You are viewing a plain text version of this content. The canonical link for it is here.
Posted to issues@activemq.apache.org by "sunil kumar (JIRA)" <ji...@apache.org> on 2018/11/16 04:02:00 UTC
[jira] [Comment Edited] (AMQ-7099) After upgrading activemq 5.5.1
to activemq 5.13.1, issues with
java.security.Security.insertProviderAt/org.apache.activemq.broker.BrokerService
[ https://issues.apache.org/jira/browse/AMQ-7099?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16689001#comment-16689001 ]
sunil kumar edited comment on AMQ-7099 at 11/16/18 4:01 AM:
------------------------------------------------------------
How this can be closed without proper resolution.
It would be good to close this once after getting proper resolution, so that it will be helpful for others.
Thanks,
was (Author: sunil.jingade@gmail.com):
How this can be closed without proper resolution.
Thanks,
> After upgrading activemq 5.5.1 to activemq 5.13.1, issues with java.security.Security.insertProviderAt/org.apache.activemq.broker.BrokerService
> ------------------------------------------------------------------------------------------------------------------------------------------------
>
> Key: AMQ-7099
> URL: https://issues.apache.org/jira/browse/AMQ-7099
> Project: ActiveMQ
> Issue Type: Bug
> Components: Broker
> Affects Versions: 5.13.1
> Environment: OS: All platforms
> Products involved are :
> WAS 8.5.5.9 - 8.5.5.14
> LDAP/Active directory
> JazzSM(DASH) 3.1.3 CP5 -CP7
> Reporter: sunil kumar
> Priority: Blocker
>
> We upgraded activemq 5.5.1 to activemq 5.13.1 to over come the security vulnerable to CVE-2015-5254 and CVE-2014-3612. for ref: here are the links for each CVE: [http://activemq.apache.org/security-advisories.data/CVE-2015-5254-announcement.txt?version=1&modificationDate=1449589734000&api=v2]
> [http://activemq.apache.org/security-advisories.data/CVE-2014-3612-announcement.txt?version=2&modificationDate=1423051365000&api=v2]
>
> After upgrading we hit with following issues while getting LDAP user informations .
> Following are the stack trace :
> *16:06:07.353 0x33fb300 j9trc_aux.0 - jstacktrace:*
> *16:06:07.353 0x33fb300 j9trc_aux.1 - [1] java.security.Security.insertProviderAt (Security.java:369)*
> *16:06:07.353 0x33fb300 j9trc_aux.1 - [2] org.apache.activemq.broker.BrokerService.<clinit> (BrokerService.java:275)*
> *16:06:07.353 0x33fb300 j9trc_aux.1 - [3] com.ibm.tivoli.rest.event.amq.AMQPropertiesBrokerFactory.createBroker (AMQPropertiesBrokerFactory.java:30)*
> *16:06:07.353 0x33fb300 j9trc_aux.1 - [4] org.apache.activemq.broker.BrokerFactory.createBroker (BrokerFactory.java:71)*
> *16:06:07.353 0x33fb300 j9trc_aux.1 - [5] org.apache.activemq.broker.BrokerFactory.createBroker (BrokerFactory.java:54)*
> *16:06:07.353 0x33fb300 j9trc_aux.1 - [6] com.ibm.tivoli.rest.event.amq.AMQEventRouterFactory.startBroker (AMQEventRouterFactory.java:430)*
> *16:06:07.353 0x33fb300 j9trc_aux.1 - [7] com.ibm.tivoli.rest.event.amq.AMQEventRouterFactory.start (AMQEventRouterFactory.java:151)*
> *16:06:07.353 0x33fb300 j9trc_aux.1 - [8] com.ibm.tivoli.rest.event.EventRouterFactory.getInstance (EventRouterFactory.java:43)*
> *16:06:07.353 0x33fb300 j9trc_aux.1 - [9] com.ibm.tivoli.rest.amq.AjaxServlet.<init> (AjaxServlet.java:59)*
> *16:06:07.353 0x33fb300 j9trc_aux.1 - [10] java.lang.J9VMInternals.newInstanceImpl (Native Method)*
> 16:06:07.353 0x33fb300 j9trc_aux.1 - [11] java.lang.Class.newInstance (Class.java:1843) (Compiled Code)
> 16:06:07.353 0x33fb300 j9trc_aux.1 - [12] java.beans.Beans.instantiate (Beans.java:240)
> 16:06:07.353 0x33fb300 j9trc_aux.1 - [13] java.beans.Beans.instantiate (Beans.java:88)
> 16:06:07.353 0x33fb300 j9trc_aux.1 - [14] com.ibm.ws.webcontainer.servlet.ServletWrapper$1.run (ServletWrapper.java:1489)
> 16:06:07.353 0x33fb300 j9trc_aux.1 - [15] com.ibm.ws.security.util.AccessController.doPrivileged (AccessController.java:118) (Compiled Code)
> 16:06:07.353 0x33fb300 j9trc_aux.1 - [16] com.ibm.ws.webcontainer.servlet.ServletWrapper.loadServlet (ServletWrapper.java:1478)
> 16:06:07.353 0x33fb300 j9trc_aux.1 - [17] com.ibm.ws.webcontainer.servlet.ServletWrapper.loadOnStartupCheck (ServletWrapper.java:1357)
> 16:06:07.353 0x33fb300 j9trc_aux.1 - [18] com.ibm.ws.webcontainer.webapp.WebApp.doLoadOnStartupActions (WebApp.java:642)
> 16:06:07.353 0x33fb300 j9trc_aux.1 - [19] com.ibm.ws.webcontainer.webapp.WebApp.commonInitializationFinally (WebApp.java:608)
> 16:06:07.353 0x33fb300 j9trc_aux.1 - [20] com.ibm.ws.webcontainer.webapp.WebAppImpl.initialize (WebAppImpl.java:426)
> 16:06:07.353 0x33fb300 j9trc_aux.1 - [21] com.ibm.ws.webcontainer.webapp.WebGroupImpl.addWebApplication (WebGroupImpl.java:88)
> 16:06:07.353 0x33fb300 j9trc_aux.1 - [22] com.ibm.ws.webcontainer.VirtualHostImpl.addWebApplication (VirtualHostImpl.java:171)
> 16:06:07.353 0x33fb300 j9trc_aux.1 - [23] com.ibm.ws.webcontainer.WSWebContainer.addWebApp (WSWebContainer.java:904)
> 16:06:07.353 0x33fb300 j9trc_aux.1 - [24] com.ibm.ws.webcontainer.WSWebContainer.addWebApplication (WSWebContainer.java:789)
> 16:06:07.353 0x33fb300 j9trc_aux.1 - [25] com.ibm.ws.webcontainer.component.WebContainerImpl.install (WebContainerImpl.java:427)
> 16:06:07.353 0x33fb300 j9trc_aux.1 - [26] com.ibm.ws.webcontainer.component.WebContainerImpl.start (WebContainerImpl.java:719)
> 16:06:07.353 0x33fb300 j9trc_aux.1 - [27] com.ibm.ws.runtime.component.ApplicationMgrImpl.start (ApplicationMgrImpl.java:1211)
> 16:06:07.353 0x33fb300 j9trc_aux.1 - [28] com.ibm.ws.runtime.component.DeployedApplicationImpl.fireDeployedObjectStart (DeployedApplicationImpl.java:1450)
> 16:06:07.353 0x33fb300 j9trc_aux.1 - [29] com.ibm.ws.runtime.component.DeployedModuleImpl.start (DeployedModuleImpl.java:639)
> 16:06:07.353 0x33fb300 j9trc_aux.1 - [30] com.ibm.ws.runtime.component.DeployedApplicationImpl.start (DeployedApplicationImpl.java:1032)
> 16:06:07.353 0x33fb300 j9trc_aux.1 - [31] com.ibm.ws.runtime.component.ApplicationMgrImpl.startApplication (ApplicationMgrImpl.java:795)
> 16:06:07.353 0x33fb300 j9trc_aux.1 - [32] com.ibm.ws.runtime.component.ApplicationMgrImpl$5.run (ApplicationMgrImpl.java:2279)
> 16:06:07.353 0x33fb300 j9trc_aux.1 - [33] com.ibm.ws.security.auth.ContextManagerImpl.runAs (ContextManagerImpl.java:5572)
> 16:06:07.353 0x33fb300 j9trc_aux.1 - [34] com.ibm.ws.security.auth.ContextManagerImpl.runAsSystem (ContextManagerImpl.java:5698)
> 16:06:07.353 0x33fb300 j9trc_aux.1 - [35] com.ibm.ws.security.core.SecurityContext.runAsSystem (SecurityContext.java:255)
> 16:06:07.353 0x33fb300 j9trc_aux.1 - [36] com.ibm.ws.runtime.component.ApplicationMgrImpl.start (ApplicationMgrImpl.java:2284)
> 16:06:07.353 0x33fb300 j9trc_aux.1 - [37] com.ibm.ws.runtime.component.CompositionUnitMgrImpl.start (CompositionUnitMgrImpl.java:436)
> 16:06:07.353 0x33fb300 j9trc_aux.1 - [38] com.ibm.ws.runtime.component.CompositionUnitImpl.start (CompositionUnitImpl.java:123)
> 16:06:07.353 0x33fb300 j9trc_aux.1 - [39] com.ibm.ws.runtime.component.CompositionUnitMgrImpl.start (CompositionUnitMgrImpl.java:379)
> 16:06:07.353 0x33fb300 j9trc_aux.1 - [40] com.ibm.ws.runtime.component.CompositionUnitMgrImpl.access$500 (CompositionUnitMgrImpl.java:127)
> 16:06:07.353 0x33fb300 j9trc_aux.1 - [41] com.ibm.ws.runtime.component.CompositionUnitMgrImpl$CUInitializer.run (CompositionUnitMgrImpl.java:985)
> 16:06:07.353 0x33fb300 j9trc_aux.1 - [42] com.ibm.wsspi.runtime.component.WsComponentImpl$_AsynchInitializer.run (WsComponentImpl.java:524)
> 16:06:07.353 0x33fb300 j9trc_aux.1 - [43] com.ibm.ws.util.ThreadPool$Worker.run (ThreadPool.java:1892)
> 16:06:07.353 0x33fb300 mt.9 < java/security/Security.insertProviderAt(Ljava/security/Provider;I)I bytecode static method
>
> If we rollback to old ActiveMq Jars(i.e 5.5.1) its working fine.
> Please help us in identifying and fixing this issue.
> Products involved are :
> WAS 8.5.5.9 - 8.5.5.14
> LDAP/Active directory
> JazzSM(DASH) 3.1.3 CP5 -CP7
> ActiveMQ 5.13.1
>
--
This message was sent by Atlassian JIRA
(v7.6.3#76005)