Hi
@Andrea, this is not a wild guess and could be the reason for
this problem. Concerning security, OpenJDK makes live easier
because it is unrestricted out of the box whilst Oralce JDK is not.
Cheers
Christian
On Thu, May 26, 2016 at 8:46 PM, Andrea Aime
<[email protected]
<mailto:[email protected]>> wrote:
Hi,
I'm making a wild guess and I might be way off the mark, so
sorry in advance if it does not help but...
could it be that you once installed the unrestricted policy
jars for strong encryption, and then
a JDK upgrade happened, it wiped out those jars (they are in
the JDK itself), and now you cannot perform the same
type of encryption anymore?
Cheers
Andrea
On Thu, May 26, 2016 at 7:33 PM, Stefan Steiniger
<[email protected] <mailto:[email protected]>> wrote:
Hi,
thanks for the idea. I meant: deleting the default
password file as the instructions suggest. The problem
seems also that we would have to get GeoServer running at
least once, but we haven't achieved this.
Apart from that we did no new installation, everything is
as it was before. But it seems like the problem is
related to a security feature according to a new extended
log output (see below) - my colleague is looking into
that now (as I am giving a course all day).
stefan
===============
/26 May 12:27:00 INFO [geoserver.wps] - Found 29 bindable
processes in Vector processes
26 May 12:27:00 INFO [geoserver.wps] - Blacklisting
process geonode:BatchDownload as the input LAYERS of type
class org.geonode.process.batchdownload.LayerReference
cannot be handled
26 May 12:27:00 INFO [geoserver.wps] - Blacklisting
process geonode:BatchDownload as the input map of type
class org.geonode.process.batchdownload.MapMetadata
cannot be handled
26 May 12:27:00 INFO [geoserver.wps] - Blacklisting
process geonode:BatchDownload as the output ZippedFile of
type interface org.geonode.process.storage.Resource
cannot be handled
26 May 12:27:00 INFO [geoserver.wps] - Found 0 bindable
processes in Batch Downloader
26 May 12:27:00 INFO [geoserver.wps] - Found 4 bindable
processes in GeoServer specific processes
26 May 12:27:00 INFO [geoserver.wps] - Found 89 bindable
processes in Deprecated processes
May 26, 2016 12:27:00 PM
org.apache.catalina.core.StandardContext listenerStart
SEVERE: Exception sending context initialized event to
listener instance of class
org.geoserver.platform.GeoServerContextLoaderListener
org.springframework.beans.factory.BeanCreationException:
Error occured reading security configuration; nested
exception is java.lang.RuntimeException:
org.jasypt.exceptions.EncryptionOperationNotPossibleException
at
org.geoserver.security.GeoServerSecurityManager.onApplicationEvent(GeoServerSecurityManager.java:346)
at
org.springframework.context.event.SimpleApplicationEventMulticaster.multicastEvent(SimpleApplicationEventMulticaster.java:97)
at
org.springframework.context.support.AbstractApplicationContext.publishEvent(AbstractApplicationContext.java:327)
at
org.geoserver.platform.GeoServerContextLoaderListener.contextInitialized(GeoServerContextLoaderListener.java:25)
at
org.apache.catalina.core.StandardContext.listenerStart(StandardContext.java:4779)
at
org.apache.catalina.core.StandardContext.startInternal(StandardContext.java:5273)
at
org.apache.catalina.util.LifecycleBase.start(LifecycleBase.java:150)
at
org.apache.catalina.core.ContainerBase.addChildInternal(ContainerBase.java:895)
at
org.apache.catalina.core.ContainerBase.addChild(ContainerBase.java:871)
at
org.apache.catalina.core.StandardHost.addChild(StandardHost.java:615)
at
org.apache.catalina.startup.HostConfig.deployDescriptor(HostConfig.java:649)
at
org.apache.catalina.startup.HostConfig$DeployDescriptor.run(HostConfig.java:1581)
at
java.util.concurrent.Executors$RunnableAdapter.call(Executors.java:471)
at
java.util.concurrent.FutureTask$Sync.innerRun(FutureTask.java:334)
at
java.util.concurrent.FutureTask.run(FutureTask.java:166)
at
java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1146)
at
java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:615)
at java.lang.Thread.run(Thread.java:701)
Caused by: java.lang.RuntimeException:
org.jasypt.exceptions.EncryptionOperationNotPossibleException
at
org.geoserver.security.GeoServerSecurityManager.getMasterPassword(GeoServerSecurityManager.java:1631)
at
org.geoserver.security.KeyStoreProviderImpl.assertActivatedKeyStore(KeyStoreProviderImpl.java:236)
at
org.geoserver.security.KeyStoreProviderImpl.reloadKeyStore(KeyStoreProviderImpl.java:103)
at
org.geoserver.security.concurrent.LockingKeyStoreProvider.reloadKeyStore(LockingKeyStoreProvider.java:79)
at
org.geoserver.security.GeoServerSecurityManager.init(GeoServerSecurityManager.java:429)
at
org.geoserver.security.GeoServerSecurityManager.init(GeoServerSecurityManager.java:420)
at
org.geoserver.security.GeoServerSecurityManager.onApplicationEvent(GeoServerSecurityManager.java:339)
... 17 more
Caused by:
org.jasypt.exceptions.EncryptionOperationNotPossibleException
at
org.jasypt.encryption.pbe.StandardPBEByteEncryptor.decrypt(StandardPBEByteEncryptor.java:918)
at
org.geoserver.security.password.URLMasterPasswordProvider.decode(URLMasterPasswordProvider.java:130)
at
org.geoserver.security.password.URLMasterPasswordProvider.doGetMasterPassword(URLMasterPasswordProvider.java:76)
at
org.geoserver.security.MasterPasswordProvider.getMasterPassword(MasterPasswordProvider.java:34)
at
org.geoserver.security.GeoServerSecurityManager.getMasterPassword(GeoServerSecurityManager.java:1629)
... 23 more
May 26, 2016 12:27:00 PM
org.apache.catalina.core.StandardContext startInternal
SEVERE: Error listenerStart
May 26, 2016 12:27:00 PM
org.apache.catalina.core.StandardContext startInternal
SEVERE: Context [/geoserver] startup failed due to
previous errors
May 26, 2016 12:27:00 PM
org.apache.catalina.core.ApplicationContext log
INFO: Closing Spring root WebApplicationContext
26 May 12:27:00 WARN [support.DisposableBeanAdapter] -
Invocation of destroy method failed on bean with name
'printingWrapper': java.lang.NullPointerException
26 May 12:27:00 INFO [georss.GeoRSSPoller] - destroy()
invoked
26 May 12:27:00 INFO [geowebcache.GeoWebCacheDispatcher]
- GeoWebCacheDispatcher.destroy() was invoked, shutting down.
26 May 12:27:00 INFO [diskquota.DiskQuotaMonitor] - Disk
quota monitor shutting down...
26 May 12:27:00 INFO [diskquota.DiskQuotaMonitor] -
Shutting down quota usage monitor...
26 May 12:27:00 INFO [diskquota.QuotaUpdatesMonitor] -
Shutting down quota usage monitor...
26 May 12:27:00 INFO [diskquota.DiskQuotaMonitor] -
Shutting down quota statistics gathering monitor...
26 May 12:27:00 INFO
[diskquota.QueuedQuotaUpdatesConsumer] - Shutting down
quota update background task due to InterruptedException
26 May 12:27:00 INFO [diskquota.QueuedUsageStatsConsumer]
- Shutting down quota update background task due to
interrupted exception
26 May 12:27:00 INFO [seed.SeederThreadPoolExecutor] -
Initiating shut down for running and pending seed tasks...
26 May 12:27:00 INFO [seed.SeederThreadPoolExecutor] -
Seeder thread pool executor shut down complete.
26 May 12:27:00 INFO [storage.DefaultStorageBroker] -
Destroying StorageBroker
26 May 12:27:00 WARN [support.DisposableBeanAdapter] -
Invocation of destroy method failed on bean with name
'geoServerLoader':
org.springframework.beans.factory.BeanCreationNotAllowedException:
Error creating bean with name 'GWCLifeCycleHandler':
Singleton bean creation not allowed while the singletons
of this factory are in destruction (Do not request a bean
from a BeanFactory in a destroy method implementation!)
May 26, 2016 12:27:02 PM
org.apache.catalina.loader.WebappClassLoader
checkThreadLocalMapForLeaks
SEVERE: The web application [/geoserver] created a
ThreadLocal with key of type [java.lang.ThreadLocal]
(value [java.lang.ThreadLocal@4668c5ea]) and a value of
type
[org.geotools.referencing.operation.projection.TransverseMercator.Provider]
(value [PROJECTION["Transverse_Mercator"]]) but failed to
remove it when the web application was stopped. Threads
are going to be renewed over time to try and avoid a
probable memory leak.
May 26, 2016 12:27:02 PM
org.apache.catalina.loader.WebappClassLoader
checkThreadLocalMapForLeaks
SEVERE: The web application [/geoserver] created a
ThreadLocal with key of type
[org.apache.commons.lang.builder.HashCodeBuilder$1]
(value
[org.apache.commons.lang.builder.HashCodeBuilder$1@20b9f0d0])
and a value of type [java.util.HashSet] (value [[]]) but
failed to remove it when the web application was stopped.
Threads are going to be renewed over time to try and
avoid a probable memory leak.
May 26, 2016 12:27:02 PM
org.apache.catalina.loader.WebappClassLoader
checkThreadLocalMapForLeaks
SEVERE: The web application [/geoserver] created a
ThreadLocal with key of type
[org.eclipse.emf.ecore.xml.type.util.XMLTypeUtil.CharArrayThreadLocal]
(value
[org.eclipse.emf.ecore.xml.type.util.XMLTypeUtil$CharArrayThreadLocal@53877bc7])
and a value of type [char[]] (value [[C@63cf70a8]) but
failed to remove it when the web application was stopped.
Threads are going to be renewed over time to try and
avoid a probable memory leak.
May 26, 2016 12:27:02 PM
org.apache.catalina.loader.WebappClassLoader
checkThreadLocalMapForLeaks
SEVERE: The web application [/geoserver] created a
ThreadLocal with key of type [java.lang.ThreadLocal]
(value [java.lang.ThreadLocal@47ed58c9]) and a value of
type [org.geotools.referencing.wkt.Formatter] (value [])
but failed to remove it when the web application was
stopped. Threads are going to be renewed over time to try
and avoid a probable memory leak.
May 26, 2016 12:27:02 PM
org.apache.catalina.loader.WebappClassLoader
checkThreadLocalMapForLeaks
SEVERE: The web application [/geoserver] created a
ThreadLocal with key of type [java.lang.ThreadLocal]
(value [java.lang.ThreadLocal@2f601903]) and a value of
type
[org.springframework.security.core.context.SecurityContextImpl]
(value
[org.springframework.security.core.context.SecurityContextImpl@ffffffff:
Null authentication]) but failed to remove it when the
web application was stopped. Threads are going to be
renewed over time to try and avoid a probable memory leak.
May 26, 2016 12:27:02 PM
org.apache.catalina.loader.WebappClassLoader
checkThreadLocalMapForLeaks
SEVERE: The web application [/geoserver] created a
ThreadLocal with key of type
[org.eclipse.emf.ecore.impl.EClassImpl$1] (value
[org.eclipse.emf.ecore.impl.EClassImpl$1@4e0a2c41]) and a
value of type [java.util.HashSet] (value [[]]) but failed
to remove it when the web application was stopped.
Threads are going to be renewed over time to try and
avoid a probable memory leak.
May 26, 2016 12:27:02 PM
org.apache.catalina.startup.HostConfig deployDirectory
INFO: Deploying web application directory
/var/lib/tomcat7/webapps/ROOT
May 26, 2016 12:27:02 PM
org.apache.coyote.AbstractProtocol start
INFO: Starting ProtocolHandler ["http-bio-8080"]
May 26, 2016 12:27:02 PM
org.apache.catalina.startup.Catalina start
INFO: Server startup in 20835 ms/
On 05/26/2016 08:22 AM, Christian Mueller wrote:
Hi
What do you mean with deleting the admin password ?
Obviously GeoServer cannot decode the password of your
datastore. I assume you did a fresh installation and the
GeoServer internal key material
has changed. Different GeoServer installations use
different key material.
Solution: find the xml config file for your datastore.
Search the XML element named "password". Replace the
password with:
plain:mypassword.
After restarting, use the admin GUI, open the edit view
of your datastore and save the config. This will encrypt
the password using your new internal keys.
Cheers
Christian
------------------------------------------------------------------------------
Mobile security can be enabling, not merely restricting.
Employees who
bring their own devices (BYOD) to work are irked by the
imposition of MDM
restrictions. Mobile Device Manager Plus allows you to
control only the
apps on BYO-devices by containerizing them, leaving
personal data untouched!
https://ad.doubleclick.net/ddm/clk/304595813;131938128;j
_______________________________________________
Geoserver-users mailing list
[email protected]
<mailto:[email protected]>
https://lists.sourceforge.net/lists/listinfo/geoserver-users
--
==
GeoServer Professional Services from the experts! Visit
http://goo.gl/it488V for more information.
==
Ing. Andrea Aime
@geowolf
Technical Lead
GeoSolutions S.A.S.
Via di Montramito 3/A
55054 Massarosa (LU)
phone: +39 0584 962313 <tel:%2B39%200584%20962313>
fax: +39 0584 1660272 <tel:%2B39%200584%201660272>
mob: +39 339 8844549 <tel:%2B39%20%C2%A0339%208844549>
http://www.geo-solutions.it
http://twitter.com/geosolutions_it
*AVVERTENZE AI SENSI DEL D.Lgs. 196/2003*
Le informazioni contenute in questo messaggio di posta
elettronica e/o nel/i file/s allegato/i sono da considerarsi
strettamente riservate. Il loro utilizzo è consentito
esclusivamente al destinatario del messaggio, per le finalità
indicate nel messaggio stesso. Qualora riceviate questo
messaggio senza esserne il destinatario, Vi preghiamo
cortesemente di darcene notizia via e-mail e di procedere
alla distruzione del messaggio stesso, cancellandolo dal
Vostro sistema. Conservare il messaggio stesso, divulgarlo
anche in parte, distribuirlo ad altri soggetti, copiarlo, od
utilizzarlo per finalità diverse, costituisce comportamento
contrario ai principi dettati dal D.Lgs. 196/2003.
The information in this message and/or attachments, is
intended solely for the attention and use of the named
addressee(s) and may be confidential or proprietary in nature
or covered by the provisions of privacy act (Legislative
Decree June, 30 2003, no.196 - Italy's New Data Protection
Code).Any use not in accord with its purpose, any disclosure,
reproduction, copying, distribution, or either dissemination,
either whole or partial, is strictly forbidden except
previous formal approval of the named addressee(s). If you
are not the intended recipient, please contact immediately
the sender by telephone, fax or e-mail and delete the
information in this message that has been received in error.
The sender does not give any warranty or accept liability as
the content, accuracy or completeness of sent messages and
accepts no responsibility for changes made after they were
sent or for other risks which arise as a result of e-mail
transmission, viruses, etc.
-------------------------------------------------------
------------------------------------------------------------------------------
Mobile security can be enabling, not merely restricting.
Employees who
bring their own devices (BYOD) to work are irked by the
imposition of MDM
restrictions. Mobile Device Manager Plus allows you to
control only the
apps on BYO-devices by containerizing them, leaving personal
data untouched!
https://ad.doubleclick.net/ddm/clk/304595813;131938128;j
_______________________________________________
Geoserver-users mailing list
[email protected]
<mailto:[email protected]>
https://lists.sourceforge.net/lists/listinfo/geoserver-users
--
DI Christian Mueller MSc (GIS), MSc (IT-Security)
OSS Open Source Solutions GmbH
