-Djava.security.manager=problems for service providers

Peter jini at zeus.net.au
Wed Mar 28 01:50:08 UTC 2018


Thanks Daniel,

Ah yes, I see what's happening and why this only occurs when using 
-Djava.security.manager=

sun.misc.Launcher calls the security manager constructor from within its 
constructor, which creates a recursive call back to the static method 
Launcher.getLauncher(), which returns the uninitialized static launcher 
field.

CombinerSecurityManager checks during construction that the policy has 
been instantiated and it also instantiates a Logger.  It could safely 
lose the logger, but the policy must be fully instantiated before the 
security manager is in force, otherwise it creates recursive calls in 
the security manager implementation.

The simplest fix would be to move the instantiation of SecurityManager 
to  a static initializer in Launcher that occurs after the construction 
of Launcher and setting of the static launcher field.

This didn't become a problem until recently upgrading to the latest Java 
8 JDK, so not sure of the history here.

Regards Peter.

More comments inline below:

> Hi,
>
> On 27/03/2018 14:06, Alan Bateman wrote:
> >/  Moving this to security-dev.
> />/
> />/    From the stack trace, it looks like you are using JDK 8 or older. There
> />/  are several changes in JDK 9 and newer in the PolicyFile code to how it
> />/  loads its resources that may help with the issues you are seeing.
> />/
> />/  -Alan
> /
> [snip]
>
> >/       [java]     at java.util.logging.Logger.log(Logger.java:788)
> />/       [java]     at org.apache.river.api.security.ConcurrentPolicyFile$2.run(ConcurrentPolicyFile.java:496)
> /
> In what logging is concerned, it's probably not a good idea to
> use java.util.logging in a Policy/SecurityManager implementation
> supplied on the command line as java.util.logging uses
> doPrivileged and checks for permissions.

Work arounds for that problem:

    * Delegate logging to an executor.
    * Use a thread local variable to detect trusted recursive calls.
    * Only log messages during startup, when the policy or security
      manager isn't active.


> For the record the line that throws in the first stack trace
> seems to be this one at LogManager.java:965
>
>       Class<?>  clz = ClassLoader.getSystemClassLoader().loadClass(word);
>
> The exception is caught and printed on System.err at line 981
> allowing the caller to proceed - so it's not what is
> causing the ExceptionInInitializerError, but it shows that
> ClassLoader.getSystemClassLoader() is probably returning null
> at this point, and it looks like it is the same issue you're
> seeing at ResourceBundle.java:502 later on, which prevents the
> CombinerSecurityManager to initialize.
>
>
> Hopes this helps,
>
> -- daniel
>
>
> >/
> />/  On 27/03/2018 13:56, Peter Firmstone wrote:
> />>/  Not sure if this is the right place to mention this.
> />>/
> />>/  Anyone notice that specifying a custom security manager at jvm start
> />>/  up causes issues with service providers loading?   If using the sun
> />>/  PolicyFile implementation, the policy doesn't load due to the provider
> />>/  failure, I have a custom policy implementation that will allow the jvm
> />>/  to run in this state, and other providers are also not loading, such
> />>/  as the logger and JCE.
> />>/
> />>/  Note that it doesn't occur if the security manager is set
> />>/  programmatically in the main method at start up, only if it's set via
> />>/  command line option.
> />>/
> />>/  Examples of providers not loading:
> />>/
> />>/        [java] java.lang.NullPointerException
> />>/        [java] Can't load log handler "java.util.logging.ConsoleHandler"
> />>/        [java] java.lang.NullPointerException
> />>/        [java] java.lang.NullPointerException
> />>/        [java]     at
> />>/  java.util.logging.LogManager$5.run(LogManager.java:965)
> />>/        [java]     at java.security.AccessController.doPrivileged(Native
> />>/  Method)
> />>/        [java]     at
> />>/  java.util.logging.LogManager.loadLoggerHandlers(LogManager.java:958)
> />>/        [java]     at
> />>/  java.util.logging.LogManager.initializeGlobalHandlers(LogManager.java:1578)
> />>/
> />>/        [java]     at
> />>/  java.util.logging.LogManager.access$1500(LogManager.java:145)
> />>/        [java]     at
> />>/  java.util.logging.LogManager$RootLogger.accessCheckedHandlers(LogManager.java:1667)
> />>/
> />>/        [java]     at java.util.logging.Logger.getHandlers(Logger.java:1777)
> />>/        [java]     at java.util.logging.Logger.log(Logger.java:735)
> />>/        [java]     at java.util.logging.Logger.doLog(Logger.java:765)
> />>/        [java]     at java.util.logging.Logger.log(Logger.java:788)
> />>/        [java]     at
> />>/  org.apache.river.api.security.ConcurrentPolicyFile$2.run(ConcurrentPolicyFile.java:496)
> />>/
> />>/        [java]     at
> />>/  org.apache.river.api.security.ConcurrentPolicyFile$2.run(ConcurrentPolicyFile.java:469)
> />>/
> />>/        [java]     at java.security.AccessController.doPrivileged(Native
> />>/  Method)
> />>/        [java]     at
> />>/  org.apache.river.api.security.ConcurrentPolicyFile.readPoliciesNoCheckGuard(ConcurrentPolicyFile.java:468)
> />>/
> />>/        [java]     at
> />>/  org.apache.river.api.security.ConcurrentPolicyFile.readPolicyPermissionGrants(ConcurrentPolicyFile.java:243)
> />>/
> />>/        [java]     at
> />>/  org.apache.river.api.security.ConcurrentPolicyFile.<init>(ConcurrentPolicyFile.java:253)
> />>/
> />>/        [java]     at
> />>/  org.apache.river.api.security.ConcurrentPolicyFile.<init>(ConcurrentPolicyFile.java:226)
> />>/
> />>/        [java]     at
> />>/  org.apache.river.api.security.CombinerSecurityManager.<init>(CombinerSecurityManager.java:154)
> />>/
> />>/        [java]     at
> />>/  org.apache.river.api.security.CombinerSecurityManager.<init>(CombinerSecurityManager.java:133)
> />>/
> />>/        [java]     at
> />>/  org.apache.river.tool.SecurityPolicyWriter.<init>(SecurityPolicyWriter.java:137)
> />>/
> />>/        [java]     at
> />>/  org.apache.river.tool.SecurityPolicyWriter.<init>(SecurityPolicyWriter.java:162)
> />>/
> />>/        [java]     at
> />>/  sun.reflect.NativeConstructorAccessorImpl.newInstance0(Native Method)
> />>/        [java]     at
> />>/  sun.reflect.NativeConstructorAccessorImpl.newInstance(NativeConstructorAccessorImpl.java:62)
> />>/
> />>/        [java]     at
> />>/  sun.reflect.DelegatingConstructorAccessorImpl.newInstance(DelegatingConstructorAccessorImpl.java:45)
> />>/
> />>/        [java]     at
> />>/  java.lang.reflect.Constructor.newInstance(Constructor.java:423)
> />>/        [java]     at java.lang.Class.newInstance(Class.java:442)
> />>/        [java]     at sun.misc.Launcher.<init>(Launcher.java:93)
> />>/        [java]     at sun.misc.Launcher.<clinit>(Launcher.java:54)
> />>/        [java]     at
> />>/  java.lang.ClassLoader.initSystemClassLoader(ClassLoader.java:1451)
> />>/        [java]     at
> />>/  java.lang.ClassLoader.getSystemClassLoader(ClassLoader.java:1436)
> />>/
> />>/
> />>/        [java] Error occurred during initialization of VM
> />>/        [java] java.lang.ExceptionInInitializerError
> />>/        [java]     at
> />>/  java.util.ResourceBundle.getLoader(ResourceBundle.java:482)
> />>/        [java]     at
> />>/  java.util.ResourceBundle.getBundle(ResourceBundle.java:783)
> />>/        [java]     at
> />>/  sun.security.util.ResourcesMgr$1.run(ResourcesMgr.java:47)
> />>/        [java]     at
> />>/  sun.security.util.ResourcesMgr$1.run(ResourcesMgr.java:44)
> />>/        [java]     at java.security.AccessController.doPrivileged(Native
> />>/  Method)
> />>/        [java]     at
> />>/  sun.security.util.ResourcesMgr.getString(ResourcesMgr.java:43)
> />>/        [java]     at
> />>/  sun.security.provider.PolicyFile.addGrantEntry(PolicyFile.java:888)
> />>/        [java]     at
> />>/  sun.security.provider.PolicyFile.init(PolicyFile.java:626)
> />>/        [java]     at
> />>/  sun.security.provider.PolicyFile.access$400(PolicyFile.java:258)
> />>/        [java]     at
> />>/  sun.security.provider.PolicyFile$3.run(PolicyFile.java:521)
> />>/        [java]     at
> />>/  sun.security.provider.PolicyFile$3.run(PolicyFile.java:495)
> />>/        [java]     at java.security.AccessController.doPrivileged(Native
> />>/  Method)
> />>/        [java]     at
> />>/  sun.security.provider.PolicyFile.initPolicyFile(PolicyFile.java:495)
> />>/        [java]     at
> />>/  sun.security.provider.PolicyFile.initPolicyFile(PolicyFile.java:480)
> />>/        [java]     at
> />>/  sun.security.provider.PolicyFile.init(PolicyFile.java:439)
> />>/        [java]     at
> />>/  sun.security.provider.PolicyFile.<init>(PolicyFile.java:297)
> />>/        [java]     at java.security.Policy.getPolicyNoCheck(Policy.java:196)
> />>/        [java]     at java.security.Policy.getPolicy(Policy.java:154)
> />>/        [java]     at net.jini.security.Security$7.run(Security.java:1054)
> />>/        [java]     at net.jini.security.Security$7.run(Security.java:1052)
> />>/        [java]     at java.security.AccessController.doPrivileged(Native
> />>/  Method)
> />>/        [java]     at
> />>/  net.jini.security.Security.getPolicy(Security.java:1052)
> />>/        [java]     at
> />>/  net.jini.security.Security.getContext(Security.java:506)
> />>/        [java]     at
> />>/  org.apache.river.api.security.CombinerSecurityManager.<init>(CombinerSecurityManager.java:140)
> />>/
> />>/        [java]     at
> />>/  org.apache.river.api.security.CombinerSecurityManager.<init>(CombinerSecurityManager.java:132)
> />>/
> />>/        [java]     at
> />>/  org.apache.river.tool.SecurityPolicyWriter.<init>(SecurityPolicyWriter.java:137)
> />>/
> />>/        [java]     at
> />>/  org.apache.river.tool.SecurityPolicyWriter.<init>(SecurityPolicyWriter.java:160)
> />>/
> />>/        [java]     at
> />>/  sun.reflect.NativeConstructorAccessorImpl.newInstance0(Native Method)
> />>/        [java]     at
> />>/  sun.reflect.NativeConstructorAccessorImpl.newInstance(NativeConstructorAccessorImpl.java:62)
> />>/
> />>/        [java]     at
> />>/  sun.reflect.DelegatingConstructorAccessorImpl.newInstance(DelegatingConstructorAccessorImpl.java:45)
> />>/
> />>/        [java]     at
> />>/  java.lang.reflect.Constructor.newInstance(Constructor.java:423)
> />>/        [java]     at java.lang.Class.newInstance(Class.java:442)
> />>/        [java]     at sun.misc.Launcher.<init>(Launcher.java:93)
> />>/        [java]     at sun.misc.Launcher.<clinit>(Launcher.java:54)
> />>/        [java]     at
> />>/  java.lang.ClassLoader.initSystemClassLoader(ClassLoader.java:1451)
> />>/        [java]     at
> />>/  java.lang.ClassLoader.getSystemClassLoader(ClassLoader.java:1436)
> />>/        [java] Caused by: java.lang.NullPointerException
> />>/        [java]     at
> />>/  java.util.ResourceBundle$RBClassLoader.<clinit>(ResourceBundle.java:502)
> />>/        [java]     at
> />>/  java.util.ResourceBundle.getLoader(ResourceBundle.java:482)
> />>/        [java]     at
> />>/  java.util.ResourceBundle.getBundle(ResourceBundle.java:783)
> />>/        [java]     at
> />>/  sun.security.util.ResourcesMgr$1.run(ResourcesMgr.java:47)
> />>/        [java]     at
> />>/  sun.security.util.ResourcesMgr$1.run(ResourcesMgr.java:44)
> />>/        [java]     at java.security.AccessController.doPrivileged(Native
> />>/  Method)
> />>/        [java]     at
> />>/  sun.security.util.ResourcesMgr.getString(ResourcesMgr.java:43)
> />>/        [java]     at
> />>/  sun.security.provider.PolicyFile.addGrantEntry(PolicyFile.java:888)
> />>/        [java]     at
> />>/  sun.security.provider.PolicyFile.init(PolicyFile.java:626)
> />>/        [java]     at
> />>/  sun.security.provider.PolicyFile.access$400(PolicyFile.java:258)
> />>/        [java]     at
> />>/  sun.security.provider.PolicyFile$3.run(PolicyFile.java:521)
> />>/        [java]     at
> />>/  sun.security.provider.PolicyFile$3.run(PolicyFile.java:495)
> />>/        [java]     at java.security.AccessController.doPrivileged(Native
> />>/  Method)
> />>/        [java]     at
> />>/  sun.security.provider.PolicyFile.initPolicyFile(PolicyFile.java:495)
> />>/        [java]     at
> />>/  sun.security.provider.PolicyFile.initPolicyFile(PolicyFile.java:480)
> />>/        [java]     at
> />>/  sun.security.provider.PolicyFile.init(PolicyFile.java:439)
> />>/        [java]     at
> />>/  sun.security.provider.PolicyFile.<init>(PolicyFile.java:297)
> />>/        [java]     at java.security.Policy.getPolicyNoCheck(Policy.java:196)
> />>/        [java]     at java.security.Policy.getPolicy(Policy.java:154)
> />>/        [java]     at net.jini.security.Security$7.run(Security.java:1054)
> />>/        [java]     at net.jini.security.Security$7.run(Security.java:1052)
> />>/        [java]     at java.security.AccessController.doPrivileged(Native
> />>/  Method)
> />>/        [java]     at
> />>/  net.jini.security.Security.getPolicy(Security.java:1052)
> />>/        [java]     at
> />>/  net.jini.security.Security.getContext(Security.java:506)
> />>/        [java] Unexpected exception:
> />>/        [java]     at
> />>/  org.apache.river.api.security.CombinerSecurityManager.<init>(CombinerSecurityManager.java:140)
> />>/
> />>/        [java]     at
> />>/  org.apache.river.api.security.CombinerSecurityManager.<init>(CombinerSecurityManager.java:132)
> />>/
> />>/        [java]     at
> />>/  org.apache.river.tool.SecurityPolicyWriter.<init>(SecurityPolicyWriter.java:137)
> />>/
> />>/        [java]     at
> />>/  org.apache.river.tool.SecurityPolicyWriter.<init>(SecurityPolicyWriter.java:160)
> />>/
> />>/        [java]     at
> />>/  sun.reflect.NativeConstructorAccessorImpl.newInstance0(Native Method)
> />>/        [java]     at
> />>/  sun.reflect.NativeConstructorAccessorImpl.newInstance(NativeConstructorAccessorImpl.java:62)
> />>/
> />>/        [java]     at
> />>/  sun.reflect.DelegatingConstructorAccessorImpl.newInstance(DelegatingConstructorAccessorImpl.java:45)
> />>/
> />>/        [java]     at
> />>/  java.lang.reflect.Constructor.newInstance(Constructor.java:423)
> />>/        [java]     at java.lang.Class.newInstance(Class.java:442)
> />>/        [java]     at sun.misc.Launcher.<init>(Launcher.java:93)
> />>/        [java]     at sun.misc.Launcher.<clinit>(Launcher.java:54)
> />>/        [java]     at
> />>/  java.lang.ClassLoader.initSystemClassLoader(ClassLoader.java:1451)
> />>/        [java]     at
> />>/  java.lang.ClassLoader.getSystemClassLoader(ClassLoader.java:1436)
> />>/
> />>/
> />>/
> />>/        [java] java.lang.ExceptionInInitializerError
> />>/        [java]     at
> />>/  javax.crypto.JceSecurityManager.<clinit>(JceSecurityManager.java:65)
> />>/        [java]     at
> />>/  javax.crypto.Cipher.getConfiguredPermission(Cipher.java:2586)
> />>/        [java]     at
> />>/  javax.crypto.Cipher.getMaxAllowedKeyLength(Cipher.java:2610)
> />>/        [java]     at
> />>/  sun.security.ssl.CipherSuite$BulkCipher.isUnlimited(CipherSuite.java:535)
> />>/        [java]     at
> />>/  sun.security.ssl.CipherSuite$BulkCipher.<init>(CipherSuite.java:507)
> />>/        [java]     at
> />>/  sun.security.ssl.CipherSuite.<clinit>(CipherSuite.java:614)
> />>/        [java]     at
> />>/  sun.security.ssl.SSLContextImpl.getApplicableCipherSuiteList(SSLContextImpl.java:294)
> />>/
> />>/        [java]     at
> />>/  sun.security.ssl.SSLContextImpl.access$100(SSLContextImpl.java:42)
> />>/        [java]     at
> />>/  sun.security.ssl.SSLContextImpl$AbstractTLSContext.<clinit>(SSLContextImpl.java:425)
> />>/
> />>/        [java]     at java.lang.Class.forName0(Native Method)
> />>/        [java]     at java.lang.Class.forName(Class.java:264)
> />>/        [java]     at
> />>/  java.security.Provider$Service.getImplClass(Provider.java:1634)
> />>/        [java]     at
> />>/  java.security.Provider$Service.newInstance(Provider.java:1592)
> />>/        [java]     at
> />>/  sun.security.jca.GetInstance.getInstance(GetInstance.java:236)
> />>/        [java]     at
> />>/  sun.security.jca.GetInstance.getInstance(GetInstance.java:164)
> />>/        [java]     at
> />>/  javax.net.ssl.SSLContext.getInstance(SSLContext.java:156)
> />>/        [java]     at
> />>/  net.jini.jeri.ssl.Utilities.getServerSSLContextInfo(Utilities.java:712)
> />>/        [java]     at
> />>/  net.jini.jeri.ssl.Utilities.getSupportedCipherSuites(Utilities.java:284)
> />>/        [java]     at
> />>/  net.jini.jeri.ssl.SslEndpointImpl.getConnectionContexts(SslEndpointImpl.java:750)
> />>/
> />>/        [java]     at
> />>/  net.jini.jeri.ssl.SslEndpointImpl.getCallContext(SslEndpointImpl.java:326)
> />>/
> />>/        [java]     at
> />>/  net.jini.jeri.ssl.SslEndpointImpl.newRequest(SslEndpointImpl.java:185)
> />>/        [java]     at
> />>/  net.jini.jeri.ssl.SslEndpoint.newRequest(SslEndpoint.java:550)
> />>/        [java]     at
> />>/  net.jini.jeri.BasicObjectEndpoint.newCall(BasicObjectEndpoint.java:421)
> />>/        [java]     at
> />>/  net.jini.jeri.BasicInvocationHandler.invokeRemoteMethod(BasicInvocationHandler.java:688)
> />>/
> />>/        [java]     at
> />>/  net.jini.jeri.BasicInvocationHandler.invoke(BasicInvocationHandler.java:571)
> />>/
> />>/        [java]     at com.sun.proxy.$Proxy2.registerGroup(Unknown Source)
> />>/        [java]     at
> />>/  org.apache.river.start.SharedActivationGroupDescriptor.create(SharedActivationGroupDescriptor.java:370)
> />>/
> />>/        [java]     at
> />>/  org.apache.river.qa.harness.SharedGroupAdmin.start(SharedGroupAdmin.java:204)
> />>/
> />>/        [java]     at
> />>/  org.apache.river.qa.harness.AdminManager.startService(AdminManager.java:639)
> />>/
> />>/        [java]     at
> />>/  org.apache.river.qa.harness.AdminManager.startService(AdminManager.java:660)
> />>/
> />>/        [java]     at
> />>/  org.apache.river.qa.harness.ActivatableServiceStarterAdmin.getServiceSharedLogDir(ActivatableServiceStarterAdmin.java:388)
> />>/
> />>/        [java]     at
> />>/  org.apache.river.qa.harness.ActivatableServiceStarterAdmin.start(ActivatableServiceStarterAdmin.java:224)
> />>/
> />>/        [java]     at
> />>/  org.apache.river.qa.harness.AdminManager.startService(AdminManager.java:639)
> />>/
> />>/        [java]     at
> />>/  org.apache.river.qa.harness.AdminManager.startService(AdminManager.java:660)
> />>/
> />>/        [java]     at
> />>/  org.apache.river.qa.harness.AdminManager.startLookupService(AdminManager.java:679)
> />>/
> />>/        [java]     at
> />>/  org.apache.river.test.spec.lookupservice.QATestRegistrar.construct(QATestRegistrar.java:458)
> />>/
> />>/        [java]     at
> />>/  org.apache.river.test.spec.lookupservice.test_set00.EvntLeaseExpiration.construct(EvntLeaseExpiration.java:88)
> />>/
> />>/        [java]     at
> />>/  org.apache.river.qa.harness.MasterTest.doTest(MasterTest.java:228)
> />>/        [java]     at
> />>/  org.apache.river.qa.harness.MasterTest.access$000(MasterTest.java:48)
> />>/        [java]     at
> />>/  org.apache.river.qa.harness.MasterTest$1.run(MasterTest.java:174)
> />>/        [java]     at java.security.AccessController.doPrivileged(Native
> />>/  Method)
> />>/        [java]     at
> />>/  javax.security.auth.Subject.doAsPrivileged(Subject.java:483)
> />>/        [java]     at
> />>/  org.apache.river.qa.harness.MasterTest.doTestWithLogin(MasterTest.java:171)
> />>/
> />>/        [java]     at
> />>/  org.apache.river.qa.harness.MasterTest.main(MasterTest.java:150)
> />>/        [java] Caused by: java.lang.SecurityException: Can not initialize
> />>/  cryptographic mechanism
> />>/        [java]     at javax.crypto.JceSecurity.<clinit>(JceSecurity.java:93)
> />>/        [java]     ... 44 more
> />>/        [java] Caused by: java.lang.SecurityException: Cannot locate
> />>/  policy or framework files!
> />>/        [java]     at
> />>/  javax.crypto.JceSecurity.setupJurisdictionPolicies(JceSecurity.java:316)
> />>/        [java]     at
> />>/  javax.crypto.JceSecurity.access$000(JceSecurity.java:50)
> />>/        [java]     at javax.crypto.JceSecurity$1.run(JceSecurity.java:85)
> />>/        [java]     at java.security.AccessController.doPrivileged(Native
> />>/  Method)
> />>/        [java]     at javax.crypto.JceSecurity.<clinit>(JceSecurity.java:82)
> />/
> /


More information about the security-dev mailing list