List Info

Thread: Unable to use JSPWiki 2.4 in OC4J
Unable to use JSPWiki 2.4 in OC4J
user name
 2006-10-26 22:31:32 
Hi Andrew,

I've also put that "os.name" "read"
permission in jspwiki.policy file. So it
should be applied.

Tks,
Eduardo.


2006/10/26, Andrew Jaquith <andrew.jaquithmac.com>:
>
> Hi Eduardo --
>
> Only one policy file can be active at a time. If you
aren't using
> OC4J with a security manager, then java2.policy
probably won't be
> active (I don't use OC4J, but normally policies aren't
loaded unless
> there's a security manager). Your log files suggests
that
> java2.policy isn't loaded. Thus, the
"os.name","read" line in that
> file was not being applied -- that's why we need to put
it into
> jspwiki.policy.
>
> Did the suggestion help you? It wasn't clear from your
least message.
>
> If it did,
>
> --Andrew
>
> On Oct 26, 2006, at 12:36 PM, Eduardo Ribeiro Rodrigues
wrote:
>
> > Ok Andrew,
> >
> > I removed the signedBy "jspwiki":
> >
> > grant {
> >  permission java.util.PropertyPermission      
"os.name", "read";
> > };
> >
> > This block was added to my jspwiki.policy file. I
also checked my
> > default
> > java2.policy in OC4J's config directory and it
also contains that
> > very same
> > grant. Very strange.
> >
> > The fact is that the results were the same.
> >
> > As for that JSPWiki/JSPWiki path, it's ok. That's
the correct app's
> > deployment path.
> >
> > Tks again.
> >
> > 2006/10/26, Andrew Jaquith <andrew.jaquithmac.com>:
> >>
> >> Eduardo--
> >>
> >> I think you mis-read my recommendation. Try
omiting the 'signedBy',
> >> please... we need to grant this to ALL
applications, not just
> >> JSPWiki.
> >>
> >> As for the file not found, I think there's
something strange about
> >> the file path; there are two JSPWiki/JSPWiki
references in the path.
> >> I don't know why that is.
> >>
> >> Andrew
> >>
> >> On Oct 26, 2006, at 12:00 PM, Eduardo Ribeiro
Rodrigues wrote:
> >>
> >> > Ok,
> >> >
> >> > I changed <wiki:Messages
div="information" topic="<%
> >> > =SecurityVerifier.INFO+"
> >> >
java.security.auth.login.config"%>"
prefix="Good news: "/> with
> >> > <wiki:Messages
div="information"
topic="<%=SecurityVerifier.INFO%>
> >> > java.security.auth.login.config"
prefix="Good news: "/>
> >> >
> >> > I changed that in lines 91,92,93,190,191
and 192 of admin/
> >> > SecurityConfig.jsp
> >> > and now I get the following:
> >> >
> >> > 404 Not Found
> >> >
> >> > JSP Error:
> >> > ------------------------------
> >> >
> >> > Request URI:/wiki/admin/Login.jsp
> >> >
> >> >
Exception:OracleJSP:java.io.FileNotFoundException:
> >> >
D:JDevj2eehomeapplicationsJSPWikiJSPWikiadminLogin.j
sp (The
> >> > system
> >> > cannot find the file specified)
> >> >
> >> > That's probably because of my main error
which is I don't have any
> >> > access
> >> > rights at all, even for
SecurityConfig.jsp
> >> >
> >> > I've also added the following to my
jspwiki.policy file:
> >> >
> >> > grant signedBy "jspwiki" {
> >> >  permission java.util.PropertyPermission 
     "os.name", "read";
> >> > };
> >> >
> >> > But JSPWIKI.LOG file shows the same
problem:
> >> >
> >> > 2006-10-26 12:50:46,185 [JSPWiki Session
Monitor] INFO
> >> >
com.ecyrd.jspwiki.util.WikiBackgroundThread  - Starting up
> >> background
> >> > thread: JSPWiki Session Monitor.
> >> > 2006-10-26 12:50:46,225
[HTTPThreadGroup-4] INFO
> >> > com.ecyrd.jspwiki.WikiContext JSPWiki:
> >> > h
ttp://localhost:8888/wiki/admin/SecurityConfig.jsp -
User
> >> > 127.0.0.1 has no
> >> > access - redirecting
(permission=(java.util.PropertyPermission
> >> > os.nameread))
> >> >
> >> > Tks,
> >> > Eduardo.
> >> >
> >> > 2006/10/26, Andrew Jaquith
<andrew.jaquithmac.com>:
> >> >>
> >> >> Hi Eduardo,
> >> >>
> >> >> Looks like there are two issues at
work here, and they are both
> >> >> related to quirks in OC4J. And they
are both things we can fix
> >> >> easily, I think.
> >> >>
> >> >> 1. Your JSP compiler for OC4J is
having difficulty parsing nested
> >> >> quotes in this line:
> >> >>
> >> >> <wiki:Messages
div="information"
> >> >>
topic="<%=SecurityVerifier.INFO
> >>
+"java.security.auth.login.config"%>"
> >> >> prefix="Good news: "/>
> >> >>
> >> >> Try replacing the inner quotes with
single quotes ('), or
> >> perhaps the
> >> >> outer quotes.
> >> >>
> >> >> 2. Your container is installing the
security policy as it
> >> should, but
> >> >> is choking on this permission:
> >> >>
> >> >> java.util.PropertyPermission
os.nameread
> >> >>
> >> >> Try adding a generic grant statement
to the policy that permits
> >> this
> >> >> permission for all codebases:
> >> >>
> >> >> grant signedBy {
> >> >>    permission
java.util.PropertyPermission       "os.name",
> >> "read";
> >> >> }
> >> >>
> >> >> On Tomcat, this permission is granted
to the container and all
> >> of its
> >> >> components, including the JSP
compiler. But it looks like
> >> that's not
> >> >> the case with OC4J, so we need to
tweak it a little.
> >> >>
> >> >> Let me know if this works. Both of
these are probably bugs, so
> >> once
> >> >> you get it working, let us know
exactly what to change and
> >> we'll add
> >> >> it to the CVS builds.
> >> >>
> >> >> -- Andrew
> >> >>
> >> >> On Oct 26, 2006, at 8:52 AM, Eduardo
Ribeiro Rodrigues wrote:
> >> >>
> >> >> > jspwiki
> >> >>
> >> >>
_______________________________________________
> >> >> Jspwiki-users mailing list
> >> >> Jspwiki-usersecyrd.com
> >> >> http://ecyrd.com/cgi-bin/mailman/listinfo/jspwiki-users
> >> >>
> >> >>
> >> >
> >> >
> >> > --
> >> > Eduardo Ribeiro Rodrigues
> >> > e-mail: errpobox.com
> >> > MSN: fale_com_o_eduhotmail.com
> >> > Yahoo!: edu_rr
> >> >
> >> > "Quem crê sabe esperar"
> >> >
_______________________________________________
> >> > Jspwiki-users mailing list
> >> > Jspwiki-usersecyrd.com
> >> > http://ecyrd.com/cgi-bin/mailman/listinfo/jspwiki-users
> >>
> >>
_______________________________________________
> >> Jspwiki-users mailing list
> >> Jspwiki-usersecyrd.com
> >> http://ecyrd.com/cgi-bin/mailman/listinfo/jspwiki-users
> >>
> >>
> >
> >
> > --
> > Eduardo Ribeiro Rodrigues
> > e-mail: errpobox.com
> > MSN: fale_com_o_eduhotmail.com
> > Yahoo!: edu_rr
> >
> > "Quem crê sabe esperar"
> > _______________________________________________
> > Jspwiki-users mailing list
> > Jspwiki-usersecyrd.com
> > http://ecyrd.com/cgi-bin/mailman/listinfo/jspwiki-users
>
> _______________________________________________
> Jspwiki-users mailing list
> Jspwiki-usersecyrd.com
> http://ecyrd.com/cgi-bin/mailman/listinfo/jspwiki-users
>
>


-- 
Eduardo Ribeiro Rodrigues
e-mail: errpobox.com
MSN: fale_com_o_eduhotmail.com
Yahoo!: edu_rr

"Quem crê sabe esperar"
_______________________________________________
Jspwiki-users mailing list
Jspwiki-usersecyrd.com
http://ecyrd.com/cgi-bin/mailman/listinfo/jspwiki-users
[1]

about | contact  Other archives ( Real Estate discussion Medical topics )