file /web/soft/was61/bnym1/profiles/node3/logs/ffdc/st0rsamf61rs81_0000003a_12.05.08_16.55.14_0.txt
[5/8/12 16:55:14:961 EDT] 0000003a SecurityManag W SECJ0314W: Current Java 2 Security policy reported a potential violation of Java 2 Security Permission. Please refer to InfoCenter for further information.
Permission:
/web/sites/st0/rsamf61/deployed/st0rsamf61.ear/AdaptiveAuthentication.war/WEB-INF/classes/configs/d-config-datasource.xml : Access denied (java.io.FilePermission /web/sites/st0/rsamf61/deployed/st0rsamf61.ear/AdaptiveAuthentication.war/WEB-INF/classes/configs/d-config-datasource.xml read)
Code:
com.rsa.csd.ws.axis2.LogHandler in {file:/web/sites/st0/rsamf61/data/jspwork/rs81Node/st0rsamf61rs81/st0rsamf61/AdaptiveAuthentication.war/_axis2/axis22379958949721437791rsa-logging-module-1.1.0.mar}
Stack Trace:
java.security.AccessControlException: Access denied (java.io.FilePermission /web/sites/st0/rsamf61/deployed/st0rsamf61.ear/AdaptiveAuthentication.war/WEB-INF/classes/configs/d-config-datasource.xml read)
at java.security.AccessController.checkPermission(AccessController.java:103)
at java.lang.SecurityManager.checkPermission(SecurityManager.java:558)
at com.ibm.ws.security.core.SecurityManager.checkPermission(SecurityManager.java:214)
at com.ibm.ws.classloader.SinglePathClassProvider.check(SinglePathClassProvider.java:571)
at com.ibm.ws.classloader.SinglePathClassProvider.checkURL(SinglePathClassProvider.java:558)
at com.ibm.ws.classloader.SinglePathClassProvider.getResource(SinglePathClassProvider.java:550)
at com.ibm.ws.classloader.SinglePathClassProvider.getResourceAsStream(SinglePathClassProvider.java:585)
The enviroment for the customer was:
AIX 5.3, Web Sphere 6.1 .0.0.39.
You need to add this to the was.ploicy also you need to copy the .mar files to AdaptiveAuthenticaion/WEB_INF/lib.
grant codeBase "file:${webComponent}"{
permission java.lang.RuntimePermission "modifyThread";
permission java.lang.RuntimePermission "modifyThreadGroup";
permission java.lang.RuntimePermission "getProtectionDomain";
permission java.lang.RuntimePermission "getClassLoader";
permission java.lang.RuntimePermission "createClassLoader";
permission java.lang.RuntimePermission "shutdownHooks";
permission com.ibm.oti.shared.SharedClassPermission "*", "read, write";
permission java.util.PropertyPermission "*", "write";
permission java.io.FilePermission "/web/soft/was61/-", "read";
permission java.io.FilePermission "/web/sites/st0/rsamf61/-","read, delete";
permission java.lang.RuntimePermission "setContextClassLoader";
permission java.io.FilePermission "/web/sites/st0/rsamf61/-","read, delete";
permission java.io.FilePermission "/AAOP/rsa/configs", "read, write, delete";
permission java.io.FilePermission "/AAOP/rsa/logs/-", "read, write, delete";
permission java.io.FilePermission "/AAOP/rsa/logs";
permission java.io.FilePermission "/AAOP/usr/IBM/java/jre/lib/-", "read";
permission java.io.FilePermission "/AAOP/usr/IBM/lib/-", "read";
permission com.ibm.websphere.security.WebSphereRuntimePermission "accessRuntimeClasses";
permission java.io.FilePermission "/AAOP/usr/IBM/profiles/AppSrv01/temp/psoqa97Node02/server1/AdaptiveAuthentication/AdaptiveAuthentication.war/axis2-web/-", "read";
permission java.io.FilePermission "/web/sites/st0/rsamf61/deployed/st0rsamf61.ear/AdaptiveAuthentication.war/_axis2*","read, write";
permission java.io.FilePermission "/web/sites/st0/rsamf61/deployed/st0rsamf61.ear/AdaptiveAuthentication.war/WEB-INF/lib/cryptoj-4.1.jar", "read, write, delete";
permission java.io.FilePermission "/web/sites/st0/rsamf61/deployed/st0rsamf61.ear/AdaptiveAuthentication.war/WEB-INF/lib/-", "read, write, delete";
permission java.security.SecurityPermission "getProperty.com.rsa.cryptoj.jsafe.fips140initialmode";
permission java.io.FilePermission "/web/sites/st0/rsamf61/deployed/st0rsamf61.ear/AdaptiveAuthentication.war/WEB-INF/classes/configs/d-config-datasource.xml", "read";
permission java.io.FilePermission "/web/sites/st0/rsamf61/deployed/st0rsamf61.ear/AdaptiveAuthentication.war/WEB-INF/classes/configs/-","read";
permission java.lang.RuntimePermission "accessClassInPackage.sun.beans.editors";
permission java.lang.RuntimePermission "accessDeclaredMembers";
permission java.io.FilePermission "/AAOP/usr/IBM/profiles/AppSrv01/temp/psoqa97Node02/server1/AdaptiveAuthentication/AdaptiveAuthentication.war/axis2-web/-", "read, write, delete";
permission java.io.FilePermission "/AAOP/usr/IBM/profiles/AppSrv01/temp/psoqa97Node02/server1/AdaptiveAuthentication/AdaptiveAuthentication.war${/}","read";
permission java.io.FilePermission "/AAOP/usr/IBM/profiles/AppSrv01/temp/psoqa97Node02/server1/bnym/AdaptiveAuthentication.war/_axis2","read,write,delete";
permission java.lang.reflect.ReflectPermission "suppressAccessChecks";
permission java.io.FilePermission "/AAOP/usr/IBM/properties/version/update/backup","read";
permission java.io.FilePermission "/AAOP/rsa/configs/c-applicationContext.xml","read";
permission java.io.FilePermission "/AAOP/usr/IBM/profiles/AppSrv01/temp/psoqa97Node02/server1/bnym/AdaptiveAuthentication.war/_axis2/-", "read,write,delete";
permission java.io.FilePermission "/AAOP/usr/IBM/profiles/AppSrv01/properties", "read";
permission java.io.FilePermission "/AAOP/rsa/geoip/database", "read";
permission java.io.FilePermission "/AAOP/usr/IBM","read";
permission java.io.FilePermission "/AAOP/usr/IBM/-","read";
permission java.io.FilePermission "/AAOP/usr/IBM/properties", "read";
permission java.io.FilePermission "/AAOP/rsa/configs/-","read";
permission java.io.FilePermission "/AAOP/rsa/configs/addPayee.st","read";
permission java.io.FilePermission "/AAOP/rsa/geoip/-","read";
permission java.io.FilePermission "/AAOP/rsa/geoip/staging","read";
permission java.io.FilePermission "/AAOP/rsa/geoip/archive","read";
permission java.io.FilePermission "/AAOP/usr/IBM/properties/version", "read";
permission java.io.FilePermission "/.mime.types","read";
permission java.io.FilePermission "/usr/apps/aa/wurfl-data.zip","read";
permission java.security.SecurityPermission "getProperty.com.rsa.cryptoj.jce.fips140initialmode";
permission java.security.SecurityPermission "getProperty.com.rsa.cryptoj.fips140initialmode";
permission java.security.SecurityPermission "getProperty.com.rsa.cryptoj.jsafe.kat.strategy";
permission java.security.SecurityPermission "getProperty.com.rsa.cryptoj.jce.kat.strategy";
permission java.security.SecurityPermission "getProperty.com.rsa.cryptoj.kat.strategy";
permission java.security.SecurityPermission "getProperty.com.rsa.cryptoj.eventhandler";
permission java.security.SecurityPermission "getProperty.com.rsa.cryptoj.integritycheck";
Permission java.security.SecurityPermission "getProperty.com.rsa.cryptoj.kat.fail";
permission java.security.SecurityPermission "getProperty.com.rsa.cryptoj.runtimetest.fail";
permission java.security.SecurityPermission "getProperty.com.rsa.cryptoj.testmode";
permission java.security.SecurityPermission "getProperty.com.rsa.cryptoj.jce.no.verify.jar";
permission java.security.SecurityPermission "getProperty.com.rsa.crypto.default.random";
permission java.security.SecurityPermission "putProviderProperty.JsafeJCE";
permission java.security.SecurityPermission "insertProvider.JsafeJCE";
permission java.io.FilePermission "/WEB-INF/AdaptiveAuthenticationAdmin.wsdl", "read";
permission java.io.FilePermission "/tmp/-","read,write,delete";
permission java.io.FilePermission "/WEB-INF/AdaptiveAuthenticationAdmin.wsdl","read";
permission java.io.FilePermission "/AAOP/usr/IBM/profiles/AppSrv01/installedApps/psoqa97Node01Cell/bnym.ear/AdaptiveAuthentication.war/WEB-INF/lib/-","read";
permission java.io.FilePermission "/AAOP/usr/IBM/profiles/AppSrv01/installedApps/psoqa97Node01Cell/bnym.ear/AdaptiveAuthentication.war/WEB-INF/lib/spring-beans-2.5.6.SEC01.jar","read";
permission java.io.FilePermission "/AAOP/usr/IBM/profiles/AppSrv01/installedApps/psoqa97Node01Cell/bnym.ear/AdaptiveAuthentication.war/WEB-INF/classes/configs/-","read";
permission java.io.FilePermission "/AAOP/usr/IBM/profiles/AppSrv01/installedApps/psoqa97Node01Cell/bnym.ear/AdaptiveAuthentication.war/WEB-INF/classes/configs/d-config-datasource.xml", "read";
permission java.io.FilePermission "/AAOP/usr/IBM/profiles/AppSrv01/installedApps/psoqa97Node01Cell/bnym.ear/AdaptiveAuthentication.war/WEB-INF/lib/spectjweaver-1.6.8.jar","read,write,delete";
permission java.io.FilePermission "/AAOP/usr/IBM/profiles/AppSrv01/installedApps/psoqa97Node01Cell/bnym.ear/AdaptiveAuthentication.war/WEB-INF/classes/configs/-","read";
permission java.io.FilePermission "/AAOP/usr/IBM/profiles/AppSrv01/installedApps/psoqa97Node01Cell/bnym.ear/AdaptiveAuthentication.war/WEB-INF/lib/-", "read";
permission java.io.FilePermission "/AAOP/usr/IBM/profiles/AppSrv01/installedApps/psoqa97Node01Cell/bnym.ear/AdaptiveAuthentication.war/WEB-INF/classes/-", "read";
permission java.lang.RuntimePermission "accessClassInPackage.sun.misc";
};
grant codeBase "file:${jars}" {
permission java.lang.RuntimePermission "modifyThread";
permission java.lang.RuntimePermission "modifyThreadGroup";
permission java.lang.RuntimePermission "getProtectionDomain";
permission java.lang.RuntimePermission "getClassLoader";
permission java.lang.RuntimePermission "createClassLoader";
permission java.lang.RuntimePermission "shutdownHooks";
permission com.ibm.oti.shared.SharedClassPermission "*", "read, write";
permission java.util.PropertyPermission "*", "write";
permission java.io.FilePermission "/web/soft/was61/-", "read";
permission java.io.FilePermission "/web/sites/st0/rsamf61/-","read, delete";
permission java.lang.RuntimePermission "setContextClassLoader";
permission java.io.FilePermission "/web/sites/st0/rsamf61/-","read, delete";
permission java.io.FilePermission "/web/sites/st0/rsamf61/deployed/st0rsamf61.ear/AdaptiveAuthentication.war/_axis2*","read, write";
permission java.io.FilePermission "/web/sites/st0/rsamf61/deployed/st0rsamf61.ear/AdaptiveAuthentication.war/WEB-INF/lib/cryptoj-4.1.jar", "read, write, delete";
permission java.io.FilePermission "/web/sites/st0/rsamf61/deployed/st0rsamf61.ear/AdaptiveAuthentication.war/WEB-INF/lib/-", "read, write, delete";
permission java.security.SecurityPermission "getProperty.com.rsa.cryptoj.jsafe.fips140initialmode";
permission java.io.FilePermission "/web/sites/st0/rsamf61/deployed/st0rsamf61.ear/AdaptiveAuthentication.war/WEB-INF/classes/configs/d-config-datasource.xml", "read";
permission java.io.FilePermission "/web/sites/st0/rsamf61/deployed/st0rsamf61.ear/AdaptiveAuthentication.war/WEB-INF/classes/configs/-","read";
permission java.io.FilePermission "/AAOP/rsa/configs", "read, write, delete";
permission java.io.FilePermission "/AAOP/rsa/logs/-", "read, write, delete";
permission java.io.FilePermission "/AAOP/rsa/logs";
permission java.io.FilePermission "/AAOP/usr/IBM/java/jre/lib/-", "read";
permission java.io.FilePermission "/AAOP/usr/IBM/lib/-", "read";
permission com.ibm.websphere.security.WebSphereRuntimePermission "accessRuntimeClasses";
permission java.io.FilePermission "/AAOP/usr/IBM/profiles/AppSrv01/temp/psoqa97Node02/server1/AdaptiveAuthentication/AdaptiveAuthentication.war/axis2-web", "read";
permission java.lang.RuntimePermission "accessClassInPackage.sun.beans.editors";
permission java.lang.RuntimePermission "accessDeclaredMembers";
permission java.io.FilePermission "/AAOP/usr/IBM/profiles/AppSrv01/temp/psoqa97Node02/server1/AdaptiveAuthentication/AdaptiveAuthentication.war/axis2-web/-", "read, write, delete";
permission java.io.FilePermission "/AAOP/usr/IBM/profiles/AppSrv01/temp/psoqa97Node02/server1/AdaptiveAuthentication/AdaptiveAuthentication.war${/}","read";
permission java.io.FilePermission "/AAOP/usr/IBM/profiles/AppSrv01/temp/psoqa97Node02/server1/bnym/AdaptiveAuthentication.war/_axis2","read,write,delete";
permission java.lang.reflect.ReflectPermission "suppressAccessChecks";
permission java.io.FilePermission "/AAOP/usr/IBM/properties/version/update/backup","read";
permission java.io.FilePermission "/AAOP/rsa/configs/c-applicationContext.xml","read";
permission java.io.FilePermission "/AAOP/usr/IBM/profiles/AppSrv01/temp/psoqa97Node02/server1/bnym/AdaptiveAuthentication.war/_axis2/-", "read,write,delete";
permission java.io.FilePermission "/AAOP/usr/IBM/profiles/AppSrv01/properties", "read";
permission java.io.FilePermission "/AAOP/rsa/geoip/database", "read";
permission java.io.FilePermission "/AAOP/usr/IBM","read";
permission java.io.FilePermission "/AAOP/usr/IBM/-","read";
permission java.io.FilePermission "/AAOP/usr/IBM/properties", "read";
permission java.io.FilePermission "/AAOP/rsa/configs/-","read";
permission java.io.FilePermission "/AAOP/rsa/configs/addPayee.st","read";
permission java.io.FilePermission "/AAOP/rsa/geoip/-","read";
permission java.io.FilePermission "/AAOP/rsa/geoip/staging","read";
permission java.io.FilePermission "/AAOP/rsa/geoip/archive","read";
permission java.io.FilePermission "/AAOP/usr/IBM/properties/version", "read";
permission java.io.FilePermission "/.mime.types","read";
permission java.io.FilePermission "/usr/apps/aa/wurfl-data.zip","read";
permission java.security.SecurityPermission "getProperty.com.rsa.cryptoj.jce.fips140initialmode";
permission java.security.SecurityPermission "getProperty.com.rsa.cryptoj.fips140initialmode";
permission java.security.SecurityPermission "getProperty.com.rsa.cryptoj.jsafe.kat.strategy";
permission java.security.SecurityPermission "getProperty.com.rsa.cryptoj.jce.kat.strategy";
permission java.security.SecurityPermission "getProperty.com.rsa.cryptoj.kat.strategy";
permission java.security.SecurityPermission "getProperty.com.rsa.cryptoj.eventhandler";
permission java.security.SecurityPermission "getProperty.com.rsa.cryptoj.integritycheck";
Permission java.security.SecurityPermission "getProperty.com.rsa.cryptoj.kat.fail";
permission java.security.SecurityPermission "getProperty.com.rsa.cryptoj.testmode";
permission java.security.SecurityPermission "getProperty.com.rsa.cryptoj.jce.no.verify.jar";
permission java.security.SecurityPermission "getProperty.com.rsa.crypto.default.random";
permission java.security.SecurityPermission "putProviderProperty.JsafeJCE";
permission java.security.SecurityPermission "insertProvider.JsafeJCE";
permission java.io.FilePermission "/WEB-INF/AdaptiveAuthenticationAdmin.wsdl", "read";
permission java.io.FilePermission "/tmp/-","read,write,delete";
permission java.io.FilePermission "/WEB-INF/AdaptiveAuthenticationAdmin.wsdl","read";
permission java.io.FilePermission "/AAOP/usr/IBM/profiles/AppSrv01/installedApps/psoqa97Node01Cell/bnym.ear/AdaptiveAuthentication.war/WEB-INF/lib/-","read";
permission java.io.FilePermission "/AAOP/usr/IBM/profiles/AppSrv01/installedApps/psoqa97Node01Cell/bnym.ear/AdaptiveAuthentication.war/WEB-INF/lib/spring-beans-2.5.6.SEC01.jar","read";
permission java.io.FilePermission "/AAOP/usr/IBM/profiles/AppSrv01/installedApps/psoqa97Node01Cell/bnym.ear/AdaptiveAuthentication.war/WEB-INF/classes/configs/-","read";
permission java.io.FilePermission "/AAOP/usr/IBM/profiles/AppSrv01/installedApps/psoqa97Node01Cell/bnym.ear/AdaptiveAuthentication.war/WEB-INF/classes/configs/d-config-datasource.xml", "read";
permission java.io.FilePermission "/AAOP/usr/IBM/profiles/AppSrv01/installedApps/psoqa97Node01Cell/bnym.ear/AdaptiveAuthentication.war/WEB-INF/lib/spectjweaver-1.6.8.jar","read";
permission java.io.FilePermission "/AAOP/usr/IBM/profiles/AppSrv01/installedApps/psoqa97Node01Cell/bnym.ear/AdaptiveAuthentication.war/WEB-INF/classes/configs/-","read";
permission java.io.FilePermission "/AAOP/usr/IBM/profiles/AppSrv01/installedApps/psoqa97Node01Cell/bnym.ear/AdaptiveAuthentication.war/WEB-INF/lib/-", "read";
permission java.io.FilePermission "/AAOP/usr/IBM/profiles/AppSrv01/installedApps/psoqa97Node01Cell/bnym.ear/AdaptiveAuthentication.war/WEB-INF/classes/-", "read";
permission java.lang.RuntimePermission "accessClassInPackage.sun.misc";
};
grant codeBase "file:${application}" { permission java.io.FilePermission "/AAOP/usr/IBM/profiles/AppSrv01/installedApps/psoqa97Node01Cell/bnym.ear/AdaptiveAuthentication.war/WEB-INF/classes/configs/d-config-datasource.xml", "read"; permission java.io.FilePermission "/AAOP/usr/IBM/profiles/AppSrv01/installedApps/psoqa97Node01Cell/bnym.ear/AdaptiveAuthentication.war/WEB-INF/classes/configs/d-config-configService.xml", "read"; };
This step is must as well.
Copy .mar files from AA/WEB-INF/modules to AA/WEB-INF/lib and rename as.jar.
cp /modules/rsa-logging-module-1.1.0.mar -> /lib/rsa-logging-module-1.1.0.jar cp /modules/soapmonitor-1.4.mar -> /lib/soapmonitor-1.4.jar cp /modules/addressing-1.4.mar -> /lib/addressing-1.4.mar
That will load them with the class loader application classes first.
Related Articles
Issue with request form date calendar widget not coming up when the language is set to Thai in RSA Identity Governance & L… Number of Views All endpoint agents' status went to error with “Certificate Renewal Pending” in RSA DLP Number of Views Web tier does not come back online after upgrade to Authentication Manager 8.1 SP1 Number of Views RSA SecurID Software Token 2.4 for iOS Quick Start (French) Number of Views Coming Soon: RSA Authenticator 4.7 for iOS and Android Number of Views
Trending Articles
Passwordless Authentication in Windows MFA Agent for Active Directory – Quick Setup Guide RSA Authentication Manager Upgrade Process RSA Authentication Manager 8.9 Release Notes (January 2026) An example of SSO using SAML and ADFS with RSA Identity Management and Governance 6.9.x RSA MFA Agent 2.3.6 for Microsoft Windows Installation and Administration Guide
