[ http://issues.apache.org/jira/browse/TAPESTRY-964?page=all ]
Jesse Kuhnert resolved TAPESTRY-964.
------------------------------------
Resolution: Invalid
If this gets fixed at all it'll be in hivemind itself, please file the issue
there.
https://issues.apache.org/jira/browse/HIVEMIND
> Tapestry web app (including workbench example) fails in Tomcat with security
> manager enabled
> --------------------------------------------------------------------------------------------
>
> Key: TAPESTRY-964
> URL: http://issues.apache.org/jira/browse/TAPESTRY-964
> Project: Tapestry
> Issue Type: Bug
> Components: Framework
> Affects Versions: 4.0.2
> Environment: Linux (2.6 kernel), Tomcat 5.0.28, Sun Java SDK
> 1.5.0_02, Tapestry 4.0.2
> Reporter: Paul Homes
> Attachments: ClassPool.java.patch
>
>
> Web apps that use Tapestry 4.0 in Tomcat with the security manager enabled
> fail with a "java.lang.NoClassDefFoundError:
> org.apache.hivemind.ServiceImplementationFactory" exception.
> To simplify testing I only have the Tapestry 4.0.2 example workbench web app
> deployed in a new Tomcat 5.0.28 install. The workbench example works fine
> when Tomcat is started without the security manager, but when the security
> manager is enabled you can see the following stack trace:
> 2006-05-25 17:32:57 StandardContext[/workbench]Servlet /workbench threw
> load() exception javax.servlet.ServletException:
> org.apache.hivemind.ServiceImplementationFactory
> at
> org.apache.catalina.security.SecurityUtil.execute(SecurityUtil.java:286)
> at
> org.apache.catalina.security.SecurityUtil.doAsPrivilege(SecurityUtil.java:157)
> at
> org.apache.catalina.security.SecurityUtil.doAsPrivilege(SecurityUtil.java:110)
> at
> org.apache.catalina.core.StandardWrapper.loadServlet(StandardWrapper.java:1024)
> at
> org.apache.catalina.core.StandardWrapper.load(StandardWrapper.java:862)
> at
> org.apache.catalina.core.StandardContext.loadOnStartup(StandardContext.java:4013)
> at
> org.apache.catalina.core.StandardContext.start(StandardContext.java:4357)
> at
> org.apache.catalina.core.ContainerBase.addChildInternal(ContainerBase.java:823)
> at
> org.apache.catalina.core.ContainerBase.access$000(ContainerBase.java:121)
> at
> org.apache.catalina.core.ContainerBase$PrivilegedAddChild.run(ContainerBase.java:143)
> at java.security.AccessController.doPrivileged(Native Method)
> at
> org.apache.catalina.core.ContainerBase.addChild(ContainerBase.java:805)
> at
> org.apache.catalina.core.StandardHost.addChild(StandardHost.java:595)
> at
> org.apache.catalina.core.StandardHostDeployer.install(StandardHostDeployer.java:277)
> at
> org.apache.catalina.core.StandardHost.install(StandardHost.java:832)
> at
> org.apache.catalina.startup.HostConfig.deployWARs(HostConfig.java:625)
> at
> org.apache.catalina.startup.HostConfig.deployApps(HostConfig.java:431)
> at org.apache.catalina.startup.HostConfig.start(HostConfig.java:983)
> at
> org.apache.catalina.startup.HostConfig.lifecycleEvent(HostConfig.java:349)
> at
> org.apache.catalina.util.LifecycleSupport.fireLifecycleEvent(LifecycleSupport.java:119)
> at
> org.apache.catalina.core.ContainerBase.start(ContainerBase.java:1091)
> at org.apache.catalina.core.StandardHost.start(StandardHost.java:789)
> at
> org.apache.catalina.core.ContainerBase.start(ContainerBase.java:1083)
> at
> org.apache.catalina.core.StandardEngine.start(StandardEngine.java:478)
> at
> org.apache.catalina.core.StandardService.start(StandardService.java:480)
> at
> org.apache.catalina.core.StandardServer.start(StandardServer.java:2313)
> at org.apache.catalina.startup.Catalina.start(Catalina.java:556)
> at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
> at
> sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
> at
> sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
> at java.lang.reflect.Method.invoke(Method.java:585)
> at org.apache.catalina.startup.Bootstrap.start(Bootstrap.java:287)
> at org.apache.catalina.startup.Bootstrap.main(Bootstrap.java:425)
> ----- Root Cause -----
> java.lang.NoClassDefFoundError:
> org.apache.hivemind.ServiceImplementationFactory
> at
> org.apache.hivemind.impl.InvokeFactoryServiceConstructor.class$(InvokeFactoryServiceConstructor.java:83)
> at
> org.apache.hivemind.impl.InvokeFactoryServiceConstructor.setupFactoryAndParameters(InvokeFactoryServiceConstructor.java:82)
> at
> org.apache.hivemind.impl.InvokeFactoryServiceConstructor.constructCoreServiceImplementation(InvokeFactoryServiceConstructor.java:55)
> at
> org.apache.hivemind.impl.servicemodel.AbstractServiceModelImpl.constructCoreServiceImplementation(AbstractServiceModelImpl.java:108)
> at
> org.apache.hivemind.impl.servicemodel.AbstractServiceModelImpl.constructNewServiceImplementation(AbstractServiceModelImpl.java:158)
> at
> org.apache.hivemind.impl.servicemodel.AbstractServiceModelImpl.constructServiceImplementation(AbstractServiceModelImpl.java:140)
> at
> org.apache.hivemind.impl.servicemodel.SingletonServiceModel.getActualServiceImplementation(SingletonServiceModel.java:69)
> at $Runnable_10b6a75df19._service($Runnable_10b6a75df19.java)
> at $Runnable_10b6a75df19.run($Runnable_10b6a75df19.java)
> at $Runnable_10b6a75df18.run($Runnable_10b6a75df18.java)
> at
> org.apache.hivemind.impl.RegistryInfrastructureImpl.startup(RegistryInfrastructureImpl.java:436)
> at
> org.apache.hivemind.impl.RegistryBuilder.constructRegistry(RegistryBuilder.java:154)
> at
> org.apache.tapestry.ApplicationServlet.constructRegistry(ApplicationServlet.java:253)
> at
> org.apache.tapestry.ApplicationServlet.init(ApplicationServlet.java:194)
> at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
> at
> sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
> at
> sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
> at java.lang.reflect.Method.invoke(Method.java:585)
> at
> org.apache.catalina.security.SecurityUtil$1.run(SecurityUtil.java:239)
> at java.security.AccessController.doPrivileged(Native Method)
> at javax.security.auth.Subject.doAsPrivileged(Subject.java:517)
> at
> org.apache.catalina.security.SecurityUtil.execute(SecurityUtil.java:268)
> at
> org.apache.catalina.security.SecurityUtil.doAsPrivilege(SecurityUtil.java:157)
> at
> org.apache.catalina.security.SecurityUtil.doAsPrivilege(SecurityUtil.java:110)
> at
> org.apache.catalina.core.StandardWrapper.loadServlet(StandardWrapper.java:1024)
> at
> org.apache.catalina.core.StandardWrapper.load(StandardWrapper.java:862)
> at
> org.apache.catalina.core.StandardContext.loadOnStartup(StandardContext.java:4013)
> at
> org.apache.catalina.core.StandardContext.start(StandardContext.java:4357)
> at
> org.apache.catalina.core.ContainerBase.addChildInternal(ContainerBase.java:823)
> at
> org.apache.catalina.core.ContainerBase.access$000(ContainerBase.java:121)
> at
> org.apache.catalina.core.ContainerBase$PrivilegedAddChild.run(ContainerBase.java:143)
> at java.security.AccessController.doPrivileged(Native Method)
> at
> org.apache.catalina.core.ContainerBase.addChild(ContainerBase.java:805)
> at
> org.apache.catalina.core.StandardHost.addChild(StandardHost.java:595)
> at
> org.apache.catalina.core.StandardHostDeployer.install(StandardHostDeployer.java:277)
> at
> org.apache.catalina.core.StandardHost.install(StandardHost.java:832)
> at
> org.apache.catalina.startup.HostConfig.deployWARs(HostConfig.java:625)
> at
> org.apache.catalina.startup.HostConfig.deployApps(HostConfig.java:431)
> at org.apache.catalina.startup.HostConfig.start(HostConfig.java:983)
> at
> org.apache.catalina.startup.HostConfig.lifecycleEvent(HostConfig.java:349)
> at
> org.apache.catalina.util.LifecycleSupport.fireLifecycleEvent(LifecycleSupport.java:119)
> at
> org.apache.catalina.core.ContainerBase.start(ContainerBase.java:1091)
> at org.apache.catalina.core.StandardHost.start(StandardHost.java:789)
> at
> org.apache.catalina.core.ContainerBase.start(ContainerBase.java:1083)
> at
> org.apache.catalina.core.StandardEngine.start(StandardEngine.java:478)
> at
> org.apache.catalina.core.StandardService.start(StandardService.java:480)
> at
> org.apache.catalina.core.StandardServer.start(StandardServer.java:2313)
> at org.apache.catalina.startup.Catalina.start(Catalina.java:556)
> at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
> at
> sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
> at
> sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
> at java.lang.reflect.Method.invoke(Method.java:585)
> at org.apache.catalina.startup.Bootstrap.start(Bootstrap.java:287)
> at org.apache.catalina.startup.Bootstrap.main(Bootstrap.java:425)
> The catalina.policy file in use is the standard Tomcat one with the following
> appended to grant all permissions to the Tapestry workbench example:
> grant codeBase "file:${catalina.home}/webapps/workbench/-" {
> permission java.security.AllPermission;
> };
> Tomcat has been started like so:
> catalina.sh start -security
> Not sure if this helps much, but I enabled some java security debugging with:
> export CATALINA_OPTS=-Djava.security.debug=access:failure
> catalina.sh start -security
> ... that generates:
> access: access allowed (java.io.FilePermission
> /usr/local/jakarta-tomcat-5.0.28/webapps/workbench/WEB-INF/classes/org/apache/hivemind/impl/servicemodel/SingletonInnerProxy.class
> read)
> access: access allowed (java.io.FilePermission
> /usr/local/jakarta-tomcat-5.0.28/webapps/workbench/WEB-INF/lib/hivemind-1.1.1.jar
> read)
> access: access allowed (java.io.FilePermission
> /usr/local/jakarta-tomcat-5.0.28/webapps/workbench/WEB-INF/lib/hivemind-1.1.1.jar
> read)
> access: access allowed (java.io.FilePermission
> /usr/local/jakarta-tomcat-5.0.28/webapps/workbench/WEB-INF/lib/hivemind-1.1.1.jar
> read)
> access: access allowed (java.lang.RuntimePermission accessDeclaredMembers)
> access: access allowed (java.lang.reflect.ReflectPermission
> suppressAccessChecks)
> access: access allowed (java.lang.reflect.ReflectPermission
> suppressAccessChecks)
> access: access allowed (java.lang.reflect.ReflectPermission
> suppressAccessChecks)
> access: access denied (java.io.FilePermission
> /usr/local/jakarta-tomcat-5.0.28/webapps/workbench/WEB-INF/classes/org/apache/hivemind/ServiceImplementationFactory.class
> read)
> java.lang.Exception: Stack trace
> at java.lang.Thread.dumpStack(Thread.java:1158)
> at
> java.security.AccessControlContext.checkPermission(AccessControlContext.java:253)
> at
> java.security.AccessController.checkPermission(AccessController.java:427)
> at java.lang.SecurityManager.checkPermission(SecurityManager.java:532)
> at java.lang.SecurityManager.checkRead(SecurityManager.java:871)
> at java.io.File.exists(File.java:700)
> at
> org.apache.naming.resources.FileDirContext.file(FileDirContext.java:826)
> at
> org.apache.naming.resources.FileDirContext.lookup(FileDirContext.java:208)
> at
> org.apache.naming.resources.ProxyDirContext.lookup(ProxyDirContext.java:287)
> at
> org.apache.catalina.loader.WebappClassLoader.findResourceInternal(WebappClassLoader.java:1707)
> at
> org.apache.catalina.loader.WebappClassLoader.findClassInternal(WebappClassLoader.java:1575)
> at
> org.apache.catalina.loader.WebappClassLoader.findClass(WebappClassLoader.java:860)
> at
> org.apache.catalina.loader.WebappClassLoader.loadClass(WebappClassLoader.java:1307)
> at
> org.apache.catalina.loader.WebappClassLoader.loadClass(WebappClassLoader.java:1189)
> at java.lang.ClassLoader.loadClassInternal(ClassLoader.java:319)
> at java.lang.Class.forName0(Native Method)
> at java.lang.Class.forName(Class.java:164)
> at
> org.apache.hivemind.impl.InvokeFactoryServiceConstructor.class$(InvokeFactoryServiceConstructor.java:83)
> at
> org.apache.hivemind.impl.InvokeFactoryServiceConstructor.setupFactoryAndParameters(InvokeFactoryServiceConstructor.java:82)
> at
> org.apache.hivemind.impl.InvokeFactoryServiceConstructor.constructCoreServiceImplementation(InvokeFactoryServiceConstructor.java:55)
> at
> org.apache.hivemind.impl.servicemodel.AbstractServiceModelImpl.constructCoreServiceImplementation(AbstractServiceModelImpl.java:108)
> at
> org.apache.hivemind.impl.servicemodel.AbstractServiceModelImpl.constructNewServiceImplementation(AbstractServiceModelImpl.java:158)
> at
> org.apache.hivemind.impl.servicemodel.AbstractServiceModelImpl.constructServiceImplementation(AbstractServiceModelImpl.java:140)
> at
> org.apache.hivemind.impl.servicemodel.SingletonServiceModel.getActualServiceImplementation(SingletonServiceModel.java:69)
> at $Runnable_10b6b1bdd89._service($Runnable_10b6b1bdd89.java)
> at $Runnable_10b6b1bdd89.run($Runnable_10b6b1bdd89.java)
> at $Runnable_10b6b1bdd88.run($Runnable_10b6b1bdd88.java)
> at
> org.apache.hivemind.impl.RegistryInfrastructureImpl.startup(RegistryInfrastructureImpl.java:436)
> at
> org.apache.hivemind.impl.RegistryBuilder.constructRegistry(RegistryBuilder.java:154)
> at
> org.apache.tapestry.ApplicationServlet.constructRegistry(ApplicationServlet.java:253)
> at
> org.apache.tapestry.ApplicationServlet.init(ApplicationServlet.java:194)
> at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
> at
> sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
> at
> sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
> at java.lang.reflect.Method.invoke(Method.java:585)
> at
> org.apache.catalina.security.SecurityUtil$1.run(SecurityUtil.java:239)
> at java.security.AccessController.doPrivileged(Native Method)
> at javax.security.auth.Subject.doAsPrivileged(Subject.java:517)
> at
> org.apache.catalina.security.SecurityUtil.execute(SecurityUtil.java:268)
> at
> org.apache.catalina.security.SecurityUtil.doAsPrivilege(SecurityUtil.java:157)
> at
> org.apache.catalina.security.SecurityUtil.doAsPrivilege(SecurityUtil.java:110)
> at
> org.apache.catalina.core.StandardWrapper.loadServlet(StandardWrapper.java:1024)
> at
> org.apache.catalina.core.StandardWrapper.load(StandardWrapper.java:862)
> at
> org.apache.catalina.core.StandardContext.loadOnStartup(StandardContext.java:4013)
> at
> org.apache.catalina.core.StandardContext.start(StandardContext.java:4357)
> at
> org.apache.catalina.core.ContainerBase.addChildInternal(ContainerBase.java:823)
> at
> org.apache.catalina.core.ContainerBase.access$000(ContainerBase.java:121)
> at
> org.apache.catalina.core.ContainerBase$PrivilegedAddChild.run(ContainerBase.java:143)
> at java.security.AccessController.doPrivileged(Native Method)
> at
> org.apache.catalina.core.ContainerBase.addChild(ContainerBase.java:805)
> at
> org.apache.catalina.core.StandardHost.addChild(StandardHost.java:595)
> at
> org.apache.catalina.core.StandardHostDeployer.install(StandardHostDeployer.java:277)
> at
> org.apache.catalina.core.StandardHost.install(StandardHost.java:832)
> at
> org.apache.catalina.startup.HostConfig.deployWARs(HostConfig.java:625)
> at
> org.apache.catalina.startup.HostConfig.deployApps(HostConfig.java:431)
> at org.apache.catalina.startup.HostConfig.start(HostConfig.java:983)
> at
> org.apache.catalina.startup.HostConfig.lifecycleEvent(HostConfig.java:349)
> at
> org.apache.catalina.util.LifecycleSupport.fireLifecycleEvent(LifecycleSupport.java:119)
> at
> org.apache.catalina.core.ContainerBase.start(ContainerBase.java:1091)
> at org.apache.catalina.core.StandardHost.start(StandardHost.java:789)
> at
> org.apache.catalina.core.ContainerBase.start(ContainerBase.java:1083)
> at
> org.apache.catalina.core.StandardEngine.start(StandardEngine.java:478)
> at
> org.apache.catalina.core.StandardService.start(StandardService.java:480)
> at
> org.apache.catalina.core.StandardServer.start(StandardServer.java:2313)
> at org.apache.catalina.startup.Catalina.start(Catalina.java:556)
> at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
> at
> sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
> at
> sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
> at java.lang.reflect.Method.invoke(Method.java:585)
> at org.apache.catalina.startup.Bootstrap.start(Bootstrap.java:287)
> at org.apache.catalina.startup.Bootstrap.main(Bootstrap.java:425)
> access: access allowed (java.security.SecurityPermission getPolicy)
> access: domain that failed ProtectionDomain (null <no signer certificates>)
> [EMAIL PROTECTED]
> <no principals>
> [EMAIL PROTECTED] (
> (java.lang.RuntimePermission accessClassInPackage.org.apache.jasper.runtime)
> (java.lang.RuntimePermission
> accessClassInPackage.org.apache.jasper.runtime.*)
> (java.lang.RuntimePermission getAttribute)
> (java.util.PropertyPermission java.version read)
> (java.util.PropertyPermission java.home read)
> (java.util.PropertyPermission java.vm.name read)
> (java.util.PropertyPermission java.vm.vendor read)
> (java.util.PropertyPermission javax.sql.* read)
> (java.util.PropertyPermission os.name read)
> (java.util.PropertyPermission java.vendor.url read)
> (java.util.PropertyPermission java.vm.specification.vendor read)
> (java.util.PropertyPermission java.specification.vendor read)
> (java.util.PropertyPermission os.version read)
> (java.util.PropertyPermission java.specification.name read)
> (java.util.PropertyPermission java.class.version read)
> (java.util.PropertyPermission file.separator read)
> (java.util.PropertyPermission java.vm.version read)
> (java.util.PropertyPermission os.arch read)
> (java.util.PropertyPermission java.naming.* read)
> (java.util.PropertyPermission jaxp.debug read)
> (java.util.PropertyPermission java.vm.specification.name read)
> (java.util.PropertyPermission java.vm.specification.version read)
> (java.util.PropertyPermission java.specification.version read)
> (java.util.PropertyPermission java.vendor read)
> (java.util.PropertyPermission path.separator read)
> (java.util.PropertyPermission line.separator read)
> )
> There is a similar problem with security manager enabled Tomcat 4.1.31, Java
> SDK 1.4.2_10 on Windows XP where the class loading problem shows up this time
> as:
>
> javax.servlet.ServletException: Unable to initialize application servlet:
> Unable to construct service hivemind.Startup: Error at
> jar:file:/C:/jakarta-tomcat-4.1.31/webapps/futrix5dev/WEB-INF/lib/hivemind-1.1.jar!/META-INF/hivemodule.xml,
> line 599, column 43: Unable to process attribute autowire-services (of
> element construct): Unable to construct configuration hivemind.Translators:
> Error at
> jar:file:/C:/jakarta-tomcat-4.1.31/webapps/futrix5dev/WEB-INF/lib/hivemind-1.1.jar!/META-INF/hivemodule.xml,
> line 555, column 62: Unable to process attribute service-id (of element
> translator): Unable to lookup java.lang.Class: java.lang.Class
> at
> org.apache.tapestry.ApplicationServlet.init(ApplicationServlet.java:206)
> at
> org.apache.catalina.core.StandardWrapper.loadServlet(StandardWrapper.java:888)
> .....
> Caused by: org.apache.hivemind.ApplicationRuntimeException: Unable to lookup
> java.lang.Class: java.lang.Class
> at
> org.apache.hivemind.service.impl.CtClassSource.getCtClass(CtClassSource.java:56)
> at
> org.apache.hivemind.service.impl.AbstractFab.convertClass(AbstractFab.java:83)
> at
> org.apache.hivemind.service.impl.AbstractFab.convertClasses(AbstractFab.java:66)
> at
> org.apache.hivemind.service.impl.ClassFabImpl.addMethod(ClassFabImpl.java:280)
> at
> org.apache.hivemind.impl.ProxyBuilder.addServiceMethods(ProxyBuilder.java:139)
> at
> org.apache.hivemind.impl.servicemodel.SingletonServiceModel.createSingletonProxyClass(SingletonServiceModel.java:183)
> at
> org.apache.hivemind.impl.servicemodel.SingletonServiceModel.createSingletonProxy(SingletonServiceModel.java:103)
> ... 73 more
> Caused by: javassist.NotFoundException: java.lang.Class
> at javassist.ClassPool.get(ClassPool.java:301)
> at
> org.apache.hivemind.service.impl.CtClassSource.getCtClass(CtClassSource.java:52)
> ... 79 more
> The only existing JIRA issue I can find which sounds similar is TAPESTRY-150
> but that is with Tapestry 3.0
--
This message is automatically generated by JIRA.
-
If you think it was sent incorrectly contact one of the administrators:
http://issues.apache.org/jira/secure/Administrators.jspa
-
For more information on JIRA, see: http://www.atlassian.com/software/jira
---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
