Java.lang.SecurityException: Unsupported keysize or algorithm parameters
Hi I need urgent help, I am getting below exception while loading trusted certificates from the jks keystore files DemoTrust.jks and cacerts using wls server.
java.lang.SecurityException: Unsupported keysize or algorithm parameters
at javax.crypto.Cipher.init(DashoA12275)
at com.certicom.tls.provider.Cipher.init(Unknown Source)
at com.certicom.tls.ciphersuite.SecurityParameters.createWriteCipher(Unknown Source)
at com.certicom.tls.record.handshake.HandshakeHandler.changeCipherSpec(Unknown Source)
at com.certicom.tls.record.handshake.ClientStateReceivedCertificate.handle(Unknown Source)
at com.certicom.tls.record.handshake.HandshakeHandler.handleHandshakeMessage(Unknown Source)
at com.certicom.tls.record.handshake.HandshakeHandler.handleHandshakeMessages(Unknown Source)
at com.certicom.tls.record.MessageInterpreter.interpretContent(Unknown Source)
at com.certicom.tls.record.MessageInterpreter.decryptMessage(Unknown Source)
at com.certicom.tls.record.ReadHandler.processRecord(Unknown Source)
at com.certicom.tls.record.ReadHandler.readRecord(Unknown Source)
at com.certicom.tls.record.ReadHandler.readUntilHandshakeComplete(Unknown Source)
at com.certicom.tls.interfaceimpl.TLSConnectionImpl.completeHandshake(Unknown Source)
at com.certicom.tls.record.WriteHandler.write(Unknown Source)
at com.certicom.io.OutputSSLIOStreamWrapper.write(Unknown Source)
at java.io.BufferedOutputStream.flushBuffer(BufferedOutputStream.java:66)
at java.io.BufferedOutputStream.flush(BufferedOutputStream.java:124)
at java.io.FilterOutputStream.flush(FilterOutputStream.java:123)
at weblogic.net.http.HttpURLConnection.writeRequests(HttpURLConnection.java:122)
at weblogic.net.http.HttpURLConnection.getInputStream(HttpURLConnection.java:322)
at weblogic.net.http.SOAPHttpsURLConnection.getInputStream(SOAPHttpsURLConnection.java:29)
at weblogic.net.http.HttpURLConnection.getHeaderField(HttpURLConnection.java:594)
at java.net.HttpURLConnection.getHeaderFieldDate(HttpURLConnection.java:343)
at java.net.URLConnection.getLastModified(URLConnection.java:429)
at com.cramer.core.framework.serviceimpl.ImageServiceImpl.getURLImage(ImageServiceImpl.java:269)
at com.cramer.core.framework.serviceimpl.ImageServiceImpl.getImages(ImageServiceImpl.java:224)
at com.cramer.core.framework.serviceimpl.ImageServiceImpl.getGraphicsCacheData(ImageServiceImpl.java:634)
at sun.reflect.GeneratedMethodAccessor1067.invoke(Unknown Source)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
at java.lang.reflect.Method.invoke(Method.java:324)
at org.apache.axis.providers.java.RPCProvider.invokeMethod(RPCProvider.java:397)
at org.apache.axis.providers.java.RPCProvider.processMessage(RPCProvider.java:186)
at org.apache.axis.providers.java.JavaProvider.invoke(JavaProvider.java:323)
at org.apache.axis.strategies.InvocationStrategy.visit(InvocationStrategy.java:32)
at org.apache.axis.SimpleChain.doVisiting(SimpleChain.java:118)
at org.apache.axis.SimpleChain.invoke(SimpleChain.java:83)
at org.apache.axis.handlers.soap.SOAPService.invoke(SOAPService.java:453)
at org.apache.axis.server.AxisServer.invoke(AxisServer.java:281)
at org.apache.axis.transport.http.AxisServlet.doPost(AxisServlet.java:699)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:760)
at org.apache.axis.transport.http.AxisServletBase.service(AxisServletBase.java:327)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:853)
at weblogic.servlet.internal.ServletStubImpl$ServletInvocationAction.run(ServletStubImpl.java:1072)
at weblogic.servlet.internal.ServletStubImpl.invokeServlet(ServletStubImpl.java:465)
at weblogic.servlet.internal.TailFilter.doFilter(TailFilter.java:28)
at weblogic.servlet.internal.FilterChainImpl.doFilter(FilterChainImpl.java:27)
at com.cramer.core.sso.ApplicationFilter.doFilter(Unknown Source)
at weblogic.servlet.internal.FilterChainImpl.doFilter(FilterChainImpl.java:27)
at com.cramer.core.framework.serviceimpl.ClientAddressFilter.doFilter(ClientAddressFilter.java:62)
at weblogic.servlet.internal.FilterChainImpl.doFilter(FilterChainImpl.java:27)
at weblogic.servlet.internal.WebAppServletContext$ServletInvocationAction.run(WebAppServletContext.java:6987)
at weblogic.security.acl.internal.AuthenticatedSubject.doAs(AuthenticatedSubject.java:321)
at weblogic.security.service.SecurityManager.runAs(SecurityManager.java:121)
at weblogic.servlet.internal.WebAppServletContext.invokeServlet(WebAppServletContext.java:3892)
at weblogic.servlet.internal.ServletRequestImpl.execute(ServletRequestImpl.java:2766)
at weblogic.kernel.ExecuteThread.execute(ExecuteThread.java:224)
at weblogic.kernel.ExecuteThread.run(ExecuteThread.java:183)
Pls help , Thanks is Advance !!!
HI
I tried with replacing the jar with unlimited strength stuff but it didn't work for me , i got "class not found" Exception after that.
but one point i bring in to notice that i come accross this Error when try to loading trusted certificates
<Mar 6, 2012 3:26:22 PM EST> <Notice> <Security> <BEA-090169> <Loading trusted certificates from the jks keystore file /appl/bea/wls81sp5/weblogic81/server/lib/DemoTrust.jks.>
<Mar 6, 2012 3:26:22 PM EST> <Notice> <Security> <BEA-090169> <Loading trusted certificates from the jks keystore file /appl/j2sdk1.4.2_17/jre/lib/security/cacerts.>
java.lang.SecurityException: Unsupported keysize or algorithm parameters
at javax.crypto.Cipher.init(DashoA12275)
at com.certicom.tls.provider.Cipher.init(Unknown Source)
at com.certicom.tls.ciphersuite.SecurityParameters.createWriteCipher(Unknown Source)
at com.certicom.tls.record.handshake.HandshakeHandler.changeCipherSpec(Unknown Source)
at com.certicom.tls.record.handshake.ClientStateReceivedCertificate.handle(Unknown Source)
at com.certicom.tls.record.handshake.HandshakeHandler.handleHandshakeMessage(Unknown Source)
at com.certicom.tls.record.handshake.HandshakeHandler.handleHandshakeMessages(Unknown Source)
at com.certicom.tls.record.MessageInterpreter.interpretContent(Unknown Source)
at com.certicom.tls.record.MessageInterpreter.decryptMessage(Unknown Source)
at com.certicom.tls.record.ReadHandler.processRecord(Unknown Source)
at com.certicom.tls.record.ReadHandler.readRecord(Unknown Source)
at com.certicom.tls.record.ReadHandler.readUntilHandshakeComplete(Unknown Source)
at com.certicom.tls.interfaceimpl.TLSConnectionImpl.completeHandshake(Unknown Source)
at com.certicom.tls.record.WriteHandler.write(Unknown Source)
at com.certicom.io.OutputSSLIOStreamWrapper.write(Unknown Source)
at java.io.BufferedOutputStream.flushBuffer(BufferedOutputStream.java:66)
at java.io.BufferedOutputStream.flush(BufferedOutputStream.java:124)
at java.io.FilterOutputStream.flush(FilterOutputStream.java:123)
at weblogic.net.http.HttpURLConnection.writeRequests(HttpURLConnection.java:122)
at weblogic.net.http.HttpURLConnection.getInputStream(HttpURLConnection.java:322)
at weblogic.net.http.SOAPHttpsURLConnection.getInputStream(SOAPHttpsURLConnection.java:29)
at weblogic.net.http.HttpURLConnection.getHeaderField(HttpURLConnection.java:594)
at java.net.HttpURLConnection.getHeaderFieldDate(HttpURLConnection.java:343)
at java.net.URLConnection.getLastModified(URLConnection.java:429)
Similar Messages
-
Hi guys!
I need to enable encryption in Seeburger AS2 adapter, however, I get followng error.
Error type: COMPONENT_ERROR,NOT_TRANSMITTED >> Error date: 9/26/07 11:41 AM >> Description: AS2 Adapter failure java.lang.Exception: AS2 message composition failed: java.lang.SecurityException: Unsupported keysize or algorithm parameters com.seeburger.as2.AS2Plugin.execute(AS2Plugin.java:321) [9/26/07 11:41 AM]
Certificate is imported correctly to Java WEB AS.
Any ideas, what's wrong?
Thanx a lot! PeterHi Peter
Check if this link can help u
ID21108:java.lang.security EXception, Unsupported Key Size
Reward points if helpfull.... -
Hi,
When I try to start up the WebLogic server by running a startup script
in the WebLogic server root directory, I am getting the following
error:
<Apr 23, 2003 1:15:11 PM EDT> <Critical> <WebLogicServer> <000364>
<Server failed during initialization.
Exception:java.lang.SecurityException: Authentication denied: Boot
identity not valid
java.lang.SecurityException: Authentication denied: Boot identity not
valid
at weblogic.security.service.SecurityServiceManager.doBootAuthorization(SecurityServiceManager.java:1074)
at weblogic.security.service.SecurityServiceManager.initialize(SecurityServiceManager.java:1216)
at weblogic.t3.srvr.T3Srvr.initialize1(T3Srvr.java:723)
at weblogic.t3.srvr.T3Srvr.initialize(T3Srvr.java:594)
at weblogic.t3.srvr.T3Srvr.run(T3Srvr.java:282)
at weblogic.Server.main(Server.java:32)
>
<Apr 23, 2003 1:15:11 PM EDT> <Emergency> <WebLogicServer> <000342>
<Unable to initialize the server: Fatal initialization exception
Throwable: java.lang.SecurityException: Authentication denied: Boot
identity not valid
java.lang.SecurityException: Authentication denied: Boot identity not
valid
at weblogic.security.service.SecurityServiceManager.doBootAuthorization(SecurityServiceManager.java:1074)
at weblogic.security.service.SecurityServiceManager.initialize(SecurityServiceManager.java:1216)
at weblogic.t3.srvr.T3Srvr.initialize1(T3Srvr.java:723)
at weblogic.t3.srvr.T3Srvr.initialize(T3Srvr.java:594)
at weblogic.t3.srvr.T3Srvr.run(T3Srvr.java:282)
at weblogic.Server.main(Server.java:32)
>
The WebLogic Server did not start up properly.
Exception raised:
java.lang.SecurityException: Authentication denied: Boot identity not
valid
at weblogic.security.service.SecurityServiceManager.doBootAuthorization(SecurityServiceManager.java:1074)
at weblogic.security.service.SecurityServiceManager.initialize(SecurityServiceManager.java:1216)
at weblogic.t3.srvr.T3Srvr.initialize1(T3Srvr.java:723)
at weblogic.t3.srvr.T3Srvr.initialize(T3Srvr.java:594)
at weblogic.t3.srvr.T3Srvr.run(T3Srvr.java:282)
at weblogic.Server.main(Server.java:32)
Reason: Fatal initialization exception
Throwable: java.lang.SecurityException: Authentication denied: Boot
identity not valid
java.lang.SecurityException: Authentication denied: Boot identity not
valid
at weblogic.security.service.SecurityServiceManager.doBootAuthorization(SecurityServiceManager.java:1074)
at weblogic.security.service.SecurityServiceManager.initialize(SecurityServiceManager.java:1216)
at weblogic.t3.srvr.T3Srvr.initialize1(T3Srvr.java:723)
at weblogic.t3.srvr.T3Srvr.initialize(T3Srvr.java:594)
at weblogic.t3.srvr.T3Srvr.run(T3Srvr.java:282)
at weblogic.Server.main(Server.java:32)
I am also pasting below the source code of the startup script that I
am using to start WebLogic server:
#!/bin/sh
# This script is used to start WebLogic Server.
# To create your own start script for your domain, simply set the
SERVER_NAME
# variable to your server name then call this script from your domain
# directory.
# This script sets the following variables before starting WebLogic
Server:
# WL_HOME - The root directory of your WebLogic installation
# JAVA_HOME - Location of the version of Java used to start
WebLogic
# Server. This variable must point to the root
directory of a
# JDK installation and will be set for you by the
installer.
# See the WebLogic platform support page
# (http://e-docs.bea.com/wls/platforms/index.html)
for an up-to-date list of
# supported JVMs on your platform.
# PATH - Adds the JDK and WebLogic directories to the system
path.
# CLASSPATH - Adds the JDK and WebLogic jars to the classpath.
# JAVA_OPTIONS - Java command-line options for running the server.
# Other variables that startWLS takes are:
# ADMIN_URL - If this variable is set, the server started will be
a
# managed server, and will look to the url specified
(i.e.
# http://localhost:7001) as the admin server.
# WLS_USER - Admin username for server startup
# WLS_PW - Cleartext password for server startup
# STARTMODE - Set to true for production mode servers, false for
# development mode
# JAVA_OPTIONS - Java command-line options for running the server.
(These
# will be tagged on to the end of the JAVA_VM and
MEM_ARGS)
# JAVA_VM - The java arg specifying the VM to run. (i.e.
-server,
# -hotspot, etc.)
# MEM_ARGS - The variable to override the standard memory
arguments
# passed to java
# PRE_CLASSPATH - Path style variable to be added to the beginning of
the
# CLASSPATH
# POST_CLASSPATH - Path style variable to be added to the end of the
# CLASSPATH
# PRE_PATH - Path style variable to be added to the beginning of
the
# PATH
# POST_PATH - Path style variable to be added to the end of the
PATH
# Alternately, this script will take the first two positional
parameters and
# set them to SERVER_NAME and ADMIN_URL. For instance, you could call
this
# script: "sh startWLS.sh myserver http://localhost:7001" to start a
# managed server named myserver, or just "sh startWLS.sh myserver"
# to start a server named myserver.
# jDriver for Oracle users: This script assumes that native libraries
required
# for jDriver for Oracle have been installed in the proper location
and that
# your os specific library path variable (i.e.
LD_LIBRARY_PATH/solaris,
# SHLIB_PATH/hpux, etc...) has been set appropriately. Also note that
this
# script defaults to the oci817_8 version of the shared libraries. If
this is
# not the version you need, please adjust the library path variable
# accordingly.
# For additional information, refer to the WebLogic Server
Administration Guide
# (http://e-docs.bea.com/wls/docs70/adminguide/startstop.html).
WL_HOME="/usr/local/bea/weblogic700"
JAVA_HOME="/usr/local/bea/jdk131_06"
. ${WL_HOME}/common/bin/commEnv.sh
# Check that the WebLogic classes are where we expect them to be
if [ ! -f "${WL_HOME}/server/lib/weblogic.jar" ]; then
echo
echo "The WebLogic Server wasn't found in directory
${WL_HOME}/server."
echo "Please edit your script so that the WL_HOME variable points"
echo "to the WebLogic installation directory."
# Check that java is where we expect it to be
elif [ ! -d "${JAVA_HOME}/bin" ]; then
echo
echo "The JDK wasn't found in directory ${JAVA_HOME}."
echo "Please edit your script so that the JAVA_HOME variable"
echo "points to the location of your JDK."
else
# Grab some file descriptors.
if [ ! -n "`uname -s |grep -i cygwin || uname -s |grep -i windows_nt`"
]; then
maxfiles=`ulimit -H -n`
if [ !$? -a "${maxfiles}" != 1024 ]; then
if [ "${maxfiles}" = "unlimited" ]; then
maxfiles=1025
fi
if [ "${maxfiles}" -lt 1024 ]; then
ulimit -n ${maxfiles}
else
ulimit -n 1024
fi
fi
fi
# Set first two positional parameters to SERVER_NAME and ADMIN_URL
if [ -n "${1}" -a "${SERVER_NAME}" = "" ]; then
SERVER_NAME="${1}"
fi
if [ -n "${2}" -a "${ADMIN_URL}" = "" ]; then
ADMIN_URL="${2}"
fi
# Figure out how to use our shared libraries
case `uname -s` in
AIX)
if [ -n "${LIBPATH}" ]; then
LIBPATH="${LIBPATH}:${WL_HOME}/server/lib/aix:${WL_HOME}/server/lib/aix/oci817_8"
else
LIBPATH="${WL_HOME}/server/lib/aix:${WL_HOME}/server/lib/aix/oci817_8"
fi
PATH="${WL_HOME}/server/lib/aix:${PATH}"
export LIBPATH PATH
export AIXTHREAD_SCOPE=S
export AIXTHREAD_MUTEX_DEBUG=OFF
export AIXTHREAD_RWLOCK_DEBUG=OFF
export AIXTHREAD_COND_DEBUG=OFF
echo "LIBPATH=${LIBPATH}"
HP-UX)
if [ -n "${SHLIB_PATH}" ]; then
SHLIB_PATH="${SHLIB_PATH}:${WL_HOME}/server/lib/hpux11:${WL_HOME}/server/lib/hpux11/oci817_8"
else
SHLIB_PATH="${WL_HOME}/server/lib/hpux11:${WL_HOME}/server/lib/hpux11/oci817_8"
fi
PATH="${WL_HOME}/server/lib/hpux11:${PATH}"
export SHLIB_PATH PATH
echo "SHLIB_PATH=${SHLIB_PATH}"
IRIX)
if [ -n "${LD_LIBRARY_PATH}" ]; then
LD_LIBRARY_PATH="${LD_LIBRARY_PATH}:${WL_HOME}/server/lib/irix"
else
LD_LIBRARY_PATH="${WL_HOME}/server/lib/irix"
fi
PATH="${WL_HOME}/server/lib/irix:${PATH}"
export LD_LIBRARY_PATH PATH
echo "LD_LIBRARY_PATH=${LD_LIBRARY_PATH}"
LINUX|Linux)
arch=`uname -m`
if [ -n "${LD_LIBRARY_PATH}" ]; then
LD_LIBRARY_PATH="${LD_LIBRARY_PATH}:${WL_HOME}/server/lib/linux/${arch}:${WL_HOME}/server/lib/linux/${arch}/oci817_8"
else
LD_LIBRARY_PATH="${WL_HOME}/server/lib/linux/${arch}:${WL_HOME}/server/lib/linux/${arch}/oci817_8"
fi
PATH="${WL_HOME}/server/lib/linux:${PATH}"
export LD_LIBRARY_PATH PATH
echo "LD_LIBRARY_PATH=${LD_LIBRARY_PATH}"
OSF1)
if [ -n "${LD_LIBRARY_PATH}" ]; then
LD_LIBRARY_PATH="${LD_LIBRARY_PATH}:${WL_HOME}/server/lib/tru64unix"
else
LD_LIBRARY_PATH="${WL_HOME}/server/lib/tru64unix"
fi
PATH="${WL_HOME}/server/lib/tru64unix:${PATH}"
export LD_LIBRARY_PATH PATH
echo "LD_LIBRARY_PATH=${LD_LIBRARY_PATH}"
SunOS)
if [ -n "${LD_LIBRARY_PATH}" ]; then
LD_LIBRARY_PATH="${LD_LIBRARY_PATH}:${WL_HOME}/server/lib/solaris:${WL_HOME}/server/lib/solaris/oci817_8"
else
LD_LIBRARY_PATH="${WL_HOME}/server/lib/solaris:${WL_HOME}/server/lib/solaris/oci817_8"
fi
PATH="${WL_HOME}/server/lib/solaris:${PATH}"
export LD_LIBRARY_PATH PATH
echo "LD_LIBRARY_PATH=${LD_LIBRARY_PATH}"
if [ "${JAVA_VM}" = "" ]
then
# JAVA_VM=-server
JAVA_VM=${COMM_SERVER_VM}
fi
Windows_NT*)
if [ "${JAVA_VM}" = "" ]
then
# JAVA_VM=-hotspot
JAVA_VM=${COMM_VM}
fi
PATHSEP=\;
CLASSPATHSEP=\;
CYGWIN*)
if [ "${JAVA_VM}" = "" ]
then
# JAVA_VM=-hotspot
JAVA_VM=${COMM_VM}
fi
CLASSPATHSEP=\;
echo "$0: Don't know how to set the shared library path for `uname
-s`. "
esac
if [ "${MEM_ARGS}" = "" ]
then
MEM_ARGS="-Xms32m -Xmx200m"
fi
if [ "${PATHSEP}" = "" ]; then
PATHSEP=:
fi
if [ "${CLASSPATHSEP}" = "" ]; then
CLASSPATHSEP=:
fi
CLASSPATH="${JAVA_HOME}/lib/tools.jar${CLASSPATHSEP}${WL_HOME}/server${CLASSPATHSEP}${WL_HOME}/server/lib/weblogic_sp.jar${CLASSPATHSEP}${WL_H
OME}/server/lib/weblogic.jar${CLASSPATHSEP}${CLASSPATH}"
# If we are on an old version of Cygnus we need to turn <letter>:/ in
the path
# to //<letter>/
if [ `uname -s` = "CYGWIN32/NT" ]; then
WL_HOME=`echo $WL_HOME | sed "s#\([a-zA-Z]\):#//\1#g"`
JAVA_HOME=`echo $JAVA_HOME | sed "s#\([a-zA-Z]\):#//\1#g"`
fi
# If we are on an new version of Cygnus we need to turn <letter>:/ in
the path
# to /cygdrive/<letter>/
if [ -n "`uname -s |grep -i cygwin_`" ]; then
WL_HOME=`echo $WL_HOME | sed "s#\([a-zA-Z]\):#/cygdrive/\1#g"`
JAVA_HOME=`echo $JAVA_HOME | sed "s#\([a-zA-Z]\):#/cygdrive/\1#g"`
fi
PATH=".${PATHSEP}${WL_HOME}/server/bin${PATHSEP}${JAVA_HOME}/jre/bin${PATHSEP}${JAVA_HOME}/bin${PATHSEP}${PATH}"
# Import extended environment
if [ -f extEnv.sh ]; then
. extEnv.sh
fi
if [ ! -z "${EXT_PRE_CLASSPATH}" ]; then
CLASSPATH="${EXT_PRE_CLASSPATH}${CLASSPATHSEP}${CLASSPATH}"
fi
if [ ! -z "${EXT_POST_CLASSPATH}" ]; then
CLASSPATH="${CLASSPATH}${CLASSPATHSEP}${EXT_POST_CLASSPATH}"
fi
if [ ! -z "${EXT_PRE_PATH}" ]; then
PATH="${EXT_PRE_PATH}${PATHSEP}${PATH}"
fi
if [ ! -z "${EXT_POST_PATH}" ]; then
PATH="${PATH}${PATHSEP}${EXT_POST_PATH}"
fi
# Get PRE and POST environment
if [ ! -z "${PRE_CLASSPATH}" ]; then
CLASSPATH="${PRE_CLASSPATH}${CLASSPATHSEP}${CLASSPATH}"
fi
if [ ! -z "${POST_CLASSPATH}" ]; then
CLASSPATH="${CLASSPATH}${CLASSPATHSEP}${POST_CLASSPATH}"
fi
if [ ! -z "${PRE_PATH}" ]; then
PATH="${PRE_PATH}${PATHSEP}${PATH}"
fi
if [ ! -z "${POST_PATH}" ]; then
PATH="${PATH}${PATHSEP}${POST_PATH}"
fi
echo CLASSPATH=${CLASSPATH}
echo
echo PATH=${PATH}
echo
echo "***************************************************"
echo "* To start WebLogic Server, use a username and *"
echo "* password assigned to an admin-level user. For *"
echo "* server administration, use the WebLogic Server *"
echo "* console at http://<hostname>:<port>/console *"
echo "***************************************************"
if [ "$ADMIN_URL" != "" ]
then
set -x
"${JAVA_HOME}/bin/java" ${JAVA_VM} ${MEM_ARGS} ${JAVA_OPTIONS}
-classpath "${CLASSPATH}" -Dweblogic.Name=${SERVER_NAME}
-Dbea.home="/usr/local
/bea" -Dweblogic.management.username=${WLS_USER}
-Dweblogic.management.password=${WLS_PW}
-Dweblogic.management.server=${ADMIN_URL} -Dweblogic
.ProductionModeEnabled=${STARTMODE}
-Djava.security.policy="${WL_HOME}/server/lib/weblogic.policy"
weblogic.Server
else
set -x
"${JAVA_HOME}/bin/java" ${JAVA_VM} ${MEM_ARGS} ${JAVA_OPTIONS}
-classpath "${CLASSPATH}" -Dweblogic.Name=${SERVER_NAME}
-Dbea.home="/usr/local
/bea" -Dweblogic.management.username=${WLS_USER}
-Dweblogic.management.password=${WLS_PW}
-Dweblogic.ProductionModeEnabled=${STARTMODE} -Djava
.security.policy="${WL_HOME}/server/lib/weblogic.policy"
weblogic.Server
fi
set +x
fi
--------------END OF SCRIPT----------
So can you please look at the exception and the above-pasted source
code of the startup script file and let me know what needs to be done
to fix the error?
Thanks,
KalpanaSenthil,
What may have happened is that the boot identity (e.g., the "weblogic" user) is no longer in the realm. Or, you added a second authenticator which has a Control Flag of Required but the weblogic user cannot be found there.
If it's the first scenario, add the weblogic user (and his inclusion in the Administrators group) to the data store for your authenticator.
If it's the second scenario, you need to change the Control Flag to something less drastic such as Sufficient. In this case, you can't make the change in WebLogic Console since you can't boot your server. Have a look in config.xml and see if your newly created authenticator is listed there. If it is, change the Control Flag and try to reboot the server.
Otherwise, copy config.xml.booted to config.xml and start your server. You'll have to re-do your security realm changes, though.
HTH,
Mike -
Java.lang.SecurityException: Jurisdiction policy files are not signed by t
Hi
*I am installing ECC6 onAIX 6.1 with oarcle 10g.*
*I am getting error in create secure store*
*Policy and security files are ok,*
aused by: java.lang.ExceptionInInitializerError
at java.lang.J9VMInternals.initialize(J9VMInternals.java:218)
at javax.crypto.Cipher.a(Unknown Source)
at javax.crypto.Cipher.getInstance(Unknown Source)
at iaik.security.provider.IAIK.a(Unknown Source)
at iaik.security.provider.IAIK.addAsJDK14Provider(Unknown Source)
at iaik.security.provider.IAIK.addAsJDK14Provider(Unknown Source)
at com.sap.security.core.server.secstorefs.Crypt.<clinit>(Crypt.java:82)
at java.lang.J9VMInternals.initializeImpl(Native Method)
at java.lang.J9VMInternals.initialize(J9VMInternals.java:196)
at com.sap.security.core.server.secstorefs.SecStoreFS.setSID(SecStoreFS.java:158)
at com.sap.security.core.server.secstorefs.SecStoreFS.handleCreate(SecStoreFS.java:804)
at com.sap.security.core.server.secstorefs.SecStoreFS.main(SecStoreFS.java:1274)
... 6 more
Caused by: java.lang.SecurityException: Cannot set up certs for trusted CAs
at javax.crypto.b.<clinit>(Unknown Source)
at java.lang.J9VMInternals.initializeImpl(Native Method)
at java.lang.J9VMInternals.initialize(J9VMInternals.java:196)
... 17 more
Caused by: java.lang.SecurityException: Jurisdiction policy files are not signed by trusted signers!
at javax.crypto.b.a(Unknown Source)
at javax.crypto.b.a(Unknown Source)
at javax.crypto.b.access$600(Unknown Source)
at javax.crypto.b$0.run(Unknown Source)
at java.security.AccessController.doPrivileged(AccessController.java:246)
... 20 more
ERROR 2009-07-07 14:10:47.063
CJSlibModule::writeError_impl()
CJS-30050 Cannot create the secure store. SOLUTION: See output of log file SecureStoreCreate.log:
SAP Secure Store in the File System - Copyright (c) 2003 SAP AG
java.lang.reflect.InvocationTargetException
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:88)
at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:61)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:60)
at java.lang.reflect.Method.invoke(Method.java:391)
at com.sap.engine.offline.OfflineToolStart.main(OfflineToolStart.java:81)
Caused by: java.lang.ExceptionInInitializerError
at java.lang.J9VMInternals.initialize(J9VMInternals.java:218)
at javax.crypto.Cipher.a(Unknown Source)
at javax.crypto.Cipher.getInstance(Unknown Source)
at iaik.security.provider.IAIK.a(Unknown Source)
at iaik.security.provider.IAIK.addAsJDK14Provider(Unknown Source)
at iaik.security.provider.IAIK.addAsJDK14Provider(Unknown Source)
at com.sap.security.core.server.secstorefs.Crypt.<clinit>(Crypt.java:82)
at java.lang.J9VMInternals.initializeImpl(Native Method)
at java.lang.J9VMInternals.initialize(J9VMInternals.java:196)
at com.sap.security.core.server.secstorefs.SecStoreFS.setSID(SecStoreFS.java:158)
at com.sap.security.core.server.secstorefs.SecStoreFS.handleCreate(SecStoreFS.java:804)
at com.sap.security.core.server.secstorefs.SecStoreFS.main(SecStoreFS.java:1274)
... 6 more
Caused by: java.lang.SecurityException: Cannot set up certs for trusted CAs
at javax.crypto.b.<clinit>(Unknown Source)
at java.lang.J9VMInternals.initializeImpl(Native Method)
at java.lang.J9VMInternals.initialize(J9VMInternals.java:196)
... 17 more
Caused by: java.lang.SecurityException: Jurisdiction policy files are not signed by trusted signers!
at javax.crypto.b.a(Unknown Source)
at javax.crypto.b.a(Unknown Source)
at javax.crypto.b.access$600(Unknown Source)
at javax.crypto.b$0.run(Unknown Source)
at java.security.AccessController.doPrivileged(AccessController.java:246)
... 20 more.
ERROR 2009-07-07 14:10:47.547 [sixxcstepexecute.cpp:960]
FCO-00011 The step createSecureStore with step key |NW_Onehost|ind|ind|ind|ind|0|0|NW_Onehost_System|ind|ind|ind|ind|2|0|NW_CreateDBandLoad|ind|ind|ind|ind|10|0|NW_SecureStore|ind|ind|ind|ind|8|0|createSecureStore was executed with status ERROR ( Last error reported by the step :Cannot create the secure store. SOLUTION: See output of log file SecureStoreCreate.log:
SAP Secure Store in the File System - Copyright (c) 2003 SAP AG
java.lang.reflect.InvocationTargetException
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:88)
at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:61)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:60)
at java.lang.reflect.Method.invoke(Method.java:391)
at com.sap.engine.offline.OfflineToolStart.main(OfflineToolStart.java:81)
Caused by: java.lang.ExceptionInInitializerError
at java.lang.J9VMInternals.initialize(J9VMInternals.java:218)
at javax.crypto.Cipher.a(Unknown Source)
at javax.crypto.Cipher.getInstance(Unknown Source)
at iaik.security.provider.IAIK.a(Unknown Source)
at iaik.security.provider.IAIK.addAsJDK14Provider(Unknown Source)
at iaik.security.provider.IAIK.addAsJDK14Provider(Unknown Source)
at com.sap.security.core.server.secstorefs.Crypt.<clinit>(Crypt.java:82)
at java.lang.J9VMInternals.initializeImpl(Native Method)
at java.lang.J9VMInternals.initialize(J9VMInternals.java:196)
at com.sap.security.core.server.secstorefs.SecStoreFS.setSID(SecStoreFS.java:158)
at com.sap.security.core.server.secstorefs.SecStoreFS.handleCreate(SecStoreFS.java:804)
at com.sap.security.core.server.secstorefs.SecStoreFS.main(SecStoreFS.java:1274)
... 6 more
Caused by: java.lang.SecurityException: Cannot set up certs for trusted CAs
at javax.crypto.b.<clinit>(Unknown Source)
at java.lang.J9VMInternals.initializeImpl(Native Method)
at java.lang.J9VMInternals.initialize(J9VMInternals.java:196)
... 17 more
Caused by: java.lang.SecurityException: Jurisdiction policy files are not signed by trusted signers!
at javax.crypto.b.a(Unknown Source)
at javax.crypto.b.a(Unknown Source)
at javax.crypto.b.access$600(Unknown Source)
at javax.crypto.b$0.run(Unknown Source)
at java.security.AccessController.doPrivileged(AccessController.java:246)
... 20 more.).
what could be the problem ?
Please give me the soluation
regards
VijayDear Juan
You are correct.
I downloaded correct file from IBM site , and Create Secure store step completed but innext step IMPORT JAVA DUMP
it gave error
n error occurred while processing service SAP ERP 6.0 Support Release 3 > SAP Systems > Oracle > Central System > Central System( Last error reported by the step : Execution of JLoad tool '/usr/java14_64/bin/java -classpath /swdump/tmpinst/sapinst_instdir/ERP/SYSTEM/ORA/CENTRAL/AS/install/sharedlib/launcher.jar -showversion -Xmx512m -Xj9 com.sap.engine.offline.OfflineToolStart com.sap.inst.jload.Jload /swdump/tmpinst/sapinst_instdir/ERP/SYSTEM/ORA/CENTRAL/AS/install/lib/iaik_jce.jar:/swdump/tmpinst/sapinst_instdir/ERP/SYSTEM/ORA/CENTRAL/AS/install/sharedlib/jload.jar:/swdump/tmpinst/sapinst_instdir/ERP/SYSTEM/ORA/CENTRAL/AS/install/sharedlib/antlr.jar:/swdump/tmpinst/sapinst_instdir/ERP/SYSTEM/ORA/CENTRAL/AS/install/sharedlib/exception.jar:/swdump/tmpinst/sapinst_instdir/ERP/SYSTEM/ORA/CENTRAL/AS/install/sharedlib/jddi.jar:/swdump/tmpinst/sapinst_instdir/ERP/SYSTEM/ORA/CENTRAL/AS/install/sharedlib/logging.jar:/swdump/tmpinst/sapinst_instdir/ERP/SYSTEM/ORA/CENTRAL/AS/install/sharedlib/offlineconfiguration.jar:/swdump/tmpinst/sapinst_instdir/ERP/SYSTEM/ORA/CENTRAL/AS/install/sharedlib/opensqlsta.jar:/swdump/tmpinst/sapinst_instdir/ERP/SYSTEM/ORA/CENTRAL/AS/install/sharedlib/tc_sec_secstorefs.jar:/oracle/client/10x_64/instantclient/ojdbc14.jar -sec AGQ,jdbc/pool/AGQ,/usr/sap/AGQ/SYS/global/security/data/SecStore.properties,/usr/sap/AGQ/SYS/global/security/data/SecStore.key -dataDir /swdump/NW7.0_SR3_JAVA_COMP_51033513/DATA_UNITS/JAVA_EXPORT_JDMP -job /swdump/tmpinst/sapinst_instdir/ERP/SYSTEM/ORA/CENTRAL/AS/IMPORT.XML -log jload.log' aborts with return code 1. SOLUTION: Check 'jload.log' and '/swdump/tmpinst/sapinst_instdir/ERP/SYSTEM/ORA/CENTRAL/AS/jload.java.log' for more information.
regards
vijjay -
Java.lang.SecurityException: while starting weblogic server
Hi,
I added a admin server on m/c 1 and a remote managed server on m/c 2. When i tried to start the admin server and the managed server and ping it using jmx, it get the following security error:
Any help regd. this would be appreciated.
Thanks,
beauser2005
<Oct 29, 2004 2:14:38 PM PDT> <Warning> <RMI> <BEA-080003> <RuntimeException thrown by rmi server: weblogic.rmi.internal.BasicServerRef@10c - hostID: '-833462563406253632S:172.20.30.37:[7001,7001,-1,-1,7001,-1,-1,0,0]:mydomain10:myserver10', oid: '268', implementation: 'weblogic.management.internal.RemoteMBeanServerImpl@191f022'
java.lang.SecurityException: [Security:090398]Invalid Subject: principals=[weblogic, Administrators].
java.lang.SecurityException: [Security:090398]Invalid Subject: principals=[weblogic, Administrators]
at weblogic.security.service.SecurityServiceManager.seal(SecurityServiceManager.java:680)
at weblogic.rjvm.MsgAbbrevInputStream.getSubject(MsgAbbrevInputStream.java:187)
at weblogic.rmi.internal.BasicServerRef.acceptRequest(BasicServerRef.java:827)
at weblogic.rmi.internal.BasicServerRef.dispatch(BasicServerRef.java:300)
at weblogic.rjvm.RJVMImpl.dispatchRequest(RJVMImpl.java:996)
at weblogic.rjvm.RJVMImpl.dispatch(RJVMImpl.java:917)
at weblogic.rjvm.ConnectionManagerServer.handleRJVM(ConnectionManagerServer.java:225)
at weblogic.rjvm.ConnectionManager.dispatch(ConnectionManager.java:794)
at weblogic.rjvm.t3.T3JVMConnection.dispatch(T3JVMConnection.java:742)
at weblogic.socket.NTSocketMuxer.processSockets(NTSocketMuxer.java:105)
at weblogic.socket.SocketReaderRequest.execute(SocketReaderRequest.java:32)
at weblogic.kernel.ExecuteThread.execute(ExecuteThread.java:219)
at weblogic.kernel.ExecuteThread.run(ExecuteThread.java:178)was able to solve this
there was corruption of reports config file -
Java.lang.SecurityException using a simple jar file
I created my small application using JDev 11.
Running from JDev it works well.
I created a simple jar file including all my classes and all libraries I used.
Whe I try to run that jar file I get :
java.lang.SecurityException: no manifiest section for signature file entry javax/mail/internet/AsciiOutputStream.classI didn't find any solution.
I worked hardly with JDev 10g but I never had such problem.
Tks
Tullio
Edited by: tullio0106 on Nov 25, 2008 2:22 PMI simply created a project containing some classes whish use java mail.
Then I modified the project creating, in the deployment wizard, a "Dependency Analysis" filegroup adding all my classes as well as libraries.
I uncheck the "Include Manifest" chek otherwise I would run into different problems (well documented in the forum).
The jar file is created but when I run the application I get the Security error.
If I remove java mail libraries (activation and java mail)from the list of used libraries and I add it to classpath it works fine.
I suspect the problem could be in Manifes merging.
Tks
Tullio -
Java.lang.SecurityException when granting java permission
DB version 11.1.07
We used this command to grant the following permission in development and stage environment with no problems.
exec dbms_java.grant_permission( 'SCHEMA', 'SYS:java.lang.RuntimePermission', 'getClassLoader', '' );
When the same command is run in production, it results in this.
ERROR at line 1:
ORA-29532: Java call terminated by uncaught Java exception:
java.lang.SecurityException: policy table update
SYS:java.lang.RuntimePermission, getClassLoader
ORA-06512: at "SYS.DBMS_JAVA", line 787
ORA-06512: at line 1
These commands were executed as SYS user in all environments. Any ideas what could be causing this?
Thanks.
UsmanEither you are only using a security manager in production or there is a difference in the permissions granted by the security domains (for example, .policy files).
-
Hi
I am getting this error when I am making an EJB method which resides in a different weblogic 9.1 server.
I have enaled the trust between my two domains. Set the required class path settings.
My client call is from a JSP , say client.jsp.
Here I get remote object of the EJB and calls the required method
Now
1) My EJB calls are succesful when I DO NOT secure it
2) but when I make it is secured , ie when I
include the jsp in secured URL ie. under <security-constraint><url-pattern>client.jsp</> in web.xml
, it gives me the follwing error
The stack trace is given below
java.lang.SecurityException: [Security:090398]Invalid Subject: principals=[com.ebreviate.security.wl9realm.EBRUser@a09a08, ess, everyone]
at weblogic.rjvm.ResponseImpl.unmarshalReturn(ResponseImpl.java:191)
at weblogic.rmi.cluster.ClusterableRemoteRef.invoke(ClusterableRemoteRef.java:315)
at weblogic.rmi.cluster.ClusterableRemoteRef.invoke(ClusterableRemoteRef.java:250)
at weblogic.jndi.internal.ServerNamingNode_910_WLStub.lookup(Unknown Source)
at weblogic.jndi.internal.WLContextImpl.lookup(WLContextImpl.java:374)
Truncated. see log file for complete stacktrace
Any idea why it is ?
Please let me know
Thanks
Binu
Edited by binurajkr at 01/25/2008 4:36 AMHi. Contact official BEA Support. This is likely
to be a known issue with a patch available to fix it.
Joe
binu raj wrote:
Hi
I am getting this error when I am making an EJB method which resides in a different weblogic 9.1 server.
I have enaled the trust between my two domains. Set the required class path settings.
My client call is from a JSP , say client.jsp.
Here I get remote object of the EJB and calls the required method
Now
1) My EJB calls are succesful when I DO NOT secure it
2) but when I make it is secured , ie when I
include the jsp in secured URL ie. under <security-constraint><url-pattern>client.jsp</> in web.xml
, it gives me the follwing error
The stack trace is given below
java.lang.SecurityException: [Security:090398]Invalid Subject: principals=[com.ebreviate.security.wl9realm.EBRUser@a09a08, ess, everyone]
at weblogic.rjvm.ResponseImpl.unmarshalReturn(ResponseImpl.java:191)
at weblogic.rmi.cluster.ClusterableRemoteRef.invoke(ClusterableRemoteRef.java:315)
at weblogic.rmi.cluster.ClusterableRemoteRef.invoke(ClusterableRemoteRef.java:250)
at weblogic.jndi.internal.ServerNamingNode_910_WLStub.lookup(Unknown Source)
at weblogic.jndi.internal.WLContextImpl.lookup(WLContextImpl.java:374)
Truncated. see log file for complete stacktrace
Any idea why it is ?
Please let me know
Thanks
Binu
Edited by binurajkr at 01/25/2008 4:36 AM -
Java.lang.SecurityException: [Security:090398]Invalid Subject
Hi
I am getting this error when I am making an EJB method which resides in a different weblogic 9.1 server.
I have enaled the trust between my two domains. Set the required class path settings.
My client call is from a JSP , say client.jsp.
Here I get remote object of the EJB and calls the required method
Now
1) My EJB calls are succesful when I DO NOT secure it
2) but when I make it is secured , ie when I
include the jsp in secured URL ie. under <security-constraint><url-pattern>client.jsp</> in web.xml
, it gives me the follwing error
The stack trace is given below
java.lang.SecurityException: [Security:090398]Invalid Subject: principals=[com.ebreviate.security.wl9realm.EBRUser@a09a08, ess, everyone]
at weblogic.rjvm.ResponseImpl.unmarshalReturn(ResponseImpl.java:191)
at weblogic.rmi.cluster.ClusterableRemoteRef.invoke(ClusterableRemoteRef.java:315)
at weblogic.rmi.cluster.ClusterableRemoteRef.invoke(ClusterableRemoteRef.java:250)
at weblogic.jndi.internal.ServerNamingNode_910_WLStub.lookup(Unknown Source)
at weblogic.jndi.internal.WLContextImpl.lookup(WLContextImpl.java:374)
Truncated. see log file for complete stacktrace
Any idea why it is ?
Please let me know
Thanks
BinuI got this issue resolved by setting
Context.SECURITY_PRINCIPAL, "" , before the RMI ejb call
Binu -
I have a class that is used to check the status of all managed server in a domain. I use this class to check on the status of multiple domains.
I have a for loop over all the domains and then invoke the method below, one for each domain (I instantiate the class anew for each domain)
The 1st domain connects and returns the status properly. However on subsequent iterations thru the look I get the following SecuriyException below. I have tried a number of things such as setting MBeanHome to null etc but this error repeats anytime I connect to N+1 domains.
Is there a fix for this.
Note: I am using WLS 8.1 SP3 thru 5. And I know the username & pwd is correct cause I can connect using to the admin console using the same username & password and am part of the Administrators group.
Exception on the client on N+1 connect attemp:
java.lang.SecurityException: [Security:090398]Invalid Subject: admin
at weblogic.rjvm.BasicOutboundRequest.sendReceive(BasicOutboundRequest.j
ava:108)
at weblogic.rmi.internal.BasicRemoteRef.invoke(BasicRemoteRef.java:137)
at weblogic.management.internal.AdminMBeanHomeImpl_815_WLStub.getDomainN
ame(Unknown Source)
Exception on the server:
####<Mar 28, 2006 2:59:51 PM CST> <Warning> <RMI> <htx6056> <AdminServer> <Execu
teThread: '2' for queue: 'weblogic.socket.Muxer'> <<WLS Kernel>> <> <BEA-080003>
<RuntimeException thrown by rmi server: weblogic.rmi.internal.BasicServerRef@10
2 - hostID: '-4547912678907759832S:htx6056.cce.hp.com:[10250,10250,10251,10251,1
0250,10251,-1,0,0]:arc_prd1:AdminServer', oid: '258', implementation: 'weblogic.
management.internal.AdminMBeanHomeImpl@1e22632'
java.lang.SecurityException: [Security:090398]Invalid Subject: admin.
java.lang.SecurityException: [Security:090398]Invalid Subject: admin
The code:
public void checkWebLogicServerState( String user, String pass, String url ) throws Exception {
MBeanHome home = Helper.getAdminMBeanHome( user, pass, url );
Set beans = home.getMBeansByType( "Server", home.getDomainName( ));
for( Iterator iter = beans.iterator( ); iter.hasNext( );){
WebLogicMBean bean = (WebLogicMBean)iter.next( );
WebLogicObjectName objName = bean.getObjectName( );
String serverName = objName.getName( );
String location = objName.getLocation( );
ServerRuntimeMBean serverRuntimeMBean = null;
try {
serverRuntimeMBean = (ServerRuntimeMBean)home.getMBean( serverName, "ServerRuntime", home.getDomainName( ), serverName);
String state = serverRuntimeMBean.getState( );
System.out.println( "\t[" + serverName + "] IS " + state + "." );
} catch( Exception ex ) {
System.out.println( "\t[" + serverName + "] IS NOT RUNNING." );
}I worked around the problem by removing the usage of the weblogic.management.Helper and using standard JNDI lookups instead.
Clearly there is a bug in the Helper class that stores securtiy information in a static variable since it cannot be re used within the same JVM/Classloader without sharing the security information.
Used instead:
Environment env = new Environment();
env.setProviderUrl( url );
env.setSecurityPrincipal( user );
env.setSecurityCredentials( pass );
Context ctx = env.getInitialContext( );
home = (MBeanHome)ctx.lookup( MBeanHome.ADMIN_JNDI_NAME ); -
HI,
I am trying to monitor multiple weblogic servers, I am getting the exception when the program is trying to read multiple domains of the same weblogic server version 8.1.
Can any one help me in getting this fix programatically using weblogic.management.*;
I have searched all the sites where I got only a perticular solution which states to maintain the same domain level credentials.
please reply me back if there is a programatical approach to fix this exception.
The exception is given below:
java.lang.SecurityException: [Security:090398]Invalid Subject: principals=[weblogic, Administrators]
at weblogic.rjvm.BasicOutboundRequest.sendReceive(BasicOutboundRequest.java:108)
at weblogic.rmi.internal.BasicRemoteRef.invoke(BasicRemoteRef.java:138)
at weblogic.management.internal.AdminMBeanHomeImpl_811_WLStub.getDomainName(Unknown Source)
at MonitorServers.getDataWeblogic(MonitorServers.java:138)
at MonitorServers.getServers(MonitorServers.java:89)
at MonitorServers.main(MonitorServers.java:352)
Caused by: java.lang.SecurityException: [Security:090398]Invalid Subject: principals=[weblogic, Administrators]
at weblogic.security.service.SecurityServiceManager.seal(SecurityServiceManager.java:682)
at weblogic.rjvm.MsgAbbrevInputStream.getSubject(MsgAbbrevInputStream.java:181)
at weblogic.rmi.internal.BasicServerRef.acceptRequest(BasicServerRef.java:814)
at weblogic.rmi.internal.BasicServerRef.dispatch(BasicServerRef.java:299)
at weblogic.rjvm.RJVMImpl.dispatchRequest(RJVMImpl.java:920)
at weblogic.rjvm.RJVMImpl.dispatch(RJVMImpl.java:841)
at weblogic.rjvm.ConnectionManagerServer.handleRJVM(ConnectionManagerServer.java:222)
at weblogic.rjvm.ConnectionManager.dispatch(ConnectionManager.java:794)
at weblogic.rjvm.t3.T3JVMConnection.dispatch(T3JVMConnection.java:570)
at weblogic.socket.NTSocketMuxer.processSockets(NTSocketMuxer.java:105)
at weblogic.socket.SocketReaderRequest.execute(SocketReaderRequest.java:32)
at weblogic.kernel.ExecuteThread.execute(ExecuteThread.java:197)
at weblogic.kernel.ExecuteThread.run(ExecuteThread.java:170)
Thanks in advanceHi,
I think that if you don't specify the credentials, the current one will be used to connect to the server.
Try to specify the guest identity by explicitely adding the following properties to override the current identity
properties.put(Context.SECURITY_PRINCIPAL, "");
properties.put(Context.SECURITY_CREDENTIALS, "");
Otherwise you will need to setup a trust between the servers.
I Hope this helps.
Giorgio Anastopoulos -
Java.lang.SecurityException: Security: Invalid Subject: principals
I am getting the following exception intermittently:
java.lang.SecurityException: Security: Invalid Subject: principals=[XXX, Administrators]
What i am doing is, i have two weblogic servers both running Weblogic 10.0 and running on different domains, a war is deployed on one server (server A) which sends a message to queue on another server (Server B), now everything works but if i restart B then A throws the above Security Exception while looking up the queue on Server B?? Any ideas why, i haven't configured any security credentials.
If i restart A after restarting B then everything works again but restarting all the servers each time one gets restarted is cumbersome,so does someone knows answer to the question above?
Edited by: user4828945 on Feb 11, 2009 5:41 PMIf you dont require authentication, then enable the global trust between the domains.
When this feature is enabled, identity is passed between WebLogic Server domains over an RMI connection without requiring authentication in the second domain. When inter-domain trust is enabled, transactions can commit across domains. A trust relationship is established when the Domain Credential for one domain matches the Domain Credential for another domain.
By default, the Domain Credential is randomly generated and therefore, no two domains will have the same Domain Credential. If you want two WebLogic Server domains to interoperate, you need to replace the generated credential with a credential you select, and set the same credential in each of the domains.
Link :[http://e-docs.bea.com/wls/docs100/ConsoleHelp/taskhelp/security/EnableGlobalTrustBetweenDomains.html] -
Java.lang.SecurityException: [Security:090398]
Hi All,
I am using Jdeveloper 11.1.1.3.
I am running my application and it runs fine. But after a couple of clicks, I get the following exception. Tried googling and oracle-ing the exception but can't really understand what it is. If someone can provide a solution that would be AWESOME but even if someone can explain what the error is, that would be really really helpful.
Oh and the WebLogic Server Version: 10.3.3.0 on server and client side.
Here's the error...
java.lang.SecurityException: [Security:090398]Invalid Subject: principals=[jdoe11, EFormDefault]
javax.el.ELException: java.lang.SecurityException: [Security:090398]Invalid Subject: principals=[jdoe11, EFormDefault]
at com.sun.el.parser.AstValue.invoke(AstValue.java:161)
at com.sun.el.MethodExpressionImpl.invoke(MethodExpressionImpl.java:283)
at oracle.adf.controller.internal.util.ELInterfaceImpl.invokeMethod(ELInterfaceImpl.java:168)
at oracle.adfinternal.controller.activity.MethodCallActivityLogic.execute(MethodCallActivityLogic.java:161)
at oracle.adfinternal.controller.engine.ControlFlowEngine.executeActivity(ControlFlowEngine.java:989)
at oracle.adfinternal.controller.engine.ControlFlowEngine.doRouting(ControlFlowEngine.java:878)
at oracle.adfinternal.controller.engine.ControlFlowEngine.doRouting(ControlFlowEngine.java:777)
at oracle.adfinternal.controller.engine.ControlFlowEngine.routeFromActivity(ControlFlowEngine.java:551)
at oracle.adfinternal.controller.engine.ControlFlowEngine.performControlFlow(ControlFlowEngine.java:147)
at oracle.adfinternal.controller.application.NavigationHandlerImpl.handleAdfcNavigation(NavigationHandlerImpl.java:109)
at oracle.adfinternal.controller.application.NavigationHandlerImpl.handleNavigation(NavigationHandlerImpl.java:78)
at com.sun.faces.application.ActionListenerImpl.processAction(ActionListenerImpl.java:130)
at org.apache.myfaces.trinidad.component.UIXCommand.broadcast(UIXCommand.java:190)
at oracle.adf.view.rich.component.fragment.UIXRegion.broadcast(UIXRegion.java:148)
at oracle.adf.view.rich.component.fragment.ContextSwitchingComponent$1.run(ContextSwitchingComponent.java:90)
at oracle.adf.view.rich.component.fragment.ContextSwitchingComponent._processPhase(ContextSwitchingComponent.java:309)
at oracle.adf.view.rich.component.fragment.ContextSwitchingComponent.broadcast(ContextSwitchingComponent.java:94)
at oracle.adf.view.rich.component.fragment.UIXInclude.broadcast(UIXInclude.java:97)
at oracle.adf.view.rich.component.fragment.ContextSwitchingComponent$1.run(ContextSwitchingComponent.java:90)
at oracle.adf.view.rich.component.fragment.ContextSwitchingComponent._processPhase(ContextSwitchingComponent.java:309)
at oracle.adf.view.rich.component.fragment.ContextSwitchingComponent.broadcast(ContextSwitchingComponent.java:94)
at oracle.adf.view.rich.component.fragment.UIXInclude.broadcast(UIXInclude.java:91)
at oracle.adfinternal.view.faces.lifecycle.LifecycleImpl.broadcastEvents(LifecycleImpl.java:812)
at oracle.adfinternal.view.faces.lifecycle.LifecycleImpl._executePhase(LifecycleImpl.java:292)
at oracle.adfinternal.view.faces.lifecycle.LifecycleImpl.execute(LifecycleImpl.java:177)
at javax.faces.webapp.FacesServlet.service(FacesServlet.java:265)
at weblogic.servlet.internal.StubSecurityHelper$ServletServiceAction.run(StubSecurityHelper.java:227)
at weblogic.servlet.internal.StubSecurityHelper.invokeServlet(StubSecurityHelper.java:125)
at weblogic.servlet.internal.ServletStubImpl.execute(ServletStubImpl.java:300)
at weblogic.servlet.internal.TailFilter.doFilter(TailFilter.java:26)
at weblogic.servlet.internal.FilterChainImpl.doFilter(FilterChainImpl.java:56)
at oracle.adf.model.servlet.ADFBindingFilter.doFilter(ADFBindingFilter.java:191)
at weblogic.servlet.internal.FilterChainImpl.doFilter(FilterChainImpl.java:56)
at oracle.adfinternal.view.faces.webapp.rich.RegistrationFilter.doFilter(RegistrationFilter.java:97)
at org.apache.myfaces.trinidadinternal.webapp.TrinidadFilterImpl$FilterListChain.doFilter(TrinidadFilterImpl.java:420)
at oracle.adfinternal.view.faces.activedata.AdsFilter.doFilter(AdsFilter.java:60)
at org.apache.myfaces.trinidadinternal.webapp.TrinidadFilterImpl$FilterListChain.doFilter(TrinidadFilterImpl.java:420)
at org.apache.myfaces.trinidadinternal.webapp.TrinidadFilterImpl._doFilterImpl(TrinidadFilterImpl.java:247)
at org.apache.myfaces.trinidadinternal.webapp.TrinidadFilterImpl.doFilter(TrinidadFilterImpl.java:157)
at org.apache.myfaces.trinidad.webapp.TrinidadFilter.doFilter(TrinidadFilter.java:92)
at weblogic.servlet.internal.FilterChainImpl.doFilter(FilterChainImpl.java:56)
at oracle.security.jps.ee.http.JpsAbsFilter$1.run(JpsAbsFilter.java:94)
at java.security.AccessController.doPrivileged(Native Method)
at oracle.security.jps.util.JpsSubject.doAsPrivileged(JpsSubject.java:313)
at oracle.security.jps.ee.util.JpsPlatformUtil.runJaasMode(JpsPlatformUtil.java:414)
at oracle.security.jps.ee.http.JpsAbsFilter.doFilter(JpsAbsFilter.java:138)
at oracle.security.jps.ee.http.JpsFilter.doFilter(JpsFilter.java:71)
at weblogic.servlet.internal.FilterChainImpl.doFilter(FilterChainImpl.java:56)
at oracle.adf.library.webapp.LibraryFilter.doFilter(LibraryFilter.java:159)
at weblogic.servlet.internal.FilterChainImpl.doFilter(FilterChainImpl.java:56)
at oracle.dms.wls.DMSServletFilter.doFilter(DMSServletFilter.java:330)
at weblogic.servlet.internal.FilterChainImpl.doFilter(FilterChainImpl.java:56)
at weblogic.servlet.internal.RequestEventsFilter.doFilter(RequestEventsFilter.java:27)
at weblogic.servlet.internal.FilterChainImpl.doFilter(FilterChainImpl.java:56)
at weblogic.servlet.internal.WebAppServletContext$ServletInvocationAction.doIt(WebAppServletContext.java:3684)
at weblogic.servlet.internal.WebAppServletContext$ServletInvocationAction.run(WebAppServletContext.java:3650)
at weblogic.security.acl.internal.AuthenticatedSubject.doAs(AuthenticatedSubject.java:321)
at weblogic.security.service.SecurityManager.runAs(SecurityManager.java:121)
at weblogic.servlet.internal.WebAppServletContext.securedExecute(WebAppServletContext.java:2268)
at weblogic.servlet.internal.WebAppServletContext.execute(WebAppServletContext.java:2174)
at weblogic.servlet.internal.ServletRequestImpl.run(ServletRequestImpl.java:1446)
at weblogic.work.ExecuteThread.execute(ExecuteThread.java:201)
at weblogic.work.ExecuteThread.run(ExecuteThread.java:173)
Caused by: java.lang.SecurityException: [Security:090398]Invalid Subject: principals=[jdoe11, EFormDefault]
at weblogic.security.service.SecurityServiceManager.seal(SecurityServiceManager.java:835)
at weblogic.security.service.IdentityUtility.authenticatedSubjectToIdentity(IdentityUtility.java:30)
at weblogic.security.service.RoleManager.getRoles(RoleManager.java:183)
at weblogic.security.service.AuthorizationManager.isAccessAllowed(AuthorizationManager.java:375)
at weblogic.rmi.provider.WorkContextAccessController.checkAccess(WorkContextAccessController.java:62)
at weblogic.workarea.spi.WorkContextAccessController.isAccessAllowed(WorkContextAccessController.java:38)
at weblogic.workarea.WorkContextLocalMap$WorkContextKeys.next(WorkContextLocalMap.java:356)
at weblogic.wsee.jaxws.workcontext.WorkContextTube.hasContext(WorkContextTube.java:67)
at weblogic.wsee.jaxws.workcontext.WorkContextClientTube.processRequest(WorkContextClientTube.java:38)
at com.sun.xml.ws.api.pipe.Fiber.__doRun(Fiber.java:604)
at com.sun.xml.ws.api.pipe.Fiber._doRun(Fiber.java:563)
at com.sun.xml.ws.api.pipe.Fiber.doRun(Fiber.java:548)
at com.sun.xml.ws.api.pipe.Fiber.runSync(Fiber.java:445)
at com.sun.xml.ws.client.Stub.process(Stub.java:259)
at com.sun.xml.ws.client.sei.SEIStub.doProcess(SEIStub.java:152)
at com.sun.xml.ws.client.sei.SyncMethodHandler.invoke(SyncMethodHandler.java:115)
at com.sun.xml.ws.client.sei.SyncMethodHandler.invoke(SyncMethodHandler.java:95)
at com.sun.xml.ws.client.sei.SEIStub.invoke(SEIStub.java:135)
at $Proxy157.retrieveForm(Unknown Source)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
at java.lang.reflect.Method.invoke(Method.java:597)
at weblogic.wsee.jaxws.spi.ClientInstance$ClientInstanceInvocationHandler.invoke(ClientInstance.java:363)
at $Proxy158.retrieveForm(Unknown Source)
at gov.atf.eforms.FormBase.retrieveForm(FormBase.java:206)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
at java.lang.reflect.Method.invoke(Method.java:597)
at com.sun.el.parser.AstValue.invoke(AstValue.java:157)
... 62 more
Edited by: HKG on Feb 25, 2011 8:01 AMHi,
difficult to say. From the error message it seems that there is something happening with the authenticated JAAS user. Does the problem reproduce in other applications (e.g. a test case ?)
Frank -
Java.lang.SecurityException when trying to execute Workflow-Java-API from Servlet
I'm trying to call some of the Oracle Workflow-Java-API Classes/Methods from a servlet running on OC4J.
The following Code-Sample is exactly copied from the WFTest Example shipped with Oracle-Workflow:
wfDB = new WFDB(user, ident, "jdbc:oracle:thin:@", "host:1521:tnsstring");
String charset = System.getProperty("CHARSET");
if (charset == null) {
charset = "UTF8";
ctx = new WFContext(wfDB, charset);
if (ctx.getDB().getConnection() == null) {
throw new Exception ("Keine Verbindung zum Workflow");
On OC4J integrated in JDeveloper everything works fine when i run my test-servlet with this code.
On 9ias with OC4J running on a SuSE-Linux Server i get the following Error:
java.lang.SecurityException: class "oracle.apps.fnd.wf.WFContext"'s signer information does not match signer information of other classes in the same package
at java.lang.ClassLoader.checkCerts(ClassLoader.java:554)
at java.lang.ClassLoader.defineClass(ClassLoader.java:482)
at java.security.SecureClassLoader.defineClass(SecureClassLoader.java:106)
at java.net.URLClassLoader.defineClass(URLClassLoader.java:243)
at java.net.URLClassLoader.access$100(URLClassLoader.java:51)
at java.net.URLClassLoader$1.run(URLClassLoader.java:190)
at java.security.AccessController.doPrivileged(Native Method)
at java.net.URLClassLoader.findClass(URLClassLoader.java:183)
at java.lang.ClassLoader.loadClass(ClassLoader.java:294)
at java.lang.ClassLoader.loadClass(ClassLoader.java:250)
at java.lang.ClassLoader.loadClassInternal(ClassLoader.java:310)
at oracle.apps.fnd.wf.engine.JdbcEngineAPI._sqlQueryText(JdbcEngineAPI.java)
at oracle.apps.fnd.wf.engine.EngineAPI.getItemTypes(EngineAPI.java)
at WorkflowData.doGet(WorkflowData.java:61)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:195)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:309)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:336)
at com.evermind[Oracle9iAS (1.0.2.2.1) Containers for J2EE].server.http.ServletRequestDispatcher.invoke(ServletRequestDispatcher.java:508)
at com.evermind[Oracle9iAS (1.0.2.2.1) Containers for J2EE].server.http.ServletRequestDispatcher.forwardInternal(ServletRequestDispatcher.java:177)
at com.evermind[Oracle9iAS (1.0.2.2.1) Containers for J2EE].server.http.HttpRequestHandler.processRequest(HttpRequestHandler.java:576)
at com.evermind[Oracle9iAS (1.0.2.2.1) Containers for J2EE].server.http.HttpRequestHandler.run(HttpRequestHandler.java:189)
at com.evermind[Oracle9iAS (1.0.2.2.1) Containers for J2EE].util.ThreadPoolThread.run(ThreadPoolThread.java:62)
As you can see, the first Workflow-API-Object (WFDB) gets correctly instantiated. But the second one crashes.
The java.policy and java.security files are exactly identical on both machines, my PC and the Linux-Server.
Where might be the problem ?
How can we fix this ?
thanks in advance for any help
Ralfokay, okay,
my/our own fault.
To prevent anyone else of makeing the same mistake, a short decription:
We stored the wf????.jar files inside the $JAVA_HOME/jre/lib/ext directory.
The correct way is to let them inside $ORACLE_HOME/jlib dir of the oracle db and extend the classpath, respectively add the following lines to 'orion-application.xml' of the app.
<library path="$ORACLE_HOME/jlib/wfapi.jar" />
<library path="$ORACLE_HOME/jlib/wfjava.jar" /> -
Java.lang.SecurityException when loading javax.activation.MimeType
Hi all,
I'm having this problem when trying to call a WebService in my Server;
java.lang.SecurityException: class "javax.activation.MimeType"'s signer information does not match signer information of other classes in the same package
at java.lang.ClassLoader.checkCerts(ClassLoader.java(Compiled Code))
at java.lang.ClassLoader.defineClass(ClassLoader.java(Compiled Code))
at java.security.SecureClassLoader.defineClass(SecureClassLoader.java(Compiled Code))
at java.net.URLClassLoader.defineClass(URLClassLoader.java(Compiled Code))
at java.net.URLClassLoader.access$500(URLClassLoader.java(Inlined Compiled Code))
at java.net.URLClassLoader$ClassFinder.run(URLClassLoader.java(Compiled Code))
at java.security.AccessController.doPrivileged1(Native Method)
at java.security.AccessController.doPrivileged(AccessController.java(Compiled Code))
at java.net.URLClassLoader.findClass(URLClassLoader.java(Compiled Code))
at java.lang.ClassLoader.loadClass(ClassLoader.java(Compiled Code))
at java.lang.ClassLoader.loadClass(ClassLoader.java(Compiled Code))
at sun.misc.Launcher$AppClassLoader.loadClass(Launcher.java(Compiled Code))
at java.lang.ClassLoader.loadClass(ClassLoader.java(Compiled Code))
at org.apache.soap.rpc.SOAPContext.addBodyPart(SOAPContext.java:344)
at org.apache.soap.rpc.SOAPContext.setRootPart(SOAPContext.java:403)
at org.apache.soap.rpc.SOAPContext.setRootPart(SOAPContext.java:442)
at org.apache.soap.rpc.SOAPContext.setRootPart(SOAPContext.java:417)
at org.apache.soap.transport.TransportMessage.save(TransportMessage.java:351)
at oracle.soap.transport.http.OracleSOAPHTTPConnection.send(OracleSOAPHTTPConnection.java:713)
at org.apache.soap.rpc.Call.invoke(Call.java:261)
It seems to work in my local machine (running on JDeveloper10G embedded server), but i cannot make it work in production server (version 10.1.2.0.2) ...
Any idea of what is going wrong? I know what the error means, but i don't know why it is raising.I've tried the webservice standalone (without a servlet frontend) and it seems to work, so i'll post this in the servlets forum.
Thanks.
Maybe you are looking for
-
Abap Program in Process chain error
Hi Experts, In my process chain there is a program to download hierarchy data and then in next step it would load data but when the process comes to this program the job is getting cancelled and log shows below msg Process LOADING, variant ZPAK_12345
-
Hi all, i have this problem. there is a process that lock a table to execute many operation. I need to check if these operation are correct during the time that the table is locked. Its possible connect to the database and execute a select during the
-
Migrating from weblogic 8.1 to sun one server
I need some documentation that could guide, in steps involved, in migrating an J2ee application from weblogic 8.1 to sun one application server. Please help.
-
Revision: 22381 Revision: 22381 Author: [email protected] Date: 2011-09-02 05:10:41 -0700 (Fri, 02 Sep 2011) Log Message: Add some unit tests for the flex.messaging.client.FlexClientManager, including one for the new getFlexClient(String id, bo
-
Bad primary partition 1: Partion ends in the final partial cylinder
i just got a new laptop, dell inspiron 6400. it's partition table is set up this way: 1) a 55 meg partition which is supposedly the dell boot utility 2) a 10 gig recovery partition that contains the completely original HD 3) a 81 gig partition which