cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

RMI Security exception

Former Member

on ‎09-28-2011 6:16 AM

0 Kudos

Hi,

I have a security issue when I try to run RMI client code in the web application on the Web AS 2004s. There is

lookup statement int code:

Naming.lookup("//server/sts")

sts - service name which is registered on the RMI server.

It throws the AccessControl Exception. Please provide your advice.

Please find the stack trace below:

java.security.AccessControlException: access denied (java.io.FilePermission I:\usr\sap\DEV\JC00\j2ee\cluster\server0\apps\boc.com\tmtear\src\java\src.zip read)

at java.security.AccessControlContext.checkPermission(AccessControlContext.java:269)

at java.security.AccessController.checkPermission(AccessController.java:401)

at java.lang.SecurityManager.checkPermission(SecurityManager.java:524)

at java.lang.SecurityManager.checkRead(SecurityManager.java:863)

at java.util.zip.ZipFile.<init>(ZipFile.java:106)

at java.util.jar.JarFile.<init>(JarFile.java:127)

at java.util.jar.JarFile.<init>(JarFile.java:65)

at com.sap.engine.boot.JarFilter.open(JarFilter.java:98)

at com.sap.engine.frame.core.load.res.JarResource.openJar(JarResource.java:416)

at com.sap.engine.frame.core.load.res.JarResource.getClassInfo(JarResource.java:130)

at com.sap.engine.frame.core.load.res.MultipleResource.getClassInfo(MultipleResource.java:56)

at com.sap.engine.services.deploy.server.ApplicationLoader.loadLocalClass(ApplicationLoader.java:77)

at com.sap.engine.frame.core.load.ResourceLoader.loadClass(ResourceLoader.java:127)

at com.sap.engine.frame.core.load.ReferencedLoader.loadClass(ReferencedLoader.java:365)

at java.lang.ClassLoader.loadClassInternal(ClassLoader.java:302)

at java.lang.Class.forName0(Native Method)

at java.lang.Class.forName(Class.java:219)

at sun.rmi.server.LoaderHandler.loadClass(LoaderHandler.java:154)

at java.rmi.server.RMIClassLoader$2.loadClass(RMIClassLoader.java:631)

at java.rmi.server.RMIClassLoader.loadClass(RMIClassLoader.java:257)

at sun.rmi.server.MarshalInputStream.resolveClass(MarshalInputStream.java:200)

at java.io.ObjectInputStream.readNonProxyDesc(ObjectInputStream.java:1513)

at java.io.ObjectInputStream.readClassDesc(ObjectInputStream.java:1435)

at java.io.ObjectInputStream.readOrdinaryObject(ObjectInputStream.java:1626)

at java.io.ObjectInputStream.readObject0(ObjectInputStream.java:1274)

at java.io.ObjectInputStream.readObject(ObjectInputStream.java:322)

at sun.rmi.registry.RegistryImpl_Stub.lookup(Unknown Source)

at java.rmi.Naming.lookup(Naming.java:84)

at com.boc.tmt.vsl.Client.getSequence(Client.java:115)

at com.boc.tmt.action.SingleTripSequencerAction.execute(SingleTripSequencerAction.java:834)

at org.apache.struts.action.RequestProcessor.processActionPerform(RequestProcessor.java:484)

at org.apache.struts.action.RequestProcessor.process(RequestProcessor.java:274)

at org.apache.struts.action.ActionServlet.process(ActionServlet.java:1482)

at org.apache.struts.action.ActionServlet.doGet(ActionServlet.java:507)

at javax.servlet.http.HttpServlet.service(HttpServlet.java:740)

at javax.servlet.http.HttpServlet.service(HttpServlet.java:853)

at com.sap.engine.services.servlets_jsp.server.HttpHandlerImpl.runServlet(HttpHandlerImpl.java:390)

at com.sap.engine.services.servlets_jsp.server.HttpHandlerImpl.handleRequest(HttpHandlerImpl.java:264)

at com.sap.engine.services.httpserver.server.RequestAnalizer.startServlet(RequestAnalizer.java:347)

at com.sap.engine.services.httpserver.server.RequestAnalizer.startServlet(RequestAnalizer.java:325)

at com.sap.engine.services.httpserver.server.RequestAnalizer.invokeWebContainer(RequestAnalizer.java:887)

at com.sap.engine.services.httpserver.server.RequestAnalizer.handle(RequestAnalizer.java:241)

at com.sap.engine.services.httpserver.server.Client.handle(Client.java:92)

at com.sap.engine.services.httpserver.server.Processor.request(Processor.java:148)

at com.sap.engine.core.service630.context.cluster.session.ApplicationSessionMessageListener.process(ApplicationSessionMessageListener.java:33)

at com.sap.engine.core.cluster.impl6.session.MessageRunner.run(MessageRunner.java:41)

at com.sap.engine.core.thread.impl3.ActionObject.run(ActionObject.java:37)

at java.security.AccessController.doPrivileged(Native Method)

at com.sap.engine.core.thread.impl3.SingleThread.execute(SingleThread.java:100)

at com.sap.engine.core.thread.impl3.SingleThread.run(SingleThread.java:170)

Edited by: ajay.viswanatha on Sep 28, 2011 8:46 AM

Show replies
Show replies
Answer

Accepted Solutions (0)

Answers (3)

Answers (3)

Former Member
‎10-04-2011 3:54 PM
0 Kudos

I tried giving all permission without any checks but it still doesn't work.

Show replies
Show replies
blanca_serrano
Advisor
Advisor
‎10-04-2011 7:11 AM
0 Kudos

Hello Ajay,

You have to grant permissions to the application for the required permissions. However, as the security manager affects the whole JVM you have to grant the required permissions to all applications as well.

Please, search within the traces for a message with an identificator the string in the brackets. It will tell you which component does not have which permission. All services and libraries have all permissions by default, so it must be one of the applications that is having this problem. After you identify the component you can add the permission via Visual Administrator tool (the Policy Domains tab in Security Provider service).

I hope this helps you.

Regards,

Blanca

Show replies
Show replies
Former Member
‎10-03-2011 7:48 AM
0 Kudos

Hi Ajay,

Please check if below notes are useful to you.

Note 1497829 - AccessControlException-access denied in UME Application

Note 1518132 - AccessControlException for download in WD app within portal

Note 1382441 - AccessControlException with Manage_all_user_password action

Many Thanks,

Ravindra.

Show replies
Show replies
Ask a Question