This content has been archived.

Troubleshooting: PRPC fails on WebSphere Application Server requesting Java security augmented permissions

Summary

PRPC 6.3 SP1 running on WebSphere Application Server 8.0 does not start. The WebSphere Application Server SystemOUT log includes entries that indicate that the PRPC application is looking for Java security permissions and that these permissions need to be set.

WebSphere Application Server SystemOUT log

[10/24/13 10:42:41:606 EDT] 00000011 PRBootstrap   Z com.pega.pegarules.internal.bootstrap.PRBootstrap  prbootstrap.properties merged with prbootstrap entries in Data-Admin-System-Settings

[10/24/13 10:42:41:628 EDT] 00000011 SystemOut     O Augmented permissions to be applied to Pega bootstrap phase 2 classes:

java.security.Permissions@49525292 (

 (com.ibm.oti.shared.SharedClassPermission com.pega.apache.axis2.deployment.DeploymentClassLoader read,write)

 (com.ibm.oti.shared.SharedClassPermission com.pega.pegarules.internal.bootstrap.phase2.PRBaseLoader read,write)

 (com.ibm.oti.shared.SharedClassPermission com.pega.pegarules.bootstrap.loader.PRAppLoader read,write)

 (java.util.PropertyPermission * read)

 (java.net.NetPermission specifyStreamHandler)

 (java.util.logging.LoggingPermission control)

 (java.net.SocketPermission * connect,resolve)

 (java.net.SocketPermission localhost:1024- listen,resolve)

 (java.lang.reflect.ReflectPermission suppressAccessChecks)

 (javax.management.MBeanServerPermission createMBeanServer)

 (java.io.FilePermission /usr/IBM/WebSphereV8/AppServer/java/jre read)

 (java.io.FilePermission /usr/IBM/WebSphereV8/AppServer/java/jre/- read)

 (java.io.FilePermission /home/waslex/* read)

 (java.io.FilePermission /usr/IBM/WebSphereV8/AppServer/profiles/
cpmhcWasServer01/temp/naswaspegadev01Node01/cpmhcWasServer01/
prpc_j2ee14_ws/prweb.war read,write)

 (java.io.FilePermission /usr/IBM/WebSphereV8/AppServer/profiles/
cpmhcWasServer01/temp/naswaspegadev01Node01/cpmhcWasServer01/
prpc_j2ee14_ws/prweb.war/- read,write,delete)

 (java.io.FilePermission /usr/IBM/WebSphereV8/AppServer read)

 (java.io.FilePermission /usr/IBM/WebSphereV8/AppServer/- read)

 (javax.management.MbeanPermission com.pega.*#*[] registerMBean)

 (javax.management.MbeanTrustPermission register)

 (java.security.SecurityPermission getPolicy)

 (java.lang.RuntimePermission defineClassInPackage.java.lang)

 (java.lang.RuntimePermission getProtectionDomain)

 (java.lang.RuntimePermission getClassLoader)

 (java.lang.RuntimePermission accessClassInPackage.com.ibm.oti.shared)

 (java.lang.RuntimePermission accessDeclaredMembers)

 (java.lang.RuntimePermission accessClassInPackage.sun.util.logging.resources)

 (java.lang.RuntimePermission createClassLoader)

)

Explanation

The SystemOUT log entries indicate that you have the WebSphere Application Server Global Security setting for Java 2 security checked:

Use Java 2 security to restrict application access to local resources

This setting causes the SystemOUT log to generate entries about missing permissions in PRPC property files, and it prevents start-up of PRPC.

Suggested Approach

To suppress log entries regarding Java security permissions for PRPC files and to allow PRPC to start:

  1. In the WebSphere Application Server Integrated Solutions Console, the Global Security settings, find the Java 2 security setting, Use Java 2 security to restrict application access to local resources.

    WebSphere Application Server Global Security Java 2 Security setting
     
  2. Uncheck the Java 2 setting and click Apply.

Disabling the Java 2 security setting in WebSphere Application Server Global Security will suppress the log entries that flag missing permissions in PRPC property files. The PRPC system will start.

If you need to enable Java 2 security, follow the guidance in the WebSphere Application Server documentation.

Reference

IBM WebSphere Application Server, Version 8.0, Information Center, Setting Java 2 security permissions


Related Content

Have a question? Get answers now.

Visit the Collaboration Center to ask questions, engage in discussions, share ideas, and help others.