#6 Add XML config

closed
nobody
5
2005-03-25
2005-03-24
zam6ak
No

Hi

I am using Sun's AppServer that uses security policies.
By its default configuration, all .properties files
will not be loaded unless a rule is set up in
server.policy file.

Right now I can either disable security manager or add
a rule.
Very inconvenient...

Would you please consider adding XML configuration...

Here is a proof exception (look at "Caused by" clause
half way down):
-------------------------------------------------
[#|2005-03-24T10:24:43.309-0500|SEVERE|sun-appserver-pe8.1_01|javax.enterprise.system.container.web|_ThreadID=25;|WebModule[/ecards]Exception
sending context initialized event to l
istener instance of class
org.nemours.webapp.ecard.listener.ApplicationManager
java.lang.ExceptionInInitializerError
at
com.mchange.v2.c3p0.DataSources.<clinit>(DataSources.java:56)
at
org.nemours.webapp.ecard.listener.ApplicationManager.setupDBPool(ApplicationManager.java:82)
at
org.nemours.webapp.ecard.listener.ApplicationManager.contextInitialized(ApplicationManager.java:46)
at
org.apache.catalina.core.StandardContext.listenerStart(StandardContext.java:4010)
at
org.apache.catalina.core.StandardContext.start(StandardContext.java:4522)
at
com.sun.enterprise.web.WebModule.start(WebModule.java:241)
at
org.apache.catalina.core.ContainerBase.addChildInternal(ContainerBase.java:827)
at
org.apache.catalina.core.ContainerBase.access$000(ContainerBase.java:125)
at
org.apache.catalina.core.ContainerBase$PrivilegedAddChild.run(ContainerBase.java:147)
at
java.security.AccessController.doPrivileged(Native Method)
at
org.apache.catalina.core.ContainerBase.addChild(ContainerBase.java:809)
at
org.apache.catalina.core.StandardHost.addChild(StandardHost.java:632)
at
com.sun.enterprise.web.WebContainer.loadWebModule(WebContainer.java:1279)
at
com.sun.enterprise.web.WebContainer.loadWebModule(WebContainer.java:1006)
at
com.sun.enterprise.server.WebModuleDeployEventListener.moduleDeployed(WebModuleDeployEventListener.java:160)
at
com.sun.enterprise.server.WebModuleDeployEventListener.moduleDeployed(WebModuleDeployEventListener.java:238)
at
com.sun.enterprise.admin.event.AdminEventMulticaster.invokeModuleDeployEventListener(AdminEventMulticaster.java:918)
at
com.sun.enterprise.admin.event.AdminEventMulticaster.handleModuleDeployEvent(AdminEventMulticaster.java:905)
at
com.sun.enterprise.admin.event.AdminEventMulticaster.processEvent(AdminEventMulticaster.java:427)
at
com.sun.enterprise.admin.event.AdminEventMulticaster.multicastEvent(AdminEventMulticaster.java:139)
at
com.sun.enterprise.admin.server.core.DeploymentNotificationHelper.multicastEvent(DeploymentNotificationHelper.java:288)
at
com.sun.enterprise.deployment.phasing.DeploymentServiceUtils.multicastEvent(DeploymentServiceUtils.java:155)
at
com.sun.enterprise.deployment.phasing.ServerDeploymentTarget.sendStartEvent(ServerDeploymentTarget.java:258)
at
com.sun.enterprise.deployment.phasing.StartPhase.runPhase(StartPhase.java:87)
at
com.sun.enterprise.deployment.phasing.DeploymentPhase.executePhase(DeploymentPhase.java:71)
at
com.sun.enterprise.deployment.phasing.PEDeploymentService.executePhases(PEDeploymentService.java:633)
at
com.sun.enterprise.deployment.phasing.PEDeploymentService.start(PEDeploymentService.java:361)
at
com.sun.enterprise.deployment.phasing.PEDeploymentService.start(PEDeploymentService.java:396)
at
com.sun.enterprise.admin.mbeans.ApplicationsConfigMBean.start(ApplicationsConfigMBean.java:702)
at
sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at
sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
at
sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
at java.lang.reflect.Method.invoke(Method.java:585)
at
com.sun.enterprise.admin.MBeanHelper.invokeOperationInBean(MBeanHelper.java:302)
at
com.sun.enterprise.admin.config.BaseConfigMBean.invoke(BaseConfigMBean.java:357)
at
com.sun.jmx.mbeanserver.DynamicMetaDataImpl.invoke(DynamicMetaDataImpl.java:213)
at
com.sun.jmx.mbeanserver.MetaDataImpl.invoke(MetaDataImpl.java:220)
at
com.sun.jmx.interceptor.DefaultMBeanServerInterceptor.invoke(DefaultMBeanServerInterceptor.java:815)
at
com.sun.jmx.mbeanserver.JmxMBeanServer.invoke(JmxMBeanServer.java:784)
at
sun.reflect.GeneratedMethodAccessor23.invoke(Unknown
Source)
at
sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
at java.lang.reflect.Method.invoke(Method.java:585)
at
com.sun.enterprise.admin.util.proxy.ProxyClass.invoke(ProxyClass.java:54)
at $Proxy1.invoke(Unknown Source)
at
com.sun.enterprise.admin.server.core.jmx.SunoneInterceptor.invoke(SunoneInterceptor.java:272)
at
com.sun.enterprise.admin.jmx.remote.server.callers.InvokeCaller.call(InvokeCaller.java:38)
at
com.sun.enterprise.admin.jmx.remote.server.MBeanServerRequestHandler.handle(MBeanServerRequestHandler.java:92)
at
com.sun.enterprise.admin.jmx.remote.server.servlet.RemoteJmxConnectorServlet.processRequest(RemoteJmxConnectorServlet.java:69)
at
com.sun.enterprise.admin.jmx.remote.server.servlet.RemoteJmxConnectorServlet.doPost(RemoteJmxConnectorServlet.java:94)
at
javax.servlet.http.HttpServlet.service(HttpServlet.java:767)
at
javax.servlet.http.HttpServlet.service(HttpServlet.java:860)
at
sun.reflect.GeneratedMethodAccessor79.invoke(Unknown
Source)
at
sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
at java.lang.reflect.Method.invoke(Method.java:585)
at
org.apache.catalina.security.SecurityUtil$1.run(SecurityUtil.java:249)
at
java.security.AccessController.doPrivileged(Native Method)
at
javax.security.auth.Subject.doAsPrivileged(Subject.java:517)
at
org.apache.catalina.security.SecurityUtil.execute(SecurityUtil.java:282)
at
org.apache.catalina.security.SecurityUtil.doAsPrivilege(SecurityUtil.java:165)
at
org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:257)
at
org.apache.catalina.core.ApplicationFilterChain.access$000(ApplicationFilterChain.java:55)
at
org.apache.catalina.core.ApplicationFilterChain$1.run(ApplicationFilterChain.java:161)
at
java.security.AccessController.doPrivileged(Native Method)
at
org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:157)
at
org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:263)
at
org.apache.catalina.core.StandardPipeline.invoke(StandardPipeline.java:551)
at
org.apache.catalina.core.StandardContextValve.invokeInternal(StandardContextValve.java:225)
at
org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:173)
at
org.apache.catalina.core.StandardPipeline.invoke(StandardPipeline.java:551)
at
org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:161)
at
org.apache.catalina.core.StandardPipeline.invoke(StandardPipeline.java:551)
at
org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:132)
at
org.apache.catalina.core.StandardPipeline.invoke(StandardPipeline.java:551)
at
org.apache.catalina.core.ContainerBase.invoke(ContainerBase.java:933)
at
org.apache.coyote.tomcat5.CoyoteAdapter.service(CoyoteAdapter.java:184)
at
com.sun.enterprise.web.connector.grizzly.ProcessorTask.process(ProcessorTask.java:653)
at
com.sun.enterprise.web.connector.grizzly.ProcessorTask.process(ProcessorTask.java:534)
at
com.sun.enterprise.web.connector.grizzly.ProcessorTask.doTask(ProcessorTask.java:403)
at
com.sun.enterprise.web.connector.grizzly.WorkerThread.run(WorkerThread.java:55)
Caused by: java.security.AccessControlException: access
denied (java.util.PropertyPermission * read,write)
at
java.security.AccessControlContext.checkPermission(AccessControlContext.java:264)
at
java.security.AccessController.checkPermission(AccessController.java:427)
at
java.lang.SecurityManager.checkPermission(SecurityManager.java:532)
at
java.lang.SecurityManager.checkPropertiesAccess(SecurityManager.java:1252)
at java.lang.System.getProperties(System.java:560)
at
com.mchange.v2.cfg.BasicMultiPropertiesConfig.findProps(BasicMultiPropertiesConfig.java:119)
at
com.mchange.v2.cfg.BasicMultiPropertiesConfig.extractPrefixMapFromRsrcPathMap(BasicMultiPropertiesConfig.java:155)
at
com.mchange.v2.cfg.BasicMultiPropertiesConfig.<init>(BasicMultiPropertiesConfig.java:99)
at
com.mchange.v2.cfg.BasicMultiPropertiesConfig.<init>(BasicMultiPropertiesConfig.java:39)
at
com.mchange.v2.cfg.MultiPropertiesConfig.read(MultiPropertiesConfig.java:64)
at
com.mchange.v2.cfg.MultiPropertiesConfig.readVmConfig(MultiPropertiesConfig.java:73)
at com.mchange.v2.log.MLog.<clinit>(MLog.java:44)
... 79 more
|#]
-------------------------------------------------

Discussion

  • Steve Waldman
    Steve Waldman
    2005-03-25

    Logged In: YES
    user_id=175530

    Hi.

    The problem, I'm pretty sure, is not that c3p0 uses
    .properties files for its config, but that c3p0 also checks
    out System properties for configuration information,
    sometimes calling the unrestricted System.getProperties()
    method.

    I've now wrapped these calls in try / catch blocks that
    catch and log the SecurityExceptions, and ignore System
    properties if access to them is forbidden. c3p0.properties
    configuration should work fine in security-controlled apps,
    but you won't be able to configure c3p0 using "java
    -Dc3p0.xxxx=yyy ..." Since most users use c3p0.properties
    for configuration, I don't think this will be a major
    problem. In the future, I may be able to work around the
    restriction by having ask only for c3p0-specific System
    properties, rather than calling the unrestricted
    System.getProperties() method.

    Re: XML config -- this is really a separate issue. c3p0 may
    eventually offer an XML config option, primarily to support
    different pool configs for different user-authentifications
    -- but that's in the future. For now the changes above
    should resolve your issue.

    smiles,
    Steve

     
  • Steve Waldman
    Steve Waldman
    2005-03-25

    • status: open --> closed