file /web/soft/was61/bnym1/profiles/node3/logs/ffdc/st0rsamf61rs81_0000003a_12.05.08_16.55.14_0.txt
[5/8/12 16:55:14:961 EDT] 0000003a SecurityManag W SECJ0314W: Current Java 2 Security policy reported a potential violation of Java 2 Security Permission. Please refer to InfoCenter for further information.
Permission:
/web/sites/st0/rsamf61/deployed/st0rsamf61.ear/AdaptiveAuthentication.war/WEB-INF/classes/configs/d-config-datasource.xml : Access denied (java.io.FilePermission /web/sites/st0/rsamf61/deployed/st0rsamf61.ear/AdaptiveAuthentication.war/WEB-INF/classes/configs/d-config-datasource.xml read)
Code:
com.rsa.csd.ws.axis2.LogHandler in {file:/web/sites/st0/rsamf61/data/jspwork/rs81Node/st0rsamf61rs81/st0rsamf61/AdaptiveAuthentication.war/_axis2/axis22379958949721437791rsa-logging-module-1.1.0.mar}
Stack Trace:
java.security.AccessControlException: Access denied (java.io.FilePermission /web/sites/st0/rsamf61/deployed/st0rsamf61.ear/AdaptiveAuthentication.war/WEB-INF/classes/configs/d-config-datasource.xml read)
at java.security.AccessController.checkPermission(AccessController.java:103)
at java.lang.SecurityManager.checkPermission(SecurityManager.java:558)
at com.ibm.ws.security.core.SecurityManager.checkPermission(SecurityManager.java:214)
at com.ibm.ws.classloader.SinglePathClassProvider.check(SinglePathClassProvider.java:571)
at com.ibm.ws.classloader.SinglePathClassProvider.checkURL(SinglePathClassProvider.java:558)
at com.ibm.ws.classloader.SinglePathClassProvider.getResource(SinglePathClassProvider.java:550)
at com.ibm.ws.classloader.SinglePathClassProvider.getResourceAsStream(SinglePathClassProvider.java:585)
The enviroment for the customer was:
AIX 5.3, Web Sphere 6.1 .0.0.39.
You need to add this to the was.ploicy also you need to copy the .mar files to AdaptiveAuthenticaion/WEB_INF/lib.
grant codeBase "file:${webComponent}"{
permission java.lang.RuntimePermission "modifyThread";
permission java.lang.RuntimePermission "modifyThreadGroup";
permission java.lang.RuntimePermission "getProtectionDomain";
permission java.lang.RuntimePermission "getClassLoader";
permission java.lang.RuntimePermission "createClassLoader";
permission java.lang.RuntimePermission "shutdownHooks";
permission com.ibm.oti.shared.SharedClassPermission "*", "read, write";
permission java.util.PropertyPermission "*", "write";
permission java.io.FilePermission "/web/soft/was61/-", "read";
permission java.io.FilePermission "/web/sites/st0/rsamf61/-","read, delete";
permission java.lang.RuntimePermission "setContextClassLoader";
permission java.io.FilePermission "/web/sites/st0/rsamf61/-","read, delete";
permission java.io.FilePermission "/AAOP/rsa/configs", "read, write, delete";
permission java.io.FilePermission "/AAOP/rsa/logs/-", "read, write, delete";
permission java.io.FilePermission "/AAOP/rsa/logs";
permission java.io.FilePermission "/AAOP/usr/IBM/java/jre/lib/-", "read";
permission java.io.FilePermission "/AAOP/usr/IBM/lib/-", "read";
permission com.ibm.websphere.security.WebSphereRuntimePermission "accessRuntimeClasses";
permission java.io.FilePermission "/AAOP/usr/IBM/profiles/AppSrv01/temp/psoqa97Node02/server1/AdaptiveAuthentication/AdaptiveAuthentication.war/axis2-web/-", "read";
permission java.io.FilePermission "/web/sites/st0/rsamf61/deployed/st0rsamf61.ear/AdaptiveAuthentication.war/_axis2*","read, write";
permission java.io.FilePermission "/web/sites/st0/rsamf61/deployed/st0rsamf61.ear/AdaptiveAuthentication.war/WEB-INF/lib/cryptoj-4.1.jar", "read, write, delete";
permission java.io.FilePermission "/web/sites/st0/rsamf61/deployed/st0rsamf61.ear/AdaptiveAuthentication.war/WEB-INF/lib/-", "read, write, delete";
permission java.security.SecurityPermission "getProperty.com.rsa.cryptoj.jsafe.fips140initialmode";
permission java.io.FilePermission "/web/sites/st0/rsamf61/deployed/st0rsamf61.ear/AdaptiveAuthentication.war/WEB-INF/classes/configs/d-config-datasource.xml", "read";
permission java.io.FilePermission "/web/sites/st0/rsamf61/deployed/st0rsamf61.ear/AdaptiveAuthentication.war/WEB-INF/classes/configs/-","read";
permission java.lang.RuntimePermission "accessClassInPackage.sun.beans.editors";
permission java.lang.RuntimePermission "accessDeclaredMembers";
permission java.io.FilePermission "/AAOP/usr/IBM/profiles/AppSrv01/temp/psoqa97Node02/server1/AdaptiveAuthentication/AdaptiveAuthentication.war/axis2-web/-", "read, write, delete";
permission java.io.FilePermission "/AAOP/usr/IBM/profiles/AppSrv01/temp/psoqa97Node02/server1/AdaptiveAuthentication/AdaptiveAuthentication.war${/}","read";
permission java.io.FilePermission "/AAOP/usr/IBM/profiles/AppSrv01/temp/psoqa97Node02/server1/bnym/AdaptiveAuthentication.war/_axis2","read,write,delete";
permission java.lang.reflect.ReflectPermission "suppressAccessChecks";
permission java.io.FilePermission "/AAOP/usr/IBM/properties/version/update/backup","read";
permission java.io.FilePermission "/AAOP/rsa/configs/c-applicationContext.xml","read";
permission java.io.FilePermission "/AAOP/usr/IBM/profiles/AppSrv01/temp/psoqa97Node02/server1/bnym/AdaptiveAuthentication.war/_axis2/-", "read,write,delete";
permission java.io.FilePermission "/AAOP/usr/IBM/profiles/AppSrv01/properties", "read";
permission java.io.FilePermission "/AAOP/rsa/geoip/database", "read";
permission java.io.FilePermission "/AAOP/usr/IBM","read";
permission java.io.FilePermission "/AAOP/usr/IBM/-","read";
permission java.io.FilePermission "/AAOP/usr/IBM/properties", "read";
permission java.io.FilePermission "/AAOP/rsa/configs/-","read";
permission java.io.FilePermission "/AAOP/rsa/configs/addPayee.st","read";
permission java.io.FilePermission "/AAOP/rsa/geoip/-","read";
permission java.io.FilePermission "/AAOP/rsa/geoip/staging","read";
permission java.io.FilePermission "/AAOP/rsa/geoip/archive","read";
permission java.io.FilePermission "/AAOP/usr/IBM/properties/version", "read";
permission java.io.FilePermission "/.mime.types","read";
permission java.io.FilePermission "/usr/apps/aa/wurfl-data.zip","read";
permission java.security.SecurityPermission "getProperty.com.rsa.cryptoj.jce.fips140initialmode";
permission java.security.SecurityPermission "getProperty.com.rsa.cryptoj.fips140initialmode";
permission java.security.SecurityPermission "getProperty.com.rsa.cryptoj.jsafe.kat.strategy";
permission java.security.SecurityPermission "getProperty.com.rsa.cryptoj.jce.kat.strategy";
permission java.security.SecurityPermission "getProperty.com.rsa.cryptoj.kat.strategy";
permission java.security.SecurityPermission "getProperty.com.rsa.cryptoj.eventhandler";
permission java.security.SecurityPermission "getProperty.com.rsa.cryptoj.integritycheck";
Permission java.security.SecurityPermission "getProperty.com.rsa.cryptoj.kat.fail";
permission java.security.SecurityPermission "getProperty.com.rsa.cryptoj.runtimetest.fail";
permission java.security.SecurityPermission "getProperty.com.rsa.cryptoj.testmode";
permission java.security.SecurityPermission "getProperty.com.rsa.cryptoj.jce.no.verify.jar";
permission java.security.SecurityPermission "getProperty.com.rsa.crypto.default.random";
permission java.security.SecurityPermission "putProviderProperty.JsafeJCE";
permission java.security.SecurityPermission "insertProvider.JsafeJCE";
permission java.io.FilePermission "/WEB-INF/AdaptiveAuthenticationAdmin.wsdl", "read";
permission java.io.FilePermission "/tmp/-","read,write,delete";
permission java.io.FilePermission "/WEB-INF/AdaptiveAuthenticationAdmin.wsdl","read";
permission java.io.FilePermission "/AAOP/usr/IBM/profiles/AppSrv01/installedApps/psoqa97Node01Cell/bnym.ear/AdaptiveAuthentication.war/WEB-INF/lib/-","read";
permission java.io.FilePermission "/AAOP/usr/IBM/profiles/AppSrv01/installedApps/psoqa97Node01Cell/bnym.ear/AdaptiveAuthentication.war/WEB-INF/lib/spring-beans-2.5.6.SEC01.jar","read";
permission java.io.FilePermission "/AAOP/usr/IBM/profiles/AppSrv01/installedApps/psoqa97Node01Cell/bnym.ear/AdaptiveAuthentication.war/WEB-INF/classes/configs/-","read";
permission java.io.FilePermission "/AAOP/usr/IBM/profiles/AppSrv01/installedApps/psoqa97Node01Cell/bnym.ear/AdaptiveAuthentication.war/WEB-INF/classes/configs/d-config-datasource.xml", "read";
permission java.io.FilePermission "/AAOP/usr/IBM/profiles/AppSrv01/installedApps/psoqa97Node01Cell/bnym.ear/AdaptiveAuthentication.war/WEB-INF/lib/spectjweaver-1.6.8.jar","read,write,delete";
permission java.io.FilePermission "/AAOP/usr/IBM/profiles/AppSrv01/installedApps/psoqa97Node01Cell/bnym.ear/AdaptiveAuthentication.war/WEB-INF/classes/configs/-","read";
permission java.io.FilePermission "/AAOP/usr/IBM/profiles/AppSrv01/installedApps/psoqa97Node01Cell/bnym.ear/AdaptiveAuthentication.war/WEB-INF/lib/-", "read";
permission java.io.FilePermission "/AAOP/usr/IBM/profiles/AppSrv01/installedApps/psoqa97Node01Cell/bnym.ear/AdaptiveAuthentication.war/WEB-INF/classes/-", "read";
permission java.lang.RuntimePermission "accessClassInPackage.sun.misc";
};
grant codeBase "file:${jars}" {
permission java.lang.RuntimePermission "modifyThread";
permission java.lang.RuntimePermission "modifyThreadGroup";
permission java.lang.RuntimePermission "getProtectionDomain";
permission java.lang.RuntimePermission "getClassLoader";
permission java.lang.RuntimePermission "createClassLoader";
permission java.lang.RuntimePermission "shutdownHooks";
permission com.ibm.oti.shared.SharedClassPermission "*", "read, write";
permission java.util.PropertyPermission "*", "write";
permission java.io.FilePermission "/web/soft/was61/-", "read";
permission java.io.FilePermission "/web/sites/st0/rsamf61/-","read, delete";
permission java.lang.RuntimePermission "setContextClassLoader";
permission java.io.FilePermission "/web/sites/st0/rsamf61/-","read, delete";
permission java.io.FilePermission "/web/sites/st0/rsamf61/deployed/st0rsamf61.ear/AdaptiveAuthentication.war/_axis2*","read, write";
permission java.io.FilePermission "/web/sites/st0/rsamf61/deployed/st0rsamf61.ear/AdaptiveAuthentication.war/WEB-INF/lib/cryptoj-4.1.jar", "read, write, delete";
permission java.io.FilePermission "/web/sites/st0/rsamf61/deployed/st0rsamf61.ear/AdaptiveAuthentication.war/WEB-INF/lib/-", "read, write, delete";
permission java.security.SecurityPermission "getProperty.com.rsa.cryptoj.jsafe.fips140initialmode";
permission java.io.FilePermission "/web/sites/st0/rsamf61/deployed/st0rsamf61.ear/AdaptiveAuthentication.war/WEB-INF/classes/configs/d-config-datasource.xml", "read";
permission java.io.FilePermission "/web/sites/st0/rsamf61/deployed/st0rsamf61.ear/AdaptiveAuthentication.war/WEB-INF/classes/configs/-","read";
permission java.io.FilePermission "/AAOP/rsa/configs", "read, write, delete";
permission java.io.FilePermission "/AAOP/rsa/logs/-", "read, write, delete";
permission java.io.FilePermission "/AAOP/rsa/logs";
permission java.io.FilePermission "/AAOP/usr/IBM/java/jre/lib/-", "read";
permission java.io.FilePermission "/AAOP/usr/IBM/lib/-", "read";
permission com.ibm.websphere.security.WebSphereRuntimePermission "accessRuntimeClasses";
permission java.io.FilePermission "/AAOP/usr/IBM/profiles/AppSrv01/temp/psoqa97Node02/server1/AdaptiveAuthentication/AdaptiveAuthentication.war/axis2-web", "read";
permission java.lang.RuntimePermission "accessClassInPackage.sun.beans.editors";
permission java.lang.RuntimePermission "accessDeclaredMembers";
permission java.io.FilePermission "/AAOP/usr/IBM/profiles/AppSrv01/temp/psoqa97Node02/server1/AdaptiveAuthentication/AdaptiveAuthentication.war/axis2-web/-", "read, write, delete";
permission java.io.FilePermission "/AAOP/usr/IBM/profiles/AppSrv01/temp/psoqa97Node02/server1/AdaptiveAuthentication/AdaptiveAuthentication.war${/}","read";
permission java.io.FilePermission "/AAOP/usr/IBM/profiles/AppSrv01/temp/psoqa97Node02/server1/bnym/AdaptiveAuthentication.war/_axis2","read,write,delete";
permission java.lang.reflect.ReflectPermission "suppressAccessChecks";
permission java.io.FilePermission "/AAOP/usr/IBM/properties/version/update/backup","read";
permission java.io.FilePermission "/AAOP/rsa/configs/c-applicationContext.xml","read";
permission java.io.FilePermission "/AAOP/usr/IBM/profiles/AppSrv01/temp/psoqa97Node02/server1/bnym/AdaptiveAuthentication.war/_axis2/-", "read,write,delete";
permission java.io.FilePermission "/AAOP/usr/IBM/profiles/AppSrv01/properties", "read";
permission java.io.FilePermission "/AAOP/rsa/geoip/database", "read";
permission java.io.FilePermission "/AAOP/usr/IBM","read";
permission java.io.FilePermission "/AAOP/usr/IBM/-","read";
permission java.io.FilePermission "/AAOP/usr/IBM/properties", "read";
permission java.io.FilePermission "/AAOP/rsa/configs/-","read";
permission java.io.FilePermission "/AAOP/rsa/configs/addPayee.st","read";
permission java.io.FilePermission "/AAOP/rsa/geoip/-","read";
permission java.io.FilePermission "/AAOP/rsa/geoip/staging","read";
permission java.io.FilePermission "/AAOP/rsa/geoip/archive","read";
permission java.io.FilePermission "/AAOP/usr/IBM/properties/version", "read";
permission java.io.FilePermission "/.mime.types","read";
permission java.io.FilePermission "/usr/apps/aa/wurfl-data.zip","read";
permission java.security.SecurityPermission "getProperty.com.rsa.cryptoj.jce.fips140initialmode";
permission java.security.SecurityPermission "getProperty.com.rsa.cryptoj.fips140initialmode";
permission java.security.SecurityPermission "getProperty.com.rsa.cryptoj.jsafe.kat.strategy";
permission java.security.SecurityPermission "getProperty.com.rsa.cryptoj.jce.kat.strategy";
permission java.security.SecurityPermission "getProperty.com.rsa.cryptoj.kat.strategy";
permission java.security.SecurityPermission "getProperty.com.rsa.cryptoj.eventhandler";
permission java.security.SecurityPermission "getProperty.com.rsa.cryptoj.integritycheck";
Permission java.security.SecurityPermission "getProperty.com.rsa.cryptoj.kat.fail";
permission java.security.SecurityPermission "getProperty.com.rsa.cryptoj.testmode";
permission java.security.SecurityPermission "getProperty.com.rsa.cryptoj.jce.no.verify.jar";
permission java.security.SecurityPermission "getProperty.com.rsa.crypto.default.random";
permission java.security.SecurityPermission "putProviderProperty.JsafeJCE";
permission java.security.SecurityPermission "insertProvider.JsafeJCE";
permission java.io.FilePermission "/WEB-INF/AdaptiveAuthenticationAdmin.wsdl", "read";
permission java.io.FilePermission "/tmp/-","read,write,delete";
permission java.io.FilePermission "/WEB-INF/AdaptiveAuthenticationAdmin.wsdl","read";
permission java.io.FilePermission "/AAOP/usr/IBM/profiles/AppSrv01/installedApps/psoqa97Node01Cell/bnym.ear/AdaptiveAuthentication.war/WEB-INF/lib/-","read";
permission java.io.FilePermission "/AAOP/usr/IBM/profiles/AppSrv01/installedApps/psoqa97Node01Cell/bnym.ear/AdaptiveAuthentication.war/WEB-INF/lib/spring-beans-2.5.6.SEC01.jar","read";
permission java.io.FilePermission "/AAOP/usr/IBM/profiles/AppSrv01/installedApps/psoqa97Node01Cell/bnym.ear/AdaptiveAuthentication.war/WEB-INF/classes/configs/-","read";
permission java.io.FilePermission "/AAOP/usr/IBM/profiles/AppSrv01/installedApps/psoqa97Node01Cell/bnym.ear/AdaptiveAuthentication.war/WEB-INF/classes/configs/d-config-datasource.xml", "read";
permission java.io.FilePermission "/AAOP/usr/IBM/profiles/AppSrv01/installedApps/psoqa97Node01Cell/bnym.ear/AdaptiveAuthentication.war/WEB-INF/lib/spectjweaver-1.6.8.jar","read";
permission java.io.FilePermission "/AAOP/usr/IBM/profiles/AppSrv01/installedApps/psoqa97Node01Cell/bnym.ear/AdaptiveAuthentication.war/WEB-INF/classes/configs/-","read";
permission java.io.FilePermission "/AAOP/usr/IBM/profiles/AppSrv01/installedApps/psoqa97Node01Cell/bnym.ear/AdaptiveAuthentication.war/WEB-INF/lib/-", "read";
permission java.io.FilePermission "/AAOP/usr/IBM/profiles/AppSrv01/installedApps/psoqa97Node01Cell/bnym.ear/AdaptiveAuthentication.war/WEB-INF/classes/-", "read";
permission java.lang.RuntimePermission "accessClassInPackage.sun.misc";
};
grant codeBase "file:${application}" { permission java.io.FilePermission "/AAOP/usr/IBM/profiles/AppSrv01/installedApps/psoqa97Node01Cell/bnym.ear/AdaptiveAuthentication.war/WEB-INF/classes/configs/d-config-datasource.xml", "read"; permission java.io.FilePermission "/AAOP/usr/IBM/profiles/AppSrv01/installedApps/psoqa97Node01Cell/bnym.ear/AdaptiveAuthentication.war/WEB-INF/classes/configs/d-config-configService.xml", "read"; };
This step is must as well.
Copy .mar files from AA/WEB-INF/modules to AA/WEB-INF/lib and rename as.jar.
cp /modules/rsa-logging-module-1.1.0.mar -> /lib/rsa-logging-module-1.1.0.jar cp /modules/soapmonitor-1.4.mar -> /lib/soapmonitor-1.4.jar cp /modules/addressing-1.4.mar -> /lib/addressing-1.4.mar
That will load them with the class loader application classes first.
Related Articles
Entitlement Relationships are getting rejected in MAEDCs in RSA Governance & Lifecycle Number of Views Managing Cloud Access Service Connection Number of Views RSA Authentication Manager Help - Table of Contents Number of Views Cloud Access Service Help - Table of Contents Number of Views How to check for available SSL/TLS protocols and ciphers for a specific port in RSA Authentication Manager 8.x Number of Views
Trending Articles
How to download and install the AFX Server Archive in RSA Identity Governance & Lifecycle RSA MFA Agent 2.5 for Microsoft Windows Installation and Administration Guide The Template ({Connector Template Name}) has missing file content error when creating AFX Connectors in RSA Identity Gover… Downloading RSA Authentication Manager license files or RSA Software token seed records Troubleshooting RSA MFA Agent for Microsoft Windows
