Hi all , I have added security manager in a filter initialization method in my
webb app. I have deployed webapp in tomcat and when I start tomcat it is
throwing the following error. Kindly help me in this.
How to avoid this? What should I do in the security policy?
Dec 30, 2010 11:41:25 AM org.apache.tomcat.util.modeler.Registry
registerComponent
SEVERE: Error registering
Catalina:j2eeType=Filter,name=jaas,WebModule=//localhost/cskip,J2EEApplication=none,J2EEServer=none
java.security.AccessControlException: access denied
(javax.management.MBeanPermission
org.apache.tomcat.util.modeler.BaseModelMBean#-[Catalina:J2EEApplication=none,J2EEServer=none,WebModule=//localhost/cskip,j2eeType=Filter,name=jaas]
registerMBean)
at
java.security.AccessControlContext.checkPermission(AccessControlContext.java:323)
at
java.security.AccessController.checkPermission(AccessController.java:546)
at
java.lang.SecurityManager.checkPermission(SecurityManager.java:532)
at
com.sun.jmx.interceptor.DefaultMBeanServerInterceptor.checkMBeanPermission(DefaultMBeanServerInterceptor.java:1806)
at
com.sun.jmx.interceptor.DefaultMBeanServerInterceptor.registerMBean(DefaultMBeanServerInterceptor.java:309)
at
com.sun.jmx.mbeanserver.JmxMBeanServer.registerMBean(JmxMBeanServer.java:482)
at
org.apache.tomcat.util.modeler.Registry.registerComponent(Registry.java:806)
at
org.apache.catalina.core.ApplicationFilterConfig.registerJMX(ApplicationFilterConfig.java:457)
at
org.apache.catalina.core.ApplicationFilterConfig.getFilter(ApplicationFilterConfig.java:299)
at
org.apache.catalina.core.ApplicationFilterConfig.setFilterDef(ApplicationFilterConfig.java:422)
at
org.apache.catalina.core.ApplicationFilterConfig.<init>(ApplicationFilterConfig.java:115)
at
org.apache.catalina.core.StandardContext.filterStart(StandardContext.java:4001)
at
org.apache.catalina.core.StandardContext.start(StandardContext.java:4651)
at
org.apache.catalina.core.ContainerBase.addChildInternal(ContainerBase.java:791)
at
org.apache.catalina.core.ContainerBase.addChild(ContainerBase.java:771)
at
org.apache.catalina.core.StandardHost.addChild(StandardHost.java:546)
at
org.apache.catalina.startup.HostConfig.deployWAR(HostConfig.java:905)
at
org.apache.catalina.startup.HostConfig.deployWARs(HostConfig.java:740)
at
org.apache.catalina.startup.HostConfig.deployApps(HostConfig.java:500)
at
org.apache.catalina.startup.HostConfig.start(HostConfig.java:1277)
at
org.apache.catalina.startup.HostConfig.lifecycleEvent(HostConfig.java:321)
at
org.apache.catalina.util.LifecycleSupport.fireLifecycleEvent(LifecycleSupport.java:119)
at
org.apache.catalina.core.ContainerBase.start(ContainerBase.java:1053)
at
org.apache.catalina.core.StandardHost.start(StandardHost.java:785)
at
org.apache.catalina.core.ContainerBase.start(ContainerBase.java:1045)
at
org.apache.catalina.core.StandardEngine.start(StandardEngine.java:445)
at
org.apache.catalina.core.StandardService.start(StandardService.java:519)
at
org.apache.catalina.core.StandardServer.start(StandardServer.java:710)
at org.apache.catalina.startup.Catalina.start(Catalina.java:581)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at
sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
at
sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
at java.lang.reflect.Method.invoke(Method.java:597)
at org.apache.catalina.startup.Bootstrap.start(Bootstrap.java:289)
at org.apache.catalina.startup.Bootstrap.main(Bootstrap.java:414)
Dec 30, 2010 11:41:25 AM org.apache.catalina.core.ApplicationFilterConfig
registerJMX
INFO: JMX registration failed for filter of type
[com.ge.capital.cskip.jaas.filter.JAASFilter] and name [jaas]
java.security.AccessControlException: access denied
(javax.management.MBeanPermission
org.apache.tomcat.util.modeler.BaseModelMBean#-[Catalina:J2EEApplication=none,J2EEServer=none,WebModule=//localhost/cskip,j2eeType=Filter,name=jaas]
registerMBean)
at
java.security.AccessControlContext.checkPermission(AccessControlContext.java:323)
at
java.security.AccessController.checkPermission(AccessController.java:546)
at
java.lang.SecurityManager.checkPermission(SecurityManager.java:532)
at
com.sun.jmx.interceptor.DefaultMBeanServerInterceptor.checkMBeanPermission(DefaultMBeanServerInterceptor.java:1806)
at
com.sun.jmx.interceptor.DefaultMBeanServerInterceptor.registerMBean(DefaultMBeanServerInterceptor.java:309)
at
com.sun.jmx.mbeanserver.JmxMBeanServer.registerMBean(JmxMBeanServer.java:482)
at
org.apache.tomcat.util.modeler.Registry.registerComponent(Registry.java:806)
at
org.apache.catalina.core.ApplicationFilterConfig.registerJMX(ApplicationFilterConfig.java:457)
at
org.apache.catalina.core.ApplicationFilterConfig.getFilter(ApplicationFilterConfig.java:299)
at
org.apache.catalina.core.ApplicationFilterConfig.setFilterDef(ApplicationFilterConfig.java:422)
at
org.apache.catalina.core.ApplicationFilterConfig.<init>(ApplicationFilterConfig.java:115)
at
org.apache.catalina.core.StandardContext.filterStart(StandardContext.java:4001)
at
org.apache.catalina.core.StandardContext.start(StandardContext.java:4651)
at
org.apache.catalina.core.ContainerBase.addChildInternal(ContainerBase.java:791)
at
org.apache.catalina.core.ContainerBase.addChild(ContainerBase.java:771)
at
org.apache.catalina.core.StandardHost.addChild(StandardHost.java:546)
at
org.apache.catalina.startup.HostConfig.deployWAR(HostConfig.java:905)
at
org.apache.catalina.startup.HostConfig.deployWARs(HostConfig.java:740)
at
org.apache.catalina.startup.HostConfig.deployApps(HostConfig.java:500)
at
org.apache.catalina.startup.HostConfig.start(HostConfig.java:1277)
at
org.apache.catalina.startup.HostConfig.lifecycleEvent(HostConfig.java:321)
at
org.apache.catalina.util.LifecycleSupport.fireLifecycleEvent(LifecycleSupport.java:119)
at
org.apache.catalina.core.ContainerBase.start(ContainerBase.java:1053)
at
org.apache.catalina.core.StandardHost.start(StandardHost.java:785)
at
org.apache.catalina.core.ContainerBase.start(ContainerBase.java:1045)
at
org.apache.catalina.core.StandardEngine.start(StandardEngine.java:445)
at
org.apache.catalina.core.StandardService.start(StandardService.java:519)
at
org.apache.catalina.core.StandardServer.start(StandardServer.java:710)
at org.apache.catalina.startup.Catalina.start(Catalina.java:581)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at
sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
at
sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
at java.lang.reflect.Method.invoke(Method.java:597)
at org.apache.catalina.startup.Bootstrap.start(Bootstrap.java:289)
at org.apache.catalina.startup.Bootstrap.main(Bootstrap.java:414)
Dec 30, 2010 11:41:25 AM org.apache.catalina.loader.WebappClassLoader findClass
WARNING:
WebappClassLoader.findClassInternal(org.apache.struts2.dispatcher.ng.HostConfig)
security exception: access denied (java.io.FilePermission
C:\apache-tomcat-6.0.29\webapps\cskip\WEB-INF\classes\org\apache\struts2\dispatcher\ng\HostConfig.class
read)
java.security.AccessControlException: access denied (java.io.FilePermission
C:\apache-tomcat-6.0.29\webapps\cskip\WEB-INF\classes\org\apache\struts2\dispatcher\ng\HostConfig.class
read)
at
java.security.AccessControlContext.checkPermission(AccessControlContext.java:323)
at
java.security.AccessController.checkPermission(AccessController.java:546)
at
java.lang.SecurityManager.checkPermission(SecurityManager.java:532)
at java.lang.SecurityManager.checkRead(SecurityManager.java:871)
at java.io.File.exists(File.java:731)
at
org.apache.naming.resources.FileDirContext.file(FileDirContext.java:785)
at
org.apache.naming.resources.FileDirContext.lookup(FileDirContext.java:206)
at
org.apache.naming.resources.ProxyDirContext.lookup(ProxyDirContext.java:299)
at
org.apache.catalina.loader.WebappClassLoader.findResourceInternal(WebappClassLoader.java:2807)
at
org.apache.catalina.loader.WebappClassLoader.findClassInternal(WebappClassLoader.java:2668)
at
org.apache.catalina.loader.WebappClassLoader.findClass(WebappClassLoader.java:1124)
at
org.apache.catalina.loader.WebappClassLoader.loadClass(WebappClassLoader.java:1612)
at
org.apache.catalina.loader.WebappClassLoader.loadClass(WebappClassLoader.java:1491)
at java.lang.ClassLoader.loadClassInternal(ClassLoader.java:320)
at java.lang.Class.getDeclaredConstructors0(Native Method)
at java.lang.Class.privateGetDeclaredConstructors(Class.java:2389)
at java.lang.Class.getConstructor0(Class.java:2699)
at java.lang.Class.newInstance0(Class.java:326)
at java.lang.Class.newInstance(Class.java:308)
at
org.apache.catalina.core.ApplicationFilterConfig.getFilter(ApplicationFilterConfig.java:275)
at
org.apache.catalina.core.ApplicationFilterConfig.setFilterDef(ApplicationFilterConfig.java:422)
at
org.apache.catalina.core.ApplicationFilterConfig.<init>(ApplicationFilterConfig.java:115)
at
org.apache.catalina.core.StandardContext.filterStart(StandardContext.java:4001)
at
org.apache.catalina.core.StandardContext.start(StandardContext.java:4651)
at
org.apache.catalina.core.ContainerBase.addChildInternal(ContainerBase.java:791)
at
org.apache.catalina.core.ContainerBase.addChild(ContainerBase.java:771)
at
org.apache.catalina.core.StandardHost.addChild(StandardHost.java:546)
at
org.apache.catalina.startup.HostConfig.deployWAR(HostConfig.java:905)
at
org.apache.catalina.startup.HostConfig.deployWARs(HostConfig.java:740)
at
org.apache.catalina.startup.HostConfig.deployApps(HostConfig.java:500)
at
org.apache.catalina.startup.HostConfig.start(HostConfig.java:1277)
at
org.apache.catalina.startup.HostConfig.lifecycleEvent(HostConfig.java:321)
at
org.apache.catalina.util.LifecycleSupport.fireLifecycleEvent(LifecycleSupport.java:119)
at
org.apache.catalina.core.ContainerBase.start(ContainerBase.java:1053)
at
org.apache.catalina.core.StandardHost.start(StandardHost.java:785)
at
org.apache.catalina.core.ContainerBase.start(ContainerBase.java:1045)
at
org.apache.catalina.core.StandardEngine.start(StandardEngine.java:445)
at
org.apache.catalina.core.StandardService.start(StandardService.java:519)
at
org.apache.catalina.core.StandardServer.start(StandardServer.java:710)
at org.apache.catalina.startup.Catalina.start(Catalina.java:581)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at
sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
at
sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
at java.lang.reflect.Method.invoke(Method.java:597)
at org.apache.catalina.startup.Bootstrap.start(Bootstrap.java:289)
at org.apache.catalina.startup.Bootstrap.main(Bootstrap.java:414)
Dec 30, 2010 11:41:25 AM org.apache.catalina.core.StandardContext start
SEVERE: Error filterStart
Dec 30, 2010 11:41:25 AM org.apache.catalina.startup.HostConfig deployWAR
SEVERE: Error deploying web application archive cskip.war
java.security.AccessControlException: access denied
(java.lang.RuntimePermission setContextClassLoader)
at
java.security.AccessControlContext.checkPermission(AccessControlContext.java:323)
at
java.security.AccessController.checkPermission(AccessController.java:546)
at
java.lang.SecurityManager.checkPermission(SecurityManager.java:532)
at java.lang.Thread.setContextClassLoader(Thread.java:1351)
at
org.apache.catalina.core.StandardContext.unbindThread(StandardContext.java:5019)
at
org.apache.catalina.core.StandardContext.start(StandardContext.java:4664)
at
org.apache.catalina.core.ContainerBase.addChildInternal(ContainerBase.java:791)
at
org.apache.catalina.core.ContainerBase.addChild(ContainerBase.java:771)
at
org.apache.catalina.core.StandardHost.addChild(StandardHost.java:546)
at
org.apache.catalina.startup.HostConfig.deployWAR(HostConfig.java:905)
at
org.apache.catalina.startup.HostConfig.deployWARs(HostConfig.java:740)
at
org.apache.catalina.startup.HostConfig.deployApps(HostConfig.java:500)
at
org.apache.catalina.startup.HostConfig.start(HostConfig.java:1277)
at
org.apache.catalina.startup.HostConfig.lifecycleEvent(HostConfig.java:321)
at
org.apache.catalina.util.LifecycleSupport.fireLifecycleEvent(LifecycleSupport.java:119)
at
org.apache.catalina.core.ContainerBase.start(ContainerBase.java:1053)
at
org.apache.catalina.core.StandardHost.start(StandardHost.java:785)
at
org.apache.catalina.core.ContainerBase.start(ContainerBase.java:1045)
at
org.apache.catalina.core.StandardEngine.start(StandardEngine.java:445)
at
org.apache.catalina.core.StandardService.start(StandardService.java:519)
at
org.apache.catalina.core.StandardServer.start(StandardServer.java:710)
at org.apache.catalina.startup.Catalina.start(Catalina.java:581)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at
sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
at
sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
at java.lang.reflect.Method.invoke(Method.java:597)
at org.apache.catalina.startup.Bootstrap.start(Bootstrap.java:289)
at org.apache.catalina.startup.Bootstrap.main(Bootstrap.java:414)
Thanks and Regards,
Muralidhar Yaragalla,
Senior Software Specialist,
Patni Computer Systems Ltd,
B-45/B-46, SIPCOT IT Park,
Rajiv Gandhi Salai (IT Highway),
Siruseri,Chennai - 603 103.
Tel: 91 44 4744 4444 x 2224
Link Line: 9 613 4516
Mobile : 9791174806
________________________________
Information contained and transmitted by this e-mail is confidential and
proprietary to Patni Computer Systems Ltd and its affiliates (hitherto referred
as Patni Computers) and is intended for use only by the recipient. If you are
not the intended recipient , you are hereby notified that any dissemination,
distribution, copying or use of this e-mail is strictly prohibited and you are
requested to delete this e-mail immediately and notify the originator or
[email protected]. Patni Computers does not enter into any agreement with any
party by e-mail. Any views expressed by an individual do not necessarily
reflect the view of Patni Computers. Patni Computers is not responsible for the
consequences of any actions taken on the basis of information provided, through
this email. The contents of an attachment to this e-mail may contain software
viruses, which could damage your own computer system. While Patni Computers has
taken every reasonable precaution to minimise this risk, we cannot accept
liability for any damage which you sustain as a result of software viruses. You
should carry out your own virus checks before opening an attachment. To know
more about Patni Computers please visit www.patni.com.
