thanks a lot.
Amila.
On 11/19/08, Ramesh Vishwanatham <[EMAIL PROTECTED]> wrote:
> Hi Amila
> Thanks for your reply, we are not interested in deploying services from
> script files and I am going to remove "axis2-scripting-1.3.mar" until I
> found a solution to fix policy problems.
>
> I suggest to document what are the permissions axis2.war would require
> running under security manager. Below are the Runtime permission I have to
> provide in order to deploy axis2.war successfully under WAS 6.0 with
> security enabled:
>
> grant codeBase "file:${webComponent}" {
> permission java.lang.RuntimePermission "setContextClassLoader";
> permission java.lang.RuntimePermission "createClassLoader";
> permission java.lang.RuntimePermission "getProtectionDomain";
> permission java.lang.RuntimePermission "getClassLoader";
> permission java.lang.RuntimePermission "modifyThreadGroup";
> permission java.lang.RuntimePermission "modifyThread";
> permission java.lang.RuntimePermission "shutdownHooks";
> permission java.lang.RuntimePermission "accessDeclaredMembers";
> permission java.lang.RuntimePermission "loadLibrary.*";
> };
>
>
> I will provide list of file io permissions once I clenup my policy file.
>
>
> Thanks & Regards
>
> Ramesh
>
>
>
>
> "Amila Suriarachchi" <[EMAIL PROTECTED]>
> 11/18/2008 10:36 PM
> Please respond to
> [email protected]
>
>
> To
> [email protected]
> cc
>
> Subject
> Re: java.security.AccessControlException: access denied
> (java.io.FilePermission "..../WEB-INF/scriptServices" read)
>
>
>
>
>
>
>
>
> On Tue, Nov 18, 2008 at 10:51 PM, Ramesh Vishwanatham <
> [EMAIL PROTECTED]> wrote:
>
> Hi Amila
>
> Thanks a lot, by adding loadLibrary permission and others I am able to
> make AxisServlet initialization successful with my services loaded.
> I had one problem which I could not find a solution, below is the error
> trace:
>
> SECJ0314W: Current Java 2 Security policy reported a potential violation
> of Java 2 Security
> Permission. Please refer to Problem Determination Guide for
> further information.
>
> Permission:
>
> "..../xyz.ear/xyz.war/WEB-INF/scriptServices : access denied
> (java.io.FilePermission
> "..../xyz.ear/xyz.war/WEB-INF/scriptServices" read)
>
> This seems to be a conflict in your polices in policy file. A careful look
> may reveal the problem.
>
>
>
> Code:
>
> org.apache.axis2.scripting.ScriptRepositoryListener in {file:
>
> "..../temp/HOSTNAME_Node01/APPNAME/xyz/xyz.war/axis251939axis2-scripting-1.3.mar"}
>
>
>
>
> Stack Trace:
>
> java.security.AccessControlException: access denied
> (java.io.FilePermission
> "..../xyz.ear/xyz.war/WEB-INF/scriptServices read)
>
>
> In order to over come this problem I have removed axis2-scripting-1.3.mar
> from modules folder. What does this module do and impact of it not being
> there.
>
> This seems to be something to deploy script files as services. Which IMHO
> should have written as a custom deployer. So there won't be any problem
> unless you want to deploy scripts.
>
> Please start a new thread for this question :)
>
> thanks,
> Amila.
>
>
> Regards,
> Ramesh
>
>
>
>
> "Amila Suriarachchi" <[EMAIL PROTECTED]>
> 11/15/2008 09:22 AM
>
>
> Please respond to
> [email protected]
>
>
> To
> [email protected]
> cc
>
> Subject
> Re: java.security.AccessControlException: access denied
> (java.io.FilePermission "..../WEB-INF/scriptServices" read)
>
>
>
>
>
>
>
>
> hi,
>
> ByteArrayInputStream bais = new ByteArrayInputStream(baos.toByteArray());
>
> this line has something like above. you may need to give native method
> access permission.
>
> thanks,
> Amila.
>
> On Fri, Nov 14, 2008 at 9:41 PM, Ramesh Vishwanatham <
> [EMAIL PROTECTED]> wrote:
>
> Hi Amila
> After fixing all the policy related exceptions, now I am getting below
> exception any idea what could be the reason.
>
>
> ServletWrappe E SRVE0100E: Did not realize init() exception thrown by
> servlet AxisServlet: java.lang.ExceptionInInitializerError
> at org.apache.axis2.util.XMLUtils.toOM(XMLUtils.java:564)
> at
> org.apache.axis2.deployment.DescriptionBuilder.buildOM(DescriptionBuilder.java:96)
>
> at
> org.apache.axis2.deployment.AxisConfigBuilder.populateConfig(AxisConfigBuilder.java:79)
>
> at
> org.apache.axis2.deployment.DeploymentEngine.populateAxisConfiguration(DeploymentEngine.java:615)
>
> at
> org.apache.axis2.deployment.WarBasedAxisConfigurator.<init>(WarBasedAxisConfigurator.java:146)
>
> at
> org.apache.axis2.transport.http.AxisServlet.initConfigContext(AxisServlet.java:500)
>
> at
> org.apache.axis2.transport.http.AxisServlet.init(AxisServlet.java:420)
>
> Thanks
> Ramesh
>
>
> "Amila Suriarachchi" <[EMAIL PROTECTED]>
> 11/14/2008 12:48 AM
>
>
>
> Please respond to
> [email protected]
>
>
> To
> [email protected]
> cc
>
> Subject
> Re: java.security.AccessControlException: access denied
> (java.io.FilePermission "..../WEB-INF/scriptServices" read)
>
>
>
>
>
>
>
>
>
>
> Try to give filePermission to all the file and see first. Then try to
> narrow down to the level you want.
>
> thanks,
> Amila.
>
> On 11/13/08, Ramesh Vishwanatham <[EMAIL PROTECTED]> wrote:
>> Hi Amila
>> Thanks for replying my question, I have added following in policy file:
>>
>> grant codeBase "file:..../xyz/xyz.war/-" {
>> permission java.io.FilePermission
>> "..../xyz.ear/xyz.war/WEB-INF/scriptServices", "read";
>> };
>>
>>
>> and still getting below error:
>>
>>
>> SecurityManag W SECJ0314W: Current Java 2 Security policy reported a
>> potential violation
>> of Java 2 Security Permission. Please refer to Problem
>> Determination Guide for further
>> information.
>>
>> Permission:
>> "...../xyz.ear/xyz.war/WEB-INF/scriptServices : access denied
>> (java.io.FilePermission
>> ...../xyz.ear/xyz.war/WEB-INF/scriptServices read)
>>
>>
>> Code:
>> org.apache.axis2.scripting.ScriptRepositoryListener in
>> {file:..../xyz/xyz.war/axis247136axis2-scripting-1.3.mar}
>>
>>
>>
>>
>> Stack Trace:
>>
>> java.security.AccessControlException: access denied
>> (java.io.FilePermission
>> ...../xyz.ear/xyz.war/WEB-INF/scriptServices read)
>> at
>>
> java.security.AccessControlContext.checkPermission(AccessControlContext.java(Compiled
>> Code))
>>
>>
>> please let me know what coule be the problem.
>>
>> Regards,
>> Ramesh
>>
>>
>>
>>
>>
>> "Amila Suriarachchi" <[EMAIL PROTECTED]>
>> 11/13/2008 05:28 AM
>> Please respond to
>> [email protected]
>>
>>
>> To
>> [email protected]
>> cc
>>
>> Subject
>> Re: java.security.AccessControlException: access denied
>> (java.io.FilePermission "..../WEB-INF/scriptServices" read)
>>
>>
>>
>>
>>
>>
>>
>>
>> On Wed, Nov 12, 2008 at 3:24 AM, Ramesh Vishwanatham <
>> [EMAIL PROTECTED]> wrote:
>>
>> All
>> I have a built simple web service and trying to deploy axis2 1.3 version
>> in WAS6.0 environment running Java 1.4.2 under security manager and
>> getting following exception:
>>
>> Stack Trace:
>>
>> java.security.AccessControlException: access denied
>> (java.io.FilePermission "..../WEB-INF/scriptServices" read)
>>
>>
>> Looks like this problem was reported earlier and may be got fixed in
> later
>> releases.
>>
>> Resolved: (AXIS2-3816) AccessControlException when running with
>> Java2Security
>>
>> And also I find out following comments regarding this problem:
>> "this problem gets solved when i give the Web Application AllPermissions
>> from the policy file but i cant get why this loose permission is
> required
>> "
>>
>> by sandeep khurana on May 20th 2008.
>>
>> We can not use later version "1.4" or "1.4.1" if this is fixed in one of
>> these versions because of jvm version we are using. Please help me by
>> pointing what needs to be specified in the policy file to be able to
> solve
>> with axis2 1.3 version.
>>
>> At the deployment time Axis2 reads the Axis2.xml and services from the
>> filesystem. So it needs to have File System read permission. Try
> granting
>> the file read permission in the policy file.
>>
>>
>> thanks,
>> Amila.
>>
>>
>>
>> Thanks in Advance
>>
>> Ramesh Vishwanatham
>> ________________________________________________________
>> DTCC DISCLAIMER: This email and any files transmitted with it are
>> confidential and intended solely for the use of the individual or entity
>> to whom they are addressed. If you have received this email in error,
>> please notify us immediately and delete the email and any attachments
> from
>> your system. The recipient should check this email and any attachments
> for
>> the presence of viruses. The company accepts no liability for any damage
>> caused by any virus transmitted by this email.
>>
>>
>>
>> --
>> Amila Suriarachchi
>> WSO2 Inc.
>> blog: http://amilachinthaka.blogspot.com/
>>
>>
>> -----------------------------------------
>> ________________________________________________________
>> DTCC DISCLAIMER: This email and any files transmitted with it are
>> confidential and intended solely for the use of the individual or
>> entity to whom they are addressed. If you have received this email
>> in error, please notify us immediately and delete the email and any
>> attachments from your system. The recipient should check this email
>> and any attachments for the presence of viruses. The company
>> accepts no liability for any damage caused by any virus transmitted
>> by this email.
>
>
> --
> Amila Suriarachchi
> WSO2 Inc.
> blog: http://amilachinthaka.blogspot.com/
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: [EMAIL PROTECTED]
> For additional commands, e-mail: [EMAIL PROTECTED]
>
>
>
>
>
> --
> Amila Suriarachchi
> WSO2 Inc.
> blog: http://amilachinthaka.blogspot.com/
>
>
>
> --
> Amila Suriarachchi
> WSO2 Inc.
> blog: http://amilachinthaka.blogspot.com/
>
--
Amila Suriarachchi
WSO2 Inc.
blog: http://amilachinthaka.blogspot.com/
---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
