[Security & JAAS/JBoss] - Problems while configuring server.policy file - jboss-user

Friday, 30 March 2007

Hi, 

I want to grant permission to MBeans and MBeanServer of my web application i.e. these
MBeans and MBeanServer are application specific, it has nothing to do with JBoss. 

I am assigning this permission in server.policy file. It already has default permission
java.security.AllPermission. So it overrides the MBean specific permission given by me.
Now I have removed AllPermission and give some minimum permission required from this link
: 

http://wiki.jboss.org/wiki/Wiki.jsp?page=ConfiguringAJavaSecurityManager 

Now it gives error regarding deploy folder. The stacktrace is given below: 

15:21:10,350 ERROR [MainDeployer] could not create deployment:
file:/C:/Java/jboss-4.0.2/server/all/deploy/jboss-aop.deployer/ 
org.jboss.deployment.DeploymentException: MBeanTrustPermission(register) not implied by
protection domain of mbean class: org.jboss.aop.deployment.AspectManagerService, pd:
ProtectionDomain
(file:/C:/Java/jboss-4.0.2/server/all/tmp/deploy/tmp25826jboss-aspect-library.jar <no
certificates>) 
org.jboss.mx.loading.UnifiedClassLoader3@1546dbc{
url=file:/C:/Java/jboss-4.0.2/server/all/deploy/jboss-aop.deployer/ ,addedOrder=3} 
<no principals> 
java.security.Permissions@c4d04d ( 
(java.net.SocketPermission localhost:1024- listen,resolve) 
(java.net.SocketPermission * connect,resolve) 
(java.net.SocketPermission * connect,resolve) 
(java.net.SocketPermission localhost:1024- listen,resolve) 
(javax.security.auth.AuthPermission createLoginContext.*) 
(unresolved javax.management.MBeanServerPermission findMBeanServer null) 
(unresolved javax.management.MBeanServerPermission findMBeanServer null) 
(unresolved javax.management.MBeanPermission
org.jboss.mx.modelmbean.XMBean#*[JMImplementation:type=MBeanRegistry] *) 
(unresolved javax.management.MBeanPermission
org.jboss.mx.modelmbean.XMBean#*[JMImplementation:type=MBeanRegistry] *) 
(java.lang.RuntimePermission accessClassInPackage.*) 
(java.lang.RuntimePermission queuePrintJob) 
(java.lang.RuntimePermission org.jboss.security.SecurityAssociation.getSubject) 
(java.lang.RuntimePermission stopThread) 
(java.util.PropertyPermission java.version read) 
(java.util.PropertyPermission java.vm.name read) 
(java.util.PropertyPermission java.vm.vendor read) 
(java.util.PropertyPermission os.name read) 
(java.util.PropertyPermission java.vendor.url read) 
(java.util.PropertyPermission java.vm.specification.vendor read) 
(java.util.PropertyPermission os.version read) 
(java.util.PropertyPermission java.specification.vendor read) 
(java.util.PropertyPermission java.class.version read) 
(java.util.PropertyPermission java.specification.name read) 
(java.util.PropertyPermission file.separator read) 
(java.util.PropertyPermission os.arch read) 
(java.util.PropertyPermission java.vm.version read) 
(java.util.PropertyPermission java.vendor read) 
(java.util.PropertyPermission java.specification.version read) 
(java.util.PropertyPermission java.vm.specification.version read) 
(java.util.PropertyPermission java.vm.specification.name read) 
(java.util.PropertyPermission * read) 
(java.util.PropertyPermission path.separator read) 
(java.util.PropertyPermission line.separator read) 
(java.io.FilePermission C:/Java/jboss-4.0.2/server/all/- read,write,delete) 
(java.io.FilePermission C:/Java/jboss-4.0.2/- read,write,delete) 
(java.io.FilePermission C:\j2sdk1.4.2_08\jre/- read,write,delete) 
(java.io.FilePermission C:/Java/jboss-4.0.2/server/all/- read,write,delete) 
(java.io.FilePermission C:/Java/jboss-4.0.2/- read,write,delete) 
(java.io.FilePermission C:\j2sdk1.4.2_08\jre/- read,write,delete) 
(java.io.FilePermission
C:\Java\jboss-4.0.2\server\all\tmp\deploy\tmp25826jboss-aspect-library.jar read) 
(java.io.FilePermission C:\Java\jboss-4.0.2\server\all\deploy\jboss-aop.deployer read) 
) 

; - nested throwable: (java.lang.SecurityException: MBeanTrustPermission(register) not
implied by protection domain of mbean class:
org.jboss.aop.deployment.AspectManagerService, pd: ProtectionDomain
(file:/C:/Java/jboss-4.0.2/server/all/tmp/deploy/tmp25826jboss-aspect-library.jar <no
certificates>) 
org.jboss.mx.loading.UnifiedClassLoader3@1546dbc{
url=file:/C:/Java/jboss-4.0.2/server/all/deploy/jboss-aop.deployer/ ,addedOrder=3} 
<no principals> 
java.security.Permissions@c4d04d ( 
(java.net.SocketPermission localhost:1024- listen,resolve) 
(java.net.SocketPermission * connect,resolve) 
(java.net.SocketPermission * connect,resolve) 
(java.net.SocketPermission localhost:1024- listen,resolve) 
(javax.security.auth.AuthPermission createLoginContext.*) 
(unresolved javax.management.MBeanServerPermission findMBeanServer null) 
(unresolved javax.management.MBeanServerPermission findMBeanServer null) 
(unresolved javax.management.MBeanPermission
org.jboss.mx.modelmbean.XMBean#*[JMImplementation:type=MBeanRegistry] *) 
(unresolved javax.management.MBeanPermission
org.jboss.mx.modelmbean.XMBean#*[JMImplementation:type=MBeanRegistry] *) 
(java.lang.RuntimePermission accessClassInPackage.*) 
(java.lang.RuntimePermission queuePrintJob) 
(java.lang.RuntimePermission org.jboss.security.SecurityAssociation.getSubject) 
(java.lang.RuntimePermission stopThread) 
(java.util.PropertyPermission java.version read) 
..... 

Any clues?? 

Thanks. 

Jahnvi 

View the original post :
http://www.jboss.com/index.html?module=bb&op=viewtopic&p=4033083#...

Reply to the post :
http://www.jboss.com/index.html?module=bb&op=posting&mode=reply&a...

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

2012

2011

2010

2009

2008

2007

2006

[Security & JAAS/JBoss] - Problems while configuring server.policy file