配置WebLogic和Java安全管理器

时间:2015-10-02 06:03:01

标签: permissions weblogic content-security-policy accesscontrolexception java-security-manager

我正在尝试配置Java Security Manager以保护WebLogic资源,但是当我启动WL时,我收到错误:

<Server subsystem failed. Reason: java.lang.ExceptionInInitializerError  
java.lang.ExceptionInInitializerError  
  at com.rsa.cryptoj.c.pi.<clinit>(Unknown Source)  
  at com.rsa.jsafe.CryptoJ.isFIPS140Compliant(Unknown Source)  
  at weblogic.security.internal.encryption.JSafeEncryptionServiceImpl.getNonFIPS140Ctx(JSafeEncryptionServiceImpl.java:497)  
  at weblogic.security.internal.encryption.JSafeEncryptionServiceImpl.getSymmetricCipher(JSafeEncryptionServiceImpl.java:487)  
  at weblogic.security.internal.encryption.JSafeSecretKeyEncryptor.decryptSecretKey(JSafeSecretKeyEncryptor.java:89)  
  at weblogic.security.internal.encryption.JSafeEncryptionServiceImpl.createCiphers(JSafeEncryptionServiceImpl.java:398)  
  at weblogic.security.internal.encryption.JSafeEncryptionServiceImpl.create3DESKeyContext(JSafeEncryptionServiceImpl.java:362)  
  at weblogic.security.internal.encryption.JSafeEncryptionServiceImpl.<init>(JSafeEncryptionServiceImpl.java:334)  
  at weblogic.security.internal.encryption.JSafeEncryptionServiceFactory.getEncryptionService(JSafeEncryptionServiceFactory.java:48)  
  at weblogic.security.internal.SerializedSystemIni.getEncryptionService(SerializedSystemIni.java:293)  
  at weblogic.security.internal.SerializedSystemIni.getEncryptionService(SerializedSystemIni.java:340)  
  at weblogic.security.internal.BootProperties.initialize(BootProperties.java:530)  
  at weblogic.security.internal.BootProperties.<init>(BootProperties.java:448)  
  at weblogic.security.internal.BootProperties.load(BootProperties.java:220)  
  at weblogic.security.internal.ServerAuthenticate.main(ServerAuthenticate.java:86)  
  at weblogic.management.provider.PropertyService.initializeSecurityProperties(PropertyService.java:254)  
  at weblogic.management.provider.internal.RuntimeAccessService.start(RuntimeAccessService.java:48)  
  at weblogic.t3.srvr.ServerServicesManager.startService(ServerServicesManager.java:461)  
  at weblogic.t3.srvr.ServerServicesManager.startInStandbyState(ServerServicesManager.java:166)  
  at weblogic.t3.srvr.T3Srvr.initializeStandby(T3Srvr.java:881)  
  at weblogic.t3.srvr.T3Srvr.startup(T3Srvr.java:568)  
  at weblogic.t3.srvr.T3Srvr.run(T3Srvr.java:469)  
  at weblogic.Server.main(Server.java:71) 

AccessControlException:拒绝访问

Caused By: java.security.AccessControlException: access denied ("java.security.SecurityPermission" "getProperty.com.rsa.cryptoj.jsafe.fips140initialmode")  
  at java.security.AccessControlContext.checkPermission(AccessControlContext.java:372)  
  at java.security.AccessController.checkPermission(AccessController.java:559)  
  at java.lang.SecurityManager.checkPermission(SecurityManager.java:549)  
  at java.security.Security.getProperty(Security.java:761)  
  at com.rsa.cryptoj.c.ip.l(Unknown Source)  
  at com.rsa.cryptoj.c.ip.<clinit>(Unknown Source)  
  at com.rsa.cryptoj.c.pi.<clinit>(Unknown Source)  
  at com.rsa.jsafe.CryptoJ.isFIPS140Compliant(Unknown Source)  
  at weblogic.security.internal.encryption.JSafeEncryptionServiceImpl.getNonFIPS140Ctx(JSafeEncryptionServiceImpl.java:497)  
  at weblogic.security.internal.encryption.JSafeEncryptionServiceImpl.getSymmetricCipher(JSafeEncryptionServiceImpl.java:487)  
  at weblogic.security.internal.encryption.JSafeSecretKeyEncryptor.decryptSecretKey(JSafeSecretKeyEncryptor.java:89)  
  at weblogic.security.internal.encryption.JSafeEncryptionServiceImpl.createCiphers(JSafeEncryptionServiceImpl.java:398)  
  at weblogic.security.internal.encryption.JSafeEncryptionServiceImpl.create3DESKeyContext(JSafeEncryptionServiceImpl.java:362)  
  at weblogic.security.internal.encryption.JSafeEncryptionServiceImpl.<init>(JSafeEncryptionServiceImpl.java:334)  
  at weblogic.security.internal.encryption.JSafeEncryptionServiceFactory.getEncryptionService(JSafeEncryptionServiceFactory.java:48)  
  at weblogic.security.internal.SerializedSystemIni.getEncryptionService(SerializedSystemIni.java:293)  
  at weblogic.security.internal.SerializedSystemIni.getEncryptionService(SerializedSystemIni.java:340)  
  at weblogic.security.internal.BootProperties.initialize(BootProperties.java:530)  
  at weblogic.security.internal.BootProperties.<init>(BootProperties.java:448)  
  at weblogic.security.internal.BootProperties.load(BootProperties.java:220)  
  at weblogic.security.internal.ServerAuthenticate.main(ServerAuthenticate.java:86)  
  at weblogic.management.provider.PropertyService.initializeSecurityProperties(PropertyService.java:254)  
  at weblogic.management.provider.internal.RuntimeAccessService.start(RuntimeAccessService.java:48)  
  at weblogic.t3.srvr.ServerServicesManager.startService(ServerServicesManager.java:461)  
  at weblogic.t3.srvr.ServerServicesManager.startInStandbyState(ServerServicesManager.java:166)  
  at weblogic.t3.srvr.T3Srvr.initializeStandby(T3Srvr.java:881)  
  at weblogic.t3.srvr.T3Srvr.startup(T3Srvr.java:568)  
  at weblogic.t3.srvr.T3Srvr.run(T3Srvr.java:469)  
  at weblogic.Server.main(Server.java:71)  

我的weblogic.policy包括:

grant {  
  permission java.util.PropertyPermission "*", "read,write";   
  permission java.lang.RuntimePermission "*";   
  permission java.io.FilePermission "<<ALL FILES>>", "read,write,delete";   
  permission javax.management.MBeanPermission "*", "*";  

  permission java.security.SecurityPermission "getProperty.com.rsa.cryptoj.jsafe.fips140initialmode", "";  
};  

+所有,我通过使用Printing Security Manager获得。我做错了什么?

0 个答案:

没有答案