RMI Server refuses to start: java.security.AccessControlException: access denied ("java.net.SocketPermission" "127.0.0.1:1099" "connect,resolve") -

-

ok, tried google , tried million different things, none of helped.

currently launching server following command:

java -djava.security.policy=rmi_generated.policy -djava.security.debug=access,failure mainlauncher aiserver.aiserver

mainlauncher loads bin/ , lib/ class path + invokes aiserver.aiserver.main, shouldn't affect relevant this.

here's part launches actual server:

policyfilegenerator.generate(); if (system.getsecuritymanager() == null)         system.setsecuritymanager ( new rmisecuritymanager() ); try {     naming.bind("aiservice",server); } catch (malformedurlexception | remoteexception         | alreadyboundexception ex) {         throw new runtimeexception("failed binding server",ex); }

and here's exception get:

exception in thread "main" java.lang.reflect.invocationtargetexception     @ sun.reflect.nativemethodaccessorimpl.invoke0(native method)     @ sun.reflect.nativemethodaccessorimpl.invoke(nativemethodaccessorimpl.java:62)     @ sun.reflect.delegatingmethodaccessorimpl.invoke(delegatingmethodaccessorimpl.java:43)     @ java.lang.reflect.method.invoke(method.java:483)     @ lib.classpathhack.launch(classpathhack.java:62)     @ mainlauncher.main(mainlauncher.java:7) caused by: java.security.accesscontrolexception: access denied ("java.net.socketpermission" "127.0.0.1:1099" "connect,resolve")     @ java.security.accesscontrolcontext.checkpermission(accesscontrolcontext.java:457)     @ java.security.accesscontroller.checkpermission(accesscontroller.java:884)     @ java.lang.securitymanager.checkpermission(securitymanager.java:549)     @ java.lang.securitymanager.checkconnect(securitymanager.java:1051)     @ java.net.socket.connect(socket.java:584)     @ java.net.socket.connect(socket.java:538)     @ java.net.socket.<init>(socket.java:434)     @ java.net.socket.<init>(socket.java:211)     @ sun.rmi.transport.proxy.rmidirectsocketfactory.createsocket(rmidirectsocketfactory.java:40)     @ sun.rmi.transport.proxy.rmimastersocketfactory.createsocket(rmimastersocketfactory.java:148)     @ sun.rmi.transport.tcp.tcpendpoint.newsocket(tcpendpoint.java:613)     @ sun.rmi.transport.tcp.tcpchannel.createconnection(tcpchannel.java:216)     @ sun.rmi.transport.tcp.tcpchannel.newconnection(tcpchannel.java:202)     @ sun.rmi.server.unicastref.newcall(unicastref.java:342)     @ sun.rmi.registry.registryimpl_stub.bind(unknown source)     @ java.rmi.naming.bind(naming.java:128)     @ com.kt.commons.services.rmiserverhelper.register(rmiserverhelper.java:86)     @ aiserver.aiserver.main(aiserver.java:13)

here current contents of generated rmi policy file. generated ./rmi_generated.policy.

grant codebase "file:/home/jp/projects/aiservice/bin" {     permission java.security.allpermission;     permission java.net.socketpermission "localhost:1099", "connect, resolve";     permission java.net.socketpermission "127.0.0.1:1099", "connect, resolve";     permission java.net.socketpermission "localhost:80", "connect, resolve";  };

and here's jvm vomits when give -djava.security.debug=access,failure flag.

jp@jp-thinkpad-edge-e530 ~/projects/aiservice $ java -djava.security.policy=rmi_generated.policy -djava.security.debug=access,failure mainlauncher aiserver.aiserver rmi_generated.policy /home/jp/projects/aiservice access: access allowed ("java.io.filepermission" "/home/jp/projects/aiservice/lib/ktcommons.jar" "read") access: access denied ("java.net.socketpermission" "jp-thinkpad-edge-e530" "resolve") java.lang.exception: stack trace     @ java.lang.thread.dumpstack(thread.java:1329)     @ java.security.accesscontrolcontext.checkpermission(accesscontrolcontext.java:447)     @ java.security.accesscontroller.checkpermission(accesscontroller.java:884)     @ java.lang.securitymanager.checkpermission(securitymanager.java:549)     @ java.lang.securitymanager.checkconnect(securitymanager.java:1048)     @ java.net.inetaddress.getlocalhost(inetaddress.java:1456)     @ java.rmi.registry.locateregistry.getregistry(locateregistry.java:158)     @ java.rmi.registry.locateregistry.getregistry(locateregistry.java:123)     @ java.rmi.naming.getregistry(naming.java:221)     @ java.rmi.naming.bind(naming.java:123)     @ com.kt.commons.services.rmiserverhelper.register(rmiserverhelper.java:86)     @ aiserver.aiserver.main(aiserver.java:13)     @ sun.reflect.nativemethodaccessorimpl.invoke0(native method)     @ sun.reflect.nativemethodaccessorimpl.invoke(nativemethodaccessorimpl.java:62)     @ sun.reflect.delegatingmethodaccessorimpl.invoke(delegatingmethodaccessorimpl.java:43)     @ java.lang.reflect.method.invoke(method.java:483)     @ lib.classpathhack.launch(classpathhack.java:62)     @ mainlauncher.main(mainlauncher.java:7) access: access allowed ("java.security.securitypermission" "getpolicy") access: access allowed ("java.io.filepermission" "/home/jp/projects/aiservice/lib/ktcommons.jar" "read") access: domain failed protectiondomain  (file:/home/jp/projects/aiservice/lib/ktcommons.jar <no signer certificates>)  sun.misc.launcher$appclassloader@73d16e93  <no principals>  java.security.permissions@73035e27 (  ("java.lang.runtimepermission" "exitvm")  ("java.lang.runtimepermission" "stopthread")  ("java.net.socketpermission" "localhost:0" "listen,resolve")  ("java.io.filepermission" "/home/jp/projects/aiservice/lib/ktcommons.jar" "read")  ("java.util.propertypermission" "java.specification.version" "read")  ("java.util.propertypermission" "java.version" "read")  ("java.util.propertypermission" "os.arch" "read")  ("java.util.propertypermission" "java.specification.vendor" "read")  ("java.util.propertypermission" "java.vm.specification.name" "read")  ("java.util.propertypermission" "java.vm.vendor" "read")  ("java.util.propertypermission" "path.separator" "read")  ("java.util.propertypermission" "os.version" "read")  ("java.util.propertypermission" "file.separator" "read")  ("java.util.propertypermission" "line.separator" "read")  ("java.util.propertypermission" "java.vm.specification.vendor" "read")  ("java.util.propertypermission" "java.specification.name" "read")  ("java.util.propertypermission" "java.vendor.url" "read")  ("java.util.propertypermission" "java.vendor" "read")  ("java.util.propertypermission" "java.vm.version" "read")  ("java.util.propertypermission" "java.vm.name" "read")  ("java.util.propertypermission" "java.vm.specification.version" "read")  ("java.util.propertypermission" "os.name" "read")  ("java.util.propertypermission" "java.class.version" "read") )   access: access allowed ("java.util.propertypermission" "java.rmi.server.hostname" "read") access: access allowed ("java.util.propertypermission" "sun.rmi.transport.connectiontimeout" "read") access: access allowed ("java.util.propertypermission" "sun.rmi.transport.tcp.handshaketimeout" "read") access: access allowed ("java.util.propertypermission" "sun.rmi.transport.tcp.responsetimeout" "read") access: access allowed ("java.lang.runtimepermission" "sun.rmi.runtime.runtimeutil.getinstance") access: access allowed ("java.util.propertypermission" "jdk.net.ephemeralportrange.low" "read") access: access allowed ("java.lang.runtimepermission" "loadlibrary.net") access: access allowed ("java.io.filepermission" "/usr/lib/jvm/java-8-oracle/jre/lib/amd64/libnet.so" "read") access: access allowed ("java.util.propertypermission" "os.name" "read") access: access allowed ("java.util.propertypermission" "jdk.net.ephemeralportrange.high" "read") access: access denied ("java.net.socketpermission" "127.0.0.1:1099" "connect,resolve") java.lang.exception: stack trace     @ java.lang.thread.dumpstack(thread.java:1329)     @ java.security.accesscontrolcontext.checkpermission(accesscontrolcontext.java:447)     @ java.security.accesscontroller.checkpermission(accesscontroller.java:884)     @ java.lang.securitymanager.checkpermission(securitymanager.java:549)     @ java.lang.securitymanager.checkconnect(securitymanager.java:1051)     @ java.net.socket.connect(socket.java:584)     @ java.net.socket.connect(socket.java:538)     @ java.net.socket.<init>(socket.java:434)     @ java.net.socket.<init>(socket.java:211)     @ sun.rmi.transport.proxy.rmidirectsocketfactory.createsocket(rmidirectsocketfactory.java:40)     @ sun.rmi.transport.proxy.rmimastersocketfactory.createsocket(rmimastersocketfactory.java:148)     @ sun.rmi.transport.tcp.tcpendpoint.newsocket(tcpendpoint.java:613)     @ sun.rmi.transport.tcp.tcpchannel.createconnection(tcpchannel.java:216)     @ sun.rmi.transport.tcp.tcpchannel.newconnection(tcpchannel.java:202)     @ sun.rmi.server.unicastref.newcall(unicastref.java:342)     @ sun.rmi.registry.registryimpl_stub.bind(unknown source)     @ java.rmi.naming.bind(naming.java:128)     @ com.kt.commons.services.rmiserverhelper.register(rmiserverhelper.java:86)     @ aiserver.aiserver.main(aiserver.java:13)     @ sun.reflect.nativemethodaccessorimpl.invoke0(native method)     @ sun.reflect.nativemethodaccessorimpl.invoke(nativemethodaccessorimpl.java:62)     @ sun.reflect.delegatingmethodaccessorimpl.invoke(delegatingmethodaccessorimpl.java:43)     @ java.lang.reflect.method.invoke(method.java:483)     @ lib.classpathhack.launch(classpathhack.java:62)     @ mainlauncher.main(mainlauncher.java:7) access: access allowed ("java.security.securitypermission" "getpolicy") access: access allowed ("java.io.filepermission" "/home/jp/projects/aiservice/lib/ktcommons.jar" "read") access: domain failed protectiondomain  (file:/home/jp/projects/aiservice/lib/ktcommons.jar <no signer certificates>)  sun.misc.launcher$appclassloader@73d16e93  <no principals>  java.security.permissions@483bf400 (  ("java.lang.runtimepermission" "exitvm")  ("java.lang.runtimepermission" "stopthread")  ("java.net.socketpermission" "localhost:0" "listen,resolve")  ("java.io.filepermission" "/home/jp/projects/aiservice/lib/ktcommons.jar" "read")  ("java.util.propertypermission" "java.specification.version" "read")  ("java.util.propertypermission" "java.version" "read")  ("java.util.propertypermission" "os.arch" "read")  ("java.util.propertypermission" "java.specification.vendor" "read")  ("java.util.propertypermission" "java.vm.specification.name" "read")  ("java.util.propertypermission" "java.vm.vendor" "read")  ("java.util.propertypermission" "path.separator" "read")  ("java.util.propertypermission" "os.version" "read")  ("java.util.propertypermission" "file.separator" "read")  ("java.util.propertypermission" "line.separator" "read")  ("java.util.propertypermission" "java.vm.specification.vendor" "read")  ("java.util.propertypermission" "java.specification.name" "read")  ("java.util.propertypermission" "java.vendor.url" "read")  ("java.util.propertypermission" "java.vendor" "read")  ("java.util.propertypermission" "java.vm.version" "read")  ("java.util.propertypermission" "java.vm.name" "read")  ("java.util.propertypermission" "java.vm.specification.version" "read")  ("java.util.propertypermission" "os.name" "read")  ("java.util.propertypermission" "java.class.version" "read") )   exception in thread "main" java.lang.reflect.invocationtargetexception     @ sun.reflect.nativemethodaccessorimpl.invoke0(native method)     @ sun.reflect.nativemethodaccessorimpl.invoke(nativemethodaccessorimpl.java:62)     @ sun.reflect.delegatingmethodaccessorimpl.invoke(delegatingmethodaccessorimpl.java:43)     @ java.lang.reflect.method.invoke(method.java:483)     @ lib.classpathhack.launch(classpathhack.java:62)     @ mainlauncher.main(mainlauncher.java:7) caused by: java.security.accesscontrolexception: access denied ("java.net.socketpermission" "127.0.0.1:1099" "connect,resolve")     @ java.security.accesscontrolcontext.checkpermission(accesscontrolcontext.java:457)     @ java.security.accesscontroller.checkpermission(accesscontroller.java:884)     @ java.lang.securitymanager.checkpermission(securitymanager.java:549)     @ java.lang.securitymanager.checkconnect(securitymanager.java:1051)     @ java.net.socket.connect(socket.java:584)     @ java.net.socket.connect(socket.java:538)     @ java.net.socket.<init>(socket.java:434)     @ java.net.socket.<init>(socket.java:211)     @ sun.rmi.transport.proxy.rmidirectsocketfactory.createsocket(rmidirectsocketfactory.java:40)     @ sun.rmi.transport.proxy.rmimastersocketfactory.createsocket(rmimastersocketfactory.java:148)     @ sun.rmi.transport.tcp.tcpendpoint.newsocket(tcpendpoint.java:613)     @ sun.rmi.transport.tcp.tcpchannel.createconnection(tcpchannel.java:216)     @ sun.rmi.transport.tcp.tcpchannel.newconnection(tcpchannel.java:202)     @ sun.rmi.server.unicastref.newcall(unicastref.java:342)     @ sun.rmi.registry.registryimpl_stub.bind(unknown source)     @ java.rmi.naming.bind(naming.java:128)     @ com.kt.commons.services.rmiserverhelper.register(rmiserverhelper.java:86)     @ aiserver.aiserver.main(aiserver.java:13)     ... 6 more

based on googled, cause jvm not find .policy file, not seem case different error messages if insert syntax errors policy file.

another common cause seems having incorrect codebase path in policy file. rule out i've tried following ones:

  • file:/home/jp/projects/aiservice/
  • file:/home/jp/projects/aiservice/
  • file:/home/jp/projects/aiservice/*
  • file:/home/jp/projects/aiservice/bin
  • file:/home/jp/projects/aiservice/bin/
  • file:/home/jp/projects/aiservice/bin/*
  • file:/home/jp/projects/aiservice/src
  • file:/home/jp/projects/aiservice/src/
  • file:/home/jp/projects/aiservice/src/*

none of helped.

and yes, have rmiregistry running.

i have tried doing sudo.

fwiw java version i'm running is:

java version "1.8.0_25" java(tm) se runtime environment (build 1.8.0_25-b17) java hotspot(tm) 64-bit server vm (build 25.25-b02, mixed mode)

on linux mint 17.1

turns out needed grant permissions few different codebases work.

grant codebase "file:/home/jp/projects/aiservice/bin" {...

grant codebase "file:/home/jp/projects/aiservice/" {...

grant codebase "file:/home/jp/projects/aiservice/lib/ktcommons.jar" {...

it's still not working, hey, @ least different exception now!


Comments

Post a Comment

Popular posts from this blog

How has firefox/gecko HTML+CSS rendering changed in version 38? -

-
i have a little website header no longer renders correctly, since updating firefox 38.0.5 [the faceplant logo missing top right, , main logo no longer centred]. still renders expected in other browsers. how has engine's rendering changed in update? according mdn , list of changes is: css support ruby-position , ruby-align have been added , available default ( bug 1055676 , bug 1123917 , bug 1039006 ). the :unresolved pseudo-class has been implemented custom elements ( bug 1111633 ). the predefined style ethiopic-numeric uses space, instead of dot, suffix match recent change spec ( bug 1120721 ). css transitions on generated content (with ::before , ::after ) on both inline , block splits them start expected specification ( bug 1110277 ). the implementation of css logical properties made big progress. [...] how css transitions start has been modified match recent change of specifications, aiming @ having interoperable behavio...
Read more

android - CollapsingToolbarLayout: position the ExpandedText programmatically -

-
i using new android support design view collapsingtoolbarlayout. have need position expandedtitle programmatically. actually way set position expandedtitle in .xml file (example here: https://goo.gl/l5h5fc ) there no public api set text position programmatically , fields private . do know if it's possible without reflection or 'hacky' tricks? i have solved problem exposing properties via reflection ( https://gist.github.com/fpezzato/8e7d45112883dbbc5ffb ), works don't use trick in production code. @google: please no more private or final stuff! :)
Read more

Listeners to visualise results of load test in JMeter -

-
i want run load test in non-gui mode , save results in .csv file. (i have not modified .properties files, standard information saved) i plan load file , visualise results jmeter’s listeners. which listeners suited purpose? should avoid @ cost, might cause me misinterpret information? (e.g. in view results tree response data empty have - - not saved this. however, there has in fact been response. if saw listener might think there hasn’t been one. since want avoid this, listeners have gain information needed .csv file.) i’d know both jmeter listeners plugins. if running test in non-ui mode ideally should disable listeners in script. use '-l' option store test results .jtl extension. can later open jtl file jmeter. aggregate report or summary report should summarize test results , response time , throughput. if want plot graphs see trends on test duration can use http://jmeter-plugins.org/#/ standard , lib set. i suggest following listeners: response ...
Read more