Hibernate Community • View topic - ExceptionUtil with Tomcat Security Manager

View unanswered posts | View active topics

Board index » Hibernate & Java Persistence » Hibernate Users

All times are UTC - 5 hours [ DST ]

ExceptionUtil with Tomcat Security Manager

Page 1 of 1

[ 2 posts ]

Previous topic | Next topic

Author

Message

andilist

Post subject: ExceptionUtil with Tomcat Security Manager

Posted: Mon Jan 26, 2009 2:08 pm

Newbie

Joined: Sun Nov 30, 2008 8:54 am
Posts: 4

Hello,
i have a problem with tomcat security manager.

First of all, hibernate works. But if i make a mistake, i cannot see the stacktrace of the exception. The class org/hibernate/exception/ExceptionUtils.class cannot be loaded because access is denied. I see the NoClassDefFoundError: org/hibernate/exception/ExceptionUtils Exception instead of the originally exception.

My application has read access to the directory. I think another component of tomcat or another library needs the right to read the class. But which one?

i even don't know, if the following FilePermission is correct for a class which is inside a jar file and not in the directory.

access: access denied (java.io.FilePermission /home/WWW/domain/webapps/portal/WEB-INF/classes/org/hibernate/exception/ExceptionUtils.class
read)

-----

Stacktrace:
java.lang.NoClassDefFoundError: org/hibernate/exception/ExceptionUtils
at org.hibernate.exception.NestableDelegate.printStackTrace(NestableDelegate.java:296)
at org.hibernate.exception.NestableRuntimeException.printStackTrace(NestableRuntimeException.java:166)
at java.util.logging.SimpleFormatter.format(SimpleFormatter.java:72)
at org.apache.juli.FileHandler.publish(FileHandler.java:128)
at java.util.logging.Logger.log(Logger.java:452)
at java.util.logging.Logger.doLog(Logger.java:474)
at java.util.logging.Logger.logp(Logger.java:674)
at org.apache.commons.logging.impl.Jdk14Logger.log(Jdk14Logger.java:93)
at org.apache.commons.logging.impl.Jdk14Logger.error(Jdk14Logger.java:127)
at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:253)
at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:178)
at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:126)
at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:105)
at org.apache.catalina.valves.AccessLogValve.invoke(AccessLogValve.java:541)
at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:107)
at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:148)
at org.apache.jk.server.JkCoyoteHandler.invoke(JkCoyoteHandler.java:199)
at org.apache.jk.common.HandlerRequest.invoke(HandlerRequest.java:282)
at org.apache.jk.common.ChannelSocket.invoke(ChannelSocket.java:767)
at org.apache.jk.common.ChannelSocket.processConnection(ChannelSocket.java:697)
at org.apache.jk.common.ChannelSocket$SocketConnection.runIt(ChannelSocket.java:889)
at org.apache.tomcat.util.threads.ThreadPool$ControlRunnable.run(ThreadPool.java:684)
at java.lang.Thread.run(Thread.java:595)

access: access denied (java.io.FilePermission /home/WWW/domain/webapps/portal/WEB-INF/classes/org/hibernate/exception/ExceptionUtils.class
read)
java.lang.Exception: Stack trace
at java.lang.Thread.dumpStack(Thread.java:1158)
at java.security.AccessControlContext.checkPermission(AccessControlContext.java:253)
at java.security.AccessController.checkPermission(AccessController.java:427)
at java.lang.SecurityManager.checkPermission(SecurityManager.java:532)
at java.lang.SecurityManager.checkRead(SecurityManager.java:871)
at java.io.File.exists(File.java:700)
at org.apache.naming.resources.FileDirContext.file(FileDirContext.java:827)
at org.apache.naming.resources.FileDirContext.lookup(FileDirContext.java:210)
at org.apache.naming.resources.ProxyDirContext.lookup(ProxyDirContext.java:293)
at org.apache.catalina.loader.WebappClassLoader.findResourceInternal(WebappClassLoader.java:1887)
at org.apache.catalina.loader.WebappClassLoader.findClassInternal(WebappClassLoader.java:1752)
at org.apache.catalina.loader.WebappClassLoader.findClass(WebappClassLoader.java:869)
at org.apache.catalina.loader.WebappClassLoader.loadClass(WebappClassLoader.java:1322)
at org.apache.catalina.loader.WebappClassLoader.loadClass(WebappClassLoader.java:1201)
at java.lang.ClassLoader.loadClassInternal(ClassLoader.java:319)
at org.hibernate.exception.NestableDelegate.printStackTrace(NestableDelegate.java:296)
at org.hibernate.exception.NestableRuntimeException.printStackTrace(NestableRuntimeException.java:166)
at java.util.logging.SimpleFormatter.format(SimpleFormatter.java:72)
at org.apache.juli.FileHandler.publish(FileHandler.java:128)
at java.util.logging.Logger.log(Logger.java:452)
at java.util.logging.Logger.doLog(Logger.java:474)
at java.util.logging.Logger.logp(Logger.java:674)
at org.apache.commons.logging.impl.Jdk14Logger.log(Jdk14Logger.java:93)
at org.apache.commons.logging.impl.Jdk14Logger.error(Jdk14Logger.java:127)
at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:253)
at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:178)
at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:126)
at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:105)
at org.apache.catalina.valves.AccessLogValve.invoke(AccessLogValve.java:541)
at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:107)
at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:148)
at org.apache.jk.server.JkCoyoteHandler.invoke(JkCoyoteHandler.java:199)
at org.apache.jk.common.HandlerRequest.invoke(HandlerRequest.java:282)
at org.apache.jk.common.ChannelSocket.invoke(ChannelSocket.java:767)
at org.apache.jk.common.ChannelSocket.processConnection(ChannelSocket.java:697)
at org.apache.jk.common.ChannelSocket$SocketConnection.runIt(ChannelSocket.java:889)
at org.apache.tomcat.util.threads.ThreadPool$ControlRunnable.run(ThreadPool.java:684)
at java.lang.Thread.run(Thread.java:595)

Thanks for your time,
Andi

Hibernate version: 3.3.1.GA

Top

wz2b

Post subject: ExceptionUtil and other Tomcat Security Manager problems

Posted: Mon Mar 16, 2009 5:49 pm

Newbie

Joined: Mon Mar 16, 2009 5:31 pm
Posts: 3

I am having tons of SecurityManager problems, too. My configuration is Hibernate 3 latest stable (core is 3.3.1.GA), Tomcat 6.0.18, Sun JDK 1.6.0_10-b33, on Ubuntu 8.10.

I get things like this:

Quote:

javax.servlet.ServletException: org/hibernate/exception/ExceptionUtils
org.apache.catalina.security.SecurityUtil.execute(SecurityUtil.java:294)
org.apache.catalina.security.SecurityUtil.doAsPrivilege(SecurityUtil.java:162)
org.apache.catalina.security.SecurityUtil.doAsPrivilege(SecurityUtil.java:115)
org.apache.catalina.authenticator.AuthenticatorBase.invoke(AuthenticatorBase.java:525)
org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:102)
org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:286)
org.apache.coyote.http11.Http11Processor.process(Http11Processor.java:845)
org.apache.coyote.http11.Http11Protocol$Http11ConnectionHandler.process(Http11Protocol.java:583)
org.apache.tomcat.util.net.JIoEndpoint$Worker.run(JIoEndpoint.java:447)
java.lang.Thread.run(Thread.java:619)

root cause:
java.lang.NoClassDefFoundError: org/hibernate/exception/ExceptionUtils
org.hibernate.exception.NestableDelegate.printStackTrace(NestableDelegate.java:325)
org.hibernate.exception.NestableRuntimeException.printStackTrace(NestableRuntimeException.java:195)
java.util.logging.SimpleFormatter.format(SimpleFormatter.java:72)
org.apache.juli.FileHandler.publish(FileHandler.java:129)
java.util.logging.Logger.log(Logger.java:472)
java.util.logging.Logger.doLog(Logger.java:494)
java.util.logging.Logger.logp(Logger.java:694)
org.apache.juli.logging.DirectJDKLog.log(DirectJDKLog.java:167)
org.apache.juli.logging.DirectJDKLog.warn(DirectJDKLog.java:127)
org.apache.naming.NamingContext.lookup(NamingContext.java:803)
org.apache.naming.NamingContext.lookup(NamingContext.java:140)
org.apache.naming.NamingContext.lookup(NamingContext.java:781)
org.apache.naming.NamingContext.lookup(NamingContext.java:140)
org.apache.naming.NamingContext.lookup(NamingContext.java:781)
org.apache.naming.NamingContext.lookup(NamingContext.java:140)
org.apache.naming.NamingContext.lookup(NamingContext.java:781)
org.apache.naming.NamingContext.lookup(NamingContext.java:153)
org.apache.naming.SelectorContext.lookup(SelectorContext.java:137)
...

Thus far I have been unable to get around them by setting appropriate tomcat policies ... even down to the point of setting java.security.AllPermissions.

When I started out, I had some pretty basic things to fix. By reading as much documentation as I could I figured out I needed:

Quote:

permission java.lang.RuntimePermission "getClassLoader";
permission java.lang.reflect.ReflectPermission "suppressAccessChecks";
permission java.lang.RuntimePermission "accessClassInPackage.org.apache.coyote";
permission java.lang.RuntimePermission "accessDeclaredMembers";
permission java.io.FilePermission "${catalina.base}/webapps/mywebapp/WEB-INF/hibernate.cfg.xml", "read";

I guess a more fundamental question is this ... what exactly is this ExceptionUtils trying to tell me? What it seems to really be doing is hiding from me the real cause. It's possibly I just don't know how to read the exception trace it's delivering. The funny part is that usually when tomcat gives up in a NoClassDefFoundError it's because the SecurityManager blocked something, and usually it's pretty explicit about telling me exactly what permission it needs. This time I have been unable to follow it.

Top

Page 1 of 1

[ 2 posts ]

Board index » Hibernate & Java Persistence » Hibernate Users

All times are UTC - 5 hours [ DST ]

You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum