Support Article
Problems with enabled Java Security Manager
SA-19544
Summary
The system node list cannot be accessed on JBoss with the Java Security Manager enabled.
Error Messages
14:07:54,173 INFO [stdout] (Dispatcher-Thread-89) Caused by: java.sql.SQLException: Connection is not associated with a managed connection.org.jboss.jca.adapters.jdbc.jdk6.WrappedConnectionJDK6@4ee7292
14:07:54,173 INFO [stdout] (Dispatcher-Thread-89)
.
.
at com.pega.pegarules.data.internal.access.ConnectionManagerImpl.returnConnection(ConnectionManagerImpl.java:2221)
Steps to Reproduce
1. Enable Java Security Manager in standalone.conf file in $JBOSS_HOME/bin/ as below:
# Uncomment this to run with a security manager enabled
SECMGR="true"
# Java Security Manager Policy
JAVA_OPTS="$JAVA_OPTS -Djava.security.policy==$JBOSS_HOME/bin/jboss.policy -Djboss.home.dir=$JBOSS_HOME"
2. Restart JBoss.
3. Access the System Node instance list.
Root Cause
A defect or configuration issue in the operating environment.
The only "access denied" in the log is this:
at org.jboss.jca.adapters.jdbc.WrappedResultSet.getObject(WrappedResultSet.java:1156)
... 154 more
Caused by: java.security.AccessControlException: access denied ("java.io.FilePermission" "/nics/jboss/EAP-6.4.0/modules/com/oracle/main/ojdbc6.jar" "read")
at java.security.AccessControlContext.checkPermission(AccessControlContext.java:472) [rt.jar:1.8.0_66]
at java.security.AccessController.checkPermission(AccessController.java:884) [rt.jar:1.8.0_66]
at java.lang.SecurityManager.checkPermission(SecurityManager.java:549) [rt.jar:1.8.0_66]
Resolution
Use a similar entry in the java security policy file as given below.
grant codeBase "file:${jboss.home.dir}/modules/oracle/jdbc/main/-" {
permission java.security.AllPermission;
permission javax.security.AllPermission;
};
Adjust this to the required JDBC driver location.
Published February 9, 2016 - Updated October 8, 2020
Have a question? Get answers now.
Visit the Collaboration Center to ask questions, engage in discussions, share ideas, and help others.