Issue Details (XML | Word | Printable)

Key: SFOS-1154
Type: Bug Bug
Status: Resolved Resolved
Resolution: Duplicate
Priority: Critical Critical
Assignee: Steve Loughran
Reporter: Steve Loughran
Votes: 0
Watchers: 0
Operations

If you were logged in you would be able to see more operations.
SmartFrog

security exception in management console

Created: 20/Mar/09 10:02 PM (GMT)   Updated: 06/May/09 05:05 PM (BST)
Return to search
Component/s: .sfCore
Affects Version/s: None
Fix Version/s: 3.17.010

Time Tracking:
Not Specified

Environment: RPM installation on centos vm, java 1.6b11
Issue Links:
Depends
 
caused
 

Compatibility: unknown


 Description  « Hide
-need to check what security manager is running, Also, these loggings should include traces

2009/03/20 19:54:53:531 GMT [ERROR][main] sfManagementConsole - java.lang.SecurityException: attempt to add a Permission to a readonly Permissions object <java.lang.SecurityException: attempt to add a Permission to a readonly Permissions object>
        
2009/03/20 19:54:53:534 GMT [ERROR][main] sfManagementConsole - java.rmi.UnmarshalException: Error unmarshaling return header; nested exception is:
        java.io.EOFException <java.rmi.UnmarshalException: Error unmarshaling return header; nested exception is:
        java.io.EOFException>
        
Running.
2009/03/20 19:54:56:059 GMT [ERROR][AWT-EventQueue-0] sfManagementConsole - Error DeployEntry.getEntryTags()java.rmi.UnmarshalException: Error unmarshaling return header; nested exception is:
        java.io.EOFException <java.rmi.UnmarshalException: Error unmarshaling return header; nested exception is:
        java.io.EOFException>
        
2009/03/20 19:54:56:067 GMT [ERROR][AWT-EventQueue-0] sfManagementConsole - Error DeployEntry.getEntryTags()java.rmi.UnmarshalException: Error unmarshaling return header; nested exception is:
        java.io.EOFException <java.rmi.UnmarshalException: Error unmarshaling return header; nested exception is:
        java.io.EOFException>
        
2009/03/20 19:54:56:083 GMT [ERROR][AWT-EventQueue-0] sfManagementConsole - java.lang.SecurityException: attempt to add a Permission to a readonly Permissions object <java.lang.SecurityException: attempt to add a Permission to a readonly Permissions object>
        
2009/03/20 19:54:56:126 GMT [ERROR][AWT-EventQueue-0] sfManagementConsole - java.lang.SecurityException: attempt to add a Permission to a readonly Permissions object <java.lang.SecurityException: attempt to add a Permission to a readonly Permissions object>
        
2009/03/20 19:54:56:129 GMT [ERROR][AWT-EventQueue-0] sfManagementConsole - java.lang.SecurityException: attempt to add a Permission to a readonly Permissions object <java.lang.SecurityException: attempt to add a Permission to a readonly Permissions object>
        
2009/03/20 19:54:56:129 GMT [ERROR][AWT-EventQueue-0] sfManagementConsole - java.lang.ArrayIndexOutOfBoundsException: 1 <java.lang.ArrayIndexOutOfBoundsException: 1>
        
2009/03/20 19:54:56:129 GMT [ERROR][AWT-EventQueue-0] sfManagementConsole - java.lang.NullPointerException <java.lang.NullPointerException>
        
2009/03/20 19:54:56:129 GMT [ERROR][AWT-EventQueue-0] sfManagementConsole - java.lang.NullPointerException: Null child not allowed <java.lang.NullPointerException: Null child not allowed>
        
2009/03/20 19:54:56:131 GMT [ERROR][AWT-EventQueue-0] SFManagementConsole - java.rmi.UnmarshalException: Error unmarshaling return header; nested exception is:
        java.io.EOFException <java.rmi.UnmarshalException: Error unmarshaling return header; nested exception is:
        java.io.EOFException>
        


 All   Comments   Work Log   Change History      Sort Order: Ascending order - Click to sort in descending order
[ Permlink | « Hide ]
Steve Loughran added a comment - 21/Mar/09 06:03 PM (GMT)
This also causes jetty to fail

09/03/21 00:53:17 [TaskTracker] INFO mortbay.log : Extract jar:file:/opt/smartfrog/lib/hadoop-core-0.21.0-alpha-8.jar!/webapps/task to /tmp/Jetty_0_0_0_0_50060_task____.2vcltf/webapp
09/03/21 00:53:17 [TaskTracker] ERROR / : Security Init for context failed
java.lang.SecurityException: attempt to add a Permission to a readonly Permissions object
at java.security.Permissions.add(Permissions.java:110)
at java.security.Policy$UnsupportedEmptyCollection.add(Policy.java:790)
at org.apache.jasper.compiler.JspRuntimeContext.initSecurity(JspRuntimeContext.java:564)
at org.apache.jasper.compiler.JspRuntimeContext.<init>(JspRuntimeContext.java:198)
at org.apache.jasper.servlet.JspServlet.init(JspServlet.java:150)
at org.mortbay.jetty.servlet.ServletHolder.initServlet(ServletHolder.java:431)
at org.mortbay.jetty.servlet.ServletHolder.doStart(ServletHolder.java:263)
at org.mortbay.component.AbstractLifeCycle.start(AbstractLifeCycle.java:50)
at org.mortbay.jetty.servlet.ServletHandler.initialize(ServletHandler.java:643)
at org.mortbay.jetty.servlet.Context.startContext(Context.java:140)
at org.mortbay.jetty.webapp.WebAppContext.startContext(WebAppContext.java:1234)
at org.mortbay.jetty.handler.ContextHandler.doStart(ContextHandler.java:517)
at org.mortbay.jetty.webapp.WebAppContext.doStart(WebAppContext.java:460)
at org.mortbay.component.AbstractLifeCycle.start(AbstractLifeCycle.java:50)
at org.mortbay.jetty.handler.HandlerCollection.doStart(HandlerCollection.java:152)
at org.mortbay.jetty.handler.ContextHandlerCollection.doStart(ContextHandlerCollection.java:156)
at org.mortbay.component.AbstractLifeCycle.start(AbstractLifeCycle.java:50)
at org.mortbay.jetty.handler.HandlerWrapper.doStart(HandlerWrapper.java:130)
at org.mortbay.jetty.Server.doStart(Server.java:222)
at org.mortbay.component.AbstractLifeCycle.start(AbstractLifeCycle.java:50)
at org.apache.hadoop.http.HttpServer.start(HttpServer.java:454)
at org.apache.hadoop.mapred.TaskTracker.innerStart(TaskTracker.java:943)
at org.apache.hadoop.util.Service.start(Service.java:186)
at org.smartfrog.services.hadoop.components.cluster.HadoopServiceImpl.innerDeploy(HadoopServiceImpl.java:504)
at org.smartfrog.services.hadoop.components.cluster.HadoopServiceImpl.access$000(HadoopServiceImpl.java:55)
at org.smartfrog.services.hadoop.components.cluster.HadoopServiceImpl$ServiceDeployerThread.execute(HadoopServiceImpl.java:759)
at org.smartfrog.sfcore.utils.SmartFrogThread.run(SmartFrogThread.java:279)

[ Permlink | « Hide ]
Steve Loughran added a comment - 21/Mar/09 09:34 PM (GMT)
only appears in the JVM installation; when you log in as a different user more works. There is still a security manager running, and not a SmartFrog one.

2009/03/21 21:32:08:905 GMT [INFO ][RMI TCP Connection(2)-192.168.174.1] HOST dundee:rootProcess:checksecurity - Current security manager java.lang.SecurityManager@14384c2 classname class java.lang.SecurityManager

[ Permlink | « Hide ]
Steve Loughran added a comment - 21/Mar/09 10:10 PM (GMT)
this is related to SFOS-236, which adds a default security manager if none is set. It may also be caused by
the changes to sfDefaultProperties here
http://smartfrog.svn.sourceforge.net/viewvc/smartfrog/trunk/core/smartfrog/bin/setSFDefaultProperties?revision=5454&view=markup

-they add a default security manager *always*

1. if we are going to always have a security manager, it should be our exit controlling one

2. the only way to turn this security manager off is now to go
 export SFDEFAULTSECURITY=" "

[ Permlink | « Hide ]
Steve Loughran added a comment - 21/Mar/09 11:07 PM (GMT)
or export SFDEFAULTSECURITY="-Dorg.smartfrog.sfcore.common.Logger.processCompoundDiagReport=true -Dorg.smartfrog.sfcore.common.Logger.testNetwork=false"

but this does not stop security exceptions arising when you try and make RMI calls. We need to switch to our security manager (ExitTrapping) by default, and somehow get those security policies in or bail out early when they are not.


Powered by a free Atlassian JIRA open source license for SmartFrog. Try JIRA - bug tracking software for your team.
Atlassian JIRA the Professional Issue Tracker. (Professional Edition, Version: 3.13.1-#333) - Bug/feature request - Atlassian news - Contact Administrators