I've a simple HelloWorld applet, I am embedding that in the HTML. It worked fine. But I put the applet in the jar and signed the jar, but it does not load saying "Self signed jars can't be supported" I am signing using ICA issued cert.
More over we never faced this issue before 1.7.51 version.
BTW : I went through Oracle Documentation on adding parameters
According to it I tried to add following attributes in the signed MANIFEST.MF namely :
Permissions: sandbox, Trusted-Library: true
but this also did not help.
I am not sure I'am missing something.
Manifest looks like this :
Manifest-Version: 1.0
Trusted-Library: true
Permissions: all-permissions
Application-Library-Allowable-Codebase: *
Caller-Allowable-Codebase: *
Codebase: *
Created-By: 1.7.0_45 (Oracle Corporation)
Name: HelloWorld$1.class
SHA1-Digest: xcxzcbxzcbxzcbxzcb=
Name: HelloWorld.class
SHA1-Digest: xaadfasfdasdfsafd=
Adding console logs :
com.sun.deploy.security.BlockedException: Your security settings have blocked a self-signed application from running
at com.sun.deploy.security.SandboxSecurity.showBlockedDialog(Unknown Source)
at com.sun.deploy.security.TrustDecider.askUser(Unknown Source)
at com.sun.deploy.security.TrustDecider.validateChain(Unknown Source)
at com.sun.deploy.security.TrustDecider.isAllPermissionGranted(Unknown Source)
at sun.plugin2.applet.Plugin2ClassLoader.isTrustedByTrustDecider(Unknown Source)
at sun.plugin2.applet.Plugin2ClassLoader.getTrustedCodeSources(Unknown Source)
at com.sun.deploy.security.CPCallbackHandler$ParentCallback.strategy(Unknown Source)
at com.sun.deploy.security.CPCallbackHandler$ParentCallback.openClassPathElement(Unknown Source)
at com.sun.deploy.security.DeployURLClassPath$JarLoader.getJarFile(Unknown Source)
at com.sun.deploy.security.DeployURLClassPath$JarLoader.access$1000(Unknown Source)
at com.sun.deploy.security.DeployURLClassPath$JarLoader$1.run(Unknown Source)
at java.security.AccessController.doPrivileged(Native Method)
at com.sun.deploy.security.DeployURLClassPath$JarLoader.ensureOpen(Unknown Source)
Thanks.
JE
The Trusted-Library entry is relevant only before Java 1.7.45. Since that you need to add the parameters mentioned in that question.
Well I found the solution for this :
Check following three things.
1) Certificate has valid chain upto root and CA/ICA are public root.
2) Manifest.MF must have 2 attributes.
Codebase: < location/hostname on which you are going to deploy your jar>
Permissions: One of two values (Sandbox or all-permissions)
Check more information here.
Related
I have built my app with JavaFX 11 and now I need to distribute it. I have chosen to distribute it in two ways: cross-platform fat-jar (I know, I know, it is discouraged, but that is not the point) and platform specific image created with jlink.
I am building on Linux Mint 20.1. I am using Maven and creating runtime image with javafx-maven-plugin. I have JDKs for both platforms on my Linux machine and pointed to the corresponding jmods folder in pom.xml.
The built fat-jar works on both Linux and Windows where both have installed the latest Java SDK (11.0.12).
The image for Linux also works without problems.
However, the image for Windows does not run and the output of -Dprism.verbose=true is this:
B:\Data\sjsm\releases\1.0\sjsm-1.0-win\bin>sjsm-1.0-launcher.bat Prism pipeline init order: d3d sw
Using Double Precision Marlin Rasterizer
Using dirty region optimizations
Not using texture mask for primitives
Not forcing power of 2 sizes for textures
Using hardware CLAMP_TO_ZERO mode
Opting in for HiDPI pixel scaling
Prism pipeline name = com.sun.prism.d3d.D3DPipeline
GraphicsPipeline.createPipeline failed for com.sun.prism.d3d.D3DPipeline
java.lang.ClassNotFoundException: com.sun.prism.d3d.D3DPipeline
at java.base/jdk.internal.loader.BuiltinClassLoader.loadClass(Unknown Source)
at java.base/jdk.internal.loader.ClassLoaders$AppClassLoader.loadClass(Unknown Source)
at java.base/java.lang.ClassLoader.loadClass(Unknown Source)
at java.base/java.lang.Class.forName0(Native Method)
at java.base/java.lang.Class.forName(Unknown Source)
at javafx.graphics/com.sun.prism.GraphicsPipeline.createPipeline(Unknown Source)
at javafx.graphics/com.sun.javafx.tk.quantum.QuantumRenderer$PipelineRunnable.init(Unknown Source)
at javafx.graphics/com.sun.javafx.tk.quantum.QuantumRenderer$PipelineRunnable.run(Unknown Source)
at java.base/java.lang.Thread.run(Unknown Source)
*** Fallback to Prism SW pipeline
Prism pipeline name = com.sun.prism.sw.SWPipeline
GraphicsPipeline.createPipeline failed for com.sun.prism.sw.SWPipeline
java.lang.UnsatisfiedLinkError: no prism_sw in java.library.path: [B:\Data\sjsm\releases\1.0\sjsm-1.0-win\bin, C:\WINDOWS\Sun\Java\bin, C:\WINDOWS\system32, C:\WINDOWS, C:\Program Files\Eclipse Foundation\jdk-11.0.12.7-hotspot\bin, C:\WINDOWS\system32, C:\WINDOWS, C:\WINDOWS\System32\Wbem, C:\WINDOWS\System32\WindowsPowerShell\v1.0\, C:\WINDOWS\System32\OpenSSH\, C:\Program Files\dotnet\, B:\xampp\php, B:\MinGW\bin, C:\Program Files\Microsoft SQL Server\120\Tools\Binn\, B:\Git\cmd, B:\Matlab R2020a\bin, B:\Microsoft VS Code\bin, C:\Users\User\AppData\Local\Microsoft\WindowsApps, B:\xampp\php, ., .]
at java.base/java.lang.ClassLoader.loadLibrary(Unknown Source)
at java.base/java.lang.Runtime.loadLibrary0(Unknown Source)
at java.base/java.lang.System.loadLibrary(Unknown Source)
at javafx.graphics/com.sun.glass.utils.NativeLibLoader.loadLibraryInternal(Unknown Source)
at javafx.graphics/com.sun.glass.utils.NativeLibLoader.loadLibrary(Unknown Source)
at javafx.graphics/com.sun.prism.sw.SWPipeline.lambda$static$0(Unknown Source)
at java.base/java.security.AccessController.doPrivileged(Native Method)
at javafx.graphics/com.sun.prism.sw.SWPipeline.<clinit>(Unknown Source)
at java.base/java.lang.Class.forName0(Native Method)
at java.base/java.lang.Class.forName(Unknown Source)
at javafx.graphics/com.sun.prism.GraphicsPipeline.createPipeline(Unknown Source)
at javafx.graphics/com.sun.javafx.tk.quantum.QuantumRenderer$PipelineRunnable.init(Unknown Source)
at javafx.graphics/com.sun.javafx.tk.quantum.QuantumRenderer$PipelineRunnable.run(Unknown Source)
at java.base/java.lang.Thread.run(Unknown Source)
Graphics Device initialization failed for : d3d, sw
Error initializing QuantumRenderer: no suitable pipeline found
java.lang.RuntimeException: java.lang.RuntimeException: Error initializing QuantumRenderer: no suitable pipeline found
at javafx.graphics/com.sun.javafx.tk.quantum.QuantumRenderer.getInstance(Unknown Source)
at javafx.graphics/com.sun.javafx.tk.quantum.QuantumToolkit.init(Unknown Source)
at javafx.graphics/com.sun.javafx.tk.Toolkit.getToolkit(Unknown Source)
at javafx.graphics/com.sun.javafx.application.PlatformImpl.startup(Unknown Source)
at javafx.graphics/com.sun.javafx.application.PlatformImpl.startup(Unknown Source)
at javafx.graphics/com.sun.javafx.application.LauncherImpl.startToolkit(Unknown Source)
at javafx.graphics/com.sun.javafx.application.LauncherImpl.launchApplication1(Unknown Source)
at javafx.graphics/com.sun.javafx.application.LauncherImpl.lambda$launchApplication$2(Unknown Source)
at java.base/java.lang.Thread.run(Unknown Source)
Caused by: java.lang.RuntimeException: Error initializing QuantumRenderer: no suitable pipeline found
at javafx.graphics/com.sun.javafx.tk.quantum.QuantumRenderer$PipelineRunnable.init(Unknown Source)
at javafx.graphics/com.sun.javafx.tk.quantum.QuantumRenderer$PipelineRunnable.run(Unknown Source)
... 1 more
Exception in thread "main" java.lang.RuntimeException: No toolkit found
at javafx.graphics/com.sun.javafx.tk.Toolkit.getToolkit(Unknown Source)
at javafx.graphics/com.sun.javafx.application.PlatformImpl.startup(Unknown Source)
at javafx.graphics/com.sun.javafx.application.PlatformImpl.startup(Unknown Source)
at javafx.graphics/com.sun.javafx.application.LauncherImpl.startToolkit(Unknown Source)
at javafx.graphics/com.sun.javafx.application.LauncherImpl.launchApplication1(Unknown Source)
at javafx.graphics/com.sun.javafx.application.LauncherImpl.lambda$launchApplication$2(Unknown Source)
at java.base/java.lang.Thread.run(Unknown Source)
I got the same response when I tried to run the project from source on Windows. (I copied the project to Windows, installed maven, and it would not even run with javafx:run, let alone jlink with javafx:jlink)
I have tried many links on Google and none of them works, People either have something missing in their installation (I have everything installed at least as far as I have found) or the issue pops up in a different situation (when packaging a fat-jar for example, or running their application from IDE).
What I have not tried so far is creating the image by hand from command line, since I have read many times that it is discourage compared to using a build tool like Maven.
What can I try next?
java.lang.UnsatisfiedLinkError: no prism_sw in java.library.path
Means you're definitely missing some dlls from your library path, although this could only be a part of the problem.
When you download javafx sdk for windows from this link, you get a zip with the following structure:
The bin folder contains all the natives you need to run JavaFx (on windows, or the platform you downloaded the sdk for)
Note that you don't always need all the natives, jfxwebkit.dll for example is only needed when you work with javafx-web.
You need to extract them somewhere and add the folder you extracted them in to the library path when you run the java program
java "-Djava.library.path=path_to_natives" -classpath "your_classpath" <Your main class>
I have managed to solve this. The javafx-maven-plugin expects in <jModsPath> a colon separated list of paths to ALL jmods, not just the standard oridinary JDK. It pulls what's missing out of maven repository I think but ignores all platform clasifiers.
I'm currently running a derby DB instance created from version 10.13.1.1
I connect via the network mode (startNetworkServer) running on a redhat server.
I'm now wanting to upgrade to version 10.14.2.0
However, when trying to connect to the upgraded database, I receive an access denied "java.io.FilePermission" error.
Details:
I went and downloaded both version 10.13.1.1 and 10.14.2.0 onto my windows desktop.
A backup of the database is created using the following command: SYSCS_UTIL.SYSCS_BACKUP_DATABASE
I copied this backup to both the 10.13 and 10.14 folders.
Starting with my current version (13) i start the network server, and then use ij to connect to the database. This works fine, and i can see the tables. This validates my backup is fine.
connect 'jdbc:derby://localhost:1527/c:\Temp\13\database;create=false';
I then start my 14 versions network server, and then go to 14's ij. When I try to connect to the backup:
connect 'jdbc:derby://localhost:1527/c:\Temp\14\database;create=false';
I get the filePermission error:
ERROR XJ001: DERBY SQL error: ERRORCODE: 0, SQLSTATE: XJ001, SQLERRMC: java.security.AccessControlException
access denied ("java.io.FilePermission" "C:\Temp\updating_derby\threatadvisor" "read")
XJ001.U
Fair enough, I assume this is because i'm trying to connect to an older version, without having run the upgrade=true parameter. When I remove the create parameter, and add the upgrade parameter, it still fails with the same issue.
Ok, so perhaps I can't upgrade a DB via the network server, and I have to directly connect to the DB. From within my app, I use the following connection string:
jdbc:derby:C:/Temp/14/database;upgrade=true;
The app has the version 14 jar on the classpath, so should use it and upgrade. Which it does, the app starts normally and I see all the data. How do I know it upgraded? Because I tried to connect to this 14 database using 13 network server and ij, and it fails (as expected due to version).
So i'm done right? No, I once more try to connect to this now upgraded database via the network server, using ij and i once again get the java.io.FilePermission issue.
I went in and ensured the actual OS permissions on the folders and files inside the "database" folder are not just read-only. None are. Yet still it errors.
I've even tried running 14 network server on the redhat box (on a different port), and trying to connect to this db via ij and even there i get the file permission issue.
I'm really at a loss as to what to do next. Please help!
FYI, the full issue from the derby.log file:
Tue Jun 11 12:04:15 AEST 2019 : Apache Derby Network Server - 10.14.2.0 - (1828579) started and ready to accept connections on port 1527
Tue Jun 11 12:04:28 AEST 2019 Thread[DRDAConnThread_2,5,main] Cleanup action starting
java.security.AccessControlException: access denied ("java.io.FilePermission" "C:\Temp\14\database" "read")
at java.security.AccessControlContext.checkPermission(AccessControlContext.java:472)
at java.security.AccessController.checkPermission(AccessController.java:884)
at java.lang.SecurityManager.checkPermission(SecurityManager.java:549)
at java.lang.SecurityManager.checkRead(SecurityManager.java:888)
at java.io.File.exists(File.java:814)
at java.io.WinNTFileSystem.canonicalize(WinNTFileSystem.java:434)
at java.io.File.getCanonicalPath(File.java:618)
at org.apache.derby.impl.io.DirStorageFactory.doInit(Unknown Source)
at org.apache.derby.impl.io.BaseStorageFactory.init(Unknown Source)
at org.apache.derby.impl.io.DirStorageFactory.init(Unknown Source)
at org.apache.derby.impl.services.monitor.StorageFactoryService.privGetStorageFactoryInstance(Unknown Source)
at org.apache.derby.impl.services.monitor.StorageFactoryService.access$400(Unknown Source)
at org.apache.derby.impl.services.monitor.StorageFactoryService$12.run(Unknown Source)
at org.apache.derby.impl.services.monitor.StorageFactoryService$12.run(Unknown Source)
at java.security.AccessController.doPrivileged(Native Method)
at org.apache.derby.impl.services.monitor.StorageFactoryService.getCanonicalServiceName(Unknown Source)
at org.apache.derby.impl.services.monitor.BaseMonitor.findProviderAndStartService(Unknown Source)
at org.apache.derby.impl.services.monitor.BaseMonitor.startPersistentService(Unknown Source)
at org.apache.derby.iapi.services.monitor.Monitor.startPersistentService(Unknown Source)
at org.apache.derby.impl.jdbc.EmbedConnection$4.run(Unknown Source)
at org.apache.derby.impl.jdbc.EmbedConnection$4.run(Unknown Source)
at java.security.AccessController.doPrivileged(Native Method)
at org.apache.derby.impl.jdbc.EmbedConnection.startPersistentService(Unknown Source)
at org.apache.derby.impl.jdbc.EmbedConnection.bootDatabase(Unknown Source)
at org.apache.derby.impl.jdbc.EmbedConnection.(Unknown Source)
at org.apache.derby.jdbc.InternalDriver$1.run(Unknown Source)
at org.apache.derby.jdbc.InternalDriver$1.run(Unknown Source)
at java.security.AccessController.doPrivileged(Native Method)
at org.apache.derby.jdbc.InternalDriver.getNewEmbedConnection(Unknown Source)
at org.apache.derby.jdbc.InternalDriver.connect(Unknown Source)
at org.apache.derby.jdbc.InternalDriver.connect(Unknown Source)
at org.apache.derby.jdbc.EmbeddedDriver.connect(Unknown Source)
at org.apache.derby.impl.drda.Database.makeConnection(Unknown Source)
at org.apache.derby.impl.drda.DRDAConnThread.getConnFromDatabaseName(Unknown Source)
at org.apache.derby.impl.drda.DRDAConnThread.verifyUserIdPassword(Unknown Source)
at org.apache.derby.impl.drda.DRDAConnThread.parseSECCHK(Unknown Source)
at org.apache.derby.impl.drda.DRDAConnThread.parseDRDAConnection(Unknown Source)
at org.apache.derby.impl.drda.DRDAConnThread.processCommands(Unknown Source)
at org.apache.derby.impl.drda.DRDAConnThread.run(Unknown Source)
Cleanup action completed
EDIT 1
Now trying to setup the security.policy file as per this guide. However, after creating a new policy file based off the template in the demo directory, we can't even get derby to pick up our file.
When we try to run:
java -classpath "C:\Temp\14\lib\derby.jar;C:\Temp\14\lib\derbynet.jar;C:\Temp\14\lib\derbyclient.jar;C:\Temp\14\lib\derbytools.jar;C:\Temp\14\lib\derbyoptionaltools.jar" -Djava.security.manager -Djava.security.policy=C:\Temp\14\server.policy org.apache.derby.drda.NetworkServerControl start
We get the following error:
java.security.AccessControlException: access denied org.apache.derby.security.SystemPermission( "engine", "usederbyinternals" )
at java.security.AccessControlContext.checkPermission(AccessControlContext.java:472)
at java.security.AccessController.checkPermission(AccessController.java:884)
at org.apache.derby.iapi.security.SecurityUtil.checkDerbyInternalsPrivilege(Unknown Source)
at org.apache.derby.iapi.services.monitor.Monitor.getMonitorLite(Unknown Source)
at org.apache.derby.iapi.services.property.PropertyUtil$2.run(Unknown Source)
at org.apache.derby.iapi.services.property.PropertyUtil$2.run(Unknown Source)
at java.security.AccessController.doPrivileged(Native Method)
at org.apache.derby.iapi.services.property.PropertyUtil.getMonitorLite(Unknown Source)
at org.apache.derby.iapi.services.property.PropertyUtil.getSystemProperty(Unknown Source)
at org.apache.derby.iapi.services.property.PropertyUtil.getSystemProperty(Unknown Source)
at org.apache.derby.impl.drda.NetworkServerControlImpl.init(Unknown Source)
at org.apache.derby.impl.drda.NetworkServerControlImpl.(Unknown Source)
at org.apache.derby.drda.NetworkServerControl.main(Unknown Source)
I know this line is in the policy file (and uncommented):
permission org.apache.derby.security.SystemPermission "engine", "usederbyinternals";
However, I don't think it is even picking up our policy file, as if we change our reference to a non-existing policy file, we still get the same error.
Thanks to #BryanPendleton for pointing me in the right direction. For the initial issue, it was indeed because we needed the server.policy file. His link was helpful:
db.apache.org/derby/docs/10.14/security/csecjavasecurity.html
The second issue which we were having was resolved by using the server.policy file template located here:
https://builds.apache.org/job/Derby-docs/lastSuccessfulBuild/artifact/trunk/out/security/rsecbasicserver.html
Instead of the one provided in the download (the one in the derby download didn't have as many jars mentioned in it). More to the point, the way we referenced the jars had to be tweaked. You will see all the examples were for unix format, whereas we were developing on a test windows PC. Therefore instead of something like (unix):
grant codeBase "file:///home/someone/derby/lib/derby.jar"
We needed to do:
grant codeBase "file:///C:/Temp/14/lib/derby.jar"
Note the additional '/' after 'file' - we had assumed it was merely "file://C:...."
There is another solution to the problem which is to use this code:
https://github.com/apache/hive/blob/master/core/src/test/java/org/apache/hive/hcatalog/DerbyPolicy.java
and use this:
Policy.setPolicy(new DerbyPolicy());
To get a policy set programmatically.
I am new to SonarQube and trying to run the analytics on all the extensions in one go. I am able to run it successfully for extensions individually but when I run "ant sonar" with hybris, it gives me below exception:
[echo] - sonar.jdbc.url : ${sonar.jdbc.url}
[echo] - sonar.projectName : Superproject
[echo] - sonar.project.key : superprojectkey
[echo] - sonar.project.version : 1.0
[echo] - sonar.excludedExtensions :
[echo] - sonar.language : java
[echo] *************************************************
[echo]
r:sonar] Apache Ant(TM) version 1.9.1 compiled on May 15 2013
r:sonar] Sonar Ant Task version: 2.1
r:sonar] Loaded from: file:/E:/hybris/bin/platform/resources/ant
r:sonar] INFO: Default locale: "en_IN", source code encoding: "UTF-8"
r:sonar] INFO: Work directory: E:\hybris\bin\platform\.sonar
r:sonar] ERROR: Sonar server 'http://localhost:9000' can not be reached
E:\\hybris\bin\platform\resources\ant\sonar.xml:84: org.sonar.runner.kevinsawicki.Ht
at org.sonar.runner.kevinsawicki.HttpRequest.code(HttpRequest.java:1392)
at org.sonar.runner.kevinsawicki.HttpRequest.ok(HttpRequest.java:1417)
at org.sonar.runner.impl.ServerConnection.downloadString(ServerConnection.java:83)
at org.sonar.runner.impl.ServerVersion.downloadVersion(ServerVersion.java:49)
at org.sonar.runner.impl.ServerVersion.version(ServerVersion.java:40)
at org.sonar.runner.impl.ServerVersion.is35Compatible(ServerVersion.java:64)
at org.sonar.runner.impl.JarDownloader.download(JarDownloader.java:39)
at org.sonar.runner.impl.BatchLauncher$1.run(BatchLauncher.java:59)
at java.security.AccessController.doPrivileged(Native Method)
at org.sonar.runner.impl.BatchLauncher.doExecute(BatchLauncher.java:57)
at org.sonar.runner.impl.BatchLauncher.execute(BatchLauncher.java:50)
at org.sonar.runner.api.EmbeddedRunner.doExecute(EmbeddedRunner.java:71)
at org.sonar.runner.api.Runner.execute(Runner.java:89)
at org.sonar.ant.SonarTask.launchAnalysis(SonarTask.java:53)
at org.sonar.ant.SonarTask.execute(SonarTask.java:48)
at org.apache.tools.ant.UnknownElement.execute(UnknownElement.java:292)
at sun.reflect.GeneratedMethodAccessor4.invoke(Unknown Source)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
at java.lang.reflect.Method.invoke(Method.java:498)
at org.apache.tools.ant.dispatch.DispatchUtils.execute(DispatchUtils.java:106)
at org.apache.tools.ant.Task.perform(Task.java:348)
at org.apache.tools.ant.taskdefs.Sequential.execute(Sequential.java:68)
at org.apache.tools.ant.UnknownElement.execute(UnknownElement.java:292)
at sun.reflect.GeneratedMethodAccessor4.invoke(Unknown Source)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
at java.lang.reflect.Method.invoke(Method.java:498)
at org.apache.tools.ant.dispatch.DispatchUtils.execute(DispatchUtils.java:106)
at org.apache.tools.ant.Task.perform(Task.java:348)
at org.apache.tools.ant.taskdefs.MacroInstance.execute(MacroInstance.java:396)
at org.apache.tools.ant.UnknownElement.execute(UnknownElement.java:292)
at sun.reflect.GeneratedMethodAccessor4.invoke(Unknown Source)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
at java.lang.reflect.Method.invoke(Method.java:498)
at org.apache.tools.ant.dispatch.DispatchUtils.execute(DispatchUtils.java:106)
at org.apache.tools.ant.Task.perform(Task.java:348)
at org.apache.tools.ant.Target.execute(Target.java:435)
at org.apache.tools.ant.Target.performTasks(Target.java:456)
at org.apache.tools.ant.Project.executeSortedTargets(Project.java:1393)
at org.apache.tools.ant.Project.executeTarget(Project.java:1364)
at org.apache.tools.ant.helper.DefaultExecutor.executeTargets(DefaultExecutor.java:41)
at org.apache.tools.ant.Project.executeTargets(Project.java:1248)
at org.apache.tools.ant.Main.runBuild(Main.java:851)
at org.apache.tools.ant.Main.startAnt(Main.java:235)
at org.apache.tools.ant.launch.Launcher.run(Launcher.java:280)
at org.apache.tools.ant.launch.Launcher.main(Launcher.java:109)
Caused by: java.net.ConnectException: Connection refused: connect
at sun.reflect.NativeConstructorAccessorImpl.newInstance0(Native Method)
at sun.reflect.NativeConstructorAccessorImpl.newInstance(NativeConstructorAccessorImpl.java:62)
at sun.reflect.DelegatingConstructorAccessorImpl.newInstance(DelegatingConstructorAccessorImpl.java:45)
at java.lang.reflect.Constructor.newInstance(Constructor.java:423)
at sun.net.www.protocol.http.HttpURLConnection$10.run(HttpURLConnection.java:1890)
at sun.net.www.protocol.http.HttpURLConnection$10.run(HttpURLConnection.java:1885)
at java.security.AccessController.doPrivileged(Native Method)
at sun.net.www.protocol.http.HttpURLConnection.getChainedException(HttpURLConnection.java:1884)
at sun.net.www.protocol.http.HttpURLConnection.getInputStream0(HttpURLConnection.java:1457)
at sun.net.www.protocol.http.HttpURLConnection.getInputStream(HttpURLConnection.java:1441)
at java.net.HttpURLConnection.getResponseCode(HttpURLConnection.java:480)
at org.sonar.runner.kevinsawicki.HttpRequest.code(HttpRequest.java:1390)
... 44 more
I know this is an configuration issue but I could not locate the file where the LOG is saying it is.
Also, why is it requiring jdbc url?
Thanks.
i just write down the approach we are using within our projects - not exactly as we are wrapping ant with gradle but how we proceed and configure everything.
We are not using the ant sonar scanner but either, the gradle sonar scanner [1] or the jenkins sonar scanner [2], so in this case you could actually use the sonar scanner [3].
Configuring sonar properties:
you can easily put all your configurations in your project root in a file called sonar-project.properties.
sonar.host.url=<sonar url>
sonar.projectKey=<project key>
sonar.projectName=<project name>
# you could use here java as language, but if you also want to analyse JS and other languages remove it, and adapt the source path to add those too
sonar.language=java
sonar.sources=<path-to-extension>/src,\
<path-to-extension>/hmc/src,\
<path-to-extension>/web/src,\
sonar.tests=<path-to-extension>/testsrc
sonar.java.binaries=**/classes
sonar.java.libraries=**/*.jar
sonar.java.test.binaries=**/classes
sonar.java.test.libraries=**/*.jar
this is just a simple basic configuration - so you need to define your test plugin and paths in here too.
i added paths for web and hmc, if your extension is not using them remove them
i just added one extensions, you could simply extend it with multiple ones
every config you do, you can simply put into this sonar-project.properties, and you can even check it into your VCS, to share it with others.
benefits are that this settings are connected with your source, so if you have a new extension you also adapt the sonar settings, and do not need to adapt any build etc.
Running the scanner
now you can simple use every runner you like by using those project properties. either jenkins, or gradle or local, you just need to ensure that the sonar-project.properties file is in the root of your project, and pointing to the right files.
Acknowledge
i know this is not the default hybris way, and it is not using the ant target of hybris, but i figured out, that this approach gives me much more flexibility than the default way!
[1] https://docs.sonarqube.org/display/SCAN/Analyzing+with+SonarQube+Scanner+for+Gradle?src=contextnavpagetreemode
[2] https://docs.sonarqube.org/display/SCAN/Analyzing+with+SonarQube+Scanner+for+Jenkins
[3] https://docs.sonarqube.org/display/SCAN/Analyzing+with+SonarQube+Scanner
are you sure that the Sonarqube server is launched? Maybe launch it manually and be sure that is is visible in your browser when accessing locallhost:9000/about .
As the root problem is the sonarserver not being available i'd go for that...
The Sonar Host URL is configured through a property called sonar.host.url
On the project I was working a while ago this property was set in hybris\config\local.properties
Related to the INFO: Work directory: E:\hybris\bin\platform.sonar logged,
I think that the working directory can be set using the sonar.working.directory which ,if not set, is somehow computed to be the one you saw in logs (i.e hybris\bin\platform.sonar)
I am using windows batch file to call a Pentaho Data integration job, intermittently, the job gets hung indefinitely.
The error message in Pentaho logs is as below :
06:43:37,951 ERROR [BlueprintContainerImpl] Unable to start blueprint container for bundle pdi-dataservice-server-plugin due to unresolved dependencies [(objectClass=org.pentaho.metaverse.api.ILineageClient)]
java.util.concurrent.TimeoutException
at org.apache.aries.blueprint.container.BlueprintContainerImpl$1.run(BlueprintContainerImpl.java:336)
at org.apache.aries.blueprint.utils.threading.impl.DiscardableRunnable.run(DiscardableRunnable.java:48)
at java.util.concurrent.Executors$RunnableAdapter.call(Unknown Source)
at java.util.concurrent.FutureTask.run(Unknown Source)
at java.util.concurrent.ScheduledThreadPoolExecutor$ScheduledFutureTask.access$201(Unknown Source)
at java.util.concurrent.ScheduledThreadPoolExecutor$ScheduledFutureTask.run(Unknown Source)
at java.util.concurrent.ThreadPoolExecutor.runWorker(Unknown Source)
at java.util.concurrent.ThreadPoolExecutor$Worker.run(Unknown Source)
at java.lang.Thread.run(Unknown Source)
I am able to find some questions on similar lines, which suggest this to be a cache issue. Please help !
You probably have to up the version of Kettle tool to 8.0.0
Here you can find the issue:
https://jira.pentaho.com/browse/PDI-16368
unresolved dependencies [(objectClass=org.pentaho.metaverse.api.ILineageClient)]
This means the blueprint file has a mandatory reference to a service with interface org.pentaho.metaverse.api.ILineageClient. The service does not seem to come up and so blueprint gives up after a timeout.
You now need to find the bundle that provides this service and determine why it does not start correctly.
When your bundle is starting, it can't find this interface org.pentaho.metaverse.api.ILineageClient. So it stays in Graceperiod State.
Because it works after clearing the cache, I recommend you to:
1:
troubleshooting the bundle that expose this interface: use diag command from your karaf command-line to find why it can't start correctly. You can use also headers command to ckeck that this interface was exported
2: you can put this reference as optionnal in the consumer bundle like this:
<reference id="give an id"
interface="org.pentaho.metaverse.api.ILineageClient"
availability="optional">
</reference>
3: verify the start level of your bundle: you can handle this using start-level="..." when installing bundles in your features.xml.
I solved the same problem by using "call".
For example:
cd "C:\Program Files (x86)\Kettle"
call kitchen.bat -file:"C:\Elekta Projects\CE_Activities\MAIN.kjb" -level:Minimal
I add the call statement, and also delete the contents of : /pentaho-server/tomcat/temp
I am sitting second whole day on a problem and giving up. I have written a jersey client which works on Jetty, and doesnt work on Weblogic. The reason is propably hidden in certificate: CN = "*.somecompany.com". Weblogic doesnt like wildcards in CN. Does anybody has working solution for that ?
I added these to Weblogic start params, but Weblogic uses many other clients, so I dont want to add these parameter: ignoreHostnameVerification: -
-Dssl.debug=true -Dweblogic.security.SSL.ignoreHostnameVerification=true
-Dweblogic.security.SSL.enforceConstraints=off
-Dweblogic.nodemanager.sslHostNameVerificationEnabled=false
-Dweblogic.security.SSL.allowSmallRSAExponent=true
-Dweblogic.security.SSL.ignoreHostnameVerification=true
I also accessed a REST service using webbrowser and downloaded certificate to disk an then added it to truststore using keytool.. It still doesnt work.
The only and best way would be to write something custom that validate hostname?? Maybe this wildcard is a problem.. But I am newbie, no idea how to write it, a working example would be greatly appreciated, I won't be able to do it myself :/
Below are exceptions that I found (not sure which were present and when but it is still not working) I was trying to fix it by:
1) Importing whole certificate chain to truststore (Java and Weblogic truststores)
2) Adding starting parameters to Weblogic, but it is not a good solution
com.sun.jersey.api.client.ClientHandlerException: javax.net.ssl.SSLKeyException: FATAL
Alert:BAD_CERTIFICATE - A corrupt or unuseable certificate was received.
com.sun.jersey.api.client.ClientHandlerException:
javax.net.ssl.SSLKeyException: FATAL Alert:BAD_CERTIFICATE - A corrupt
or unuseable certificate was received.
at
com.sun.jersey.client.urlconnection.URLConnectionClientHandler.handle(URLConnectionClientHa ndler.java:131)
at com.sun.jersey.api.client.Client.handle(Client.java:629)
at
com.sun.jersey.api.client.WebResource.handle(WebResource.java:601)
at
com.sun.jersey.api.client.WebResource.access$200(WebResource.java:74)
at
com.sun.jersey.api.client.WebResource$Builder.post(WebResource.java:507)
at
SECOND
with Severity: FATAL, Type: 42
java.lang.Exception: New alert stack
at com.certicom.tls.record.alert.Alert.<init>(Unknown Source)
at com.certicom.tls.record.handshake.HandshakeHandler.handleHandshakeMessages(Unknown Source)
at com.certicom.tls.record.MessageInterpreter.interpretContent(Unknown Source)
at com.certicom.tls.record.MessageInterpreter.decryptMessage(Unknown Source)
at com.certicom.tls.record.ReadHandler.processRecord(Unknown Source)
at com.certicom.tls.record.ReadHandler.readRecord(Unknown Source)
at com.certicom.tls.record.ReadHandler.readUntilHandshakeComplete(Unknown Source)
at com.certicom.tls.interfaceimpl.TLSConnectionImpl.completeHandshake(Unknown Source)
at com.certicom.tls.record.WriteHandler.write(Unknown Source)
at com.certicom.io.OutputSSLIOStreamWrapper.write(Unknown Source)
at java.io.BufferedOutputStream.flushBuffer(BufferedOutputStream.java:82)
at java.io.BufferedOutputStream.flush(BufferedOutputStream.java:140)
at java.io.FilterOutputStream.flush(FilterOutputStream.java:140)
at weblogic.net.http.HttpURLConnection.writeRequests(HttpURLConnection.java:154)
at weblogic.net.http.HttpURLConnection.getInputStream(HttpURLConnection.java:358)
at weblogic.net.http.SOAPHttpsURLConnection.getInputStream(SOAPHttpsURLConnection.java:37)
at weblogic.net.http.HttpURLConnection.getHeaderField(HttpURLConnection.java:702)
at weblogic.net.http.HttpURLConnection.getResponseCode(HttpURLConnection.java:962)
at com.sun.jersey.client.urlconnection.URLConnectionClientHandler._invoke(URLConnectionClientHandler.java:217)
at com.sun.jersey.client.urlconnection.URLConnectionClientHandler.handle(URLConnectionClientHandler.java:129)
at com.sun.jersey.api.client.Client.handle(Client.java:629)
at com.sun.jersey.api.client.WebResource.handle(WebResource.java:601)
at com.sun.jersey.api.client.WebResource.access$200(WebResource.java:74)
at com.sun.jersey.api.client.WebResource$Builder.post(WebResource.java:507)
at
THIRD
E7C0E2529308F> <> <1387573464164> <BEA-000000> <Failure loading trusted CA list
java.security.cert.CertificateParsingException: Could not set value for ASN.1 string object.
at com.certicom.security.cert.internal.x509.X509V3CertImpl.<init>(Unknown Source)
at com.certicom.tls.interfaceimpl.CertificateSupport.addTrustedCertificate(Unknown Source)
at com.certicom.net.ssl.SSLContext.addTrustedCertificate(Unknown Source)
at com.bea.sslplus.CerticomSSLContext.addTrustedCA(Unknown Source)
at weblogic.security.utils.SSLContextWrapper.addTrustedCA(SSLContextWrapper.java:62)
at weblogic.security.utils.SSLSetup.getSSLContext(SSLSetup.java:320)
at weblogic.net.http.HttpsClient.openServer(HttpsClient.java:334)
at weblogic.net.http.HttpsClient.New(HttpsClient.java:566)
at weblogic.net.http.HttpsURLConnection.getHttpClient(HttpsURLConnection.java:339)
at weblogic.net.http.HttpURLConnection.getInputStream(HttpURLConnection.java:408)
at weblogic.net.http.SOAPHttpsURLConnection.getInputStream(SOAPHttpsURLConnection.java:37)
at weblogic.net.http.HttpURLConnection.getHeaderField(HttpURLConnection.java:702)
at weblogic.net.http.HttpURLConnection.getResponseCode(HttpURLConnection.java:962)
at com.sun.jersey.client.urlconnection.URLConnectionClientHandler._invoke(URLConnectionClientHandler.java:217)
at com.sun.jersey.client.urlconnection.URLConnectionClientHandler.handle(URLConnectionClientHandler.java:129)
at com.sun.jersey.api.client.Client.handle(Client.java:629)
at com.sun.jersey.api.client.WebResource.handle(WebResource.java:601)
at com.sun.jersey.api.client.WebResource.access$200(WebResource.java:74)
at com.sun.jersey.api.client.WebResource$Builder.post(WebResource.java:507)
at
try to add the site certificate to you weblogic truststore and then add the below param in your weblogic startup
-DUseSunHttpHandler=true
-Dssl.SocketFactory.provider=sun.security.ssl.SSLSocketFactoryImpl
-Dssl.ServerSocketFactory.provider=sun.security.ssl.SSLSocketFactoryImpl
i have a problem like yours and by this post i solve it
Cannot access HTTPS from Weblogic
Issue fixed by adding these entry in JVM arguments
"-Dweblogic.security.SSL.nojce=true"
"-Dweblogic.ssl.JSSEEnabled=true"
"-Dweblogic.security.SSL.enableJSSE=true"