|
»
»
»
Tomcat permissions issue when trying to load xindice configuration
|
View:
New views
6 Messages
—
Rating Filter:
Alert me
|
 |
Tomcat permissions issue when trying to load xindice configuration
by prasub
::
Rate this Message:
I am new to Tomcat and Xindice. I have successfully configured and built xindice (as per the documentation). Now when I try to visit the following link:
http://localhost:8080/xindice I get the following error message: ____________ exception javax.servlet.ServletException: Servlet.init() for servlet xindice threw exception org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:102) org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:286) org.apache.coyote.http11.Http11Processor.process(Http11Processor.java:845) org.apache.coyote.http11.Http11Protocol$Http11ConnectionHandler.process(Http11Protocol.java:583) org.apache.tomcat.util.net.JIoEndpoint$Worker.run(JIoEndpoint.java:447) java.lang.Thread.run(Thread.java:636) root cause org.apache.xindice.util.ConfigurationException: Failed to load configuration. org.apache.xindice.server.XindiceServlet.loadConfiguration(XindiceServlet.java:267) org.apache.xindice.server.XindiceServlet.init(XindiceServlet.java:105) sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:57) sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43) java.lang.reflect.Method.invoke(Method.java:616) org.apache.catalina.security.SecurityUtil$1.run(SecurityUtil.java:244) java.security.AccessController.doPrivileged(Native Method) javax.security.auth.Subject.doAsPrivileged(Subject.java:537) org.apache.catalina.security.SecurityUtil.execute(SecurityUtil.java:276) org.apache.catalina.security.SecurityUtil.doAsPrivilege(SecurityUtil.java:162) org.apache.catalina.security.SecurityUtil.doAsPrivilege(SecurityUtil.java:115) org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:102) org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:286) org.apache.coyote.http11.Http11Processor.process(Http11Processor.java:845) org.apache.coyote.http11.Http11Protocol$Http11ConnectionHandler.process(Http11Protocol.java:583) org.apache.tomcat.util.net.JIoEndpoint$Worker.run(JIoEndpoint.java:447) java.lang.Thread.run(Thread.java:636) root cause java.security.AccessControlException: access denied (java.util.PropertyPermission xindice.configuration read) java.security.AccessControlContext.checkPermission(AccessControlContext.java:342) java.security.AccessController.checkPermission(AccessController.java:553) java.lang.SecurityManager.checkPermission(SecurityManager.java:549) java.lang.SecurityManager.checkPropertyAccess(SecurityManager.java:1302) java.lang.System.getProperty(System.java:669) org.apache.xindice.server.XindiceServlet.loadConfiguration(XindiceServlet.java:232) org.apache.xindice.server.XindiceServlet.init(XindiceServlet.java:105) sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:57) sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43) java.lang.reflect.Method.invoke(Method.java:616) org.apache.catalina.security.SecurityUtil$1.run(SecurityUtil.java:244) java.security.AccessController.doPrivileged(Native Method) javax.security.auth.Subject.doAsPrivileged(Subject.java:537) org.apache.catalina.security.SecurityUtil.execute(SecurityUtil.java:276) org.apache.catalina.security.SecurityUtil.doAsPrivilege(SecurityUtil.java:162) org.apache.catalina.security.SecurityUtil.doAsPrivilege(SecurityUtil.java:115) org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:102) org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:286) org.apache.coyote.http11.Http11Processor.process(Http11Processor.java:845) org.apache.coyote.http11.Http11Protocol$Http11ConnectionHandler.process(Http11Protocol.java:583) org.apache.tomcat.util.net.JIoEndpoint$Worker.run(JIoEndpoint.java:447) java.lang.Thread.run(Thread.java:636) ____________ I have followed the instruction listed out on xindice installation howto page. The one thing that is not clear is where should the <context>..</context> info of xindice.xml be appended to in the server.xml file? I added it as a child under the <host> tag and later moved it as a sibling to <host> tag. Both instances didn't make a difference. Since, I am new to Java as well as Tomcat, I am unable to narrow down on the security settings of Tomcat. I even checked my tomcat6 startup script and there is no mention of starting the service with security ON. Can someone help me out on how to configure and run xindice with tomcat? Thanks in advance. |
|
|
Re: Tomcat permissions issue when trying to load xindice configuration
by Natalia Shilenkova
::
Rate this Message:
What are the versions of Xindice and Tomcat that you tried?
Natalia On Tue, Jun 2, 2009 at 1:49 PM, prasub <webplumbr@...> wrote: > > I am new to Tomcat and Xindice. I have successfully configured and built > xindice (as per the documentation). Now when I try to visit the following > link: > > http://localhost:8080/xindice > > I get the following error message: > ____________ > > exception > > javax.servlet.ServletException: Servlet.init() for servlet xindice threw > exception > > org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:102) > org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:286) > org.apache.coyote.http11.Http11Processor.process(Http11Processor.java:845) > > org.apache.coyote.http11.Http11Protocol$Http11ConnectionHandler.process(Http11Protocol.java:583) > org.apache.tomcat.util.net.JIoEndpoint$Worker.run(JIoEndpoint.java:447) > java.lang.Thread.run(Thread.java:636) > > root cause > > org.apache.xindice.util.ConfigurationException: Failed to load > configuration. > > org.apache.xindice.server.XindiceServlet.loadConfiguration(XindiceServlet.java:267) > org.apache.xindice.server.XindiceServlet.init(XindiceServlet.java:105) > sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) > > sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:57) > > sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43) > java.lang.reflect.Method.invoke(Method.java:616) > org.apache.catalina.security.SecurityUtil$1.run(SecurityUtil.java:244) > java.security.AccessController.doPrivileged(Native Method) > javax.security.auth.Subject.doAsPrivileged(Subject.java:537) > org.apache.catalina.security.SecurityUtil.execute(SecurityUtil.java:276) > > org.apache.catalina.security.SecurityUtil.doAsPrivilege(SecurityUtil.java:162) > > org.apache.catalina.security.SecurityUtil.doAsPrivilege(SecurityUtil.java:115) > > org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:102) > org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:286) > org.apache.coyote.http11.Http11Processor.process(Http11Processor.java:845) > > org.apache.coyote.http11.Http11Protocol$Http11ConnectionHandler.process(Http11Protocol.java:583) > org.apache.tomcat.util.net.JIoEndpoint$Worker.run(JIoEndpoint.java:447) > java.lang.Thread.run(Thread.java:636) > > root cause > > java.security.AccessControlException: access denied > (java.util.PropertyPermission xindice.configuration read) > > java.security.AccessControlContext.checkPermission(AccessControlContext.java:342) > java.security.AccessController.checkPermission(AccessController.java:553) > java.lang.SecurityManager.checkPermission(SecurityManager.java:549) > java.lang.SecurityManager.checkPropertyAccess(SecurityManager.java:1302) > java.lang.System.getProperty(System.java:669) > > org.apache.xindice.server.XindiceServlet.loadConfiguration(XindiceServlet.java:232) > org.apache.xindice.server.XindiceServlet.init(XindiceServlet.java:105) > sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) > > sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:57) > > sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43) > java.lang.reflect.Method.invoke(Method.java:616) > org.apache.catalina.security.SecurityUtil$1.run(SecurityUtil.java:244) > java.security.AccessController.doPrivileged(Native Method) > javax.security.auth.Subject.doAsPrivileged(Subject.java:537) > org.apache.catalina.security.SecurityUtil.execute(SecurityUtil.java:276) > > org.apache.catalina.security.SecurityUtil.doAsPrivilege(SecurityUtil.java:162) > > org.apache.catalina.security.SecurityUtil.doAsPrivilege(SecurityUtil.java:115) > > org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:102) > org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:286) > org.apache.coyote.http11.Http11Processor.process(Http11Processor.java:845) > > org.apache.coyote.http11.Http11Protocol$Http11ConnectionHandler.process(Http11Protocol.java:583) > org.apache.tomcat.util.net.JIoEndpoint$Worker.run(JIoEndpoint.java:447) > java.lang.Thread.run(Thread.java:636) > > ____________ > > I have followed the instruction listed out on xindice installation howto > page. The one thing that is not clear is where should the > <context>..</context> info of xindice.xml be appended to in the server.xml > file? I added it as a child under the <host> tag and later moved it as a > sibling to <host> tag. Both instances didn't make a difference. > > Since, I am new to Java as well as Tomcat, I am unable to narrow down on the > security settings of Tomcat. I even checked my tomcat6 startup script and > there is no mention of starting the service with security ON. > > Can someone help me out on how to configure and run xindice with tomcat? > > Thanks in advance. > -- > View this message in context: http://www.nabble.com/Tomcat-permissions-issue-when-trying-to-load-xindice-configuration-tp23837520p23837520.html > Sent from the Xindice - Users mailing list archive at Nabble.com. > > |
|
|
Re: Tomcat permissions issue when trying to load xindice configuration
by prasub
::
Rate this Message:
Natalia,
Thanks for getting back. > >What are the versions of Xindice and Tomcat that you tried? > I am using Xindice 1.1 and Tomcat 6. |
|
|
Re: Tomcat permissions issue when trying to load xindice configuration
by Natalia Shilenkova
::
Rate this Message:
On Wed, Jun 3, 2009 at 1:43 PM, prasub <webplumbr@...> wrote:
> > Natalia, > > Thanks for getting back. > >> >>What are the versions of Xindice and Tomcat that you tried? >> > > I am using Xindice 1.1 and Tomcat 6. Interesting. I just tried to run Xindice 1.1 under Tomcat 6.0.18 and it did not have problems with permissions. For some reason the version of Tomcat that you have starts with security manager... Do you know the exact version of Tomcat installed? How do you start it? Also, can you please tell me what OS you use? Regards, Natalia |
|
|
Re: Tomcat permissions issue when trying to load xindice configuration
by prasub
::
Rate this Message:
>
>For some reason the version of Tomcat that you have starts with security manager... Do you know the exact version of Tomcat installed? How do you start it? Also, can you please tell me what OS you use? > __________ OS: Linux Mint 6 (Felicia) - I suppose, it is built on Ubuntu 8.10 Tomcat version: Tomcat 6.0.18-ubuntu3.1 (from package manager) __________ I usually issue the following command to restart the Tomcat Webserver. mymachine@localhost /etc/init.d $ sudo ./tomcat6 restart A grep on my tomcat6 for the security word yielded the following result: _____________ mylogin@mymachine /etc/init.d $ more tomcat6 | grep -i security # Use the Java security manager? (yes/no) TOMCAT6_SECURITY=yes if [ "$TOMCAT6_SECURITY" = "yes" ]; then JAVA_OPTS="$JAVA_OPTS -Djava.security.manager -Djava.security.policy=$POLICY_CACHE" _____________ I guess, I should be turning off security with the option "no". But then, is this the best way or do you recommend a better approach to let xindice run with proper permissions? If you suggest an alternative approach, can you please list out the steps to enable permissions for xindice. I think, it will be very useful to me as well as for someone else. In fact there is an earlier discussion in this forum (i think so) that touches the same issue. Except that, it didn't end up with how exactly the person (who had a similar issue with some earlier version of Tomcat) cleaned up/disabled the "security" word in his Tomcat startup script. Thanks for your time. |
|
|
Re: Tomcat permissions issue when trying to load xindice configuration
by Natalia Shilenkova
::
Rate this Message:
On Jun 3, 2009, at 11:09 PM, prasub wrote: > __________ > OS: Linux Mint 6 (Felicia) - I suppose, it is built on Ubuntu 8.10 > Tomcat version: Tomcat 6.0.18-ubuntu3.1 (from package manager) > __________ > > I usually issue the following command to restart the Tomcat Webserver. > > mymachine@localhost /etc/init.d $ sudo ./tomcat6 restart > > A grep on my tomcat6 for the security word yielded the following > result: > _____________ > mylogin@mymachine /etc/init.d $ more tomcat6 | grep -i security > # Use the Java security manager? (yes/no) > TOMCAT6_SECURITY=yes > if [ "$TOMCAT6_SECURITY" = "yes" ]; then > JAVA_OPTS="$JAVA_OPTS -Djava.security.manager > -Djava.security.policy=$POLICY_CACHE" > _____________ > > I guess, I should be turning off security with the option "no". But > then, is > this the best way or do you recommend a better approach to let > xindice run > with proper permissions? If you suggest an alternative approach, can > you > please list out the steps to enable permissions for xindice. I > think, it > will be very useful to me as well as for someone else. > > In fact there is an earlier discussion in this forum (i think so) that > touches the same issue. Except that, it didn't end up with how > exactly the > person (who had a similar issue with some earlier version of Tomcat) > cleaned > up/disabled the "security" word in his Tomcat startup script. > That's what I think your options are: 1. Run Xindice under Jetty. Jetty is a servlet container that's included with Xindice distribution and can be started with "xindiced start" command. 2. Turn off Tomcat's security manager. That option has security implications, however, and would affect other applications deployed under Tomcat. 3. Add new section to the security policy file to grant all permissions to Xindice: grant codeBase "file:${catalina.home}/webapps/xindice/-" { permission java.security.AllPermission; }; 4. Add new section to the security policy file that grants only the permissions that are required to run Xindice. This is the part of it: grant codeBase "file:${catalina.home}/webapps/xindice/-" { permission java.util.PropertyPermission "xindice.home", "read"; permission java.util.PropertyPermission "xindice.db.home", "read"; permission java.util.PropertyPermission "xindice.configuration", "read"; permission java.util.PropertyPermission "org.xmldb.common.xml.queries.XPathQueryFactory", "write"; permission java.lang.RuntimePermission "shutdownHooks"; permission java.lang.RuntimePermission "getClassLoader"; permission java.lang.RuntimePermission "setContextClassLoader"; permission java.io.FilePermission "<<ALL FILES>>", "read,write,delete"; }; This is not finished (was taking a bit longer than I thought :)), and "<<ALL FILES>>" token has to be replaced with database location... But you can get the picture. The best approach, as always, depends on circumstances. Regards, Natalia |
| Free embeddable forum powered by Nabble | Forum Help |
