I am trying to use the Rythm template engine on Google App Engine/Java devserver (GAE/J). This is a bare-bones install with nothing but Rythm added to the base GAE devserver.
The question Rythm template engine and GAE doesn't quite answer my question (the source code pointed to in the answer gives a 404 error).
Started by adding the following code to my servlet code:
response.getWriter().println(Rythm.render("Successfully logged in as: #who",
user.getNickname()));
and I get:
java.security.AccessControlException: access denied ("java.io.FilePermission" "/var/folders/91/nv5sbz412b188nk22m644mq80000gn/T/__rythm" "read")
I thought this is happening because the Rythm template engine tries to look in /var to see whether to treat first parameter to Rythm.render as a filename or not, and GAE throws the AccessControlException because you're not supposed to access the filesystem outside of the war.
I then added the following lines before the call to Rythm.render (these are essentially copy-and-pasted from Rythm's HelloWorld example):
// use Map to store the configuration
Map<String, Object> map = new HashMap<String, Object>();
// tell rythm where to find the template files
map.put("home.template", ".");
// init Rythm with our predefined configuration
Rythm.init(map);
Still get that same exception. Changing the "." to "/" as value for home.template gives:
access denied ("java.io.FilePermission" "/Successfully logged in as: #who" "read")
When I tried:
map.put("home.template", this.getServletContext().getRealPath("/"));
I still get the same exception. Why is Rythm looking at /var/folders/91/nv5sbz412b188nk22m644mq80000gn/T/__rythm at all? Stack trace is available at: https://drive.google.com/file/d/0B6dOUTDGuy2AWjR3Tmt2WTlkOUE/edit?usp=sharing (is there a better way to share a stack trace?)
Need help!
Here are the versions:
GAE: 1.8.7
Maven: 3.1.1
Rythm: 1.0-b11-SNAPSHOT
OS: OS X 10.9
You need to disable engine.file_write configuration to allow Rythm be working with GAE. Check more about the configuration on http://rythmengine.org/doc/configuration.md#engine_file_write_enabled
Related
When starting for example Elasticsearch 5.5 :
main ERROR Could not register mbeans java.security.AccessControlException: access denied ("javax.management.MBeanTrustPermission" "register")
Workaround with Oracle Java 1.8.0_131 is to open file <jre>/lib/security/java.policy and add this line to grant section (i.e. between curly brackets):
permission javax.management.MBeanTrustPermission "register";
Why workaround? The upright solution would be to specify extra grant section which code exactly should get this permission.
got the same error and the answer is here java.security.AccessControlException when using Ant, but runs ok when invoking java from console
Append the grant section in java.policy file with
permission javax.management.MBeanTrustPermission "register";
I had this same issue when moving from a single instance to two instances locally.
I tried what Alice suggested above. Even re-installed Elasticsearch (5.5.0).
I also updated my Java to the latest one for Linux provided by Oracle.
Nothing was working. Then I discovered, that I couldn't just take the elasticsearch-5.5.0/config directory and rename it to elasticsearch-5.5.0/node1.
So... I had to leave that config directory in place and clone it to node1/node2.
EVEN if I configure path.config in the runtime args, ES still needs that base line config directory.
Hope this helps.
I faced same issue on Ubuntu-16.04 system.
Solution:
ElasticSeearch service is not allowed to run for "ROOT" user. That's why change the ownership of elasticsearch folder with below command:
go to Elasticseach installation directory
$ sudo chown -R user_name:user_Group elasticsearch-5.5.0
$/bin/elasticsearch
this will start elasticsearch service. It is working form me perfectly.
Hey stackoverflow community!
I'm writing a small program. In this program code, written in a Web-Interface, is compiled and run.
Now I want the written code from the web-interface to have just a few permissions, like reading a file in a specific directory, while my own code has all permissions.
I just looked up the SecurityManager and found a way to carry this out by using the codeBase attribute of the Policy-File. My idea was to give my code all permissions so the written code has no permissions.
grant codeBase "file:/PATH/-" {
permission java.security.AllPermission;
};
grant {
};
PATH points to the root directory of my program (with bin/src as subfolder).
It works until i'm invoking javax.tools.JavaCompiler.CompilationTask.call() to compile the given code, although the file has the required permissions:
An exception has occurred in the compiler (1.8.0_05). Please file a bug at the Java Developer Connection (Report a Bug or Request a Feature) after checking the Bug Parade for duplicates. Include your program and the following diagnostic in your report. Thank you.
java.security.AccessControlException: access denied ("java.util.PropertyPermission" "nonBatchMode" "read")
at java.security.AccessControlContext.checkPermission(AccessControlContext.java:457)
at java.security.AccessController.checkPermission(AccessController.java:884)
at java.lang.SecurityManager.checkPermission(SecurityManager.java:549)
at java.lang.SecurityManager.checkPropertyAccess(SecurityManager.java:1294)
at java.lang.System.getProperty(System.java:714)
at com.sun.tools.javac.main.Main.compile(Main.java:445)
at com.sun.tools.javac.api.JavacTaskImpl.doCall(JavacTaskImpl.java:129)
at com.sun.tools.javac.api.JavacTaskImpl.call(JavacTaskImpl.java:138)
.
.
.
I don't want to create a .java- and a .class-file for every typed code. For this reasen I used a ClassLoader with the following URI:
URI.create( "string:///" + className + Kind.CLASS.extension )
Trying to avoid the use of the "signedBy"-attriutes is important because it's difficult to sign .jar-files in Eclipse.
These are my questions:
1) Does anyone have an idea why the compiler throws an AccessControlException, although all needed rights are allowed?
2) Does anyone have an idea how to modify the SecurityManager this way?
3) Is it possible to seperate the included code from my own code at all?
4) Is the SecurityManager the right solution to my problem at all?
Thanks for reading and answering!
Did anyone manage to deploy, or at least run in the Azure Compute Emulator, a Java application with 2 or more roles, using the Windows Azure plugin for Eclipse?
I managed to create a working app with 1 role, but when I'm adding a new role it just doesn't work!
The emulator starts but the "Service Deployments" folder is empty.
Any help - an example for a working project / anyone who experienced that / ... - will be highly appreciated!
Edit: Here is the stack trace that I could capture:
C:\...\Azure05\deploy\ServiceConfiguration.cscfg: Error CloudService103 : The service configuration file does not provide a value for setting '?IsSimulationEnvironment? ' for role 'WorkerRole2' C:\...\Azure05\deploy\ServiceConfiguration.cscfg: Error CloudService103 : The service configuration file does not provide a value for setting '?RoleHostDebugger?' for r ole 'WorkerRole2' C:\...\Azure05\deploy\ServiceConfiguration.cscfg: Error CloudService103 : The service configuration file does not provide a value for setting '?StartupTaskDebugger?' fo r role 'WorkerRole2' Error when creating deployment. Exception details: Microsoft.ServiceHosting.Tools.DevelopmentFabric.DevFabricException: .cscfg and .csdef do not match. at Microsoft.ServiceHosting.Tools.DevelopmentFabric.DevFabric.ProcessModel(String ucxDir, String cscfg, DeploymentOptions deploymentOptions, ServiceDefinitionModel& sdm, Service ConfigurationModel& scm, TranslateOptions& transOpts) at Microsoft.ServiceHosting.Tools.DevelopmentFabric.DevFabric.CreateFullDeployment(String serviceDirectory, String cscfgFile, DeploymentOptions deploymentOptions) at Microsoft.ServiceHosting.Tools.CloudServiceRun.DoActions.Run(DirectoryInfo dir, FileInfo serviceConfiguration, Boolean launchBrowser, Boolean paused, String debugger, Boolean useIISExpress, List`1 portOverrides)
It works!
I've spent hours on that...
The solution:
Open 'ServiceConfiguration.cscfg', under the Azure project root directory in Eclipse.
Make sure that every 'Role' element has 'ConfigurationSettings' and 'Certificates' child elements (even if those are empty!)
For example,
<Role name="WorkerRole2">
<Instances count="1"/>
<ConfigurationSettings>
</ConfigurationSettings>
<Certificates>
</Certificates>
</Role>
For some reason, those elements are not created by default when adding a role via the Windows Azure plugin for Eclipse, and it causes errors when starting the compute emulator.
Trying to learn the Java interface to Xively. The following simple test fails with a 401 status code:
Feed myFeed = XivelyService.instance().feed().get(2126903832);
The exception statement is
com.xively.client.http.exception.HttpException: Http response status
indicates unsuccessful operation[Status code: 401.; Reason:
{"title":"Unauthorized","errors":"You do not have permission to access
this resource"} ]
The following console line leads me to believe that I'm not setting up the API key correctly:
2013-10-21 18:58:17,925 506 DEBUG [DefaultClientConnection.java:
276] (main:) >> X-ApiKey:
The Developer docs says replace <your api key> in config.properties with my API key. I did that, but it doesn't seem to make any difference.
I installed the library with Maven to my default Maven repo and point to it in Referenced Libraries. I am trying to build the whole thing in Eclipse.
My specific question is where is the config.properties the ApiConfig is reading?
I had this problem too. The problem was that I had double quotes in the config.properties file. The line should read:
api.key=yWYxyi3HpdqFCBtKHueTvOGoGROSAKxGRFAyQWk5d3JNdz0g
We are facing an issue during the deployment of an application into the CCIX Dev environment(App id is cet).
We are using Spring framework 3.1.0 as the MVC framework in our application. When we deploy the application, Spring starts initializing its own container. One of the steps during this process is to read all the environment variables. Spring achieves this by invoking a method System.getenv() which will return all the environment variables and the corresponding values in the system. During this step, a security exception is thrown as given below
[8/30/13 1:20:13:965 EDT] 00000014 SecurityManag W SECJ0314W: Current Java 2 Security policy reported a potential violation of Java 2 Security Permission. Please refer to InfoCenter for further information.
Permission:
getenv.* : Access denied (java.lang.RuntimePermission getenv.*)
Code:
org.springframework.core.env.AbstractEnvironment in {file:/opt/httpd/root/apps/cet/ibm/ccix-dev-ear/caseesc.war/WEB-INF/lib/spring-core-3.2.1.RELEASE.jar}
Stack Trace:
java.security.AccessControlException: Access denied (java.lang.RuntimePermission getenv.*)
We tried to debug this by adding the line below line in was.policy file.
permission java.lang.RuntimePermission "getenv.*";
This is failing as the system does not allow the permission declaration with a wild character(*).
Also tried adding the below lines in application context file,but still no luck.
Please assist.
Try adding into WebSphere's JRE java.policy file e.g. /opt/IBM/WebSphere/AppServer/java/jre/lib/security/java.policy