glassfish
  1. glassfish
  2. GLASSFISH-15078

jpa cdi AccessControlException when security manager

    Details

    • Type: Bug Bug
    • Status: Resolved
    • Priority: Major Major
    • Resolution: Fixed
    • Affects Version/s: 3.1
    • Fix Version/s: 3.1_b36
    • Component/s: cdi
    • Labels:
      None
    • Environment:

      Solaris 10 Sparc

      Description

      jpa cdi AccessControlException when security manager

      glassfish-3.1-b33-12_09_2010.zip

      When security manager on, jpa cdi app failed to deploy with
      java.lang.RuntimeException: java.security.AccessControlException:
      access denied (java.lang.reflect.ReflectPermission suppressAccessChecks)
      When security manager off, the same tests passed.

      To reproduce the issue:
      refer the instruction to set env and get test source with co-ejb
      http://agni-1.us.oracle.com/JSPWiki/Wiki.jsp?page=V31CoreInstruction
      do "ant all" in
      appserver-sqe/pe/ejb/jpa20/ear/bvcallbackcdi

        Issue Links

          Activity

          Hide
          sherryshen added a comment -

          deploy-common-pe:
          [exec] asadmin --host localhost --port 4848 --user admin --passwordfile /space/test1/src/c31/appserver-sqe/build-config/adminpassword.txt --interactive=false --echo=true --terse=false deploy --name jpa20-bvcallbackcdiApp --force=false --precompilejsp=false --verify=false --retrieve /space/test1/src/c31/appserver-sqe/build/pe/sparc_syhill_SunOS/jpa20-bvcallbackcdi/archive --generatermistubs=false --availabilityenabled=false --asyncreplication=true --keepreposdir=false --keepfailedstubs=false --isredeploy=false --logreportederrors=true /space/test1/src/c31/appserver-sqe/build/pe/sparc_syhill_SunOS/jpa20-bvcallbackcdi/archive/jpa20-bvcallbackcdiApp.ear
          [exec] Command deploy failed.
          [exec] org.glassfish.api.admin.CommandException: remote failure: Error occurred during deployment: Exception while loading the app : Exception List with 1 exceptions:
          [exec] Exception 0 :
          [exec] java.lang.RuntimeException: java.security.AccessControlException: access denied (java.lang.reflect.ReflectPermission suppressAccessChecks)
          [exec] at org.jboss.weld.util.reflection.SecureReflectionAccess.runAndWrap(SecureReflectionAccess.java:71)
          [exec] at org.jboss.weld.util.reflection.SecureReflections.ensureAccessible(SecureReflections.java:324)
          [exec] at org.jboss.weld.bean.proxy.AbstractBeanInstance.invoke(AbstractBeanInstance.java:47)
          [exec] at org.jboss.weld.bean.proxy.ProxyMethodHandler.invoke(ProxyMethodHandler.java:102)
          [exec] at com.sun.jersey.server.impl.cdi.org$jboss$weld$bean-com$sun$jersey$server$impl$cdi$CDIExtension-Built-in-Extension-com$sun$jersey$server$impl$cdi$CDIExtension_$$WeldClientProxy.beforeBeanDiscovery(org$jboss$weld$bean-com$sun$jersey$server$impl$cdi$CDIExtension-Built-in-Extension-com$sun$jersey$server$impl$cdi$CDIExtension$$_WeldClientProxy.java)
          [exec] at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
          [exec] at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
          [exec] at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
          [exec] at java.lang.reflect.Method.invoke(Method.java:597)
          [exec] at org.jboss.weld.util.reflection.SecureReflections$13.work(SecureReflections.java:305)
          [exec] at org.jboss.weld.util.reflection.SecureReflectionAccess.run(SecureReflectionAccess.java:54)
          [exec] at org.jboss.weld.util.reflection.SecureReflectionAccess.runAsInvocation(SecureReflectionAccess.java:163)
          [exec] at org.jboss.weld.util.reflection.SecureReflections.invoke(SecureReflections.java:299)
          [exec] at org.jboss.weld.introspector.jlr.WeldMethodImpl.invokeOnInstance(WeldMethodImpl.java:198)
          [exec] at org.jboss.weld.introspector.ForwardingWeldMethod.invokeOnInstance(ForwardingWeldMethod.java:59)
          [exec] at org.jboss.weld.injection.MethodInjectionPoint.invokeOnInstanceWithSpecialValue(MethodInjectionPoint.java:200)
          [exec] at org.jboss.weld.event.ObserverMethodImpl.sendEvent(ObserverMethodImpl.java:270)
          [exec] at org.jboss.weld.event.ObserverMethodImpl.sendEvent(ObserverMethodImpl.java:253)
          [exec] at org.jboss.weld.event.ObserverMethodImpl.notify(ObserverMethodImpl.java:222)
          [exec] at org.jboss.weld.bootstrap.events.AbstractContainerEvent.fire(AbstractContainerEvent.java:88)
          [exec] at org.jboss.weld.bootstrap.events.AbstractDefinitionContainerEvent.fire(AbstractDefinitionContainerEvent.java:52)
          [exec] at org.jboss.weld.bootstrap.events.BeforeBeanDiscoveryImpl.fire(BeforeBeanDiscoveryImpl.java:46)
          [exec] at org.jboss.weld.bootstrap.WeldBootstrap.startInitialization(WeldBootstrap.java:340)
          [exec] at org.glassfish.weld.WeldDeployer.event(WeldDeployer.java:162)
          [exec] at org.glassfish.kernel.event.EventsImpl.send(EventsImpl.java:128)
          [exec] at org.glassfish.internal.data.ApplicationInfo.load(ApplicationInfo.java:266)
          [exec] at com.sun.enterprise.v3.server.ApplicationLifecycle.deploy(ApplicationLifecycle.java:460)
          [exec] at com.sun.enterprise.v3.server.ApplicationLifecycle.deploy(ApplicationLifecycle.java:240)
          [exec] at org.glassfish.deployment.admin.DeployCommand.execute(DeployCommand.java:369)
          [exec] at com.sun.enterprise.v3.admin.CommandRunnerImpl$1.execute(CommandRunnerImpl.java:354)
          [exec] at com.sun.enterprise.v3.admin.CommandRunnerImpl.doCommand(CommandRunnerImpl.java:369)
          [exec] at com.sun.enterprise.v3.admin.CommandRunnerImpl.doCommand(CommandRunnerImpl.java:1079)
          [exec] at com.sun.enterprise.v3.admin.CommandRunnerImpl.access$1200(CommandRunnerImpl.java:95)
          [exec] at com.sun.enterprise.v3.admin.CommandRunnerImpl$ExecutionContext.execute(CommandRunnerImpl.java:1257)
          [exec] at com.sun.enterprise.v3.admin.CommandRunnerImpl$ExecutionContext.execute(CommandRunnerImpl.java:1246)
          [exec] at com.sun.enterprise.v3.admin.AdminAdapter.doCommand(AdminAdapter.java:453)
          [exec] at com.sun.enterprise.v3.admin.AdminAdapter.service(AdminAdapter.java:220)
          [exec] at com.sun.grizzly.tcp.http11.GrizzlyAdapter.service(GrizzlyAdapter.java:168)
          [exec] at com.sun.enterprise.v3.server.HK2Dispatcher.dispath(HK2Dispatcher.java:117)
          [exec] at com.sun.enterprise.v3.services.impl.ContainerMapper.service(ContainerMapper.java:234)
          [exec] at com.sun.grizzly.http.ProcessorTask.invokeAdapter(ProcessorTask.java:817)
          [exec] at com.sun.grizzly.http.ProcessorTask.doProcess(ProcessorTask.java:718)
          [exec] at com.sun.grizzly.http.ProcessorTask.process(ProcessorTask.java:1007)
          [exec] at com.sun.grizzly.http.DefaultProtocolFilter.execute(DefaultProtocolFilter.java:225)
          [exec] at com.sun.grizzly.DefaultProtocolChain.executeProtocolFilter(DefaultProtocolChain.java:137)
          [exec] at com.sun.grizzly.DefaultProtocolChain.execute(DefaultProtocolChain.java:104)
          [exec] at com.sun.grizzly.DefaultProtocolChain.execute(DefaultProtocolChain.java:90)
          [exec] at com.sun.grizzly.http.HttpProtocolChain.execute(HttpProtocolChain.java:79)
          [exec] at com.sun.grizzly.ProtocolChainContextTask.doCall(ProtocolChainContextTask.java:54)
          [exec] at com.sun.grizzly.SelectionKeyContextTask.call(SelectionKeyContextTask.java:59)
          [exec] at com.sun.grizzly.ContextTask.run(ContextTask.java:71)
          [exec] at com.sun.grizzly.util.AbstractThreadPool$Worker.doWork(AbstractThreadPool.java:532)
          [exec] at com.sun.grizzly.util.AbstractThreadPool$Worker.run(AbstractThreadPool.java:513)
          [exec] at java.lang.Thread.run(Thread.java:619)
          [exec] Caused by: java.security.AccessControlException: access denied (java.lang.reflect.ReflectPermission suppressAccessChecks)
          [exec] at java.security.AccessControlContext.checkPermission(AccessControlContext.java:323)
          [exec] at java.security.AccessController.checkPermission(AccessController.java:546)
          [exec] at java.lang.SecurityManager.checkPermission(SecurityManager.java:532)
          [exec] at java.lang.reflect.AccessibleObject.setAccessible(AccessibleObject.java:107)
          [exec] at org.jboss.weld.util.reflection.SecureReflections$14.work(SecureReflections.java:332)
          [exec] at org.jboss.weld.util.reflection.SecureReflections$14.work(SecureReflections.java:325)
          [exec] at org.jboss.weld.util.reflection.SecureReflectionAccess.run(SecureReflectionAccess.java:54)
          [exec] at org.jboss.weld.util.reflection.SecureReflectionAccess.runAndWrap(SecureReflectionAccess.java:67)
          [exec] ... 53 more
          [exec] . Please see server.log for more details.
          [exec] Result: 1

          Show
          sherryshen added a comment - deploy-common-pe: [exec] asadmin --host localhost --port 4848 --user admin --passwordfile /space/test1/src/c31/appserver-sqe/build-config/adminpassword.txt --interactive=false --echo=true --terse=false deploy --name jpa20-bvcallbackcdiApp --force=false --precompilejsp=false --verify=false --retrieve /space/test1/src/c31/appserver-sqe/build/pe/sparc_syhill_SunOS/jpa20-bvcallbackcdi/archive --generatermistubs=false --availabilityenabled=false --asyncreplication=true --keepreposdir=false --keepfailedstubs=false --isredeploy=false --logreportederrors=true /space/test1/src/c31/appserver-sqe/build/pe/sparc_syhill_SunOS/jpa20-bvcallbackcdi/archive/jpa20-bvcallbackcdiApp.ear [exec] Command deploy failed. [exec] org.glassfish.api.admin.CommandException: remote failure: Error occurred during deployment: Exception while loading the app : Exception List with 1 exceptions: [exec] Exception 0 : [exec] java.lang.RuntimeException: java.security.AccessControlException: access denied (java.lang.reflect.ReflectPermission suppressAccessChecks) [exec] at org.jboss.weld.util.reflection.SecureReflectionAccess.runAndWrap(SecureReflectionAccess.java:71) [exec] at org.jboss.weld.util.reflection.SecureReflections.ensureAccessible(SecureReflections.java:324) [exec] at org.jboss.weld.bean.proxy.AbstractBeanInstance.invoke(AbstractBeanInstance.java:47) [exec] at org.jboss.weld.bean.proxy.ProxyMethodHandler.invoke(ProxyMethodHandler.java:102) [exec] at com.sun.jersey.server.impl.cdi.org$jboss$weld$bean-com$sun$jersey$server$impl$cdi$CDIExtension-Built-in-Extension-com$sun$jersey$server$impl$cdi$CDIExtension_$$ WeldClientProxy.beforeBeanDiscovery(org$jboss$weld$bean-com$sun$jersey$server$impl$cdi$CDIExtension-Built-in-Extension-com$sun$jersey$server$impl$cdi$CDIExtension $$_WeldClientProxy.java) [exec] at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) [exec] at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39) [exec] at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25) [exec] at java.lang.reflect.Method.invoke(Method.java:597) [exec] at org.jboss.weld.util.reflection.SecureReflections$13.work(SecureReflections.java:305) [exec] at org.jboss.weld.util.reflection.SecureReflectionAccess.run(SecureReflectionAccess.java:54) [exec] at org.jboss.weld.util.reflection.SecureReflectionAccess.runAsInvocation(SecureReflectionAccess.java:163) [exec] at org.jboss.weld.util.reflection.SecureReflections.invoke(SecureReflections.java:299) [exec] at org.jboss.weld.introspector.jlr.WeldMethodImpl.invokeOnInstance(WeldMethodImpl.java:198) [exec] at org.jboss.weld.introspector.ForwardingWeldMethod.invokeOnInstance(ForwardingWeldMethod.java:59) [exec] at org.jboss.weld.injection.MethodInjectionPoint.invokeOnInstanceWithSpecialValue(MethodInjectionPoint.java:200) [exec] at org.jboss.weld.event.ObserverMethodImpl.sendEvent(ObserverMethodImpl.java:270) [exec] at org.jboss.weld.event.ObserverMethodImpl.sendEvent(ObserverMethodImpl.java:253) [exec] at org.jboss.weld.event.ObserverMethodImpl.notify(ObserverMethodImpl.java:222) [exec] at org.jboss.weld.bootstrap.events.AbstractContainerEvent.fire(AbstractContainerEvent.java:88) [exec] at org.jboss.weld.bootstrap.events.AbstractDefinitionContainerEvent.fire(AbstractDefinitionContainerEvent.java:52) [exec] at org.jboss.weld.bootstrap.events.BeforeBeanDiscoveryImpl.fire(BeforeBeanDiscoveryImpl.java:46) [exec] at org.jboss.weld.bootstrap.WeldBootstrap.startInitialization(WeldBootstrap.java:340) [exec] at org.glassfish.weld.WeldDeployer.event(WeldDeployer.java:162) [exec] at org.glassfish.kernel.event.EventsImpl.send(EventsImpl.java:128) [exec] at org.glassfish.internal.data.ApplicationInfo.load(ApplicationInfo.java:266) [exec] at com.sun.enterprise.v3.server.ApplicationLifecycle.deploy(ApplicationLifecycle.java:460) [exec] at com.sun.enterprise.v3.server.ApplicationLifecycle.deploy(ApplicationLifecycle.java:240) [exec] at org.glassfish.deployment.admin.DeployCommand.execute(DeployCommand.java:369) [exec] at com.sun.enterprise.v3.admin.CommandRunnerImpl$1.execute(CommandRunnerImpl.java:354) [exec] at com.sun.enterprise.v3.admin.CommandRunnerImpl.doCommand(CommandRunnerImpl.java:369) [exec] at com.sun.enterprise.v3.admin.CommandRunnerImpl.doCommand(CommandRunnerImpl.java:1079) [exec] at com.sun.enterprise.v3.admin.CommandRunnerImpl.access$1200(CommandRunnerImpl.java:95) [exec] at com.sun.enterprise.v3.admin.CommandRunnerImpl$ExecutionContext.execute(CommandRunnerImpl.java:1257) [exec] at com.sun.enterprise.v3.admin.CommandRunnerImpl$ExecutionContext.execute(CommandRunnerImpl.java:1246) [exec] at com.sun.enterprise.v3.admin.AdminAdapter.doCommand(AdminAdapter.java:453) [exec] at com.sun.enterprise.v3.admin.AdminAdapter.service(AdminAdapter.java:220) [exec] at com.sun.grizzly.tcp.http11.GrizzlyAdapter.service(GrizzlyAdapter.java:168) [exec] at com.sun.enterprise.v3.server.HK2Dispatcher.dispath(HK2Dispatcher.java:117) [exec] at com.sun.enterprise.v3.services.impl.ContainerMapper.service(ContainerMapper.java:234) [exec] at com.sun.grizzly.http.ProcessorTask.invokeAdapter(ProcessorTask.java:817) [exec] at com.sun.grizzly.http.ProcessorTask.doProcess(ProcessorTask.java:718) [exec] at com.sun.grizzly.http.ProcessorTask.process(ProcessorTask.java:1007) [exec] at com.sun.grizzly.http.DefaultProtocolFilter.execute(DefaultProtocolFilter.java:225) [exec] at com.sun.grizzly.DefaultProtocolChain.executeProtocolFilter(DefaultProtocolChain.java:137) [exec] at com.sun.grizzly.DefaultProtocolChain.execute(DefaultProtocolChain.java:104) [exec] at com.sun.grizzly.DefaultProtocolChain.execute(DefaultProtocolChain.java:90) [exec] at com.sun.grizzly.http.HttpProtocolChain.execute(HttpProtocolChain.java:79) [exec] at com.sun.grizzly.ProtocolChainContextTask.doCall(ProtocolChainContextTask.java:54) [exec] at com.sun.grizzly.SelectionKeyContextTask.call(SelectionKeyContextTask.java:59) [exec] at com.sun.grizzly.ContextTask.run(ContextTask.java:71) [exec] at com.sun.grizzly.util.AbstractThreadPool$Worker.doWork(AbstractThreadPool.java:532) [exec] at com.sun.grizzly.util.AbstractThreadPool$Worker.run(AbstractThreadPool.java:513) [exec] at java.lang.Thread.run(Thread.java:619) [exec] Caused by: java.security.AccessControlException: access denied (java.lang.reflect.ReflectPermission suppressAccessChecks) [exec] at java.security.AccessControlContext.checkPermission(AccessControlContext.java:323) [exec] at java.security.AccessController.checkPermission(AccessController.java:546) [exec] at java.lang.SecurityManager.checkPermission(SecurityManager.java:532) [exec] at java.lang.reflect.AccessibleObject.setAccessible(AccessibleObject.java:107) [exec] at org.jboss.weld.util.reflection.SecureReflections$14.work(SecureReflections.java:332) [exec] at org.jboss.weld.util.reflection.SecureReflections$14.work(SecureReflections.java:325) [exec] at org.jboss.weld.util.reflection.SecureReflectionAccess.run(SecureReflectionAccess.java:54) [exec] at org.jboss.weld.util.reflection.SecureReflectionAccess.runAndWrap(SecureReflectionAccess.java:67) [exec] ... 53 more [exec] . Please see server.log for more details. [exec] Result: 1
          Hide
          sherryshen added a comment -

          releated sever.log

          Show
          sherryshen added a comment - releated sever.log
          Hide
          Sivakumar Thyagarajan added a comment -

          This appears to be a WELD issue. A related issue https://issues.jboss.org/browse/WELD-32 has been filed earlier in the WELD JIRA to resolve this. I am working with the weld team to find out if we can get this fixed in the 3.1 timeframe.

          Show
          Sivakumar Thyagarajan added a comment - This appears to be a WELD issue. A related issue https://issues.jboss.org/browse/WELD-32 has been filed earlier in the WELD JIRA to resolve this. I am working with the weld team to find out if we can get this fixed in the 3.1 timeframe.
          Hide
          Sivakumar Thyagarajan added a comment -

          A simpler way to reproduce this issue is to:

          • enable security manager in GF and restart domain
          • deploy the attached war
          • deployment would fail with the following error in server.log
            Caused by: java.security.AccessControlException: access denied (java.lang.reflect.ReflectPermission suppressAccessChecks)
            at java.security.AccessControlContext.checkPermission(AccessControlContext.java:323)
            at java.security.AccessController.checkPermission(AccessController.java:546)
            at java.lang.SecurityManager.checkPermission(SecurityManager.java:532)
            at java.lang.reflect.AccessibleObject.setAccessible(AccessibleObject.java:107)
            at org.jboss.weld.util.reflection.SecureReflections$14.work(SecureReflections.java:332)
            at org.jboss.weld.util.reflection.SecureReflections$14.work(SecureReflections.java:325)
            at org.jboss.weld.util.reflection.SecureReflectionAccess.run(SecureReflectionAccess.java:54)
            at org.jboss.weld.util.reflection.SecureReflectionAccess.runAndWrap(SecureReflectionAccess.java:67)
          Show
          Sivakumar Thyagarajan added a comment - A simpler way to reproduce this issue is to: enable security manager in GF and restart domain deploy the attached war deployment would fail with the following error in server.log Caused by: java.security.AccessControlException: access denied (java.lang.reflect.ReflectPermission suppressAccessChecks) at java.security.AccessControlContext.checkPermission(AccessControlContext.java:323) at java.security.AccessController.checkPermission(AccessController.java:546) at java.lang.SecurityManager.checkPermission(SecurityManager.java:532) at java.lang.reflect.AccessibleObject.setAccessible(AccessibleObject.java:107) at org.jboss.weld.util.reflection.SecureReflections$14.work(SecureReflections.java:332) at org.jboss.weld.util.reflection.SecureReflections$14.work(SecureReflections.java:325) at org.jboss.weld.util.reflection.SecureReflectionAccess.run(SecureReflectionAccess.java:54) at org.jboss.weld.util.reflection.SecureReflectionAccess.runAndWrap(SecureReflectionAccess.java:67)
          Hide
          Sivakumar Thyagarajan added a comment -
          Show
          Sivakumar Thyagarajan added a comment - Simple war to reproduce the issue. The sources for this is at https://svn.java.net/svn/glassfish~svn/trunk/v2/appserv-tests/devtests/cdi/smoke-tests/cdi-servlet-3.0-annotation/
          Hide
          Sivakumar Thyagarajan added a comment -

          Weld is not planning to fix this issue in their 1.1.0 release and I am investigating GF specific workarounds that a user could do.

          Adding the java.lang.reflect.ReflectPermission "suppressAccessChecks" Permission to the default grant block in server.policy does work. However I am trying to figure out a way to localize providing this permission only to the CDI application involved and I am working with the GF security team about this.

          Show
          Sivakumar Thyagarajan added a comment - Weld is not planning to fix this issue in their 1.1.0 release and I am investigating GF specific workarounds that a user could do. Adding the java.lang.reflect.ReflectPermission "suppressAccessChecks" Permission to the default grant block in server.policy does work. However I am trying to figure out a way to localize providing this permission only to the CDI application involved and I am working with the GF security team about this.
          Hide
          Sivakumar Thyagarajan added a comment -

          It was found that the Weld-generated proxies uses the default ProtectionDomain, as the proxies are generated using ClassLoader.defineClass(String name, byte[] b, int off, int len). This prevents a user to specify an application specific permission grant or a grant to a known codesource to get Weld working in a SecurityManager, and having to provide the suppressAccessChecks Permission for all classes. We are working with the Weld team to find out if all generated proxies could use a well-defined ProtectionDomain/CodeSource.

          Show
          Sivakumar Thyagarajan added a comment - It was found that the Weld-generated proxies uses the default ProtectionDomain, as the proxies are generated using ClassLoader.defineClass(String name, byte[] b, int off, int len). This prevents a user to specify an application specific permission grant or a grant to a known codesource to get Weld working in a SecurityManager, and having to provide the suppressAccessChecks Permission for all classes. We are working with the Weld team to find out if all generated proxies could use a well-defined ProtectionDomain/CodeSource.
          Hide
          sherryshen added a comment -

          The log of instance 1 from cluster tests.

          Show
          sherryshen added a comment - The log of instance 1 from cluster tests.
          Hide
          sherryshen added a comment -

          A. For das tests on b33:
          asadmin create-jvm-options -Djava.security.manager
          restart domain, do "ant all" in
          appserver-sqe/pe/ejb/jpa20/ear/bvcallbackcdi
          Tests failed with server.log in the previous
          attachment at 09/Dec/10 03:34 PM.

          Caused by: java.security.AccessControlException: access denied (java.lang.reflect.ReflectPermission suppressAccessChecks)
          at java.security.AccessControlContext.checkPermission(AccessControlContext.java:323)
          at java.security.AccessController.checkPermission(AccessController.java:546)
          at java.lang.SecurityManager.checkPermission(SecurityManager.java:532)
          at java.lang.reflect.AccessibleObject.setAccessible(AccessibleObject.java:107)
          at org.jboss.weld.util.reflection.SecureReflections$14.work(SecureReflections.java:332)

          B. For cluster tests on b34:
          asadmin create-jvm-options --target sqe-cluster -Djava.security.manager
          restart domain and cluster, do "ant ee all" in
          appserver-sqe/pe/ejb/jpa20/ear/bvcallbackcdi
          Tests failed with server.log.in1 in the attachment today,
          28/Dec/10 11:31 AM.

          Caused by: java.security.AccessControlException: access denied (java.lang.reflect.ReflectPermission suppressAccessChecks)
          at java.security.AccessControlContext.checkPermission(AccessControlContext.java:323)
          at java.security.AccessController.checkPermission(AccessController.java:546)
          at java.lang.SecurityManager.checkPermission(SecurityManager.java:532)
          at java.lang.reflect.AccessibleObject.setAccessible(AccessibleObject.java:107)
          at org.jboss.weld.util.reflection.SecureReflections$14.work(SecureReflections.java:332)

          Show
          sherryshen added a comment - A. For das tests on b33: asadmin create-jvm-options -Djava.security.manager restart domain, do "ant all" in appserver-sqe/pe/ejb/jpa20/ear/bvcallbackcdi Tests failed with server.log in the previous attachment at 09/Dec/10 03:34 PM. Caused by: java.security.AccessControlException: access denied (java.lang.reflect.ReflectPermission suppressAccessChecks) at java.security.AccessControlContext.checkPermission(AccessControlContext.java:323) at java.security.AccessController.checkPermission(AccessController.java:546) at java.lang.SecurityManager.checkPermission(SecurityManager.java:532) at java.lang.reflect.AccessibleObject.setAccessible(AccessibleObject.java:107) at org.jboss.weld.util.reflection.SecureReflections$14.work(SecureReflections.java:332) B. For cluster tests on b34: asadmin create-jvm-options --target sqe-cluster -Djava.security.manager restart domain and cluster, do "ant ee all" in appserver-sqe/pe/ejb/jpa20/ear/bvcallbackcdi Tests failed with server.log.in1 in the attachment today, 28/Dec/10 11:31 AM. Caused by: java.security.AccessControlException: access denied (java.lang.reflect.ReflectPermission suppressAccessChecks) at java.security.AccessControlContext.checkPermission(AccessControlContext.java:323) at java.security.AccessController.checkPermission(AccessController.java:546) at java.lang.SecurityManager.checkPermission(SecurityManager.java:532) at java.lang.reflect.AccessibleObject.setAccessible(AccessibleObject.java:107) at org.jboss.weld.util.reflection.SecureReflections$14.work(SecureReflections.java:332)
          Hide
          Sivakumar Thyagarajan added a comment -

          Created a new Weld issue https://issues.jboss.org/browse/WELD-813 to track this.

          Show
          Sivakumar Thyagarajan added a comment - Created a new Weld issue https://issues.jboss.org/browse/WELD-813 to track this.
          Hide
          Sivakumar Thyagarajan added a comment -

          @sherry: Tests in A. and B. below fail because of this known issue. CDI applications currently don't work with an enabled Security Manager, and we are working with the Weld team to support that usecase. About C. enable-secure-admin enables secure communication between admin clients and DAS and between DAS and instances as detailed here http://wikis.sun.com/display/GlassFish/3.1SecureAdminTraffic#3.1SecureAdminTraffic-enablesecureadmin
          This is unrelated to security manager issue outlined in A. and B and this issue.

          Show
          Sivakumar Thyagarajan added a comment - @sherry: Tests in A. and B. below fail because of this known issue. CDI applications currently don't work with an enabled Security Manager, and we are working with the Weld team to support that usecase. About C. enable-secure-admin enables secure communication between admin clients and DAS and between DAS and instances as detailed here http://wikis.sun.com/display/GlassFish/3.1SecureAdminTraffic#3.1SecureAdminTraffic-enablesecureadmin This is unrelated to security manager issue outlined in A. and B and this issue.
          Hide
          Sivakumar Thyagarajan added a comment - - edited

          The Weld team doesn't want to support SM as part of this release, and through a fix for WELD-813, a standard well-known ProtectionDomain for the Bean proxies generated by Weld is added, and this can be used to provide a simple workaround that could be used by the user.

          Workaround:
          In 3.1, for a CDI-enabled application if a user wants to set the SecurityManager on, they have to grant the following permission to the application as a workaround.
          > grant codeBase "file:$

          {com.sun.aas.instanceRoot}

          /applications/[ApplicationName]"

          { > permission java.lang.reflect.ReflectPermission "suppressAccessChecks"; > }

          ;

          I have integrated the latest Weld 1.1.0.CR4 into GF3.1 as part of commit 44200. With this build, a user who wants to use CDI applications in the context of a SecurityManager could add the permission above. I have tested this behavior with all our developer tests with an enabled SecurityManager

          Resolving this for now. We will release-note this behavior or make this addition of permission easier.

          Show
          Sivakumar Thyagarajan added a comment - - edited The Weld team doesn't want to support SM as part of this release, and through a fix for WELD-813, a standard well-known ProtectionDomain for the Bean proxies generated by Weld is added, and this can be used to provide a simple workaround that could be used by the user. Workaround: In 3.1, for a CDI-enabled application if a user wants to set the SecurityManager on, they have to grant the following permission to the application as a workaround. > grant codeBase "file:$ {com.sun.aas.instanceRoot} /applications/ [ApplicationName] " { > permission java.lang.reflect.ReflectPermission "suppressAccessChecks"; > } ; I have integrated the latest Weld 1.1.0.CR4 into GF3.1 as part of commit 44200. With this build, a user who wants to use CDI applications in the context of a SecurityManager could add the permission above. I have tested this behavior with all our developer tests with an enabled SecurityManager Resolving this for now. We will release-note this behavior or make this addition of permission easier.
          Hide
          sherryshen added a comment -

          The tests still failed on b36 promoted and b37 nightly.
          The previous failure on b33 is at deploy.
          For b37n, deploy is OK, the failure is at runtime.

          glassfish-3.1-b37-01_05_2011.zip

          Modify server.policy with
          //jpa cdi test with security permissions
          grant codeBase "file:$

          {com.sun.aas.installRoot}

          /applications/jpa20-bvcallbackcdiApp/-"

          { permission java.lang.reflect.ReflectPermission "suppressAccessChecks"; }

          ;

          [#|2011-01-05T11:51:42.168-0800|INFO|glassfish3.1|javax.enterprise.system.std.com.sun.enterprise.server.logging|_ThreadID=115;_ThreadName=Thread-1;|**********1. TestServlet: add User1 with short Name**********|#]

          [#|2011-01-05T11:51:42.211-0800|INFO|glassfish3.1|javax.enterprise.system.core.security|_ThreadID=21;_ThreadName=Thread-1;|JACC Policy Provider: Failed Permission Check, context(jpa20-bvcallbackcdiApp/jpa20-bvcallbackcdi_war)- permission((java.lang.reflect.ReflectPermission suppressAccessChecks))|#]

          [#|2011-01-05T11:51:42.214-0800|SEVERE|glassfish3.1|javax.enterprise.system.container.ejb.com.sun.ejb.containers|_ThreadID=115;_ThreadName=Thread-1;|EJB5070: Exception creating stateless session bean : [UserEJB]|#]

          [#|2011-01-05T11:51:42.217-0800|WARNING|glassfish3.1|javax.enterprise.system.container.ejb.com.sun.ejb.containers|_ThreadID=115;_ThreadName=Thread-1;|A system exception occurred during an invocation on EJB UserEJB method public boolean jpa20.ear.bvcallbackcdi.service.UserEJB.addUser(java.lang.String,java.lang.String,int)
          javax.ejb.EJBException: javax.ejb.EJBException: javax.ejb.CreateException: Could not create stateless EJB
          at com.sun.ejb.containers.StatelessSessionContainer._getContext(StatelessSessionContainer.java:454)
          at com.sun.ejb.containers.BaseContainer.getContext(BaseContainer.java:2528)
          at com.sun.ejb.containers.BaseContainer.preInvoke(BaseContainer.java:1895)
          at com.sun.ejb.containers.EJBLocalObjectInvocationHandler.invoke(EJBLocalObjectInvocationHandler.java:212)
          at com.sun.ejb.containers.EJBLocalObjectInvocationHandlerDelegate.invoke(EJBLocalObjectInvocationHandlerDelegate.java:88)
          at $Proxy132.addUser(Unknown Source)
          at jpa20.ear.bvcallbackcdi.service._EJB31_GeneratedUserEJBIntf__Bean_.addUser(Unknown Source)
          at jpa20.ear.bvcallbackcdi.web.TestServlet.processRequest(TestServlet.java:34)
          at jpa20.ear.bvcallbackcdi.web.TestServlet.doGet(TestServlet.java:75)
          at javax.servlet.http.HttpServlet.service(HttpServlet.java:735)
          at javax.servlet.http.HttpServlet.service(HttpServlet.java:848)
          at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
          at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
          at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
          at java.lang.reflect.Method.invoke(Method.java:597)
          at org.apache.catalina.security.SecurityUtil$1.run(SecurityUtil.java:322)
          at java.security.AccessController.doPrivileged(Native Method)
          at javax.security.auth.Subject.doAsPrivileged(Subject.java:517)
          at org.apache.catalina.security.SecurityUtil.execute(SecurityUtil.java:355)
          at org.apache.catalina.security.SecurityUtil.doAsPrivilege(SecurityUtil.java:212)
          at org.apache.catalina.core.StandardWrapper.service(StandardWrapper.java:1527)
          at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:281)
          at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:175)
          at org.apache.catalina.core.StandardPipeline.doInvoke(StandardPipeline.java:655)
          at org.apache.catalina.core.StandardPipeline.invoke(StandardPipeline.java:595)
          at com.sun.enterprise.web.WebPipeline.invoke(WebPipeline.java:98)
          at com.sun.enterprise.web.PESessionLockingStandardPipeline.invoke(PESessionLockingStandardPipeline.java:91)
          at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:162)
          at org.apache.catalina.connector.CoyoteAdapter.doService(CoyoteAdapter.java:326)
          at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:227)
          at com.sun.enterprise.v3.services.impl.ContainerMapper.service(ContainerMapper.java:170)
          at com.sun.grizzly.http.ProcessorTask.invokeAdapter(ProcessorTask.java:818)
          at com.sun.grizzly.http.ProcessorTask.doProcess(ProcessorTask.java:719)
          at com.sun.grizzly.http.ProcessorTask.process(ProcessorTask.java:1008)
          at com.sun.grizzly.http.DefaultProtocolFilter.execute(DefaultProtocolFilter.java:225)
          at com.sun.grizzly.DefaultProtocolChain.executeProtocolFilter(DefaultProtocolChain.java:137)
          at com.sun.grizzly.DefaultProtocolChain.execute(DefaultProtocolChain.java:104)
          at com.sun.grizzly.DefaultProtocolChain.execute(DefaultProtocolChain.java:90)
          at com.sun.grizzly.http.HttpProtocolChain.execute(HttpProtocolChain.java:79)
          at com.sun.grizzly.ProtocolChainContextTask.doCall(ProtocolChainContextTask.java:54)
          at com.sun.grizzly.SelectionKeyContextTask.call(SelectionKeyContextTask.java:59)
          at com.sun.grizzly.ContextTask.run(ContextTask.java:71)
          at com.sun.grizzly.util.AbstractThreadPool$Worker.doWork(AbstractThreadPool.java:532)
          at com.sun.grizzly.util.AbstractThreadPool$Worker.run(AbstractThreadPool.java:513)
          at java.lang.Thread.run(Thread.java:619)
          Caused by: javax.ejb.EJBException: javax.ejb.CreateException: Could not create stateless EJB
          at com.sun.ejb.containers.StatelessSessionContainer$SessionContextFactory.create(StatelessSessionContainer.java:726)
          at com.sun.ejb.containers.util.pool.NonBlockingPool.getObject(NonBlockingPool.java:247)
          at com.sun.ejb.containers.StatelessSessionContainer._getContext(StatelessSessionContainer.java:449)
          ... 44 more
          Caused by: javax.ejb.CreateException: Could not create stateless EJB
          at com.sun.ejb.containers.StatelessSessionContainer.createStatelessEJB(StatelessSessionContainer.java:534)
          at com.sun.ejb.containers.StatelessSessionContainer.access$000(StatelessSessionContainer.java:95)
          at com.sun.ejb.containers.StatelessSessionContainer$SessionContextFactory.create(StatelessSessionContainer.java:724)
          ... 46 more
          Caused by: java.lang.RuntimeException: java.security.AccessControlException: access denied (java.lang.reflect.ReflectPermission suppressAccessChecks)
          at org.jboss.weld.util.reflection.SecureReflectionAccess.runAndWrap(SecureReflectionAccess.java:71)
          at org.jboss.weld.util.reflection.SecureReflections.ensureAccessible(SecureReflections.java:324)
          at org.jboss.weld.introspector.jlr.WeldConstructorImpl.newInstance(WeldConstructorImpl.java:239)
          at org.jboss.weld.injection.ConstructorInjectionPoint.newInstance(ConstructorInjectionPoint.java:134)
          at org.jboss.weld.bean.ManagedBean.createInstance(ManagedBean.java:385)
          at org.jboss.weld.bean.ManagedBean$ManagedBeanInjectionTarget.produce(ManagedBean.java:234)
          at org.jboss.weld.bean.ManagedBean.create(ManagedBean.java:338)
          at org.jboss.weld.context.unbound.DependentContextImpl.get(DependentContextImpl.java:67)
          at org.jboss.weld.manager.BeanManagerImpl.getReference(BeanManagerImpl.java:669)
          at org.jboss.weld.manager.BeanManagerImpl.getReference(BeanManagerImpl.java:751)
          at org.jboss.weld.injection.FieldInjectionPoint.inject(FieldInjectionPoint.java:138)
          at org.jboss.weld.util.Beans.injectBoundFields(Beans.java:872)
          at org.jboss.weld.util.Beans.injectFieldsAndInitializers(Beans.java:884)
          at org.jboss.weld.bean.SessionBean$1$1.proceed(SessionBean.java:195)
          at org.glassfish.weld.services.InjectionServicesImpl.aroundInject(InjectionServicesImpl.java:134)
          at org.jboss.weld.injection.InjectionContextImpl.run(InjectionContextImpl.java:50)
          at org.jboss.weld.bean.SessionBean$1.inject(SessionBean.java:190)
          at org.glassfish.weld.services.JCDIServiceImpl.injectEJBInstance(JCDIServiceImpl.java:170)
          at com.sun.ejb.containers.BaseContainer.injectEjbInstance(BaseContainer.java:1675)
          at com.sun.ejb.containers.StatelessSessionContainer.createStatelessEJB(StatelessSessionContainer.java:494)
          ... 48 more
          Caused by: java.security.AccessControlException: access denied (java.lang.reflect.ReflectPermission suppressAccessChecks)
          at java.security.AccessControlContext.checkPermission(AccessControlContext.java:323)
          at java.security.AccessController.checkPermission(AccessController.java:546)
          at java.lang.SecurityManager.checkPermission(SecurityManager.java:532)
          at java.lang.reflect.AccessibleObject.setAccessible(AccessibleObject.java:107)
          at org.jboss.weld.util.reflection.SecureReflections$14.work(SecureReflections.java:332)
          at org.jboss.weld.util.reflection.SecureReflections$14.work(SecureReflections.java:325)
          at org.jboss.weld.util.reflection.SecureReflectionAccess.run(SecureReflectionAccess.java:54)
          at org.jboss.weld.util.reflection.SecureReflectionAccess.runAndWrap(SecureReflectionAccess.java:67)
          ... 67 more

          #]

          [#|2011-01-05T11:51:42.226-0800|INFO|glassfish3.1|javax.enterprise.system.std.com.sun.enterprise.server.logging|_ThreadID=115;_ThreadName=Thread-1;|Failure in TestServlet|#]

          Show
          sherryshen added a comment - The tests still failed on b36 promoted and b37 nightly. The previous failure on b33 is at deploy. For b37n, deploy is OK, the failure is at runtime. glassfish-3.1-b37-01_05_2011.zip Modify server.policy with //jpa cdi test with security permissions grant codeBase "file:$ {com.sun.aas.installRoot} /applications/jpa20-bvcallbackcdiApp/-" { permission java.lang.reflect.ReflectPermission "suppressAccessChecks"; } ; [#|2011-01-05T11:51:42.168-0800|INFO|glassfish3.1|javax.enterprise.system.std.com.sun.enterprise.server.logging|_ThreadID=115;_ThreadName=Thread-1;|**********1. TestServlet: add User1 with short Name**********|#] [#|2011-01-05T11:51:42.211-0800|INFO|glassfish3.1|javax.enterprise.system.core.security|_ThreadID=21;_ThreadName=Thread-1;|JACC Policy Provider: Failed Permission Check, context(jpa20-bvcallbackcdiApp/jpa20-bvcallbackcdi_war)- permission((java.lang.reflect.ReflectPermission suppressAccessChecks))|#] [#|2011-01-05T11:51:42.214-0800|SEVERE|glassfish3.1|javax.enterprise.system.container.ejb.com.sun.ejb.containers|_ThreadID=115;_ThreadName=Thread-1;|EJB5070: Exception creating stateless session bean : [UserEJB] |#] [#|2011-01-05T11:51:42.217-0800|WARNING|glassfish3.1|javax.enterprise.system.container.ejb.com.sun.ejb.containers|_ThreadID=115;_ThreadName=Thread-1;|A system exception occurred during an invocation on EJB UserEJB method public boolean jpa20.ear.bvcallbackcdi.service.UserEJB.addUser(java.lang.String,java.lang.String,int) javax.ejb.EJBException: javax.ejb.EJBException: javax.ejb.CreateException: Could not create stateless EJB at com.sun.ejb.containers.StatelessSessionContainer._getContext(StatelessSessionContainer.java:454) at com.sun.ejb.containers.BaseContainer.getContext(BaseContainer.java:2528) at com.sun.ejb.containers.BaseContainer.preInvoke(BaseContainer.java:1895) at com.sun.ejb.containers.EJBLocalObjectInvocationHandler.invoke(EJBLocalObjectInvocationHandler.java:212) at com.sun.ejb.containers.EJBLocalObjectInvocationHandlerDelegate.invoke(EJBLocalObjectInvocationHandlerDelegate.java:88) at $Proxy132.addUser(Unknown Source) at jpa20.ear.bvcallbackcdi.service._ EJB31_Generated UserEJB Intf __ Bean _.addUser(Unknown Source) at jpa20.ear.bvcallbackcdi.web.TestServlet.processRequest(TestServlet.java:34) at jpa20.ear.bvcallbackcdi.web.TestServlet.doGet(TestServlet.java:75) at javax.servlet.http.HttpServlet.service(HttpServlet.java:735) at javax.servlet.http.HttpServlet.service(HttpServlet.java:848) at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39) at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25) at java.lang.reflect.Method.invoke(Method.java:597) at org.apache.catalina.security.SecurityUtil$1.run(SecurityUtil.java:322) at java.security.AccessController.doPrivileged(Native Method) at javax.security.auth.Subject.doAsPrivileged(Subject.java:517) at org.apache.catalina.security.SecurityUtil.execute(SecurityUtil.java:355) at org.apache.catalina.security.SecurityUtil.doAsPrivilege(SecurityUtil.java:212) at org.apache.catalina.core.StandardWrapper.service(StandardWrapper.java:1527) at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:281) at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:175) at org.apache.catalina.core.StandardPipeline.doInvoke(StandardPipeline.java:655) at org.apache.catalina.core.StandardPipeline.invoke(StandardPipeline.java:595) at com.sun.enterprise.web.WebPipeline.invoke(WebPipeline.java:98) at com.sun.enterprise.web.PESessionLockingStandardPipeline.invoke(PESessionLockingStandardPipeline.java:91) at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:162) at org.apache.catalina.connector.CoyoteAdapter.doService(CoyoteAdapter.java:326) at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:227) at com.sun.enterprise.v3.services.impl.ContainerMapper.service(ContainerMapper.java:170) at com.sun.grizzly.http.ProcessorTask.invokeAdapter(ProcessorTask.java:818) at com.sun.grizzly.http.ProcessorTask.doProcess(ProcessorTask.java:719) at com.sun.grizzly.http.ProcessorTask.process(ProcessorTask.java:1008) at com.sun.grizzly.http.DefaultProtocolFilter.execute(DefaultProtocolFilter.java:225) at com.sun.grizzly.DefaultProtocolChain.executeProtocolFilter(DefaultProtocolChain.java:137) at com.sun.grizzly.DefaultProtocolChain.execute(DefaultProtocolChain.java:104) at com.sun.grizzly.DefaultProtocolChain.execute(DefaultProtocolChain.java:90) at com.sun.grizzly.http.HttpProtocolChain.execute(HttpProtocolChain.java:79) at com.sun.grizzly.ProtocolChainContextTask.doCall(ProtocolChainContextTask.java:54) at com.sun.grizzly.SelectionKeyContextTask.call(SelectionKeyContextTask.java:59) at com.sun.grizzly.ContextTask.run(ContextTask.java:71) at com.sun.grizzly.util.AbstractThreadPool$Worker.doWork(AbstractThreadPool.java:532) at com.sun.grizzly.util.AbstractThreadPool$Worker.run(AbstractThreadPool.java:513) at java.lang.Thread.run(Thread.java:619) Caused by: javax.ejb.EJBException: javax.ejb.CreateException: Could not create stateless EJB at com.sun.ejb.containers.StatelessSessionContainer$SessionContextFactory.create(StatelessSessionContainer.java:726) at com.sun.ejb.containers.util.pool.NonBlockingPool.getObject(NonBlockingPool.java:247) at com.sun.ejb.containers.StatelessSessionContainer._getContext(StatelessSessionContainer.java:449) ... 44 more Caused by: javax.ejb.CreateException: Could not create stateless EJB at com.sun.ejb.containers.StatelessSessionContainer.createStatelessEJB(StatelessSessionContainer.java:534) at com.sun.ejb.containers.StatelessSessionContainer.access$000(StatelessSessionContainer.java:95) at com.sun.ejb.containers.StatelessSessionContainer$SessionContextFactory.create(StatelessSessionContainer.java:724) ... 46 more Caused by: java.lang.RuntimeException: java.security.AccessControlException: access denied (java.lang.reflect.ReflectPermission suppressAccessChecks) at org.jboss.weld.util.reflection.SecureReflectionAccess.runAndWrap(SecureReflectionAccess.java:71) at org.jboss.weld.util.reflection.SecureReflections.ensureAccessible(SecureReflections.java:324) at org.jboss.weld.introspector.jlr.WeldConstructorImpl.newInstance(WeldConstructorImpl.java:239) at org.jboss.weld.injection.ConstructorInjectionPoint.newInstance(ConstructorInjectionPoint.java:134) at org.jboss.weld.bean.ManagedBean.createInstance(ManagedBean.java:385) at org.jboss.weld.bean.ManagedBean$ManagedBeanInjectionTarget.produce(ManagedBean.java:234) at org.jboss.weld.bean.ManagedBean.create(ManagedBean.java:338) at org.jboss.weld.context.unbound.DependentContextImpl.get(DependentContextImpl.java:67) at org.jboss.weld.manager.BeanManagerImpl.getReference(BeanManagerImpl.java:669) at org.jboss.weld.manager.BeanManagerImpl.getReference(BeanManagerImpl.java:751) at org.jboss.weld.injection.FieldInjectionPoint.inject(FieldInjectionPoint.java:138) at org.jboss.weld.util.Beans.injectBoundFields(Beans.java:872) at org.jboss.weld.util.Beans.injectFieldsAndInitializers(Beans.java:884) at org.jboss.weld.bean.SessionBean$1$1.proceed(SessionBean.java:195) at org.glassfish.weld.services.InjectionServicesImpl.aroundInject(InjectionServicesImpl.java:134) at org.jboss.weld.injection.InjectionContextImpl.run(InjectionContextImpl.java:50) at org.jboss.weld.bean.SessionBean$1.inject(SessionBean.java:190) at org.glassfish.weld.services.JCDIServiceImpl.injectEJBInstance(JCDIServiceImpl.java:170) at com.sun.ejb.containers.BaseContainer.injectEjbInstance(BaseContainer.java:1675) at com.sun.ejb.containers.StatelessSessionContainer.createStatelessEJB(StatelessSessionContainer.java:494) ... 48 more Caused by: java.security.AccessControlException: access denied (java.lang.reflect.ReflectPermission suppressAccessChecks) at java.security.AccessControlContext.checkPermission(AccessControlContext.java:323) at java.security.AccessController.checkPermission(AccessController.java:546) at java.lang.SecurityManager.checkPermission(SecurityManager.java:532) at java.lang.reflect.AccessibleObject.setAccessible(AccessibleObject.java:107) at org.jboss.weld.util.reflection.SecureReflections$14.work(SecureReflections.java:332) at org.jboss.weld.util.reflection.SecureReflections$14.work(SecureReflections.java:325) at org.jboss.weld.util.reflection.SecureReflectionAccess.run(SecureReflectionAccess.java:54) at org.jboss.weld.util.reflection.SecureReflectionAccess.runAndWrap(SecureReflectionAccess.java:67) ... 67 more #] [#|2011-01-05T11:51:42.226-0800|INFO|glassfish3.1|javax.enterprise.system.std.com.sun.enterprise.server.logging|_ThreadID=115;_ThreadName=Thread-1;|Failure in TestServlet|#]
          Hide
          kumara added a comment -

          There seems to be an error with the grant block. Can you please try after replacing installRoot by instanceRoot (as below)?

          //jpa cdi test with security permissions
          grant codeBase "file:$

          {com.sun.aas.instanceRoot}

          /applications/jpa20-bvcallbackcdiApp/-"

          { permission java.lang.reflect.ReflectPermission "suppressAccessChecks"; }

          ;

          Show
          kumara added a comment - There seems to be an error with the grant block. Can you please try after replacing installRoot by instanceRoot (as below)? //jpa cdi test with security permissions grant codeBase "file:$ {com.sun.aas.instanceRoot} /applications/jpa20-bvcallbackcdiApp/-" { permission java.lang.reflect.ReflectPermission "suppressAccessChecks"; } ;
          Hide
          sherryshen added a comment -

          Thanks for pointing out my problem.
          I revised $S1AS_HOME/domains/domain1/config/server.policy
          as suggested by kumara. The tests passed on das as well as
          on cluster with security manager on.

          For das and cluster case, tests passed with another error
          in server.log
          JACC Policy Provider: Failed Permission Check, context(jpa20-bvcallbackcdiApp/jpa20-bvcallbackcdi-ejb_jar)- permission((javax.management.MBeanServerPermission findMBeanServer))|#]

          Do I need to add other permission to server.policy to get rid of this error?

          [#|2011-01-05T16:29:19.047-0800|CONFIG|glassfish3.1|org.eclipse.persistence.session.file:/space/test1/v3/glassfish/domains/domain1/applications/jpa20-bvcallbackcdiApp/jpa20-bvcallbackcdi-ejb_jar/_pu1.connection|_ThreadID=19;_ThreadName=Thread-1;|Connected: jdbc:derby://localhost:1527/testdb
          User: dbuser
          Database: Apache Derby Version: 10.6.2.1 - (999685)
          Driver: Apache Derby Network Client JDBC Driver Version: 10.6.2.1 - (999685)|#]

          [#|2011-01-05T16:29:19.234-0800|INFO|glassfish3.1|org.eclipse.persistence.session.file:/space/test1/v3/glassfish/domains/domain1/applications/jpa20-bvcallbackcdiApp/jpa20-bvcallbackcdi-ejb_jar/_pu1|_ThreadID=19;_ThreadName=Thread-1;|file:/space/test1/v3/glassfish/domains/domain1/applications/jpa20-bvcallbackcdiApp/jpa20-bvcallbackcdi-ejb_jar/_pu1 login successful|#]

          [#|2011-01-05T16:29:19.237-0800|INFO|glassfish3.1|javax.enterprise.system.core.security|_ThreadID=19;_ThreadName=Thread-1;|JACC Policy Provider: Failed Permission Check, context(jpa20-bvcallbackcdiApp/jpa20-bvcallbackcdi-ejb_jar)- permission((javax.management.MBeanServerPermission findMBeanServer))|#]

          [#|2011-01-05T16:29:19.246-0800|SEVERE|glassfish3.1|javax.enterprise.system.std.com.sun.enterprise.server.logging|_ThreadID=86;_ThreadName=Thread-1;|java.security.AccessControlException: access denied (javax.management.MBeanServerPermission findMBeanServer)
          at java.security.AccessControlContext.checkPermission(AccessControlContext.java:323)
          at java.security.AccessController.checkPermission(AccessController.java:546)
          at java.lang.SecurityManager.checkPermission(SecurityManager.java:532)
          at javax.management.MBeanServerFactory.checkPermission(MBeanServerFactory.java:393)
          at javax.management.MBeanServerFactory.findMBeanServer(MBeanServerFactory.java:343)
          at org.eclipse.persistence.platform.server.JMXServerPlatformBase.getMBeanServer(JMXServerPlatformBase.java:165)
          at org.eclipse.persistence.platform.server.JMXServerPlatformBase.serverSpecificRegisterMBean(JMXServerPlatformBase.java:235)
          at org.eclipse.persistence.platform.server.sunas.SunAS9ServerPlatform.serverSpecificRegisterMBean(SunAS9ServerPlatform.java:180)
          at org.eclipse.persistence.platform.server.ServerPlatformBase.registerMBean(ServerPlatformBase.java:510)
          at org.eclipse.persistence.internal.sessions.DatabaseSessionImpl.postConnectDatasource(DatabaseSessionImpl.java:687)
          at org.eclipse.persistence.internal.sessions.DatabaseSessionImpl.loginAndDetectDatasource(DatabaseSessionImpl.java:620)
          at org.eclipse.persistence.internal.jpa.EntityManagerFactoryProvider.login(EntityManagerFactoryProvider.java:240)
          at org.eclipse.persistence.internal.jpa.EntityManagerSetupImpl.deploy(EntityManagerSetupImpl.java:394)
          at org.eclipse.persistence.internal.jpa.EntityManagerFactoryImpl.getServerSession(EntityManagerFactoryImpl.java:185)
          at org.eclipse.persistence.internal.jpa.EntityManagerFactoryImpl.createEntityManagerImpl(EntityManagerFactoryImpl.java:242)
          at org.eclipse.persistence.internal.jpa.EntityManagerFactoryImpl.createEntityManager(EntityManagerFactoryImpl.java:237)
          at com.sun.enterprise.container.common.impl.EntityManagerWrapper._getDelegate(EntityManagerWrapper.java:208)
          at com.sun.enterprise.container.common.impl.EntityManagerWrapper.persist(EntityManagerWrapper.java:269)
          at jpa20.ear.bvcallbackcdi.persistence.impl.UserDaoImpl.persist(UserDaoImpl.java:28)
          at jpa20.ear.bvcallbackcdi.service.UserEJB.addUser(UserEJB.java:21)
          at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
          at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
          at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
          at java.lang.reflect.Method.invoke(Method.java:597)
          at org.glassfish.ejb.security.application.EJBSecurityManager.runMethod(EJBSecurityManager.java:1052)
          at org.glassfish.ejb.security.application.EJBSecurityManager.invoke(EJBSecurityManager.java:1124)
          at com.sun.ejb.containers.BaseContainer.invokeBeanMethod(BaseContainer.java:5367)
          at com.sun.ejb.EjbInvocation.invokeBeanMethod(EjbInvocation.java:619)
          at com.sun.ejb.containers.interceptors.AroundInvokeChainImpl.invokeNext(InterceptorManager.java:801)
          at com.sun.ejb.EjbInvocation.proceed(EjbInvocation.java:571)
          at org.jboss.weld.ejb.SessionBeanInterceptor.aroundInvoke(SessionBeanInterceptor.java:57)
          at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
          at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
          at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
          at java.lang.reflect.Method.invoke(Method.java:597)
          at com.sun.ejb.containers.interceptors.AroundInvokeInterceptor$2.run(InterceptorManager.java:857)
          at java.security.AccessController.doPrivileged(Native Method)
          at com.sun.ejb.containers.interceptors.AroundInvokeInterceptor.intercept(InterceptorManager.java:854)
          at com.sun.ejb.containers.interceptors.AroundInvokeChainImpl.invokeNext(InterceptorManager.java:801)
          at com.sun.ejb.EjbInvocation.proceed(EjbInvocation.java:571)
          at com.sun.ejb.containers.interceptors.SystemInterceptorProxy.doAround(SystemInterceptorProxy.java:162)
          at com.sun.ejb.containers.interceptors.SystemInterceptorProxy.aroundInvoke(SystemInterceptorProxy.java:144)
          at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
          at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
          at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
          at java.lang.reflect.Method.invoke(Method.java:597)
          at com.sun.ejb.containers.interceptors.AroundInvokeInterceptor$2.run(InterceptorManager.java:857)
          at java.security.AccessController.doPrivileged(Native Method)
          at com.sun.ejb.containers.interceptors.AroundInvokeInterceptor.intercept(InterceptorManager.java:854)
          at com.sun.ejb.containers.interceptors.AroundInvokeChainImpl.invokeNext(InterceptorManager.java:801)
          at com.sun.ejb.containers.interceptors.InterceptorManager.intercept(InterceptorManager.java:371)
          at com.sun.ejb.containers.BaseContainer.__intercept(BaseContainer.java:5339)
          at com.sun.ejb.containers.BaseContainer.intercept(BaseContainer.java:5327)
          at com.sun.ejb.containers.EJBLocalObjectInvocationHandler.invoke(EJBLocalObjectInvocationHandler.java:214)
          at com.sun.ejb.containers.EJBLocalObjectInvocationHandlerDelegate.invoke(EJBLocalObjectInvocationHandlerDelegate.java:88)
          at $Proxy120.addUser(Unknown Source)
          at jpa20.ear.bvcallbackcdi.service._EJB31_GeneratedUserEJBIntf__Bean_.addUser(Unknown Source)
          at jpa20.ear.bvcallbackcdi.web.TestServlet.processRequest(TestServlet.java:34)
          at jpa20.ear.bvcallbackcdi.web.TestServlet.doGet(TestServlet.java:75)
          at javax.servlet.http.HttpServlet.service(HttpServlet.java:735)
          at javax.servlet.http.HttpServlet.service(HttpServlet.java:848)
          at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
          at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
          at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
          at java.lang.reflect.Method.invoke(Method.java:597)
          at org.apache.catalina.security.SecurityUtil$1.run(SecurityUtil.java:322)
          at java.security.AccessController.doPrivileged(Native Method)
          at javax.security.auth.Subject.doAsPrivileged(Subject.java:517)
          at org.apache.catalina.security.SecurityUtil.execute(SecurityUtil.java:355)
          at org.apache.catalina.security.SecurityUtil.doAsPrivilege(SecurityUtil.java:212)
          at org.apache.catalina.core.StandardWrapper.service(StandardWrapper.java:1527)
          at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:281)
          at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:175)
          at org.apache.catalina.core.StandardPipeline.doInvoke(StandardPipeline.java:655)
          at org.apache.catalina.core.StandardPipeline.invoke(StandardPipeline.java:595)
          at com.sun.enterprise.web.WebPipeline.invoke(WebPipeline.java:98)
          at com.sun.enterprise.web.PESessionLockingStandardPipeline.invoke(PESessionLockingStandardPipeline.java:91)
          at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:162)
          at org.apache.catalina.connector.CoyoteAdapter.doService(CoyoteAdapter.java:326)
          at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:227)
          at com.sun.enterprise.v3.services.impl.ContainerMapper.service(ContainerMapper.java:170)
          at com.sun.grizzly.http.ProcessorTask.invokeAdapter(ProcessorTask.java:818)
          at com.sun.grizzly.http.ProcessorTask.doProcess(ProcessorTask.java:719)
          at com.sun.grizzly.http.ProcessorTask.process(ProcessorTask.java:1008)
          at com.sun.grizzly.http.DefaultProtocolFilter.execute(DefaultProtocolFilter.java:225)
          at com.sun.grizzly.DefaultProtocolChain.executeProtocolFilter(DefaultProtocolChain.java:137)
          at com.sun.grizzly.DefaultProtocolChain.execute(DefaultProtocolChain.java:104)
          at com.sun.grizzly.DefaultProtocolChain.execute(DefaultProtocolChain.java:90)
          at com.sun.grizzly.http.HttpProtocolChain.execute(HttpProtocolChain.java:79)
          at com.sun.grizzly.ProtocolChainContextTask.doCall(ProtocolChainContextTask.java:54)
          at com.sun.grizzly.SelectionKeyContextTask.call(SelectionKeyContextTask.java:59)
          at com.sun.grizzly.ContextTask.run(ContextTask.java:71)
          at com.sun.grizzly.util.AbstractThreadPool$Worker.doWork(AbstractThreadPool.java:532)
          at com.sun.grizzly.util.AbstractThreadPool$Worker.run(AbstractThreadPool.java:513)
          a|#]

          [#|2011-01-05T16:29:19.248-0800|SEVERE|glassfish3.1|javax.enterprise.system.std.com.sun.enterprise.server.logging|_ThreadID=86;_ThreadName=Thread-1;|t java.lang.Thread.run(Thread.java:619)

          #]

          [#|2011-01-05T16:29:19.498-0800|FINE|glassfish3.1|org.eclipse.persistence.session.file:/space/test1/v3/glassfish/domains/domain1/applications/jpa20-bvcallbackcdiApp/jpa20-bvcallbackcdi-ejb_jar/_pu1.sql|_ThreadID=19;_ThreadName=Thread-1;ClassName=null;MethodName=null;|INSERT INTO CDI_USER (USER_ID, USER_EXT, USER_NAME) VALUES (?, ?, ?)
          bind => [3 parameters bound]|#]

          [#|2011-01-05T16:29:19.619-0800|INFO|glassfish3.1|javax.enterprise.system.std.com.sun.enterprise.server.logging|_ThreadID=86;_ThreadName=Thread-1;|UserDaoImpl: persisted|#]

          Show
          sherryshen added a comment - Thanks for pointing out my problem. I revised $S1AS_HOME/domains/domain1/config/server.policy as suggested by kumara. The tests passed on das as well as on cluster with security manager on. For das and cluster case, tests passed with another error in server.log JACC Policy Provider: Failed Permission Check, context(jpa20-bvcallbackcdiApp/jpa20-bvcallbackcdi-ejb_jar)- permission((javax.management.MBeanServerPermission findMBeanServer))|#] Do I need to add other permission to server.policy to get rid of this error? [#|2011-01-05T16:29:19.047-0800|CONFIG|glassfish3.1|org.eclipse.persistence.session. file:/space/test1/v3/glassfish/domains/domain1/applications/jpa20-bvcallbackcdiApp/jpa20-bvcallbackcdi-ejb_jar/_pu1.connection |_ThreadID=19;_ThreadName=Thread-1;|Connected: jdbc:derby://localhost:1527/testdb User: dbuser Database: Apache Derby Version: 10.6.2.1 - (999685) Driver: Apache Derby Network Client JDBC Driver Version: 10.6.2.1 - (999685)|#] [#|2011-01-05T16:29:19.234-0800|INFO|glassfish3.1|org.eclipse.persistence.session.file:/space/test1/v3/glassfish/domains/domain1/applications/jpa20-bvcallbackcdiApp/jpa20-bvcallbackcdi-ejb_jar/_pu1|_ThreadID=19;_ThreadName=Thread-1;|file:/space/test1/v3/glassfish/domains/domain1/applications/jpa20-bvcallbackcdiApp/jpa20-bvcallbackcdi-ejb_jar/_pu1 login successful|#] [#|2011-01-05T16:29:19.237-0800|INFO|glassfish3.1|javax.enterprise.system.core.security|_ThreadID=19;_ThreadName=Thread-1;|JACC Policy Provider: Failed Permission Check, context(jpa20-bvcallbackcdiApp/jpa20-bvcallbackcdi-ejb_jar)- permission((javax.management.MBeanServerPermission findMBeanServer))|#] [#|2011-01-05T16:29:19.246-0800|SEVERE|glassfish3.1|javax.enterprise.system.std.com.sun.enterprise.server.logging|_ThreadID=86;_ThreadName=Thread-1;|java.security.AccessControlException: access denied (javax.management.MBeanServerPermission findMBeanServer) at java.security.AccessControlContext.checkPermission(AccessControlContext.java:323) at java.security.AccessController.checkPermission(AccessController.java:546) at java.lang.SecurityManager.checkPermission(SecurityManager.java:532) at javax.management.MBeanServerFactory.checkPermission(MBeanServerFactory.java:393) at javax.management.MBeanServerFactory.findMBeanServer(MBeanServerFactory.java:343) at org.eclipse.persistence.platform.server.JMXServerPlatformBase.getMBeanServer(JMXServerPlatformBase.java:165) at org.eclipse.persistence.platform.server.JMXServerPlatformBase.serverSpecificRegisterMBean(JMXServerPlatformBase.java:235) at org.eclipse.persistence.platform.server.sunas.SunAS9ServerPlatform.serverSpecificRegisterMBean(SunAS9ServerPlatform.java:180) at org.eclipse.persistence.platform.server.ServerPlatformBase.registerMBean(ServerPlatformBase.java:510) at org.eclipse.persistence.internal.sessions.DatabaseSessionImpl.postConnectDatasource(DatabaseSessionImpl.java:687) at org.eclipse.persistence.internal.sessions.DatabaseSessionImpl.loginAndDetectDatasource(DatabaseSessionImpl.java:620) at org.eclipse.persistence.internal.jpa.EntityManagerFactoryProvider.login(EntityManagerFactoryProvider.java:240) at org.eclipse.persistence.internal.jpa.EntityManagerSetupImpl.deploy(EntityManagerSetupImpl.java:394) at org.eclipse.persistence.internal.jpa.EntityManagerFactoryImpl.getServerSession(EntityManagerFactoryImpl.java:185) at org.eclipse.persistence.internal.jpa.EntityManagerFactoryImpl.createEntityManagerImpl(EntityManagerFactoryImpl.java:242) at org.eclipse.persistence.internal.jpa.EntityManagerFactoryImpl.createEntityManager(EntityManagerFactoryImpl.java:237) at com.sun.enterprise.container.common.impl.EntityManagerWrapper._getDelegate(EntityManagerWrapper.java:208) at com.sun.enterprise.container.common.impl.EntityManagerWrapper.persist(EntityManagerWrapper.java:269) at jpa20.ear.bvcallbackcdi.persistence.impl.UserDaoImpl.persist(UserDaoImpl.java:28) at jpa20.ear.bvcallbackcdi.service.UserEJB.addUser(UserEJB.java:21) at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39) at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25) at java.lang.reflect.Method.invoke(Method.java:597) at org.glassfish.ejb.security.application.EJBSecurityManager.runMethod(EJBSecurityManager.java:1052) at org.glassfish.ejb.security.application.EJBSecurityManager.invoke(EJBSecurityManager.java:1124) at com.sun.ejb.containers.BaseContainer.invokeBeanMethod(BaseContainer.java:5367) at com.sun.ejb.EjbInvocation.invokeBeanMethod(EjbInvocation.java:619) at com.sun.ejb.containers.interceptors.AroundInvokeChainImpl.invokeNext(InterceptorManager.java:801) at com.sun.ejb.EjbInvocation.proceed(EjbInvocation.java:571) at org.jboss.weld.ejb.SessionBeanInterceptor.aroundInvoke(SessionBeanInterceptor.java:57) at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39) at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25) at java.lang.reflect.Method.invoke(Method.java:597) at com.sun.ejb.containers.interceptors.AroundInvokeInterceptor$2.run(InterceptorManager.java:857) at java.security.AccessController.doPrivileged(Native Method) at com.sun.ejb.containers.interceptors.AroundInvokeInterceptor.intercept(InterceptorManager.java:854) at com.sun.ejb.containers.interceptors.AroundInvokeChainImpl.invokeNext(InterceptorManager.java:801) at com.sun.ejb.EjbInvocation.proceed(EjbInvocation.java:571) at com.sun.ejb.containers.interceptors.SystemInterceptorProxy.doAround(SystemInterceptorProxy.java:162) at com.sun.ejb.containers.interceptors.SystemInterceptorProxy.aroundInvoke(SystemInterceptorProxy.java:144) at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39) at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25) at java.lang.reflect.Method.invoke(Method.java:597) at com.sun.ejb.containers.interceptors.AroundInvokeInterceptor$2.run(InterceptorManager.java:857) at java.security.AccessController.doPrivileged(Native Method) at com.sun.ejb.containers.interceptors.AroundInvokeInterceptor.intercept(InterceptorManager.java:854) at com.sun.ejb.containers.interceptors.AroundInvokeChainImpl.invokeNext(InterceptorManager.java:801) at com.sun.ejb.containers.interceptors.InterceptorManager.intercept(InterceptorManager.java:371) at com.sun.ejb.containers.BaseContainer.__intercept(BaseContainer.java:5339) at com.sun.ejb.containers.BaseContainer.intercept(BaseContainer.java:5327) at com.sun.ejb.containers.EJBLocalObjectInvocationHandler.invoke(EJBLocalObjectInvocationHandler.java:214) at com.sun.ejb.containers.EJBLocalObjectInvocationHandlerDelegate.invoke(EJBLocalObjectInvocationHandlerDelegate.java:88) at $Proxy120.addUser(Unknown Source) at jpa20.ear.bvcallbackcdi.service._ EJB31_Generated UserEJB Intf __ Bean _.addUser(Unknown Source) at jpa20.ear.bvcallbackcdi.web.TestServlet.processRequest(TestServlet.java:34) at jpa20.ear.bvcallbackcdi.web.TestServlet.doGet(TestServlet.java:75) at javax.servlet.http.HttpServlet.service(HttpServlet.java:735) at javax.servlet.http.HttpServlet.service(HttpServlet.java:848) at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39) at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25) at java.lang.reflect.Method.invoke(Method.java:597) at org.apache.catalina.security.SecurityUtil$1.run(SecurityUtil.java:322) at java.security.AccessController.doPrivileged(Native Method) at javax.security.auth.Subject.doAsPrivileged(Subject.java:517) at org.apache.catalina.security.SecurityUtil.execute(SecurityUtil.java:355) at org.apache.catalina.security.SecurityUtil.doAsPrivilege(SecurityUtil.java:212) at org.apache.catalina.core.StandardWrapper.service(StandardWrapper.java:1527) at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:281) at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:175) at org.apache.catalina.core.StandardPipeline.doInvoke(StandardPipeline.java:655) at org.apache.catalina.core.StandardPipeline.invoke(StandardPipeline.java:595) at com.sun.enterprise.web.WebPipeline.invoke(WebPipeline.java:98) at com.sun.enterprise.web.PESessionLockingStandardPipeline.invoke(PESessionLockingStandardPipeline.java:91) at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:162) at org.apache.catalina.connector.CoyoteAdapter.doService(CoyoteAdapter.java:326) at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:227) at com.sun.enterprise.v3.services.impl.ContainerMapper.service(ContainerMapper.java:170) at com.sun.grizzly.http.ProcessorTask.invokeAdapter(ProcessorTask.java:818) at com.sun.grizzly.http.ProcessorTask.doProcess(ProcessorTask.java:719) at com.sun.grizzly.http.ProcessorTask.process(ProcessorTask.java:1008) at com.sun.grizzly.http.DefaultProtocolFilter.execute(DefaultProtocolFilter.java:225) at com.sun.grizzly.DefaultProtocolChain.executeProtocolFilter(DefaultProtocolChain.java:137) at com.sun.grizzly.DefaultProtocolChain.execute(DefaultProtocolChain.java:104) at com.sun.grizzly.DefaultProtocolChain.execute(DefaultProtocolChain.java:90) at com.sun.grizzly.http.HttpProtocolChain.execute(HttpProtocolChain.java:79) at com.sun.grizzly.ProtocolChainContextTask.doCall(ProtocolChainContextTask.java:54) at com.sun.grizzly.SelectionKeyContextTask.call(SelectionKeyContextTask.java:59) at com.sun.grizzly.ContextTask.run(ContextTask.java:71) at com.sun.grizzly.util.AbstractThreadPool$Worker.doWork(AbstractThreadPool.java:532) at com.sun.grizzly.util.AbstractThreadPool$Worker.run(AbstractThreadPool.java:513) a|#] [#|2011-01-05T16:29:19.248-0800|SEVERE|glassfish3.1|javax.enterprise.system.std.com.sun.enterprise.server.logging|_ThreadID=86;_ThreadName=Thread-1;|t java.lang.Thread.run(Thread.java:619) #] [#|2011-01-05T16:29:19.498-0800|FINE|glassfish3.1|org.eclipse.persistence.session. file:/space/test1/v3/glassfish/domains/domain1/applications/jpa20-bvcallbackcdiApp/jpa20-bvcallbackcdi-ejb_jar/_pu1.sql |_ThreadID=19;_ThreadName=Thread-1;ClassName=null;MethodName=null;|INSERT INTO CDI_USER (USER_ID, USER_EXT, USER_NAME) VALUES (?, ?, ?) bind => [3 parameters bound] |#] [#|2011-01-05T16:29:19.619-0800|INFO|glassfish3.1|javax.enterprise.system.std.com.sun.enterprise.server.logging|_ThreadID=86;_ThreadName=Thread-1;|UserDaoImpl: persisted|#]
          Hide
          kumara added a comment -

          The exception above "java.security.AccessControlException: access denied (javax.management.MBeanServerPermission findMBeanServer" is already tracked in issue 15337. IMO, this issue can now be closed. Let us know.

          Show
          kumara added a comment - The exception above "java.security.AccessControlException: access denied (javax.management.MBeanServerPermission findMBeanServer" is already tracked in issue 15337. IMO, this issue can now be closed. Let us know.
          Hide
          sherryshen added a comment -

          Yes, Mitesh confirmed that the remaining error
          is tracked in
          http://java.net/jira/browse/GLASSFISH-15337

          Show
          sherryshen added a comment - Yes, Mitesh confirmed that the remaining error is tracked in http://java.net/jira/browse/GLASSFISH-15337
          Hide
          sherryshen added a comment -
          Show
          sherryshen added a comment - Two related bugs are filed for docs http://java.net/jira/browse/GLASSFISH-15456 http://java.net/jira/browse/GLASSFISH-15459

            People

            • Assignee:
              Sivakumar Thyagarajan
              Reporter:
              sherryshen
            • Votes:
              0 Vote for this issue
              Watchers:
              0 Start watching this issue

              Dates

              • Created:
                Updated:
                Resolved: