glassfish_at_javadesktop.org wrote On 04/19/07 10:20 PM,:
>Good Afternoon,
>
>Would anyone be able to help me with the following query. I am running SJSAS/Glassfish V1 UR1 Patch 1. I have inserted the following security constraints in the web.xml file to ensure that SSL is used for the exchanging of data.
>
> <security-constraint>
> <web-resource-collection>
> <web-resource-name>secure</web-resource-name>
> <url-pattern>/faces/*</url-pattern>
> </web-resource-collection>
> <user-data-constraint>
> <transport-guarantee>CONFIDENTIAL</transport-guarantee>
> </user-data-constraint>
> </security-constraint>
>
>As a result of this change I am getting the log files filled up with the following INFO message:
>
>[#|2007-04-19T15:48:26.000+1000|INFO|sun-appserver9.1|javax.enterprise.system.core.security|_ThreadID=23;_ThreadName=httpSSLWorkerThread-8080-0;|JACC Policy Provider: PolicyWrapper.implies, context(ProgEnrol/ProgEnrol)- permission((javax.security.jacc.WebUserDataPermission /faces/views/startAdmissionApp.xhtml GET)) domain that failed(ProtectionDomain (file:/ProgEnrol/ProgEnrol <no signer certificates>)
> null
> <no principals>
> java.security.Permissions_at_10698ea (
> (java.util.PropertyPermission line.separator read)
> (java.util.PropertyPermission java.vm.version read)
> (java.util.PropertyPermission java.vm.specification.version read)
> (java.util.PropertyPermission java.vm.specification.vendor read)
> (java.util.PropertyPermission java.vendor.url read)
> (java.util.PropertyPermission java.vm.name read)
> (java.util.PropertyPermission * read,write)
> (java.util.PropertyPermission os.name read)
> (java.util.PropertyPermission java.vm.vendor read)
> (java.util.PropertyPermission path.separator read)
> (java.util.PropertyPermission java.specification.name read)
> (java.util.PropertyPermission os.version read)
> (java.util.PropertyPermission os.arch read)
> (java.util.PropertyPermission java.class.version read)
> (java.util.PropertyPermission java.version read)
> (java.util.PropertyPermission file.separator read)
> (java.util.PropertyPermission java.vendor read)
> (java.util.PropertyPermission java.vm.specification.name read)
> (java.util.PropertyPermission java.specification.version read)
> (java.util.PropertyPermission java.specification.vendor read)
> (java.io.FilePermission C:\DOCUME~1\steyng\LOCALS~1\Temp\\- delete)
> (java.io.FilePermission D:/dev/env/sjsas-9.1beta/domains/domain1\lib\databases\- delete)
> (java.io.FilePermission <<ALL FILES>> read,write)
> (unresolved javax.security.jacc.WebUserDataPermission /:/faces/* null)
> (unresolved javax.security.jacc.WebUserDataPermission /faces/* :CONFIDENTIAL)
> (unresolved com.sun.corba.ee.impl.presentation.rmi.DynamicAccessPermission access null)
> (unresolved javax.security.jacc.WebResourcePermission /faces/* null)
> (unresolved javax.security.jacc.WebResourcePermission /:/faces/* null)
> (unresolved com.sun.enterprise.security.CORBAObjectPermission * *)
> (javax.security.auth.PrivateCredentialPermission javax.resource.spi.security.PasswordCredential * "*" read)
> (javax.management.MBeanPermission [com.sun.messaging.jms.*:*] *)
> (java.net.SocketPermission localhost:1024- listen,resolve)
> (java.net.SocketPermission * connect,resolve)
> (java.lang.RuntimePermission getClassLoader)
> (java.lang.RuntimePermission loadLibrary.*)
> (java.lang.RuntimePermission accessDeclaredMembers)
> (java.lang.RuntimePermission getProtectionDomain)
> (java.lang.RuntimePermission modifyThreadGroup)
> (java.lang.RuntimePermission stopThread)
> (java.lang.RuntimePermission setContextClassLoader)
> (java.lang.RuntimePermission queuePrintJob)
> (javax.management.MBeanTrustPermission register)
>)
>
>Would anyone be able to tell me how I get rid of this message - is there some additional configuration that I need to complete?
>
>
I'll defer to the security folks.
>Another strange side effect has been that the server appears to freeze after running for a day or more. Any suggestions?
>
>
Do you see any exceptions in the server.log?
Notice that a few relevant bug fixes were committed post Glassfish V1
UR1 Patch 1.
They're available in GlassFish V2, but I'm in the process of figuring out
if/how you and other folks could get access to them in a subsequent
Glassfish V1 UR1
patch release.
I will get back to you as soon as I find out.
Thanks,
Jan
>Thank you.
>
>Graeme.
>[Message sent by forum member 'steyng' (steyng)]
>
>http://forums.java.net/jive/thread.jspa?messageID=213303
>
>---------------------------------------------------------------------
>To unsubscribe, e-mail: users-unsubscribe_at_glassfish.dev.java.net
>For additional commands, e-mail: users-help_at_glassfish.dev.java.net
>
>
>