on 09-28-2011 6:16 AM
Hi,
I have a security issue when I try to run RMI client code in the web application on the Web AS 2004s. There is
lookup statement int code:
Naming.lookup("//server/sts")
sts - service name which is registered on the RMI server.
It throws the AccessControl Exception. Please provide your advice.
Please find the stack trace below:
java.security.AccessControlException: access denied (java.io.FilePermission I:\usr\sap\DEV\JC00\j2ee\cluster\server0\apps\boc.com\tmtear\src\java\src.zip read)
at java.security.AccessControlContext.checkPermission(AccessControlContext.java:269)
at java.security.AccessController.checkPermission(AccessController.java:401)
at java.lang.SecurityManager.checkPermission(SecurityManager.java:524)
at java.lang.SecurityManager.checkRead(SecurityManager.java:863)
at java.util.zip.ZipFile.<init>(ZipFile.java:106)
at java.util.jar.JarFile.<init>(JarFile.java:127)
at java.util.jar.JarFile.<init>(JarFile.java:65)
at com.sap.engine.boot.JarFilter.open(JarFilter.java:98)
at com.sap.engine.frame.core.load.res.JarResource.openJar(JarResource.java:416)
at com.sap.engine.frame.core.load.res.JarResource.getClassInfo(JarResource.java:130)
at com.sap.engine.frame.core.load.res.MultipleResource.getClassInfo(MultipleResource.java:56)
at com.sap.engine.services.deploy.server.ApplicationLoader.loadLocalClass(ApplicationLoader.java:77)
at com.sap.engine.frame.core.load.ResourceLoader.loadClass(ResourceLoader.java:127)
at com.sap.engine.frame.core.load.ReferencedLoader.loadClass(ReferencedLoader.java:365)
at java.lang.ClassLoader.loadClassInternal(ClassLoader.java:302)
at java.lang.Class.forName0(Native Method)
at java.lang.Class.forName(Class.java:219)
at sun.rmi.server.LoaderHandler.loadClass(LoaderHandler.java:154)
at java.rmi.server.RMIClassLoader$2.loadClass(RMIClassLoader.java:631)
at java.rmi.server.RMIClassLoader.loadClass(RMIClassLoader.java:257)
at sun.rmi.server.MarshalInputStream.resolveClass(MarshalInputStream.java:200)
at java.io.ObjectInputStream.readNonProxyDesc(ObjectInputStream.java:1513)
at java.io.ObjectInputStream.readClassDesc(ObjectInputStream.java:1435)
at java.io.ObjectInputStream.readOrdinaryObject(ObjectInputStream.java:1626)
at java.io.ObjectInputStream.readObject0(ObjectInputStream.java:1274)
at java.io.ObjectInputStream.readObject(ObjectInputStream.java:322)
at sun.rmi.registry.RegistryImpl_Stub.lookup(Unknown Source)
at java.rmi.Naming.lookup(Naming.java:84)
at com.boc.tmt.vsl.Client.getSequence(Client.java:115)
at com.boc.tmt.action.SingleTripSequencerAction.execute(SingleTripSequencerAction.java:834)
at org.apache.struts.action.RequestProcessor.processActionPerform(RequestProcessor.java:484)
at org.apache.struts.action.RequestProcessor.process(RequestProcessor.java:274)
at org.apache.struts.action.ActionServlet.process(ActionServlet.java:1482)
at org.apache.struts.action.ActionServlet.doGet(ActionServlet.java:507)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:740)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:853)
at com.sap.engine.services.servlets_jsp.server.HttpHandlerImpl.runServlet(HttpHandlerImpl.java:390)
at com.sap.engine.services.servlets_jsp.server.HttpHandlerImpl.handleRequest(HttpHandlerImpl.java:264)
at com.sap.engine.services.httpserver.server.RequestAnalizer.startServlet(RequestAnalizer.java:347)
at com.sap.engine.services.httpserver.server.RequestAnalizer.startServlet(RequestAnalizer.java:325)
at com.sap.engine.services.httpserver.server.RequestAnalizer.invokeWebContainer(RequestAnalizer.java:887)
at com.sap.engine.services.httpserver.server.RequestAnalizer.handle(RequestAnalizer.java:241)
at com.sap.engine.services.httpserver.server.Client.handle(Client.java:92)
at com.sap.engine.services.httpserver.server.Processor.request(Processor.java:148)
at com.sap.engine.core.service630.context.cluster.session.ApplicationSessionMessageListener.process(ApplicationSessionMessageListener.java:33)
at com.sap.engine.core.cluster.impl6.session.MessageRunner.run(MessageRunner.java:41)
at com.sap.engine.core.thread.impl3.ActionObject.run(ActionObject.java:37)
at java.security.AccessController.doPrivileged(Native Method)
at com.sap.engine.core.thread.impl3.SingleThread.execute(SingleThread.java:100)
at com.sap.engine.core.thread.impl3.SingleThread.run(SingleThread.java:170)
Edited by: ajay.viswanatha on Sep 28, 2011 8:46 AM
I tried giving all permission without any checks but it still doesn't work.
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
Hello Ajay,
You have to grant permissions to the application for the required permissions. However, as the security manager affects the whole JVM you have to grant the required permissions to all applications as well.
Please, search within the traces for a message with an identificator the string in the brackets. It will tell you which component does not have which permission. All services and libraries have all permissions by default, so it must be one of the applications that is having this problem. After you identify the component you can add the permission via Visual Administrator tool (the Policy Domains tab in Security Provider service).
I hope this helps you.
Regards,
Blanca
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
Hi Ajay,
Please check if below notes are useful to you.
Note 1497829 - AccessControlException-access denied in UME Application
Note 1518132 - AccessControlException for download in WD app within portal
Note 1382441 - AccessControlException with Manage_all_user_password action
Many Thanks,
Ravindra.
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
User | Count |
---|---|
85 | |
10 | |
10 | |
10 | |
7 | |
6 | |
6 | |
5 | |
4 | |
4 |
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.