Re: RPC host mode fine --- RPC deployed web mode fails
OK, then ... for the record, the Security Manager settings that control this in Tomcat 5.5 are: // These permissions should be inserted into the catalina.policy file in the conf directory grant codeBase "file:${catalina.home}/webapps/-" { permission java.lang.reflect.ReflectPermission "suppressAccessChecks"; }; Note that the way this is written, the permission is granted for all webapps. To refine it further, change the codeBase clause. Whew! On Sep 19, 1:38 pm, Jason Essington <[EMAIL PROTECTED]> wrote: > I thought there was some talk previously about the serializers using > the getters/setters rather than directly molesting the fields to get > around the security policy issues like you were having ... though that > discussion was quite a while ago, and I don't remember the details now. > > -jason > > On Sep 19, 2008, at 2:25 PM,Barrywrote: > > > > > Yes, it does, Jason. > > > The public getters and setters are there to protect the private member > > variables. Since I made the member variables public (see reply to > > Lothar above), I'm having no trouble serializing. > > > Why do you ask about the getters and setters??? > > > Thanks! > > > On Sep 19, 8:10 am, Jason Essington <[EMAIL PROTECTED]> wrote: > >> does your object have public getters and setters? > > >> -jason > >> On Sep 19, 2008, at 12:27 AM,Barrywrote: > > >>> Hi ... > > >>> I have a (relatively) simple project that demonstrates an RPC > >>> failure > >>> that I don't know how to fix. There are two remote calls. SimpleCall > >>> returns an integer and succeeds both in host mode and in deployed > >>> web > >>> mode. ClassReturnCall returns a class instance and succeeds in host > >>> mode but _fails_ in deployed web mode. > > >>> The failure message is: Class Return Call Failure: > >>> com.google.gwt.user.client.rpc.StatusCodeException: The call > >>> failed on > >>> the server; see server log for details. > > >>> I built this project from scratch to show this, and haven't used or > >>> done anything exotic. I created the SimpleService and > >>> ClassReturnService using the wizards, created the .WAR file using a > >>> menu item, and deployed with a straight copy into Tomcat 5.5's > >>> application directory. > > >>> The return class is defined in its own class file, is a simple bean, > >>> and implements IsSerializable. > > >>> Can someone take a look at this and give some suggestions/ > >>> reasons?? I > >>> don't know what to do from here. Could this be some sort of security > >>> manager problem??? > > >>> Below are the log details, but the project (as simple as it is) is > >>> too > >>> much to post, so I have put it on the > >>> web:http://www.tpsoft.com/RemoteServiceTest.zip > > >>> The server log says: > > >>> Sep 19, 2008 6:15:31 AM org.apache.catalina.core.ApplicationContext > >>> log > >>> INFO: org.apache.webapp.balancer.BalancerFilter: init(): ruleChain: > >>> [org.apache.webapp.balancer.RuleChain: > >>> [org.apache.webapp.balancer.rules.URLStringMatchRule: Target string: > >>> News / Redirect URL:http://www.cnn.com], > >>> [org.apache.webapp.balancer.rules.RequestParameterRule: Target param > >>> name: paramName / Target param value: paramValue / Redirect URL: > >>>http://www.yahoo.com], > >>> [org.apache.webapp.balancer.rules.AcceptEverythingRule: Redirect > >>> URL: > >>>http://jakarta.apache.org]] > >>> Sep 19, 2008 6:16:11 AM org.apache.catalina.core.ApplicationContext > >>> log > >>> SEVERE: Exception while dispatching incoming RPC call > >>> java.security.AccessControlException: access denied > >>> (java.lang.reflect.ReflectPermission suppressAccessChecks) > >>> at > >>> java > >>> .security > >>> .AccessControlContext.checkPermission(AccessControlContext.java: > >>> 323) > >>> at > >>> java > >>> .security.AccessController.checkPermission(AccessController.java: > >>> 546) > >>> at > >>> java.lang.SecurityManager.checkPermission(SecurityManager.java: > >>> 532) > >>> at > >>> java > >>> .lang.reflect.AccessibleObject.setAccessible(AccessibleObject.java: > >>> 107) > >>> at > >>> com > >>> .google > >>> .gwt > >>> .user > >>> .server > >>> .rpc > >>> .impl > >>> .ServerSerializationStreamWriter > >>> .serializeClass(ServerSerializationStreamWriter.java: > >>> 619) > >>> at > >>> com > >>> .google > >>> .gwt > >>> .user > >>> .server > >>> .rpc > >>> .impl > >>> .ServerSerializationStreamWriter > >>> .serializeImpl(ServerSerializationStreamWriter.java: > >>> 655) > >>> at > >>> com > >>> .google > >>> .gwt > >>> .user > >>> .server > >>> .rpc > >>> .impl > >>> .ServerSerializationStreamWriter > >>> .serialize(ServerSerializationStreamWriter.java: > >>> 582) > >>> at > >>> com > >>> .google > >>> .gwt > >>> .user > >>> .client > >>> .rpc > >>> .impl > >>> .AbstractSerializationStreamWriter > >>> .writeObject(AbstractSerializationStreamWriter.java: > >>> 105) > >>> at > >>> com.google.gwt.user.server.rpc.impl.ServerSerializationStreamWriter > >>> $ValueWriter$8.write(ServerS
Re: RPC host mode fine --- RPC deployed web mode fails
I thought there was some talk previously about the serializers using the getters/setters rather than directly molesting the fields to get around the security policy issues like you were having ... though that discussion was quite a while ago, and I don't remember the details now. -jason On Sep 19, 2008, at 2:25 PM, Barry wrote: > > Yes, it does, Jason. > > The public getters and setters are there to protect the private member > variables. Since I made the member variables public (see reply to > Lothar above), I'm having no trouble serializing. > > Why do you ask about the getters and setters??? > > Thanks! > > On Sep 19, 8:10 am, Jason Essington <[EMAIL PROTECTED]> wrote: >> does your object have public getters and setters? >> >> -jason >> On Sep 19, 2008, at 12:27 AM, Barry wrote: >> >> >> >>> Hi ... >> >>> I have a (relatively) simple project that demonstrates an RPC >>> failure >>> that I don't know how to fix. There are two remote calls. SimpleCall >>> returns an integer and succeeds both in host mode and in deployed >>> web >>> mode. ClassReturnCall returns a class instance and succeeds in host >>> mode but _fails_ in deployed web mode. >> >>> The failure message is: Class Return Call Failure: >>> com.google.gwt.user.client.rpc.StatusCodeException: The call >>> failed on >>> the server; see server log for details. >> >>> I built this project from scratch to show this, and haven't used or >>> done anything exotic. I created the SimpleService and >>> ClassReturnService using the wizards, created the .WAR file using a >>> menu item, and deployed with a straight copy into Tomcat 5.5's >>> application directory. >> >>> The return class is defined in its own class file, is a simple bean, >>> and implements IsSerializable. >> >>> Can someone take a look at this and give some suggestions/ >>> reasons?? I >>> don't know what to do from here. Could this be some sort of security >>> manager problem??? >> >>> Below are the log details, but the project (as simple as it is) is >>> too >>> much to post, so I have put it on the >>> web:http://www.tpsoft.com/RemoteServiceTest.zip >> >>> The server log says: >> >>> Sep 19, 2008 6:15:31 AM org.apache.catalina.core.ApplicationContext >>> log >>> INFO: org.apache.webapp.balancer.BalancerFilter: init(): ruleChain: >>> [org.apache.webapp.balancer.RuleChain: >>> [org.apache.webapp.balancer.rules.URLStringMatchRule: Target string: >>> News / Redirect URL:http://www.cnn.com], >>> [org.apache.webapp.balancer.rules.RequestParameterRule: Target param >>> name: paramName / Target param value: paramValue / Redirect URL: >>> http://www.yahoo.com], >>> [org.apache.webapp.balancer.rules.AcceptEverythingRule: Redirect >>> URL: >>> http://jakarta.apache.org]] >>> Sep 19, 2008 6:16:11 AM org.apache.catalina.core.ApplicationContext >>> log >>> SEVERE: Exception while dispatching incoming RPC call >>> java.security.AccessControlException: access denied >>> (java.lang.reflect.ReflectPermission suppressAccessChecks) >>>at >>> java >>> .security >>> .AccessControlContext.checkPermission(AccessControlContext.java: >>> 323) >>>at >>> java >>> .security.AccessController.checkPermission(AccessController.java: >>> 546) >>>at >>> java.lang.SecurityManager.checkPermission(SecurityManager.java: >>> 532) >>>at >>> java >>> .lang.reflect.AccessibleObject.setAccessible(AccessibleObject.java: >>> 107) >>>at >>> com >>> .google >>> .gwt >>> .user >>> .server >>> .rpc >>> .impl >>> .ServerSerializationStreamWriter >>> .serializeClass(ServerSerializationStreamWriter.java: >>> 619) >>>at >>> com >>> .google >>> .gwt >>> .user >>> .server >>> .rpc >>> .impl >>> .ServerSerializationStreamWriter >>> .serializeImpl(ServerSerializationStreamWriter.java: >>> 655) >>>at >>> com >>> .google >>> .gwt >>> .user >>> .server >>> .rpc >>> .impl >>> .ServerSerializationStreamWriter >>> .serialize(ServerSerializationStreamWriter.java: >>> 582) >>>at >>> com >>> .google >>> .gwt >>> .user >>> .client >>> .rpc >>> .impl >>> .AbstractSerializationStreamWriter >>> .writeObject(AbstractSerializationStreamWriter.java: >>> 105) >>>at >>> com.google.gwt.user.server.rpc.impl.ServerSerializationStreamWriter >>> $ValueWriter$8.write(ServerSerializationStreamWriter.java:146) >>>at >>> com >>> .google >>> .gwt >>> .user >>> .server >>> .rpc >>> .impl >>> .ServerSerializationStreamWriter >>> .serializeValue(ServerSerializationStreamWriter.java: >>> 520) >>>at com.google.gwt.user.server.rpc.RPC.encodeResponse(RPC.java: >>> 573) >>>at >>> com >>> .google.gwt.user.server.rpc.RPC.encodeResponseForSuccess(RPC.java: >>> 441) >>>at >>> com.google.gwt.user.server.rpc.RPC.invokeAndEncodeResponse(RPC.java: >>> 529) >>>at >>> com >>> .google >>> .gwt >>> .user >>> .server >>> .rpc.RemoteServiceServlet.processCall(RemoteServiceServlet.java: >>> 163) >>>at >>> com >>> .google >>> .gwt >>> .user >>> .server.rpc.RemoteServiceServlet.doPost(RemoteServiceServlet.java:
Re: RPC host mode fine --- RPC deployed web mode fails
Yes, it does, Jason. The public getters and setters are there to protect the private member variables. Since I made the member variables public (see reply to Lothar above), I'm having no trouble serializing. Why do you ask about the getters and setters??? Thanks! On Sep 19, 8:10 am, Jason Essington <[EMAIL PROTECTED]> wrote: > does your object have public getters and setters? > > -jason > On Sep 19, 2008, at 12:27 AM, Barry wrote: > > > > > Hi ... > > > I have a (relatively) simple project that demonstrates an RPC failure > > that I don't know how to fix. There are two remote calls. SimpleCall > > returns an integer and succeeds both in host mode and in deployed web > > mode. ClassReturnCall returns a class instance and succeeds in host > > mode but _fails_ in deployed web mode. > > > The failure message is: Class Return Call Failure: > > com.google.gwt.user.client.rpc.StatusCodeException: The call failed on > > the server; see server log for details. > > > I built this project from scratch to show this, and haven't used or > > done anything exotic. I created the SimpleService and > > ClassReturnService using the wizards, created the .WAR file using a > > menu item, and deployed with a straight copy into Tomcat 5.5's > > application directory. > > > The return class is defined in its own class file, is a simple bean, > > and implements IsSerializable. > > > Can someone take a look at this and give some suggestions/reasons?? I > > don't know what to do from here. Could this be some sort of security > > manager problem??? > > > Below are the log details, but the project (as simple as it is) is too > > much to post, so I have put it on the > > web:http://www.tpsoft.com/RemoteServiceTest.zip > > > The server log says: > > > Sep 19, 2008 6:15:31 AM org.apache.catalina.core.ApplicationContext > > log > > INFO: org.apache.webapp.balancer.BalancerFilter: init(): ruleChain: > > [org.apache.webapp.balancer.RuleChain: > > [org.apache.webapp.balancer.rules.URLStringMatchRule: Target string: > > News / Redirect URL:http://www.cnn.com], > > [org.apache.webapp.balancer.rules.RequestParameterRule: Target param > > name: paramName / Target param value: paramValue / Redirect URL: > >http://www.yahoo.com], > > [org.apache.webapp.balancer.rules.AcceptEverythingRule: Redirect URL: > >http://jakarta.apache.org]] > > Sep 19, 2008 6:16:11 AM org.apache.catalina.core.ApplicationContext > > log > > SEVERE: Exception while dispatching incoming RPC call > > java.security.AccessControlException: access denied > > (java.lang.reflect.ReflectPermission suppressAccessChecks) > > at > > java > > .security > > .AccessControlContext.checkPermission(AccessControlContext.java: > > 323) > > at > > java.security.AccessController.checkPermission(AccessController.java: > > 546) > > at java.lang.SecurityManager.checkPermission(SecurityManager.java: > > 532) > > at > > java > > .lang.reflect.AccessibleObject.setAccessible(AccessibleObject.java: > > 107) > > at > > com > > .google > > .gwt > > .user > > .server > > .rpc > > .impl > > .ServerSerializationStreamWriter > > .serializeClass(ServerSerializationStreamWriter.java: > > 619) > > at > > com > > .google > > .gwt > > .user > > .server > > .rpc > > .impl > > .ServerSerializationStreamWriter > > .serializeImpl(ServerSerializationStreamWriter.java: > > 655) > > at > > com > > .google > > .gwt > > .user > > .server > > .rpc > > .impl > > .ServerSerializationStreamWriter > > .serialize(ServerSerializationStreamWriter.java: > > 582) > > at > > com > > .google > > .gwt > > .user > > .client > > .rpc > > .impl > > .AbstractSerializationStreamWriter > > .writeObject(AbstractSerializationStreamWriter.java: > > 105) > > at > > com.google.gwt.user.server.rpc.impl.ServerSerializationStreamWriter > > $ValueWriter$8.write(ServerSerializationStreamWriter.java:146) > > at > > com > > .google > > .gwt > > .user > > .server > > .rpc > > .impl > > .ServerSerializationStreamWriter > > .serializeValue(ServerSerializationStreamWriter.java: > > 520) > > at com.google.gwt.user.server.rpc.RPC.encodeResponse(RPC.java:573) > > at > > com.google.gwt.user.server.rpc.RPC.encodeResponseForSuccess(RPC.java: > > 441) > > at > > com.google.gwt.user.server.rpc.RPC.invokeAndEncodeResponse(RPC.java: > > 529) > > at > > com > > .google > > .gwt > > .user > > .server > > .rpc.RemoteServiceServlet.processCall(RemoteServiceServlet.java: > > 163) > > at > > com > > .google > > .gwt > > .user > > .server.rpc.RemoteServiceServlet.doPost(RemoteServiceServlet.java: > > 85) > > at javax.servlet.http.HttpServlet.service(HttpServlet.java:709) > > at javax.servlet.http.HttpServlet.service(HttpServlet.java:802) > > at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) > > at > > sun > > .reflect > > .NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java: > > 39) > > at > > sun > > .reflect > > .DelegatingMethodAccessorImpl > > .invoke(DelegatingMethodAccessorImpl.
Re: RPC host mode fine --- RPC deployed web mode fails
Good call, Lothar -- I changed my "private" declarations to "public" and put an ominous looking comment next to each of them. Once I did that, the serialization worked fine ... both on my test case and my much larger application. I also tried setting security permissions for the security manager in Tomcat's policy file. That was a disaster ... I'll have to get with someone who knows Java Security Manager better. Thanks! On Sep 19, 1:44 am, Lothar Kimmeringer <[EMAIL PROTECTED]> wrote: > Barry schrieb: > > > The failure message is: Class Return Call Failure: > > com.google.gwt.user.client.rpc.StatusCodeException: The call failed on > > the server; see server log for details. > > [...] > > > java.security.AccessControlException: access denied > > (java.lang.reflect.ReflectPermission suppressAccessChecks) > > A SecurityManager is denying access to a private member > of your class. > > > at > > java.lang.reflect.AccessibleObject.setAccessible(AccessibleObject.java: > > 107) > > at > > com.google.gwt.user.server.rpc.impl.ServerSerializationStreamWriter.serializeClass(ServerSerializationStreamWriter.java: > > 619) > > You need this for (de)serializing data when the member is > private. You can try the following things: > > - Use java.io.Serializable instead of IsSerializable > I don't know the sources of GWT but maybe that is > enough to let the GWT deserializer use ObjectInputStream.readObject() > instead of its own deserialization-routine > - Change the members of your class from private to public > That's what I have done, because the objects being exchanged > between client and server are GWT-only anyway, only used there > and not visible in other parts of the server. > - Change the settings of the SecurityManager to allow the > access of private members for ServerSerializationStreamWriter > > Hosted mode works because there is no or a SecurityManager > with fitting settings being installed. > > Regards, Lothar --~--~-~--~~~---~--~~ You received this message because you are subscribed to the Google Groups "Google Web Toolkit" group. To post to this group, send email to Google-Web-Toolkit@googlegroups.com To unsubscribe from this group, send email to [EMAIL PROTECTED] For more options, visit this group at http://groups.google.com/group/Google-Web-Toolkit?hl=en -~--~~~~--~~--~--~---
RPC host mode fine --- RPC deployed web mode fails
Hi ... I have a (relatively) simple project that demonstrates an RPC failure that I don't know how to fix. There are two remote calls. SimpleCall returns an integer and succeeds both in host mode and in deployed web mode. ClassReturnCall returns a class instance and succeeds in host mode but _fails_ in deployed web mode. The failure message is: Class Return Call Failure: com.google.gwt.user.client.rpc.StatusCodeException: The call failed on the server; see server log for details. I built this project from scratch to show this, and haven't used or done anything exotic. I created the SimpleService and ClassReturnService using the wizards, created the .WAR file using a menu item, and deployed with a straight copy into Tomcat 5.5's application directory. The return class is defined in its own class file, is a simple bean, and implements IsSerializable. Can someone take a look at this and give some suggestions/reasons?? I don't know what to do from here. Could this be some sort of security manager problem??? Below are the log details, but the project (as simple as it is) is too much to post, so I have put it on the web: http://www.tpsoft.com/RemoteServiceTest.zip The server log says: Sep 19, 2008 6:15:31 AM org.apache.catalina.core.ApplicationContext log INFO: org.apache.webapp.balancer.BalancerFilter: init(): ruleChain: [org.apache.webapp.balancer.RuleChain: [org.apache.webapp.balancer.rules.URLStringMatchRule: Target string: News / Redirect URL: http://www.cnn.com], [org.apache.webapp.balancer.rules.RequestParameterRule: Target param name: paramName / Target param value: paramValue / Redirect URL: http://www.yahoo.com], [org.apache.webapp.balancer.rules.AcceptEverythingRule: Redirect URL: http://jakarta.apache.org]] Sep 19, 2008 6:16:11 AM org.apache.catalina.core.ApplicationContext log SEVERE: Exception while dispatching incoming RPC call java.security.AccessControlException: access denied (java.lang.reflect.ReflectPermission suppressAccessChecks) at java.security.AccessControlContext.checkPermission(AccessControlContext.java: 323) at java.security.AccessController.checkPermission(AccessController.java: 546) at java.lang.SecurityManager.checkPermission(SecurityManager.java: 532) at java.lang.reflect.AccessibleObject.setAccessible(AccessibleObject.java: 107) at com.google.gwt.user.server.rpc.impl.ServerSerializationStreamWriter.serializeClass(ServerSerializationStreamWriter.java: 619) at com.google.gwt.user.server.rpc.impl.ServerSerializationStreamWriter.serializeImpl(ServerSerializationStreamWriter.java: 655) at com.google.gwt.user.server.rpc.impl.ServerSerializationStreamWriter.serialize(ServerSerializationStreamWriter.java: 582) at com.google.gwt.user.client.rpc.impl.AbstractSerializationStreamWriter.writeObject(AbstractSerializationStreamWriter.java: 105) at com.google.gwt.user.server.rpc.impl.ServerSerializationStreamWriter $ValueWriter$8.write(ServerSerializationStreamWriter.java:146) at com.google.gwt.user.server.rpc.impl.ServerSerializationStreamWriter.serializeValue(ServerSerializationStreamWriter.java: 520) at com.google.gwt.user.server.rpc.RPC.encodeResponse(RPC.java: 573) at com.google.gwt.user.server.rpc.RPC.encodeResponseForSuccess(RPC.java: 441) at com.google.gwt.user.server.rpc.RPC.invokeAndEncodeResponse(RPC.java: 529) at com.google.gwt.user.server.rpc.RemoteServiceServlet.processCall(RemoteServiceServlet.java: 163) at com.google.gwt.user.server.rpc.RemoteServiceServlet.doPost(RemoteServiceServlet.java: 85) at javax.servlet.http.HttpServlet.service(HttpServlet.java:709) at javax.servlet.http.HttpServlet.service(HttpServlet.java:802) at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java: 39) at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java: 25) at java.lang.reflect.Method.invoke(Method.java:597) at org.apache.catalina.security.SecurityUtil $1.run(SecurityUtil.java: 244) at java.security.AccessController.doPrivileged(Native Method) at javax.security.auth.Subject.doAsPrivileged(Subject.java:517) at org.apache.catalina.security.SecurityUtil.execute(SecurityUtil.java: 276) at org.apache.catalina.security.SecurityUtil.doAsPrivilege(SecurityUtil.java: 162) at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java: 262) at org.apache.catalina.core.ApplicationFilterChain.access $0(ApplicationFilterChain.java:192) at org.apache.catalina.core.ApplicationFilterChain $1.run(ApplicationFilterChain.java:171) at java.security.AccessController.doPrivileged(Native Method) at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java: 167) at org.apache.catalina.core.StandardWrapperValve.invoke(Stan
Re: RPC host mode fine --- RPC deployed web mode fails
does your object have public getters and setters? -jason On Sep 19, 2008, at 12:27 AM, Barry wrote: > > Hi ... > > I have a (relatively) simple project that demonstrates an RPC failure > that I don't know how to fix. There are two remote calls. SimpleCall > returns an integer and succeeds both in host mode and in deployed web > mode. ClassReturnCall returns a class instance and succeeds in host > mode but _fails_ in deployed web mode. > > The failure message is: Class Return Call Failure: > com.google.gwt.user.client.rpc.StatusCodeException: The call failed on > the server; see server log for details. > > I built this project from scratch to show this, and haven't used or > done anything exotic. I created the SimpleService and > ClassReturnService using the wizards, created the .WAR file using a > menu item, and deployed with a straight copy into Tomcat 5.5's > application directory. > > The return class is defined in its own class file, is a simple bean, > and implements IsSerializable. > > Can someone take a look at this and give some suggestions/reasons?? I > don't know what to do from here. Could this be some sort of security > manager problem??? > > Below are the log details, but the project (as simple as it is) is too > much to post, so I have put it on the web: > http://www.tpsoft.com/RemoteServiceTest.zip > > The server log says: > > Sep 19, 2008 6:15:31 AM org.apache.catalina.core.ApplicationContext > log > INFO: org.apache.webapp.balancer.BalancerFilter: init(): ruleChain: > [org.apache.webapp.balancer.RuleChain: > [org.apache.webapp.balancer.rules.URLStringMatchRule: Target string: > News / Redirect URL: http://www.cnn.com], > [org.apache.webapp.balancer.rules.RequestParameterRule: Target param > name: paramName / Target param value: paramValue / Redirect URL: > http://www.yahoo.com], > [org.apache.webapp.balancer.rules.AcceptEverythingRule: Redirect URL: > http://jakarta.apache.org]] > Sep 19, 2008 6:16:11 AM org.apache.catalina.core.ApplicationContext > log > SEVERE: Exception while dispatching incoming RPC call > java.security.AccessControlException: access denied > (java.lang.reflect.ReflectPermission suppressAccessChecks) > at > java > .security > .AccessControlContext.checkPermission(AccessControlContext.java: > 323) > at > java.security.AccessController.checkPermission(AccessController.java: > 546) > at java.lang.SecurityManager.checkPermission(SecurityManager.java: > 532) > at > java > .lang.reflect.AccessibleObject.setAccessible(AccessibleObject.java: > 107) > at > com > .google > .gwt > .user > .server > .rpc > .impl > .ServerSerializationStreamWriter > .serializeClass(ServerSerializationStreamWriter.java: > 619) > at > com > .google > .gwt > .user > .server > .rpc > .impl > .ServerSerializationStreamWriter > .serializeImpl(ServerSerializationStreamWriter.java: > 655) > at > com > .google > .gwt > .user > .server > .rpc > .impl > .ServerSerializationStreamWriter > .serialize(ServerSerializationStreamWriter.java: > 582) > at > com > .google > .gwt > .user > .client > .rpc > .impl > .AbstractSerializationStreamWriter > .writeObject(AbstractSerializationStreamWriter.java: > 105) > at > com.google.gwt.user.server.rpc.impl.ServerSerializationStreamWriter > $ValueWriter$8.write(ServerSerializationStreamWriter.java:146) > at > com > .google > .gwt > .user > .server > .rpc > .impl > .ServerSerializationStreamWriter > .serializeValue(ServerSerializationStreamWriter.java: > 520) > at com.google.gwt.user.server.rpc.RPC.encodeResponse(RPC.java:573) > at > com.google.gwt.user.server.rpc.RPC.encodeResponseForSuccess(RPC.java: > 441) > at > com.google.gwt.user.server.rpc.RPC.invokeAndEncodeResponse(RPC.java: > 529) > at > com > .google > .gwt > .user > .server > .rpc.RemoteServiceServlet.processCall(RemoteServiceServlet.java: > 163) > at > com > .google > .gwt > .user > .server.rpc.RemoteServiceServlet.doPost(RemoteServiceServlet.java: > 85) > at javax.servlet.http.HttpServlet.service(HttpServlet.java:709) > at javax.servlet.http.HttpServlet.service(HttpServlet.java:802) > at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) > at > sun > .reflect > .NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java: > 39) > at > sun > .reflect > .DelegatingMethodAccessorImpl > .invoke(DelegatingMethodAccessorImpl.java: > 25) > at java.lang.reflect.Method.invoke(Method.java:597) > at org.apache.catalina.security.SecurityUtil$1.run(SecurityUtil.java: > 244) > at java.security.AccessController.doPrivileged(Native Method) > at javax.security.auth.Subject.doAsPrivileged(Subject.java:517) > at > org.apache.catalina.security.SecurityUtil.execute(SecurityUtil.java: > 276) > at > org > .apache > .catalina.security.SecurityUtil.doAsPrivilege(SecurityUtil.java: > 162) > at > org > .apache > .catalina > .core > .Ap
Re: RPC host mode fine --- RPC deployed web mode fails
Barry schrieb: > The failure message is: Class Return Call Failure: > com.google.gwt.user.client.rpc.StatusCodeException: The call failed on > the server; see server log for details. [...] > java.security.AccessControlException: access denied > (java.lang.reflect.ReflectPermission suppressAccessChecks) A SecurityManager is denying access to a private member of your class. > at > java.lang.reflect.AccessibleObject.setAccessible(AccessibleObject.java: > 107) > at > com.google.gwt.user.server.rpc.impl.ServerSerializationStreamWriter.serializeClass(ServerSerializationStreamWriter.java: > 619) You need this for (de)serializing data when the member is private. You can try the following things: - Use java.io.Serializable instead of IsSerializable I don't know the sources of GWT but maybe that is enough to let the GWT deserializer use ObjectInputStream.readObject() instead of its own deserialization-routine - Change the members of your class from private to public That's what I have done, because the objects being exchanged between client and server are GWT-only anyway, only used there and not visible in other parts of the server. - Change the settings of the SecurityManager to allow the access of private members for ServerSerializationStreamWriter Hosted mode works because there is no or a SecurityManager with fitting settings being installed. Regards, Lothar --~--~-~--~~~---~--~~ You received this message because you are subscribed to the Google Groups "Google Web Toolkit" group. To post to this group, send email to Google-Web-Toolkit@googlegroups.com To unsubscribe from this group, send email to [EMAIL PROTECTED] For more options, visit this group at http://groups.google.com/group/Google-Web-Toolkit?hl=en -~--~~~~--~~--~--~---
RPC host mode fine --- RPC deployed web mode fails
Hi ... I have a (relatively) simple project that demonstrates an RPC failure that I don't know how to fix. There are two remote calls. SimpleCall returns an integer and succeeds both in host mode and in deployed web mode. ClassReturnCall returns a class instance and succeeds in host mode but _fails_ in deployed web mode. The failure message is: Class Return Call Failure: com.google.gwt.user.client.rpc.StatusCodeException: The call failed on the server; see server log for details. I built this project from scratch to show this, and haven't used or done anything exotic. I created the SimpleService and ClassReturnService using the wizards, created the .WAR file using a menu item, and deployed with a straight copy into Tomcat 5.5's application directory. The return class is defined in its own class file, is a simple bean, and implements IsSerializable. Can someone take a look at this and give some suggestions/reasons?? I don't know what to do from here. Could this be some sort of security manager problem??? Below are the log details, but the project (as simple as it is) is too much to post, so I have put it on the web: http://www.tpsoft.com/RemoteServiceTest.zip The server log says: Sep 19, 2008 6:15:31 AM org.apache.catalina.core.ApplicationContext log INFO: org.apache.webapp.balancer.BalancerFilter: init(): ruleChain: [org.apache.webapp.balancer.RuleChain: [org.apache.webapp.balancer.rules.URLStringMatchRule: Target string: News / Redirect URL: http://www.cnn.com], [org.apache.webapp.balancer.rules.RequestParameterRule: Target param name: paramName / Target param value: paramValue / Redirect URL: http://www.yahoo.com], [org.apache.webapp.balancer.rules.AcceptEverythingRule: Redirect URL: http://jakarta.apache.org]] Sep 19, 2008 6:16:11 AM org.apache.catalina.core.ApplicationContext log SEVERE: Exception while dispatching incoming RPC call java.security.AccessControlException: access denied (java.lang.reflect.ReflectPermission suppressAccessChecks) at java.security.AccessControlContext.checkPermission(AccessControlContext.java: 323) at java.security.AccessController.checkPermission(AccessController.java: 546) at java.lang.SecurityManager.checkPermission(SecurityManager.java: 532) at java.lang.reflect.AccessibleObject.setAccessible(AccessibleObject.java: 107) at com.google.gwt.user.server.rpc.impl.ServerSerializationStreamWriter.serializeClass(ServerSerializationStreamWriter.java: 619) at com.google.gwt.user.server.rpc.impl.ServerSerializationStreamWriter.serializeImpl(ServerSerializationStreamWriter.java: 655) at com.google.gwt.user.server.rpc.impl.ServerSerializationStreamWriter.serialize(ServerSerializationStreamWriter.java: 582) at com.google.gwt.user.client.rpc.impl.AbstractSerializationStreamWriter.writeObject(AbstractSerializationStreamWriter.java: 105) at com.google.gwt.user.server.rpc.impl.ServerSerializationStreamWriter $ValueWriter$8.write(ServerSerializationStreamWriter.java:146) at com.google.gwt.user.server.rpc.impl.ServerSerializationStreamWriter.serializeValue(ServerSerializationStreamWriter.java: 520) at com.google.gwt.user.server.rpc.RPC.encodeResponse(RPC.java:573) at com.google.gwt.user.server.rpc.RPC.encodeResponseForSuccess(RPC.java: 441) at com.google.gwt.user.server.rpc.RPC.invokeAndEncodeResponse(RPC.java: 529) at com.google.gwt.user.server.rpc.RemoteServiceServlet.processCall(RemoteServiceServlet.java: 163) at com.google.gwt.user.server.rpc.RemoteServiceServlet.doPost(RemoteServiceServlet.java: 85) at javax.servlet.http.HttpServlet.service(HttpServlet.java:709) at javax.servlet.http.HttpServlet.service(HttpServlet.java:802) at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java: 39) at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java: 25) at java.lang.reflect.Method.invoke(Method.java:597) at org.apache.catalina.security.SecurityUtil$1.run(SecurityUtil.java: 244) at java.security.AccessController.doPrivileged(Native Method) at javax.security.auth.Subject.doAsPrivileged(Subject.java:517) at org.apache.catalina.security.SecurityUtil.execute(SecurityUtil.java: 276) at org.apache.catalina.security.SecurityUtil.doAsPrivilege(SecurityUtil.java: 162) at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java: 262) at org.apache.catalina.core.ApplicationFilterChain.access $0(ApplicationFilterChain.java:192) at org.apache.catalina.core.ApplicationFilterChain $1.run(ApplicationFilterChain.java:171) at java.security.AccessController.doPrivileged(Native Method) at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java: 167) at org.apache.catalina.core.St