geronimo-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "John Sisson (JIRA)" <...@geronimo.apache.org>
Subject [jira] Commented: (GERONIMO-586) Exceptions at startup if Geronimo started under security manager
Date Mon, 21 Feb 2005 02:30:49 GMT
     [ http://issues.apache.org/jira/browse/GERONIMO-586?page=comments#action_59479 ]
     
John Sisson commented on GERONIMO-586:
--------------------------------------

If I comment out the SecurityService gbean in the j2ee-server-plan.xml Geronimo will start
up without exceptions when a security manager (-Djava.security.manager) is used.  Not that
that helps much as commenting out the SecurityService causes "Invalid login" errors when using
the deploy tool.

I noticed that no AccessControlExceptions occur prior to the call to java.security.Policy.setPolicy(..)
by org.apache.geronimo.security.SecurityServiceImpl.

I have verified that my policy file containing AllPermission is being used by setting a breakpoint
on java.security.Permissions.add(Permission) and I saw it being called for the following protection
domains (during static initialisation in the Daemon):

file:/D:/geronimo/lib/mx4j-2.1.1.jar
file:/D:/geronimo/lib/geronimo-kernel-1.0-SNAPSHOT.jar
file:/D:/geronimo/lib/commons-logging-1.0.4.jar
file:/D:/geronimo/lib/log4j-1.2.8.jar


Then AllPermission was added for the following protection domains (not part of Daemon static
initialisation)

file:/D:/geronimo/lib/cglib-full-2.0.jar
file:/D:/geronimo/repository/geronimo/jars/geronimo-j2ee-1.0-SNAPSHOT.jar
file:/D:/geronimo/repository/openejb/jars/openejb-core-2.0-SNAPSHOT.jar
file:/D:/geronimo/repository/geronimo/jars/geronimo-security-1.0-SNAPSHOT.jar
file:/D:/geronimo/repository/geronimo-spec/jars/geronimo-spec-j2ee-1.4-rc3.jar
file:/D:/geronimo/repository/geronimo/jars/geronimo-security-1.0-SNAPSHOT.jar

At this point Policy.setPolicy(..) is called, which in turn as part of its initialisation
causes Permission.add(..) for AllPermission to be called  for the codebase file:/D:geronimo/repository/geronimo/jars/geronimo-security-1.0-SNAPSHOT.jar


Thread [main] (Suspended (breakpoint at line 116 in java.security.Permissions))
	java.security.Permissions.add(java.security.Permission) line: 116
	sun.security.provider.PolicyFile.addPermissions(java.security.Permissions, java.security.CodeSource,
java.security.Principal[], sun.security.provider.PolicyFile$PolicyEntry) line: 1409
	sun.security.provider.PolicyFile.getPermissions(java.security.Permissions, java.security.CodeSource,
java.security.Principal[]) line: 1238
	sun.security.provider.PolicyFile.getPermissions(java.security.Permissions, java.security.ProtectionDomain)
line: 1201
	sun.security.provider.PolicyFile.getPermissions(java.security.ProtectionDomain) line: 1144
	java.security.Policy.initPolicy(java.security.Policy) line: 270
	java.security.Policy.setPolicy(java.security.Policy) line: 216
	org.apache.geronimo.security.SecurityServiceImpl.<init>(java.lang.String) line: 65

Soon after the setPolicy(..) method completes, a timer thread falls over:

Thread [Thread-1] (Suspended (exception java.security.AccessControlException))
	java.security.AccessControlContext.checkPermission(java.security.Permission) line: 269
	java.security.AccessController.checkPermission(java.security.Permission) line: 401
	java.lang.SecurityManager.checkPermission(java.security.Permission) line: 524
	java.lang.SecurityManager.checkRead(java.lang.String) line: 863
	java.io.File.lastModified() line: 771
	org.apache.geronimo.system.logging.log4j.Log4jService$URLMonitorTask.run() line: 406
	java.util.TimerThread.mainLoop() line: 432
	java.util.TimerThread.run() line: 382

Could calling Policy.setPolicy(..) cause permissions that were set prior to setting the new
policy to be lost (e.g. java.security.AllPermission from my policy file specified when starting
the JVM)? Does anyone have some experience in this area?

Thanks, John

> Exceptions at startup if Geronimo started under security manager
> ----------------------------------------------------------------
>
>          Key: GERONIMO-586
>          URL: http://issues.apache.org/jira/browse/GERONIMO-586
>      Project: Apache Geronimo
>         Type: Bug
>  Environment: Windows XP
> java version "1.4.2_06"
> Java(TM) 2 Runtime Environment, Standard Edition (build 1.4.2_06-b03)
> Java HotSpot(TM) Client VM (build 1.4.2_06-b03, mixed mode)
>     Reporter: John Sisson

>
> If I start Geronimo under the Java Security Manager with everything enabled in the policy
file I get a number of exceptions when starting Geronimo.
> For example, the policy file I used contained:
> grant {
>   permission java.security.AllPermission;
> };
> I started it used the following JVM parameters:
> -Djava.security.manager  -Djava.security.policy==file:///D:/sample-java2.policy -Xdebug
 -Xnoagent -Djava.compiler=NONE -Xrunjdwp:transport=dt_socket,server=y,suspend=n,address=5005
-Xmx512m -XX:MaxPermSize=128m  -Djava.rmi.server.RMIClassLoaderSpi=org.apache.geronimo.system.rmi.RMIClassLoaderSpiImpl"

> I shouldn't be having problems starting it with AllPermission.
> Note that the java.security.debug property may assist with debugging:
> http://java.sun.com/j2se/1.4.2/docs/guide/plugin/developer_guide/debugger.html#jsdp
> John
> 17:07:21,842 ERROR [GBeanInstanceState] Error while starting; GBean is not in the FAILED
state: objectName="geronimo.server:J2EEAppl
> ication=null,J2EEModule=org/apache/geronimo/Server,J2EEServer=geronimo,j2eeType=JTAResource,name=HOWLTransactionLog"
> java.security.AccessControlException: access denied (java.lang.reflect.ReflectPermission
suppressAccessChecks)
>         at java.security.AccessControlContext.checkPermission(AccessControlContext.java:269)
>         at java.security.AccessController.checkPermission(AccessController.java:401)
>         at java.lang.SecurityManager.checkPermission(SecurityManager.java:524)
>         at java.lang.reflect.AccessibleObject.setAccessible(AccessibleObject.java:107)
>         at net.sf.cglib.core.ReflectUtils.newInstance(ReflectUtils.java:272)
>         at net.sf.cglib.core.ReflectUtils.newInstance(ReflectUtils.java:255)
>         at net.sf.cglib.core.ReflectUtils.newInstance(ReflectUtils.java:251)
>         at net.sf.cglib.proxy.Enhancer.createUsingReflection(Enhancer.java:388)
>         at net.sf.cglib.proxy.Enhancer.nextInstance(Enhancer.java:366)
>         at net.sf.cglib.core.AbstractClassGenerator.create(AbstractClassGenerator.java:200)
>         at net.sf.cglib.proxy.Enhancer.createHelper(Enhancer.java:330)
>         at net.sf.cglib.proxy.Enhancer.create(Enhancer.java:246)
>         at org.apache.geronimo.kernel.proxy.ProxyManager$ManagedProxyFactory.createProxy(ProxyManager.java:94)
>         at org.apache.geronimo.kernel.proxy.ProxyManager.createProxy(ProxyManager.java:49)
>         at org.apache.geronimo.gbean.runtime.GBeanSingleReference.start(GBeanSingleReference.java:79)
>         at org.apache.geronimo.gbean.runtime.GBeanInstance.createInstance(GBeanInstance.java:773)
>         at org.apache.geronimo.gbean.runtime.GBeanInstanceState.attemptFullStart(GBeanInstanceState.java:331)
>         at org.apache.geronimo.gbean.runtime.GBeanInstanceState.start(GBeanInstanceState.java:111)
>         at org.apache.geronimo.gbean.runtime.GBeanInstanceState.startRecursive(GBeanInstanceState.java:133)
>         at org.apache.geronimo.gbean.runtime.GBeanInstance.startRecursive(GBeanInstance.java:494)
>         at org.apache.geronimo.kernel.Kernel.startRecursiveGBean(Kernel.java:348)
>         at org.apache.geronimo.gbean.runtime.GBeanInstanceState.startRecursive(GBeanInstanceState.java:141)
>         at org.apache.geronimo.gbean.runtime.GBeanInstance.startRecursive(GBeanInstance.java:494)
>         at org.apache.geronimo.kernel.Kernel.startRecursiveGBean(Kernel.java:348)
>         at org.apache.geronimo.system.main.Daemon.main(Daemon.java:154)
> 17:07:21,935 INFO  [HttpServer] Statistics on = false for org.apache.geronimo.jetty.JettyServer@3c9314
> java.lang.ExceptionInInitializerError
>         at org.mortbay.http.HttpServer.doStart(HttpServer.java:671)
>         at org.mortbay.util.Container.start(Container.java:72)
>         at org.apache.geronimo.jetty.JettyContainerImpl.doStart(JettyContainerImpl.java:159)
>         at org.apache.geronimo.gbean.runtime.GBeanInstance.createInstance(GBeanInstance.java:841)
>         at org.apache.geronimo.gbean.runtime.GBeanInstanceState.attemptFullStart(GBeanInstanceState.java:331)
>         at org.apache.geronimo.gbean.runtime.GBeanInstanceState.start(GBeanInstanceState.java:111)
>         at org.apache.geronimo.gbean.runtime.GBeanInstanceState.startRecursive(GBeanInstanceState.java:133)
>         at org.apache.geronimo.gbean.runtime.GBeanInstance.startRecursive(GBeanInstance.java:494)
>         at org.apache.geronimo.kernel.Kernel.startRecursiveGBean(Kernel.java:348)
>         at org.apache.geronimo.gbean.runtime.GBeanInstanceState.startRecursive(GBeanInstanceState.java:141)
>         at org.apache.geronimo.gbean.runtime.GBeanInstance.startRecursive(GBeanInstance.java:494)
>         at org.apache.geronimo.kernel.Kernel.startRecursiveGBean(Kernel.java:348)
>         at org.apache.geronimo.system.main.Daemon.main(Daemon.java:154)
> Caused by: java.security.AccessControlException: access denied (java.util.PropertyPermission
org.mortbay.http.Version.paranoid read)
>         at java.security.AccessControlContext.checkPermission(AccessControlContext.java:269)
>         at java.security.AccessController.checkPermission(AccessController.java:401)
>         at java.lang.SecurityManager.checkPermission(SecurityManager.java:524)
>         at java.lang.SecurityManager.checkPropertyAccess(SecurityManager.java:1276)
>         at java.lang.System.getProperty(System.java:573)
>         at java.lang.Boolean.getBoolean(Boolean.java:205)
>         at org.mortbay.http.Version.<clinit>(Version.java:32)
>         ... 13 more
> 17:07:22,029 INFO  [Daemon] Server shutdown begun
> 17:07:22,029 INFO  [Kernel] Starting kernel shutdown
> 17:07:22,029 INFO  [PersistentConfigurationList] Configuration list was not saved.  Kernel
was never fully started.
> 17:07:22,029 ERROR [GBeanInstance] Problem in doStop of geronimo.boot:role=ConfigurationManager
> org.apache.geronimo.kernel.InternalKernelException: Error while applying pattern geronimo.config:*
>         at org.apache.geronimo.kernel.jmx.JMXGBeanRegistry.listGBeans(JMXGBeanRegistry.java:118)
>         at org.apache.geronimo.kernel.Kernel.listGBeans(Kernel.java:363)
>         at org.apache.geronimo.kernel.config.ConfigurationManagerImpl.doStop(ConfigurationManagerImpl.java:213)
>         at org.apache.geronimo.gbean.runtime.GBeanInstance.destroyInstance(GBeanInstance.java:976)
>         at org.apache.geronimo.gbean.runtime.GBeanInstanceState.attemptFullStop(GBeanInstanceState.java:402)
>         at org.apache.geronimo.gbean.runtime.GBeanInstanceState.stop(GBeanInstanceState.java:203)
>         at org.apache.geronimo.gbean.runtime.GBeanInstance.stop(GBeanInstance.java:502)
>         at org.apache.geronimo.kernel.Kernel.shutdownConfigManager(Kernel.java:535)
>         at org.apache.geronimo.kernel.Kernel.shutdown(Kernel.java:499)
>         at org.apache.geronimo.system.main.Daemon$1.run(Daemon.java:122)
> Caused by: java.security.AccessControlException: access denied (javax.management.MBeanPermission
-#-[-] queryNames)
> java.security.AccessControlException: access denied (javax.management.MBeanServerPermission
releaseMBeanServer)
>         at java.security.AccessControlContext.checkPermission(AccessControlContext.java:269)
>         at java.security.AccessController.checkPermission(AccessController.java:401)
>         at java.lang.SecurityManager.checkPermission(SecurityManager.java:524)
>         at javax.management.MBeanServerFactory.releaseMBeanServer(MBeanServerFactory.java:74)
>         at org.apache.geronimo.kernel.jmx.JMXGBeanRegistry.stop(JMXGBeanRegistry.java:53)
>         at org.apache.geronimo.kernel.Kernel.shutdown(Kernel.java:501)
>         at org.apache.geronimo.system.main.Daemon$1.run(Daemon.java:122)
>         at java.security.AccessControlContext.checkPermission(AccessControlContext.java:269)
>         at java.security.AccessController.checkPermission(AccessController.java:401)
>         at java.lang.SecurityManager.checkPermission(SecurityManager.java:524)
>         at mx4j.server.MX4JMBeanServer.queryNames(MX4JMBeanServer.java:1228)
>         at org.apache.geronimo.kernel.jmx.JMXGBeanRegistry.listGBeans(JMXGBeanRegistry.java:116)
>         ... 9 more

-- 
This message is automatically generated by JIRA.
-
If you think it was sent incorrectly contact one of the administrators:
   http://issues.apache.org/jira/secure/Administrators.jspa
-
If you want more information on JIRA, or have a bug to report see:
   http://www.atlassian.com/software/jira


Mime
View raw message