Menu
▾
▴
Re: [Geoserver-users] GeoServer doesn't Start-up
|
From: Stefan S. <ss...@ge...> - 2016-05-27 13:53:27
|
Hi, just want to confirm that we found a new JDK version installed from auto update. Which brings us most likely closer to a solution. thanks, stefan On 5/26/16 23:16, Christian Mueller wrote: > Hi > > @Andrea, this is not a wild guess and could be the reason for this > problem. Concerning security, OpenJDK makes live easier because it is > unrestricted out of the box whilst Oralce JDK is not. > > Cheers > Christian > > On Thu, May 26, 2016 at 8:46 PM, Andrea Aime > <and...@ge... <mailto:and...@ge...>> > wrote: > > Hi, > I'm making a wild guess and I might be way off the mark, so sorry > in advance if it does not help but... > could it be that you once installed the unrestricted policy jars > for strong encryption, and then > a JDK upgrade happened, it wiped out those jars (they are in the > JDK itself), and now you cannot perform the same > type of encryption anymore? > > Cheers > Andrea > > On Thu, May 26, 2016 at 7:33 PM, Stefan Steiniger > <ss...@ge... <mailto:ss...@ge...>> wrote: > > Hi, > > thanks for the idea. I meant: deleting the default password > file as the instructions suggest. The problem seems also that > we would have to get GeoServer running at least once, but we > haven't achieved this. > Apart from that we did no new installation, everything is as > it was before. But it seems like the problem is related to a > security feature according to a new extended log output (see > below) - my colleague is looking into that now (as I am giving > a course all day). > > stefan > > =============== > /26 May 12:27:00 INFO [geoserver.wps] - Found 29 bindable > processes in Vector processes > 26 May 12:27:00 INFO [geoserver.wps] - Blacklisting process > geonode:BatchDownload as the input LAYERS of type class > org.geonode.process.batchdownload.LayerReference cannot be handled > 26 May 12:27:00 INFO [geoserver.wps] - Blacklisting process > geonode:BatchDownload as the input map of type class > org.geonode.process.batchdownload.MapMetadata cannot be handled > 26 May 12:27:00 INFO [geoserver.wps] - Blacklisting process > geonode:BatchDownload as the output ZippedFile of type > interface org.geonode.process.storage.Resource cannot be handled > 26 May 12:27:00 INFO [geoserver.wps] - Found 0 bindable > processes in Batch Downloader > 26 May 12:27:00 INFO [geoserver.wps] - Found 4 bindable > processes in GeoServer specific processes > 26 May 12:27:00 INFO [geoserver.wps] - Found 89 bindable > processes in Deprecated processes > May 26, 2016 12:27:00 PM > org.apache.catalina.core.StandardContext listenerStart > SEVERE: Exception sending context initialized event to > listener instance of class > org.geoserver.platform.GeoServerContextLoaderListener > org.springframework.beans.factory.BeanCreationException: Error > occured reading security configuration; nested exception is > java.lang.RuntimeException: > org.jasypt.exceptions.EncryptionOperationNotPossibleException > at > org.geoserver.security.GeoServerSecurityManager.onApplicationEvent(GeoServerSecurityManager.java:346) > at > org.springframework.context.event.SimpleApplicationEventMulticaster.multicastEvent(SimpleApplicationEventMulticaster.java:97) > at > org.springframework.context.support.AbstractApplicationContext.publishEvent(AbstractApplicationContext.java:327) > at > org.geoserver.platform.GeoServerContextLoaderListener.contextInitialized(GeoServerContextLoaderListener.java:25) > at > org.apache.catalina.core.StandardContext.listenerStart(StandardContext.java:4779) > at > org.apache.catalina.core.StandardContext.startInternal(StandardContext.java:5273) > at > org.apache.catalina.util.LifecycleBase.start(LifecycleBase.java:150) > at > org.apache.catalina.core.ContainerBase.addChildInternal(ContainerBase.java:895) > at > org.apache.catalina.core.ContainerBase.addChild(ContainerBase.java:871) > at > org.apache.catalina.core.StandardHost.addChild(StandardHost.java:615) > at > org.apache.catalina.startup.HostConfig.deployDescriptor(HostConfig.java:649) > at > org.apache.catalina.startup.HostConfig$DeployDescriptor.run(HostConfig.java:1581) > at > java.util.concurrent.Executors$RunnableAdapter.call(Executors.java:471) > at > java.util.concurrent.FutureTask$Sync.innerRun(FutureTask.java:334) > at java.util.concurrent.FutureTask.run(FutureTask.java:166) > at > java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1146) > at > java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:615) > at java.lang.Thread.run(Thread.java:701) > Caused by: java.lang.RuntimeException: > org.jasypt.exceptions.EncryptionOperationNotPossibleException > at > org.geoserver.security.GeoServerSecurityManager.getMasterPassword(GeoServerSecurityManager.java:1631) > at > org.geoserver.security.KeyStoreProviderImpl.assertActivatedKeyStore(KeyStoreProviderImpl.java:236) > at > org.geoserver.security.KeyStoreProviderImpl.reloadKeyStore(KeyStoreProviderImpl.java:103) > at > org.geoserver.security.concurrent.LockingKeyStoreProvider.reloadKeyStore(LockingKeyStoreProvider.java:79) > at > org.geoserver.security.GeoServerSecurityManager.init(GeoServerSecurityManager.java:429) > at > org.geoserver.security.GeoServerSecurityManager.init(GeoServerSecurityManager.java:420) > at > org.geoserver.security.GeoServerSecurityManager.onApplicationEvent(GeoServerSecurityManager.java:339) > ... 17 more > Caused by: > org.jasypt.exceptions.EncryptionOperationNotPossibleException > at > org.jasypt.encryption.pbe.StandardPBEByteEncryptor.decrypt(StandardPBEByteEncryptor.java:918) > at > org.geoserver.security.password.URLMasterPasswordProvider.decode(URLMasterPasswordProvider.java:130) > at > org.geoserver.security.password.URLMasterPasswordProvider.doGetMasterPassword(URLMasterPasswordProvider.java:76) > at > org.geoserver.security.MasterPasswordProvider.getMasterPassword(MasterPasswordProvider.java:34) > at > org.geoserver.security.GeoServerSecurityManager.getMasterPassword(GeoServerSecurityManager.java:1629) > ... 23 more > May 26, 2016 12:27:00 PM > org.apache.catalina.core.StandardContext startInternal > SEVERE: Error listenerStart > May 26, 2016 12:27:00 PM > org.apache.catalina.core.StandardContext startInternal > SEVERE: Context [/geoserver] startup failed due to previous errors > May 26, 2016 12:27:00 PM > org.apache.catalina.core.ApplicationContext log > INFO: Closing Spring root WebApplicationContext > 26 May 12:27:00 WARN [support.DisposableBeanAdapter] - > Invocation of destroy method failed on bean with name > 'printingWrapper': java.lang.NullPointerException > 26 May 12:27:00 INFO [georss.GeoRSSPoller] - destroy() invoked > 26 May 12:27:00 INFO [geowebcache.GeoWebCacheDispatcher] - > GeoWebCacheDispatcher.destroy() was invoked, shutting down. > 26 May 12:27:00 INFO [diskquota.DiskQuotaMonitor] - Disk quota > monitor shutting down... > 26 May 12:27:00 INFO [diskquota.DiskQuotaMonitor] - Shutting > down quota usage monitor... > 26 May 12:27:00 INFO [diskquota.QuotaUpdatesMonitor] - > Shutting down quota usage monitor... > 26 May 12:27:00 INFO [diskquota.DiskQuotaMonitor] - Shutting > down quota statistics gathering monitor... > 26 May 12:27:00 INFO [diskquota.QueuedQuotaUpdatesConsumer] - > Shutting down quota update background task due to > InterruptedException > 26 May 12:27:00 INFO [diskquota.QueuedUsageStatsConsumer] - > Shutting down quota update background task due to interrupted > exception > 26 May 12:27:00 INFO [seed.SeederThreadPoolExecutor] - > Initiating shut down for running and pending seed tasks... > 26 May 12:27:00 INFO [seed.SeederThreadPoolExecutor] - Seeder > thread pool executor shut down complete. > 26 May 12:27:00 INFO [storage.DefaultStorageBroker] - > Destroying StorageBroker > 26 May 12:27:00 WARN [support.DisposableBeanAdapter] - > Invocation of destroy method failed on bean with name > 'geoServerLoader': > org.springframework.beans.factory.BeanCreationNotAllowedException: > Error creating bean with name 'GWCLifeCycleHandler': Singleton > bean creation not allowed while the singletons of this factory > are in destruction (Do not request a bean from a BeanFactory > in a destroy method implementation!) > May 26, 2016 12:27:02 PM > org.apache.catalina.loader.WebappClassLoader > checkThreadLocalMapForLeaks > SEVERE: The web application [/geoserver] created a ThreadLocal > with key of type [java.lang.ThreadLocal] (value > [java.lang.ThreadLocal@4668c5ea]) and a value of type > [org.geotools.referencing.operation.projection.TransverseMercator.Provider] > (value [PROJECTION["Transverse_Mercator"]]) but failed to > remove it when the web application was stopped. Threads are > going to be renewed over time to try and avoid a probable > memory leak. > May 26, 2016 12:27:02 PM > org.apache.catalina.loader.WebappClassLoader > checkThreadLocalMapForLeaks > SEVERE: The web application [/geoserver] created a ThreadLocal > with key of type > [org.apache.commons.lang.builder.HashCodeBuilder$1] (value > [org.apache.commons.lang.builder.HashCodeBuilder$1@20b9f0d0]) > and a value of type [java.util.HashSet] (value [[]]) but > failed to remove it when the web application was stopped. > Threads are going to be renewed over time to try and avoid a > probable memory leak. > May 26, 2016 12:27:02 PM > org.apache.catalina.loader.WebappClassLoader > checkThreadLocalMapForLeaks > SEVERE: The web application [/geoserver] created a ThreadLocal > with key of type > [org.eclipse.emf.ecore.xml.type.util.XMLTypeUtil.CharArrayThreadLocal] > (value > [org.eclipse.emf.ecore.xml.type.util.XMLTypeUtil$CharArrayThreadLocal@53877bc7]) > and a value of type [char[]] (value [[C@63cf70a8]) but failed > to remove it when the web application was stopped. Threads are > going to be renewed over time to try and avoid a probable > memory leak. > May 26, 2016 12:27:02 PM > org.apache.catalina.loader.WebappClassLoader > checkThreadLocalMapForLeaks > SEVERE: The web application [/geoserver] created a ThreadLocal > with key of type [java.lang.ThreadLocal] (value > [java.lang.ThreadLocal@47ed58c9]) and a value of type > [org.geotools.referencing.wkt.Formatter] (value []) but failed > to remove it when the web application was stopped. Threads are > going to be renewed over time to try and avoid a probable > memory leak. > May 26, 2016 12:27:02 PM > org.apache.catalina.loader.WebappClassLoader > checkThreadLocalMapForLeaks > SEVERE: The web application [/geoserver] created a ThreadLocal > with key of type [java.lang.ThreadLocal] (value > [java.lang.ThreadLocal@2f601903]) and a value of type > [org.springframework.security.core.context.SecurityContextImpl] > (value > [org.springframework.security.core.context.SecurityContextImpl@ffffffff: > Null authentication]) but failed to remove it when the web > application was stopped. Threads are going to be renewed over > time to try and avoid a probable memory leak. > May 26, 2016 12:27:02 PM > org.apache.catalina.loader.WebappClassLoader > checkThreadLocalMapForLeaks > SEVERE: The web application [/geoserver] created a ThreadLocal > with key of type [org.eclipse.emf.ecore.impl.EClassImpl$1] > (value [org.eclipse.emf.ecore.impl.EClassImpl$1@4e0a2c41]) and > a value of type [java.util.HashSet] (value [[]]) but failed to > remove it when the web application was stopped. Threads are > going to be renewed over time to try and avoid a probable > memory leak. > May 26, 2016 12:27:02 PM > org.apache.catalina.startup.HostConfig deployDirectory > INFO: Deploying web application directory > /var/lib/tomcat7/webapps/ROOT > May 26, 2016 12:27:02 PM org.apache.coyote.AbstractProtocol start > INFO: Starting ProtocolHandler ["http-bio-8080"] > May 26, 2016 12:27:02 PM org.apache.catalina.startup.Catalina > start > INFO: Server startup in 20835 ms/ > > > On 05/26/2016 08:22 AM, Christian Mueller wrote: >> Hi >> >> What do you mean with deleting the admin password ? >> >> Obviously GeoServer cannot decode the password of your >> datastore. I assume you did a fresh installation and the >> GeoServer internal key material >> has changed. Different GeoServer installations use different >> key material. >> >> Solution: find the xml config file for your datastore. Search >> the XML element named "password". Replace the password with: >> >> plain:mypassword. >> >> After restarting, use the admin GUI, open the edit view of >> your datastore and save the config. This will encrypt the >> password using your new internal keys. >> >> Cheers >> Christian >> >> >> > > > ------------------------------------------------------------------------------ > Mobile security can be enabling, not merely restricting. > Employees who > bring their own devices (BYOD) to work are irked by the > imposition of MDM > restrictions. Mobile Device Manager Plus allows you to control > only the > apps on BYO-devices by containerizing them, leaving personal > data untouched! > https://ad.doubleclick.net/ddm/clk/304595813;131938128;j > _______________________________________________ > Geoserver-users mailing list > Geo...@li... > <mailto:Geo...@li...> > https://lists.sourceforge.net/lists/listinfo/geoserver-users > > > > > -- > == > GeoServer Professional Services from the experts! Visit > http://goo.gl/it488V for more information. > == > > Ing. Andrea Aime > @geowolf > Technical Lead > > GeoSolutions S.A.S. > Via di Montramito 3/A > 55054 Massarosa (LU) > phone: +39 0584 962313 <tel:%2B39%200584%20962313> > fax: +39 0584 1660272 <tel:%2B39%200584%201660272> > mob: +39 339 8844549 <tel:%2B39%20%C2%A0339%208844549> > > http://www.geo-solutions.it > http://twitter.com/geosolutions_it > > *AVVERTENZE AI SENSI DEL D.Lgs. 196/2003* > > Le informazioni contenute in questo messaggio di posta elettronica > e/o nel/i file/s allegato/i sono da considerarsi strettamente > riservate. Il loro utilizzo è consentito esclusivamente al > destinatario del messaggio, per le finalità indicate nel messaggio > stesso. Qualora riceviate questo messaggio senza esserne il > destinatario, Vi preghiamo cortesemente di darcene notizia via > e-mail e di procedere alla distruzione del messaggio stesso, > cancellandolo dal Vostro sistema. Conservare il messaggio stesso, > divulgarlo anche in parte, distribuirlo ad altri soggetti, > copiarlo, od utilizzarlo per finalità diverse, costituisce > comportamento contrario ai principi dettati dal D.Lgs. 196/2003. > > The information in this message and/or attachments, is intended > solely for the attention and use of the named addressee(s) and may > be confidential or proprietary in nature or covered by the > provisions of privacy act (Legislative Decree June, 30 2003, > no.196 - Italy's New Data Protection Code).Any use not in accord > with its purpose, any disclosure, reproduction, copying, > distribution, or either dissemination, either whole or partial, is > strictly forbidden except previous formal approval of the named > addressee(s). If you are not the intended recipient, please > contact immediately the sender by telephone, fax or e-mail and > delete the information in this message that has been received in > error. The sender does not give any warranty or accept liability > as the content, accuracy or completeness of sent messages and > accepts no responsibility for changes made after they were sent > or for other risks which arise as a result of e-mail transmission, > viruses, etc. > > > ------------------------------------------------------- > > ------------------------------------------------------------------------------ > Mobile security can be enabling, not merely restricting. Employees who > bring their own devices (BYOD) to work are irked by the imposition > of MDM > restrictions. Mobile Device Manager Plus allows you to control > only the > apps on BYO-devices by containerizing them, leaving personal data > untouched! > https://ad.doubleclick.net/ddm/clk/304595813;131938128;j > _______________________________________________ > Geoserver-users mailing list > Geo...@li... > <mailto:Geo...@li...> > https://lists.sourceforge.net/lists/listinfo/geoserver-users > > > > > -- > DI Christian Mueller MSc (GIS), MSc (IT-Security) > OSS Open Source Solutions GmbH > |
