tomee-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From rco...@e1b.org
Subject Re: EAR deployment
Date Fri, 29 Jun 2018 14:44:06 GMT
Not terribly familiar with Git, but I assume you asking me to submit a 
pull request that points to a fix?  The short answer is "no".  I would 
love to see this fixed, but right now I don't have the time to grok git 
(we use svn), set up a build environment for Tomee, pickup maven (we use 
ant+ivy), and figure out the actual bug.    If I have to, I will --- but 
only God knows how long it will be before I can make the time to do these 
things.

But this raises a question: am I really the last person still deploying 
EARs?!   Really???

Thanks for your prompt help -- you guys are amazing!
Ross





From:   "Romain Manni-Bucau" <rmannibucau@gmail.com>
To:     users@tomee.apache.org, 
Date:   06/28/2018 04:03 PM
Subject:        Re: EAR deployment



I see

Then it is just a bug and we miss a wrapping to be SM compliant in that
part of the code.

Do you want to submit a PR to fix it?

Le jeu. 28 juin 2018 19:37, <rcohen@e1b.org> a écrit :

> Couldn't find it in the summary.   Of course, its there as a VM 
argument,
> but I expect that.   After digging around a bit more I found it in the
> MXBeans:  java.lang -> Runtime -> Attributes.
>
> Every thing there is set as it is in the file: ie
> java.security.policy=C:\IBM\liferay\tomee\conf\catalina.policy
> java.security.manager=<no value>
>
> -- both of which I would expect.
>
> Note that I have not tried chang <Deployments dir="apps" /> in 
tomee.xml.
> Maybe that needs chaning -- though what I have seem really close to
> working.
>
> Just occurred to me that I never included my full VM args:
>
> -Dcatalina.base="C:\IBM\liferay\tomee"
> -Dcatalina.home="C:\IBM\liferay\tomee"
> -Dwtp.deploy="C:\IBM\liferay\tomee\webapps"
> -Djava.endorsed.dirs="C:\IBM\liferay\tomee\endorsed"
> -Dfile.encoding=UTF8 -Djava.net.preferIPv4Stack=true
> 
-Dorg.apache.catalina.loader.WebappClassLoader.ENABLE_CLEAR_REFERENCES=false
>
>
> -Duser.timezone=EST
> -Djava.security.manager
> -Djava.security.policy="C:\IBM\liferay\tomee\conf\catalina.policy"
> 
-Djava.security.auth.login.config="C:\IBM\liferay\tomee\conf\jaas.config"
> -Dwnyric.deployment.properties.directory.path="C:\IBM\liferay"
> -Xmx2048m
>
>
> Thanks,
> Ross
>
>
>
>
>
> From:   "Romain Manni-Bucau" <rmannibucau@gmail.com>
> To:     users@tomee.apache.org,
> Date:   06/28/2018 11:20 AM
> Subject:        Re: EAR deployment
>
>
>
> I think you can check it in the JVM info in system properties (VM 
Summary)
>
> Romain Manni-Bucau
> @rmannibucau <
>
> 
https://milton-web.wnyric.org/canit/urlproxy.php?_q=aHR0cHM6Ly90d2l0dGVyLmNvbS9ybWFubmlidWNhdQ%3D%3D&_s=ZXJpZTE%3D&_c=7b6344b3

> > |  Blog
> <
>
> 
https://milton-web.wnyric.org/canit/urlproxy.php?_q=aHR0cHM6Ly9ybWFubmlidWNhdS5tZXRhd2VyeC5uZXQv&_s=ZXJpZTE%3D&_c=03b3f7d2

> > | Old Blog
> <
>
> 
https://milton-web.wnyric.org/canit/urlproxy.php?_q=aHR0cDovL3JtYW5uaWJ1Y2F1LndvcmRwcmVzcy5jb20%3D&_s=ZXJpZTE%3D&_c=7ac52c4b

> > | Github <
>
> 
https://milton-web.wnyric.org/canit/urlproxy.php?_q=aHR0cHM6Ly9naXRodWIuY29tL3JtYW5uaWJ1Y2F1&_s=ZXJpZTE%3D&_c=d53ffcf9

> > |
> LinkedIn <
>
> 
https://milton-web.wnyric.org/canit/urlproxy.php?_q=aHR0cHM6Ly93d3cubGlua2VkaW4uY29tL2luL3JtYW5uaWJ1Y2F1&_s=ZXJpZTE%3D&_c=aff046f7

> > | Book
> <
>
> 
https://milton-web.wnyric.org/canit/urlproxy.php?_q=aHR0cHM6Ly93d3cucGFja3RwdWIuY29tL2FwcGxpY2F0aW9uLWRldmVsb3BtZW50L2phdmEtZWUtOC1oaWdoLXBlcmZvcm1hbmNl&_s=ZXJpZTE%3D&_c=5ede79c4

> >
>
>
> Le jeu. 28 juin 2018 à 17:19, <rcohen@e1b.org> a écrit :
>
> > So:
> >
> > 1.   With the security manager disabled, the ear deploys fine, ejb's
> > instantitiate, initialize, etc -- no errors at all!
> >
> > 2.  I connected to the running jvm with jmx, and poked around for a
> while,
> > but could not find where it specified the policy file Tomcat was 
using.
> > Can I get a hint as to where this info is?
> >
> > Thanks,
> > Ross
> >
> >
> >
> > From:   "Romain Manni-Bucau" <rmannibucau@gmail.com>
> > To:     users@tomee.apache.org,
> > Date:   06/27/2018 04:54 PM
> > Subject:        Re: EAR deployment
> >
> >
> >
> > Hi
> >
> > can you confirm it works without the security manager enabled?
> >
> > Also can you check connecting on the JVM through JMX that the right
> policy
> > file is used and tomcat didn't override the one you thought using?
> >
> > Romain Manni-Bucau
> > @rmannibucau <
> >
> >
>
> 
https://milton-web.wnyric.org/canit/urlproxy.php?_q=aHR0cHM6Ly90d2l0dGVyLmNvbS9ybWFubmlidWNhdQ%3D%3D&_s=ZXJpZTE%3D&_c=7b6344b3

>
> > > |  Blog
> > <
> >
> >
>
> 
https://milton-web.wnyric.org/canit/urlproxy.php?_q=aHR0cHM6Ly9ybWFubmlidWNhdS5tZXRhd2VyeC5uZXQv&_s=ZXJpZTE%3D&_c=03b3f7d2

>
> > > | Old Blog
> > <
> >
> >
>
> 
https://milton-web.wnyric.org/canit/urlproxy.php?_q=aHR0cDovL3JtYW5uaWJ1Y2F1LndvcmRwcmVzcy5jb20%3D&_s=ZXJpZTE%3D&_c=7ac52c4b

>
> > > | Github <
> >
> >
>
> 
https://milton-web.wnyric.org/canit/urlproxy.php?_q=aHR0cHM6Ly9naXRodWIuY29tL3JtYW5uaWJ1Y2F1&_s=ZXJpZTE%3D&_c=d53ffcf9

>
> > > |
> > LinkedIn <
> >
> >
>
> 
https://milton-web.wnyric.org/canit/urlproxy.php?_q=aHR0cHM6Ly93d3cubGlua2VkaW4uY29tL2luL3JtYW5uaWJ1Y2F1&_s=ZXJpZTE%3D&_c=aff046f7

>
> > > | Book
> > <
> >
> >
>
> 
https://milton-web.wnyric.org/canit/urlproxy.php?_q=aHR0cHM6Ly93d3cucGFja3RwdWIuY29tL2FwcGxpY2F0aW9uLWRldmVsb3BtZW50L2phdmEtZWUtOC1oaWdoLXBlcmZvcm1hbmNl&_s=ZXJpZTE%3D&_c=5ede79c4

>
> > >
> >
> >
> > Le mer. 27 juin 2018 à 19:12, <rcohen@e1b.org> a écrit :
> >
> > > I'm running 7.0.4.  I have been deploying to webapps (<Deployments
> > > dir="apps" />   remains commented).
> > >
> > > Ross
> > >
> > >
> > >
> > > From:   "Jonathan Gallimore" <jonathan.gallimore@gmail.com>
> > > To:     users@tomee.apache.org,
> > > Date:   06/27/2018 12:22 PM
> > > Subject:        Re: EAR deployment
> > >
> > >
> > >
> > > Hi
> > >
> > > What version of TomEE are you running?
> > >
> > > Are you deploying your EAR from webapps, or from apps with
> <Deployments
> > > dir="apps" /> added in tomee.xml?
> > >
> > > Regards
> > >
> > > Jon
> > >
> > > On Wed, Jun 27, 2018 at 5:15 PM, <rcohen@e1b.org> wrote:
> > >
> > > > I seem unable to deploy EARs.    I have set the catalina.policy 
to:
> > > > grant {
> > > >         permission java.security.AllPermission;
> > > > };
> > > >
> > > > I have set the work directory to "work"  (and at deploy see the
> > exploded
> > > > EAR there).
> > > >
> > > > Also I have set deployOnStartup to false, autoDeploy to true, and
> > > > unpackWARs to true.
> > > >
> > > > On deploy, at first matters look promising.   It unpacks,
> initializes
> > my
> > > > EJBs, then I get single AccessContorlException 
(RuntimePermistion),
> > > > followed by an infinitely repeating (every 5 seconds or so) access
> > > control
> > > > exception (FilePermission).
> > > >
> > > >
> > > > INFO: Created Ejb(deployment-id=CloseEventsBean,
> > > > ejb-name=CloseEventsBean,
> > > > container=Default Singleton Container)
> > > > Jun 26, 2018 11:41:40 AM
> > org.apache.openejb.assembler.classic.Assembler
> > > > startEjbs
> > > > INFO: Created Ejb(deployment-id=ManagerReminderBean,
> > > > ejb-name=ManagerReminderBean, container=Default Singleton 
Container)
> > > > Jun 26, 2018 11:41:40 AM sun.reflect.NativeMethodAccessorImpl 
invoke
> > > > SEVERE: Exception invoking periodic operation:
> > > > java.security.AccessControlException: access denied
> > > > ("java.lang.RuntimePermission" "setContextClassLoader")
> > > >         at
> > > > java.security.AccessControlContext.checkPermission(
> > > > AccessControlContext.java:472)
> > > >         at
> > > >
> > >
> >
> 
java.security.AccessController.checkPermission(AccessController.java:884)
> > > >         at
> > > > 
java.lang.SecurityManager.checkPermission(SecurityManager.java:549)
> > > >         at 
java.lang.Thread.setContextClassLoader(Thread.java:1474)
> > > >         at
> > > > 
org.apache.openejb.log.LoggerCreator$Get.exec(LoggerCreator.java:94)
> > > >         at
> > > >
> org.apache.openejb.log.LoggerCreator$Get.exec(LoggerCreator.java:105)
> > > >         at
> > > >
> > >
> >
> 
org.apache.openejb.util.JuliLogStream.isWarnEnabled(JuliLogStream.java:61)
> > > >         at
> > > > org.apache.openejb.util.Logger.isWarningEnabled(Logger.java:425)
> > > >         at org.apache.openejb.util.Logger.warning(Logger.java:646)
> > > >         at
> > > > org.apache.tomee.catalina.TomcatWebAppBuilder.checkHost(
> > > > TomcatWebAppBuilder.java:2233)
> > > >         at
> > > > org.apache.tomee.catalina.GlobalListenerSupport.lifecycleEvent(
> > > > GlobalListenerSupport.java:141)
> > > >         at
> > > > org.apache.catalina.util.LifecycleBase.fireLifecycleEvent(
> > > > LifecycleBase.java:94)
> > > >         at
> > > > org.apache.catalina.core.ContainerBase.backgroundProcess(
> > > > ContainerBase.java:1164)
> > > >         at
> > > > 
org.apache.catalina.core.ContainerBase$ContainerBackgroundProcessor.
> > > > processChildren(ContainerBase.java:1388)
> > > >         at
> > > > 
org.apache.catalina.core.ContainerBase$ContainerBackgroundProcessor.
> > > > processChildren(ContainerBase.java:1392)
> > > >         at
> > > > 
org.apache.catalina.core.ContainerBase$ContainerBackgroundProcessor.
> > > > run(ContainerBase.java:1360)
> > > >         at java.lang.Thread.run(Thread.java:748)
> > > >
> > > >
> > > >
> > > > Below is the repeating exception.
> > > >
> > > > Jun 26, 2018 11:41:50 AM sun.reflect.NativeMethodAccessorImpl 
invoke
> > > > SEVERE: Exception invoking periodic operation:
> > > > java.security.AccessControlException: access denied
> > > > ("java.io.FilePermission" "C:\IBM\liferay\tomee\webapps\ROOT.war"
> > > "read")
> > > >         at
> > > > java.security.AccessControlContext.checkPermission(
> > > > AccessControlContext.java:472)
> > > >         at
> > > >
> > >
> >
> 
java.security.AccessController.checkPermission(AccessController.java:884)
> > > >         at
> > > > 
java.lang.SecurityManager.checkPermission(SecurityManager.java:549)
> > > >         at
> > java.lang.SecurityManager.checkRead(SecurityManager.java:888)
> > > >         at java.io.File.exists(File.java:814)
> > > >         at
> > > > org.apache.catalina.startup.HostConfig.checkResources(
> > > > HostConfig.java:1296)
> > > >         at
> > > > org.apache.catalina.startup.HostConfig.check(HostConfig.java:1623)
> > > >         at
> > > >
> > >
> >
> 
org.apache.catalina.startup.HostConfig.lifecycleEvent(HostConfig.java:314)
> > > >         at
> > > > org.apache.catalina.util.LifecycleBase.fireLifecycleEvent(
> > > > LifecycleBase.java:94)
> > > >         at
> > > > org.apache.catalina.core.ContainerBase.backgroundProcess(
> > > > ContainerBase.java:1164)
> > > >         at
> > > > 
org.apache.catalina.core.ContainerBase$ContainerBackgroundProcessor.
> > > > processChildren(ContainerBase.java:1388)
> > > >         at
> > > > 
org.apache.catalina.core.ContainerBase$ContainerBackgroundProcessor.
> > > > processChildren(ContainerBase.java:1392)
> > > >         at
> > > > 
org.apache.catalina.core.ContainerBase$ContainerBackgroundProcessor.
> > > > run(ContainerBase.java:1360)
> > > >         at java.lang.Thread.run(Thread.java:748)
> > > >
> > > >
> > > >
> > > > What am I missing?   I can see that the exception implies 
additional
> > > > permissions, but why doesn't my blanket grant of all permission in
> the
> > > > catalina policy file cover this?
> > > >
> > > > Ross
> > > >
> > > >
> > > > Confidentiality Notice:
> > > > This electronic message and any attachments may contain 
confidential
> > or
> > > > privileged information, and is intended only for the individual or
> > > entity
> > > > identified above as the addressee. If you are not the addressee 
(or
> > the
> > > > employee or agent responsible to deliver it to the addressee), or 
if
> > > this
> > > > message has been addressed to you in error, you are hereby 
notified
> > that
> > > > you may not copy, forward, disclose or use any part of this 
message
> or
> > > any
> > > > attachments. Please notify the sender immediately by return e-mail
> or
> > > > telephone and delete this message from your system.
> > > >
> > >
> > >
> > > --
> > > BEGIN-ANTISPAM-VOTING-LINKS
> > > ------------------------------------------------------
> > >
> > > Teach CanIt if this mail (ID 01W3QmO1O) is spam:
> > > Spam:
> > >
> > >
> >
> >
>
> 
https://milton-web.wnyric.org/canit/b.php?c=s&i=01W3QmO1O&m=2bb7a21db8c9&t=20180627

>
> >
> > >
> > > Not spam:
> > >
> > >
> >
> >
>
> 
https://milton-web.wnyric.org/canit/b.php?c=n&i=01W3QmO1O&m=2bb7a21db8c9&t=20180627

>
> >
> > >
> > > Forget vote:
> > >
> > >
> >
> >
>
> 
https://milton-web.wnyric.org/canit/b.php?c=f&i=01W3QmO1O&m=2bb7a21db8c9&t=20180627

>
> >
> > >
> > > ------------------------------------------------------
> > > END-ANTISPAM-VOTING-LINKS
> > >
> > >
> > >
> > >
> > >
> > > Confidentiality Notice:
> > > This electronic message and any attachments may contain confidential
> or
> > > privileged information, and is intended only for the individual or
> > entity
> > > identified above as the addressee. If you are not the addressee (or
> the
> > > employee or agent responsible to deliver it to the addressee), or if
> > this
> > > message has been addressed to you in error, you are hereby notified
> that
> > > you may not copy, forward, disclose or use any part of this message 
or
> > any
> > > attachments. Please notify the sender immediately by return e-mail 
or
> > > telephone and delete this message from your system.
> > >
> >
> >
> > --
> > BEGIN-ANTISPAM-VOTING-LINKS
> > ------------------------------------------------------
> >
> > Teach CanIt if this mail (ID 05W3USVJt) is spam:
> > Spam:
> >
> >
>
> 
https://milton-web.wnyric.org/canit/b.php?c=s&i=05W3USVJt&m=03c723824a9b&t=20180627

>
> >
> > Not spam:
> >
> >
>
> 
https://milton-web.wnyric.org/canit/b.php?c=n&i=05W3USVJt&m=03c723824a9b&t=20180627

>
> >
> > Forget vote:
> >
> >
>
> 
https://milton-web.wnyric.org/canit/b.php?c=f&i=05W3USVJt&m=03c723824a9b&t=20180627

>
> >
> > ------------------------------------------------------
> > END-ANTISPAM-VOTING-LINKS
> >
> >
> >
> >
> >
> > Confidentiality Notice:
> > This electronic message and any attachments may contain confidential 
or
> > privileged information, and is intended only for the individual or
> entity
> > identified above as the addressee. If you are not the addressee (or 
the
> > employee or agent responsible to deliver it to the addressee), or if
> this
> > message has been addressed to you in error, you are hereby notified 
that
> > you may not copy, forward, disclose or use any part of this message or
> any
> > attachments. Please notify the sender immediately by return e-mail or
> > telephone and delete this message from your system.
> >
>
>
> --
> BEGIN-ANTISPAM-VOTING-LINKS
> ------------------------------------------------------
>
> Teach CanIt if this mail (ID 02W4fkxqC) is spam:
> Spam:
>
> 
https://milton-web.wnyric.org/canit/b.php?c=s&i=02W4fkxqC&m=d2fb064f979c&t=20180628

>
> Not spam:
>
> 
https://milton-web.wnyric.org/canit/b.php?c=n&i=02W4fkxqC&m=d2fb064f979c&t=20180628

>
> Forget vote:
>
> 
https://milton-web.wnyric.org/canit/b.php?c=f&i=02W4fkxqC&m=d2fb064f979c&t=20180628

>
> ------------------------------------------------------
> END-ANTISPAM-VOTING-LINKS
>
>
>
>
>
> Confidentiality Notice:
> This electronic message and any attachments may contain confidential or
> privileged information, and is intended only for the individual or 
entity
> identified above as the addressee. If you are not the addressee (or the
> employee or agent responsible to deliver it to the addressee), or if 
this
> message has been addressed to you in error, you are hereby notified that
> you may not copy, forward, disclose or use any part of this message or 
any
> attachments. Please notify the sender immediately by return e-mail or
> telephone and delete this message from your system.
>


-- 
BEGIN-ANTISPAM-VOTING-LINKS
------------------------------------------------------

Teach CanIt if this mail (ID 05W4k3PHx) is spam:
Spam:        
https://milton-web.wnyric.org/canit/b.php?c=s&i=05W4k3PHx&m=4665151ab5c3&t=20180628

Not spam:    
https://milton-web.wnyric.org/canit/b.php?c=n&i=05W4k3PHx&m=4665151ab5c3&t=20180628

Forget vote: 
https://milton-web.wnyric.org/canit/b.php?c=f&i=05W4k3PHx&m=4665151ab5c3&t=20180628

------------------------------------------------------
END-ANTISPAM-VOTING-LINKS





Confidentiality Notice: 
This electronic message and any attachments may contain confidential or 
privileged information, and is intended only for the individual or entity 
identified above as the addressee. If you are not the addressee (or the 
employee or agent responsible to deliver it to the addressee), or if this 
message has been addressed to you in error, you are hereby notified that 
you may not copy, forward, disclose or use any part of this message or any 
attachments. Please notify the sender immediately by return e-mail or 
telephone and delete this message from your system.

Mime
  • Unnamed multipart/alternative (inline, None, 0 bytes)
View raw message