3 Replies Latest reply on Jun 21, 2004 3:31 PM by fe2o3

    running jboss with -Djava.security.manager

    fe2o3
    fe2o3 Jun 17, 2004 10:56 AM

      I have the need to make an RMI call originating from inside the jboss container (a StatelessSessionBean) to a remote jboss instance. My first attempt failed because there is no SecurityManager installed so I couldn't do any RMI classloading. So, I'm on the track of running with a security manager installed.

      running a default jboss instance with

      JAVA_OPTS="-Djava.security.manager -Djava.security.policy=server/default/conf/server.policy" bin/run.sh
      appears to startup fine. (BTW, installing a Security Manager programmatically seems to give me all the same results)

      When I get to the RMI logic, the calls succeed when a SecurityManager is installed.

      However, when I try to do *any* JDBC (via a configured Oracle *or* MSSQL Datasource), I get weird and apparently unsolvable exceptions.

      The first exception received when using either MSSQL or Oracle JDBC datasources, is a ClassNotFoundException on
      org/jboss/resource/adapter/jdbc/PrivilegedProxy.class
      . So, looking in some jars and jboss-3.2.4 distros, I notice that the particular class is compiled but not in any distro jars. So, as a hack, I jar up two proxy related classes and stick them in my server/default/lib directory.

      The next levels of exceptions differ.

      Under Oracle (jar ojdbc14.jar), I get this...
      RuntimeErrorException: java.lang.IllegalAccessError: class oracle.jdbc.driver.$Proxy147 cannot access its superinterface oracle.jdbc.driver.ScrollRsetStatement
      Cause: java.lang.IllegalAccessError: class oracle.jdbc.driver.$Proxy147 cannot access its superinterface oracle.jdbc.driver.ScrollRsetStatement


      Under MSSQL (not sure which JDBC driver, sorry), I get this...
      Throwable while attempting to get a new connection: null
      org.jboss.resource.JBossResourceException: Could not create connection; - nested throwable: (java.sql.SQLException: Failed to create Connection proxynull)
      at org.jboss.resource.adapter.jdbc.local.LocalManagedConnectionFactory.createManagedConnection(LocalManagedConnectionFactory.java:168)
      at org.jboss.resource.connectionmanager.InternalManagedConnectionPool.createConnectionEventListener(InternalManagedConnectionPool.java:504)


      My round about point is,... what am I doing wrong with Security Manager with regard to JDBC. I am assuming that somewhere out there, someone has done what I am trying to do. It doesn't appear that unique.

      Any help would be greatly appreciated.

      Thanks,
      Brad

      • 4717 Views
      • Tags:
        • 1. Re: running jboss with -Djava.security.manager
          starksm64
          starksm64 Jun 20, 2004 1:48 AM (in response to fe2o3)

          What does adding -Djava.security.debug=domain,failure show around this exception? I did testing of a security manager with the hsqldb driver, but no external databases. I'll try pointbase for th 3.2.5 release.

            • Actions
          • 2. Re: running jboss with -Djava.security.manager
            fe2o3
            fe2o3 Jun 21, 2004 1:33 PM (in response to fe2o3)

            running with

            JAVA_OPTS='-Xmx700m -Djava.security.manager -Djava.security.debug=domain,failure -Djava.security.policy=server/default/conf/server.policy' bin/run.sh
            doesn't appear to give me any more debugging information near the exception.

            Only tested your suggested system property with an Oracle driver. Here is a clip of the stacktrace
            Caused by: java.lang.IllegalAccessError: class oracle.jdbc.driver.$Proxy232 cannot access its superinterface oracle.jdbc.driver.ScrollRsetStatement
            at java.lang.reflect.Proxy.defineClass0(Native Method)
            at java.lang.reflect.Proxy.getProxyClass(Proxy.java:475)
            at java.lang.reflect.Proxy.newProxyInstance(Proxy.java:552)
            at org.jboss.resource.adapter.jdbc.PrivilegedProxy$BuildProxyAction.run(PrivilegedProxy.java:90)
            at java.security.AccessController.doPrivileged(Native Method)
            at org.jboss.resource.adapter.jdbc.PrivilegedProxy.getProxy(PrivilegedProxy.java:51)
            at org.jboss.resource.adapter.jdbc.WrappedStatement.<init>(WrappedStatement.java:47)
            at org.jboss.resource.adapter.jdbc.WrappedPreparedStatement.<init>(WrappedPreparedStatement.java:45)
            at org.jboss.resource.adapter.jdbc.WrappedConnection.prepareStatement(WrappedConnection.java:208)


            I can try a couple others tonight (perhaps) like mysql or postgres.

            Would you like me to turn up logging to TRACE?

            Thanks for the reply!

              • Actions
            • 3. Re: running jboss with -Djava.security.manager
              fe2o3
              fe2o3 Jun 21, 2004 3:31 PM (in response to fe2o3)

              It appears that firebird and mysql JDBC drivers operate correctly which running with a Security Manager.

              As you can probably tell from the stacktraces above, it fails when actually executing the statement. So, you would need an (valid?) Oracle instance/listenter to test this.

                • Actions