You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@stanbol.apache.org by Andrea Taurchini <at...@gmail.com> on 2012/12/05 11:18:23 UTC
Osgi Management Console access denied ...
Dear All,
I'm working on a deployment over tomcat 6.0 on CentOs. Stanbol works but
trying to access management console I receive the following :
type Exception report
message access denied ("java.security.AllPermission" "<all permissions>"
"<all actions>")
description The server encountered an internal error that prevented it from
fulfilling this request.
exception
java.security.AccessControlException: access denied
("java.security.AllPermission" "<all permissions>" "<all actions>")
java.security.AccessControlContext.checkPermission(AccessControlContext.java:366)
java.security.AccessController.checkPermission(AccessController.java:560)
org.apache.stanbol.commons.security.auth.felix.WebConsoleSecurityProvider.authenticate(WebConsoleSecurityProvider.java:38)
org.apache.felix.webconsole.internal.servlet.OsgiManagerHttpContext.handleSecurity(OsgiManagerHttpContext.java:104)
org.apache.felix.http.base.internal.context.ServletContextImpl.handleSecurity(ServletContextImpl.java:272)
org.apache.felix.http.base.internal.handler.ServletHandler.doHandle(ServletHandler.java:91)
org.apache.felix.http.base.internal.handler.ServletHandler.handle(ServletHandler.java:79)
org.apache.felix.http.base.internal.dispatch.ServletPipeline.handle(ServletPipeline.java:42)
org.apache.felix.http.base.internal.dispatch.InvocationFilterChain.doFilter(InvocationFilterChain.java:49)
org.apache.felix.http.base.internal.dispatch.HttpFilterChain.doFilter(HttpFilterChain.java:33)
org.apache.stanbol.commons.httpqueryheaders.impl.QueryHeadersFilter.doFilter(QueryHeadersFilter.java:75)
org.apache.felix.http.base.internal.handler.FilterHandler.doHandle(FilterHandler.java:88)
org.apache.felix.http.base.internal.handler.FilterHandler.handle(FilterHandler.java:76)
org.apache.felix.http.base.internal.dispatch.InvocationFilterChain.doFilter(InvocationFilterChain.java:47)
org.apache.felix.http.base.internal.dispatch.HttpFilterChain.doFilter(HttpFilterChain.java:33)
org.apache.felix.http.base.internal.handler.FilterHandler.handle(FilterHandler.java:78)
org.apache.felix.http.base.internal.dispatch.InvocationFilterChain.doFilter(InvocationFilterChain.java:47)
org.apache.felix.http.base.internal.dispatch.HttpFilterChain.doFilter(HttpFilterChain.java:33)
org.apache.felix.http.base.internal.dispatch.FilterPipeline.dispatch(FilterPipeline.java:48)
org.apache.felix.http.base.internal.dispatch.Dispatcher.dispatch(Dispatcher.java:39)
org.apache.felix.http.base.internal.DispatcherServlet.service(DispatcherServlet.java:67)
javax.servlet.http.HttpServlet.service(HttpServlet.java:717)
org.apache.felix.http.proxy.ProxyServlet.service(ProxyServlet.java:60)
javax.servlet.http.HttpServlet.service(HttpServlet.java:717)
org.apache.sling.launchpad.base.webapp.SlingServletDelegate.service(SlingServletDelegate.java:278)
org.apache.sling.launchpad.webapp.SlingServlet.service(SlingServlet.java:174)
Where should I set this kind of permissions ?
Thanks.
BR,
Andrea
Re: Osgi Management Console access denied ...
Posted by Andrea Taurchini <at...@gmail.com>.
Dear Reto,
I already setted allpermission in Catalina.policy and it works.
Tomorrow I will check how to enable login prompt removing allpermission
setting.
Thanks,
Andrea
Il giorno mercoledì 5 dicembre 2012, Andrea Taurchini ha scritto:
> Dear Reto,
> Yes
>
> Il giorno mercoledì 5 dicembre 2012, Reto Bachmann-Gmür ha scritto:
>
> Looking at the stack-trace it seems that you have no AuthenticatingFilter
> (i.e. no commons .security bundle) so that no authentication dialog will
> show up.
>
> So either make sure that commons.security is part of the war of if you want
> to disable security alltogether, according to
> http://tomcat.apache.org/tomcat-6.0-doc/security-manager-howto.html if you
> should be able to set conf/catalina.policy to:
>
> grant {
> permission java.security.AllPermission;
> };
>
> And start tomcat with
>
> $CATALINA_HOME/bin/catalina.sh start -security
>
> In this case you enable tomcat security granting all permissions to all
> code.
>
> If you want to use the felix standrd authentication for the webconsole you
> have to remove the commons.security.fexilwebconsole bundle.
>
> Let me know how it works.
>
> Cheers,
> Reto
>
>
> On Wed, Dec 5, 2012 at 3:31 PM, Reto Bachmann-Gmür <re...@wymiwyg.com>
> wrote:
>
> > Hi Andrea!
> >
> > Just to make sure I understand: You installer stanbol.war from the
> > full-launcher?
> >
> > Cheers,
> > Reto
> >
> >
> > On Wed, Dec 5, 2012 at 11:18 AM, Andrea Taurchini <ataurchini@gmail.com
> >wrote:
> >
> >> Dear All,
> >> I'm working on a deployment over tomcat 6.0 on CentOs. Stanbol works but
> >> trying to access management console I receive the following :
> >>
> >>
> >> type Exception report
> >>
> >> message access denied ("java.security.AllPermission" "<all permissions>"
> >> "<all actions>")
> >>
> >> description The server encountered an internal error that prevented it
> >> from
> >> fulfilling this request.
> >>
> >> exception
> >>
> >> java.security.AccessControlException: access denied
> >> ("java.security.AllPermission" "<all permissions>" "<all actions>")
> >>
> >>
> java.security.AccessControlContext.checkPermission(AccessControlContext.java:366)
> >>
> java.security.AccessController.checkPermission(AccessController.java:560)
> >>
> >>
> org.apache.stanbol.commons.security.auth.felix.WebConsoleSecurityProvider.authenticate(WebConsoleSecurityProvider.java:38)
> >>
> >>
> org.apache.felix.webconsole.internal.servlet.OsgiManagerHttpContext.handleSecurity(OsgiManagerHttpContext.java:104)
> >>
> >>
> org.apache.felix.http.base.internal.context.ServletContextImpl.handleSecurity(ServletContextImpl.java:272)
> >>
> >>
> org.apache.felix.http.base.internal.handler.ServletHandler.doHandle(ServletHandler.java:91)
> >>
> >>
> org.apache.felix.http.base.internal.handler.ServletHandler.handle(ServletHandler.java:79)
> >>
> >>
> org.apache.felix.http.base.internal.dispatch.ServletPipeline.handle(ServletPipeline.java:42)
> >>
> >>
> org.apache.felix.http.base.internal.dispatch.InvocationFilterChain.doFilter(InvocationFilterChain.java:49)
> >>
> >>
> org.apache.felix.http.base.internal.dispatch.HttpFilterChain.doFilter(HttpFilterChain.java:33)
> >>
> >>
> org.apache.stanbol.commons.httpqueryheaders.impl.QueryHeadersFilter.doFilter(QueryHeadersFilter.java:75)
> >>
> >>
> org.apache.felix.http.base.internal.handler.FilterHandler.doHandle(FilterHandler.java:88)
> >>
> >>
> org.apache.felix.http.base.internal.handler.FilterHandler.handle(FilterHandler.java:76)
> >>
> >>
> org.apache.felix.http.base.internal.dispatch.InvocationFilterChain.doFilter(InvocationFilterChain.java:47)
> >>
> >>
> org.apache.felix.http.base.internal.dispatch.HttpFilterChain.doFilter(HttpFilterChain.java:33)
> >>
> >>
> org.apache.felix.http.base.internal.handler.FilterHandler.handle(FilterHandler.java:78)
> >>
> >>
> org.apache.felix.http.base.internal.dispatch.InvocationFilterChain.doFilter(InvocationFilterChain.java:47)
> >>
> >>
> org.apache.felix.http.base.internal.dispatch.HttpFilterChain.doFilter(HttpFilterChain.java:33)
> >>
> >>
> org.apache.felix.http.base.internal.dispatch.FilterPipeline.dispatch(FilterPipeline.java:48)
> >>
> >>
> org.apache.felix.http.base.internal.dispatch.Dispatcher.dispatch(Dispatcher.java:39)
> >>
> >
>
>
Re: Osgi Management Console access denied ...
Posted by Andrea Taurchini <at...@gmail.com>.
Dear Reto,
Yes
Il giorno mercoledì 5 dicembre 2012, Reto Bachmann-Gmür ha scritto:
> Looking at the stack-trace it seems that you have no AuthenticatingFilter
> (i.e. no commons .security bundle) so that no authentication dialog will
> show up.
>
> So either make sure that commons.security is part of the war of if you want
> to disable security alltogether, according to
> http://tomcat.apache.org/tomcat-6.0-doc/security-manager-howto.html if you
> should be able to set conf/catalina.policy to:
>
> grant {
> permission java.security.AllPermission;
> };
>
> And start tomcat with
>
> $CATALINA_HOME/bin/catalina.sh start -security
>
> In this case you enable tomcat security granting all permissions to all
> code.
>
> If you want to use the felix standrd authentication for the webconsole you
> have to remove the commons.security.fexilwebconsole bundle.
>
> Let me know how it works.
>
> Cheers,
> Reto
>
>
> On Wed, Dec 5, 2012 at 3:31 PM, Reto Bachmann-Gmür <re...@wymiwyg.com>
> wrote:
>
> > Hi Andrea!
> >
> > Just to make sure I understand: You installer stanbol.war from the
> > full-launcher?
> >
> > Cheers,
> > Reto
> >
> >
> > On Wed, Dec 5, 2012 at 11:18 AM, Andrea Taurchini <ataurchini@gmail.com
> >wrote:
> >
> >> Dear All,
> >> I'm working on a deployment over tomcat 6.0 on CentOs. Stanbol works but
> >> trying to access management console I receive the following :
> >>
> >>
> >> type Exception report
> >>
> >> message access denied ("java.security.AllPermission" "<all permissions>"
> >> "<all actions>")
> >>
> >> description The server encountered an internal error that prevented it
> >> from
> >> fulfilling this request.
> >>
> >> exception
> >>
> >> java.security.AccessControlException: access denied
> >> ("java.security.AllPermission" "<all permissions>" "<all actions>")
> >>
> >>
> java.security.AccessControlContext.checkPermission(AccessControlContext.java:366)
> >>
> java.security.AccessController.checkPermission(AccessController.java:560)
> >>
> >>
> org.apache.stanbol.commons.security.auth.felix.WebConsoleSecurityProvider.authenticate(WebConsoleSecurityProvider.java:38)
> >>
> >>
> org.apache.felix.webconsole.internal.servlet.OsgiManagerHttpContext.handleSecurity(OsgiManagerHttpContext.java:104)
> >>
> >>
> org.apache.felix.http.base.internal.context.ServletContextImpl.handleSecurity(ServletContextImpl.java:272)
> >>
> >>
> org.apache.felix.http.base.internal.handler.ServletHandler.doHandle(ServletHandler.java:91)
> >>
> >>
> org.apache.felix.http.base.internal.handler.ServletHandler.handle(ServletHandler.java:79)
> >>
> >>
> org.apache.felix.http.base.internal.dispatch.ServletPipeline.handle(ServletPipeline.java:42)
> >>
> >>
> org.apache.felix.http.base.internal.dispatch.InvocationFilterChain.doFilter(InvocationFilterChain.java:49)
> >>
> >>
> org.apache.felix.http.base.internal.dispatch.HttpFilterChain.doFilter(HttpFilterChain.java:33)
> >>
> >>
> org.apache.stanbol.commons.httpqueryheaders.impl.QueryHeadersFilter.doFilter(QueryHeadersFilter.java:75)
> >>
> >>
> org.apache.felix.http.base.internal.handler.FilterHandler.doHandle(FilterHandler.java:88)
> >>
> >>
> org.apache.felix.http.base.internal.handler.FilterHandler.handle(FilterHandler.java:76)
> >>
> >>
> org.apache.felix.http.base.internal.dispatch.InvocationFilterChain.doFilter(InvocationFilterChain.java:47)
> >>
> >>
> org.apache.felix.http.base.internal.dispatch.HttpFilterChain.doFilter(HttpFilterChain.java:33)
> >>
> >>
> org.apache.felix.http.base.internal.handler.FilterHandler.handle(FilterHandler.java:78)
> >>
> >>
> org.apache.felix.http.base.internal.dispatch.InvocationFilterChain.doFilter(InvocationFilterChain.java:47)
> >>
> >>
> org.apache.felix.http.base.internal.dispatch.HttpFilterChain.doFilter(HttpFilterChain.java:33)
> >>
> >>
> org.apache.felix.http.base.internal.dispatch.FilterPipeline.dispatch(FilterPipeline.java:48)
> >>
> >>
> org.apache.felix.http.base.internal.dispatch.Dispatcher.dispatch(Dispatcher.java:39)
> >>
> >>
> org.apache.felix.http.base.internal.DispatcherServlet.service(DispatcherServlet.java:67)
> >> javax.servlet.http.HttpServlet.service(HttpServlet.java:717)
> >> org.apache.felix.http.proxy.ProxyServlet.service(ProxyServlet.java:60)
> >> javax.servlet.http.HttpServlet.service(HttpServlet.java:717)
> >>
> >>
> org.apache.sling.launchpad.base.webapp.SlingServletDelegate.service(SlingServletDelegate.java:278)
> >>
> >>
> org.apache.sling.launchpad.webapp.SlingServlet.service(SlingServlet.java:174)
> >>
>
Re: Osgi Management Console access denied ...
Posted by Reto Bachmann-Gmür <re...@wymiwyg.com>.
Looking at the stack-trace it seems that you have no AuthenticatingFilter
(i.e. no commons .security bundle) so that no authentication dialog will
show up.
So either make sure that commons.security is part of the war of if you want
to disable security alltogether, according to
http://tomcat.apache.org/tomcat-6.0-doc/security-manager-howto.html if you
should be able to set conf/catalina.policy to:
grant {
permission java.security.AllPermission;
};
And start tomcat with
$CATALINA_HOME/bin/catalina.sh start -security
In this case you enable tomcat security granting all permissions to all
code.
If you want to use the felix standrd authentication for the webconsole you
have to remove the commons.security.fexilwebconsole bundle.
Let me know how it works.
Cheers,
Reto
On Wed, Dec 5, 2012 at 3:31 PM, Reto Bachmann-Gmür <re...@wymiwyg.com> wrote:
> Hi Andrea!
>
> Just to make sure I understand: You installer stanbol.war from the
> full-launcher?
>
> Cheers,
> Reto
>
>
> On Wed, Dec 5, 2012 at 11:18 AM, Andrea Taurchini <at...@gmail.com>wrote:
>
>> Dear All,
>> I'm working on a deployment over tomcat 6.0 on CentOs. Stanbol works but
>> trying to access management console I receive the following :
>>
>>
>> type Exception report
>>
>> message access denied ("java.security.AllPermission" "<all permissions>"
>> "<all actions>")
>>
>> description The server encountered an internal error that prevented it
>> from
>> fulfilling this request.
>>
>> exception
>>
>> java.security.AccessControlException: access denied
>> ("java.security.AllPermission" "<all permissions>" "<all actions>")
>>
>> java.security.AccessControlContext.checkPermission(AccessControlContext.java:366)
>> java.security.AccessController.checkPermission(AccessController.java:560)
>>
>> org.apache.stanbol.commons.security.auth.felix.WebConsoleSecurityProvider.authenticate(WebConsoleSecurityProvider.java:38)
>>
>> org.apache.felix.webconsole.internal.servlet.OsgiManagerHttpContext.handleSecurity(OsgiManagerHttpContext.java:104)
>>
>> org.apache.felix.http.base.internal.context.ServletContextImpl.handleSecurity(ServletContextImpl.java:272)
>>
>> org.apache.felix.http.base.internal.handler.ServletHandler.doHandle(ServletHandler.java:91)
>>
>> org.apache.felix.http.base.internal.handler.ServletHandler.handle(ServletHandler.java:79)
>>
>> org.apache.felix.http.base.internal.dispatch.ServletPipeline.handle(ServletPipeline.java:42)
>>
>> org.apache.felix.http.base.internal.dispatch.InvocationFilterChain.doFilter(InvocationFilterChain.java:49)
>>
>> org.apache.felix.http.base.internal.dispatch.HttpFilterChain.doFilter(HttpFilterChain.java:33)
>>
>> org.apache.stanbol.commons.httpqueryheaders.impl.QueryHeadersFilter.doFilter(QueryHeadersFilter.java:75)
>>
>> org.apache.felix.http.base.internal.handler.FilterHandler.doHandle(FilterHandler.java:88)
>>
>> org.apache.felix.http.base.internal.handler.FilterHandler.handle(FilterHandler.java:76)
>>
>> org.apache.felix.http.base.internal.dispatch.InvocationFilterChain.doFilter(InvocationFilterChain.java:47)
>>
>> org.apache.felix.http.base.internal.dispatch.HttpFilterChain.doFilter(HttpFilterChain.java:33)
>>
>> org.apache.felix.http.base.internal.handler.FilterHandler.handle(FilterHandler.java:78)
>>
>> org.apache.felix.http.base.internal.dispatch.InvocationFilterChain.doFilter(InvocationFilterChain.java:47)
>>
>> org.apache.felix.http.base.internal.dispatch.HttpFilterChain.doFilter(HttpFilterChain.java:33)
>>
>> org.apache.felix.http.base.internal.dispatch.FilterPipeline.dispatch(FilterPipeline.java:48)
>>
>> org.apache.felix.http.base.internal.dispatch.Dispatcher.dispatch(Dispatcher.java:39)
>>
>> org.apache.felix.http.base.internal.DispatcherServlet.service(DispatcherServlet.java:67)
>> javax.servlet.http.HttpServlet.service(HttpServlet.java:717)
>> org.apache.felix.http.proxy.ProxyServlet.service(ProxyServlet.java:60)
>> javax.servlet.http.HttpServlet.service(HttpServlet.java:717)
>>
>> org.apache.sling.launchpad.base.webapp.SlingServletDelegate.service(SlingServletDelegate.java:278)
>>
>> org.apache.sling.launchpad.webapp.SlingServlet.service(SlingServlet.java:174)
>>
>> Where should I set this kind of permissions ?
>>
>>
>> Thanks.
>>
>> BR,
>> Andrea
>>
>
>
Re: Osgi Management Console access denied ...
Posted by Reto Bachmann-Gmür <re...@wymiwyg.com>.
Hi Andrea!
Just to make sure I understand: You installer stanbol.war from the
full-launcher?
Cheers,
Reto
On Wed, Dec 5, 2012 at 11:18 AM, Andrea Taurchini <at...@gmail.com>wrote:
> Dear All,
> I'm working on a deployment over tomcat 6.0 on CentOs. Stanbol works but
> trying to access management console I receive the following :
>
>
> type Exception report
>
> message access denied ("java.security.AllPermission" "<all permissions>"
> "<all actions>")
>
> description The server encountered an internal error that prevented it from
> fulfilling this request.
>
> exception
>
> java.security.AccessControlException: access denied
> ("java.security.AllPermission" "<all permissions>" "<all actions>")
>
> java.security.AccessControlContext.checkPermission(AccessControlContext.java:366)
> java.security.AccessController.checkPermission(AccessController.java:560)
>
> org.apache.stanbol.commons.security.auth.felix.WebConsoleSecurityProvider.authenticate(WebConsoleSecurityProvider.java:38)
>
> org.apache.felix.webconsole.internal.servlet.OsgiManagerHttpContext.handleSecurity(OsgiManagerHttpContext.java:104)
>
> org.apache.felix.http.base.internal.context.ServletContextImpl.handleSecurity(ServletContextImpl.java:272)
>
> org.apache.felix.http.base.internal.handler.ServletHandler.doHandle(ServletHandler.java:91)
>
> org.apache.felix.http.base.internal.handler.ServletHandler.handle(ServletHandler.java:79)
>
> org.apache.felix.http.base.internal.dispatch.ServletPipeline.handle(ServletPipeline.java:42)
>
> org.apache.felix.http.base.internal.dispatch.InvocationFilterChain.doFilter(InvocationFilterChain.java:49)
>
> org.apache.felix.http.base.internal.dispatch.HttpFilterChain.doFilter(HttpFilterChain.java:33)
>
> org.apache.stanbol.commons.httpqueryheaders.impl.QueryHeadersFilter.doFilter(QueryHeadersFilter.java:75)
>
> org.apache.felix.http.base.internal.handler.FilterHandler.doHandle(FilterHandler.java:88)
>
> org.apache.felix.http.base.internal.handler.FilterHandler.handle(FilterHandler.java:76)
>
> org.apache.felix.http.base.internal.dispatch.InvocationFilterChain.doFilter(InvocationFilterChain.java:47)
>
> org.apache.felix.http.base.internal.dispatch.HttpFilterChain.doFilter(HttpFilterChain.java:33)
>
> org.apache.felix.http.base.internal.handler.FilterHandler.handle(FilterHandler.java:78)
>
> org.apache.felix.http.base.internal.dispatch.InvocationFilterChain.doFilter(InvocationFilterChain.java:47)
>
> org.apache.felix.http.base.internal.dispatch.HttpFilterChain.doFilter(HttpFilterChain.java:33)
>
> org.apache.felix.http.base.internal.dispatch.FilterPipeline.dispatch(FilterPipeline.java:48)
>
> org.apache.felix.http.base.internal.dispatch.Dispatcher.dispatch(Dispatcher.java:39)
>
> org.apache.felix.http.base.internal.DispatcherServlet.service(DispatcherServlet.java:67)
> javax.servlet.http.HttpServlet.service(HttpServlet.java:717)
> org.apache.felix.http.proxy.ProxyServlet.service(ProxyServlet.java:60)
> javax.servlet.http.HttpServlet.service(HttpServlet.java:717)
>
> org.apache.sling.launchpad.base.webapp.SlingServletDelegate.service(SlingServletDelegate.java:278)
>
> org.apache.sling.launchpad.webapp.SlingServlet.service(SlingServlet.java:174)
>
> Where should I set this kind of permissions ?
>
>
> Thanks.
>
> BR,
> Andrea
>