When using Wildfly 8, the Bouncycastle provider seems to be loaded automatically even when no applications are loaded - found this by setting the -Djava.security.provider option in standalone.bat (found the line Set BC provider property in the server.log file). Removing BC module itself prevents Wildfly from starting (error from Weld as I remember). I don't have BC as listed provider in java.security.policy also.
Wildfly 9 does not seem to auto load BC, but if I hit any URL of my REST application that uses Resteasy, the BC provider properties get set (the Set BC provider property line). I a unable to figure out what adds the BC provider as this happens even with a simple endpoint that returns a text. Resteasy does use BC but could that be the reason? I have excluded almost all references to code in app that loads BC provider. How to exclude BouncyCastle(BC) from being loaded in Wildfly?
Thanks,
Paddy
Resteasy module seems to be the culprit behind adding BouncyCastle as provider (it needs BouncyCastle for SMIME encryption). With Wildfly 9, this subsystem does not seem to get automatically loaded (only if your application uses Resteasy) and can be excluded using the following in jboss-deployment-structure.xml
<exclude-subsystems>
<subsystem name="jaxrs"/>
</exclude-subsystems>
But in Wildfly 8, the BC provider gets added even when no app is deployed (the provider debugging can be done using the -Djava.security.provider option in JAVA_OPTS). So if you are OK with the option of changing standalone.xml, then remove the webservices subsystem and this problem gets resolved.
Thanks,
Paddy
Related
I have a web application that used to run fine on many web servers (tomcat, jboss, weblogic and websphere). Now, however, it has an error when deploying on WebSphere 9.
The app contains the jar javax.transaction-api-1.2. Some of its classes, e.g., javax.transaction.xa.XAResource, are also included in Java SE, but not all of them. Some are specific to Java EE and are required by some 3rd-party libraries in my app. The app is always deploying with child-first (parent-last) classloader.
WebSphere 9 throws this error during startup when the app tries to load the Oracle JDBC driver:
java.lang.LinkageError: loading constraint violation: loader "com/ibm/ws/classloader/CompoundClassLoader#7157be44" previously initiated loading for a different type with name
"javax/transaction/xa/XAResource" defined by loader "com/ibm/oti/vm/BootstrapClassLoader#422c7b1b"
Note that we aren't actually using XA transactions in the app, we are using regular transactions.
On other servers, and previous versions of WebSphere, it was never a problem. The server didn't care that we load XAResource from inside the war, even if it was previously loaded somewhere in the server. Now WebSphere 9 is different, it says that the app classloader already loaded this class from the server, but I don't know why or when did this happen.
Any idea how to solve this?
Remove the transaction API from your application. JTA 1.2 is already included in the server and provides no value in your applications. It's always risky to bring Java EE/SE APIs in a parent-last class loader unless you are 100% certain that they are technically necessary, because they can lead to issues like this one.
I can't say how this worked in previous server versions (there have been some Java-level changes in enforcing linkage issues like this), but the solution is reasonably straightforward.
At the end we did two things to solve this problem.
1) We upgraded the jta jar to version 1.3 (link here). This jar solves the problem by avoiding duplicate classes - it contains only J2EE classes and omits the J2SE classes that are already included in the JVM.
2) We upgraded WebSphere server from 9.0.0.7 to 9.0.0.11.
At the time, I suspected just upgrading the jar should suffice, but our QA had some issues with it and they also upgraded the server. Due to lack of time, we didn't investigate it further and just decided to do both.
I am trying to do session management using tomcat modules in gemFire. Reference link we used is [https://gemfire.docs.pivotal.io/95/geode/tools_modules/http_session_mgmt/tomcat_installing_the_module.html].
Application server that we are using is tomee 7.0.5. After making the changes mentioned in the link. When i tried to make the server up, we were getting an error "getContainer() method not found in class DeltaSessionManager".There is a module geode-modules-9.5.1.jar provided by gemFire(gfsh Client) which helps for session management. Inside that there is a class DeltaSessionManager which extends another class org.apache.catalina.session.ManagerBase . But the ManagerBase class in catalina.jar inside tomee 7.0.5 doesn't have this method. But when we downloaded tomcat catalina jar separately we were able to see this method. Is there any difference in the approach for tomee.
Any help would be appreciable
Looking at the tomee source code, I suspect tomee 7.0.5 is actually embedding Tomcat 8. In that case, you need to use Tomcat8DeltaSessionManager, which supports Tomcat 8 and above.
I'm using Apache Camel in a project and when I needed to use the camel-ftp component to send some files to an remote server, I've got this exception:
com.jcraft.jsch.JSchException: Session.connect: java.security.NoSuchAlgorithmException: DH KeyPairGenerator not available
I was wondering why it could be happening in my project. So, I've started a quick small project with camel-core and camel-ftp components only and I pasted the route there and it worked fine.
from("file:data/input?noop=true")
.log("Uploading file ${file:name}")
.to("sftp://www.mydestination.com:22/../opt/tmp?autoCreate=false&username=MyUser&password=MyPassword&passiveMode=true")
.log("Uploaded file ${file:name} complete.");
I'm using Apache Karaf to run OSGI Bundles (my application is one of them). I've checked in different environments but the result still beeing the exception.
I really don't know what it could be. Anyone has some ideas about what can be the possible cause of it?
DH KeyPair Generator is normally part of the JRE/JSE and should be included if your JDK (>BTW which exact JDK version are you using ?).
Given that, your error is probably due to a wrong classpath.
I suggest you to check the value of "-Djava.ext.dirs" property (and the contents of the corresponding folders), for instance:
Windows:
java -Djava.ext.dirs="C:\Program Files\Java\jdk1.6.0_07\jre\lib\ext;C:\dir2"
Unix:
java -Djava.ext.dirs=$JAVA_HOME/jre/lib/ext:/dir2
You also need to specify/modify the Karaf security provider, take a look at:
https://karaf.apache.org/manual/latest/security
I am looking at externalizing certain configuration parameters for ehcache in our Grails application and I am running into something not working that the documentation claims ought to.
Likely there is something I am missing.
I am using the grails ehcache plugin version 1.0.1 with Grails 2.4.0 and grails cache plugin 1.1.7. I am using hibernate plugin 3.6.10.16.
Here's what I have in my CacheConfig.groovy configuration...
...
cacheManagerPeerProviderFactory {
peerDiscovery 'automatic'
factoryType 'rmi'
multicastGroupAddress '${ehcacheMulticastGroupAddress}'
multicastGroupPort '${ehcacheMulticastGroupPort}'
timeToLive 'site'
}
I've turned on debug-level logging so I can see what XML it generates. Here's the relevant snippet:
<cacheManagerPeerProviderFactory class='net.sf.ehcache.distribution.RMICacheManagerPeerProviderFactory'
properties="peerDiscovery=automatic,multicastGroupAddress=${ehcacheMulticastGroupAddress},multicastGroupPort=${ehcacheMulticastGroupPort},timeToLive=32"
propertySeparator=','
/>
The grails ehcache plugin documentation has the following note, which I was hoping to "prove out"...
(note that ${ehcacheMulticastGroupAddress} and ${ehcacheMulticastGroupPort} are an Ehcache feature that lets you use system property names as variables to be resolved at runtime)
Great. Except that it doesn't work when I start the application. It fails to create CacheManagerPeerProvider due to the following
...
Caused by UnknownHostException: ${ehcacheMulticastGroupAddress}
->> 901 | lookupAllHostAddr in java.net.InetAddress$1
...
I have a myApplication-config.groovy file living in an accessible area that I point to when assigning a value to grails.config.locations in Config.groovy. But I am not sure it is making any effort to really interpolate that value at all.
I tried double quotes but they were a bad idea as well -- at the time of interpreting CacheConfig.groovy it doesn't see the configuration I put into myApplication-config.groovy. I do know it reads that file in successfully at some point because I successfully use it to drive some Quartz job logic, so the placement of that config file is probably not the issue.
The answer is that I need to set SYSTEM PROPERTIES for ehcache to find. Using Grails configuration files such as myApplication-config.groovy is completely incorrect.
The CacheConfig.groovy file is correct, as is the XML it generates. So the question becomes, how do the properties it looks for get set correctly in the first place?
I am deploying to Tomcat. For Tomcat, setting system properties makes the most sense in a setenv.bat file (or setenv.sh on *nix).
I created setenv.bat, put the following into it
set CATALINA_OPTS=%CATALINA_OPTS% -DehcacheMulticastGroupAddress=230.0.0.1 -DehcacheMulticastGroupPort=4446 -DehcachePeerListenerPort=40001
...And it worked. Ehcache was able to find the system properties and start everything appropriately.
tl;dr: system properties != grails application config
we have a WAR packaged web application which works on a development machine. It consists of Java EE 5 + Seam 2.2.1 + Hibernate 3.3.1. It uses an Oracle 10g XE database and runs on the latest Tomcat 6 using JDK 1.6.0_24. The system is a 64bit Windows 7 Pro and uses Firefox 6.
Now, we tried to migrate the application to Oracle WebLogic 10.3.5. We followed the Seam manual for specifying the datasource, deploying the JSF lib and configuring the necessary xml-Files. In parallel to that, we verified that a newly seam-gen generated application using the same datasource and having the xml files configured as stated works fine.
But if we try our own application on WebLogic, allthough the deployment works fine, when trying to open the web application in the browser, it shows that endless redirection occured. We don't see any stacktrace or log error, even when configuring log4j in WebLogic. When analyzing the request with Firebug, we see the get request to "login.seam" and then 20 times a get request for "error.seam" (or "debug.seam when setting debug mode) with the response "302 Moved Temporarily".
I worked on that all week now, trying to compare all configurations and couldn't solve it - so I hope to get any ideas what could cause that problem and how to solve it!
I could pin down the problem to starting a transaction on the JTA persistence context.
I still don't understand why I didn't see any log message or stacktrace and why this also happens on the debug/error page (that's why the endless redirect occured).
I ended up using RESOURCE_LOCAL so far, but I'm not sure if this is the right thing to do.
The alternative is disabling the seam transaction setting, but then it didn't work together with the development build which still runs on Tomcat.