users@glassfish.java.net

security error when trying to deploy a resource connector

From: <glassfish_at_javadesktop.org>
Date: Wed, 21 May 2008 04:27:40 PDT

Hello!

I have developed a resource archive - proactive.rar - and I want to deploy it on Glassfish. The resource adapter creates an RMI object, so it needs to have security permissions enabled. So, I modified the policy file like this:

// permission for ProActive Connector
grant codeBase "file:${com.sun.aas.instanceRoot}/applications/j2ee-modules/proactive/-" {
    permission java.security.AllPermission;
};

grant codeBase "file:${com.sun.aas.instanceRoot}/autodeploy/proactive.rar" {
    permission java.security.AllPermission;
};

One note here: I deploy by copying proactive.rar into the autodeploy directory.

The problem is that I always get a StackOverflowError when I start Glassfish. Here is a portion of the stack trace:

[#|2008-05-19T16:50:05.674+0200|SEVERE|sun-appserver9.1|javax.enterprise.resource.resourceadapter|_ThreadID=15;_ThreadName=Timer-6;_RequestID=79724524-bb66-455b-b18d-46b17598fa6a;|RAR6035 : Resource adapter start failed : {0}
java.lang.StackOverflowError
        at sun.security.provider.PolicyFile.canonPath(PolicyFile.java:1842)
        at java.io.FilePermission$1.run(FilePermission.java:186)
        at java.io.FilePermission$1.run(FilePermission.java:183)
        at java.security.AccessController.doPrivileged(Native Method)
        at java.io.FilePermission.init(FilePermission.java:183)
        at java.io.FilePermission.<init>(FilePermission.java:249)
        at java.lang.SecurityManager.checkRead(SecurityManager.java:871)
        at java.io.File.isDirectory(File.java:752)
        at sun.net.www.ParseUtil.fileToEncodedURL(ParseUtil.java:242)
        at com.sun.enterprise.security.provider.PolicyFile.canonicalizeCodebase(PolicyFile.java:1827)
        at com.sun.enterprise.security.provider.PolicyFile.access$700(PolicyFile.java:296)
        at com.sun.enterprise.security.provider.PolicyFile$5.run(PolicyFile.java:1253)
        at com.sun.enterprise.security.provider.PolicyFile$5.run(PolicyFile.java:1252)
        at java.security.AccessController.doPrivileged(Native Method)
        at com.sun.enterprise.security.provider.PolicyFile.getPermissions(PolicyFile.java:1250)
        at com.sun.enterprise.security.provider.PolicyFile.getPermissions(PolicyFile.java:1198)
        at com.sun.enterprise.security.provider.PolicyFile.implies(PolicyFile.java:1153)
        at com.sun.enterprise.security.provider.BasePolicyWrapper.doImplies(BasePolicyWrapper.java:383)
        at com.sun.enterprise.security.provider.BasePolicyWrapper.implies(BasePolicyWrapper.java:243)
        at java.security.ProtectionDomain.implies(ProtectionDomain.java:213)
        at java.security.AccessControlContext.checkPermission(AccessControlContext.java:301)
        at java.security.AccessController.checkPermission(AccessController.java:546)
        at java.lang.SecurityManager.checkPermission(SecurityManager.java:532)
        at java.lang.SecurityManager.checkRead(SecurityManager.java:871)
        at java.io.File.isDirectory(File.java:752)
        at sun.net.www.ParseUtil.fileToEncodedURL(ParseUtil.java:242)
        at com.sun.enterprise.security.provider.PolicyFile.canonicalizeCodebase(PolicyFile.java:1827)
        at com.sun.enterprise.security.provider.PolicyFile.access$700(PolicyFile.java:296)
        at com.sun.enterprise.security.provider.PolicyFile$5.run(PolicyFile.java:1253)
        at com.sun.enterprise.security.provider.PolicyFile$5.run(PolicyFile.java:1252)
        at java.security.AccessController.doPrivileged(Native Method)
        at com.sun.enterprise.security.provider.PolicyFile.getPermissions(PolicyFile.java:1250)
        at com.sun.enterprise.security.provider.PolicyFile.getPermissions(PolicyFile.java:1198)
        at com.sun.enterprise.security.provider.PolicyFile.implies(PolicyFile.java:1153)
        at com.sun.enterprise.security.provider.BasePolicyWrapper.doImplies(BasePolicyWrapper.java:383)
        at com.sun.enterprise.security.provider.BasePolicyWrapper.implies(BasePolicyWrapper.java:243)
        at java.security.ProtectionDomain.implies(ProtectionDomain.java:213)
        at java.security.AccessControlContext.checkPermission(AccessControlContext.java:301)
        at java.security.AccessController.checkPermission(AccessController.java:546)
        at java.lang.SecurityManager.checkPermission(SecurityManager.java:532)
        at java.lang.SecurityManager.checkRead(SecurityManager.java:871)
        at java.io.File.isDirectory(File.java:752)
        at sun.net.www.ParseUtil.fileToEncodedURL(ParseUtil.java:242)
        at com.sun.enterprise.security.provider.PolicyFile.canonicalizeCodebase(PolicyFile.java:1827)
        at com.sun.enterprise.security.provider.PolicyFile.access$700(PolicyFile.java:296)
        at com.sun.enterprise.security.provider.PolicyFile$5.run(PolicyFile.java:1253)
        at com.sun.enterprise.security.provider.PolicyFile$5.run(PolicyFile.java:1252)
        at java.security.AccessController.doPrivileged(Native Method)

I attach the whole server.log file to this message. I've compressed it, as it is too large - 1 Mb in size.
As can be seen from the stack trace, the problem seems to be from the security module. I seem not to be able to configure it correctly.
I also tried to enable the Java Security verbose logging messages:
-Djava.security.debug="all,failure"
but then the asadmin just freezes without trying to start the application server.

I have tried and succeeded to deploy proactive.rar on other application servers, and it works. I don't know what else I should try in order to make it working on Glassfish, so I would appreciate any help. Thank you.
[Message sent by forum member 'fbratu' (fbratu)]

http://forums.java.net/jive/thread.jspa?messageID=275700
© Oracle | By contributing to this project, you are agreeing to the terms of use described here.