geronimo-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Ralf Baumhof (JIRA)" <j...@apache.org>
Subject [jira] Commented: (GERONIMO-4981) Admin console abnormal when using java security policy
Date Tue, 02 Feb 2010 07:46:18 GMT

    [ https://issues.apache.org/jira/browse/GERONIMO-4981?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=12828515#action_12828515
] 

Ralf Baumhof commented on GERONIMO-4981:
----------------------------------------

On Windows and Ubuntu Linux we have got the same problem with geronimo 2.2. With jdk 1.5 update
20, no error is displayed in log or console. Using jdk 1.6 update 14 the following error msg
is displayed:

java.lang.SecurityException: Es wird versucht, ein Objekt hinzuzufügen, das keine Instanz
von java.security.Principal für eine Principal-Gruppe eines Betreffs ist.
	at javax.security.auth.Subject$SecureSet.add(Subject.java:1074)
	at java.util.Collections$SynchronizedCollection.add(Collections.java:1577)
	at org.apache.catalina.connector.Request.setUserPrincipal(Request.java:1757)
	at org.apache.geronimo.tomcat.security.SecurityValve.invoke(SecurityValve.java:77)
	at org.apache.geronimo.tomcat.security.jacc.JACCSecurityValve.invoke(JACCSecurityValve.java:54)
	at org.apache.geronimo.tomcat.GeronimoStandardContext$SystemMethodValve.invoke(GeronimoStandardContext.java:420)
	at org.apache.geronimo.tomcat.valve.GeronimoBeforeAfterValve.invoke(GeronimoBeforeAfterValve.java:47)
	at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:128)
	at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:102)
	at org.apache.catalina.valves.AccessLogValve.invoke(AccessLogValve.java:567)
	at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:109)
	at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:293)
	at org.apache.coyote.http11.Http11Processor.process(Http11Processor.java:849)
	at org.apache.coyote.http11.Http11Protocol$Http11ConnectionHandler.process(Http11Protocol.java:583)
	at org.apache.tomcat.util.net.JIoEndpoint$SocketProcessor.run(JIoEndpoint.java:361)
	at org.apache.geronimo.pool.ThreadPool$1.run(ThreadPool.java:214)
	at org.apache.geronimo.pool.ThreadPool$ContextClassLoaderRunnable.run(ThreadPool.java:344)
	at java.util.concurrent.ThreadPoolExecutor$Worker.runTask(ThreadPoolExecutor.java:886)
	at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:908)
	at java.lang.Thread.run(Thread.java:619)

The policy file's content is as mentioned:
grant {
  permission java.security.AllPermission;
};
and was created with the policy toolkit.

The startup statement which forces the error is:
set JAVA_OPTS=-Xms96m -Xmx256m -XX:MaxPermSize=128M -DGERONIMO_CONF=/d:/home/geronimo2.2/var/config
-Djava.security.manager="java.rmi.RMISecurityManager" -Djava.security.policy=/geronimo2.2/bin/java.policy



> Admin console abnormal when using java security policy
> ------------------------------------------------------
>
>                 Key: GERONIMO-4981
>                 URL: https://issues.apache.org/jira/browse/GERONIMO-4981
>             Project: Geronimo
>          Issue Type: Bug
>      Security Level: public(Regular issues) 
>          Components: security
>    Affects Versions: 2.2
>         Environment: OS: Linux x86
> Java: java version "1.6.0_10"
> Java(TM) SE Runtime Environment (build 1.6.0_10-b33)
> Java HotSpot(TM) Client VM (build 11.0-b15, mixed mode, sharing)
>            Reporter: Forrest Xia
>
> If you add a file ".java.policy" in your user.home with content as this:
> grant{
> 	permission java.security.AllPermission;
> };
> then start geronimo 2.2, you will find the admin console app is abnormal, there is no
need to login, and no navigation bar shows up.
> But geronimo 2.1.4 has no such problem.

-- 
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.


Mime
View raw message