Hi
@Andrea, this is not a wild guess and could be the reason for this problem.
Concerning security, OpenJDK makes live easier because it is unrestricted
out of the box whilst Oralce JDK is not.
Cheers
Christian
On Thu, May 26, 2016 at 8:46 PM, Andrea Aime <andrea.a...@geo-solutions.it>
wrote:
> Hi,
> I'm making a wild guess and I might be way off the mark, so sorry in
> advance if it does not help but...
> could it be that you once installed the unrestricted policy jars for
> strong encryption, and then
> a JDK upgrade happened, it wiped out those jars (they are in the JDK
> itself), and now you cannot perform the same
> type of encryption anymore?
>
> Cheers
> Andrea
>
> On Thu, May 26, 2016 at 7:33 PM, Stefan Steiniger <sst...@geo.uzh.ch>
> wrote:
>
>> Hi,
>>
>> thanks for the idea. I meant: deleting the default password file as the
>> instructions suggest. The problem seems also that we would have to get
>> GeoServer running at least once, but we haven't achieved this.
>> Apart from that we did no new installation, everything is as it was
>> before. But it seems like the problem is related to a security feature
>> according to a new extended log output (see below) - my colleague is
>> looking into that now (as I am giving a course all day).
>>
>> stefan
>>
>> ===============
>>
>>
>>
>>
>>
>>
>>
>>
>>
>>
>>
>>
>>
>>
>>
>>
>>
>>
>>
>>
>>
>>
>>
>>
>>
>>
>>
>>
>>
>>
>>
>>
>>
>>
>>
>>
>>
>>
>>
>>
>>
>>
>>
>>
>>
>>
>>
>>
>>
>>
>>
>>
>>
>>
>>
>>
>>
>>
>>
>>
>>
>>
>>
>>
>>
>>
>>
>>
>>
>>
>>
>>
>>
>>
>>
>>
>>
>>
>>
>>
>> *26 May 12:27:00 INFO [geoserver.wps] - Found 29 bindable processes in
>> Vector processes 26 May 12:27:00 INFO [geoserver.wps] - Blacklisting
>> process geonode:BatchDownload as the input LAYERS of type class
>> org.geonode.process.batchdownload.LayerReference cannot be handled 26 May
>> 12:27:00 INFO [geoserver.wps] - Blacklisting process geonode:BatchDownload
>> as the input map of type class
>> org.geonode.process.batchdownload.MapMetadata cannot be handled 26 May
>> 12:27:00 INFO [geoserver.wps] - Blacklisting process geonode:BatchDownload
>> as the output ZippedFile of type interface
>> org.geonode.process.storage.Resource cannot be handled 26 May 12:27:00 INFO
>> [geoserver.wps] - Found 0 bindable processes in Batch Downloader 26 May
>> 12:27:00 INFO [geoserver.wps] - Found 4 bindable processes in GeoServer
>> specific processes 26 May 12:27:00 INFO [geoserver.wps] - Found 89 bindable
>> processes in Deprecated processes May 26, 2016 12:27:00 PM
>> org.apache.catalina.core.StandardContext listenerStart SEVERE: Exception
>> sending context initialized event to listener instance of class
>> org.geoserver.platform.GeoServerContextLoaderListener
>> org.springframework.beans.factory.BeanCreationException: Error occured
>> reading security configuration; nested exception is
>> java.lang.RuntimeException:
>> org.jasypt.exceptions.EncryptionOperationNotPossibleException at
>> org.geoserver.security.GeoServerSecurityManager.onApplicationEvent(GeoServerSecurityManager.java:346)
>> at
>> org.springframework.context.event.SimpleApplicationEventMulticaster.multicastEvent(SimpleApplicationEventMulticaster.java:97)
>> at
>> org.springframework.context.support.AbstractApplicationContext.publishEvent(AbstractApplicationContext.java:327)
>> at
>> org.geoserver.platform.GeoServerContextLoaderListener.contextInitialized(GeoServerContextLoaderListener.java:25)
>> at
>> org.apache.catalina.core.StandardContext.listenerStart(StandardContext.java:4779)
>> at
>> org.apache.catalina.core.StandardContext.startInternal(StandardContext.java:5273)
>> at org.apache.catalina.util.LifecycleBase.start(LifecycleBase.java:150)
>> at
>> org.apache.catalina.core.ContainerBase.addChildInternal(ContainerBase.java:895)
>> at
>> org.apache.catalina.core.ContainerBase.addChild(ContainerBase.java:871)
>> at org.apache.catalina.core.StandardHost.addChild(StandardHost.java:615)
>> at
>> org.apache.catalina.startup.HostConfig.deployDescriptor(HostConfig.java:649)
>> at
>> org.apache.catalina.startup.HostConfig$DeployDescriptor.run(HostConfig.java:1581)
>> at
>> java.util.concurrent.Executors$RunnableAdapter.call(Executors.java:471)
>> at java.util.concurrent.FutureTask$Sync.innerRun(FutureTask.java:334)
>> at java.util.concurrent.FutureTask.run(FutureTask.java:166) at
>> java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1146)
>> at
>> java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:615)
>> at java.lang.Thread.run(Thread.java:701) Caused by:
>> java.lang.RuntimeException:
>> org.jasypt.exceptions.EncryptionOperationNotPossibleException at
>> org.geoserver.security.GeoServerSecurityManager.getMasterPassword(GeoServerSecurityManager.java:1631)
>> at
>> org.geoserver.security.KeyStoreProviderImpl.assertActivatedKeyStore(KeyStoreProviderImpl.java:236)
>> at
>> org.geoserver.security.KeyStoreProviderImpl.reloadKeyStore(KeyStoreProviderImpl.java:103)
>> at
>> org.geoserver.security.concurrent.LockingKeyStoreProvider.reloadKeyStore(LockingKeyStoreProvider.java:79)
>> at
>> org.geoserver.security.GeoServerSecurityManager.init(GeoServerSecurityManager.java:429)
>> at
>> org.geoserver.security.GeoServerSecurityManager.init(GeoServerSecurityManager.java:420)
>> at
>> org.geoserver.security.GeoServerSecurityManager.onApplicationEvent(GeoServerSecurityManager.java:339)
>> ... 17 more Caused by:
>> org.jasypt.exceptions.EncryptionOperationNotPossibleException at
>> org.jasypt.encryption.pbe.StandardPBEByteEncryptor.decrypt(StandardPBEByteEncryptor.java:918)
>> at
>> org.geoserver.security.password.URLMasterPasswordProvider.decode(URLMasterPasswordProvider.java:130)
>> at
>> org.geoserver.security.password.URLMasterPasswordProvider.doGetMasterPassword(URLMasterPasswordProvider.java:76)
>> at
>> org.geoserver.security.MasterPasswordProvider.getMasterPassword(MasterPasswordProvider.java:34)
>> at
>> org.geoserver.security.GeoServerSecurityManager.getMasterPassword(GeoServerSecurityManager.java:1629)
>> ... 23 more May 26, 2016 12:27:00 PM
>> org.apache.catalina.core.StandardContext startInternal SEVERE: Error
>> listenerStart May 26, 2016 12:27:00 PM
>> org.apache.catalina.core.StandardContext startInternal SEVERE: Context
>> [/geoserver] startup failed due to previous errors May 26, 2016 12:27:00 PM
>> org.apache.catalina.core.ApplicationContext log INFO: Closing Spring root
>> WebApplicationContext 26 May 12:27:00 WARN [support.DisposableBeanAdapter]
>> - Invocation of destroy method failed on bean with name 'printingWrapper':
>> java.lang.NullPointerException 26 May 12:27:00 INFO [georss.GeoRSSPoller] -
>> destroy() invoked 26 May 12:27:00 INFO [geowebcache.GeoWebCacheDispatcher]
>> - GeoWebCacheDispatcher.destroy() was invoked, shutting down. 26 May
>> 12:27:00 INFO [diskquota.DiskQuotaMonitor] - Disk quota monitor shutting
>> down... 26 May 12:27:00 INFO [diskquota.DiskQuotaMonitor] - Shutting down
>> quota usage monitor... 26 May 12:27:00 INFO [diskquota.QuotaUpdatesMonitor]
>> - Shutting down quota usage monitor... 26 May 12:27:00 INFO
>> [diskquota.DiskQuotaMonitor] - Shutting down quota statistics gathering
>> monitor... 26 May 12:27:00 INFO [diskquota.QueuedQuotaUpdatesConsumer] -
>> Shutting down quota update background task due to InterruptedException 26
>> May 12:27:00 INFO [diskquota.QueuedUsageStatsConsumer] - Shutting down
>> quota update background task due to interrupted exception 26 May 12:27:00
>> INFO [seed.SeederThreadPoolExecutor] - Initiating shut down for running and
>> pending seed tasks... 26 May 12:27:00 INFO [seed.SeederThreadPoolExecutor]
>> - Seeder thread pool executor shut down complete. 26 May 12:27:00 INFO
>> [storage.DefaultStorageBroker] - Destroying StorageBroker 26 May 12:27:00
>> WARN [support.DisposableBeanAdapter] - Invocation of destroy method failed
>> on bean with name 'geoServerLoader':
>> org.springframework.beans.factory.BeanCreationNotAllowedException: Error
>> creating bean with name 'GWCLifeCycleHandler': Singleton bean creation not
>> allowed while the singletons of this factory are in destruction (Do not
>> request a bean from a BeanFactory in a destroy method implementation!) May
>> 26, 2016 12:27:02 PM org.apache.catalina.loader.WebappClassLoader
>> checkThreadLocalMapForLeaks SEVERE: The web application [/geoserver]
>> created a ThreadLocal with key of type [java.lang.ThreadLocal] (value
>> [java.lang.ThreadLocal@4668c5ea]) and a value of type
>> [org.geotools.referencing.operation.projection.TransverseMercator.Provider]
>> (value [PROJECTION["Transverse_Mercator"]]) but failed to remove it when
>> the web application was stopped. Threads are going to be renewed over time
>> to try and avoid a probable memory leak. May 26, 2016 12:27:02 PM
>> org.apache.catalina.loader.WebappClassLoader checkThreadLocalMapForLeaks
>> SEVERE: The web application [/geoserver] created a ThreadLocal with key of
>> type [org.apache.commons.lang.builder.HashCodeBuilder$1] (value
>> [org.apache.commons.lang.builder.HashCodeBuilder$1@20b9f0d0]) and a value
>> of type [java.util.HashSet] (value [[]]) but failed to remove it when the
>> web application was stopped. Threads are going to be renewed over time to
>> try and avoid a probable memory leak. May 26, 2016 12:27:02 PM
>> org.apache.catalina.loader.WebappClassLoader checkThreadLocalMapForLeaks
>> SEVERE: The web application [/geoserver] created a ThreadLocal with key of
>> type [org.eclipse.emf.ecore.xml.type.util.XMLTypeUtil.CharArrayThreadLocal]
>> (value
>> [org.eclipse.emf.ecore.xml.type.util.XMLTypeUtil$CharArrayThreadLocal@53877bc7])
>> and a value of type [char[]] (value [[C@63cf70a8]) but failed to remove it
>> when the web application was stopped. Threads are going to be renewed over
>> time to try and avoid a probable memory leak. May 26, 2016 12:27:02 PM
>> org.apache.catalina.loader.WebappClassLoader checkThreadLocalMapForLeaks
>> SEVERE: The web application [/geoserver] created a ThreadLocal with key of
>> type [java.lang.ThreadLocal] (value [java.lang.ThreadLocal@47ed58c9]) and a
>> value of type [org.geotools.referencing.wkt.Formatter] (value []) but
>> failed to remove it when the web application was stopped. Threads are going
>> to be renewed over time to try and avoid a probable memory leak. May 26,
>> 2016 12:27:02 PM org.apache.catalina.loader.WebappClassLoader
>> checkThreadLocalMapForLeaks SEVERE: The web application [/geoserver]
>> created a ThreadLocal with key of type [java.lang.ThreadLocal] (value
>> [java.lang.ThreadLocal@2f601903]) and a value of type
>> [org.springframework.security.core.context.SecurityContextImpl] (value
>> [org.springframework.security.core.context.SecurityContextImpl@ffffffff:
>> Null authentication]) but failed to remove it when the web application was
>> stopped. Threads are going to be renewed over time to try and avoid a
>> probable memory leak. May 26, 2016 12:27:02 PM
>> org.apache.catalina.loader.WebappClassLoader checkThreadLocalMapForLeaks
>> SEVERE: The web application [/geoserver] created a ThreadLocal with key of
>> type [org.eclipse.emf.ecore.impl.EClassImpl$1] (value
>> [org.eclipse.emf.ecore.impl.EClassImpl$1@4e0a2c41]) and a value of type
>> [java.util.HashSet] (value [[]]) but failed to remove it when the web
>> application was stopped. Threads are going to be renewed over time to try
>> and avoid a probable memory leak. May 26, 2016 12:27:02 PM
>> org.apache.catalina.startup.HostConfig deployDirectory INFO: Deploying web
>> application directory /var/lib/tomcat7/webapps/ROOT May 26, 2016 12:27:02
>> PM org.apache.coyote.AbstractProtocol start INFO: Starting ProtocolHandler
>> ["http-bio-8080"] May 26, 2016 12:27:02 PM
>> org.apache.catalina.startup.Catalina start INFO: Server startup in 20835 ms*
>>
>>
>> On 05/26/2016 08:22 AM, Christian Mueller wrote:
>>
>> Hi
>>
>> What do you mean with deleting the admin password ?
>>
>> Obviously GeoServer cannot decode the password of your datastore. I
>> assume you did a fresh installation and the GeoServer internal key material
>>
>> has changed. Different GeoServer installations use different key
>> material.
>>
>> Solution: find the xml config file for your datastore. Search the XML
>> element named "password". Replace the password with:
>>
>> plain:mypassword.
>>
>> After restarting, use the admin GUI, open the edit view of your datastore
>> and save the config. This will encrypt the password using your new internal
>> keys.
>>
>> Cheers
>> Christian
>>
>>
>>
>>
>>
>>
>> ------------------------------------------------------------------------------
>> Mobile security can be enabling, not merely restricting. Employees who
>> bring their own devices (BYOD) to work are irked by the imposition of MDM
>> restrictions. Mobile Device Manager Plus allows you to control only the
>> apps on BYO-devices by containerizing them, leaving personal data
>> untouched!
>> https://ad.doubleclick.net/ddm/clk/304595813;131938128;j
>> _______________________________________________
>> Geoserver-users mailing list
>> Geoserver-users@lists.sourceforge.net
>> https://lists.sourceforge.net/lists/listinfo/geoserver-users
>>
>>
>
>
> --
> ==
> GeoServer Professional Services from the experts! Visit
> http://goo.gl/it488V for more information.
> ==
>
> Ing. Andrea Aime
> @geowolf
> Technical Lead
>
> GeoSolutions S.A.S.
> Via di Montramito 3/A
> 55054 Massarosa (LU)
> phone: +39 0584 962313
> fax: +39 0584 1660272
> mob: +39 339 8844549
>
> http://www.geo-solutions.it
> http://twitter.com/geosolutions_it
>
> *AVVERTENZE AI SENSI DEL D.Lgs. 196/2003*
>
> Le informazioni contenute in questo messaggio di posta elettronica e/o
> nel/i file/s allegato/i sono da considerarsi strettamente riservate. Il
> loro utilizzo è consentito esclusivamente al destinatario del messaggio,
> per le finalità indicate nel messaggio stesso. Qualora riceviate questo
> messaggio senza esserne il destinatario, Vi preghiamo cortesemente di
> darcene notizia via e-mail e di procedere alla distruzione del messaggio
> stesso, cancellandolo dal Vostro sistema. Conservare il messaggio stesso,
> divulgarlo anche in parte, distribuirlo ad altri soggetti, copiarlo, od
> utilizzarlo per finalità diverse, costituisce comportamento contrario ai
> principi dettati dal D.Lgs. 196/2003.
>
>
>
> The information in this message and/or attachments, is intended solely for
> the attention and use of the named addressee(s) and may be confidential or
> proprietary in nature or covered by the provisions of privacy act
> (Legislative Decree June, 30 2003, no.196 - Italy's New Data Protection
> Code).Any use not in accord with its purpose, any disclosure, reproduction,
> copying, distribution, or either dissemination, either whole or partial, is
> strictly forbidden except previous formal approval of the named
> addressee(s). If you are not the intended recipient, please contact
> immediately the sender by telephone, fax or e-mail and delete the
> information in this message that has been received in error. The sender
> does not give any warranty or accept liability as the content, accuracy or
> completeness of sent messages and accepts no responsibility for changes
> made after they were sent or for other risks which arise as a result of
> e-mail transmission, viruses, etc.
>
> -------------------------------------------------------
>
>
> ------------------------------------------------------------------------------
> Mobile security can be enabling, not merely restricting. Employees who
> bring their own devices (BYOD) to work are irked by the imposition of MDM
> restrictions. Mobile Device Manager Plus allows you to control only the
> apps on BYO-devices by containerizing them, leaving personal data
> untouched!
> https://ad.doubleclick.net/ddm/clk/304595813;131938128;j
> _______________________________________________
> Geoserver-users mailing list
> Geoserver-users@lists.sourceforge.net
> https://lists.sourceforge.net/lists/listinfo/geoserver-users
>
>
--
DI Christian Mueller MSc (GIS), MSc (IT-Security)
OSS Open Source Solutions GmbH
------------------------------------------------------------------------------
What NetFlow Analyzer can do for you? Monitors network bandwidth and traffic
patterns at an interface-level. Reveals which users, apps, and protocols are
consuming the most bandwidth. Provides multi-vendor support for NetFlow,
J-Flow, sFlow and other flows. Make informed decisions using capacity
planning reports. https://ad.doubleclick.net/ddm/clk/305295220;132659582;e
_______________________________________________
Geoserver-users mailing list
Geoserver-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/geoserver-users
