incubator-jspwiki-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Dave Wolf" <dave.w...@gmail.com>
Subject Re: JSPWiki seems to be accessing from /WEB-INF regardless of java.security.policy value
Date Wed, 21 Nov 2007 23:04:57 GMT
Yes, I did try the double equal. It resulted in "=C:/<path>/jspwiki.policy"
being reported by my JSP. From yours and Andrew's replies, it seems that the
real problem (beside the NPE) was that I was being spooked by the message in
the log of finding the local policy file along with the absence of any
message regarding finding the "global" policy file. Maybe logging indicating
the acquisition of the global policy file would help others from making the
same bad assumptions.

If I understand correctly now, I can put the out-of-the-box
jspwiki.policyfile back and all should be good with my current
installation.

While I've lurked on these lists for the past couple of years, I've been so
consumed at my last job which ended last Friday, that I've not been able to
give back. With my current position requiring far less travel, I will
becoming far more active. BTW, I think my current HUGE client is going to
switch from MediaWiki to JSPWiki.

Cheers,

Dave

On Nov 21, 2007 3:51 PM, Janne Jalkanen <Janne.Jalkanen@ecyrd.com> wrote:

>
> Hi!
>
> Did you try
>
> -Djava.security.policy==C:/path/jspwiki.policy?
>
> I.e. double = -marks?
>
> findConfigFile() really is meant to find only the local config file,
> so it's actually doing exactly what it should be doing.
>
> The new local policy in 2.5 works in the way that we first check the
> global policy, and if that does not give permission, we check the
> local policy.  So you can "override" permissions in a local policy.
> I put the quotation marks because the local policy cannot restrict
> over global policy - it can only give more permissions.
>
> The NPE is a bit odd though - it should survive a missing local
> policy.  This is clearly a bug (and should be filed...)
>
> /Janne
>
> On 22 Nov 2007, at 00:36, Dave Wolf wrote:
>
> > Hi,
> >
> > This has been making me crazy for over a week -- I have added -
> > Djava.security.policy=C:/<path>/jspwiki.policy to the Tomcat Java
> > Configuration. The path is being read as I added a JSP Page to
> > display the
> > value of java.security.policy. The correct value is returned. I'm
> > running
> > the latest cvs version (2.5.157) on WinXP and Tomcat 5.5.
> >
> > When I look at the jspwiki.log, I see the following (notice blue
> > highlighted
> > text):
> >  11-21@14:20:04 INFO com.ecyrd.jspwiki.WikiEngine  -
> > *******************************************
> >  11-21@14:20:04 INFO com.ecyrd.jspwiki.WikiEngine  - JSPWiki
> > 2.5.157-cvsstarting. Whee!
> >  11-21@14:20:04 INFO com.ecyrd.jspwiki.WikiEngine  - Servlet
> > container:
> > Apache Tomcat/5.5.25
> >  11-21@14:20:04 INFO com.ecyrd.jspwiki.WikiEngine   - JSPWiki working
> > directory is 'C:\WebContent\Wiki\tmp'
> >  11-21@14:20:04 INFO
> > com.ecyrd.jspwiki.providers.AbstractFileProvider  -
> > Wikipages are read from 'C:\WebContent\Wiki\Content'
> >  11-21@14:20:04 INFO com.ecyrd.jspwiki.plugin.PluginManager  -
> > Registering
> > plugins
> >  11-21@14:20:05 INFO com.ecyrd.jspwiki.diff.DifferenceManager   -
> > Using
> > difference provider: TraditionalDiffProvider
> >  11-21@14:20:05 INFO com.ecyrd.jspwiki.search.LuceneSearchProvider
> > - Lucene
> > enabled, cache will be in: C:\WebContent\Wiki\tmp\lucene
> >  11-21@14:20:05 INFO com.ecyrd.jspwiki.util.WikiBackgroundThread  -
> > Starting
> > up background thread: JSPWiki Lucene Indexer.
> >  11-21@14:20:05 INFO
> > com.ecyrd.jspwiki.search.LuceneSearchProvider   - Files
> > found in Lucene directory, not reindexing.
> >  11-21@14:20:05 INFO com.ecyrd.jspwiki.util.WikiBackgroundThread  -
> > Starting
> > up background thread: WatchDog for 'Wiki'.
> >  11-21@14:20:05 INFO com.ecyrd.jspwiki.ui.EditorManager   -
> > Registering
> > editor modules
> >  11-21@14:20:05 INFO com.ecyrd.jspwiki.auth.AuthenticationManager
> > - Checking
> > JAAS configuration...
> >  11-21@14:20:05 INFO com.ecyrd.jspwiki.auth.AuthenticationManager
> > - JAAS
> > already configured by some other application (leaving it alone...)
> >  11-21@14:20:05 INFO
> > com.ecyrd.jspwiki.auth.authorize.WebContainerAuthorizer
> > - Examining jndi:/localhost/Wiki/WEB-INF/web.xml
> >  11-21@14:20:05 INFO
> > com.ecyrd.jspwiki.auth.authorize.WebContainerAuthorizer
> > - JSPWiki is using custom authentication.
> >  11-21@14:20:05 INFO
> > com.ecyrd.jspwiki.auth.authorize.WebContainerAuthorizer
> > - Authorizer WebContainerAuthorizer initialized successfully.
> >  11-21@14:20:05 INFO com.ecyrd.jspwiki.auth.AuthorizationManager   -
> > Initialized local security policy: C:\servers\Apache\Tomcat
> > 5.5\webapps\Wiki\WEB-INF\jspwiki.policy
> >  11-21@14:20:05 INFO com.ecyrd.jspwiki.auth.authorize.GroupManager  -
> > Attempting to load group database class
> > com.ecyrd.jspwiki.auth.authorize.XMLGroupDatabase
> >  11-21@14:20:05 INFO
> > com.ecyrd.jspwiki.auth.authorize.XMLGroupDatabase  -
> > XML group database at C:\WebContent\Wiki\groupdatabase.xml
> >  11-21@14:20:05 INFO com.ecyrd.jspwiki.auth.authorize.GroupManager
> > - Group
> > database initialized.
> >  11-21@14:20:05 INFO com.ecyrd.jspwiki.auth.authorize.GroupManager  -
> > Authorizer GroupManager initialized successfully; loaded 1 group(s).
> >  11-21@14:20:05 INFO com.ecyrd.jspwiki.ui.admin.AdminBeanManager  -
> > Using
> > JDK 1.5 Platform MBeanServer
> >  11-21@14:20:05 INFO com.ecyrd.jspwiki.ui.admin.AdminBeanManager  -
> > com.sun.jmx.mbeanserver.JmxMBeanServer
> >   11-21@14:20:05 INFO com.ecyrd.jspwiki.ui.admin.AdminBeanManager  -
> > DefaultDomain
> >  11-21@14:20:05 INFO com.ecyrd.jspwiki.ui.admin.AdminBeanManager  -
> > Registered new admin bean Core bean
> >  11-21@14:20:05 INFO com.ecyrd.jspwiki.ui.admin.AdminBeanManager   -
> > Registered new admin bean User administration
> >  11-21@14:20:05 INFO com.ecyrd.jspwiki.ui.admin.AdminBeanManager  -
> > Registered new admin bean Search manager
> >  11-21@14:20:05 INFO com.ecyrd.jspwiki.ui.admin.AdminBeanManager   -
> > Registered new admin bean Plugins
> >  11-21@14:20:05 INFO com.ecyrd.jspwiki.ui.admin.AdminBeanManager  -
> > Registered new admin bean WikiWizard
> >  11-21@14:20:05 INFO com.ecyrd.jspwiki.ui.admin.AdminBeanManager  -
> > Registered new admin bean Plain editor
> >  11-21@14:20:05 INFO com.ecyrd.jspwiki.WikiEngine  - Cannot find
> > property
> > file for filters (this is okay, expected to find it as:
> > '/WEB-INF/filters.xml')
> >  11-21@14:20:05 INFO com.ecyrd.jspwiki.render.RenderingManager   -
> > Rendering
> > content with com.ecyrd.jspwiki.render.XHTMLRenderer.
> >  11-21@14:20:05 INFO com.ecyrd.jspwiki.ReferenceManager  - Starting
> > cross
> > reference scan of WikiPages
> >  11-21@14:20:05 INFO com.ecyrd.jspwiki.auth.UserManager   -
> > Attempting to
> > load user database class com.ecyrd.jspwiki.auth.user.XMLUserDatabase
> >  11-21@14:20:05 INFO
> > com.ecyrd.jspwiki.auth.user.AbstractUserDatabase  - XML
> > user database at C:\WebContent\Wiki\userdatabase.xml
> >  11-21@14:20:05 INFO com.ecyrd.jspwiki.auth.UserManager  -
> > UserDatabase
> > initialized.
> >  11-21@14:20:05 INFO com.ecyrd.jspwiki.ReferenceManager  - Cross
> > reference
> > scan done in 0:00: 00.203
> >  11-21@14:20:05 INFO com.ecyrd.jspwiki.WikiEngine  - WikiEngine
> > configured.
> >  11-21@14:20:05 INFO com.ecyrd.jspwiki.util.WikiBackgroundThread  -
> > Starting
> > up background thread: JSPWiki RSS Generator.
> >  11-21@14 :20:05 INFO com.ecyrd.jspwiki.WikiEngine  - Root path for
> > this
> > Wiki is: 'C:\servers\Apache\Tomcat 5.5\webapps\Wiki\'
> >  11-21@14:20:05 INFO com.ecyrd.jspwiki.WikiServlet  - WikiServlet
> > initialized.
> >
> > JSPWiki seems to be sourcing the jspwiki.policy from the
> > /webapps/Wiki/WEB-INF/jspwiki.policy file. If I remove the file,
> > then the
> > following appears in the log file:
> >
> >  11-21@14:52:38 INFO com.ecyrd.jspwiki.WikiEngine  - JSPWiki
> > 2.5.157-cvsstarting. Whee!
> >  11-21@14:52:38 INFO com.ecyrd.jspwiki.WikiEngine  - Servlet
> > container:
> > Apache Tomcat/5.5.25
> >  11-21@14:52:38 INFO com.ecyrd.jspwiki.WikiEngine  - JSPWiki working
> > directory is 'C:\WebContent\Wiki\tmp'
> >  11-21@14:52:38 INFO
> > com.ecyrd.jspwiki.providers.AbstractFileProvider  -
> > Wikipages are read from 'C:\WebContent\Wiki\Content'
> >  11-21@14:52:38 INFO com.ecyrd.jspwiki.plugin.PluginManager  -
> > Registering
> > plugins
> >  11-21@14:52:38 INFO com.ecyrd.jspwiki.diff.DifferenceManager  - Using
> > difference provider: TraditionalDiffProvider
> >  11-21@14:52:38 INFO com.ecyrd.jspwiki.search.LuceneSearchProvider
> > - Lucene
> > enabled, cache will be in: C:\WebContent\Wiki\tmp\lucene
> >  11-21@14:52:38 INFO com.ecyrd.jspwiki.util.WikiBackgroundThread  -
> > Starting
> > up background thread: JSPWiki Lucene Indexer.
> >  11-21@14:52:38 INFO com.ecyrd.jspwiki.search.LuceneSearchProvider
> > - Files
> > found in Lucene directory, not reindexing.
> >  11-21@14:52:38 INFO com.ecyrd.jspwiki.util.WikiBackgroundThread  -
> > Starting
> > up background thread: WatchDog for 'Wiki'.
> >  11-21@14:52:38 INFO com.ecyrd.jspwiki.ui.EditorManager  - Registering
> > editor modules
> >  11-21@14:52:38 INFO com.ecyrd.jspwiki.auth.AuthenticationManager  -
> > Checking JAAS configuration...
> >  11-21@14:52:38 INFO com.ecyrd.jspwiki.auth.AuthenticationManager
> > - JAAS
> > already configured by some other application (leaving it alone...)
> >  11-21@14:52:38 INFO
> > com.ecyrd.jspwiki.auth.authorize.WebContainerAuthorizer
> > - Examining jndi:/localhost/Wiki/WEB-INF/web.xml
> >  11-21@14:52:38 INFO
> > com.ecyrd.jspwiki.auth.authorize.WebContainerAuthorizer
> > - JSPWiki is using custom authentication.
> >  11-21@14:52:38 INFO
> > com.ecyrd.jspwiki.auth.authorize.WebContainerAuthorizer
> > - Authorizer WebContainerAuthorizer initialized successfully.
> >  11-21@14:52:38 FATAL com.ecyrd.jspwiki.WikiEngine  - Failed to start
> > managers.
> >  java.lang.NullPointerException
> >     at com.ecyrd.jspwiki.auth.AuthorizationManager.initialize(
> > AuthorizationManager.java:408)
> >     at com.ecyrd.jspwiki.WikiEngine.initialize(WikiEngine.java:532)
> >     at com.ecyrd.jspwiki.WikiEngine.<init>(WikiEngine.java:386)
> >     at com.ecyrd.jspwiki.WikiEngine.getInstance(WikiEngine.java:334)
> >     at com.ecyrd.jspwiki.ui.WikiServletFilter.init
> > (WikiServletFilter.java
> > :55)
> >     at org.apache.catalina.core.ApplicationFilterConfig.getFilter(
> > ApplicationFilterConfig.java:221)
> >     at org.apache.catalina.core.ApplicationFilterConfig.setFilterDef(
> > ApplicationFilterConfig.java:302)
> >     at org.apache.catalina.core.ApplicationFilterConfig.<init>(
> > ApplicationFilterConfig.java:78)
> >     at org.apache.catalina.core.StandardContext.filterStart(
> > StandardContext.java:3635)
> >     at org.apache.catalina.core.StandardContext.start
> > (StandardContext.java
> > :4222)
> >     at org.apache.catalina.core.ContainerBase.addChildInternal(
> > ContainerBase.java:760)
> >     at org.apache.catalina.core.ContainerBase.addChild
> > (ContainerBase.java
> > :740)
> >     at org.apache.catalina.core.StandardHost.addChild
> > (StandardHost.java:544)
> >     at org.apache.catalina.startup.HostConfig.deployDescriptor(
> > HostConfig.java:626)
> >     at org.apache.catalina.startup.HostConfig.deployDescriptors(
> > HostConfig.java:553)
> >     at org.apache.catalina.startup.HostConfig.deployApps
> > (HostConfig.java
> > :488)
> >     at org.apache.catalina.startup.HostConfig.start(HostConfig.java:
> > 1138)
> >     at org.apache.catalina.startup.HostConfig.lifecycleEvent
> > (HostConfig.java
> > :311)
> >     at org.apache.catalina.util.LifecycleSupport.fireLifecycleEvent(
> > LifecycleSupport.java:120)
> >     at org.apache.catalina.core.ContainerBase.start
> > (ContainerBase.java:1022)
> >     at org.apache.catalina.core.StandardHost.start
> > (StandardHost.java:736)
> >     at org.apache.catalina.core.ContainerBase.start
> > (ContainerBase.java:1014)
> >     at org.apache.catalina.core.StandardEngine.start
> > (StandardEngine.java
> > :443)
> >     at org.apache.catalina.core.StandardService.start
> > (StandardService.java
> > :448)
> >     at org.apache.catalina.core.StandardServer.start
> > (StandardServer.java
> > :700)
> >     at org.apache.catalina.startup.Catalina.start(Catalina.java:552)
> >     at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
> >     at sun.reflect.NativeMethodAccessorImpl.invoke(Unknown Source)
> >     at sun.reflect.DelegatingMethodAccessorImpl.invoke(Unknown Source)
> >     at java.lang.reflect.Method.invoke(Unknown Source)
> >     at org.apache.catalina.startup.Bootstrap.start(Bootstrap.java:295)
> >     at org.apache.catalina.startup.Bootstrap.main(Bootstrap.java:433)
> > 11-21@14:52:39 INFO com.ecyrd.jspwiki.WikiEngine  -
> > *******************************************
> >  11-21@14:52:39 INFO com.ecyrd.jspwiki.WikiEngine  - JSPWiki
> > 2.5.157-cvsstarting. Whee!
> >  11-21@14:52:39 INFO com.ecyrd.jspwiki.WikiEngine  - Servlet
> > container:
> > Apache Tomcat/5.5.25
> >  11-21@14:52:39 INFO com.ecyrd.jspwiki.WikiEngine  - JSPWiki working
> > directory is 'C:\WebContent\Wiki\tmp'
> >  11-21@14:52:39 INFO
> > com.ecyrd.jspwiki.providers.AbstractFileProvider  -
> > Wikipages are read from 'C:\WebContent\Wiki\Content'
> >  11-21@14:52:39 INFO com.ecyrd.jspwiki.plugin.PluginManager  -
> > Registering
> > plugins
> >  11-21@14:52:39 INFO com.ecyrd.jspwiki.diff.DifferenceManager  - Using
> > difference provider: TraditionalDiffProvider
> >  11-21@14:52:39 INFO com.ecyrd.jspwiki.search.LuceneSearchProvider
> > - Lucene
> > enabled, cache will be in: C:\WebContent\Wiki\tmp\lucene
> >  11-21@14:52:39 INFO com.ecyrd.jspwiki.ui.EditorManager  - Registering
> > editor modules
> >  11-21@14:52:39 INFO com.ecyrd.jspwiki.util.WikiBackgroundThread  -
> > Starting
> > up background thread: JSPWiki Lucene Indexer.
> >  11-21@14:52:39 INFO com.ecyrd.jspwiki.search.LuceneSearchProvider
> > - Files
> > found in Lucene directory, not reindexing.
> >  11-21@14:52:39 INFO com.ecyrd.jspwiki.auth.AuthenticationManager  -
> > Checking JAAS configuration...
> >  11-21@14:52:39 INFO com.ecyrd.jspwiki.auth.AuthenticationManager
> > - JAAS
> > already configured by some other application (leaving it alone...)
> >  11-21@14:52:39 INFO
> > com.ecyrd.jspwiki.auth.authorize.WebContainerAuthorizer
> > - Examining jndi:/localhost/Wiki/WEB-INF/web.xml
> >  11-21@14:52:39 INFO
> > com.ecyrd.jspwiki.auth.authorize.WebContainerAuthorizer
> > - JSPWiki is using custom authentication.
> >  11-21@14:52:39 INFO
> > com.ecyrd.jspwiki.auth.authorize.WebContainerAuthorizer
> > - Authorizer WebContainerAuthorizer initialized successfully.
> >  11-21@14:52:39 FATAL com.ecyrd.jspwiki.WikiEngine  - Failed to start
> > managers.
> >  java.lang.NullPointerException
> >     at com.ecyrd.jspwiki.auth.AuthorizationManager.initialize(
> > AuthorizationManager.java:408)
> >     at com.ecyrd.jspwiki.WikiEngine.initialize(WikiEngine.java:532)
> >     at com.ecyrd.jspwiki.WikiEngine.<init>(WikiEngine.java:386)
> >     at com.ecyrd.jspwiki.WikiEngine.getInstance(WikiEngine.java:334)
> >     at com.ecyrd.jspwiki.ui.WikiServletFilter.init
> > (WikiServletFilter.java
> > :55)
> >     at org.apache.catalina.core.ApplicationFilterConfig.getFilter(
> > ApplicationFilterConfig.java:221)
> >     at org.apache.catalina.core.ApplicationFilterConfig.setFilterDef(
> > ApplicationFilterConfig.java:302)
> >     at org.apache.catalina.core.ApplicationFilterConfig.<init>(
> > ApplicationFilterConfig.java:78)
> >     at org.apache.catalina.core.StandardContext.filterStart(
> > StandardContext.java:3635)
> >     at org.apache.catalina.core.StandardContext.start
> > (StandardContext.java
> > :4222)
> >     at org.apache.catalina.core.ContainerBase.addChildInternal(
> > ContainerBase.java:760)
> >     at org.apache.catalina.core.ContainerBase.addChild
> > (ContainerBase.java
> > :740)
> >     at org.apache.catalina.core.StandardHost.addChild
> > (StandardHost.java:544)
> >     at org.apache.catalina.startup.HostConfig.deployDescriptor(
> > HostConfig.java:626)
> >     at org.apache.catalina.startup.HostConfig.deployDescriptors(
> > HostConfig.java:553)
> >     at org.apache.catalina.startup.HostConfig.deployApps
> > (HostConfig.java
> > :488)
> >     at org.apache.catalina.startup.HostConfig.start(HostConfig.java:
> > 1138)
> >     at org.apache.catalina.startup.HostConfig.lifecycleEvent
> > (HostConfig.java
> > :311)
> >     at org.apache.catalina.util.LifecycleSupport.fireLifecycleEvent(
> > LifecycleSupport.java:120)
> >     at org.apache.catalina.core.ContainerBase.start
> > (ContainerBase.java:1022)
> >     at org.apache.catalina.core.StandardHost.start
> > (StandardHost.java:736)
> >     at org.apache.catalina.core.ContainerBase.start
> > (ContainerBase.java:1014)
> >     at org.apache.catalina.core.StandardEngine.start
> > (StandardEngine.java
> > :443)
> >     at org.apache.catalina.core.StandardService.start
> > (StandardService.java
> > :448)
> >     at org.apache.catalina.core.StandardServer.start
> > (StandardServer.java
> > :700)
> >     at org.apache.catalina.startup.Catalina.start(Catalina.java:552)
> >     at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
> >     at sun.reflect.NativeMethodAccessorImpl.invoke(Unknown Source)
> >     at sun.reflect.DelegatingMethodAccessorImpl.invoke(Unknown Source)
> >     at java.lang.reflect.Method.invoke(Unknown Source)
> >     at org.apache.catalina.startup.Bootstrap.start(Bootstrap.java:295)
> >     at org.apache.catalina.startup.Bootstrap.main(Bootstrap.java:433)
> > 11-21@14:52:40 ERROR com.ecyrd.jspwiki.util.WikiBackgroundThread  -
> > Background thread error
> >  java.lang.NullPointerException
> >     at com.ecyrd.jspwiki.util.WatchDog.enterState(WatchDog.java:231)
> >     at
> > com.ecyrd.jspwiki.search.LuceneSearchProvider
> > $LuceneUpdater.backgroundTask(
> > LuceneSearchProvider.java:712)
> >     at com.ecyrd.jspwiki.util.WikiBackgroundThread.run(
> > WikiBackgroundThread.java:139)
> > 11-21@14:52:40 ERROR com.ecyrd.jspwiki.util.WikiBackgroundThread  -
> > Background thread error
> >  java.lang.NullPointerException
> >     at com.ecyrd.jspwiki.util.WatchDog.enterState(WatchDog.java:231)
> >     at
> > com.ecyrd.jspwiki.search.LuceneSearchProvider
> > $LuceneUpdater.backgroundTask(
> > LuceneSearchProvider.java:712)
> >     at com.ecyrd.jspwiki.util.WikiBackgroundThread.run(
> > WikiBackgroundThread.java:139
> >
> > It looks like AuthenticationManager.findConfigFile is only going to
> > find the
> > default policy file when it is available (which would seem to be
> > incorrect).
> > There seems to be no provision for getting the file from the
> > java.security.policy variable.
> >
> > I'd be happy to attempt to create a patch, if its deemed that I'm
> > on the
> > right track.
> >
> > Regards,
> >
> > --
> > Dave Wolf
>
>


-- 
Dave Wolf
H: 303-377-9537
M: 303-956-9106

"Our lives begin to end the day we become silent about things that matter."
--Dr. Martin Luther King Jr.

Mime
  • Unnamed multipart/alternative (inline, None, 0 bytes)
View raw message