tomee-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Magesh (JIRA)" <j...@apache.org>
Subject [jira] [Commented] (TOMEE-1954) Tomee 7.0.0-M1 drop in war not getting deployed in Security mode in Tomcat
Date Fri, 07 Oct 2016 12:22:20 GMT

    [ https://issues.apache.org/jira/browse/TOMEE-1954?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=15554952#comment-15554952
] 

Magesh commented on TOMEE-1954:
-------------------------------

Are you saying that the below permissions are needed for tomee plugin deployment?

grant codeBase "file:${catalina.base}/webapps/tomee/-" {
permission java.security.AllPermission;
};

permission java.security.SecurityPermission "setPolicy";

permission javax.security.auth.AuthPermission "doAsPrivileged";


> Tomee 7.0.0-M1 drop in war not getting deployed in Security mode in Tomcat
> --------------------------------------------------------------------------
>
>                 Key: TOMEE-1954
>                 URL: https://issues.apache.org/jira/browse/TOMEE-1954
>             Project: TomEE
>          Issue Type: Bug
>    Affects Versions: 7.0.0-M1
>         Environment: Tomcat 8.0.36
>            Reporter: Magesh
>              Labels: security
>   Original Estimate: 24h
>  Remaining Estimate: 24h
>
> Hi,
>  We are using tomee 7.0.0-M1 plugin war in our Tomcat 8 server for EJB application deployment.
> We are not facing any issue if we start the tomcat server normally and all our EJB applications
are getting deployed properly.
> If we start the tomcat server with security mode enabled -security, tomee is getting
deployed only if we provide all permissions in catalina.policy file to tomee application.
> grant codeBase "file:$
> {catalina.base} 
> /webapps/tomee/-" 
> { permission java.security.AllPermission; } 
> ;
> Log:
>  07-Oct-2016 13:08:01.658 INFO [localhost-startStop-1] org.apache.openejb.util.OptionsLog.info
Using 'openejb.jdbc.datasource-creator=org.apache.tomee.jdbc.TomEEDataSourceCreator'
>  07-Oct-2016 13:08:01.815 INFO [localhost-startStop-1] org.apache.openejb.OpenEJB$Instance.<init>
********************************************************************************
>  07-Oct-2016 13:08:01.815 INFO [localhost-startStop-1] org.apache.openejb.OpenEJB$Instance.<init>
OpenEJB http://tomee.apache.org/
>  07-Oct-2016 13:08:01.815 INFO [localhost-startStop-1] org.apache.openejb.OpenEJB$Instance.<init>
Startup: Fri Oct 07 13:08:01 IST 2016
>  07-Oct-2016 13:08:01.815 INFO [localhost-startStop-1] org.apache.openejb.OpenEJB$Instance.<init>
Copyright 1999-2015 (C) Apache OpenEJB Project, All Rights Reserved.
>  07-Oct-2016 13:08:01.815 INFO [localhost-startStop-1] org.apache.openejb.OpenEJB$Instance.<init>
Version: 7.0.0-M1
>  07-Oct-2016 13:08:01.815 INFO [localhost-startStop-1] org.apache.openejb.OpenEJB$Instance.<init>
Build date: 20151205
>  07-Oct-2016 13:08:01.815 INFO [localhost-startStop-1] org.apache.openejb.OpenEJB$Instance.<init>
Build time: 09:53
>  07-Oct-2016 13:08:01.815 INFO [localhost-startStop-1] org.apache.openejb.OpenEJB$Instance.<init>
********************************************************************************
>  07-Oct-2016 13:08:01.815 INFO [localhost-startStop-1] org.apache.openejb.OpenEJB$Instance.<init>
openejb.home = C:\Tomcat8.0.36
>  07-Oct-2016 13:08:01.815 INFO [localhost-startStop-1] org.apache.openejb.OpenEJB$Instance.<init>
openejb.base = C:\Tomcat8.0.36
>  07-Oct-2016 13:08:01.830 INFO [localhost-startStop-1] org.apache.openejb.cdi.CdiBuilder.initializeOWB
Created new singletonService org.apache.openejb.cdi.ThreadSingletonServiceImpl@2486d2b7
>  07-Oct-2016 13:08:01.830 INFO [localhost-startStop-1] org.apache.openejb.cdi.CdiBuilder.initializeOWB
Succeeded in installing singleton service
>  07-Oct-2016 13:08:01.862 INFO [localhost-startStop-1] org.apache.openejb.config.ConfigUtils.searchForConfiguration
Cannot find the configuration file [conf/openejb.xml]. Creating one at C:\Tomcat8.0.36\conf\openejb.xml
>  07-Oct-2016 13:08:01.877 INFO [localhost-startStop-1] org.apache.openejb.config.ConfigurationFactory.init
openejb configuration file is 'C:\Tomcat8.0.36\conf\openejb.xml'
>  07-Oct-2016 13:08:01.924 INFO [localhost-startStop-1] org.apache.openejb.config.ConfigurationFactory.configureService
Configuring Service(id=Tomcat Security Service, type=SecurityService, provider-id=Tomcat Security
Service)
>  07-Oct-2016 13:08:01.940 INFO [localhost-startStop-1] org.apache.openejb.config.ConfigurationFactory.configureService
Configuring Service(id=Default Transaction Manager, type=TransactionManager, provider-id=Default
Transaction Manager)
>  07-Oct-2016 13:08:01.940 INFO [localhost-startStop-1] org.apache.openejb.config.ConfigurationFactory.configureService
Configuring Service(id=My DataSource, type=Resource, provider-id=Default JDBC Database)
>  07-Oct-2016 13:08:01.940 INFO [localhost-startStop-1] org.apache.openejb.config.ConfigurationFactory.configureService
Configuring Service(id=My Unmanaged DataSource, type=Resource, provider-id=Default JDBC Database)
>  07-Oct-2016 13:08:01.940 INFO [localhost-startStop-1] org.apache.openejb.config.ConfigurationFactory.configureService
Configuring Service(id=My Singleton Container, type=Container, provider-id=Default Singleton
Container)
>  07-Oct-2016 13:08:01.940 INFO [localhost-startStop-1] org.apache.openejb.config.ConfigurationFactory.configureService
Configuring Service(id=My Stateful Container, type=Container, provider-id=Default Stateful
Container)
>  07-Oct-2016 13:08:01.940 INFO [localhost-startStop-1] org.apache.openejb.config.ConfigurationFactory.configureService
Configuring Service(id=My Stateless Container, type=Container, provider-id=Default Stateless
Container)
>  07-Oct-2016 13:08:01.955 WARNING [localhost-startStop-1] org.apache.openejb.config.DeploymentsResolver.loadFrom
File error: <Deployments dir="apps/"> - Does not exist: C:\Tomcat8.0.36\apps
>  07-Oct-2016 13:08:01.955 INFO [localhost-startStop-1] org.apache.openejb.util.OptionsLog.info
Using 'openejb.deployments.classpath=false'
>  07-Oct-2016 13:08:01.955 INFO [localhost-startStop-1] org.apache.openejb.assembler.classic.Assembler.createRecipe
Creating TransactionManager(id=Default Transaction Manager)
>  07-Oct-2016 13:08:02.033 INFO [localhost-startStop-1] org.apache.openejb.assembler.classic.Assembler.createRecipe
Creating SecurityService(id=Tomcat Security Service)
>  07-Oct-2016 13:08:02.049 INFO [localhost-startStop-1] org.apache.openejb.util.OptionsLog.info
Using 'javax.security.jacc.policy.provider=sun.security.provider.PolicyFile'
>  07-Oct-2016 13:08:02.096 INFO [localhost-startStop-1] org.apache.openejb.assembler.classic.Assembler.createRecipe
Creating Resource(id=My DataSource)
>  07-Oct-2016 13:08:02.658 INFO [localhost-startStop-1] org.apache.openejb.assembler.classic.Assembler.createRecipe
Creating Resource(id=My Unmanaged DataSource)
>  07-Oct-2016 13:08:02.705 INFO [localhost-startStop-1] org.apache.openejb.assembler.classic.Assembler.createRecipe
Creating Container(id=My Singleton Container)
>  07-Oct-2016 13:08:02.736 INFO [localhost-startStop-1] org.apache.openejb.assembler.classic.Assembler.createRecipe
Creating Container(id=My Stateful Container)
>  07-Oct-2016 13:08:02.783 INFO [localhost-startStop-1] org.apache.openejb.core.stateful.SimplePassivater.init
Using directory C:\Tomcat8.0.36\temp for stateful session passivation
>  07-Oct-2016 13:08:02.846 INFO [localhost-startStop-1] org.apache.openejb.assembler.classic.Assembler.createRecipe
Creating Container(id=My Stateless Container)
>  07-Oct-2016 13:08:02.908 INFO [localhost-startStop-1] org.apache.tomee.catalina.OpenEJBNamingContextListener.bindResource
Importing a Tomcat Resource with id 'UserDatabase' of type 'org.apache.catalina.UserDatabase'.
>  07-Oct-2016 13:08:02.908 INFO [localhost-startStop-1] org.apache.openejb.assembler.classic.Assembler.createRecipe
Creating Resource(id=UserDatabase)
>  07-Oct-2016 13:08:02.955 INFO [localhost-startStop-1] org.apache.openejb.server.ServiceManager.initServer
Creating ServerService(id=cxf-rs)
>  07-Oct-2016 13:08:03.236 INFO [localhost-startStop-1] org.apache.openejb.server.SimpleServiceManager.start
** Bound Services **
>  07-Oct-2016 13:08:03.236 INFO [localhost-startStop-1] org.apache.openejb.server.SimpleServiceManager.printRow
NAME IP PORT 
>  07-Oct-2016 13:08:03.236 INFO [localhost-startStop-1] org.apache.openejb.server.SimpleServiceManager.start
-------
>  07-Oct-2016 13:08:03.236 INFO [localhost-startStop-1] org.apache.openejb.server.SimpleServiceManager.start
Ready!
>  07-Oct-2016 13:08:03.268 INFO [localhost-startStop-1] org.apache.catalina.startup.HostConfig.deployWAR
Deployment of web application archive C:\Tomcat8.0.36\webapps\tomee.war has finished in 3,703
ms
>  07-Oct-2016 13:08:03.268 INFO [localhost-startStop-1] org.apache.catalina.startup.HostConfig.deployDirectory
Deploying web application directory C:\Tomcat8.0.36\webapps\ROOT
>  07-Oct-2016 13:08:03.268 INFO [localhost-startStop-1] org.apache.tomee.catalina.TomcatWebAppBuilder.init
------------------------- localhost -> /
>  07-Oct-2016 13:08:03.455 INFO [localhost-startStop-1] org.apache.openejb.config.ConfigurationFactory.configureApplication
Configuring enterprise application: C:\Tomcat8.0.36\webapps\ROOT
>  07-Oct-2016 13:08:03.518 INFO [localhost-startStop-1] org.apache.openejb.config.ConfigurationFactory.configureService
Configuring Service(id=comp/DefaultManagedExecutorService, type=Resource, provider-id=Default
Executor Service)
>  07-Oct-2016 13:08:03.518 INFO [localhost-startStop-1] org.apache.openejb.config.AutoConfig.logAutoCreateResource
Auto-creating a Resource with id 'comp/DefaultManagedExecutorService' of type 'javax.enterprise.concurrent.ManagedExecutorService
for ''.
>  07-Oct-2016 13:08:03.518 INFO [localhost-startStop-1] org.apache.openejb.config.ConfigurationFactory.configureService
Configuring Service(id=comp/DefaultManagedScheduledExecutorService, type=Resource, provider-id=Default
Scheduled Executor Service)
>  07-Oct-2016 13:08:03.518 INFO [localhost-startStop-1] org.apache.openejb.config.AutoConfig.logAutoCreateResource
Auto-creating a Resource with id 'comp/DefaultManagedScheduledExecutorService' of type 'javax.enterprise.concurrent.ManagedScheduledExecutorService
for ''.
>  07-Oct-2016 13:08:03.533 INFO [localhost-startStop-1] org.apache.openejb.config.ConfigurationFactory.configureService
Configuring Service(id=comp/DefaultManagedThreadFactory, type=Resource, provider-id=Default
Managed Thread Factory)
>  07-Oct-2016 13:08:03.533 INFO [localhost-startStop-1] org.apache.openejb.config.AutoConfig.logAutoCreateResource
Auto-creating a Resource with id 'comp/DefaultManagedThreadFactory' of type 'javax.enterprise.concurrent.ManagedThreadFactory
for ''.
>  07-Oct-2016 13:08:03.549 INFO [localhost-startStop-1] org.apache.openejb.config.AppInfoBuilder.build
Enterprise application "C:\Tomcat8.0.36\webapps\ROOT" loaded.
>  07-Oct-2016 13:08:03.565 INFO [localhost-startStop-1] org.apache.openejb.assembler.classic.Assembler.createApplication
Assembling app: C:\Tomcat8.0.36\webapps\ROOT
>  07-Oct-2016 13:08:03.705 INFO [localhost-startStop-1] org.apache.openejb.assembler.classic.Assembler.createApplication
Deployed Application(path=C:\Tomcat8.0.36\webapps\ROOT)
>  07-Oct-2016 13:08:03.783 INFO [localhost-startStop-1] org.apache.jasper.servlet.TldScanner.scanJars
At least one JAR was scanned for TLDs yet contained no TLDs. Enable debug logging for this
logger for a complete list of JARs that were scanned but no TLDs were found in them. Skipping
unneeded JARs during scanning can improve startup time and JSP compilation time.
>  07-Oct-2016 13:08:03.861 INFO [localhost-startStop-1] org.apache.catalina.startup.HostConfig.deployDirectory
Deployment of web application directory C:\Tomcat8.0.36\webapps\ROOT has finished in 593 ms
>  07-Oct-2016 13:08:03.861 INFO [main] org.apache.coyote.AbstractProtocol.start Starting
ProtocolHandler ["http-nio-8080"]
>  07-Oct-2016 13:08:03.877 INFO [main] org.apache.coyote.AbstractProtocol.start Starting
ProtocolHandler ["ajp-nio-8009"]
>  07-Oct-2016 13:08:03.877 INFO [main] org.apache.catalina.startup.Catalina.start Server
startup in 4944 ms
> Without the all permission ,tomee war is not getting deployed. But as per our policy
they wont provide all permissions.
> Could you please let us know whether tomee will work only if we provide all permissions
in tomcat with -security mode enabled.



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)

Mime
View raw message