I have implemented a web application in NetBeans using Tomcat 7. This application is working properly in localhost. I am trying to upload this application on a web hosting site and it seems to be uploaded properly. The problem is that at some point, it throws the following exception and i can't figure out what is the problem. I have read a few posts with the same problem but the problem still exists.
root cause
java.security.AccessControlException: access denied ("java.util.PropertyPermission" "ssl.TrustManagerFactory.algorithm" "read")
java.security.AccessControlContext.checkPermission(AccessControlContext.java:366)
java.security.AccessController.checkPermission(AccessController.java:555)
java.lang.SecurityManager.checkPermission(SecurityManager.java:549)
java.lang.SecurityManager.checkPropertyAccess(SecurityManager.java:1302)
java.lang.System.getProperty(System.java:706)
org.apache.http.conn.ssl.SSLSocketFactory.createSystemSSLContext(SSLSocketFactory.java:255)
org.apache.http.conn.ssl.SSLSocketFactory.createSystemSSLContext(SSLSocketFactory.java:366)
org.apache.http.conn.ssl.SSLSocketFactory.getSystemSocketFactory(SSLSocketFactory.java:204)
org.apache.http.impl.conn.SchemeRegistryFactory.createSystemDefault(SchemeRegistryFactory.java:82)
org.apache.http.impl.client.SystemDefaultHttpClient.createClientConnectionManager(SystemDefaultHttpClient.java:118)
org.apache.http.impl.client.AbstractHttpClient.getConnectionManager(AbstractHttpClient.java:466)
org.apache.http.impl.client.AbstractHttpClient.createHttpContext(AbstractHttpClient.java:286)
org.apache.http.impl.client.AbstractHttpClient.execute(AbstractHttpClient.java:851)
org.apache.http.impl.client.AbstractHttpClient.execute(AbstractHttpClient.java:805)
org.apache.http.impl.client.AbstractHttpClient.execute(AbstractHttpClient.java:784)
org.apache.jena.riot.web.HttpOp.execHttpGet(HttpOp.java:148)
org.apache.jena.riot.stream.LocatorURL.open(LocatorURL.java:47)
org.apache.jena.riot.stream.StreamManager.openNoMapOrNull(StreamManager.java:124)
org.apache.jena.riot.stream.StreamManager.open(StreamManager.java:81)
org.apache.jena.riot.RDFDataMgr.open(RDFDataMgr.java:725)
org.apache.jena.riot.RDFDataMgr.open(RDFDataMgr.java:714)
org.apache.jena.riot.RDFDataMgr.parse(RDFDataMgr.java:649)
org.apache.jena.riot.RDFDataMgr.read(RDFDataMgr.java:211)
org.apache.jena.riot.RDFDataMgr.read(RDFDataMgr.java:184)
org.apache.jena.riot.RDFDataMgr.read(RDFDataMgr.java:122)
org.apache.jena.riot.RDFDataMgr.read(RDFDataMgr.java:113)
org.apache.jena.riot.adapters.RDFReaderRIOT.read(RDFReaderRIOT.java:77)
com.hp.hpl.jena.rdf.model.impl.ModelCom.read(ModelCom.java:247)
com.hp.hpl.jena.util.FileManager.readModelWorker(FileManager.java:378)
com.hp.hpl.jena.util.FileManager.loadModelWorker(FileManager.java:309)
com.hp.hpl.jena.util.FileManager.loadModel(FileManager.java:261)
MyServlet.doPost(MyServlet.java:127)
javax.servlet.http.HttpServlet.service(HttpServlet.java:641)
javax.servlet.http.HttpServlet.service(HttpServlet.java:722)
sun.reflect.GeneratedMethodAccessor30.invoke(Unknown Source)
sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
java.lang.reflect.Method.invoke(Method.java:601)
org.apache.catalina.security.SecurityUtil$1.run(SecurityUtil.java:274)
org.apache.catalina.security.SecurityUtil$1.run(SecurityUtil.java:271)
java.security.AccessController.doPrivileged(Native Method)
javax.security.auth.Subject.doAsPrivileged(Subject.java:536)
org.apache.catalina.security.SecurityUtil.execute(SecurityUtil.java:306)
org.apache.catalina.security.SecurityUtil.doAsPrivilege(SecurityUtil.java:166)
Just to mention that in the line of my class that is shown in the stack trace (MyServlet.doPost(MyServlet.java:127)) there is just a url to a page.
Any ideas would be appreciate!
The Tomcat server you are uploading to is running under a security manager which is not allowing Tomcat to read the ssl.TrustManagerFactory.algorithm system property. You need to request your hosting provider to adjust the security policy to allow Tomcat to read this property.
Related
I'm having an issue connecting to SQL Server 2008R2 using SSL.
jtds driver 1.2.8
jre 1.6.45
sql server 10.50.2500
Connecting in plain text mode works fine:
jdbc:jtds:sqlserver://server01:40033;databaseName=OperationsManagerDW
However connecting in encrypted mode with ssl require property fails:
jdbc:jtds:sqlserver://server01:40033;databaseName=OperationsManagerDW;ssl=require
Notice ssl=require property in JDBC url above.
Applying -Djsse.enableCBCProtection=false setting has no effect.
ava.sql.SQLException: Network error IOException: java.lang.ArrayIndexOutOfBoundsException
at net.sourceforge.jtds.jdbc.ConnectionJDBC2.<init>(ConnectionJDBC2.java:355)
at net.sourceforge.jtds.jdbc.ConnectionJDBC3.<init>(ConnectionJDBC3.java:50)
at net.sourceforge.jtds.jdbc.Driver.connect(Driver.java:178)
at java.sql.DriverManager.getConnection(DriverManager.java:582)
at java.sql.DriverManager.getConnection(DriverManager.java:154)
at SCOMDbConnect.openConnection(SCOMDbConnect.java:347)
at SCOMDbConnect.main(SCOMDbConnect.java:45)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
at java.lang.reflect.Method.invoke(Method.java:597)
at com.intellij.rt.execution.application.AppMain.main(AppMain.java:120)
Caused by: javax.net.ssl.SSLException: java.lang.ArrayIndexOutOfBoundsException
at com.sun.net.ssl.internal.ssl.Alerts.getSSLException(Alerts.java:190)
at com.sun.net.ssl.internal.ssl.SSLSocketImpl.fatal(SSLSocketImpl.java:1747)
at com.sun.net.ssl.internal.ssl.SSLSocketImpl.fatal(SSLSocketImpl.java:1708)
at com.sun.net.ssl.internal.ssl.SSLSocketImpl.handleException(SSLSocketImpl.java:1691)
at com.sun.net.ssl.internal.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:1222)
at com.sun.net.ssl.internal.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:1199)
at net.sourceforge.jtds.ssl.SocketFactories$TdsTlsSocketFactory.createSocket(SocketFactories.java:102)
at net.sourceforge.jtds.jdbc.SharedSocket.enableEncryption(SharedSocket.java:245)
at net.sourceforge.jtds.jdbc.TdsCore.negotiateSSL(TdsCore.java:509)
at net.sourceforge.jtds.jdbc.ConnectionJDBC2.<init>(ConnectionJDBC2.java:318)
... 11 more
Caused by: java.lang.ArrayIndexOutOfBoundsException
at java.net.SocketInputStream.read(SocketInputStream.java:121)
at net.sourceforge.jtds.ssl.TdsTlsInputStream.primeBuffer(TdsTlsInputStream.java:109)
at net.sourceforge.jtds.ssl.TdsTlsInputStream.read(TdsTlsInputStream.java:78)
at com.sun.net.ssl.internal.ssl.InputRecord.readFully(InputRecord.java:422)
at com.sun.net.ssl.internal.ssl.InputRecord.read(InputRecord.java:460)
at com.sun.net.ssl.internal.ssl.SSLSocketImpl.readRecord(SSLSocketImpl.java:863)
at com.sun.net.ssl.internal.ssl.SSLSocketImpl.performInitialHandshake(SSLSocketImpl.java:1188)
at com.sun.net.ssl.internal.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:1215)
... 16 more
Has anyone similar problems and was able to fix it? I'm thinking of patching SQL server as outlined here https://support.microsoft.com/en-us/kb/2653857/ but it's not clear it would help me.
UPDATE 1: jre 1.6.27 works ok in SSL mode.
Downgrading to jre 1.6.27 up patching JRE solved the issue.
When I tried to log in AIX server, through a java code/application, I am getting the below exception,
INFO: J2SSH:KEY_EXCHANGE_FAILURE
com.maverick.ssh.SshException: EOF received from remote side [Unknown cause]
at com.maverick.ssh2.TransportProtocol.b(Unknown Source)
at com.maverick.ssh2.TransportProtocol.j(Unknown Source)
at com.maverick.ssh2.TransportProtocol.nextMessage(Unknown Source)
at com.maverick.ssh.components.jce.DiffieHellmanGroup1Sha1.performClientExchange(Unknown Source)
at com.maverick.ssh2.TransportProtocol.e(Unknown Source)
at com.maverick.ssh2.TransportProtocol.processMessage(Unknown Source)
at com.maverick.ssh2.TransportProtocol.startTransportProtocol(Unknown Source)
at com.maverick.ssh2.Ssh2Client.connect(Unknown Source)
at com.maverick.ssh.SshConnector.connect(Unknown Source)
at com.maverick.ssh.SshConnector.connect(Unknown Source)
Server details :
Server type : AIX
Mode of connection : SSH
Authentication : password based authentication. Not key based.
I surfed in internet, but not able get clear answer for this issue. Please some one help me. Thanks in advance.
The java code in question is using the J2SSH Maverick API from SSHTOOLS Limited and is throwing the exception during key exchange. This specific error means the remote server disconnected whilst key exchange was being performed.
There are many potential reasons for this. It's likely that the server did not like something in the key exchange messages and disconnected or even seg-faulted. The resolution would be to ensure your using the latest version of the API above and if it continues to be a problem contact the company for support.
I have a small Swing monitoring app that I want to run in the Tomcat 6 JVM. The app is started by dynamically loading the monitoring class from a webservice running under Tomcat. This works in Windows but on Linux (Ubuntu 10.4) I'm getting some errors.
My first error was that I was getting a HeadlessException. I'm not explicitly using headless mode and after searching around I changed Tomcat's library path (via -Djava.library.path in catalina.sh) to point to the client lib (ie. .../java-6-sun-1.6.0.26/jre/lib/i386/client) instead of the server lib. I also set DISPLAY=:0:0 in catalina.sh. This got rid of the headless exception but now I get:
java.lang.InternalError: Can't connect to X11 window server using ':0:0' as the value of the DISPLAY variable.
sun.awt.X11GraphicsEnvironment.initDisplay(Native Method)
sun.awt.X11GraphicsEnvironment.access$100(X11GraphicsEnvironment.java:52)
sun.awt.X11GraphicsEnvironment$1.run(X11GraphicsEnvironment.java:155)
java.security.AccessController.doPrivileged(Native Method)
sun.awt.X11GraphicsEnvironment.<clinit>(X11GraphicsEnvironment.java:131)
java.lang.Class.forName0(Native Method)
java.lang.Class.forName(Class.java:169)
java.awt.GraphicsEnvironment.getLocalGraphicsEnvironment(GraphicsEnvironment.java:68)
java.awt.Window.init(Window.java:380)
java.awt.Window.<init>(Window.java:433)
java.awt.Frame.<init>(Frame.java:403)
java.awt.Frame.<init>(Frame.java:368)
javax.swing.JFrame.<init>(JFrame.java:158)
com.quinsoft.zeidon.objectbrowser.ObjectBrowser.startup(ObjectBrowser.java:60)
At this point I'm stuck. I've tried a bunch of different things (like explicitly setting "headless=false" and using different values for DISPLAY) and nothing changes. Does anybody have any ideas?
Version info:
Tomcat 6.0.28
Java 1.6
Ubuntu 10.4
Try setting '-Djava.awt.headless=true' if you have not already tried it.
hibernate 3.6.8 final
c3p0 jar that came with hibernate 3.6.8 package -> c3p0-0.9.1.jar
1
15
40
0
5
2
The app seems to be working fine, however I get massive log calls with the following stacktrace:
org.apache.catalina.loader.WebappClassLoader loadClass
INFO: Illegal access: this web application instance has been stopped already. Could not load com.mysql.jdbc.exceptions.jdbc4.MySQLNonTransientConnectionException. The eventual following stack trace is caused by an error thrown for debugging purposes as well as to attempt to terminate the thread which caused the illegal access, and has no functional impact.
java.lang.IllegalStateException
at org.apache.catalina.loader.WebappClassLoader.loadClass(WebappClassLoader.java:1566)
at org.apache.catalina.loader.WebappClassLoader.loadClass(WebappClassLoader.java:1526)
at java.lang.Class.forName0(Native Method)
at java.lang.Class.forName(Class.java:169)
at com.mysql.jdbc.Util.getInstance(Util.java:386)
at com.mysql.jdbc.SQLError.createSQLException(SQLError.java:1013)
at com.mysql.jdbc.SQLError.createSQLException(SQLError.java:987)
at com.mysql.jdbc.SQLError.createSQLException(SQLError.java:982)
at com.mysql.jdbc.SQLError.createSQLException(SQLError.java:927)
at com.mysql.jdbc.ConnectionImpl.connectOneTryOnly(ConnectionImpl.java:2411)
at com.mysql.jdbc.ConnectionImpl.createNewIO(ConnectionImpl.java:2153)
at com.mysql.jdbc.ConnectionImpl.<init>(ConnectionImpl.java:792)
at com.mysql.jdbc.JDBC4Connection.<init>(JDBC4Connection.java:47)
at sun.reflect.GeneratedConstructorAccessor38.newInstance(Unknown Source)
at sun.reflect.DelegatingConstructorAccessorImpl.newInstance(DelegatingConstructorAccessorImpl.java:27)
at java.lang.reflect.Constructor.newInstance(Constructor.java:513)
at com.mysql.jdbc.Util.handleNewInstance(Util.java:411)
at com.mysql.jdbc.ConnectionImpl.getInstance(ConnectionImpl.java:381)
at com.mysql.jdbc.NonRegisteringDriver.connect(NonRegisteringDriver.java:305)
at com.mchange.v2.c3p0.DriverManagerDataSource.getConnection(DriverManagerDataSource.java:134)
at com.mchange.v2.c3p0.WrapperConnectionPoolDataSource.getPooledConnection(WrapperConnectionPoolDataSource.java:182)
at com.mchange.v2.c3p0.WrapperConnectionPoolDataSource.getPooledConnection(WrapperConnectionPoolDataSource.java:171)
at com.mchange.v2.c3p0.impl.C3P0PooledConnectionPool$1PooledConnectionResourcePoolManager.acquireResource(C3P0PooledConnectionPool.java:152)
at com.mchange.v2.resourcepool.BasicResourcePool.doAcquire(BasicResourcePool.java:1074)
at com.mchange.v2.resourcepool.BasicResourcePool.doAcquireAndDecrementPendingAcquiresWithinLockOnSuccess(BasicResourcePool.java:1061)
at com.mchange.v2.resourcepool.BasicResourcePool.access$800(BasicResourcePool.java:32)
at com.mchange.v2.resourcepool.BasicResourcePool$ScatteredAcquireTask.run(BasicResourcePool.java:1796)
at com.mchange.v2.async.ThreadPoolAsynchronousRunner$PoolThread.run(ThreadPoolAsynchronousRunner.java:620)
Any information on how to remove that INFO log would be very much helpful thanks!
UPDATE: Is this a critical error? Or can should I just ignore it?
After a search on the web regarding this issue, I found some similar issues reported by several people. All of them point to a common problem: Threads. Basically, if you start new threads in your application (either in your code or by using a third party tool like Quartz, you have to make sure that all of the threads are stopped appropriately when the application is undeployed from the server. Here are some quotes from the searches:
Mikolaj Rydzewski wrote:
It looks like after webapp's instance has been undeployed, background quartz thread wants to do something and then exception occurs.
Another (and better explanation) on jspwiki.org:
It is possible that this is caused by Tomcat unsuccessfully reloading the web application. The app is unloaded, but all threads don't get shut down properly. As a result, when the threads try to run, they get clobbered by the fact that Tomcat has shut down its classloader, and an error is logged.
So, in order to solve this issue you have to make sure all threads started by your application will be stopped at application undeployment (or redeployment, it's the same). You can do this by registering a ServletContextListener to your application server and stopping your threads inside contextDestroyed(ServletContextEvent) method.
If you are using log4j, change your logging settings to something like this (the word ERROR replace INFO) :
log4j.rootLogger=ERROR, file, stdout
log4j.logger.org.hibernate=ERROR
They are located in the the log4j.properties file in yr project.
OK I switched to boneCP, c3p0 does not really seem to work for java6!!!
I'm not that new to Java. I've done plenty of stuff with it before. But I'm migrating from PHP to Java Servlet/JSP (which I am new to) and I can't figure out this error to save my life. I installed Tomcat6 using Ubuntu 9.04's Synaptic Package Manager and it works like a charm. But when I put struts in my WEB-INF/lib directory and try to make a struts app, I get the below in the log file.
I used the struts-blank.war to start the project, so the web.xml is the same as provided in struts 2.1.8.1.
It appears that there is some issue with reading the struts-default.xml file.
Thanks in advance
SEVERE: Exception starting filter struts2
Unable to load configuration. - Class: java.security.AccessControlContext
File: AccessControlContext.java
Method: checkPermission
Line: 342 - java/security/AccessControlContext.java:342:-1
at org.apache.struts2.dispatcher.Dispatcher.init(Dispatcher.java:431)
at org.apache.struts2.dispatcher.ng.InitOperations.initDispatcher(InitOperations.java:69)
at org.apache.struts2.dispatcher.ng.filter.StrutsPrepareAndExecuteFilter.init(StrutsPrepareAndExecuteFilter.java:51)
at org.apache.catalina.core.ApplicationFilterConfig.getFilter(ApplicationFilterConfig.java:275)
at org.apache.catalina.core.ApplicationFilterConfig.setFilterDef(ApplicationFilterConfig.java:397)
at org.apache.catalina.core.ApplicationFilterConfig.(ApplicationFilterConfig.java:108)
at org.apache.catalina.core.StandardContext.filterStart(StandardContext.java:3709)
at org.apache.catalina.core.StandardContext.start(StandardContext.java:4359)
at org.apache.catalina.core.ContainerBase.addChildInternal(ContainerBase.java:791)
at org.apache.catalina.core.ContainerBase.access$000(ContainerBase.java:123)
at org.apache.catalina.core.ContainerBase$PrivilegedAddChild.run(ContainerBase.java:145)
at java.security.AccessController.doPrivileged(Native Method)
at org.apache.catalina.core.ContainerBase.addChild(ContainerBase.java:769)
at org.apache.catalina.core.StandardHost.addChild(StandardHost.java:525)
at org.apache.catalina.startup.HostConfig.deployDirectory(HostConfig.java:926)
at org.apache.catalina.startup.HostConfig.deployDirectories(HostConfig.java:889)
at org.apache.catalina.startup.HostConfig.deployApps(HostConfig.java:492)
at org.apache.catalina.startup.HostConfig.start(HostConfig.java:1149)
at org.apache.catalina.startup.HostConfig.lifecycleEvent(HostConfig.java:311)
at org.apache.catalina.util.LifecycleSupport.fireLifecycleEvent(LifecycleSupport.java:117)
at org.apache.catalina.core.ContainerBase.start(ContainerBase.java:1053)
at org.apache.catalina.core.StandardHost.start(StandardHost.java:719)
at org.apache.catalina.core.ContainerBase.start(ContainerBase.java:1045)
at org.apache.catalina.core.StandardEngine.start(StandardEngine.java:443)
at org.apache.catalina.core.StandardService.start(StandardService.java:516)
at org.apache.catalina.core.StandardServer.start(StandardServer.java:710)
at org.apache.catalina.startup.Catalina.start(Catalina.java:578)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:57)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
at java.lang.reflect.Method.invoke(Method.java:616)
at org.apache.catalina.startup.Bootstrap.start(Bootstrap.java:288)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:57)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
at java.lang.reflect.Method.invoke(Method.java:616)
at org.apache.commons.daemon.support.DaemonLoader.start(DaemonLoader.java:177)
Caused by: Unable to load configuration. - Class: java.security.AccessControlContext
File: AccessControlContext.java
Method: checkPermission
Line: 342 - java/security/AccessControlContext.java:342:-1
at com.opensymphony.xwork2.config.ConfigurationManager.getConfiguration(ConfigurationManager.java:58)
at org.apache.struts2.dispatcher.Dispatcher.init_PreloadConfiguration(Dispatcher.java:374)
at org.apache.struts2.dispatcher.Dispatcher.init(Dispatcher.java:418)
... 36 more
Caused by: Caught exception while loading file struts-default.xml - Class: java.security.AccessControlContext
File: AccessControlContext.java
Method: checkPermission
Line: 342 - java/security/AccessControlContext.java:342:-1
at com.opensymphony.xwork2.config.providers.XmlConfigurationProvider.loadConfigurationFiles(XmlConfigurationProvider.java:902)
at com.opensymphony.xwork2.config.providers.XmlConfigurationProvider.loadDocuments(XmlConfigurationProvider.java:143)
at com.opensymphony.xwork2.config.providers.XmlConfigurationProvider.init(XmlConfigurationProvider.java:110)
at com.opensymphony.xwork2.config.impl.DefaultConfiguration.reloadContainer(DefaultConfiguration.java:168)
at com.opensymphony.xwork2.config.ConfigurationManager.getConfiguration(ConfigurationManager.java:55)
... 38 more
Caused by: java.security.AccessControlException: access denied (java.util.PropertyPermission xwork.saxParserFactory read)
at java.security.AccessControlContext.checkPermission(AccessControlContext.java:342)
at java.security.AccessController.checkPermission(AccessController.java:553)
at java.lang.SecurityManager.checkPermission(SecurityManager.java:549)
at java.lang.SecurityManager.checkPropertyAccess(SecurityManager.java:1302)
at java.lang.System.getProperty(System.java:669)
at com.opensymphony.xwork2.util.DomHelper.parse(DomHelper.java:78)
at com.opensymphony.xwork2.config.providers.XmlConfigurationProvider.loadConfigurationFiles(XmlConfigurationProvider.java:893)
... 42 more
I had a brain storm and figured this out myself. Although I don't think this is the most secure solution, but it works for my purposes and I'm not that concerned because it's a local dev server that only listens on the loopback interface (127.0.0.1).
Anyway, the solution is to add this to the bottom of /etc/tomcat6/policy.d/50local.policy
grant codeBase "file:${catalina.base}/webapps/-" {
permission java.security.AllPermission;
};