geronimo-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Ivan (JIRA)" <>
Subject [jira] Updated: (GERONIMO-4037) Geronimo 2.0.3 (and I guess at least 2.0.2) can't run with a security manager settled from the command line using
Date Thu, 05 Feb 2009 03:39:59 GMT


Ivan updated GERONIMO-4037:

    Attachment: Geronimo-4037.patch

As said by Kevan, it is caused by the classloading. IMO, it should not be a security issue.
In Geronimo, we would register our own Policy, PolicyConfigurationFactory objects to the security
system. I changed the intialization order of that two objects, so that default Policy object
is still in effect while the classloader loads the GeronimoPolicyConfigurationFactory. I maybe
a trick ^_^
With the patch applied, the server could be started successfully with the security turns on.
The patch is based on the 2.2 trunk base. Please help to reivew it, thanks !

> Geronimo 2.0.3 (and I guess at least 2.0.2) can't run  with a security manager settled
from the command line using
> ------------------------------------------------------------------------------------------------------------------------------------------
>                 Key: GERONIMO-4037
>                 URL:
>             Project: Geronimo
>          Issue Type: Bug
>      Security Level: public(Regular issues) 
>          Components: kernel, security
>    Affects Versions: 2.0.2
>         Environment: Windows Xp Sp2
>            Reporter: Jacques Le Roux
>            Priority: Blocker
>         Attachments: Geronimo-4037.patch
> I'm facing an issue on Windows XPsp2: I can't run WASCE with a security manager settled
from the command line using options.
I get the error below. Note that this is working properly under Linux (Ubuntu and Suze as
> C:\geronimo-tomcat6-jee5-2.0.3\bin>geronimo run
> Using GERONIMO_BASE:   C:\geronimo-tomcat6-jee5-2.0.3
> Using GERONIMO_HOME:   C:\geronimo-tomcat6-jee5-2.0.3
> Using GERONIMO_TMPDIR: var\temp
> Using JRE_HOME:        C:\Program Files\Java\jre1.5.0_11
> Listening for transport dt_socket at address: 5005
> Booting Geronimo Kernel (in Java 1.5.0_11)...
> Starting Geronimo Application Server v2.0.3-SNAPSHOT
> [***>                                  ] 11%  27s Starting org.apac...15:57:28,625
ERROR [GBeanInstanceState] Error while starting; GBean is now in the FAILED state: abstractName="org.apache.geronimo.configs/
> j2ee-security/2.0.3-SNAPSHOT/car?ServiceModule=org.apache.geronimo.configs/j2ee-security/2.0.3-SNAPSHOT/car,j2eeType=GBean,name=SecurityService"
> java.lang.LinkageError: org/apache/geronimo/security/jacc/GeronimoPolicyConfigurationFactory
>         at
>         at Source)
>         at Source)
>         at Source)
>         at java.lang.SecurityManager.checkPermission(Unknown Source)
>         at java.lang.Thread.setContextClassLoader(Unknown Source)
>         at org.apache.geronimo.gbean.runtime.GBeanInstance.createInstance(
>         at org.apache.geronimo.gbean.runtime.GBeanInstanceState.attemptFullStart(
>         at org.apache.geronimo.gbean.runtime.GBeanInstanceState.start(
>         at org.apache.geronimo.gbean.runtime.GBeanInstanceState.startRecursive(
>         at org.apache.geronimo.gbean.runtime.GBeanInstance.startRecursive(
>         at org.apache.geronimo.kernel.basic.BasicKernel.startRecursiveGBean(
>         at org.apache.geronimo.kernel.config.ConfigurationUtil.startConfigurationGBeans(
>         at org.apache.geronimo.kernel.config.KernelConfigurationManager.start(
>         at org.apache.geronimo.kernel.config.SimpleConfigurationManager.startConfiguration(
>         at org.apache.geronimo.kernel.config.SimpleConfigurationManager$$FastClassByCGLIB$$ce77a924.invoke(<generated>)
>         at net.sf.cglib.reflect.FastMethod.invoke(
>         at org.apache.geronimo.gbean.runtime.FastMethodInvoker.invoke(
>         at org.apache.geronimo.gbean.runtime.GBeanOperation.invoke(
>         at org.apache.geronimo.gbean.runtime.GBeanInstance.invoke(
>         at org.apache.geronimo.gbean.runtime.RawInvoker.invoke(
>         at org.apache.geronimo.kernel.basic.RawOperationInvoker.invoke(
>         at org.apache.geronimo.kernel.basic.ProxyMethodInterceptor.intercept(
>         at org.apache.geronimo.kernel.config.EditableConfigurationManager$$EnhancerByCGLIB$$7e14cd11.startConfiguration(<generated>)
>         at org.apache.geronimo.system.main.EmbeddedDaemon.doStartup(
>         at org.apache.geronimo.system.main.EmbeddedDaemon.execute(
>         at org.apache.geronimo.kernel.util.MainConfigurationBootstrapper.main(
>         at org.apache.geronimo.cli.AbstractCLI.executeMain(
>         at org.apache.geronimo.cli.daemon.DaemonCLI.main(
> 15:57:28,640 WARN  [BasicLifecycleMonitor] Exception occured while notifying listener
> [...]
> This is needed in order to launch the OFBiz RMIDispatcher (in other words to allow using
RMI inside Apache OFBiz). That's why I put this issue as a blocker.

This message is automatically generated by JIRA.
You can reply to this email to add a comment to the issue online.

View raw message