-Djava.security.manager=problems for service provider
Naoto Sato
naoto.sato at oracle.com
Thu Mar 29 18:02:41 UTC 2018
Hi Peter/Sean,
It does seem a regression. Thanks for letting me know. I will file an
issue and work on it.
Naoto
On 3/29/18 10:30 AM, Sean Mullan wrote:
> Copying Naoto.
>
> Naoto, the regression mentioned below that is causing the NPE looks to
> be caused by changes to java.util.ResourceBundle in
> https://bugs.openjdk.java.net/browse/JDK-8182601
>
> Can you take a look and file a bug, if so?
>
> Thanks,
> Sean
>
> On 3/29/18 4:53 AM, Peter wrote:
>> Hello Java security people!
>>
>> It turns out we needed the -Djava.security.manager= option at startup
>> after all...
>>
>> According to our SecurityManager implementation notes, the reason it
>> instantiated the policy, was to ensure that the JVM had loaded all
>> necessary classes, to prevent recursive errors. So I worked out we
>> didn't actually need an instance of the policy, but instead, just make
>> sure it's class is loaded along with other important classes, before
>> the security manager is in force. I've also handed off the logging
>> in the policy to an executor...
>>
>> So I've removed the instantation of policy provider from our security
>> manager's constructor.
>>
>> I've actually got a permission check in the constructor of the
>> security manager, if the AccessControlContext is privileged or if an
>> AccessControlContext containing ProtectionDomains are privileged, the
>> policy is never consulted. And so, the policy is not consulted or
>> instantiated during the security managers construction as you can see
>> below.
>>
>> I have a new problem:
>>
>> To state it simply, if you have a custom SecurityManager, you cannot
>> use the built in sun.security.provider.PolicyFile because the class
>> RBClassLoader cannot be initialized, due to a NullPointerException in
>> it's static initializer:
>>
>> [java] Caused by: java.lang.NullPointerException
>> [java] at
>> java.util.ResourceBundle$RBClassLoader.<clinit>(ResourceBundle.java:502)
>>
>> Which is just a null pointer dereference in RBClassLoaders static
>> initializer block:
>>
>> static {
>> // Find the extension class loader.
>> ClassLoader ld = ClassLoader.getSystemClassLoader();
>> ClassLoader parent;
>> while ((parent = ld.getParent()) != null) {
>> ld = parent;
>> }
>> loader = ld;
>> }
>>
>> It should be:
>>
>> static {
>> // Find the extension class loader.
>> ClassLoader ld = ClassLoader.getSystemClassLoader();
>> ClassLoader parent;
>> while (ld != null) {
>> parent = ld.getParent();
>> if (parent == null) break;
>> ld = parent;
>> }
>> loader = ld;
>> }
>>
>> [java] Error occurred during initialization of VM
>> [java] java.lang.ExceptionInInitializerError
>> [java] at
>> java.util.ResourceBundle.getLoader(ResourceBundle.java:482)
>> [java] at
>> java.util.ResourceBundle.getBundle(ResourceBundle.java:783)
>> [java] at
>> sun.security.util.ResourcesMgr$1.run(ResourcesMgr.java:47)
>> [java] at
>> sun.security.util.ResourcesMgr$1.run(ResourcesMgr.java:44)
>> [java] at java.security.AccessController.doPrivileged(Native
>> Method)
>> [java] at
>> sun.security.util.ResourcesMgr.getString(ResourcesMgr.java:43)
>> [java] at
>> sun.security.provider.PolicyFile.addGrantEntry(PolicyFile.java:888)
>> [java] at
>> sun.security.provider.PolicyFile.init(PolicyFile.java:626)
>> [java] at
>> sun.security.provider.PolicyFile.access$400(PolicyFile.java:258)
>> [java] at
>> sun.security.provider.PolicyFile$3.run(PolicyFile.java:521)
>> [java] at
>> sun.security.provider.PolicyFile$3.run(PolicyFile.java:495)
>> [java] at java.security.AccessController.doPrivileged(Native
>> Method)
>> [java] at
>> sun.security.provider.PolicyFile.initPolicyFile(PolicyFile.java:495)
>> [java] at
>> sun.security.provider.PolicyFile.initPolicyFile(PolicyFile.java:480)
>> [java] at
>> sun.security.provider.PolicyFile.init(PolicyFile.java:439)
>> [java] at
>> sun.security.provider.PolicyFile.<init>(PolicyFile.java:297)
>> [java] at
>> java.security.Policy.getPolicyNoCheck(Policy.java:196)
>> [java] at
>> java.security.ProtectionDomain.implies(ProtectionDomain.java:285)
>> [java] at java.lang.System$1.run(System.java:316)
>> [java] Unexpected exception:
>> [java] java.io.IOException: The pipe is being closed
>> [java] at java.io.FileOutputStream.writeBytes(Native Method)
>> [java] at
>> java.io.FileOutputStream.write(FileOutputStream.java:326)
>> [java] at
>> java.io.BufferedOutputStream.flushBuffer(BufferedOutputStream.java:82)
>> [java] at
>> java.io.BufferedOutputStream.write(BufferedOutputStream.java:126)
>> [java] at
>> java.io.ObjectOutputStream$BlockDataOutputStream.drain(ObjectOutputStream.java:1877)
>>
>> [java] at
>> java.io.ObjectOutputStream$BlockDataOutputStream.setBlockDataMode(ObjectOutputStream.java:1786)
>>
>> [java] at
>> java.io.ObjectOutputStream.writeNonProxyDesc(ObjectOutputStream.java:1286)
>>
>> [java] at
>> java.io.ObjectOutputStream.writeClassDesc(ObjectOutputStream.java:1231)
>> [java] at
>> java.io.ObjectOutputStream.writeOrdinaryObject(ObjectOutputStream.java:1427)
>>
>> [java] at
>> java.io.ObjectOutputStream.writeObject0(ObjectOutputStream.java:1178)
>> [java] at
>> java.io.ObjectOutputStream.writeFatalException(ObjectOutputStream.java:1577)
>>
>> [java] at
>> java.io.ObjectOutputStream.writeObject(ObjectOutputStream.java:351)
>> [java] at
>> org.apache.river.qa.harness.MasterHarness.runTestOtherVM(MasterHarness.java:883)
>>
>> [java] at
>> org.apache.river.qa.harness.MasterHarness.access$200(MasterHarness.java:122)
>>
>> [java] at
>> org.apache.river.qa.harness.MasterHarness$TestRunner.run(MasterHarness.java:616)
>>
>> [java] at
>> org.apache.river.qa.harness.MasterHarness.runTests(MasterHarness.java:443)
>>
>> [java] at
>> org.apache.river.qa.harness.QARunner.main(QARunner.java:67)
>> [java]
>> [java] TIME: 5:52:12 PM
>> [java]
>> [java] at java.security.AccessController.doPrivileged(Native
>> Method)
>> [java] at java.lang.System.setSecurityManager0(System.java:313)
>> [java] at java.lang.System.setSecurityManager(System.java:291)
>> [java] at sun.misc.Launcher.<init>(Launcher.java:101)
>> [java] at sun.misc.Launcher.<clinit>(Launcher.java:54)
>> [java] at
>> java.lang.ClassLoader.initSystemClassLoader(ClassLoader.java:1451)
>> [java] at
>> java.lang.ClassLoader.getSystemClassLoader(ClassLoader.java:1436)
>> [java] Caused by: java.lang.NullPointerException
>> [java] at
>> java.util.ResourceBundle$RBClassLoader.<clinit>(ResourceBundle.java:502)
>> [java] at
>> java.util.ResourceBundle.getLoader(ResourceBundle.java:482)
>> [java] at
>> java.util.ResourceBundle.getBundle(ResourceBundle.java:783)
>> [java] at
>> sun.security.util.ResourcesMgr$1.run(ResourcesMgr.java:47)
>> [java] at
>> sun.security.util.ResourcesMgr$1.run(ResourcesMgr.java:44)
>> [java] at java.security.AccessController.doPrivileged(Native
>> Method)
>> [java] at
>> sun.security.util.ResourcesMgr.getString(ResourcesMgr.java:43)
>> [java] at
>> sun.security.provider.PolicyFile.addGrantEntry(PolicyFile.java:888)
>> [java] at
>> sun.security.provider.PolicyFile.init(PolicyFile.java:626)
>> [java] at
>> sun.security.provider.PolicyFile.access$400(PolicyFile.java:258)
>> [java] at
>> sun.security.provider.PolicyFile$3.run(PolicyFile.java:521)
>> [java] at
>> sun.security.provider.PolicyFile$3.run(PolicyFile.java:495)
>> [java] at java.security.AccessController.doPrivileged(Native
>> Method)
>> [java] at
>> sun.security.provider.PolicyFile.initPolicyFile(PolicyFile.java:495)
>> [java] at
>> sun.security.provider.PolicyFile.initPolicyFile(PolicyFile.java:480)
>> [java] at
>> sun.security.provider.PolicyFile.init(PolicyFile.java:439)
>> [java] at
>> sun.security.provider.PolicyFile.<init>(PolicyFile.java:297)
>> [java] at
>> java.security.Policy.getPolicyNoCheck(Policy.java:196)
>> [java] at
>> java.security.ProtectionDomain.implies(ProtectionDomain.java:285)
>> [java] at java.lang.System$1.run(System.java:316)
>> [java] at java.security.AccessController.doPrivileged(Native
>> Method)
>> [java] at java.lang.System.setSecurityManager0(System.java:313)
>> [java] at java.lang.System.setSecurityManager(System.java:291)
>> [java] at sun.misc.Launcher.<init>(Launcher.java:101)
>> [java] at sun.misc.Launcher.<clinit>(Launcher.java:54)
>> [java] at
>> java.lang.ClassLoader.initSystemClassLoader(ClassLoader.java:1451)
>> [java] at
>> java.lang.ClassLoader.getSystemClassLoader(ClassLoader.java:1436)
>>
>>
>> In an earlier version of Java 1.8 RBClassLoader looked like this (it
>> checked for null, so no NPE):
>>
>> /**
>> * A wrapper of ClassLoader.getSystemClassLoader().
>> */
>> private static class RBClassLoader extends ClassLoader {
>> private static final RBClassLoader INSTANCE =
>> AccessController.doPrivileged(
>> new PrivilegedAction<RBClassLoader>() {
>> public RBClassLoader run() {
>> return new RBClassLoader();
>> }
>> });
>> private static final ClassLoader loader =
>> ClassLoader.getSystemClassLoader();
>>
>> private RBClassLoader() {
>> }
>> public Class<?> loadClass(String name) throws
>> ClassNotFoundException {
>> if (loader != null) {
>> return loader.loadClass(name);
>> }
>> return Class.forName(name);
>> }
>> public URL getResource(String name) {
>> if (loader != null) {
>> return loader.getResource(name);
>> }
>> return ClassLoader.getSystemResource(name);
>> }
>> public InputStream getResourceAsStream(String name) {
>> if (loader != null) {
>> return loader.getResourceAsStream(name);
>> }
>> return ClassLoader.getSystemResourceAsStream(name);
>> }
>> }
>>
>> In 1.8.0_162 it looks like this, see the null pointer dereference in
>> the static initializer?:
>>
>> /**
>> * A wrapper of Extension Class Loader
>> */
>> private static class RBClassLoader extends ClassLoader {
>> private static final RBClassLoader INSTANCE =
>> AccessController.doPrivileged(
>> new PrivilegedAction<RBClassLoader>() {
>> public RBClassLoader run() {
>> return new RBClassLoader();
>> }
>> });
>> private static final ClassLoader loader;
>> static {
>> // Find the extension class loader.
>> ClassLoader ld = ClassLoader.getSystemClassLoader();
>> ClassLoader parent;
>> while ((parent = ld.getParent()) != null) {
>> ld = parent;
>> }
>> loader = ld;
>> }
>>
>> private RBClassLoader() {
>> }
>> public Class<?> loadClass(String name) throws
>> ClassNotFoundException {
>> if (loader != null) {
>> return loader.loadClass(name);
>> }
>> return Class.forName(name);
>> }
>> public URL getResource(String name) {
>> if (loader != null) {
>> return loader.getResource(name);
>> }
>> return ClassLoader.getSystemResource(name);
>> }
>> public InputStream getResourceAsStream(String name) {
>> if (loader != null) {
>> return loader.getResourceAsStream(name);
>> }
>> return ClassLoader.getSystemResourceAsStream(name);
>> }
>> }
>>
>> Cheers,
>>
>> Peter.
>>
>> On 28/03/2018 2:20 PM, Peter wrote:
>>> It would be more correct to say, it wasn't noticed until recently.
>>>
>>> The logger was recently added to our policy implementation as a todo
>>> item, previously it went to System.out.err.
>>>
>>> The logger in our security manager, while a static field, has this
>>> comment:
>>>
>>> /**
>>> * Logger is lazily loaded, the SecurityManager can be loaded
>>> prior to
>>> * the system ClassLoader, attempting to load a Logger will cause a
>>> * NullPointerException, when calling
>>> ClassLoader.getSystemClassLoader(),
>>> * in order to load the logger class.
>>>
>>> Unfortunately we can't have the same lazy loading for the policy
>>> provider as all logging is related to parsing policy file syntax
>>> errors, all done prior to construction of the policy.
>>>
>>> We could remove the Logger from the policy, but that makes tracking
>>> down policy syntax errors a problem usually after a period of
>>> running, rather than during start up.
>>>
>>> We also need to ensure all classes the SecurityManager will cause to
>>> be loaded are loaded prior to the security manager constructor
>>> completing.
>>>
>>> For example:
>>>
>>> /* The following ensures the classes we need are loaded early to avoid
>>> * class loading deadlock */
>>> checkPermission(new RuntimePermission("setIO"),
>>> SMPrivilegedContext);
>>>
>>> It seems the best advise is to simply avoid using
>>> -Djava.security.manager in our case.
>>>
>>> Cheers,
>>>
>>> Peter.
>>>
>>>
>>> On 28/03/2018 11:50 AM, Peter wrote:
>>>> Thanks Daniel,
>>>>
>>>> Ah yes, I see what's happening and why this only occurs when using
>>>> -Djava.security.manager=
>>>>
>>>> sun.misc.Launcher calls the security manager constructor from within
>>>> its constructor, which creates a recursive call back to the static
>>>> method Launcher.getLauncher(), which returns the uninitialized
>>>> static launcher field.
>>>>
>>>> CombinerSecurityManager checks during construction that the policy
>>>> has been instantiated and it also instantiates a Logger. It could
>>>> safely lose the logger, but the policy must be fully instantiated
>>>> before the security manager is in force, otherwise it creates
>>>> recursive calls in the security manager implementation.
>>>>
>>>> The simplest fix would be to move the instantiation of
>>>> SecurityManager to a static initializer in Launcher that occurs
>>>> after the construction of Launcher and setting of the static
>>>> launcher field.
>>>>
>>>> This didn't become a problem until recently upgrading to the latest
>>>> Java 8 JDK, so not sure of the history here.
>>>>
>>>> Regards Peter.
>>>>
>>>> More comments inline below:
>>>>
>>>>> Hi,
>>>>>
>>>>> On 27/03/2018 14:06, Alan Bateman wrote:
>>>>> >/ Moving this to security-dev.
>>>>> />/
>>>>> />/ From the stack trace, it looks like you are using JDK 8 or
>>>>> older. There
>>>>> />/ are several changes in JDK 9 and newer in the PolicyFile code
>>>>> to how it
>>>>> />/ loads its resources that may help with the issues you are seeing.
>>>>> />/
>>>>> />/ -Alan
>>>>> /
>>>>> [snip]
>>>>>
>>>>> >/ [java] at java.util.logging.Logger.log(Logger.java:788)
>>>>> />/ [java] at
>>>>> org.apache.river.api.security.ConcurrentPolicyFile$2.run(ConcurrentPolicyFile.java:496)
>>>>>
>>>>> /
>>>>> In what logging is concerned, it's probably not a good idea to
>>>>> use java.util.logging in a Policy/SecurityManager implementation
>>>>> supplied on the command line as java.util.logging uses
>>>>> doPrivileged and checks for permissions.
>>>>
>>>> Work arounds for that problem:
>>>>
>>>> * Delegate logging to an executor.
>>>> * Use a thread local variable to detect trusted recursive calls.
>>>> * Only log messages during startup, when the policy or security
>>>> manager isn't active.
>>>>
>>>>
>>>>> For the record the line that throws in the first stack trace
>>>>> seems to be this one at LogManager.java:965
>>>>>
>>>>> Class<?> clz =
>>>>> ClassLoader.getSystemClassLoader().loadClass(word);
>>>>>
>>>>> The exception is caught and printed on System.err at line 981
>>>>> allowing the caller to proceed - so it's not what is
>>>>> causing the ExceptionInInitializerError, but it shows that
>>>>> ClassLoader.getSystemClassLoader() is probably returning null
>>>>> at this point, and it looks like it is the same issue you're
>>>>> seeing at ResourceBundle.java:502 later on, which prevents the
>>>>> CombinerSecurityManager to initialize.
>>>>>
>>>>>
>>>>> Hopes this helps,
>>>>>
>>>>> -- daniel
>>>>>
>>>>>
>>>>> >/
>>>>> />/ On 27/03/2018 13:56, Peter Firmstone wrote:
>>>>> />>/ Not sure if this is the right place to mention this.
>>>>> />>/
>>>>> />>/ Anyone notice that specifying a custom security manager at
>>>>> jvm start
>>>>> />>/ up causes issues with service providers loading? If using
>>>>> the sun
>>>>> />>/ PolicyFile implementation, the policy doesn't load due to the
>>>>> provider
>>>>> />>/ failure, I have a custom policy implementation that will
>>>>> allow the jvm
>>>>> />>/ to run in this state, and other providers are also not
>>>>> loading, such
>>>>> />>/ as the logger and JCE.
>>>>> />>/
>>>>> />>/ Note that it doesn't occur if the security manager is set
>>>>> />>/ programmatically in the main method at start up, only if it's
>>>>> set via
>>>>> />>/ command line option.
>>>>> />>/
>>>>> />>/ Examples of providers not loading:
>>>>> />>/
>>>>> />>/ [java] java.lang.NullPointerException
>>>>> />>/ [java] Can't load log handler
>>>>> "java.util.logging.ConsoleHandler"
>>>>> />>/ [java] java.lang.NullPointerException
>>>>> />>/ [java] java.lang.NullPointerException
>>>>> />>/ [java] at
>>>>> />>/ java.util.logging.LogManager$5.run(LogManager.java:965)
>>>>> />>/ [java] at
>>>>> java.security.AccessController.doPrivileged(Native
>>>>> />>/ Method)
>>>>> />>/ [java] at
>>>>> />>/
>>>>> java.util.logging.LogManager.loadLoggerHandlers(LogManager.java:958)
>>>>> />>/ [java] at
>>>>> />>/
>>>>> java.util.logging.LogManager.initializeGlobalHandlers(LogManager.java:1578)
>>>>>
>>>>> />>/
>>>>> />>/ [java] at
>>>>> />>/ java.util.logging.LogManager.access$1500(LogManager.java:145)
>>>>> />>/ [java] at
>>>>> />>/
>>>>> java.util.logging.LogManager$RootLogger.accessCheckedHandlers(LogManager.java:1667)
>>>>>
>>>>> />>/
>>>>> />>/ [java] at
>>>>> java.util.logging.Logger.getHandlers(Logger.java:1777)
>>>>> />>/ [java] at
>>>>> java.util.logging.Logger.log(Logger.java:735)
>>>>> />>/ [java] at
>>>>> java.util.logging.Logger.doLog(Logger.java:765)
>>>>> />>/ [java] at
>>>>> java.util.logging.Logger.log(Logger.java:788)
>>>>> />>/ [java] at
>>>>> />>/
>>>>> org.apache.river.api.security.ConcurrentPolicyFile$2.run(ConcurrentPolicyFile.java:496)
>>>>>
>>>>> />>/
>>>>> />>/ [java] at
>>>>> />>/
>>>>> org.apache.river.api.security.ConcurrentPolicyFile$2.run(ConcurrentPolicyFile.java:469)
>>>>>
>>>>> />>/
>>>>> />>/ [java] at
>>>>> java.security.AccessController.doPrivileged(Native
>>>>> />>/ Method)
>>>>> />>/ [java] at
>>>>> />>/
>>>>> org.apache.river.api.security.ConcurrentPolicyFile.readPoliciesNoCheckGuard(ConcurrentPolicyFile.java:468)
>>>>>
>>>>> />>/
>>>>> />>/ [java] at
>>>>> />>/
>>>>> org.apache.river.api.security.ConcurrentPolicyFile.readPolicyPermissionGrants(ConcurrentPolicyFile.java:243)
>>>>>
>>>>> />>/
>>>>> />>/ [java] at
>>>>> />>/
>>>>> org.apache.river.api.security.ConcurrentPolicyFile.<init>(ConcurrentPolicyFile.java:253)
>>>>>
>>>>> />>/
>>>>> />>/ [java] at
>>>>> />>/
>>>>> org.apache.river.api.security.ConcurrentPolicyFile.<init>(ConcurrentPolicyFile.java:226)
>>>>>
>>>>> />>/
>>>>> />>/ [java] at
>>>>> />>/
>>>>> org.apache.river.api.security.CombinerSecurityManager.<init>(CombinerSecurityManager.java:154)
>>>>>
>>>>> />>/
>>>>> />>/ [java] at
>>>>> />>/
>>>>> org.apache.river.api.security.CombinerSecurityManager.<init>(CombinerSecurityManager.java:133)
>>>>>
>>>>> />>/
>>>>> />>/ [java] at
>>>>> />>/
>>>>> org.apache.river.tool.SecurityPolicyWriter.<init>(SecurityPolicyWriter.java:137)
>>>>>
>>>>> />>/
>>>>> />>/ [java] at
>>>>> />>/
>>>>> org.apache.river.tool.SecurityPolicyWriter.<init>(SecurityPolicyWriter.java:162)
>>>>>
>>>>> />>/
>>>>> />>/ [java] at
>>>>> />>/ sun.reflect.NativeConstructorAccessorImpl.newInstance0(Native
>>>>> Method)
>>>>> />>/ [java] at
>>>>> />>/
>>>>> sun.reflect.NativeConstructorAccessorImpl.newInstance(NativeConstructorAccessorImpl.java:62)
>>>>>
>>>>> />>/
>>>>> />>/ [java] at
>>>>> />>/
>>>>> sun.reflect.DelegatingConstructorAccessorImpl.newInstance(DelegatingConstructorAccessorImpl.java:45)
>>>>>
>>>>> />>/
>>>>> />>/ [java] at
>>>>> />>/ java.lang.reflect.Constructor.newInstance(Constructor.java:423)
>>>>> />>/ [java] at java.lang.Class.newInstance(Class.java:442)
>>>>> />>/ [java] at sun.misc.Launcher.<init>(Launcher.java:93)
>>>>> />>/ [java] at sun.misc.Launcher.<clinit>(Launcher.java:54)
>>>>> />>/ [java] at
>>>>> />>/
>>>>> java.lang.ClassLoader.initSystemClassLoader(ClassLoader.java:1451)
>>>>> />>/ [java] at
>>>>> />>/
>>>>> java.lang.ClassLoader.getSystemClassLoader(ClassLoader.java:1436)
>>>>> />>/
>>>>> />>/
>>>>> />>/ [java] Error occurred during initialization of VM
>>>>> />>/ [java] java.lang.ExceptionInInitializerError
>>>>> />>/ [java] at
>>>>> />>/ java.util.ResourceBundle.getLoader(ResourceBundle.java:482)
>>>>> />>/ [java] at
>>>>> />>/ java.util.ResourceBundle.getBundle(ResourceBundle.java:783)
>>>>> />>/ [java] at
>>>>> />>/ sun.security.util.ResourcesMgr$1.run(ResourcesMgr.java:47)
>>>>> />>/ [java] at
>>>>> />>/ sun.security.util.ResourcesMgr$1.run(ResourcesMgr.java:44)
>>>>> />>/ [java] at
>>>>> java.security.AccessController.doPrivileged(Native
>>>>> />>/ Method)
>>>>> />>/ [java] at
>>>>> />>/ sun.security.util.ResourcesMgr.getString(ResourcesMgr.java:43)
>>>>> />>/ [java] at
>>>>> />>/
>>>>> sun.security.provider.PolicyFile.addGrantEntry(PolicyFile.java:888)
>>>>> />>/ [java] at
>>>>> />>/ sun.security.provider.PolicyFile.init(PolicyFile.java:626)
>>>>> />>/ [java] at
>>>>> />>/ sun.security.provider.PolicyFile.access$400(PolicyFile.java:258)
>>>>> />>/ [java] at
>>>>> />>/ sun.security.provider.PolicyFile$3.run(PolicyFile.java:521)
>>>>> />>/ [java] at
>>>>> />>/ sun.security.provider.PolicyFile$3.run(PolicyFile.java:495)
>>>>> />>/ [java] at
>>>>> java.security.AccessController.doPrivileged(Native
>>>>> />>/ Method)
>>>>> />>/ [java] at
>>>>> />>/
>>>>> sun.security.provider.PolicyFile.initPolicyFile(PolicyFile.java:495)
>>>>> />>/ [java] at
>>>>> />>/
>>>>> sun.security.provider.PolicyFile.initPolicyFile(PolicyFile.java:480)
>>>>> />>/ [java] at
>>>>> />>/ sun.security.provider.PolicyFile.init(PolicyFile.java:439)
>>>>> />>/ [java] at
>>>>> />>/ sun.security.provider.PolicyFile.<init>(PolicyFile.java:297)
>>>>> />>/ [java] at
>>>>> java.security.Policy.getPolicyNoCheck(Policy.java:196)
>>>>> />>/ [java] at
>>>>> java.security.Policy.getPolicy(Policy.java:154)
>>>>> />>/ [java] at
>>>>> net.jini.security.Security$7.run(Security.java:1054)
>>>>> />>/ [java] at
>>>>> net.jini.security.Security$7.run(Security.java:1052)
>>>>> />>/ [java] at
>>>>> java.security.AccessController.doPrivileged(Native
>>>>> />>/ Method)
>>>>> />>/ [java] at
>>>>> />>/ net.jini.security.Security.getPolicy(Security.java:1052)
>>>>> />>/ [java] at
>>>>> />>/ net.jini.security.Security.getContext(Security.java:506)
>>>>> />>/ [java] at
>>>>> />>/
>>>>> org.apache.river.api.security.CombinerSecurityManager.<init>(CombinerSecurityManager.java:140)
>>>>>
>>>>> />>/
>>>>> />>/ [java] at
>>>>> />>/
>>>>> org.apache.river.api.security.CombinerSecurityManager.<init>(CombinerSecurityManager.java:132)
>>>>>
>>>>> />>/
>>>>> />>/ [java] at
>>>>> />>/
>>>>> org.apache.river.tool.SecurityPolicyWriter.<init>(SecurityPolicyWriter.java:137)
>>>>>
>>>>> />>/
>>>>> />>/ [java] at
>>>>> />>/
>>>>> org.apache.river.tool.SecurityPolicyWriter.<init>(SecurityPolicyWriter.java:160)
>>>>>
>>>>> />>/
>>>>> />>/ [java] at
>>>>> />>/ sun.reflect.NativeConstructorAccessorImpl.newInstance0(Native
>>>>> Method)
>>>>> />>/ [java] at
>>>>> />>/
>>>>> sun.reflect.NativeConstructorAccessorImpl.newInstance(NativeConstructorAccessorImpl.java:62)
>>>>>
>>>>> />>/
>>>>> />>/ [java] at
>>>>> />>/
>>>>> sun.reflect.DelegatingConstructorAccessorImpl.newInstance(DelegatingConstructorAccessorImpl.java:45)
>>>>>
>>>>> />>/
>>>>> />>/ [java] at
>>>>> />>/ java.lang.reflect.Constructor.newInstance(Constructor.java:423)
>>>>> />>/ [java] at java.lang.Class.newInstance(Class.java:442)
>>>>> />>/ [java] at sun.misc.Launcher.<init>(Launcher.java:93)
>>>>> />>/ [java] at sun.misc.Launcher.<clinit>(Launcher.java:54)
>>>>> />>/ [java] at
>>>>> />>/
>>>>> java.lang.ClassLoader.initSystemClassLoader(ClassLoader.java:1451)
>>>>> />>/ [java] at
>>>>> />>/
>>>>> java.lang.ClassLoader.getSystemClassLoader(ClassLoader.java:1436)
>>>>> />>/ [java] Caused by: java.lang.NullPointerException
>>>>> />>/ [java] at
>>>>> />>/
>>>>> java.util.ResourceBundle$RBClassLoader.<clinit>(ResourceBundle.java:502)
>>>>>
>>>>> />>/ [java] at
>>>>> />>/ java.util.ResourceBundle.getLoader(ResourceBundle.java:482)
>>>>> />>/ [java] at
>>>>> />>/ java.util.ResourceBundle.getBundle(ResourceBundle.java:783)
>>>>> />>/ [java] at
>>>>> />>/ sun.security.util.ResourcesMgr$1.run(ResourcesMgr.java:47)
>>>>> />>/ [java] at
>>>>> />>/ sun.security.util.ResourcesMgr$1.run(ResourcesMgr.java:44)
>>>>> />>/ [java] at
>>>>> java.security.AccessController.doPrivileged(Native
>>>>> />>/ Method)
>>>>> />>/ [java] at
>>>>> />>/ sun.security.util.ResourcesMgr.getString(ResourcesMgr.java:43)
>>>>> />>/ [java] at
>>>>> />>/
>>>>> sun.security.provider.PolicyFile.addGrantEntry(PolicyFile.java:888)
>>>>> />>/ [java] at
>>>>> />>/ sun.security.provider.PolicyFile.init(PolicyFile.java:626)
>>>>> />>/ [java] at
>>>>> />>/ sun.security.provider.PolicyFile.access$400(PolicyFile.java:258)
>>>>> />>/ [java] at
>>>>> />>/ sun.security.provider.PolicyFile$3.run(PolicyFile.java:521)
>>>>> />>/ [java] at
>>>>> />>/ sun.security.provider.PolicyFile$3.run(PolicyFile.java:495)
>>>>> />>/ [java] at
>>>>> java.security.AccessController.doPrivileged(Native
>>>>> />>/ Method)
>>>>> />>/ [java] at
>>>>> />>/
>>>>> sun.security.provider.PolicyFile.initPolicyFile(PolicyFile.java:495)
>>>>> />>/ [java] at
>>>>> />>/
>>>>> sun.security.provider.PolicyFile.initPolicyFile(PolicyFile.java:480)
>>>>> />>/ [java] at
>>>>> />>/ sun.security.provider.PolicyFile.init(PolicyFile.java:439)
>>>>> />>/ [java] at
>>>>> />>/ sun.security.provider.PolicyFile.<init>(PolicyFile.java:297)
>>>>> />>/ [java] at
>>>>> java.security.Policy.getPolicyNoCheck(Policy.java:196)
>>>>> />>/ [java] at
>>>>> java.security.Policy.getPolicy(Policy.java:154)
>>>>> />>/ [java] at
>>>>> net.jini.security.Security$7.run(Security.java:1054)
>>>>> />>/ [java] at
>>>>> net.jini.security.Security$7.run(Security.java:1052)
>>>>> />>/ [java] at
>>>>> java.security.AccessController.doPrivileged(Native
>>>>> />>/ Method)
>>>>> />>/ [java] at
>>>>> />>/ net.jini.security.Security.getPolicy(Security.java:1052)
>>>>> />>/ [java] at
>>>>> />>/ net.jini.security.Security.getContext(Security.java:506)
>>>>> />>/ [java] Unexpected exception:
>>>>> />>/ [java] at
>>>>> />>/
>>>>> org.apache.river.api.security.CombinerSecurityManager.<init>(CombinerSecurityManager.java:140)
>>>>>
>>>>> />>/
>>>>> />>/ [java] at
>>>>> />>/
>>>>> org.apache.river.api.security.CombinerSecurityManager.<init>(CombinerSecurityManager.java:132)
>>>>>
>>>>> />>/
>>>>> />>/ [java] at
>>>>> />>/
>>>>> org.apache.river.tool.SecurityPolicyWriter.<init>(SecurityPolicyWriter.java:137)
>>>>>
>>>>> />>/
>>>>> />>/ [java] at
>>>>> />>/
>>>>> org.apache.river.tool.SecurityPolicyWriter.<init>(SecurityPolicyWriter.java:160)
>>>>>
>>>>> />>/
>>>>> />>/ [java] at
>>>>> />>/ sun.reflect.NativeConstructorAccessorImpl.newInstance0(Native
>>>>> Method)
>>>>> />>/ [java] at
>>>>> />>/
>>>>> sun.reflect.NativeConstructorAccessorImpl.newInstance(NativeConstructorAccessorImpl.java:62)
>>>>>
>>>>> />>/
>>>>> />>/ [java] at
>>>>> />>/
>>>>> sun.reflect.DelegatingConstructorAccessorImpl.newInstance(DelegatingConstructorAccessorImpl.java:45)
>>>>>
>>>>> />>/
>>>>> />>/ [java] at
>>>>> />>/ java.lang.reflect.Constructor.newInstance(Constructor.java:423)
>>>>> />>/ [java] at java.lang.Class.newInstance(Class.java:442)
>>>>> />>/ [java] at sun.misc.Launcher.<init>(Launcher.java:93)
>>>>> />>/ [java] at sun.misc.Launcher.<clinit>(Launcher.java:54)
>>>>> />>/ [java] at
>>>>> />>/
>>>>> java.lang.ClassLoader.initSystemClassLoader(ClassLoader.java:1451)
>>>>> />>/ [java] at
>>>>> />>/
>>>>> java.lang.ClassLoader.getSystemClassLoader(ClassLoader.java:1436)
>>>>> />>/
>>>>> />>/
>>>>> />>/
>>>>> />>/ [java] java.lang.ExceptionInInitializerError
>>>>> />>/ [java] at
>>>>> />>/
>>>>> javax.crypto.JceSecurityManager.<clinit>(JceSecurityManager.java:65)
>>>>> />>/ [java] at
>>>>> />>/ javax.crypto.Cipher.getConfiguredPermission(Cipher.java:2586)
>>>>> />>/ [java] at
>>>>> />>/ javax.crypto.Cipher.getMaxAllowedKeyLength(Cipher.java:2610)
>>>>> />>/ [java] at
>>>>> />>/
>>>>> sun.security.ssl.CipherSuite$BulkCipher.isUnlimited(CipherSuite.java:535)
>>>>>
>>>>> />>/ [java] at
>>>>> />>/
>>>>> sun.security.ssl.CipherSuite$BulkCipher.<init>(CipherSuite.java:507)
>>>>> />>/ [java] at
>>>>> />>/ sun.security.ssl.CipherSuite.<clinit>(CipherSuite.java:614)
>>>>> />>/ [java] at
>>>>> />>/
>>>>> sun.security.ssl.SSLContextImpl.getApplicableCipherSuiteList(SSLContextImpl.java:294)
>>>>>
>>>>> />>/
>>>>> />>/ [java] at
>>>>> />>/
>>>>> sun.security.ssl.SSLContextImpl.access$100(SSLContextImpl.java:42)
>>>>> />>/ [java] at
>>>>> />>/
>>>>> sun.security.ssl.SSLContextImpl$AbstractTLSContext.<clinit>(SSLContextImpl.java:425)
>>>>>
>>>>> />>/
>>>>> />>/ [java] at java.lang.Class.forName0(Native Method)
>>>>> />>/ [java] at java.lang.Class.forName(Class.java:264)
>>>>> />>/ [java] at
>>>>> />>/ java.security.Provider$Service.getImplClass(Provider.java:1634)
>>>>> />>/ [java] at
>>>>> />>/ java.security.Provider$Service.newInstance(Provider.java:1592)
>>>>> />>/ [java] at
>>>>> />>/ sun.security.jca.GetInstance.getInstance(GetInstance.java:236)
>>>>> />>/ [java] at
>>>>> />>/ sun.security.jca.GetInstance.getInstance(GetInstance.java:164)
>>>>> />>/ [java] at
>>>>> />>/ javax.net.ssl.SSLContext.getInstance(SSLContext.java:156)
>>>>> />>/ [java] at
>>>>> />>/
>>>>> net.jini.jeri.ssl.Utilities.getServerSSLContextInfo(Utilities.java:712)
>>>>>
>>>>> />>/ [java] at
>>>>> />>/
>>>>> net.jini.jeri.ssl.Utilities.getSupportedCipherSuites(Utilities.java:284)
>>>>>
>>>>> />>/ [java] at
>>>>> />>/
>>>>> net.jini.jeri.ssl.SslEndpointImpl.getConnectionContexts(SslEndpointImpl.java:750)
>>>>>
>>>>> />>/
>>>>> />>/ [java] at
>>>>> />>/
>>>>> net.jini.jeri.ssl.SslEndpointImpl.getCallContext(SslEndpointImpl.java:326)
>>>>>
>>>>> />>/
>>>>> />>/ [java] at
>>>>> />>/
>>>>> net.jini.jeri.ssl.SslEndpointImpl.newRequest(SslEndpointImpl.java:185)
>>>>> />>/ [java] at
>>>>> />>/ net.jini.jeri.ssl.SslEndpoint.newRequest(SslEndpoint.java:550)
>>>>> />>/ [java] at
>>>>> />>/
>>>>> net.jini.jeri.BasicObjectEndpoint.newCall(BasicObjectEndpoint.java:421)
>>>>>
>>>>> />>/ [java] at
>>>>> />>/
>>>>> net.jini.jeri.BasicInvocationHandler.invokeRemoteMethod(BasicInvocationHandler.java:688)
>>>>>
>>>>> />>/
>>>>> />>/ [java] at
>>>>> />>/
>>>>> net.jini.jeri.BasicInvocationHandler.invoke(BasicInvocationHandler.java:571)
>>>>>
>>>>> />>/
>>>>> />>/ [java] at
>>>>> com.sun.proxy.$Proxy2.registerGroup(Unknown Source)
>>>>> />>/ [java] at
>>>>> />>/
>>>>> org.apache.river.start.SharedActivationGroupDescriptor.create(SharedActivationGroupDescriptor.java:370)
>>>>>
>>>>> />>/
>>>>> />>/ [java] at
>>>>> />>/
>>>>> org.apache.river.qa.harness.SharedGroupAdmin.start(SharedGroupAdmin.java:204)
>>>>>
>>>>> />>/
>>>>> />>/ [java] at
>>>>> />>/
>>>>> org.apache.river.qa.harness.AdminManager.startService(AdminManager.java:639)
>>>>>
>>>>> />>/
>>>>> />>/ [java] at
>>>>> />>/
>>>>> org.apache.river.qa.harness.AdminManager.startService(AdminManager.java:660)
>>>>>
>>>>> />>/
>>>>> />>/ [java] at
>>>>> />>/
>>>>> org.apache.river.qa.harness.ActivatableServiceStarterAdmin.getServiceSharedLogDir(ActivatableServiceStarterAdmin.java:388)
>>>>>
>>>>> />>/
>>>>> />>/ [java] at
>>>>> />>/
>>>>> org.apache.river.qa.harness.ActivatableServiceStarterAdmin.start(ActivatableServiceStarterAdmin.java:224)
>>>>>
>>>>> />>/
>>>>> />>/ [java] at
>>>>> />>/
>>>>> org.apache.river.qa.harness.AdminManager.startService(AdminManager.java:639)
>>>>>
>>>>> />>/
>>>>> />>/ [java] at
>>>>> />>/
>>>>> org.apache.river.qa.harness.AdminManager.startService(AdminManager.java:660)
>>>>>
>>>>> />>/
>>>>> />>/ [java] at
>>>>> />>/
>>>>> org.apache.river.qa.harness.AdminManager.startLookupService(AdminManager.java:679)
>>>>>
>>>>> />>/
>>>>> />>/ [java] at
>>>>> />>/
>>>>> org.apache.river.test.spec.lookupservice.QATestRegistrar.construct(QATestRegistrar.java:458)
>>>>>
>>>>> />>/
>>>>> />>/ [java] at
>>>>> />>/
>>>>> org.apache.river.test.spec.lookupservice.test_set00.EvntLeaseExpiration.construct(EvntLeaseExpiration.java:88)
>>>>>
>>>>> />>/
>>>>> />>/ [java] at
>>>>> />>/
>>>>> org.apache.river.qa.harness.MasterTest.doTest(MasterTest.java:228)
>>>>> />>/ [java] at
>>>>> />>/
>>>>> org.apache.river.qa.harness.MasterTest.access$000(MasterTest.java:48)
>>>>> />>/ [java] at
>>>>> />>/
>>>>> org.apache.river.qa.harness.MasterTest$1.run(MasterTest.java:174)
>>>>> />>/ [java] at
>>>>> java.security.AccessController.doPrivileged(Native
>>>>> />>/ Method)
>>>>> />>/ [java] at
>>>>> />>/ javax.security.auth.Subject.doAsPrivileged(Subject.java:483)
>>>>> />>/ [java] at
>>>>> />>/
>>>>> org.apache.river.qa.harness.MasterTest.doTestWithLogin(MasterTest.java:171)
>>>>>
>>>>> />>/
>>>>> />>/ [java] at
>>>>> />>/ org.apache.river.qa.harness.MasterTest.main(MasterTest.java:150)
>>>>> />>/ [java] Caused by: java.lang.SecurityException: Can not
>>>>> initialize
>>>>> />>/ cryptographic mechanism
>>>>> />>/ [java] at
>>>>> javax.crypto.JceSecurity.<clinit>(JceSecurity.java:93)
>>>>> />>/ [java] ... 44 more
>>>>> />>/ [java] Caused by: java.lang.SecurityException: Cannot
>>>>> locate
>>>>> />>/ policy or framework files!
>>>>> />>/ [java] at
>>>>> />>/
>>>>> javax.crypto.JceSecurity.setupJurisdictionPolicies(JceSecurity.java:316)
>>>>>
>>>>> />>/ [java] at
>>>>> />>/ javax.crypto.JceSecurity.access$000(JceSecurity.java:50)
>>>>> />>/ [java] at
>>>>> javax.crypto.JceSecurity$1.run(JceSecurity.java:85)
>>>>> />>/ [java] at
>>>>> java.security.AccessController.doPrivileged(Native
>>>>> />>/ Method)
>>>>> />>/ [java] at
>>>>> javax.crypto.JceSecurity.<clinit>(JceSecurity.java:82)
>>>>> />/
>>>>> /
>>>>
>>>
>>>
>>
More information about the security-dev
mailing list