Tomcat security Problem?????

Hello,
I m making a web application security module. These feature is provide by tomacat server. By using "web.xml" & "tomcat-users.xml", we can create users and assign roles to them.
But i just want to create users and roles at runtime i.e. don't wanna restart tomcat server to apply changes in xml.
Tomcat provides this runtime xml reloading service, But how tomcat is doing all this I m not getting.
Could anyone please help me out in this???
I would be thankful to him/her.
Thanks in advance.
Regards
Dheeraj Chhabra

Thanks for answering
In my case I think I cannot use POI because I need Excel
and a Virtual Printer , so I can convert excel files with exactly the same
format to PDF. POI is suppose better idea for creating or manipulating
OpenOffice files (they are working together with OO on file formats),
and unfortunately OpenOffice doesnt work fine with charts (I already had
this solution, openoffice-server and Uno ).
It must be smth with Tomcat-Configuration or security, because my
programm is working with the internal tomcat-server of JBuilder, and
as application too. In both cases Excel is started with my username and
not SYSTEM (my tomcat server is started as service, perhaps thats why
by starting excel from my servlet Excel is by user - SYSTEM).

Similar Messages

Tomcat / MySQL problem

Simple Tomcat / MySQL code works well on the development server (Windows) but crashes on the production server (Linux).
It finds and loads the driver, then fails to create a connection with
java.security.AccessControlException: access denied (java.net.SocketPermission localhost resolve)Driver is mysql-connector-java-3.0.14-production-bin.jar in ${catalina.home}/common/lib.
MySQL is version 3.23.58.
Tomcat version 4.1.29.
Java version 1.4.2_02.
Operating system is RedHat 9 with Plesk 7.
This looks like a Tomcat security issue but catalina.policy grants all permissions to ${catalina.home}/common/lib/-.
Granting specific permissions has made no difference:
grant codeBase "file:${catalina.home}/common/lib/mysql-connector-java-3.0.14-production-bin.jar" {
permission java.net.SocketPermission "localhost:3306", "listen,connect,accept,resolve";
};The code is straight from the Java tutorial, presented three ways:
1. in a bean, called from a JSP
2. inline in a JSP
3. in a JAR, as an executable class
All of these work in Windows. Only No 3 works in Linux (which suggests the issue is not with Java security). Other JSP pages work fine.
I have not found a MySQL driver preinstalled on the system. I first added mysql-connector-java-3.1.10-bin.jar but this failed because it could not read charset mappings. I have
now reverted to mysql-connector-java-3.0.14-production-bin.jar. Adding the JAR in application/WEB-INF/lib does not help.
I wonder if there is a class loader issue but I cannot find any other JARs that conflict.
Could Tomcat be trying to connect on a different port? It makes no difference whether or not the port number (3306) is included in the URL.
Granting permissions for IP addresses and domain names makes no difference (so far). Besides, the error message is specific about localhost.
Can anyone help, please?
Many thanks
Robin

Spot on! I am not at all clear whether the root cause of the problem is Tomcat, MySQL, Java or whatever ... Until I understand more, everything is suspect.
I have been asking myself what can cause this Access denied / SocketPermission error?
- mis-configuration of the permission: codebase, url, port ?
- in the wrong policy file? catalina.policy or java.policy ?
- faulty installation of something?
- incompatible versions ?
The code all works well on the development machine, which runs Windows 2000. Running it on the Linux machine causes problems.
I do not have full control of the configuration of the Linux machine but I am able to restart Tomcat when needed.
Some specific questions:
I know from the stack trace which Java function is being called:
java.sql.DriverManager.getConnection()The MySQL driver is checking for socket permission when it tries to get a connection and throws:
java.security.AccessControlException: access denied (java.net.SocketPermission localhost resolve) - How do I tell what parameters are being passed to getConnection() without installing the source code?
- How do I tell for sure which policy file governs the check?
Many thanks
Robin

Security problem? Bounded taskflow and sessionid in loopback url

Hi,
We just had a security evaluation of our public site. We use ADF in several places on the site (through iframes).
The applications are made up of bounded taskflows. The request Url reads like:
http://127.0.0.1:7101/test/faces/adf.task-flow?adf.tfId=task-flow-definition&adf.tfDoc=/WEB-INF/task-flow-definition.xml
and it returns :
http://127.0.0.1:7101/test/faces/adf.task-flow;jsessionid=R9YWRvkLJyD6lYC79DyTmTl6fxj177x1ZflDcJy4mrlcYmDVSmn0!-1545839156?adf.tfId=task-flow-definition&adf.tfDoc=/WEB-INF/task-flow-definition.xml&_afrLoop=97476727347664&_afrWindowMode=0&_afrWindowId=null
According to the security evaluation the ;jsessionid=xxx in the header is a security problem, you could in principle copy the url and send it to a different computer and continue the session from there!
The jsessionid is put there by the loop back script.
Is there any way of making the loop back script not put the jsessionid in the url?
Is it a security problem?
regards
Johnny

Hi, thank you for the opinion. I am not talking about hijacking my own session id. But "malware" or a spy in som way could "sniff" the url and send it off to another computer!
Look at this url, it explains it even better :
http://fralef.org/tomcat-disable-jsessionid-in-url.html
Again it is not my opinion but that of a security firm.
Cookies are not disabled on my computer ( and our security firms), the case is real and how bounded taskflows work.
Here is the code from the loop back:
var sess = ";jsessionid=TdJhRvVGHnYZtTfzsMBpmDcSnLVHW0SzgBWl0gQm2tPQ45lwsq1W!-1545839156";
if (sess.length > 0)
href += sess;
After the redirect the cookies "takes" over and the jsession id is not shown again.
But it is still shown initially.
And we do use https on our site, my code was just an illustration.
Johnny
Edited by: user11345344 on Feb 28, 2013 8:44 PM

Opening and closing a frame from an applet security problem

can I open a frame or a window from an applet and close the frame by using
System.exit(0) for the frame or will it throw a security problem.

I am using system.exit(0) to exit the JVM.
dispose()
Releases all of the native screen resources used by this Window, its subcomponents, and all of its owned children. That is, the resources for these Components will be destroyed, any memory they consume will be returned to the OS, and they will be marked as undisplayable.
If this frame have to be close and open again don't use dispose.
there is no check whether a frame is active? what you can do is set the the new frame to null (frame = null) and also when you dispose it, this will let you know if the frame is active or not.
Noah

I got this warning when i open a specific page on my website in IE : MuseJSAssert: Error calling selector function:Error: A security problem occurred.

Hi,
I found out when i'm in IE and go to the page 'Artists'
and i click on a name, for example: 'Abel Equipe ELA/I Gomes'
I get this warning :
MuseJSAssert: Error calling selector function:Error: A security problem occurred.
This is only in IE, not when i use Safari or Chrome
this is the website link
Any ideas how to solve this problem?

There's an invalid hyperlink on the Abel Equipe ELA/I Gomes page on a bit of text that reads "with your input." You need to find this text within Muse, clear the hyperlink and enter a valid one.

Need to solve serious security problem with Oracle Reports URL

As mentioned repeatedly on this forum, Oracle Reports allows serious security breaches that allow users to see reports that they did not generate -- it's easy to guess a legal URL by changing the getjobid parameter.
I've reviewed the JavaDocs to part of the rwrun.jar file and reviewed some of the example report plugins. This shows promise in helping to solve this security problem but critical pieces are missing.
1) The javadocs are accurate for only 10g (9.0.4) but not correct for 10g (10.1.2+), which we are currently using. I need access to the updated version of this javadoc.
2) Even with the updated version of the JavaDoc, I haven't found a class from which to inherit that would give me the opportunity to generate random jobid values, which then would effectively prevent users from guessing other jobid values, and thereby gaining access to other's reports (which in our cases, may contain sensitive information.
3) We have found that we can send the parameter=value of EXPIRATION=1 which helps protect such information, but this requires that every program which invokes a report be modified to add this parameter. It would be far better for the report server to be configured to use a java class we write that inherits from some rwrun.jar class that would by default, add the EXPIRATION=1 parameter.

Hi,
Thanks for our replies. I will ask to an administrator about this security problem, now I know it depends of a security parameter.
But I would know if it could be possible to hide the technical name of the query in the url. It could improve the security level of our reports in a first time in this way.
Thanks a lot,
JW.

Javascript security problem in IE/Netscape

I am facing with the javascript security problem in IE/Netscape. I have solved this problem partially, but there are more issues involved.
Here's the scenario:
There is an HTML page on client's hard disk (main.htm) containing two frames:
frame 1 contains a page that lies that is deployed from my server, say
src="http://127.0.0.1:8080/MyApplication.htm"
frame 2 contains a page that lies on the client's server, say
src="http://www.clientside.com/clientPage.htm"
My page in frame 1 wants to access the URL of the page in frame 2 (through a button click, say ). This is done in MyApplication.htm through javascript as:
window.parent.frame2.location.href;
Now when the above line is executed, i get the following error:
In IE(5.0): "permission denied"
In Netscape(4.7): "access disallowed from scripts at http://127.0.0.1:8080/MyApplication.htm to documents at another domain."
(which is understandable)
I have partially solved the above problem in Netscape, by granting access permissions to MyApplication.htm (page on my server) to access the
"http://www.clientside.com/clientPage.htm" page at client's domain.
This is done as follows:
1. First enable code base principals in client's Netscape by adding the following line in prefs.js file of Netscape
"user_pref("signed.applets.codebase_principal_support", true);"
2. Secondly i must add the following line in java script of "MyApplication.htm"
"netscape.security.PrivilegeManager.enablePrivilege("UniversalBrowserAccess");"
Now when the client clicks the button on my frame he'll get a netscape window asking him to grant permissions to MyApplication.htm.
After granting permission, MyApplication.htm can retrieve the URL of clientPage.htm (even if he browses to another url)
As you can see this problem is solved partially, but i want that the page "main.htm" (which is now on the client's hard disk),
must be deployed at client's server (in which case not even the above technique works).........what should i do? any alternates or other solution?
Secondly i want this to work with IE too, (which should according to their documentation, but does not and is therfore a big IE bug-as mentioned on the net)
Any sort of help in this case would greatly appreciated.
Thanks
Faisal Moin Khan

i believe you are posting in the wrong forum.
This forum is foro XML web services.

Applet problem with FileWriter() (security problem?)

btBut1.addActionListener(new ActionListener()
   public void actionPerformed(ActionEvent e)
       FilePermission perm = new FilePermission("<<ALL FILES>>" , "write");
      try {
            FileWriter outputStream = null;
            outputStream = new FileWriter("./bandiere/testouno.txt");
       catch (IOException eX) {
   });This is a bit of code from an APPLET which I'm working on. The code does not work...
I smell it is a security problem, but I'm not sure...

You are trying to write to the local file system which is not allowed unless the applet is signed.
Unless you think you are trying to write to the server, in which case, you can't do that with FileWriters. You'd have to make a connection to the server via a socket or URLConnection or something to pass the data over.

Signed applets in 1.4.1: non-trust ignored: severe security problem?

Hello all,
I am signing applets with a developer certificate.
Until know everything worked fine with Plugin 1.3.1.
Know I changed to Plugin 1.4.1 and encountered a strange behaviour: When I open the HTML page with a browser (tried IE 5.5 and Mozilla 1.1) the certificate-question pops up. The problem: if I choose not to trust the certificate, the applets starts nevertheless and I can use the system clipboard inside my Applet (for what applets needs to be signed)!
This looks like a severe security problem!
Does anyone know anything about this? Can you reproduce this?
thanx!
Marcus

Hi,
I tried to reproduce what you said with plugin 1.4.0 (I don't have 1.4.1 yet) and IE6.0 (It doesn't have anything to do with the browser)
My Java console said :
"User has denied the priviledges to the code
writeFile: caught security exception"
The security seems to work OK in 1.4.0.
I will have to try 1.4.1.
Patrick

Apache webserver can't find tomcat - mod_jk problem?

Hi
I have recently upgraded HP-UX apache software
FROM
Apache webserver: 2.0.55
Apache tomcat : 5.5.9
TO
Apache webserver: 2.0.55
Apache tomcat : 5.5.9
I have 2 tomcats running, one JVM for a daytime service and another for a nighttime service.
So while 1 tomcat is down, the other is up, apache always running.
However, since I have upgraded, I see the following error messages in jk.log:
[Mon Nov 20 07:00:41 2006] [error] ajp_connection_tcp_get_message::jk_ajp_common
.c (949): ERROR: can't receive the response message from tomcat, network problems or tomcat is down (127.0.0.1:8059), err=-232
The tomcat in question is up - and the messages returned are 500 responses - server configuration issue.
Get several a day.
Basically using mod_jk to bind the tomcat installations to apache webserver.
What is new though in mod_jk 1.2.10 is that a shared memory file is specified. I am wondering what happens to this memory that is used to load balance the workers when tomcats are bounced.
Issues go away after a bounce of apache - but after each tomcat has been stopped once - messages start to fail intermittently after that.
Done some googling but do not see any solutions - so here's hoping!
Thanks.

Noticed my deliberate mistake!
From
Apache 2.0.32
Tomcat 3
Still no joy with with this in terms of finding a solution to why the newer version of apache cannot find tomcat after it has been bounced.
mod_jk.so version 1.2.9 introduced the shared memory for the workers, which as far as I can is the main config change in the 2 versions of apache that came from HP.
So rolled back to the old version of apache with the new version of tomcat - and everything works fine!

SAP ERP Security Problems

Hello,
We are searching and investigating the security problems and needs in SAP Systems (the NetWeaver and R3).
We are looking for vulnerabilities from the network level up to the application and SAP-GUI level.
We would like to hear and learn from users on case studies and problems that occurred during implementing and running the SAP systems.
We would appreciate if you could contact us for further details.
Thank you.
<Contact information removed by forum moderator>
Message was edited by: Christian Wippermann

Dear Alon,
Thank you for your interest in SAP Security. You are very welcome to investigate product security and to share your results with SAP ([email protected]). But this is exactly the place where SAP users should report security problems they may find. They should not report to other companies! That is why I removed your contact information and closed this thread.
To make myself clear: Please report security problems directly to [email protected] My collegues there will support to solve the issues.
Best regards,
Christian

ERROR Msg: MuseJSAsset: Error calling selector function:Error: A security problem occurred.

ERROR Msg: MuseJSAsset: Error calling selector function:Error: A security problem occurred.
Just launched site using 1 of my 5 CC web-hosting chips. Using Adobe's hosting: ns1, ns2 & ns3.worldsecuresystems.com
Concerned that the "• Assign a domain name (e.g., www.mycompany.com)" keeps coming up, even tho' I've launched???????????

Hi,
The MuseJSAsset error usually appears if there is any conflicting script on the page. Have you added your own code to the site using Insert HTML feature? If yes, please try removing it.
Regarding your second concern, What is your site URL?
Regards.
Aish

Cocoon2 weblogic (5.1 sp6) class loader security problem

Hello folks,
System:
Cocoon: v2.0
JDK: Java(TM) 2 Runtime Environment, Standard Edition (build 1.3.0-C),
Java HotSpot(TM) Client VM (build 1.3.0-C, mixed mode)
OS: NT4 SP5
Servlet: v2.2
AppServer: Weblogic 5.1 SP6
Symptoms:
I've updated our application from Cocoon 1.7.4 to Cocoon2. After I
figured out what libraries I need on the Weblogic's classpath, I managed
to envoke the MyServlet (MyServlet extends CocoonServlet). The technique
I am using is the one I used with the Cocoon v1.7.4: extend Cocoon
servlet and wrap the HttpServletRequest in MyRequest to provide the XML
content. I changed the line <map:generators default="request"> in
sitemap.xmap to specify the location of the source. Configuration files
seem to be read correctly and the file
<myWebAppContext>/WEB-INF/_tmp_war/org/apache/cocoon/www/sitemap_xmap.java
is generated (but there is no class file generated)!
I looked at the cocoon.log file and looks like a class loader security
problem: the \WEB-INF\_tmp_war gets locked! Is there any workaround this
problem? Any help is much appreciated!
cocoon.log file generated:
DEBUG 62 [cocoon ] (ExecuteThread-11): Using configuration file:
/cocoon.xconf
INFO 62 [cocoon ] (ExecuteThread-11): Reloading from:
file:D:/Programs/cocoon-1.8.2/samples/cocoon.xconf
DEBUG 93 [cocoon ] (ExecuteThread-11): New Cocoon object.
DEBUG 93 [cocoon ] (ExecuteThread-11): Using parser:
org.apache.cocoon.components.parser.JaxpParser
DEBUG 109 [cocoon ] (ExecuteThread-11): Creating Repository with
this directory: D:\programs\cocoon-1.8.2\samples\WEB-INF\_tmp_war
DEBUG 109 [cocoon ] (ExecuteThread-11): Classpath =
D:\Programs\cocoon-1.8.2\samples\WEB-INF\classes;D:\Programs\cocoon-1.8.2\samples\WEB-INF\lib\javac.jar;D:\avue\lib\servlet.jar;D:\avue\lib\jaxp.jar;D:\avue\lib\xerces.jar;D:\avue\lib\xalan.jar;D:\avue\lib\cocoon.jar;D:\avue\lib\avalonapi.jar;D:\avue\lib\logkit.jar;D:\avue\lib\maybeupload.jar;D:\avue\lib\jakarta-regexp-1.2.jar;D:\avue\lib\jstyle.jar;D:\avue\lib\javac.jar;D:\weblogic\lib\weblogic510sp6boot.jar;D:\weblogic\classes\boot;
DEBUG 109 [cocoon ] (ExecuteThread-11): Work directory =
D:\Programs\cocoon-1.8.2\samples\WEB-INF\_tmp_war
DEBUG 125 [cocoon ] (Thread-0): ComponentFactory creating new
instance of org.apache.cocoon.components.parser.JaxpParser.
DEBUG 140 [cocoon ] (Thread-0): ComponentFactory creating new
instance of org.apache.cocoon.components.parser.JaxpParser.
DEBUG 140 [cocoon ] (Thread-0): ComponentFactory creating new
instance of org.apache.cocoon.components.parser.JaxpParser.
DEBUG 140 [cocoon ] (Thread-0): ComponentFactory creating new
instance of org.apache.cocoon.components.parser.JaxpParser.
DEBUG 390 [cocoon ] (ExecuteThread-11): Root configuration:
cocoon
DEBUG 390 [cocoon ] (ExecuteThread-11): Configuration version:
2.0
DEBUG 390 [cocoon ] (ExecuteThread-11): Setting up components...
DEBUG 406 [cocoon ] (ExecuteThread-11): Adding component
(org.apache.cocoon.components.parser.Parser =
org.apache.cocoon.components.parser.JaxpParser)
DEBUG 406 [cocoon ] (ExecuteThread-11): Adding component
(org.apache.cocoon.components.language.generator.ProgramGenerator =
org.apache.cocoon.components.language.generator.ProgramGeneratorImpl)
DEBUG 406 [cocoon ] (ExecuteThread-11): Adding component
(org.apache.cocoon.components.url.URLFactory =
org.apache.cocoon.components.url.URLFactoryImpl)
DEBUG 406 [cocoon ] (ExecuteThread-11): Adding component
(org.apache.cocoon.components.saxconnector.SAXConnector =
org.apache.cocoon.components.saxconnector.NullSAXConnector)
DEBUG 422 [cocoon ] (ExecuteThread-11): Adding component
(org.apache.avalon.util.datasource.DataSourceComponentSelector =
org.apache.cocoon.components.CocoonComponentSelector)
DEBUG 422 [cocoon ] (ExecuteThread-11): Adding component
(org.apache.avalon.util.pool.PoolController =
org.apache.cocoon.components.ComponentPoolController)
DEBUG 422 [cocoon ] (ExecuteThread-11): Adding component
(org.apache.cocoon.components.language.programming.ProgrammingLanguageSelector
= org.apache.cocoon.components.CocoonComponentSelector)
DEBUG 422 [cocoon ] (ExecuteThread-11): Adding component
(org.apache.cocoon.components.language.markup.MarkupLanguageSelector =
org.apache.cocoon.components.CocoonComponentSelector)
DEBUG 422 [cocoon ] (ExecuteThread-11): Adding component
(org.apache.cocoon.components.store.Store =
org.apache.cocoon.components.store.MemoryStore)
DEBUG 422 [cocoon ] (ExecuteThread-11): Adding component
(org.apache.cocoon.components.classloader.ClassLoaderManager =
org.apache.cocoon.components.classloader.ClassLoaderManagerImpl)
DEBUG 422 [cocoon ] (ExecuteThread-11): Setting up the sitemap.
DEBUG 422 [cocoon ] (ExecuteThread-11): Sitemap location =
sitemap.xmap
DEBUG 703 [cocoon ] (ExecuteThread-11): ComponentFactory creating
new instance of org.apache.cocoon.components.url.URLFactoryImpl.
DEBUG 703 [cocoon ] (ExecuteThread-11): Getting the URLFactories
DEBUG 703 [cocoon ] (ExecuteThread-11): for protocol:
resource org.apache.cocoon.components.url.ResourceURLFactory
DEBUG 718 [cocoon ] (ExecuteThread-11): for protocol: context
org.apache.cocoon.components.url.ContextURLFactory
DEBUG 718 [cocoon ] (ExecuteThread-11): Beginning sitemap
regeneration
DEBUG 718 [cocoon ] (ExecuteThread-11): Making URL from
file:/D:/Programs/cocoon-1.8.2/samples/sitemap.xmap
DEBUG 718 [cocoon ] (Thread-1): ComponentFactory creating new
instance of
org.apache.cocoon.components.language.generator.ProgramGeneratorImpl.
DEBUG 718 [cocoon ] (Thread-1): Could not find ComponentHandler,
attempting to create one for role:
org.apache.cocoon.components.language.generator.ServerPagesSelector
DEBUG 718 [cocoon ] (Thread-1): ComponentFactory creating new
instance of
org.apache.cocoon.components.language.generator.GeneratorSelector.
DEBUG 718 [cocoon ] (Thread-1): ComponentFactory creating new
instance of
org.apache.cocoon.components.classloader.ClassLoaderManagerImpl.
DEBUG 718 [cocoon ] (Thread-1): CocoonComponentSelector setting
up with root element:
DEBUG 718 [cocoon ] (Thread-1): ComponentFactory creating new
instance of org.apache.cocoon.components.CocoonComponentSelector.
DEBUG 718 [cocoon ] (Thread-1): CocoonComponentSelector setting
up with root element: markup-languages
DEBUG 734 [cocoon ] (Thread-1): Adding
org.apache.cocoon.components.language.markup.xsp.XSPMarkupLanguage for
xsp
DEBUG 734 [cocoon ] (Thread-1): Adding
org.apache.cocoon.components.language.markup.sitemap.SitemapMarkupLanguage
for sitemap
DEBUG 734 [cocoon ] (Thread-1): ComponentFactory creating new
instance of org.apache.cocoon.components.CocoonComponentSelector.
DEBUG 734 [cocoon ] (Thread-1): CocoonComponentSelector setting
up with root element: programming-languages
DEBUG 750 [cocoon ] (Thread-1): ComponentFactory creating new
instance of
org.apache.cocoon.components.language.programming.java.JavaLanguage.
DEBUG 750 [cocoon ] (Thread-1): Looking up
org.apache.cocoon.components.classloader.ClassLoaderManager
DEBUG 750 [cocoon ] (Thread-1): Setting the parameters
DEBUG 750 [cocoon ] (Thread-1): Adding
org.apache.cocoon.components.language.programming.java.JavaLanguage for
java
DEBUG 765 [cocoon ] (Thread-1): The instance was not accessible,
creating it now.
DEBUG 765 [cocoon ] (Thread-1): ComponentFactory creating new
instance of
org.apache.cocoon.components.language.markup.sitemap.SitemapMarkupLanguage.
DEBUG 1718 [cocoon ] (Thread-1): Making URL from
jar:file:/D:/avue/lib/cocoon.jar!/org/apache/cocoon/components/language/markup/sitemap/java/sitemap.xsl
DEBUG 1718 [cocoon ] (Thread-1): Logicsheet
Used:jar:file:/D:/avue/lib/cocoon.jar!/org/apache/cocoon/components/language/markup/sitemap/java/sitemap.xsl
WARN 4109 [cocoon ] (Thread-1): Could not load class for program
'org\apache\cocoon\www\sitemap_xmap'
java.security.AccessControlException: access denied
(java.io.FilePermission
\D:\Programs\cocoon-1.8.2\samples\WEB-INF\_tmp_war\- read)
at
java.security.AccessControlContext.checkPermission(AccessControlContext.java:272)
at
java.security.AccessController.checkPermission(AccessController.java:399)
at
java.lang.SecurityManager.checkPermission(SecurityManager.java:545)
at java.net.URLClassLoader$5.run(URLClassLoader.java:463)
at java.security.AccessController.doPrivileged(Native Method)
at java.net.URLClassLoader.getPermissions(URLClassLoader.java:461)
at
java.security.SecureClassLoader.getProtectionDomain(SecureClassLoader.java:162)
at
java.security.SecureClassLoader.defineClass(SecureClassLoader.java:111)
at java.net.URLClassLoader.defineClass(URLClassLoader.java:248)
at java.net.URLClassLoader.access$100(URLClassLoader.java:56)
at java.net.URLClassLoader$1.run(URLClassLoader.java:195)
at java.security.AccessController.doPrivileged(Native Method)
at java.net.URLClassLoader.findClass(URLClassLoader.java:188)
at java.lang.ClassLoader.loadClass(ClassLoader.java:297)
at java.lang.ClassLoader.loadClass(ClassLoader.java:253)
at
org.apache.cocoon.components.classloader.ClassLoaderManagerImpl.loadClass(ClassLoaderManagerImpl.java:58)
at
org.apache.cocoon.components.language.programming.java.JavaLanguage.loadProgram(JavaLanguage.java:121)
at
org.apache.cocoon.components.language.programming.CompiledProgrammingLanguage.load(CompiledProgrammingLanguage.java:119)
at
org.apache.cocoon.components.language.generator.ProgramGeneratorImpl.generateResource(ProgramGeneratorImpl.java:245)
at
org.apache.cocoon.components.language.generator.ProgramGeneratorImpl.load(ProgramGeneratorImpl.java:163)
at org.apache.cocoon.sitemap.Handler.run(Handler.java:173)
at java.lang.Thread.run(Thread.java:484)
DEBUG 4109 [cocoon ] (Thread-1): Language Exception
org.apache.cocoon.components.language.LanguageException: Could not load
class for program 'org\apache\cocoon\www\sitemap_xmap' due to a
java.security.AccessControlException: access denied
(java.io.FilePermission
\D:\Programs\cocoon-1.8.2\samples\WEB-INF\_tmp_war\- read)
at
org.apache.cocoon.components.language.programming.java.JavaLanguage.loadProgram(JavaLanguage.java:124)
at
org.apache.cocoon.components.language.programming.CompiledProgrammingLanguage.load(CompiledProgrammingLanguage.java:119)
at
org.apache.cocoon.components.language.generator.ProgramGeneratorImpl.generateResource(ProgramGeneratorImpl.java:245)
at
org.apache.cocoon.components.language.generator.ProgramGeneratorImpl.load(ProgramGeneratorImpl.java:163)
at org.apache.cocoon.sitemap.Handler.run(Handler.java:173)
at java.lang.Thread.run(Thread.java:484)
DEBUG 4109 [cocoon ] (Thread-1): ComponentFactory decommissioning
instance of
org.apache.cocoon.components.language.markup.sitemap.SitemapMarkupLanguage.
DEBUG 4109 [cocoon ] (Thread-1): Can't load ServerPage
org.apache.avalon.ComponentManagerException: Could not add component for
class: org.apache.cocoon.www.sitemap_xmap
at
org.apache.cocoon.components.language.generator.GeneratorSelector.addGenerator(GeneratorSelector.java:61)
at
org.apache.cocoon.components.language.generator.GeneratorSelector.select(GeneratorSelector.java:50)
at
org.apache.cocoon.components.language.generator.ProgramGeneratorImpl.select(ProgramGeneratorImpl.java:263)
at
org.apache.cocoon.components.language.generator.ProgramGeneratorImpl.load(ProgramGeneratorImpl.java:172)
at org.apache.cocoon.sitemap.Handler.run(Handler.java:173)
at java.lang.Thread.run(Thread.java:484)
DEBUG 4109 [cocoon ] (Thread-1): ComponentFactory creating new
instance of
org.apache.cocoon.components.language.markup.sitemap.SitemapMarkupLanguage.
DEBUG 4359 [cocoon ] (Thread-1): Making URL from
jar:file:/D:/avue/lib/cocoon.jar!/org/apache/cocoon/components/language/markup/sitemap/java/sitemap.xsl
DEBUG 4359 [cocoon ] (Thread-1): Logicsheet
Used:jar:file:/D:/avue/lib/cocoon.jar!/org/apache/cocoon/components/language/markup/sitemap/java/sitemap.xsl
WARN 6109 [cocoon ] (Thread-1): Could not load class for program
'org\apache\cocoon\www\sitemap_xmap'
java.security.AccessControlException: access denied
(java.io.FilePermission
\D:\Programs\cocoon-1.8.2\samples\WEB-INF\_tmp_war\- read)
at
java.security.AccessControlContext.checkPermission(AccessControlContext.java:272)
at
java.security.AccessController.checkPermission(AccessController.java:399)
at
java.lang.SecurityManager.checkPermission(SecurityManager.java:545)
at java.net.URLClassLoader$5.run(URLClassLoader.java:463)
at java.security.AccessController.doPrivileged(Native Method)
at java.net.URLClassLoader.getPermissions(URLClassLoader.java:461)
at
java.security.SecureClassLoader.getProtectionDomain(SecureClassLoader.java:162)
at
java.security.SecureClassLoader.defineClass(SecureClassLoader.java:111)
at java.net.URLClassLoader.defineClass(URLClassLoader.java:248)
at java.net.URLClassLoader.access$100(URLClassLoader.java:56)
at java.net.URLClassLoader$1.run(URLClassLoader.java:195)
at java.security.AccessController.doPrivileged(Native Method)
at java.net.URLClassLoader.findClass(URLClassLoader.java:188)
at java.lang.ClassLoader.loadClass(ClassLoader.java:297)
at java.lang.ClassLoader.loadClass(ClassLoader.java:253)
at
org.apache.cocoon.components.classloader.ClassLoaderManagerImpl.loadClass(ClassLoaderManagerImpl.java:58)
at
org.apache.cocoon.components.language.programming.java.JavaLanguage.loadProgram(JavaLanguage.java:121)
at
org.apache.cocoon.components.language.programming.CompiledProgrammingLanguage.load(CompiledProgrammingLanguage.java:119)
at
org.apache.cocoon.components.language.generator.ProgramGeneratorImpl.generateResource(ProgramGeneratorImpl.java:245)
at
org.apache.cocoon.components.language.generator.ProgramGeneratorImpl.load(ProgramGeneratorImpl.java:210)
at org.apache.cocoon.sitemap.Handler.run(Handler.java:173)
at java.lang.Thread.run(Thread.java:484)
DEBUG 6109 [cocoon ] (Thread-1): Language Exception
org.apache.cocoon.components.language.LanguageException: Could not load
class for program 'org\apache\cocoon\www\sitemap_xmap' due to a
java.security.AccessControlException: access denied
(java.io.FilePermission
\D:\Programs\cocoon-1.8.2\samples\WEB-INF\_tmp_war\- read)
at
org.apache.cocoon.components.language.programming.java.JavaLanguage.loadProgram(JavaLanguage.java:124)
at
org.apache.cocoon.components.language.programming.CompiledProgrammingLanguage.load(CompiledProgrammingLanguage.java:119)
at
org.apache.cocoon.components.language.generator.ProgramGeneratorImpl.generateResource(ProgramGeneratorImpl.java:245)
at
org.apache.cocoon.components.language.generator.ProgramGeneratorImpl.load(ProgramGeneratorImpl.java:210)
at org.apache.cocoon.sitemap.Handler.run(Handler.java:173)
at java.lang.Thread.run(Thread.java:484)
DEBUG 6109 [cocoon ] (Thread-1): ComponentFactory decommissioning
instance of
org.apache.cocoon.components.language.markup.sitemap.SitemapMarkupLanguage.
ERROR 6109 [cocoon ] (Thread-1): Error compiling sitemap
org.apache.avalon.ComponentManagerException: Could not add component for
class: org.apache.cocoon.www.sitemap_xmap
at
org.apache.cocoon.components.language.generator.GeneratorSelector.addGenerator(GeneratorSelector.java:61)
at
org.apache.cocoon.components.language.generator.GeneratorSelector.select(GeneratorSelector.java:50)
at
org.apache.cocoon.components.language.generator.ProgramGeneratorImpl.select(ProgramGeneratorImpl.java:263)
at
org.apache.cocoon.components.language.generator.ProgramGeneratorImpl.load(ProgramGeneratorImpl.java:219)
at org.apache.cocoon.sitemap.Handler.run(Handler.java:173)
at java.lang.Thread.run(Thread.java:484)
DEBUG 6109 [cocoon ] (ExecuteThread-11): Changing Cocoon
context(sitemap.xmap) to prefix()
DEBUG 6109 [cocoon ] (ExecuteThread-11): from
context(file:/D:/Programs/cocoon-1.8.2/samples/) and prefix()
DEBUG 6109 [cocoon ] (ExecuteThread-11): at URI
DEBUG 6109 [cocoon ] (ExecuteThread-11): New context is
file:/D:/Programs/cocoon-1.8.2/samples/
ERROR 6140 [cocoon ] (ExecuteThread-11): Problem with servlet
org.apache.cocoon.ProcessingException: The sitemap handler's sitemap is
not available.
at org.apache.cocoon.sitemap.Manager.invoke(Manager.java:106)
at org.apache.cocoon.Cocoon.process(Cocoon.java:218)
at
org.apache.cocoon.servlet.CocoonServlet.service(CocoonServlet.java:417)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:853)
at
weblogic.servlet.internal.ServletStubImpl.invokeServlet(ServletStubImpl.java:123)
at
weblogic.servlet.internal.ServletContextImpl.invokeServlet(ServletContextImpl.java:761)
at
weblogic.servlet.internal.ServletContextImpl.invokeServlet(ServletContextImpl.java:708)
at
weblogic.servlet.internal.ServletContextManager.invokeServlet(ServletContextManager.java:252)
at
weblogic.socket.MuxableSocketHTTP.invokeServlet(MuxableSocketHTTP.java:346)
at
weblogic.socket.MuxableSocketHTTP.execute(MuxableSocketHTTP.java:246)
at weblogic.kernel.ExecuteThread.run(ExecuteThread.java:135)
INFO 6187 [cocoon ] (ExecuteThread-11): '' Processed by Apache
Cocoon 2.0a4 in 5.75 seconds.
================================================================
Regards,
Georgi

Hello folks,
System:
Cocoon: v2.0
JDK: Java(TM) 2 Runtime Environment, Standard Edition (build 1.3.0-C),
Java HotSpot(TM) Client VM (build 1.3.0-C, mixed mode)
OS: NT4 SP5
Servlet: v2.2
AppServer: Weblogic 5.1 SP6
Symptoms:
I've updated our application from Cocoon 1.7.4 to Cocoon2. After I
figured out what libraries I need on the Weblogic's classpath, I managed
to envoke the MyServlet (MyServlet extends CocoonServlet). The technique
I am using is the one I used with the Cocoon v1.7.4: extend Cocoon
servlet and wrap the HttpServletRequest in MyRequest to provide the XML
content. I changed the line <map:generators default="request"> in
sitemap.xmap to specify the location of the source. Configuration files
seem to be read correctly and the file
<myWebAppContext>/WEB-INF/_tmp_war/org/apache/cocoon/www/sitemap_xmap.java
is generated (but there is no class file generated)!
I looked at the cocoon.log file and looks like a class loader security
problem: the \WEB-INF\_tmp_war gets locked! Is there any workaround this
problem? Any help is much appreciated!
cocoon.log file generated:
DEBUG 62 [cocoon ] (ExecuteThread-11): Using configuration file:
/cocoon.xconf
INFO 62 [cocoon ] (ExecuteThread-11): Reloading from:
file:D:/Programs/cocoon-1.8.2/samples/cocoon.xconf
DEBUG 93 [cocoon ] (ExecuteThread-11): New Cocoon object.
DEBUG 93 [cocoon ] (ExecuteThread-11): Using parser:
org.apache.cocoon.components.parser.JaxpParser
DEBUG 109 [cocoon ] (ExecuteThread-11): Creating Repository with
this directory: D:\programs\cocoon-1.8.2\samples\WEB-INF\_tmp_war
DEBUG 109 [cocoon ] (ExecuteThread-11): Classpath =
D:\Programs\cocoon-1.8.2\samples\WEB-INF\classes;D:\Programs\cocoon-1.8.2\samples\WEB-INF\lib\javac.jar;D:\avue\lib\servlet.jar;D:\avue\lib\jaxp.jar;D:\avue\lib\xerces.jar;D:\avue\lib\xalan.jar;D:\avue\lib\cocoon.jar;D:\avue\lib\avalonapi.jar;D:\avue\lib\logkit.jar;D:\avue\lib\maybeupload.jar;D:\avue\lib\jakarta-regexp-1.2.jar;D:\avue\lib\jstyle.jar;D:\avue\lib\javac.jar;D:\weblogic\lib\weblogic510sp6boot.jar;D:\weblogic\classes\boot;
DEBUG 109 [cocoon ] (ExecuteThread-11): Work directory =
D:\Programs\cocoon-1.8.2\samples\WEB-INF\_tmp_war
DEBUG 125 [cocoon ] (Thread-0): ComponentFactory creating new
instance of org.apache.cocoon.components.parser.JaxpParser.
DEBUG 140 [cocoon ] (Thread-0): ComponentFactory creating new
instance of org.apache.cocoon.components.parser.JaxpParser.
DEBUG 140 [cocoon ] (Thread-0): ComponentFactory creating new
instance of org.apache.cocoon.components.parser.JaxpParser.
DEBUG 140 [cocoon ] (Thread-0): ComponentFactory creating new
instance of org.apache.cocoon.components.parser.JaxpParser.
DEBUG 390 [cocoon ] (ExecuteThread-11): Root configuration:
cocoon
DEBUG 390 [cocoon ] (ExecuteThread-11): Configuration version:
2.0
DEBUG 390 [cocoon ] (ExecuteThread-11): Setting up components...
DEBUG 406 [cocoon ] (ExecuteThread-11): Adding component
(org.apache.cocoon.components.parser.Parser =
org.apache.cocoon.components.parser.JaxpParser)
DEBUG 406 [cocoon ] (ExecuteThread-11): Adding component
(org.apache.cocoon.components.language.generator.ProgramGenerator =
org.apache.cocoon.components.language.generator.ProgramGeneratorImpl)
DEBUG 406 [cocoon ] (ExecuteThread-11): Adding component
(org.apache.cocoon.components.url.URLFactory =
org.apache.cocoon.components.url.URLFactoryImpl)
DEBUG 406 [cocoon ] (ExecuteThread-11): Adding component
(org.apache.cocoon.components.saxconnector.SAXConnector =
org.apache.cocoon.components.saxconnector.NullSAXConnector)
DEBUG 422 [cocoon ] (ExecuteThread-11): Adding component
(org.apache.avalon.util.datasource.DataSourceComponentSelector =
org.apache.cocoon.components.CocoonComponentSelector)
DEBUG 422 [cocoon ] (ExecuteThread-11): Adding component
(org.apache.avalon.util.pool.PoolController =
org.apache.cocoon.components.ComponentPoolController)
DEBUG 422 [cocoon ] (ExecuteThread-11): Adding component
(org.apache.cocoon.components.language.programming.ProgrammingLanguageSelector
= org.apache.cocoon.components.CocoonComponentSelector)
DEBUG 422 [cocoon ] (ExecuteThread-11): Adding component
(org.apache.cocoon.components.language.markup.MarkupLanguageSelector =
org.apache.cocoon.components.CocoonComponentSelector)
DEBUG 422 [cocoon ] (ExecuteThread-11): Adding component
(org.apache.cocoon.components.store.Store =
org.apache.cocoon.components.store.MemoryStore)
DEBUG 422 [cocoon ] (ExecuteThread-11): Adding component
(org.apache.cocoon.components.classloader.ClassLoaderManager =
org.apache.cocoon.components.classloader.ClassLoaderManagerImpl)
DEBUG 422 [cocoon ] (ExecuteThread-11): Setting up the sitemap.
DEBUG 422 [cocoon ] (ExecuteThread-11): Sitemap location =
sitemap.xmap
DEBUG 703 [cocoon ] (ExecuteThread-11): ComponentFactory creating
new instance of org.apache.cocoon.components.url.URLFactoryImpl.
DEBUG 703 [cocoon ] (ExecuteThread-11): Getting the URLFactories
DEBUG 703 [cocoon ] (ExecuteThread-11): for protocol:
resource org.apache.cocoon.components.url.ResourceURLFactory
DEBUG 718 [cocoon ] (ExecuteThread-11): for protocol: context
org.apache.cocoon.components.url.ContextURLFactory
DEBUG 718 [cocoon ] (ExecuteThread-11): Beginning sitemap
regeneration
DEBUG 718 [cocoon ] (ExecuteThread-11): Making URL from
file:/D:/Programs/cocoon-1.8.2/samples/sitemap.xmap
DEBUG 718 [cocoon ] (Thread-1): ComponentFactory creating new
instance of
org.apache.cocoon.components.language.generator.ProgramGeneratorImpl.
DEBUG 718 [cocoon ] (Thread-1): Could not find ComponentHandler,
attempting to create one for role:
org.apache.cocoon.components.language.generator.ServerPagesSelector
DEBUG 718 [cocoon ] (Thread-1): ComponentFactory creating new
instance of
org.apache.cocoon.components.language.generator.GeneratorSelector.
DEBUG 718 [cocoon ] (Thread-1): ComponentFactory creating new
instance of
org.apache.cocoon.components.classloader.ClassLoaderManagerImpl.
DEBUG 718 [cocoon ] (Thread-1): CocoonComponentSelector setting
up with root element:
DEBUG 718 [cocoon ] (Thread-1): ComponentFactory creating new
instance of org.apache.cocoon.components.CocoonComponentSelector.
DEBUG 718 [cocoon ] (Thread-1): CocoonComponentSelector setting
up with root element: markup-languages
DEBUG 734 [cocoon ] (Thread-1): Adding
org.apache.cocoon.components.language.markup.xsp.XSPMarkupLanguage for
xsp
DEBUG 734 [cocoon ] (Thread-1): Adding
org.apache.cocoon.components.language.markup.sitemap.SitemapMarkupLanguage
for sitemap
DEBUG 734 [cocoon ] (Thread-1): ComponentFactory creating new
instance of org.apache.cocoon.components.CocoonComponentSelector.
DEBUG 734 [cocoon ] (Thread-1): CocoonComponentSelector setting
up with root element: programming-languages
DEBUG 750 [cocoon ] (Thread-1): ComponentFactory creating new
instance of
org.apache.cocoon.components.language.programming.java.JavaLanguage.
DEBUG 750 [cocoon ] (Thread-1): Looking up
org.apache.cocoon.components.classloader.ClassLoaderManager
DEBUG 750 [cocoon ] (Thread-1): Setting the parameters
DEBUG 750 [cocoon ] (Thread-1): Adding
org.apache.cocoon.components.language.programming.java.JavaLanguage for
java
DEBUG 765 [cocoon ] (Thread-1): The instance was not accessible,
creating it now.
DEBUG 765 [cocoon ] (Thread-1): ComponentFactory creating new
instance of
org.apache.cocoon.components.language.markup.sitemap.SitemapMarkupLanguage.
DEBUG 1718 [cocoon ] (Thread-1): Making URL from
jar:file:/D:/avue/lib/cocoon.jar!/org/apache/cocoon/components/language/markup/sitemap/java/sitemap.xsl
DEBUG 1718 [cocoon ] (Thread-1): Logicsheet
Used:jar:file:/D:/avue/lib/cocoon.jar!/org/apache/cocoon/components/language/markup/sitemap/java/sitemap.xsl
WARN 4109 [cocoon ] (Thread-1): Could not load class for program
'org\apache\cocoon\www\sitemap_xmap'
java.security.AccessControlException: access denied
(java.io.FilePermission
\D:\Programs\cocoon-1.8.2\samples\WEB-INF\_tmp_war\- read)
at
java.security.AccessControlContext.checkPermission(AccessControlContext.java:272)
at
java.security.AccessController.checkPermission(AccessController.java:399)
at
java.lang.SecurityManager.checkPermission(SecurityManager.java:545)
at java.net.URLClassLoader$5.run(URLClassLoader.java:463)
at java.security.AccessController.doPrivileged(Native Method)
at java.net.URLClassLoader.getPermissions(URLClassLoader.java:461)
at
java.security.SecureClassLoader.getProtectionDomain(SecureClassLoader.java:162)
at
java.security.SecureClassLoader.defineClass(SecureClassLoader.java:111)
at java.net.URLClassLoader.defineClass(URLClassLoader.java:248)
at java.net.URLClassLoader.access$100(URLClassLoader.java:56)
at java.net.URLClassLoader$1.run(URLClassLoader.java:195)
at java.security.AccessController.doPrivileged(Native Method)
at java.net.URLClassLoader.findClass(URLClassLoader.java:188)
at java.lang.ClassLoader.loadClass(ClassLoader.java:297)
at java.lang.ClassLoader.loadClass(ClassLoader.java:253)
at
org.apache.cocoon.components.classloader.ClassLoaderManagerImpl.loadClass(ClassLoaderManagerImpl.java:58)
at
org.apache.cocoon.components.language.programming.java.JavaLanguage.loadProgram(JavaLanguage.java:121)
at
org.apache.cocoon.components.language.programming.CompiledProgrammingLanguage.load(CompiledProgrammingLanguage.java:119)
at
org.apache.cocoon.components.language.generator.ProgramGeneratorImpl.generateResource(ProgramGeneratorImpl.java:245)
at
org.apache.cocoon.components.language.generator.ProgramGeneratorImpl.load(ProgramGeneratorImpl.java:163)
at org.apache.cocoon.sitemap.Handler.run(Handler.java:173)
at java.lang.Thread.run(Thread.java:484)
DEBUG 4109 [cocoon ] (Thread-1): Language Exception
org.apache.cocoon.components.language.LanguageException: Could not load
class for program 'org\apache\cocoon\www\sitemap_xmap' due to a
java.security.AccessControlException: access denied
(java.io.FilePermission
\D:\Programs\cocoon-1.8.2\samples\WEB-INF\_tmp_war\- read)
at
org.apache.cocoon.components.language.programming.java.JavaLanguage.loadProgram(JavaLanguage.java:124)
at
org.apache.cocoon.components.language.programming.CompiledProgrammingLanguage.load(CompiledProgrammingLanguage.java:119)
at
org.apache.cocoon.components.language.generator.ProgramGeneratorImpl.generateResource(ProgramGeneratorImpl.java:245)
at
org.apache.cocoon.components.language.generator.ProgramGeneratorImpl.load(ProgramGeneratorImpl.java:163)
at org.apache.cocoon.sitemap.Handler.run(Handler.java:173)
at java.lang.Thread.run(Thread.java:484)
DEBUG 4109 [cocoon ] (Thread-1): ComponentFactory decommissioning
instance of
org.apache.cocoon.components.language.markup.sitemap.SitemapMarkupLanguage.
DEBUG 4109 [cocoon ] (Thread-1): Can't load ServerPage
org.apache.avalon.ComponentManagerException: Could not add component for
class: org.apache.cocoon.www.sitemap_xmap
at
org.apache.cocoon.components.language.generator.GeneratorSelector.addGenerator(GeneratorSelector.java:61)
at
org.apache.cocoon.components.language.generator.GeneratorSelector.select(GeneratorSelector.java:50)
at
org.apache.cocoon.components.language.generator.ProgramGeneratorImpl.select(ProgramGeneratorImpl.java:263)
at
org.apache.cocoon.components.language.generator.ProgramGeneratorImpl.load(ProgramGeneratorImpl.java:172)
at org.apache.cocoon.sitemap.Handler.run(Handler.java:173)
at java.lang.Thread.run(Thread.java:484)
DEBUG 4109 [cocoon ] (Thread-1): ComponentFactory creating new
instance of
org.apache.cocoon.components.language.markup.sitemap.SitemapMarkupLanguage.
DEBUG 4359 [cocoon ] (Thread-1): Making URL from
jar:file:/D:/avue/lib/cocoon.jar!/org/apache/cocoon/components/language/markup/sitemap/java/sitemap.xsl
DEBUG 4359 [cocoon ] (Thread-1): Logicsheet
Used:jar:file:/D:/avue/lib/cocoon.jar!/org/apache/cocoon/components/language/markup/sitemap/java/sitemap.xsl
WARN 6109 [cocoon ] (Thread-1): Could not load class for program
'org\apache\cocoon\www\sitemap_xmap'
java.security.AccessControlException: access denied
(java.io.FilePermission
\D:\Programs\cocoon-1.8.2\samples\WEB-INF\_tmp_war\- read)
at
java.security.AccessControlContext.checkPermission(AccessControlContext.java:272)
at
java.security.AccessController.checkPermission(AccessController.java:399)
at
java.lang.SecurityManager.checkPermission(SecurityManager.java:545)
at java.net.URLClassLoader$5.run(URLClassLoader.java:463)
at java.security.AccessController.doPrivileged(Native Method)
at java.net.URLClassLoader.getPermissions(URLClassLoader.java:461)
at
java.security.SecureClassLoader.getProtectionDomain(SecureClassLoader.java:162)
at
java.security.SecureClassLoader.defineClass(SecureClassLoader.java:111)
at java.net.URLClassLoader.defineClass(URLClassLoader.java:248)
at java.net.URLClassLoader.access$100(URLClassLoader.java:56)
at java.net.URLClassLoader$1.run(URLClassLoader.java:195)
at java.security.AccessController.doPrivileged(Native Method)
at java.net.URLClassLoader.findClass(URLClassLoader.java:188)
at java.lang.ClassLoader.loadClass(ClassLoader.java:297)
at java.lang.ClassLoader.loadClass(ClassLoader.java:253)
at
org.apache.cocoon.components.classloader.ClassLoaderManagerImpl.loadClass(ClassLoaderManagerImpl.java:58)
at
org.apache.cocoon.components.language.programming.java.JavaLanguage.loadProgram(JavaLanguage.java:121)
at
org.apache.cocoon.components.language.programming.CompiledProgrammingLanguage.load(CompiledProgrammingLanguage.java:119)
at
org.apache.cocoon.components.language.generator.ProgramGeneratorImpl.generateResource(ProgramGeneratorImpl.java:245)
at
org.apache.cocoon.components.language.generator.ProgramGeneratorImpl.load(ProgramGeneratorImpl.java:210)
at org.apache.cocoon.sitemap.Handler.run(Handler.java:173)
at java.lang.Thread.run(Thread.java:484)
DEBUG 6109 [cocoon ] (Thread-1): Language Exception
org.apache.cocoon.components.language.LanguageException: Could not load
class for program 'org\apache\cocoon\www\sitemap_xmap' due to a
java.security.AccessControlException: access denied
(java.io.FilePermission
\D:\Programs\cocoon-1.8.2\samples\WEB-INF\_tmp_war\- read)
at
org.apache.cocoon.components.language.programming.java.JavaLanguage.loadProgram(JavaLanguage.java:124)
at
org.apache.cocoon.components.language.programming.CompiledProgrammingLanguage.load(CompiledProgrammingLanguage.java:119)
at
org.apache.cocoon.components.language.generator.ProgramGeneratorImpl.generateResource(ProgramGeneratorImpl.java:245)
at
org.apache.cocoon.components.language.generator.ProgramGeneratorImpl.load(ProgramGeneratorImpl.java:210)
at org.apache.cocoon.sitemap.Handler.run(Handler.java:173)
at java.lang.Thread.run(Thread.java:484)
DEBUG 6109 [cocoon ] (Thread-1): ComponentFactory decommissioning
instance of
org.apache.cocoon.components.language.markup.sitemap.SitemapMarkupLanguage.
ERROR 6109 [cocoon ] (Thread-1): Error compiling sitemap
org.apache.avalon.ComponentManagerException: Could not add component for
class: org.apache.cocoon.www.sitemap_xmap
at
org.apache.cocoon.components.language.generator.GeneratorSelector.addGenerator(GeneratorSelector.java:61)
at
org.apache.cocoon.components.language.generator.GeneratorSelector.select(GeneratorSelector.java:50)
at
org.apache.cocoon.components.language.generator.ProgramGeneratorImpl.select(ProgramGeneratorImpl.java:263)
at
org.apache.cocoon.components.language.generator.ProgramGeneratorImpl.load(ProgramGeneratorImpl.java:219)
at org.apache.cocoon.sitemap.Handler.run(Handler.java:173)
at java.lang.Thread.run(Thread.java:484)
DEBUG 6109 [cocoon ] (ExecuteThread-11): Changing Cocoon
context(sitemap.xmap) to prefix()
DEBUG 6109 [cocoon ] (ExecuteThread-11): from
context(file:/D:/Programs/cocoon-1.8.2/samples/) and prefix()
DEBUG 6109 [cocoon ] (ExecuteThread-11): at URI
DEBUG 6109 [cocoon ] (ExecuteThread-11): New context is
file:/D:/Programs/cocoon-1.8.2/samples/
ERROR 6140 [cocoon ] (ExecuteThread-11): Problem with servlet
org.apache.cocoon.ProcessingException: The sitemap handler's sitemap is
not available.
at org.apache.cocoon.sitemap.Manager.invoke(Manager.java:106)
at org.apache.cocoon.Cocoon.process(Cocoon.java:218)
at
org.apache.cocoon.servlet.CocoonServlet.service(CocoonServlet.java:417)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:853)
at
weblogic.servlet.internal.ServletStubImpl.invokeServlet(ServletStubImpl.java:123)
at
weblogic.servlet.internal.ServletContextImpl.invokeServlet(ServletContextImpl.java:761)
at
weblogic.servlet.internal.ServletContextImpl.invokeServlet(ServletContextImpl.java:708)
at
weblogic.servlet.internal.ServletContextManager.invokeServlet(ServletContextManager.java:252)
at
weblogic.socket.MuxableSocketHTTP.invokeServlet(MuxableSocketHTTP.java:346)
at
weblogic.socket.MuxableSocketHTTP.execute(MuxableSocketHTTP.java:246)
at weblogic.kernel.ExecuteThread.run(ExecuteThread.java:135)
INFO 6187 [cocoon ] (ExecuteThread-11): '' Processed by Apache
Cocoon 2.0a4 in 5.75 seconds.
================================================================
Regards,
Georgi

SOAP Undeploy / Security-Problem?

Hi,
I know there is a security problem with Apache-Soap, since
everybody can list and undeploy services with the
RPCRouterServlet. Therefore I've dropped the RPCRouter out of my
Servlet-Engine and use the MessageRouter only.
How can I avoid this problem with Oracle-SOAP to prevent other
users to use the undeploy-function?
Thanks,
Alex

Soni,
Please try to configure all the steps given in this document:
http://sdn.sap.com/irj/scn/go/portal/prtroot/docs/library/uuid/d024ca8e-e76e-2910-c183-8ea4ba681c51
---Satish

Row level security problem.

Hy all, I'm new to Oracle and though i've google it a lot I didn't manage to find a solution to this problem:
I'm using sql developer and Oracle 10g.
I have this two tables :
CREATE TABLE HR_employees
(codHR NUMBER(3) CONSTRAINT pk_hr PRIMARY KEY,
coddep NUMBER(4) not null,
DB_user VARCHAR2(10),
and
CREATE TABLE Candid
(codcan NUMBER(2) CONSTRAINT PK_candidat PRIMARY KEY,
codHr NUMBER(3) NOT NULL,
CONSTRAINT FK_CODHR FOREIGN KEY (codHR) REFERENCES HR_employees (codHR) );
I tried to implement row level security on them by using two views:
CREATE OR REPLACE VIEW employees_v AS
SELECT * FROM hr_employees
WHERE DB_user = user
UNION
SELECT * FROM hr_employees
WHERE codhr=(SELECT codhr FROM hr_employees WHERE db_user=user );
AND coddep IN (4000,5000);
CREATE OR REPLACE VIEW candid_v AS
SELECT cand.*
FROM candid cand , hr_employees hr
WHERE cand.codhr= hr.codhr
AND hr.db_user=user
UNION
SELECT cand.* FROM candid cand, hr_employees hr
WHERE hr.coddep=(SELECT H.coddep FROM hr_employees H
WHERE H.db_user=user
AND H.coddep IN (4000,5000) );
What I want to do is to disconnect and connect with another user from SQL Developer and see different fields based on the user and the department, Sql developer doesn't seem to recognize the user connected to the database..everytime I receive a no row selected statement, only when I connect with SYS and put the actual username WHERE H.db_user='SYS' they seem to work. I have created the tables with SYS and granted Select on the views to the users, the users don't have privilegies on the actual tables.
Sorry for the bad english,it's a foreign language to me ,
I hope you can help me

Hi,
Damorgan is right: "Row level security has nothing to do with views" in the sense that the two are independent. You can have row-level security with or without views, and you can have views with or without row-level security. dbms_rls is a very useful and powerful way to implement row-level security, and you should check it out, but it's not necessarily the answer to all row-level security problems.
I'm not sure I understand your problem beyond the need to restrict user A's access to two tables.
If which rows user A is allowed to see depends on the results of queries from those same tables, including rows that user A is not allowed to see (that is, you need to do sub-queries with some other user's (let's call this user B's) privileges), then you can do those sub-queries in stored procedures.
Stored procuderes can run with the privileges of the procedure owner, regardless of who is calling them. Using a function called user_codhr owned by user B, you could define a view like this:
CREATE OR REPLACE VIEW employees_v AS
SELECT * FROM hr_employees
WHERE DB_user = user
OR    (   codhr = user_codhr
      AND coddep IN (4000,5000)
      );If the results of the function will be the same throughout the session, you can call it once, at the beginning of your session, and save the results in a SYS_CONTEXT varaible or a global temporary table.
If you need more help, post a more detailed example of the problem, such as "With this data in the table, B should see all rows but A should see only ...".

Tomcat security Problem?????

Similar Messages

Maybe you are looking for