V3:SecurityManager Issue when V3 is Embedded in NB

[glassfishrobot]

When trying to run V3 in embedded mode in Netbeans we are getting an NPE situation below. Looking at the code we can see thatwe are trying to forcefully reset the security manager to V3 SM if one is already set.

this does not seem the right thing to do in embedded mode where we should be capable of delegating to the outer security manager instance.

INFO [glassfish-hk2]: command: http://localhost:8080/__asadmin/version INFO [glassfish-hk2]: command result: SUCCESS, GlassFish 10.0- SNAPSHOT (build b001) INFO [org.netbeans.modules.j2ee.deployment.impl.ServerInstance]: DebuggerInfo cannot be found for: GlassFish V3 Preview INFO [glassfish-hk2]: command: http://localhost:8080/__asadmin/version INFO [glassfish-hk2]: command result: SUCCESS, GlassFish 10.0- SNAPSHOT (build b001) SEVERE [javax.enterprise.system.core.security]: SEC5101: Fail to instantiate the SecurityLifecycle. java.lang.SecurityException at org .netbeans .TopSecurityManager.checkSetSecurityManager(TopSecurityManager.java: 410) at org .netbeans.TopSecurityManager.checkPermission(TopSecurityManager.java: 374) at java.lang.System.setSecurityManager0(System.java:253) at java.lang.System.setSecurityManager(System.java:245) [catch] at com .sun .enterprise.security.SecurityLifecycle.(SecurityLifecycle.java: 105) at sun.reflect.NativeConstructorAccessorImpl.newInstance0(Native Method) at sun .reflect .NativeConstructorAccessorImpl .newInstance(NativeConstructorAccessorImpl.java:39) at sun .reflect .DelegatingConstructorAccessorImpl .newInstance(DelegatingConstructorAccessorImpl.java:27) at java.lang.reflect.Constructor.newInstance(Constructor.java:494) at java.lang.Class.newInstance0(Class.java:350) at java.lang.Class.newInstance(Class.java:303) at com.sun.hk2.component.ConstructorWomb.create(ConstructorWomb.java:34) at com.sun.hk2.component.AbstractWombImpl.get(AbstractWombImpl.java:38) at com .sun.hk2.component.SingletonInhabitant.get(SingletonInhabitant.java: 22) at com.sun.hk2.component.LazyInhabitant.get(LazyInhabitant.java:71) at com .sun .hk2 .component.AbstractInhabitantImpl.get(AbstractInhabitantImpl.java:24) at com .sun.enterprise.security.SecuritySniffer.setup(SecuritySniffer.java: 51) at com .sun .enterprise .v3.server.ContainerStarter.startContainer(ContainerStarter.java:103) at com .sun .enterprise .v3 .server .ApplicationLifecycle.setupContainer(ApplicationLifecycle.java:662) at com .sun .enterprise .v3 .server .ApplicationLifecycle.setupContainerInfos(ApplicationLifecycle.java: 386) at com .sun .enterprise .v3.server.ApplicationLifecycle.deploy(ApplicationLifecycle.java:260) at com .sun .enterprise .v3 .services .impl .ApplicationLoaderService .processApplication(ApplicationLoaderService.java:246) at com .sun .enterprise .v3 .services .impl .ApplicationLoaderService .postConstruct(ApplicationLoaderService.java:126) at com.sun.hk2.component.AbstractWombImpl.inject(AbstractWombImpl.java: 114) at com .sun.hk2.component.ConstructorWomb.initialize(ConstructorWomb.java:50) at com.sun.hk2.component.AbstractWombImpl.get(AbstractWombImpl.java:39) at com .sun.hk2.component.SingletonInhabitant.get(SingletonInhabitant.java: 22) at com.sun.hk2.component.LazyInhabitant.get(LazyInhabitant.java:71) at com .sun .hk2 .component.AbstractInhabitantImpl.get(AbstractInhabitantImpl.java:24) at com.sun.enterprise.v3.server.AppServerStartup $1.run(AppServerStartup.java:108) at java.lang.Thread.run(Thread.java:613) SEVERE [javax.enterprise.system.tools.deployment]: Exception while deploying the app java.lang.SecurityException at org .netbeans .TopSecurityManager.checkSetSecurityManager(TopSecurityManager.java: 410) at org .netbeans.TopSecurityManager.checkPermission(TopSecurityManager.java: 374) at java.lang.System.setSecurityManager0(System.java:253) at java.lang.System.setSecurityManager(System.java:245) at com .sun .enterprise.security.SecurityLifecycle.(SecurityLifecycle.java: 105) Caused: java.lang.RuntimeException at com .sun .enterprise.security.SecurityLifecycle.(SecurityLifecycle.java: 117) at sun.reflect.NativeConstructorAccessorImpl.newInstance0(Native Method) at sun .reflect .NativeConstructorAccessorImpl .newInstance(NativeConstructorAccessorImpl.java:39) at sun .reflect .DelegatingConstructorAccessorImpl .newInstance(DelegatingConstructorAccessorImpl.java:27) at java.lang.reflect.Constructor.newInstance(Constructor.java:494) at java.lang.Class.newInstance0(Class.java:350) at java.lang.Class.newInstance(Class.java:303) at com.sun.hk2.component.ConstructorWomb.create(ConstructorWomb.java:34) at com.sun.hk2.component.AbstractWombImpl.get(AbstractWombImpl.java:38) at com .sun.hk2.component.SingletonInhabitant.get(SingletonInhabitant.java: 22) at com.sun.hk2.component.LazyInhabitant.get(LazyInhabitant.java:71) at com .sun .hk2 .component.AbstractInhabitantImpl.get(AbstractInhabitantImpl.java:24) at com .sun.enterprise.security.SecuritySniffer.setup(SecuritySniffer.java: 51) at com .sun .enterprise .v3.server.ContainerStarter.startContainer(ContainerStarter.java:103) at com .sun .enterprise .v3 .server .ApplicationLifecycle.setupContainer(ApplicationLifecycle.java:662) at com .sun .enterprise .v3 .server .ApplicationLifecycle.setupContainerInfos(ApplicationLifecycle.java: 386) [catch] at com .sun .enterprise .v3.server.ApplicationLifecycle.deploy(ApplicationLifecycle.java:260) at com .sun .enterprise .v3 .services .impl .ApplicationLoaderService .processApplication(ApplicationLoaderService.java:246) at com .sun .enterprise .v3 .services .impl .ApplicationLoaderService .postConstruct(ApplicationLoaderService.java:126) at com.sun.hk2.component.AbstractWombImpl.inject(AbstractWombImpl.java: 114) at com .sun.hk2.component.ConstructorWomb.initialize(ConstructorWomb.java:50) at com.sun.hk2.component.AbstractWombImpl.get(AbstractWombImpl.java:39) at com .sun.hk2.component.SingletonInhabitant.get(SingletonInhabitant.java: 22) at com.sun.hk2.component.LazyInhabitant.get(LazyInhabitant.java:71) at com .sun .hk2 .component.AbstractInhabitantImpl.get(AbstractInhabitantImpl.java:24) at com.sun.enterprise.v3.server.AppServerStartup $1.run(AppServerStartup.java:108) at java.lang.Thread.run(Thread.java:613) INFO [javax.enterprise.system.container.web]: Using default-web.xml / Users/ludo/glassfish-10.0-SNAPSHOT/glassfish/config/../domains/ domain1/config/default-web.xml INFO [javax.enterprise.system.tools.deployment]: Cannot release container web java.util.MissingResourceException: Can't find bundle for base name org.apache.coyote.tomcat5.LocalStrings, locale en_US at java .util .ResourceBundle.throwMissingResourceException(ResourceBundle.java:836) at java.util.ResourceBundle.getBundleImpl(ResourceBundle.java:805) at java.util.ResourceBundle.getBundle(ResourceBundle.java:699) at com.sun.grizzly.util.res.StringManager.(StringManager.java:86) at com.sun.grizzly.util.res.StringManager.(StringManager.java:78) at com.sun.grizzly.util.res.StringManager.getManager(StringManager.java: 257) at org.apache.coyote.tomcat5.MapperListener.(MapperListener.java: 107) at org .apache.coyote.tomcat5.CoyoteConnector.(CoyoteConnector.java: 407) at com .sun .enterprise .web .connector.coyote.PECoyoteConnector.(PECoyoteConnector.java:255) at com.sun.enterprise.web.WebConnector.(WebConnector.java:46) at com .sun .enterprise .web.EmbeddedWebContainer.createConnector(EmbeddedWebContainer.java: 389) at org.apache.catalina.startup.Embedded.createConnector(Embedded.java: 455) at com .sun .enterprise.web.WebContainer.createHttpListener(WebContainer.java:559) at com.sun.enterprise.web.WebContainer.postConstruct(WebContainer.java: 413) at com.sun.hk2.component.AbstractWombImpl.inject(AbstractWombImpl.java: 114) at com .sun.hk2.component.ConstructorWomb.initialize(ConstructorWomb.java:50) at com.sun.hk2.component.AbstractWombImpl.get(AbstractWombImpl.java:39) at com .sun.hk2.component.SingletonInhabitant.get(SingletonInhabitant.java: 22) at com.sun.hk2.component.LazyInhabitant.get(LazyInhabitant.java:71) at com .sun .hk2 .component.AbstractInhabitantImpl.get(AbstractInhabitantImpl.java:24) at com .sun .enterprise.v3.data.ContainerInfo.getContainer(ContainerInfo.java:76) at com .sun .enterprise .v3 .server.ApplicationLifecycle.stopContainer(ApplicationLifecycle.java: 721) [catch] at com .sun .enterprise .v3 .server .ApplicationLifecycle.stopContainers(ApplicationLifecycle.java:708) at com.sun.enterprise.v3.server.ApplicationLifecycle $1.actOn(ApplicationLifecycle.java:255) at com .sun .enterprise .v3.server.ApplicationLifecycle.deploy(ApplicationLifecycle.java:285) at com .sun .enterprise .v3 .services .impl .ApplicationLoaderService .processApplication(ApplicationLoaderService.java:246) at com .sun .enterprise .v3 .services .impl .ApplicationLoaderService .postConstruct(ApplicationLoaderService.java:126) at com.sun.hk2.component.AbstractWombImpl.inject(AbstractWombImpl.java: 114) at com .sun.hk2.component.ConstructorWomb.initialize(ConstructorWomb.java:50) at com.sun.hk2.component.AbstractWombImpl.get(AbstractWombImpl.java:39) at com .sun.hk2.component.SingletonInhabitant.get(SingletonInhabitant.java: 22) at com.sun.hk2.component.LazyInhabitant.get(LazyInhabitant.java:71) at com .sun .hk2 .component.AbstractInhabitantImpl.get(AbstractInhabitantImpl.java:24) at com.sun.enterprise.v3.server.AppServerStartup $1.run(AppServerStartup.java:108) at java.lang.Thread.run(Thread.java:613)

Environment

Operating System: All Platform: All

Affected Versions

[V3]

[glassfishrobot]

• Issue Imported From: https://github.com/javaee/glassfish/issues/4591
• Original Issue Raised By:@glassfishrobot
• Original Issue Assigned To: @vbkumarjayanti
• Original Issue Closed By:@glassfishrobot

[glassfishrobot]

@glassfishrobot Commented @vbkumarjayanti said: svn diff: $ svn diff src/main/java/com/sun/enterprise/security/SecurityLifecycle.java Index: src/main/java/com/sun/enterprise/security/SecurityLifecycle.java

— src/main/java/com/sun/enterprise/security/SecurityLifecycle.java (revisio n 19603) +++ src/main/java/com/sun/enterprise/security/SecurityLifecycle.java (working copy) @@ -111,7 +111,11 @@ if (secMgr != null && !(J2EESecurityManager.class.equals(secMgr.getClass()))) { J2EESecurityManager mgr = new J2EESecurityManager();

• System.setSecurityManager(mgr);

  • try { + System.setSecurityManager(mgr); + }

  catch (SecurityException ex)

  { + _logger.log(Level.WARNING, "security.secmgr.could.not.overr ide"); + }

  }

if (_logger.isLoggable(Level.INFO)) {

[glassfishrobot]

@glassfishrobot Commented This issue was imported from java.net JIRA GLASSFISH-4591

[glassfishrobot]

@glassfishrobot Commented Reported by @vbkumarjayanti

[glassfishrobot]

@glassfishrobot Commented Marked as fixed on Monday, April 7th 2008, 1:46:48 am