[
https://issues.apache.org/jira/browse/TOMEE-2014?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=15870104#comment-15870104
]
Magesh commented on TOMEE-2014:
-------------------------------
Hi,
We have done the below changes in the following two classes
'TomEEWebappClassLoader.java' and 'JavaSecurityManagers.java'.
openejb-core.patch
Added the below method in the class 'JavaSecurityManagers.java'.
public static Class<?> loadClass(final TomEEWebappClassLoader tomeeClassLoader,
final String name, final boolean resolve) {
if (System.getSecurityManager() == null) {
return tomeeClassLoader.superLoadClass(name, resolve);
} else {
AccessController.doPrivileged(new PrivilegedAction<Class<?>>() {
@Override
public Class<?> run() {
return
tomeeClassLoader.superLoadClass(name, resolve);
}
});
}
return null;
}
tomee-catalina.patch
Replaced the line 204 in the class TomEEWebappClassLoader.java return
super.loadClass(name, resolve); with return
JavaSecurityManagers.loadClass(this, name, resolve);
and added the below method.
public Class<?> superLoadClass(final String name, final boolean resolve) {
try {
return super.loadClass(name, resolve);
} catch (ClassNotFoundException e) {
// TODO Auto-generated catch block
e.printStackTrace();
}
return null;
}
But we are getting the below error message.--> Caused by:
org.apache.tomee.catalina.TomEERuntimeException:
org.apache.xbean.recipe.ConstructionException: Type class could not be found:
org.apache.openejb.core.managed.ManagedContainer
Log:
16-Feb-2017 17:47:03.784 SEVERE [localhost-startStop-1]
org.apache.tomee.catalina.TomcatWebAppBuilder.startInternal Unable to deploy
collapsed ear in war
StandardEngine[Catalina].StandardHost[localhost].StandardContext[/tosched]
org.apache.xbean.recipe.ConstructionException: Type class could not be found:
org.apache.openejb.core.managed.ManagedContainer
at
org.apache.xbean.recipe.ObjectRecipe.getType(ObjectRecipe.java:355)
at
org.apache.xbean.recipe.ObjectRecipe.internalCreate(ObjectRecipe.java:266)
at
org.apache.xbean.recipe.AbstractRecipe.create(AbstractRecipe.java:96)
at
org.apache.xbean.recipe.AbstractRecipe.create(AbstractRecipe.java:61)
at
org.apache.xbean.recipe.AbstractRecipe.create(AbstractRecipe.java:49)
at
org.apache.openejb.assembler.classic.Assembler.createContainer(Assembler.java:2652)
at
org.apache.openejb.config.ConfigurationFactory.install(ConfigurationFactory.java:448)
at
org.apache.openejb.config.AutoConfig.createContainer(AutoConfig.java:1154)
at
org.apache.openejb.config.AutoConfig.deploy(AutoConfig.java:855)
at
org.apache.openejb.config.AutoConfig.deploy(AutoConfig.java:201)
at
org.apache.openejb.config.ConfigurationFactory$Chain.deploy(ConfigurationFactory.java:420)
at
org.apache.openejb.config.ConfigurationFactory.configureApplication(ConfigurationFactory.java:1037)
at
org.apache.tomee.catalina.TomcatWebAppBuilder.startInternal(TomcatWebAppBuilder.java:1276)
at
org.apache.tomee.catalina.TomcatWebAppBuilder.configureStart(TomcatWebAppBuilder.java:1124)
at
org.apache.tomee.catalina.GlobalListenerSupport.lifecycleEvent(GlobalListenerSupport.java:133)
at
org.apache.catalina.util.LifecycleBase.fireLifecycleEvent(LifecycleBase.java:94)
at
org.apache.catalina.core.StandardContext.startInternal(StandardContext.java:5087)
at
org.apache.catalina.util.LifecycleBase.start(LifecycleBase.java:150)
at
org.apache.catalina.core.ContainerBase.addChildInternal(ContainerBase.java:724)
at
org.apache.catalina.core.ContainerBase.access$000(ContainerBase.java:129)
at
org.apache.catalina.core.ContainerBase$PrivilegedAddChild.run(ContainerBase.java:150)
at
org.apache.catalina.core.ContainerBase$PrivilegedAddChild.run(ContainerBase.java:140)
at java.security.AccessController.doPrivileged(Native Method)
at
org.apache.catalina.core.ContainerBase.addChild(ContainerBase.java:698)
at
org.apache.catalina.core.StandardHost.addChild(StandardHost.java:734)
at
org.apache.catalina.startup.HostConfig.deployWAR(HostConfig.java:952)
at
org.apache.catalina.startup.HostConfig$DeployWar.run(HostConfig.java:1823)
at
java.util.concurrent.Executors$RunnableAdapter.call(Executors.java:511)
at java.util.concurrent.FutureTask.run(FutureTask.java:266)
at
java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1142)
at
java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:617)
at java.lang.Thread.run(Thread.java:745)
16-Feb-2017 17:47:03.784 SEVERE [localhost-startStop-1]
sun.reflect.NativeMethodAccessorImpl.invoke ContainerBase.removeChild: destroy:
org.apache.catalina.LifecycleException: An invalid Lifecycle transition was
attempted ([before_destroy]) for component
[StandardEngine[Catalina].StandardHost[localhost].StandardContext[/tosched]] in
state [STARTING_PREP]
at
org.apache.catalina.util.LifecycleBase.invalidTransition(LifecycleBase.java:402)
at
org.apache.catalina.util.LifecycleBase.destroy(LifecycleBase.java:292)
at
org.apache.catalina.core.ContainerBase.removeChild(ContainerBase.java:826)
at
org.apache.tomee.catalina.TomcatWebAppBuilder.undeploy(TomcatWebAppBuilder.java:1627)
at
org.apache.tomee.catalina.TomcatWebAppBuilder.undeploy(TomcatWebAppBuilder.java:1607)
at
org.apache.tomee.catalina.TomcatWebAppBuilder.startInternal(TomcatWebAppBuilder.java:1307)
at
org.apache.tomee.catalina.TomcatWebAppBuilder.configureStart(TomcatWebAppBuilder.java:1124)
at
org.apache.tomee.catalina.GlobalListenerSupport.lifecycleEvent(GlobalListenerSupport.java:133)
at
org.apache.catalina.util.LifecycleBase.fireLifecycleEvent(LifecycleBase.java:94)
at
org.apache.catalina.core.StandardContext.startInternal(StandardContext.java:5087)
at
org.apache.catalina.util.LifecycleBase.start(LifecycleBase.java:150)
at
org.apache.catalina.core.ContainerBase.addChildInternal(ContainerBase.java:724)
at
org.apache.catalina.core.ContainerBase.access$000(ContainerBase.java:129)
at
org.apache.catalina.core.ContainerBase$PrivilegedAddChild.run(ContainerBase.java:150)
at
org.apache.catalina.core.ContainerBase$PrivilegedAddChild.run(ContainerBase.java:140)
at java.security.AccessController.doPrivileged(Native Method)
at
org.apache.catalina.core.ContainerBase.addChild(ContainerBase.java:698)
at
org.apache.catalina.core.StandardHost.addChild(StandardHost.java:734)
at
org.apache.catalina.startup.HostConfig.deployWAR(HostConfig.java:952)
at
org.apache.catalina.startup.HostConfig$DeployWar.run(HostConfig.java:1823)
at
java.util.concurrent.Executors$RunnableAdapter.call(Executors.java:511)
at java.util.concurrent.FutureTask.run(FutureTask.java:266)
at
java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1142)
at
java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:617)
at java.lang.Thread.run(Thread.java:745)
16-Feb-2017 17:47:03.784 SEVERE [localhost-startStop-1]
sun.reflect.NativeMethodAccessorImpl.invoke ContainerBase.addChild: start:
org.apache.catalina.LifecycleException: Failed to start component
[StandardEngine[Catalina].StandardHost[localhost].StandardContext[/tosched]]
at
org.apache.catalina.util.LifecycleBase.start(LifecycleBase.java:167)
at
org.apache.catalina.core.ContainerBase.addChildInternal(ContainerBase.java:724)
at
org.apache.catalina.core.ContainerBase.access$000(ContainerBase.java:129)
at
org.apache.catalina.core.ContainerBase$PrivilegedAddChild.run(ContainerBase.java:150)
at
org.apache.catalina.core.ContainerBase$PrivilegedAddChild.run(ContainerBase.java:140)
at java.security.AccessController.doPrivileged(Native Method)
at
org.apache.catalina.core.ContainerBase.addChild(ContainerBase.java:698)
at
org.apache.catalina.core.StandardHost.addChild(StandardHost.java:734)
at
org.apache.catalina.startup.HostConfig.deployWAR(HostConfig.java:952)
at
org.apache.catalina.startup.HostConfig$DeployWar.run(HostConfig.java:1823)
at
java.util.concurrent.Executors$RunnableAdapter.call(Executors.java:511)
at java.util.concurrent.FutureTask.run(FutureTask.java:266)
at
java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1142)
at
java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:617)
at java.lang.Thread.run(Thread.java:745)
Caused by: org.apache.tomee.catalina.TomEERuntimeException:
org.apache.xbean.recipe.ConstructionException: Type class could not be found:
org.apache.openejb.core.managed.ManagedContainer
at
org.apache.tomee.catalina.TomcatWebAppBuilder.startInternal(TomcatWebAppBuilder.java:1310)
at
org.apache.tomee.catalina.TomcatWebAppBuilder.configureStart(TomcatWebAppBuilder.java:1124)
at
org.apache.tomee.catalina.GlobalListenerSupport.lifecycleEvent(GlobalListenerSupport.java:133)
at
org.apache.catalina.util.LifecycleBase.fireLifecycleEvent(LifecycleBase.java:94)
at
org.apache.catalina.core.StandardContext.startInternal(StandardContext.java:5087)
at
org.apache.catalina.util.LifecycleBase.start(LifecycleBase.java:150)
... 14 more
Caused by: org.apache.xbean.recipe.ConstructionException: Type class could not
be found: org.apache.openejb.core.managed.ManagedContainer
at
org.apache.xbean.recipe.ObjectRecipe.getType(ObjectRecipe.java:355)
at
org.apache.xbean.recipe.ObjectRecipe.internalCreate(ObjectRecipe.java:266)
at
org.apache.xbean.recipe.AbstractRecipe.create(AbstractRecipe.java:96)
at
org.apache.xbean.recipe.AbstractRecipe.create(AbstractRecipe.java:61)
at
org.apache.xbean.recipe.AbstractRecipe.create(AbstractRecipe.java:49)
at
org.apache.openejb.assembler.classic.Assembler.createContainer(Assembler.java:2652)
at
org.apache.openejb.config.ConfigurationFactory.install(ConfigurationFactory.java:448)
at
org.apache.openejb.config.AutoConfig.createContainer(AutoConfig.java:1154)
at
org.apache.openejb.config.AutoConfig.deploy(AutoConfig.java:855)
at
org.apache.openejb.config.AutoConfig.deploy(AutoConfig.java:201)
at
org.apache.openejb.config.ConfigurationFactory$Chain.deploy(ConfigurationFactory.java:420)
at
org.apache.openejb.config.ConfigurationFactory.configureApplication(ConfigurationFactory.java:1037)
at
org.apache.tomee.catalina.TomcatWebAppBuilder.startInternal(TomcatWebAppBuilder.java:1276)
... 19 more
> Security Permission for setPolicy
> ---------------------------------
>
> Key: TOMEE-2014
> URL: https://issues.apache.org/jira/browse/TOMEE-2014
> Project: TomEE
> Issue Type: Bug
> Components: TomEE Core Server
> Affects Versions: 7.0.2
> Reporter: Magesh
> Attachments: AbstractSecurityService.java, openejb-core.patch,
> tomee1.patch, tomee2.patch, tomee-catalina.patch
>
>
> Hi,
> We deployed our application that uses EJB in Tomee Server
> (apache-tomee-plus-7.0.2) with security mode enabled. We are getting the
> exception to add the below permission in catalina.policy file.
> permission java.security.SecurityPermission "setPolicy";
> Log:
> java.security.AccessControlException: access denied
> ("java.security.SecurityPermission" "setPolicy")
> at
> java.security.AccessControlContext.checkPermission(AccessControlContext.java:472)
> at
> java.security.AccessController.checkPermission(AccessController.java:884)
> at java.lang.SecurityManager.checkPermission(SecurityManager.java:549)
> at javax.security.jacc.PolicyContext.setContextID(PolicyContext.java:49)
> at
> org.apache.openejb.core.security.AbstractSecurityService.contextEntered(AbstractSecurityService.java:153)
> at org.apache.openejb.core.ThreadContext.enter(ThreadContext.java:60)
> at
> org.apache.openejb.core.stateless.StatelessContainer.invoke(StatelessContainer.java:169)
> at
> org.apache.openejb.core.ivm.EjbObjectProxyHandler.synchronizedBusinessMethod(EjbObjectProxyHandler.java:265)
> at
> org.apache.openejb.core.ivm.EjbObjectProxyHandler.businessMethod(EjbObjectProxyHandler.java:260)
> at
> org.apache.openejb.core.ivm.EjbObjectProxyHandler._invoke(EjbObjectProxyHandler.java:89)
> at
> org.apache.openejb.core.ivm.BaseEjbProxyHandler.invoke(BaseEjbProxyHandler.java:347)
> at com.sun.proxy.$Proxy79.getVersionPhases(Unknown Source)
> at
> biaccounting.presentation.servlet.InitServlet.initReferenceLists(InitServlet.java:141)
> at
> biaccounting.presentation.servlet.InitServlet.init(InitServlet.java:54)
> at javax.servlet.GenericServlet.init(GenericServlet.java:158)
> at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
> at
> sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62)
> at
> sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
> at java.lang.reflect.Method.invoke(Method.java:497)
> To fix this, we commented the below lines in the class
> AbstractSecurityService.java (Please find attached)
> PolicyContext.setContextID(moduleID); --> Line#138
> PolicyContext.setContextID(null); --> Line#175
> PolicyContext.setContextID(reenteredContext.getBeanContext().getModuleID());
> -->Line#177
> We have done this as a temporary fix from our end. Please let us know whether
> will this be fixed in the future release ? please let us know your comment on
> this one.
> Thanks & Regards,
> Magesh M
--
This message was sent by Atlassian JIRA
(v6.3.15#6346)
