartupThread.java:219)
    at weblogic.t3.srvr.StartupThread.doWork(StartupThread.java, Compiled
    Code)
    at
    weblogic.t3.srvr.PropertyExecuteThread.run(PropertyExecuteThread.java:62)
    >>>
    The database has aclentries that grant read, write and reserve
    permissions on weblogic.workspace.system to everyone. It is not clear
    why the server still complains that user 'system' does not have
    permissions. Is 'system' user not a part of everyone group by default?(
    We are using the same acls we were using with Weblogic 4.5.1 ). Does
    'everyone' group have all the users in it by default? Or has itchanged?
    >>>
    Any suggestions welcome.
    Thanks and Regards
    Suresh B

Maybe you are looking for

  • New iMac 24" 2.8GHz plagued with problems

    I ordered a new iMac 24" 2.8GHz with 2GB RAM, 500GB Hard drive, on September 16th (last day for the academic Adobe CS3 deal, and the iPod deal (but unfortunately too early for me to get Leopard)). Not my first Mac (oh how I love my IIcx), but my firs

  • Smart Cover not working

    My Smart Cover no longer puts my iPad to sleep, any ideas?

  • Multiple Invoices Multiple SO?

    Hi All, I would just like to ask. Can a Sales Order have multiple Invoices? Can an Invoice have multiple Sales Orders? Can there be multiple Configurable Materials in one Sales Order? Thanks and best regards, KLL Message was edited by: KLL

  • Article database

    Hello, I want to develop an article management (users can upload a pdf and input informations about the resource like author, category, year, publisher, ... ). I have a resource and for this resource several customer properties like author, category,

  • Adobe reader multi language installer..

    Is there any adobe reader installer that supports all language?