[GeoNetwork-users] java.security.AccessControlException

Jan · July 16, 2010, 9:05am

hi all,
I am new to both setting up a tomcat server and geonetwork. I
successfully set up tomcat but when I try to access geonetwork I get
the following error message. Operating system is ubuntu linux 9.10.
tomcat 6. geonetwork 2.4.3.

Below is the error message. Any ideas as to what could be wrong?

-----

HTTP Status 500 -

type Exception report

message

description The server encountered an internal error () that prevented
it from fulfilling this request.

exception

javax.servlet.ServletException: Exception raised
         jeeves.server.JeevesEngine.init(Unknown Source)
         jeeves.server.sources.http.JeevesServlet.init(Unknown Source)
         javax.servlet.GenericServlet.init(GenericServlet.java:212)
         sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
         sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:57)
         sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
         java.lang.reflect.Method.invoke(Method.java:616)
         org.apache.catalina.security.SecurityUtil$1.run(SecurityUtil.java:269)
         java.security.AccessController.doPrivileged(Native Method)
         javax.security.auth.Subject.doAsPrivileged(Subject.java:537)
         org.apache.catalina.security.SecurityUtil.execute(SecurityUtil.java:301)
         org.apache.catalina.security.SecurityUtil.doAsPrivilege(SecurityUtil.java:162)
         org.apache.catalina.security.SecurityUtil.doAsPrivilege(SecurityUtil.java:115)
         org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:102)
         org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:293)
         org.apache.coyote.http11.Http11Processor.process(Http11Processor.java:849)
         org.apache.coyote.http11.Http11Protocol$Http11ConnectionHandler.process(Http11Protocol.java:583)
         org.apache.tomcat.util.net.JIoEndpoint$Worker.run(JIoEndpoint.java:454)
         java.lang.Thread.run(Thread.java:636)

root cause

java.security.AccessControlException: access denied
(java.io.FilePermission
/var/www/geonetwork/web/geonetwork/../../data/tmp read)
         java.security.AccessControlContext.checkPermission(AccessControlContext.java:342)
         java.security.AccessController.checkPermission(AccessController.java:553)
         java.lang.SecurityManager.checkPermission(SecurityManager.java:549)
         java.lang.SecurityManager.checkRead(SecurityManager.java:888)
         java.io.File.exists(File.java:748)
         java.io.File.mkdirs(File.java:1195)
         jeeves.server.JeevesEngine.initGeneral(Unknown Source)
         jeeves.server.JeevesEngine.loadConfigFile(Unknown Source)
         jeeves.server.JeevesEngine.init(Unknown Source)
         jeeves.server.sources.http.JeevesServlet.init(Unknown Source)
         javax.servlet.GenericServlet.init(GenericServlet.java:212)
         sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
         sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:57)
         sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
         java.lang.reflect.Method.invoke(Method.java:616)
         org.apache.catalina.security.SecurityUtil$1.run(SecurityUtil.java:269)
         java.security.AccessController.doPrivileged(Native Method)
         javax.security.auth.Subject.doAsPrivileged(Subject.java:537)
         org.apache.catalina.security.SecurityUtil.execute(SecurityUtil.java:301)
         org.apache.catalina.security.SecurityUtil.doAsPrivilege(SecurityUtil.java:162)
         org.apache.catalina.security.SecurityUtil.doAsPrivilege(SecurityUtil.java:115)
         org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:102)
         org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:293)
         org.apache.coyote.http11.Http11Processor.process(Http11Processor.java:849)
         org.apache.coyote.http11.Http11Protocol$Http11ConnectionHandler.process(Http11Protocol.java:583)
         org.apache.tomcat.util.net.JIoEndpoint$Worker.run(JIoEndpoint.java:454)
         java.lang.Thread.run(Thread.java:636)

Jose_Garcia · July 16, 2010, 10:01am

Hi Jan

The problem is that tomcat security manager is enabled by default in ubuntu
and is quite restrictive.

If is secure for you disabling it, check this
http://hiden.org/sysadmin/tomcat-5-5-and-ubuntu/, otherwise you'll need to
configure the permissions for the path
(/var/www/geonetwork/web/geonetwork/../../data/tmp) in the security manage
(check tomcat documentation).

Regards,
Jose Garcia

On Fri, Jul 16, 2010 at 11:05 AM, Jan <fire@anonymised.com> wrote:

hi all,
I am new to both setting up a tomcat server and geonetwork. I
successfully set up tomcat but when I try to access geonetwork I get
the following error message. Operating system is ubuntu linux 9.10.
tomcat 6. geonetwork 2.4.3.

Below is the error message. Any ideas as to what could be wrong?

-----

HTTP Status 500 -

type Exception report

message

description The server encountered an internal error () that prevented
it from fulfilling this request.

exception

javax.servlet.ServletException: Exception raised
        jeeves.server.JeevesEngine.init(Unknown Source)
        jeeves.server.sources.http.JeevesServlet.init(Unknown Source)
        javax.servlet.GenericServlet.init(GenericServlet.java:212)
        sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)

sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:57)

sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
        java.lang.reflect.Method.invoke(Method.java:616)

org.apache.catalina.security.SecurityUtil$1.run(SecurityUtil.java:269)
        java.security.AccessController.doPrivileged(Native Method)
        javax.security.auth.Subject.doAsPrivileged(Subject.java:537)

org.apache.catalina.security.SecurityUtil.execute(SecurityUtil.java:301)

org.apache.catalina.security.SecurityUtil.doAsPrivilege(SecurityUtil.java:162)

org.apache.catalina.security.SecurityUtil.doAsPrivilege(SecurityUtil.java:115)

org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:102)

org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:293)

org.apache.coyote.http11.Http11Processor.process(Http11Processor.java:849)

org.apache.coyote.http11.Http11Protocol$Http11ConnectionHandler.process(Http11Protocol.java:583)

org.apache.tomcat.util.net.JIoEndpoint$Worker.run(JIoEndpoint.java:454)
        java.lang.Thread.run(Thread.java:636)

root cause

java.security.AccessControlException: access denied
(java.io.FilePermission
/var/www/geonetwork/web/geonetwork/../../data/tmp read)

java.security.AccessControlContext.checkPermission(AccessControlContext.java:342)

java.security.AccessController.checkPermission(AccessController.java:553)
        java.lang.SecurityManager.checkPermission(SecurityManager.java:549)
        java.lang.SecurityManager.checkRead(SecurityManager.java:888)
        java.io.File.exists(File.java:748)
        java.io.File.mkdirs(File.java:1195)
        jeeves.server.JeevesEngine.initGeneral(Unknown Source)
        jeeves.server.JeevesEngine.loadConfigFile(Unknown Source)
        jeeves.server.JeevesEngine.init(Unknown Source)
        jeeves.server.sources.http.JeevesServlet.init(Unknown Source)
        javax.servlet.GenericServlet.init(GenericServlet.java:212)
        sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)

sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:57)

sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
        java.lang.reflect.Method.invoke(Method.java:616)

org.apache.catalina.security.SecurityUtil$1.run(SecurityUtil.java:269)
        java.security.AccessController.doPrivileged(Native Method)
        javax.security.auth.Subject.doAsPrivileged(Subject.java:537)

org.apache.catalina.security.SecurityUtil.execute(SecurityUtil.java:301)

org.apache.catalina.security.SecurityUtil.doAsPrivilege(SecurityUtil.java:162)

org.apache.catalina.security.SecurityUtil.doAsPrivilege(SecurityUtil.java:115)

org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:102)

org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:293)

org.apache.coyote.http11.Http11Processor.process(Http11Processor.java:849)

org.apache.coyote.http11.Http11Protocol$Http11ConnectionHandler.process(Http11Protocol.java:583)

org.apache.tomcat.util.net.JIoEndpoint$Worker.run(JIoEndpoint.java:454)
        java.lang.Thread.run(Thread.java:636)

------------------------------------------------------------------------------
This SF.net email is sponsored by Sprint
What will you do first with EVO, the first 4G phone?
Visit sprint.com/first -- http://p.sf.net/sfu/sprint-com-first
_______________________________________________
GeoNetwork-users mailing list
GeoNetwork-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/geonetwork-users
GeoNetwork OpenSource is maintained at
http://sourceforge.net/projects/geonetwork

Jan · July 17, 2010, 10:01am

Thank you very much Jose. You were absolutely right. Now that the setup is completed I can start experimenting with the application itself.

Jan

jose garcia schrieb:

Hi Jan

The problem is that tomcat security manager is enabled by default in ubuntu and is quite restrictive.

If is secure for you disabling it, check this http://hiden.org/sysadmin/tomcat-5-5-and-ubuntu/, otherwise you'll need to configure the permissions for the path (/var/www/geonetwork/web/geonetwork/../../data/tmp) in the security manage (check tomcat documentation).

Regards,
Jose Garcia

On Fri, Jul 16, 2010 at 11:05 AM, Jan <fire@anonymised.com <mailto:fire@anonymised.com>> wrote:

    hi all,
    I am new to both setting up a tomcat server and geonetwork. I
    successfully set up tomcat but when I try to access geonetwork I get
    the following error message. Operating system is ubuntu linux 9.10.
    tomcat 6. geonetwork 2.4.3.

    Below is the error message. Any ideas as to what could be wrong?

    -----

    HTTP Status 500 -

    type Exception report

    message

    description The server encountered an internal error () that prevented
    it from fulfilling this request.

    exception

    javax.servlet.ServletException: Exception raised
            jeeves.server.JeevesEngine.init(Unknown Source)
            jeeves.server.sources.http.JeevesServlet.init(Unknown Source)
            javax.servlet.GenericServlet.init(GenericServlet.java:212)
            sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)

    sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:57)

    sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
            java.lang.reflect.Method.invoke(Method.java:616)
               org.apache.catalina.security.SecurityUtil$1.run(SecurityUtil.java:269)
            java.security.AccessController.doPrivileged(Native Method)
            javax.security.auth.Subject.doAsPrivileged(Subject.java:537)

    org.apache.catalina.security.SecurityUtil.execute(SecurityUtil.java:301)

    org.apache.catalina.security.SecurityUtil.doAsPrivilege(SecurityUtil.java:162)

    org.apache.catalina.security.SecurityUtil.doAsPrivilege(SecurityUtil.java:115)

    org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:102)

    org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:293)

    org.apache.coyote.http11.Http11Processor.process(Http11Processor.java:849)

    org.apache.coyote.http11.Http11Protocol$Http11ConnectionHandler.process(Http11Protocol.java:583)

    org.apache.tomcat.util.net.JIoEndpoint$Worker.run(JIoEndpoint.java:454)
            java.lang.Thread.run(Thread.java:636)

    root cause

    java.security.AccessControlException: access denied
    (java.io.FilePermission
    /var/www/geonetwork/web/geonetwork/../../data/tmp read)

    java.security.AccessControlContext.checkPermission(AccessControlContext.java:342)

    java.security.AccessController.checkPermission(AccessController.java:553)
               java.lang.SecurityManager.checkPermission(SecurityManager.java:549)
            java.lang.SecurityManager.checkRead(SecurityManager.java:888)
            java.io.File.exists(File.java:748)
            java.io.File.mkdirs(File.java:1195)
            jeeves.server.JeevesEngine.initGeneral(Unknown Source)
            jeeves.server.JeevesEngine.loadConfigFile(Unknown Source)
            jeeves.server.JeevesEngine.init(Unknown Source)
            jeeves.server.sources.http.JeevesServlet.init(Unknown Source)
            javax.servlet.GenericServlet.init(GenericServlet.java:212)
            sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)

    sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:57)

    sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
            java.lang.reflect.Method.invoke(Method.java:616)
               org.apache.catalina.security.SecurityUtil$1.run(SecurityUtil.java:269)
            java.security.AccessController.doPrivileged(Native Method)
            javax.security.auth.Subject.doAsPrivileged(Subject.java:537)

    org.apache.catalina.security.SecurityUtil.execute(SecurityUtil.java:301)

    org.apache.catalina.security.SecurityUtil.doAsPrivilege(SecurityUtil.java:162)

    org.apache.catalina.security.SecurityUtil.doAsPrivilege(SecurityUtil.java:115)

    org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:102)

    org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:293)

    org.apache.coyote.http11.Http11Processor.process(Http11Processor.java:849)

    org.apache.coyote.http11.Http11Protocol$Http11ConnectionHandler.process(Http11Protocol.java:583)

    org.apache.tomcat.util.net.JIoEndpoint$Worker.run(JIoEndpoint.java:454)
            java.lang.Thread.run(Thread.java:636)

    ------------------------------------------------------------------------------
    This SF.net email is sponsored by Sprint
    What will you do first with EVO, the first 4G phone?
    Visit sprint.com/first <http://sprint.com/first> --
    http://p.sf.net/sfu/sprint-com-first
    _______________________________________________
    GeoNetwork-users mailing list
    GeoNetwork-users@lists.sourceforge.net
    <mailto:GeoNetwork-users@lists.sourceforge.net>
    https://lists.sourceforge.net/lists/listinfo/geonetwork-users
    GeoNetwork OpenSource is maintained at
    http://sourceforge.net/projects/geonetwork