3 Replies Latest reply on Oct 3, 2011 6:06 AM by kinderpe

    Problem with startup of server: NotSerializableException

    kinderpe
    kinderpe Sep 28, 2011 3:41 AM

      When I try and start up my server (JBoss SOA-P 5.1) with picketlink/box using the default profile (unaltered configuration), I get the following exception:

      java.lang.RuntimeException: Error configuring property: policyRegistration for JNDIBasedSecurityRegistration

          at org.jboss.kernel.plugins.dependency.ConfigureAction.dispatchSetProperty(ConfigureAction.java:112)

          at org.jboss.kernel.plugins.dependency.ConfigureAction.setAttributes(ConfigureAction.java:85)

          at org.jboss.kernel.plugins.dependency.ConfigureAction.installActionInternal(ConfigureAction.java:44)

          at org.jboss.kernel.plugins.dependency.InstallsAwareAction.installAction(InstallsAwareAction.java:54)

          ...

      Caused by: java.lang.RuntimeException: javax.naming.CommunicationException [Root exception is java.io.NotSerializableException: org.jboss.security.xacml.core.JBossPDP]

          at org.jboss.security.integration.JNDIBasedSecurityRegistration.setPolicyRegistration(JNDIBasedSecurityRegistration.java:63)

          at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)

          at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)    

          ...

      Caused by: javax.naming.CommunicationException [Root exception is java.io.NotSerializableException: org.jboss.security.xacml.core.JBossPDP]

          at org.jnp.interfaces.NamingContext.rebind(NamingContext.java:602)

          at org.jnp.interfaces.NamingContext.rebind(NamingContext.java:540)

          at javax.naming.InitialContext.rebind(InitialContext.java:408)

          at org.jboss.security.integration.JNDIBasedSecurityRegistration.establishPolicyRegistration(JNDIBasedSecurityRegistration.java:107)

          at org.jboss.security.integration.JNDIBasedSecurityRegistration.setPolicyRegistration(JNDIBasedSecurityRegistration.java:59)

          ... 62 more

      Caused by: java.io.NotSerializableException: org.jboss.security.xacml.core.JBossPDP

          at java.io.ObjectOutputStream.writeObject0(ObjectOutputStream.java:1156)

          ...

       

      Now, I have read on this forum that this problem is fixed with jboss-xacml 2.0.6, so I dropped the following files into the endorsed libs:

      • jboss-sunxacml-2.0.6.Final.jar
      • jboss-xacml-2.0.6.Final.jar
      • picketbox-commons-1.0.0.CR1.jar

      However, this gives me the following stacktrace, which I suspect is a symptom of the same problem, namely the JNDIBasedSecurityRegistration:

      java.lang.RuntimeException: Error configuring property: policyRegistration for JNDIBasedSecurityRegistration

          at org.jboss.kernel.plugins.dependency.ConfigureAction.dispatchSetProperty(ConfigureAction.java:112)

          at org.jboss.kernel.plugins.dependency.ConfigureAction.setAttributes(ConfigureAction.java:85)

          at org.jboss.kernel.plugins.dependency.ConfigureAction.installActionInternal(ConfigureAction.java:44)

          at org.jboss.kernel.plugins.dependency.InstallsAwareAction.installAction(InstallsAwareAction.java:54)

          at org.jboss.kernel.plugins.dependency.InstallsAwareAction.installAction(InstallsAwareAction.java:42)

          ...

      Caused by: java.lang.RuntimeException: javax.naming.CommunicationException [Root exception is java.io.NotSerializableException: org.jboss.security.xacml.core.JBossXACMLPolicy]

          at org.jboss.security.integration.JNDIBasedSecurityRegistration.setPolicyRegistration(JNDIBasedSecurityRegistration.java:63)

          at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)

          at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)

          ...

      Caused by: javax.naming.CommunicationException [Root exception is java.io.NotSerializableException: org.jboss.security.xacml.core.JBossXACMLPolicy]

          at org.jnp.interfaces.NamingContext.rebind(NamingContext.java:602)

          at org.jnp.interfaces.NamingContext.rebind(NamingContext.java:540)

          at javax.naming.InitialContext.rebind(InitialContext.java:408)

          at org.jboss.security.integration.JNDIBasedSecurityRegistration.establishPolicyRegistration(JNDIBasedSecurityRegistration.java:107)

          at org.jboss.security.integration.JNDIBasedSecurityRegistration.setPolicyRegistration(JNDIBasedSecurityRegistration.java:59)

          ... 62 more

      Caused by: java.io.NotSerializableException: org.jboss.security.xacml.core.JBossXACMLPolicy

          at java.io.ObjectOutputStream.writeObject0(ObjectOutputStream.java:1156)

          at java.io.ObjectOutputStream.writeObject(ObjectOutputStream.java:326)

          at java.util.HashSet.writeObject(HashSet.java:267)

          at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)

          at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)

          ...

       

      Can anyone point me into the right direction to tackle my problem?

      I have attached the config files of my security components (which are all pretty basic).

      • 2116 Views
      • Tags:
        • 1. Re: Problem with startup of server: NotSerializableException
          geech
          geech Sep 29, 2011 7:15 PM (in response to kinderpe)

          I am experiencing the same problem as you, although my procedure was different:

           

          rm <jboss>/common/lib/jbossxacml.jar

          cp jboss-sunxacml-2.0.6.Final.jar <jboss>/common/lib/

          cp jboss-xacml-2.0.6.Final.jar <jboss>/common/lib/

          cp picketbox-commons-1.0.0.CR1.jar <jboss>/common/lib/

           

          I only get the NotSerializableException when my deployment package is deployed at JBoss startup. If I remove the deployment package and then start JBoss, then JBoss starts fine. I'm able to then deploy my deployment package and the XACML policies work as expected. This was also true even before I upgraded to the newer xacml jar, but the error was with JBossPDP; just like what you had before you upgraded. I extracted the latest source from subversion (http://anonsvn.jboss.org/repos/jbossas/projects/security/security-xacml/trunk) and JBossXACMLPolicy is not serializable.

            • Actions
          • 2. Re: Problem with startup of server: NotSerializableException
            geech
            geech Sep 29, 2011 9:57 PM (in response to kinderpe)

            I was able to fix this issue for us. We started by downloading the source code from the following SVN URL:

             

            http://anonsvn.jboss.org/repos/jbossas/projects/security/security-xacml/tags/2.0.6.Final

             

            I then was able to build the source using the attached maven settings.xml file (copy into $HOME/.m2) and the following command-line:

             

            mvn package -Dmaven.test.skip=true

             

            I then replaced <jboss>/common/lib/jbossxacml.jar with <jbossxacml>/assembly/target/jbossxacml-2.0.6.Final.jar

             

            Then, by trial and error, I figured out which interfaces and classes need Java Serialization added. I added Java serialization to the following files:

             

            ./jboss-xacml/src/main/java/org/jboss/security/xacml/core/JBossXACMLPolicy.java

            ./jboss-xacml/src/main/java/org/jboss/security/xacml/bridge/JBossPolicyFinder.java

            ./jboss-xacml/src/main/java/org/jboss/security/xacml/interfaces/ContextMapOp.java

            ./jboss-xacml/src/main/java/org/jboss/security/xacml/interfaces/XACMLPolicy.java

            ./jboss-sunxacml/src/main/java/org/jboss/security/xacml/sunxacml/PDP.java

            ./jboss-sunxacml/src/main/java/org/jboss/security/xacml/sunxacml/combine/CombiningAlgorithm.java

            ./jboss-sunxacml/src/main/java/org/jboss/security/xacml/sunxacml/finder/AttributeFinderModule.java

            ./jboss-sunxacml/src/main/java/org/jboss/security/xacml/sunxacml/finder/PolicyFinderModule.java

            ./jboss-sunxacml/src/main/java/org/jboss/security/xacml/sunxacml/finder/AttributeFinder.java

            ./jboss-sunxacml/src/main/java/org/jboss/security/xacml/sunxacml/finder/ResourceFinder.java

            ./jboss-sunxacml/src/main/java/org/jboss/security/xacml/sunxacml/finder/impl/CurrentEnvModule.java

            ./jboss-sunxacml/src/main/java/org/jboss/security/xacml/sunxacml/Policy.java

             

            This set of changes allowed me to deploy our service that uses XACML and still have JBoss start up correctly. I was able to test our service and verify XACML validation. This set of changes seems to work for us.

             

            I attached the built jar file as well as the patched code in case you want to build it yourself.

            1 of 1 people found this helpful
              • Actions
            • 3. Re: Problem with startup of server: NotSerializableException
              kinderpe
              kinderpe Oct 3, 2011 6:06 AM (in response to geech)

              Thanks for sorting that out. I had started the same exercisen, but got a bit discouraged after 5 or so classes I had to serialize.

                • Actions