search

jmpcn / openid4java

Automatically exported from code.google.com/p/openid4java
Apache License 2.0
0 stars 0 forks source link

Caused by: java.security.AccessControlException: access denied (java.lang.RuntimePermission modifyThreadGroup) #124

Closed GoogleCodeExporter closed 8 years ago

GoogleCodeExporter commented 8 years ago 
What steps will reproduce the problem?
1. Tried to Implement the Openid4Java Consumer on GWT's Default Greeting Server 
App. When I hit sedne to server button i got a below exception and PRC failed.
2. Code is failing at List<DiscoveryInformation> discoveries = manager
                    .discover("https://www.google.com/accounts/o8/id");
3.

Some how I didnt succeed with Openid4java in past 8 hrs. I have no clue, what 
is wrong.

What is the expected output? What do you see instead?
should send authRequest to OP. and set redirect URL to bean(for client 
redirection)

Code:
public String greetServer(String input) throws IllegalArgumentException {   
        RedirectObject redirectObject = authRequest(this.getThreadLocalRequest(), this.getThreadLocalResponse());   

        if(redirectObject!=null)
            return "RedirectURL :"+redirectObject.getReDirectURL();

        return "RedirectURL is NULL";

    }

    public RedirectObject authRequest(HttpServletRequest httpReq,
            HttpServletResponse httpResp){
        try {
            ConsumerManager manager = new ConsumerManager();

            String returnToUrl = "http://127.0.0.1:8888/Session.html?gwt.codesvr=127.0.0.1:9997";

            List<DiscoveryInformation> discoveries = manager
                    .discover("https://www.google.com/accounts/o8/id");

            DiscoveryInformation discovered = manager.associate(discoveries);

            httpReq.getSession().setAttribute("openid-disc", discovered);

            AuthRequest authReq = manager.authenticate(discovered, returnToUrl);

            FetchRequest fetch = FetchRequest.createFetchRequest();
            fetch.addAttribute("email",
                    "http://schema.openid.net/contact/email", true);

            authReq.addExtension(fetch);

            RedirectObject redirectObject = new RedirectObject();

            if (!discovered.isVersion2()) {
                redirectObject.setReDirectURL(authReq.getDestinationUrl(true));
                return redirectObject;
            } else {
                redirectObject.setReDirectURL(authReq.getDestinationUrl(true));
                redirectObject.setParams(authReq.getParameterMap());
                return redirectObject;
            }
        } catch (OpenIDException e) {
            e.printStackTrace();
        }

        return null;

    }

Eclipse Console Message:

WARNING: RP discovery / realm validation disabled; 
Aug 2, 2010 4:06:49 PM com.google.appengine.tools.development.ApiProxyLocalImpl 
log
SEVERE: [1280779609096000] javax.servlet.ServletContext log: Exception while 
dispatching incoming RPC call
com.google.gwt.user.server.rpc.UnexpectedException: Service method 'public 
abstract java.lang.String 
com.session.test.client.GreetingService.greetServer(java.lang.String) throws 
java.lang.IllegalArgumentException' threw an unexpected exception: 
java.security.AccessControlException: access denied 
(java.lang.RuntimePermission modifyThreadGroup)
    at com.google.gwt.user.server.rpc.RPC.encodeResponseForFailure(RPC.java:378)
    at com.google.gwt.user.server.rpc.RPC.invokeAndEncodeResponse(RPC.java:581)
    at com.google.gwt.user.server.rpc.RemoteServiceServlet.processCall(RemoteServiceServlet.java:188)
    at com.google.gwt.user.server.rpc.RemoteServiceServlet.processPost(RemoteServiceServlet.java:224)
    at com.google.gwt.user.server.rpc.AbstractRemoteServiceServlet.doPost(AbstractRemoteServiceServlet.java:62)
    at javax.servlet.http.HttpServlet.service(HttpServlet.java:713)
    at javax.servlet.http.HttpServlet.service(HttpServlet.java:806)
    at org.mortbay.jetty.servlet.ServletHolder.handle(ServletHolder.java:511)
    at org.mortbay.jetty.servlet.ServletHandler$CachedChain.doFilter(ServletHandler.java:1166)
    at com.google.appengine.api.blobstore.dev.ServeBlobFilter.doFilter(ServeBlobFilter.java:51)
    at org.mortbay.jetty.servlet.ServletHandler$CachedChain.doFilter(ServletHandler.java:1157)
    at com.google.apphosting.utils.servlet.TransactionCleanupFilter.doFilter(TransactionCleanupFilter.java:43)
    at org.mortbay.jetty.servlet.ServletHandler$CachedChain.doFilter(ServletHandler.java:1157)
    at com.google.appengine.tools.development.StaticFileFilter.doFilter(StaticFileFilter.java:122)
    at org.mortbay.jetty.servlet.ServletHandler$CachedChain.doFilter(ServletHandler.java:1157)
    at org.mortbay.jetty.servlet.ServletHandler.handle(ServletHandler.java:388)
    at org.mortbay.jetty.security.SecurityHandler.handle(SecurityHandler.java:216)
    at org.mortbay.jetty.servlet.SessionHandler.handle(SessionHandler.java:182)
    at org.mortbay.jetty.handler.ContextHandler.handle(ContextHandler.java:765)
    at org.mortbay.jetty.webapp.WebAppContext.handle(WebAppContext.java:418)
    at com.google.apphosting.utils.jetty.DevAppEngineWebAppContext.handle(DevAppEngineWebAppContext.java:70)
    at org.mortbay.jetty.handler.HandlerWrapper.handle(HandlerWrapper.java:152)
    at com.google.appengine.tools.development.JettyContainerService$ApiProxyHandler.handle(JettyContainerService.java:349)
    at org.mortbay.jetty.handler.HandlerWrapper.handle(HandlerWrapper.java:152)
    at org.mortbay.jetty.Server.handle(Server.java:326)
    at org.mortbay.jetty.HttpConnection.handleRequest(HttpConnection.java:542)
    at org.mortbay.jetty.HttpConnection$RequestHandler.content(HttpConnection.java:938)
    at org.mortbay.jetty.HttpParser.parseNext(HttpParser.java:755)
    at org.mortbay.jetty.HttpParser.parseAvailable(HttpParser.java:218)
    at org.mortbay.jetty.HttpConnection.handle(HttpConnection.java:404)
    at org.mortbay.io.nio.SelectChannelEndPoint.run(SelectChannelEndPoint.java:409)
    at org.mortbay.thread.QueuedThreadPool$PoolThread.run(QueuedThreadPool.java:582)
Caused by: java.security.AccessControlException: access denied 
(java.lang.RuntimePermission modifyThreadGroup)
    at java.security.AccessControlContext.checkPermission(Unknown Source)
    at java.security.AccessController.checkPermission(Unknown Source)
    at java.lang.SecurityManager.checkPermission(Unknown Source)
    at com.google.appengine.tools.development.DevAppServerFactory$CustomSecurityManager.checkPermission(DevAppServerFactory.java:166)
    at com.google.appengine.tools.development.DevAppServerFactory$CustomSecurityManager.checkAccess(DevAppServerFactory.java:191)
    at java.lang.ThreadGroup.checkAccess(Unknown Source)
    at java.lang.Thread.init(Unknown Source)
    at java.lang.Thread.<init>(Unknown Source)
    at org.apache.commons.httpclient.MultiThreadedHttpConnectionManager$ReferenceQueueThread.<init>(MultiThreadedHttpConnectionManager.java:1039)
    at org.apache.commons.httpclient.MultiThreadedHttpConnectionManager.storeReferenceToConnection(MultiThreadedHttpConnectionManager.java:164)
    at org.apache.commons.httpclient.MultiThreadedHttpConnectionManager.access$900(MultiThreadedHttpConnectionManager.java:64)
    at org.apache.commons.httpclient.MultiThreadedHttpConnectionManager$ConnectionPool.createConnection(MultiThreadedHttpConnectionManager.java:750)
    at org.apache.commons.httpclient.MultiThreadedHttpConnectionManager.doGetConnection(MultiThreadedHttpConnectionManager.java:469)
    at org.apache.commons.httpclient.MultiThreadedHttpConnectionManager.getConnectionWithTimeout(MultiThreadedHttpConnectionManager.java:394)
    at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(HttpMethodDirector.java:152)
    at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:396)
    at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:324)
    at org.openid4java.util.HttpCache.head(HttpCache.java:296)
    at org.openid4java.discovery.yadis.YadisResolver.retrieveXrdsLocation(YadisResolver.java:360)
    at org.openid4java.discovery.yadis.YadisResolver.discover(YadisResolver.java:229)
    at org.openid4java.discovery.yadis.YadisResolver.discover(YadisResolver.java:221)
    at org.openid4java.discovery.yadis.YadisResolver.discover(YadisResolver.java:179)
    at org.openid4java.discovery.Discovery.discover(Discovery.java:134)
    at org.openid4java.discovery.Discovery.discover(Discovery.java:114)
    at org.openid4java.consumer.ConsumerManager.discover(ConsumerManager.java:527)
    at com.session.test.server.GreetingServiceImpl.authRequest(GreetingServiceImpl.java:51)
    at com.session.test.server.GreetingServiceImpl.greetServer(GreetingServiceImpl.java:30)
    at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
    at sun.reflect.NativeMethodAccessorImpl.invoke(Unknown Source)
    at sun.reflect.DelegatingMethodAccessorImpl.invoke(Unknown Source)
    at java.lang.reflect.Method.invoke(Unknown Source)
    at com.google.appengine.tools.development.agent.runtime.Runtime.invoke(Runtime.java:100)
    at com.google.gwt.user.server.rpc.RPC.invokeAndEncodeResponse(RPC.java:562)
    ... 30 more

What version of the product are you using? On what operating system?
Eclipse: 3.4 Galileo
App Engine 1.3.4
GWT 2.0.3
OpenId4Java: penid4java-full-0.9.5.593

Please provide any additional information below.

Original issue reported on code.google.com by mohamed....@gmail.com on 2 Aug 2010 at 8:18

GoogleCodeExporter commented 8 years ago 
this is the same defect like issue 111.
have a look there, and u will get closer to the solution
regards,
Ohad

Original comment by ohad.red...@gmail.com on 4 Aug 2010 at 9:25

GoogleCodeExporter commented 8 years ago

Original comment by Johnny.B...@gmail.com on 31 Oct 2012 at 11:45