Foros de discusión
Problem with security manager
Mark Chkhotua, modificado hace 11 años.
Problem with security manager
New Member Mensajes: 2 Fecha de incorporación: 28/11/12 Mensajes recientes
Hi all, need help
I am supporting a portlet (6.1.1 GA2), based on Spring MVC, it works well, but now I need to enable security manager, to make it ready for marketplace.
I added to my liferay-plugin-package.properties next code:
I was trying different combinations, but I always get this:
What members I should declare?
Am I missing something?
I am supporting a portlet (6.1.1 GA2), based on Spring MVC, it works well, but now I need to enable security manager, to make it ready for marketplace.
I added to my liferay-plugin-package.properties next code:
security-manager-enabled=true
security-manager-get-bean-property=\
com.liferay.portal.util.PortalUtil,\
com.liferay.portal.kernel.deploy.hot.HotDeployUtil,\
com.liferay.portal.kernel.util.PropsUtil,\
com.liferay.portal.kernel.servlet.DirectRequestDispatcherFactoryUtil,\
com.liferay.portal.kernel.cache.key.CacheKeyGeneratorUtil,\
com.liferay.portal.kernel.servlet.DirectServletRegistryUtil,\
com.liferay.portal.kernel.configuration.ConfigurationFactoryUtil,\
com.liferay.portlet.PortletPreferencesFactoryUtil,\
com.liferay.portal.kernel.dao.orm.EntityCacheUtil,\
com.liferay.portal.kernel.cache.CacheRegistryUtil,\
com.liferay.portal.kernel.dao.shard.ShardUtil,\
com.liferay.portal.kernel.staging.LayoutStagingUtil,\
com.liferay.portal.kernel.dao.db.DBFactoryUtil,\
com.liferay.portal.kernel.dao.orm.FinderCacheUtil,\
com.liferay.portal.security.auth.AuthTokenUtil,\
com.liferay.portal.kernel.util.HttpUtil,\
com.liferay.portal.service.permission.PortletPermissionUtil,\
com.liferay.portal.kernel.util.HtmlUtil,\
com.liferay.portal.kernel.util.LocaleUtil,\
com.liferay.portal.kernel.spring.util.SpringFactoryUtil
security-manager-services[portal]=\
com.liferay.portal.service.GroupLocalService,\
com.liferay.portal.service.PortletPreferencesLocalService,\
com.liferay.portal.service.LayoutLocalService,\
com.liferay.portal.service.LayoutSetLocalService
security-manager-services[login-portlet]=\
com.aimprosoft.portlet.login.LoginController,\
com.aimprosoft.portlet.login.LoginEditController
security-manager-files-read=\
${java.io.tmpdir}${file.separator}-,\
${liferay.web.portal.dir}${file.separator}html${file.separator}taglib${file.separator}-,\
${liferay.web.portal.dir}${file.separator}html${file.separator}themes${file.separator}-
I was trying different combinations, but I always get this:
16:46:40,282 ERROR [DispatcherPortlet:276] Context initialization failed
org.springframework.beans.factory.BeanDefinitionStoreException: Failed to read candidate component class: file [/home/mark/work/liferay-portal-6.1.1-ce-ga2/tomcat-7.0.27/temp/15-login-portlet/WEB-INF/classes/com/aimprosoft/portlet/login/LoginEditController.class]; nested exception is java.lang.SecurityException: Attempted to access declared members
at org.springframework.context.annotation.ClassPathScanningCandidateComponentProvider.findCandidateComponents(ClassPathScanningCandidateComponentProvider.java:237)
at org.springframework.context.annotation.ClassPathBeanDefinitionScanner.doScan(ClassPathBeanDefinitionScanner.java:204)
at org.springframework.context.annotation.ComponentScanBeanDefinitionParser.parse(ComponentScanBeanDefinitionParser.java:84)
at org.springframework.beans.factory.xml.NamespaceHandlerSupport.parse(NamespaceHandlerSupport.java:73)
at org.springframework.beans.factory.xml.BeanDefinitionParserDelegate.parseCustomElement(BeanDefinitionParserDelegate.java:1338)
at org.springframework.beans.factory.xml.BeanDefinitionParserDelegate.parseCustomElement(BeanDefinitionParserDelegate.java:1328)
at org.springframework.beans.factory.xml.DefaultBeanDefinitionDocumentReader.parseBeanDefinitions(DefaultBeanDefinitionDocumentReader.java:135)
at org.springframework.beans.factory.xml.DefaultBeanDefinitionDocumentReader.registerBeanDefinitions(DefaultBeanDefinitionDocumentReader.java:93)
at org.springframework.beans.factory.xml.XmlBeanDefinitionReader.registerBeanDefinitions(XmlBeanDefinitionReader.java:493)
at org.springframework.beans.factory.xml.XmlBeanDefinitionReader.doLoadBeanDefinitions(XmlBeanDefinitionReader.java:390)
at org.springframework.beans.factory.xml.XmlBeanDefinitionReader.loadBeanDefinitions(XmlBeanDefinitionReader.java:334)
at org.springframework.beans.factory.xml.XmlBeanDefinitionReader.loadBeanDefinitions(XmlBeanDefinitionReader.java:302)
at org.springframework.beans.factory.support.AbstractBeanDefinitionReader.loadBeanDefinitions(AbstractBeanDefinitionReader.java:143)
at org.springframework.beans.factory.support.AbstractBeanDefinitionReader.loadBeanDefinitions(AbstractBeanDefinitionReader.java:178)
at org.springframework.beans.factory.support.AbstractBeanDefinitionReader.loadBeanDefinitions(AbstractBeanDefinitionReader.java:149)
at org.springframework.web.portlet.context.XmlPortletApplicationContext.loadBeanDefinitions(XmlPortletApplicationContext.java:124)
at org.springframework.web.portlet.context.XmlPortletApplicationContext.loadBeanDefinitions(XmlPortletApplicationContext.java:92)
at org.springframework.context.support.AbstractRefreshableApplicationContext.refreshBeanFactory(AbstractRefreshableApplicationContext.java:130)
at org.springframework.context.support.AbstractApplicationContext.obtainFreshBeanFactory(AbstractApplicationContext.java:467)
at org.springframework.context.support.AbstractApplicationContext.refresh(AbstractApplicationContext.java:397)
at org.springframework.web.portlet.FrameworkPortlet.createPortletApplicationContext(FrameworkPortlet.java:356)
at org.springframework.web.portlet.FrameworkPortlet.initPortletApplicationContext(FrameworkPortlet.java:294)
at org.springframework.web.portlet.FrameworkPortlet.initPortletBean(FrameworkPortlet.java:268)
at org.springframework.web.portlet.GenericPortletBean.init(GenericPortletBean.java:116)
at javax.portlet.GenericPortlet.init(GenericPortlet.java:107)
at com.liferay.portlet.InvokerPortletImpl.init(InvokerPortletImpl.java:256)
at com.liferay.portlet.PortletInstanceFactoryImpl.init(PortletInstanceFactoryImpl.java:221)
at com.liferay.portlet.PortletInstanceFactoryImpl.create(PortletInstanceFactoryImpl.java:140)
at com.liferay.portlet.PortletInstanceFactoryUtil.create(PortletInstanceFactoryUtil.java:41)
at com.liferay.portlet.PortletBagFactory.create(PortletBagFactory.java:310)
at com.liferay.portal.deploy.hot.PortletHotDeployListener.initPortlet(PortletHotDeployListener.java:546)
at com.liferay.portal.deploy.hot.PortletHotDeployListener.doInvokeDeploy(PortletHotDeployListener.java:321)
at com.liferay.portal.deploy.hot.PortletHotDeployListener.invokeDeploy(PortletHotDeployListener.java:120)
at com.liferay.portal.deploy.hot.HotDeployImpl.doFireDeployEvent(HotDeployImpl.java:188)
at com.liferay.portal.deploy.hot.HotDeployImpl.fireDeployEvent(HotDeployImpl.java:96)
at com.liferay.portal.kernel.deploy.hot.HotDeployUtil.fireDeployEvent(HotDeployUtil.java:27)
at com.liferay.portal.kernel.servlet.PluginContextListener.fireDeployEvent(PluginContextListener.java:151)
at com.liferay.portal.kernel.servlet.SecurePluginContextListener.fireDeployEvent(SecurePluginContextListener.java:233)
at com.liferay.portal.kernel.servlet.PluginContextListener.doPortalInit(PluginContextListener.java:141)
at com.liferay.portal.kernel.util.BasePortalLifecycle.portalInit(BasePortalLifecycle.java:42)
at com.liferay.portal.kernel.util.PortalLifecycleUtil.register(PortalLifecycleUtil.java:64)
at com.liferay.portal.kernel.util.PortalLifecycleUtil.register(PortalLifecycleUtil.java:56)
at com.liferay.portal.kernel.util.BasePortalLifecycle.registerPortalLifecycle(BasePortalLifecycle.java:52)
at com.liferay.portal.kernel.servlet.PluginContextListener.contextInitialized(PluginContextListener.java:103)
at org.apache.catalina.core.StandardContext.listenerStart(StandardContext.java:4779)
at org.apache.catalina.core.StandardContext.startInternal(StandardContext.java:5273)
at org.apache.catalina.util.LifecycleBase.start(LifecycleBase.java:150)
at org.apache.catalina.core.ContainerBase.addChildInternal(ContainerBase.java:895)
at org.apache.catalina.core.ContainerBase.addChild(ContainerBase.java:871)
at org.apache.catalina.core.StandardHost.addChild(StandardHost.java:615)
at org.apache.catalina.startup.HostConfig.deployDirectory(HostConfig.java:1099)
at org.apache.catalina.startup.HostConfig$DeployDirectory.run(HostConfig.java:1621)
at java.util.concurrent.Executors$RunnableAdapter.call(Executors.java:471)
at java.util.concurrent.FutureTask$Sync.innerRun(FutureTask.java:334)
at java.util.concurrent.FutureTask.run(FutureTask.java:166)
at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1110)
at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:603)
at java.lang.Thread.run(Thread.java:722)
Caused by: java.lang.SecurityException: Attempted to access declared members
at com.liferay.portal.security.pacl.checker.BaseChecker.throwSecurityException(BaseChecker.java:259)
at com.liferay.portal.security.pacl.checker.RuntimeChecker.checkPermission(RuntimeChecker.java:71)
at com.liferay.portal.security.pacl.ActivePACLPolicy.checkPermission(ActivePACLPolicy.java:55)
at com.liferay.portal.security.lang.PortalSecurityManager.checkPermission(PortalSecurityManager.java:103)
at com.liferay.portal.security.lang.PortalSecurityManager.checkPermission(PortalSecurityManager.java:74)
at java.lang.SecurityManager.checkMemberAccess(SecurityManager.java:1679)
at java.lang.Class.checkMemberAccess(Class.java:2174)
at java.lang.Class.getDeclaredMethods(Class.java:1807)
at sun.reflect.annotation.AnnotationType$1.run(AnnotationType.java:104)
at sun.reflect.annotation.AnnotationType$1.run(AnnotationType.java:101)
at java.security.AccessController.doPrivileged(Native Method)
at sun.reflect.annotation.AnnotationType.<init>(AnnotationType.java:100)
at sun.reflect.annotation.AnnotationType.getInstance(AnnotationType.java:84)
at sun.reflect.annotation.AnnotationParser.parseAnnotation(AnnotationParser.java:221)
at sun.reflect.annotation.AnnotationParser.parseAnnotations2(AnnotationParser.java:88)
at sun.reflect.annotation.AnnotationParser.parseAnnotations(AnnotationParser.java:70)
at java.lang.Class.initAnnotationsIfNecessary(Class.java:3089)
at java.lang.Class.getAnnotations(Class.java:3069)
at org.springframework.core.type.classreading.AnnotationAttributesReadingVisitor.visitEnd(AnnotationAttributesReadingVisitor.java:131)
at org.springframework.asm.ClassReader.a(Unknown Source)
at org.springframework.asm.ClassReader.accept(Unknown Source)
at org.springframework.asm.ClassReader.accept(Unknown Source)
at org.springframework.core.type.classreading.SimpleMetadataReader.<init>(SimpleMetadataReader.java:54)
at org.springframework.core.type.classreading.SimpleMetadataReaderFactory.getMetadataReader(SimpleMetadataReaderFactory.java:80)
at org.springframework.core.type.classreading.CachingMetadataReaderFactory.getMetadataReader(CachingMetadataReaderFactory.java:101)
at org.springframework.context.annotation.ClassPathScanningCandidateComponentProvider.findCandidateComponents(ClassPathScanningCandidateComponentProvider.java:213)
... 57 more
</init></init>
What members I should declare?
Am I missing something?
Mark Chkhotua, modificado hace 11 años.
RE: Problem with security manager
New Member Mensajes: 2 Fecha de incorporación: 28/11/12 Mensajes recientes
Can anyone help me, please?
Brian Scott Schupbach, modificado hace 9 años.
RE: Problem with security manager
Expert Mensajes: 329 Fecha de incorporación: 23/10/08 Mensajes recientes
Did you ever figure this out?