users@glassfish.java.net

Re: Glassfish Security Problem

From: Kumar.Jayanti <Vbkumar.Jayanti_at_Sun.COM>
Date: Thu, 30 Sep 2010 19:48:04 +0530

  Hi,

   U seem to be running with security manager ON. And it appears that
the class :

com.google.gwt.user.server.rpc.impl.ServerSerializationStreamWriter.serializeClass


is denied java.lang.reflect.ReflectPermission suppressAccessChecks)

So where did you place the Google Jars ?. Did you bundle them in your
WAR or did you place them in GF.HOME/lib.

If you place then in GF.HOME/lib then you should not see this permission
problem.

Thanks

  On 23/09/10 10:47 PM, glassfish_at_javadesktop.org wrote:
> I have a GWT application with that get an error when trying to receive back an RPC call.
>
>
> [#|2010-09-23T09:46:29.778-0400|INFO|sun-appserver9.1|javax.enterprise.system.core.security|_ThreadID=18;_ThreadName=httpSSLWorkerThread-80-4;|
> JACC Policy Provider: PolicyWrapper.implies, context(Accounts-Rcv-Collection-Notes/CollectionNotesUIBinder_war)- permission((java.lang.reflect.ReflectPermission suppressAccessChecks))
> domain that failed(ProtectionDomain (file:/M:/Sun/AppServer/domains/domain1/applications/j2ee-apps/Accounts-Rcv-Collection-Notes/gwt-user.jar<no signer certificates>)
> EJBClassLoader : urlSet = [URLEntry : file:/M:/Sun/AppServer/domains/domain1/applications/j2ee-apps/Accounts-Rcv-Collection-Notes/CollectionNotesEJBClient.jar, URLEntry : file:/M:/Sun/AppServer/domains/domain1/applications/j2ee-apps/Accounts-Rcv-Collection-Notes/CollectionNotesJPA.jar, URLEntry : file:/M:/Sun/AppServer/domains/domain1/applications/j2ee-apps/Accounts-Rcv-Collection-Notes/glenoit-util.jar, URLEntry : file:/M:/Sun/AppServer/domains/domain1/applications/j2ee-apps/Accounts-Rcv-Collection-Notes/gwt-dev.jar, URLEntry : file:/M:/Sun/AppServer/domains/domain1/applications/j2ee-apps/Accounts-Rcv-Collection-Notes/gwt-user.jar, URLEntry : file:/M:/Sun/AppServer/domains/domain1/applications/j2ee-apps/Accounts-Rcv-Collection-Notes/CollectionNotesUIBinder_war/WEB-INF/classes/, URLEntry : file:/M:/Sun/AppServer/domains/domain1/applications/j2ee-apps/Accounts-Rcv-Collection-Notes/CollectionNotesUIBinder_war/WEB-INF/lib/gwt-servlet.jar, URLEntry : file:/M:/Sun/AppServer/domains/domain1/applications/j2ee-apps/Accounts-Rcv-Collection-Notes/CollectionNotesEJB_jar/, URLEntry : file:/M:/Sun/AppServer/domains/domain1/generated/ejb/j2ee-apps/Accounts-Rcv-Collection-Notes/]
> doneCalled = false
> Parent -> EJBClassLoader :
> urlSet = []
> doneCalled = false
> Parent -> java.net.URLClassLoader_at_3aef16
>
>
> (principals com.sun.web.security.WebPrincipal "pgmrjoe")
>
> java.security.Permissions_at_101d0ba (
> (java.io.FilePermission C:\DOCUME~1\ADMINI~1.EXC\LOCALS~1\Temp\\- delete)
> (java.io.FilePermission M:/Sun/AppServer/domains/domain1\lib\databases\- delete)
> (java.io.FilePermission M:/Sun/AppServer/domains/domain1\imq\instances\imqbroker\log\- delete)
> (java.io.FilePermission //goldsboro-gw2/XclQualIssueImages/* delete)
> (java.io.FilePermission //goldsboro-gw2.excellfash.com/XclQualIssueImages/* delete)
> (java.io.FilePermission<<ALL FILES>> read,write)
> (java.net.SocketPermission localhost:1024- listen,resolve)
> (java.net.SocketPermission * connect,resolve)
> (javax.management.MBeanTrustPermission register)
> (java.lang.RuntimePermission getClassLoader)
> (java.lang.RuntimePermission loadLibrary.*)
> (java.lang.RuntimePermission accessDeclaredMembers)
> (java.lang.RuntimePermission getProtectionDomain)
> (java.lang.RuntimePermission modifyThreadGroup)
> (java.lang.RuntimePermission stopThread)
> (java.lang.RuntimePermission setContextClassLoader)
> (java.lang.RuntimePermission queuePrintJob)
> (java.util.PropertyPermission line.separator read)
> (java.util.PropertyPermission java.vm.version read)
> (java.util.PropertyPermission java.vm.specification.version read)
> (java.util.PropertyPermission java.vm.specification.vendor read)
> (java.util.PropertyPermission java.vendor.url read)
> (java.util.PropertyPermission java.vm.name read)
> (java.util.PropertyPermission * read,write)
> (java.util.PropertyPermission os.name read)
> (java.util.PropertyPermission java.vm.vendor read)
> (java.util.PropertyPermission path.separator read)
> (java.util.PropertyPermission java.specification.name read)
> (java.util.PropertyPermission os.version read)
> (java.util.PropertyPermission os.arch read)
> (java.util.PropertyPermission java.class.version read)
> (java.util.PropertyPermission java.version read)
> (java.util.PropertyPermission file.separator read)
> (java.util.PropertyPermission java.vendor read)
> (java.util.PropertyPermission java.vm.specification.name read)
> (java.util.PropertyPermission java.specification.version read)
> (java.util.PropertyPermission java.specification.vendor read)
> (javax.management.MBeanPermission [com.sun.messaging.jms.*:*] *)
> (unresolved javax.security.jacc.WebUserDataPermission /* null)
> (unresolved com.sun.corba.ee.impl.presentation.rmi.DynamicAccessPermission access null)
> (unresolved javax.security.jacc.WebResourcePermission /* !GET,POST,PUT)
> (unresolved com.sun.enterprise.security.CORBAObjectPermission * *)
> (javax.security.auth.PrivateCredentialPermission javax.resource.spi.security.PasswordCredential * "*" read)
> )
>
> )|#]
>
> [#|2010-09-23T09:46:29.778-0400|SEVERE|sun-appserver9.1|javax.enterprise.system.container.web|_ThreadID=18;_ThreadName=httpSSLWorkerThread-80-4;_RequestID=94f9369c-3d10-4d49-add6-0233d0f58fed;|WebModule[/CollectionNotes_UIBinder]Exception while dispatching incoming RPC call
> java.security.AccessControlException: access denied (java.lang.reflect.ReflectPermission suppressAccessChecks)
> at java.security.AccessControlContext.checkPermission(AccessControlContext.java:323)
> at java.security.AccessController.checkPermission(AccessController.java:546)
> at java.lang.SecurityManager.checkPermission(SecurityManager.java:532)
> at java.lang.reflect.AccessibleObject.setAccessible(AccessibleObject.java:107)
> at com.google.gwt.user.server.rpc.impl.ServerSerializationStreamWriter.serializeClass(ServerSerializationStreamWriter.java:694)
> at com.google.gwt.user.server.rpc.impl.ServerSerializationStreamWriter.serializeImpl(ServerSerializationStreamWriter.java:730)
> at com.google.gwt.user.server.rpc.impl.ServerSerializationStreamWriter.serialize(ServerSerializationStreamWriter.java:612)
> at com.google.gwt.user.client.rpc.impl.AbstractSerializationStreamWriter.writeObject(AbstractSerializationStreamWriter.java:129)
> at com.google.gwt.user.server.rpc.impl.ServerSerializationStreamWriter$ValueWriter$8.write(ServerSerializationStreamWriter.java:152)
> at com.google.gwt.user.server.rpc.impl.ServerSerializationStreamWriter.serializeValue(ServerSerializationStreamWriter.java:534)
> at com.google.gwt.user.server.rpc.RPC.encodeResponse(RPC.java:609)
> at com.google.gwt.user.server.rpc.RPC.encodeResponseForSuccess(RPC.java:467)
> at com.google.gwt.user.server.rpc.RPC.invokeAndEncodeResponse(RPC.java:564)
> at com.google.gwt.user.server.rpc.RemoteServiceServlet.processCall(RemoteServiceServlet.java:188)
> at com.google.gwt.user.server.rpc.RemoteServiceServlet.processPost(RemoteServiceServlet.java:224)
> at com.google.gwt.user.server.rpc.AbstractRemoteServiceServlet.doPost(AbstractRemoteServiceServlet.java:62)
> at javax.servlet.http.HttpServlet.service(HttpServlet.java:738)
> at javax.servlet.http.HttpServlet.service(HttpServlet.java:831)
> at sun.reflect.GeneratedMethodAccessor7861.invoke(Unknown Source)
> at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
> at java.lang.reflect.Method.invoke(Method.java:597)
> at org.apache.catalina.security.SecurityUtil$1.run(SecurityUtil.java:276)
> at java.security.AccessController.doPrivileged(Native Method)
> at javax.security.auth.Subject.doAsPrivileged(Subject.java:517)
> at org.apache.catalina.security.SecurityUtil.execute(SecurityUtil.java:309)
> at org.apache.catalina.security.SecurityUtil.doAsPrivilege(SecurityUtil.java:192)
> at org.apache.catalina.core.ApplicationFilterChain.servletService(ApplicationFilterChain.java:404)
> at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:290)
> at org.apache.catalina.core.StandardContextValve.invokeInternal(StandardContextValve.java:271)
> at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:202)
> at org.apache.catalina.core.StandardPipeline.doInvoke(StandardPipeline.java:632)
> at org.apache.catalina.core.StandardPipeline.doInvoke(StandardPipeline.java:577)
> at com.sun.enterprise.web.WebPipeline.invoke(WebPipeline.java:94)
> at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:206)
> at org.apache.catalina.core.StandardPipeline.doInvoke(StandardPipeline.java:632)
> at org.apache.catalina.core.StandardPipeline.doInvoke(StandardPipeline.java:577)
> at org.apache.catalina.core.StandardPipeline.invoke(StandardPipeline.java:571)
> at org.apache.catalina.core.ContainerBase.invoke(ContainerBase.java:1080)
> at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:150)
> at org.apache.catalina.core.StandardPipeline.doInvoke(StandardPipeline.java:632)
> at org.apache.catalina.core.StandardPipeline.doInvoke(StandardPipeline.java:577)
> at org.apache.catalina.core.StandardPipeline.invoke(StandardPipeline.java:571)
> at org.apache.catalina.core.ContainerBase.invoke(ContainerBase.java:1080)
> at org.apache.coyote.tomcat5.CoyoteAdapter.service(CoyoteAdapter.java:272)
> at com.sun.enterprise.web.connector.grizzly.DefaultProcessorTask.invokeAdapter(DefaultProcessorTask.java:637)
> at com.sun.enterprise.web.connector.grizzly.comet.CometEngine.executeServlet(CometEngine.java:547)
> at com.sun.enterprise.web.connector.grizzly.comet.CometEngine.handle(CometEngine.java:299)
> at com.sun.enterprise.web.connector.grizzly.comet.CometAsyncFilter.doFilter(CometAsyncFilter.java:87)
> at com.sun.enterprise.web.connector.grizzly.async.DefaultAsyncExecutor.invokeFilters(DefaultAsyncExecutor.java:175)
> at com.sun.enterprise.web.connector.grizzly.async.DefaultAsyncExecutor.interrupt(DefaultAsyncExecutor.java:153)
> at com.sun.enterprise.web.connector.grizzly.async.AsyncProcessorTask.doTask(AsyncProcessorTask.java:92)
> at com.sun.enterprise.web.connector.grizzly.TaskBase.run(TaskBase.java:265)
> at com.sun.enterprise.web.connector.grizzly.ssl.SSLWorkerThread.run(SSLWorkerThread.java:106)
> |#]
> [Message sent by forum member 'duck1035']
>
> http://forums.java.net/jive/thread.jspa?messageID=483500
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: users-unsubscribe_at_glassfish.dev.java.net
> For additional commands, e-mail: users-help_at_glassfish.dev.java.net
>
© Oracle | By contributing to this project, you are agreeing to the terms of use described here.