Re: -Djava.security.manager=problems for service provider

Sean Mullan Thu, 29 Mar 2018 10:31:47 -0700

Copying Naoto.

Naoto, the regression mentioned below that is causing the NPE looks tobe caused by changes to java.util.ResourceBundle inhttps://bugs.openjdk.java.net/browse/JDK-8182601


Can you take a look and file a bug, if so?

Thanks,
Sean

On 3/29/18 4:53 AM, Peter wrote:

Hello Java security people!
It turns out we needed the -Djava.security.manager= option at startupafter all...
According to our SecurityManager implementation notes, the reason itinstantiated the policy, was to ensure that the JVM had loaded allnecessary classes, to prevent recursive errors. So I worked out wedidn't actually need an instance of the policy, but instead, just makesure it's class is loaded along with other important classes, before thesecurity manager is in force. I've also handed off the logging in thepolicy to an executor...
So I've removed the instantation of policy provider from our securitymanager's constructor.
I've actually got a permission check in the constructor of the securitymanager, if the AccessControlContext is privileged or if anAccessControlContext containing ProtectionDomains are privileged, thepolicy is never consulted. And so, the policy is not consulted orinstantiated during the security managers construction as you can seebelow.
I have a new problem:
To state it simply, if you have a custom SecurityManager, you cannot usethe built in sun.security.provider.PolicyFile because the classRBClassLoader cannot be initialized, due to a NullPointerException init's static initializer:
[java] Caused by: java.lang.NullPointerException
[java] atjava.util.ResourceBundle$RBClassLoader.<clinit>(ResourceBundle.java:502)
Which is just a null pointer dereference in RBClassLoaders staticinitializer block:
static {
             // Find the extension class loader.
             ClassLoader ld = ClassLoader.getSystemClassLoader();
             ClassLoader parent;
             while ((parent = ld.getParent()) != null) {
                 ld = parent;
             }
             loader = ld;
         }

It should be:

static {
             // Find the extension class loader.
             ClassLoader ld = ClassLoader.getSystemClassLoader();
             ClassLoader parent;
             while (ld != null) {
                 parent = ld.getParent();
                 if (parent == null) break;
                 ld = parent;
             }
             loader = ld;
         }

      [java] Error occurred during initialization of VM
      [java] java.lang.ExceptionInInitializerError
[java] atjava.util.ResourceBundle.getLoader(ResourceBundle.java:482) [java] atjava.util.ResourceBundle.getBundle(ResourceBundle.java:783) [java] atsun.security.util.ResourcesMgr$1.run(ResourcesMgr.java:47) [java] atsun.security.util.ResourcesMgr$1.run(ResourcesMgr.java:44) [java] at java.security.AccessController.doPrivileged(NativeMethod) [java] atsun.security.util.ResourcesMgr.getString(ResourcesMgr.java:43) [java] atsun.security.provider.PolicyFile.addGrantEntry(PolicyFile.java:888) [java] atsun.security.provider.PolicyFile.init(PolicyFile.java:626) [java] atsun.security.provider.PolicyFile.access$400(PolicyFile.java:258) [java] atsun.security.provider.PolicyFile$3.run(PolicyFile.java:521) [java] atsun.security.provider.PolicyFile$3.run(PolicyFile.java:495) [java] at java.security.AccessController.doPrivileged(NativeMethod) [java] atsun.security.provider.PolicyFile.initPolicyFile(PolicyFile.java:495) [java] atsun.security.provider.PolicyFile.initPolicyFile(PolicyFile.java:480) [java] atsun.security.provider.PolicyFile.init(PolicyFile.java:439) [java] atsun.security.provider.PolicyFile.<init>(PolicyFile.java:297)
      [java]     at java.security.Policy.getPolicyNoCheck(Policy.java:196)
[java] atjava.security.ProtectionDomain.implies(ProtectionDomain.java:285)
      [java]     at java.lang.System$1.run(System.java:316)
      [java] Unexpected exception:
      [java] java.io.IOException: The pipe is being closed
      [java]     at java.io.FileOutputStream.writeBytes(Native Method)
[java] atjava.io.FileOutputStream.write(FileOutputStream.java:326) [java] atjava.io.BufferedOutputStream.flushBuffer(BufferedOutputStream.java:82) [java] atjava.io.BufferedOutputStream.write(BufferedOutputStream.java:126) [java] atjava.io.ObjectOutputStream$BlockDataOutputStream.drain(ObjectOutputStream.java:1877) [java] atjava.io.ObjectOutputStream$BlockDataOutputStream.setBlockDataMode(ObjectOutputStream.java:1786) [java] atjava.io.ObjectOutputStream.writeNonProxyDesc(ObjectOutputStream.java:1286) [java] atjava.io.ObjectOutputStream.writeClassDesc(ObjectOutputStream.java:1231) [java] atjava.io.ObjectOutputStream.writeOrdinaryObject(ObjectOutputStream.java:1427) [java] atjava.io.ObjectOutputStream.writeObject0(ObjectOutputStream.java:1178) [java] atjava.io.ObjectOutputStream.writeFatalException(ObjectOutputStream.java:1577) [java] atjava.io.ObjectOutputStream.writeObject(ObjectOutputStream.java:351) [java] atorg.apache.river.qa.harness.MasterHarness.runTestOtherVM(MasterHarness.java:883) [java] atorg.apache.river.qa.harness.MasterHarness.access$200(MasterHarness.java:122) [java] atorg.apache.river.qa.harness.MasterHarness$TestRunner.run(MasterHarness.java:616) [java] atorg.apache.river.qa.harness.MasterHarness.runTests(MasterHarness.java:443) [java] atorg.apache.river.qa.harness.QARunner.main(QARunner.java:67)
      [java]
      [java] TIME: 5:52:12 PM
      [java]
[java] at java.security.AccessController.doPrivileged(NativeMethod)
      [java]     at java.lang.System.setSecurityManager0(System.java:313)
      [java]     at java.lang.System.setSecurityManager(System.java:291)
      [java]     at sun.misc.Launcher.<init>(Launcher.java:101)
      [java]     at sun.misc.Launcher.<clinit>(Launcher.java:54)
[java] atjava.lang.ClassLoader.initSystemClassLoader(ClassLoader.java:1451) [java] atjava.lang.ClassLoader.getSystemClassLoader(ClassLoader.java:1436)
      [java] Caused by: java.lang.NullPointerException
[java] atjava.util.ResourceBundle$RBClassLoader.<clinit>(ResourceBundle.java:502) [java] atjava.util.ResourceBundle.getLoader(ResourceBundle.java:482) [java] atjava.util.ResourceBundle.getBundle(ResourceBundle.java:783) [java] atsun.security.util.ResourcesMgr$1.run(ResourcesMgr.java:47) [java] atsun.security.util.ResourcesMgr$1.run(ResourcesMgr.java:44) [java] at java.security.AccessController.doPrivileged(NativeMethod) [java] atsun.security.util.ResourcesMgr.getString(ResourcesMgr.java:43) [java] atsun.security.provider.PolicyFile.addGrantEntry(PolicyFile.java:888) [java] atsun.security.provider.PolicyFile.init(PolicyFile.java:626) [java] atsun.security.provider.PolicyFile.access$400(PolicyFile.java:258) [java] atsun.security.provider.PolicyFile$3.run(PolicyFile.java:521) [java] atsun.security.provider.PolicyFile$3.run(PolicyFile.java:495) [java] at java.security.AccessController.doPrivileged(NativeMethod) [java] atsun.security.provider.PolicyFile.initPolicyFile(PolicyFile.java:495) [java] atsun.security.provider.PolicyFile.initPolicyFile(PolicyFile.java:480) [java] atsun.security.provider.PolicyFile.init(PolicyFile.java:439) [java] atsun.security.provider.PolicyFile.<init>(PolicyFile.java:297)
      [java]     at java.security.Policy.getPolicyNoCheck(Policy.java:196)
[java] atjava.security.ProtectionDomain.implies(ProtectionDomain.java:285)
      [java]     at java.lang.System$1.run(System.java:316)
[java] at java.security.AccessController.doPrivileged(NativeMethod)
      [java]     at java.lang.System.setSecurityManager0(System.java:313)
      [java]     at java.lang.System.setSecurityManager(System.java:291)
      [java]     at sun.misc.Launcher.<init>(Launcher.java:101)
      [java]     at sun.misc.Launcher.<clinit>(Launcher.java:54)
[java] atjava.lang.ClassLoader.initSystemClassLoader(ClassLoader.java:1451) [java] atjava.lang.ClassLoader.getSystemClassLoader(ClassLoader.java:1436)
In an earlier version of Java 1.8 RBClassLoader looked like this (itchecked for null, so no NPE):
  /**
      * A wrapper of ClassLoader.getSystemClassLoader().
      */
     private static class RBClassLoader extends ClassLoader {
private static final RBClassLoader INSTANCE =AccessController.doPrivileged(
                     new PrivilegedAction<RBClassLoader>() {
                         public RBClassLoader run() {
                             return new RBClassLoader();
                         }
                     });
private static final ClassLoader loader =ClassLoader.getSystemClassLoader();
         private RBClassLoader() {
         }
public Class<?> loadClass(String name) throwsClassNotFoundException {
             if (loader != null) {
                 return loader.loadClass(name);
             }
             return Class.forName(name);
         }
         public URL getResource(String name) {
             if (loader != null) {
                 return loader.getResource(name);
             }
             return ClassLoader.getSystemResource(name);
         }
         public InputStream getResourceAsStream(String name) {
             if (loader != null) {
                 return loader.getResourceAsStream(name);
             }
             return ClassLoader.getSystemResourceAsStream(name);
         }
     }
In 1.8.0_162 it looks like this, see the null pointer dereference in thestatic initializer?:
     /**
      * A wrapper of Extension Class Loader
      */
     private static class RBClassLoader extends ClassLoader {
private static final RBClassLoader INSTANCE =AccessController.doPrivileged(
                     new PrivilegedAction<RBClassLoader>() {
                         public RBClassLoader run() {
                             return new RBClassLoader();
                         }
                     });
         private static final ClassLoader loader;
         static {
             // Find the extension class loader.
             ClassLoader ld = ClassLoader.getSystemClassLoader();
             ClassLoader parent;
             while ((parent = ld.getParent()) != null) {
                 ld = parent;
             }
             loader = ld;
         }

         private RBClassLoader() {
         }
public Class<?> loadClass(String name) throwsClassNotFoundException {
             if (loader != null) {
                 return loader.loadClass(name);
             }
             return Class.forName(name);
         }
         public URL getResource(String name) {
             if (loader != null) {
                 return loader.getResource(name);
             }
             return ClassLoader.getSystemResource(name);
         }
         public InputStream getResourceAsStream(String name) {
             if (loader != null) {
                 return loader.getResourceAsStream(name);
             }
             return ClassLoader.getSystemResourceAsStream(name);
         }
     }

Cheers,

Peter.

On 28/03/2018 2:20 PM, Peter wrote:
It would be more correct to say, it wasn't noticed until recently.
The logger was recently added to our policy implementation as a todoitem, previously it went to System.out.err.
The logger in our security manager, while a static field, has thiscomment:
/**
* Logger is lazily loaded, the SecurityManager can be loadedprior to
     * the system ClassLoader, attempting to load a Logger will cause a
* NullPointerException, when callingClassLoader.getSystemClassLoader(),
     * in order to load the logger class.
Unfortunately we can't have the same lazy loading for the policyprovider as all logging is related to parsing policy file syntaxerrors, all done prior to construction of the policy.
We could remove the Logger from the policy, but that makes trackingdown policy syntax errors a problem usually after a period of running,rather than during start up.
We also need to ensure all classes the SecurityManager will cause tobe loaded are loaded prior to the security manager constructorcompleting.
For example:

/* The following ensures the classes we need are loaded early to avoid
     * class loading deadlock */
    checkPermission(new RuntimePermission("setIO"), SMPrivilegedContext);
It seems the best advise is to simply avoid using-Djava.security.manager in our case.
Cheers,

Peter.


On 28/03/2018 11:50 AM, Peter wrote:
Thanks Daniel,
Ah yes, I see what's happening and why this only occurs when using-Djava.security.manager=
sun.misc.Launcher calls the security manager constructor from withinits constructor, which creates a recursive call back to the staticmethod Launcher.getLauncher(), which returns the uninitialized staticlauncher field.
CombinerSecurityManager checks during construction that the policyhas been instantiated and it also instantiates a Logger. It couldsafely lose the logger, but the policy must be fully instantiatedbefore the security manager is in force, otherwise it createsrecursive calls in the security manager implementation.
The simplest fix would be to move the instantiation ofSecurityManager to a static initializer in Launcher that occursafter the construction of Launcher and setting of the static launcherfield.
This didn't become a problem until recently upgrading to the latestJava 8 JDK, so not sure of the history here.
Regards Peter.

More comments inline below:
Hi,

On 27/03/2018 14:06, Alan Bateman wrote:
>/  Moving this to security-dev.
/>/
/>/ From the stack trace, it looks like you are using JDK 8 orolder. There/>/ are several changes in JDK 9 and newer in the PolicyFile codeto how it
/>/  loads its resources that may help with the issues you are seeing.
/>/
/>/  -Alan
/
[snip]

>/       [java]     at java.util.logging.Logger.log(Logger.java:788)
/>/ [java] atorg.apache.river.api.security.ConcurrentPolicyFile$2.run(ConcurrentPolicyFile.java:496)
/
In what logging is concerned, it's probably not a good idea to
use java.util.logging in a Policy/SecurityManager implementation
supplied on the command line as java.util.logging uses
doPrivileged and checks for permissions.
Work arounds for that problem:

   * Delegate logging to an executor.
   * Use a thread local variable to detect trusted recursive calls.
   * Only log messages during startup, when the policy or security
     manager isn't active.
For the record the line that throws in the first stack trace
seems to be this one at LogManager.java:965
Class<?> clz =ClassLoader.getSystemClassLoader().loadClass(word);
The exception is caught and printed on System.err at line 981
allowing the caller to proceed - so it's not what is
causing the ExceptionInInitializerError, but it shows that
ClassLoader.getSystemClassLoader() is probably returning null
at this point, and it looks like it is the same issue you're
seeing at ResourceBundle.java:502 later on, which prevents the
CombinerSecurityManager to initialize.


Hopes this helps,

-- daniel


>/
/>/  On 27/03/2018 13:56, Peter Firmstone wrote:
/>>/  Not sure if this is the right place to mention this.
/>>/
/>>/ Anyone notice that specifying a custom security manager at jvmstart/>>/ up causes issues with service providers loading? If usingthe sun/>>/ PolicyFile implementation, the policy doesn't load due to theprovider/>>/ failure, I have a custom policy implementation that will allowthe jvm/>>/ to run in this state, and other providers are also notloading, such
/>>/  as the logger and JCE.
/>>/
/>>/  Note that it doesn't occur if the security manager is set
/>>/ programmatically in the main method at start up, only if it'sset via
/>>/  command line option.
/>>/
/>>/  Examples of providers not loading:
/>>/
/>>/        [java] java.lang.NullPointerException
/>>/ [java] Can't load log handler"java.util.logging.ConsoleHandler"
/>>/        [java] java.lang.NullPointerException
/>>/        [java] java.lang.NullPointerException
/>>/        [java]     at
/>>/  java.util.logging.LogManager$5.run(LogManager.java:965)
/>>/ [java] atjava.security.AccessController.doPrivileged(Native
/>>/  Method)
/>>/        [java]     at
/>>/java.util.logging.LogManager.loadLoggerHandlers(LogManager.java:958)
/>>/        [java]     at
/>>/java.util.logging.LogManager.initializeGlobalHandlers(LogManager.java:1578)
/>>/
/>>/        [java]     at
/>>/  java.util.logging.LogManager.access$1500(LogManager.java:145)
/>>/        [java]     at
/>>/java.util.logging.LogManager$RootLogger.accessCheckedHandlers(LogManager.java:1667)
/>>/
/>>/ [java] atjava.util.logging.Logger.getHandlers(Logger.java:1777)
/>>/        [java]     at java.util.logging.Logger.log(Logger.java:735)
/>>/ [java] atjava.util.logging.Logger.doLog(Logger.java:765)
/>>/        [java]     at java.util.logging.Logger.log(Logger.java:788)
/>>/        [java]     at
/>>/org.apache.river.api.security.ConcurrentPolicyFile$2.run(ConcurrentPolicyFile.java:496)
/>>/
/>>/        [java]     at
/>>/org.apache.river.api.security.ConcurrentPolicyFile$2.run(ConcurrentPolicyFile.java:469)
/>>/
/>>/ [java] atjava.security.AccessController.doPrivileged(Native
/>>/  Method)
/>>/        [java]     at
/>>/org.apache.river.api.security.ConcurrentPolicyFile.readPoliciesNoCheckGuard(ConcurrentPolicyFile.java:468)
/>>/
/>>/        [java]     at
/>>/org.apache.river.api.security.ConcurrentPolicyFile.readPolicyPermissionGrants(ConcurrentPolicyFile.java:243)
/>>/
/>>/        [java]     at
/>>/org.apache.river.api.security.ConcurrentPolicyFile.<init>(ConcurrentPolicyFile.java:253)
/>>/
/>>/        [java]     at
/>>/org.apache.river.api.security.ConcurrentPolicyFile.<init>(ConcurrentPolicyFile.java:226)
/>>/
/>>/        [java]     at
/>>/org.apache.river.api.security.CombinerSecurityManager.<init>(CombinerSecurityManager.java:154)
/>>/
/>>/        [java]     at
/>>/org.apache.river.api.security.CombinerSecurityManager.<init>(CombinerSecurityManager.java:133)
/>>/
/>>/        [java]     at
/>>/org.apache.river.tool.SecurityPolicyWriter.<init>(SecurityPolicyWriter.java:137)
/>>/
/>>/        [java]     at
/>>/org.apache.river.tool.SecurityPolicyWriter.<init>(SecurityPolicyWriter.java:162)
/>>/
/>>/        [java]     at
/>>/ sun.reflect.NativeConstructorAccessorImpl.newInstance0(NativeMethod)
/>>/        [java]     at
/>>/sun.reflect.NativeConstructorAccessorImpl.newInstance(NativeConstructorAccessorImpl.java:62)
/>>/
/>>/        [java]     at
/>>/sun.reflect.DelegatingConstructorAccessorImpl.newInstance(DelegatingConstructorAccessorImpl.java:45)
/>>/
/>>/        [java]     at
/>>/  java.lang.reflect.Constructor.newInstance(Constructor.java:423)
/>>/        [java]     at java.lang.Class.newInstance(Class.java:442)
/>>/        [java]     at sun.misc.Launcher.<init>(Launcher.java:93)
/>>/        [java]     at sun.misc.Launcher.<clinit>(Launcher.java:54)
/>>/        [java]     at
/>>/ java.lang.ClassLoader.initSystemClassLoader(ClassLoader.java:1451)
/>>/        [java]     at
/>>/  java.lang.ClassLoader.getSystemClassLoader(ClassLoader.java:1436)
/>>/
/>>/
/>>/        [java] Error occurred during initialization of VM
/>>/        [java] java.lang.ExceptionInInitializerError
/>>/        [java]     at
/>>/  java.util.ResourceBundle.getLoader(ResourceBundle.java:482)
/>>/        [java]     at
/>>/  java.util.ResourceBundle.getBundle(ResourceBundle.java:783)
/>>/        [java]     at
/>>/  sun.security.util.ResourcesMgr$1.run(ResourcesMgr.java:47)
/>>/        [java]     at
/>>/  sun.security.util.ResourcesMgr$1.run(ResourcesMgr.java:44)
/>>/ [java] atjava.security.AccessController.doPrivileged(Native
/>>/  Method)
/>>/        [java]     at
/>>/  sun.security.util.ResourcesMgr.getString(ResourcesMgr.java:43)
/>>/        [java]     at
/>>/sun.security.provider.PolicyFile.addGrantEntry(PolicyFile.java:888)
/>>/        [java]     at
/>>/  sun.security.provider.PolicyFile.init(PolicyFile.java:626)
/>>/        [java]     at
/>>/  sun.security.provider.PolicyFile.access$400(PolicyFile.java:258)
/>>/        [java]     at
/>>/  sun.security.provider.PolicyFile$3.run(PolicyFile.java:521)
/>>/        [java]     at
/>>/  sun.security.provider.PolicyFile$3.run(PolicyFile.java:495)
/>>/ [java] atjava.security.AccessController.doPrivileged(Native
/>>/  Method)
/>>/        [java]     at
/>>/sun.security.provider.PolicyFile.initPolicyFile(PolicyFile.java:495)
/>>/        [java]     at
/>>/sun.security.provider.PolicyFile.initPolicyFile(PolicyFile.java:480)
/>>/        [java]     at
/>>/  sun.security.provider.PolicyFile.init(PolicyFile.java:439)
/>>/        [java]     at
/>>/  sun.security.provider.PolicyFile.<init>(PolicyFile.java:297)
/>>/ [java] atjava.security.Policy.getPolicyNoCheck(Policy.java:196)/>>/ [java] atjava.security.Policy.getPolicy(Policy.java:154)/>>/ [java] atnet.jini.security.Security$7.run(Security.java:1054)/>>/ [java] atnet.jini.security.Security$7.run(Security.java:1052)/>>/ [java] atjava.security.AccessController.doPrivileged(Native
/>>/  Method)
/>>/        [java]     at
/>>/  net.jini.security.Security.getPolicy(Security.java:1052)
/>>/        [java]     at
/>>/  net.jini.security.Security.getContext(Security.java:506)
/>>/        [java]     at
/>>/org.apache.river.api.security.CombinerSecurityManager.<init>(CombinerSecurityManager.java:140)
/>>/
/>>/        [java]     at
/>>/org.apache.river.api.security.CombinerSecurityManager.<init>(CombinerSecurityManager.java:132)
/>>/
/>>/        [java]     at
/>>/org.apache.river.tool.SecurityPolicyWriter.<init>(SecurityPolicyWriter.java:137)
/>>/
/>>/        [java]     at
/>>/org.apache.river.tool.SecurityPolicyWriter.<init>(SecurityPolicyWriter.java:160)
/>>/
/>>/        [java]     at
/>>/ sun.reflect.NativeConstructorAccessorImpl.newInstance0(NativeMethod)
/>>/        [java]     at
/>>/sun.reflect.NativeConstructorAccessorImpl.newInstance(NativeConstructorAccessorImpl.java:62)
/>>/
/>>/        [java]     at
/>>/sun.reflect.DelegatingConstructorAccessorImpl.newInstance(DelegatingConstructorAccessorImpl.java:45)
/>>/
/>>/        [java]     at
/>>/  java.lang.reflect.Constructor.newInstance(Constructor.java:423)
/>>/        [java]     at java.lang.Class.newInstance(Class.java:442)
/>>/        [java]     at sun.misc.Launcher.<init>(Launcher.java:93)
/>>/        [java]     at sun.misc.Launcher.<clinit>(Launcher.java:54)
/>>/        [java]     at
/>>/ java.lang.ClassLoader.initSystemClassLoader(ClassLoader.java:1451)
/>>/        [java]     at
/>>/  java.lang.ClassLoader.getSystemClassLoader(ClassLoader.java:1436)
/>>/        [java] Caused by: java.lang.NullPointerException
/>>/        [java]     at
/>>/java.util.ResourceBundle$RBClassLoader.<clinit>(ResourceBundle.java:502)
/>>/        [java]     at
/>>/  java.util.ResourceBundle.getLoader(ResourceBundle.java:482)
/>>/        [java]     at
/>>/  java.util.ResourceBundle.getBundle(ResourceBundle.java:783)
/>>/        [java]     at
/>>/  sun.security.util.ResourcesMgr$1.run(ResourcesMgr.java:47)
/>>/        [java]     at
/>>/  sun.security.util.ResourcesMgr$1.run(ResourcesMgr.java:44)
/>>/ [java] atjava.security.AccessController.doPrivileged(Native
/>>/  Method)
/>>/        [java]     at
/>>/  sun.security.util.ResourcesMgr.getString(ResourcesMgr.java:43)
/>>/        [java]     at
/>>/sun.security.provider.PolicyFile.addGrantEntry(PolicyFile.java:888)
/>>/        [java]     at
/>>/  sun.security.provider.PolicyFile.init(PolicyFile.java:626)
/>>/        [java]     at
/>>/  sun.security.provider.PolicyFile.access$400(PolicyFile.java:258)
/>>/        [java]     at
/>>/  sun.security.provider.PolicyFile$3.run(PolicyFile.java:521)
/>>/        [java]     at
/>>/  sun.security.provider.PolicyFile$3.run(PolicyFile.java:495)
/>>/ [java] atjava.security.AccessController.doPrivileged(Native
/>>/  Method)
/>>/        [java]     at
/>>/sun.security.provider.PolicyFile.initPolicyFile(PolicyFile.java:495)
/>>/        [java]     at
/>>/sun.security.provider.PolicyFile.initPolicyFile(PolicyFile.java:480)
/>>/        [java]     at
/>>/  sun.security.provider.PolicyFile.init(PolicyFile.java:439)
/>>/        [java]     at
/>>/  sun.security.provider.PolicyFile.<init>(PolicyFile.java:297)
/>>/ [java] atjava.security.Policy.getPolicyNoCheck(Policy.java:196)/>>/ [java] atjava.security.Policy.getPolicy(Policy.java:154)/>>/ [java] atnet.jini.security.Security$7.run(Security.java:1054)/>>/ [java] atnet.jini.security.Security$7.run(Security.java:1052)/>>/ [java] atjava.security.AccessController.doPrivileged(Native
/>>/  Method)
/>>/        [java]     at
/>>/  net.jini.security.Security.getPolicy(Security.java:1052)
/>>/        [java]     at
/>>/  net.jini.security.Security.getContext(Security.java:506)
/>>/        [java] Unexpected exception:
/>>/        [java]     at
/>>/org.apache.river.api.security.CombinerSecurityManager.<init>(CombinerSecurityManager.java:140)
/>>/
/>>/        [java]     at
/>>/org.apache.river.api.security.CombinerSecurityManager.<init>(CombinerSecurityManager.java:132)
/>>/
/>>/        [java]     at
/>>/org.apache.river.tool.SecurityPolicyWriter.<init>(SecurityPolicyWriter.java:137)
/>>/
/>>/        [java]     at
/>>/org.apache.river.tool.SecurityPolicyWriter.<init>(SecurityPolicyWriter.java:160)
/>>/
/>>/        [java]     at
/>>/ sun.reflect.NativeConstructorAccessorImpl.newInstance0(NativeMethod)
/>>/        [java]     at
/>>/sun.reflect.NativeConstructorAccessorImpl.newInstance(NativeConstructorAccessorImpl.java:62)
/>>/
/>>/        [java]     at
/>>/sun.reflect.DelegatingConstructorAccessorImpl.newInstance(DelegatingConstructorAccessorImpl.java:45)
/>>/
/>>/        [java]     at
/>>/  java.lang.reflect.Constructor.newInstance(Constructor.java:423)
/>>/        [java]     at java.lang.Class.newInstance(Class.java:442)
/>>/        [java]     at sun.misc.Launcher.<init>(Launcher.java:93)
/>>/        [java]     at sun.misc.Launcher.<clinit>(Launcher.java:54)
/>>/        [java]     at
/>>/ java.lang.ClassLoader.initSystemClassLoader(ClassLoader.java:1451)
/>>/        [java]     at
/>>/  java.lang.ClassLoader.getSystemClassLoader(ClassLoader.java:1436)
/>>/
/>>/
/>>/
/>>/        [java] java.lang.ExceptionInInitializerError
/>>/        [java]     at
/>>/javax.crypto.JceSecurityManager.<clinit>(JceSecurityManager.java:65)
/>>/        [java]     at
/>>/  javax.crypto.Cipher.getConfiguredPermission(Cipher.java:2586)
/>>/        [java]     at
/>>/  javax.crypto.Cipher.getMaxAllowedKeyLength(Cipher.java:2610)
/>>/        [java]     at
/>>/sun.security.ssl.CipherSuite$BulkCipher.isUnlimited(CipherSuite.java:535)
/>>/        [java]     at
/>>/sun.security.ssl.CipherSuite$BulkCipher.<init>(CipherSuite.java:507)
/>>/        [java]     at
/>>/  sun.security.ssl.CipherSuite.<clinit>(CipherSuite.java:614)
/>>/        [java]     at
/>>/sun.security.ssl.SSLContextImpl.getApplicableCipherSuiteList(SSLContextImpl.java:294)
/>>/
/>>/        [java]     at
/>>/ sun.security.ssl.SSLContextImpl.access$100(SSLContextImpl.java:42)
/>>/        [java]     at
/>>/sun.security.ssl.SSLContextImpl$AbstractTLSContext.<clinit>(SSLContextImpl.java:425)
/>>/
/>>/        [java]     at java.lang.Class.forName0(Native Method)
/>>/        [java]     at java.lang.Class.forName(Class.java:264)
/>>/        [java]     at
/>>/  java.security.Provider$Service.getImplClass(Provider.java:1634)
/>>/        [java]     at
/>>/  java.security.Provider$Service.newInstance(Provider.java:1592)
/>>/        [java]     at
/>>/  sun.security.jca.GetInstance.getInstance(GetInstance.java:236)
/>>/        [java]     at
/>>/  sun.security.jca.GetInstance.getInstance(GetInstance.java:164)
/>>/        [java]     at
/>>/  javax.net.ssl.SSLContext.getInstance(SSLContext.java:156)
/>>/        [java]     at
/>>/net.jini.jeri.ssl.Utilities.getServerSSLContextInfo(Utilities.java:712)
/>>/        [java]     at
/>>/net.jini.jeri.ssl.Utilities.getSupportedCipherSuites(Utilities.java:284)
/>>/        [java]     at
/>>/net.jini.jeri.ssl.SslEndpointImpl.getConnectionContexts(SslEndpointImpl.java:750)
/>>/
/>>/        [java]     at
/>>/net.jini.jeri.ssl.SslEndpointImpl.getCallContext(SslEndpointImpl.java:326)
/>>/
/>>/        [java]     at
/>>/net.jini.jeri.ssl.SslEndpointImpl.newRequest(SslEndpointImpl.java:185)
/>>/        [java]     at
/>>/  net.jini.jeri.ssl.SslEndpoint.newRequest(SslEndpoint.java:550)
/>>/        [java]     at
/>>/net.jini.jeri.BasicObjectEndpoint.newCall(BasicObjectEndpoint.java:421)
/>>/        [java]     at
/>>/net.jini.jeri.BasicInvocationHandler.invokeRemoteMethod(BasicInvocationHandler.java:688)
/>>/
/>>/        [java]     at
/>>/net.jini.jeri.BasicInvocationHandler.invoke(BasicInvocationHandler.java:571)
/>>/
/>>/ [java] atcom.sun.proxy.$Proxy2.registerGroup(Unknown Source)
/>>/        [java]     at
/>>/org.apache.river.start.SharedActivationGroupDescriptor.create(SharedActivationGroupDescriptor.java:370)
/>>/
/>>/        [java]     at
/>>/org.apache.river.qa.harness.SharedGroupAdmin.start(SharedGroupAdmin.java:204)
/>>/
/>>/        [java]     at
/>>/org.apache.river.qa.harness.AdminManager.startService(AdminManager.java:639)
/>>/
/>>/        [java]     at
/>>/org.apache.river.qa.harness.AdminManager.startService(AdminManager.java:660)
/>>/
/>>/        [java]     at
/>>/org.apache.river.qa.harness.ActivatableServiceStarterAdmin.getServiceSharedLogDir(ActivatableServiceStarterAdmin.java:388)
/>>/
/>>/        [java]     at
/>>/org.apache.river.qa.harness.ActivatableServiceStarterAdmin.start(ActivatableServiceStarterAdmin.java:224)
/>>/
/>>/        [java]     at
/>>/org.apache.river.qa.harness.AdminManager.startService(AdminManager.java:639)
/>>/
/>>/        [java]     at
/>>/org.apache.river.qa.harness.AdminManager.startService(AdminManager.java:660)
/>>/
/>>/        [java]     at
/>>/org.apache.river.qa.harness.AdminManager.startLookupService(AdminManager.java:679)
/>>/
/>>/        [java]     at
/>>/org.apache.river.test.spec.lookupservice.QATestRegistrar.construct(QATestRegistrar.java:458)
/>>/
/>>/        [java]     at
/>>/org.apache.river.test.spec.lookupservice.test_set00.EvntLeaseExpiration.construct(EvntLeaseExpiration.java:88)
/>>/
/>>/        [java]     at
/>>/ org.apache.river.qa.harness.MasterTest.doTest(MasterTest.java:228)
/>>/        [java]     at
/>>/org.apache.river.qa.harness.MasterTest.access$000(MasterTest.java:48)
/>>/        [java]     at
/>>/  org.apache.river.qa.harness.MasterTest$1.run(MasterTest.java:174)
/>>/ [java] atjava.security.AccessController.doPrivileged(Native
/>>/  Method)
/>>/        [java]     at
/>>/  javax.security.auth.Subject.doAsPrivileged(Subject.java:483)
/>>/        [java]     at
/>>/org.apache.river.qa.harness.MasterTest.doTestWithLogin(MasterTest.java:171)
/>>/
/>>/        [java]     at
/>>/  org.apache.river.qa.harness.MasterTest.main(MasterTest.java:150)
/>>/ [java] Caused by: java.lang.SecurityException: Can notinitialize
/>>/  cryptographic mechanism
/>>/ [java] atjavax.crypto.JceSecurity.<clinit>(JceSecurity.java:93)
/>>/        [java]     ... 44 more
/>>/ [java] Caused by: java.lang.SecurityException: Cannotlocate
/>>/  policy or framework files!
/>>/        [java]     at
/>>/javax.crypto.JceSecurity.setupJurisdictionPolicies(JceSecurity.java:316)
/>>/        [java]     at
/>>/  javax.crypto.JceSecurity.access$000(JceSecurity.java:50)
/>>/ [java] atjavax.crypto.JceSecurity$1.run(JceSecurity.java:85)/>>/ [java] atjava.security.AccessController.doPrivileged(Native
/>>/  Method)
/>>/ [java] atjavax.crypto.JceSecurity.<clinit>(JceSecurity.java:82)
/>/
/

Re: -Djava.security.manager=problems for service provider

Reply via email to