Subsonic won't start with tomcat security on

Need help? Post your questions here.

Moderator: moderators

Subsonic won't start with tomcat security on

Postby signor » Sat May 12, 2007 12:25 am

Howdy Sindre. After quite a bit of tinkering I finally was able to get subsonic to load successfully and transcode m4a files with faad and lame. Good stuff, thank you for your hard work. Problem is, I can only get it to work when I turn off security in /etc/default/tomcat5.5 with the variable TOMCAT5_SECURITY=no.

I know this very thing has been suggested as a 'fix' by one or two on this forum and elsewhere on the web for other tomcat applications, but the paranoia in me doesn't want me to run it with security turned off.

With security on, the org.apache.catalina.core.StandardContext listener fails to start with a permissions problem. Perhaps you might have a suggestion for making this work with tomcat security on. I turned on some debug to help with the error. Here's my system and below is the error that I get (sorry for the length).

System: Debian 4.0 etch i686 arch
Java: java-1.5.0-sun-1.5.0.10
Subsonic 3.0
tomcat 5.5
Apache 1.3.34 (kept up to date with debian patches)
Using a Tomcat connector with Apache
/var/subsonic is readable and writable by the tomcat55 user
/usr/share/tomcat5.5 and /var/lib/tomcat5.5 and all files underneath it are all at least readable by the tomcat55 user (and writable in the temp/scratch areas).

Debut output:
Using CATALINA_BASE: /var/lib/tomcat5.5
Using CATALINA_HOME: /usr/share/tomcat5.5
Using CATALINA_TMPDIR: /var/lib/tomcat5.5/temp
Using JRE_HOME: /usr/lib/jvm/java-1.5.0-sun-1.5.0.10
Using Security Manager
May 11, 2007 6:52:36 PM org.apache.coyote.http11.Http11BaseProtocol init
INFO: Initializing Coyote HTTP/1.1 on http-8180
May 11, 2007 6:52:36 PM org.apache.catalina.startup.Catalina load
INFO: Initialization processed in 3158 ms
May 11, 2007 6:52:36 PM org.apache.catalina.core.StandardService start
INFO: Starting service Catalina
May 11, 2007 6:52:36 PM org.apache.catalina.core.StandardEngine start
INFO: Starting Servlet Engine: Apache Tomcat/5.5
May 11, 2007 6:52:37 PM org.apache.catalina.core.StandardHost start
INFO: XML validation disabled
May 11, 2007 6:52:43 PM org.apache.catalina.startup.HostConfig deployWAR
INFO: Deploying web application archive subsonic.war
[ERROR] org.springframework.web.context.ContextLoader - Context initialization failed org.springframework.beans.factory.BeanCreationException: Error creating bean with name 'playerDao' defined in ServletContext resource [/WEB-INF/applicationContext-service.xml]: Cannot resolve reference to bean 'daoHelper' while setting bean property 'daoHelper'; nested exception is org.springframework.beans.factory.BeanCreationException: Error creating bean with name 'daoHelper' defined in ServletContext resource [/WEB-INF/applicationContext-service.xml]: Instantiation of bean failed; nested exception is org.springframework.beans.BeanInstantiationException: Could not instantiate bean class [net.sourceforge.subsonic.dao.DaoHelper]: Constructor threw exception; nested exception is java.security.AccessControlException: access denied (java.util.PropertyPermission subsonic.home read)
Caused by: org.springframework.beans.factory.BeanCreationException: Error creating bean with name 'daoHelper' defined in ServletContext resource [/WEB-INF/applicationContext-service.xml]: Instantiation of bean failed; nested exception is org.springframework.beans.BeanInstantiationException: Could not instantiate bean class [net.sourceforge.subsonic.dao.DaoHelper]: Constructor threw exception; nested exception is java.security.AccessControlException: access denied (java.util.PropertyPermission subsonic.home read)
Caused by:
org.springframework.beans.BeanInstantiationException: Could not instantiate bean class [net.sourceforge.subsonic.dao.DaoHelper]: Constructor threw exception; nested exception is java.security.AccessControlException: access denied (java.util.PropertyPermission subsonic.home read)
Caused by:
java.security.AccessControlException: access denied (java.util.PropertyPermission subsonic.home read)
at java.security.AccessControlContext.checkPermission(AccessControlContext.java:264)
at java.security.AccessController.checkPermission(AccessController.java:427)
at java.lang.SecurityManager.checkPermission(SecurityManager.java:532)
at java.lang.SecurityManager.checkPropertyAccess(SecurityManager.java:1285)
at java.lang.System.getProperty(System.java:628)
at net.sourceforge.subsonic.service.SettingsService.getSubsonicHome(SettingsService.java:181)
at net.sourceforge.subsonic.dao.DaoHelper.createDataSource(DaoHelper.java:38)
at net.sourceforge.subsonic.dao.DaoHelper.<init>(DaoHelper.java:25)
at sun.reflect.NativeConstructorAccessorImpl.newInstance0(Native Method)
at sun.reflect.NativeConstructorAccessorImpl.newInstance(NativeConstructorAccessorImpl.java:39)
at sun.reflect.DelegatingConstructorAccessorImpl.newInstance(DelegatingConstructorAccessorImpl.java:27)
at java.lang.reflect.Constructor.newInstance(Constructor.java:494)
at org.springframework.beans.BeanUtils.instantiateClass(BeanUtils.java:84)
at org.springframework.beans.BeanUtils.instantiateClass(BeanUtils.java:60)
at org.springframework.beans.factory.support.SimpleInstantiationStrategy.instantiate(SimpleInstantiationStrategy.java:45)
at org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.instantiateBean(AbstractAutowireCapableBeanFactory.java:701)
at org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.createBeanInstance(AbstractAutowireCapableBeanFactory.java:687)
at org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.createBean(AbstractAutowireCapableBeanFactory.java:388)
at org.springframework.beans.factory.support.AbstractBeanFactory$1.getObject(AbstractBeanFactory.java:250)
at org.springframework.beans.factory.support.DefaultSingletonBeanRegistry.getSingleton(DefaultSingletonBeanRegistry.java:141)
at org.springframework.beans.factory.support.AbstractBeanFactory.getBean(AbstractBeanFactory.java:247)
at org.springframework.beans.factory.support.AbstractBeanFactory.getBean(AbstractBeanFactory.java:161)
at org.springframework.beans.factory.support.BeanDefinitionValueResolver.resolveReference(BeanDefinitionValueResolver.java:245)
at org.springframework.beans.factory.support.BeanDefinitionValueResolver.resolveValueIfNecessary(BeanDefinitionValueResolver.java:124)
at org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.applyPropertyValues(AbstractAutowireCapableBeanFactory.java:1019)
at org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.populateBean(AbstractAutowireCapableBeanFactory.java:809)
at org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.createBean(AbstractAutowireCapableBeanFactory.java:425)
at org.springframework.beans.factory.support.AbstractBeanFactory$1.getObject(AbstractBeanFactory.java:250)
at org.springframework.beans.factory.support.DefaultSingletonBeanRegistry.getSingleton(DefaultSingletonBeanRegistry.java:141)
at org.springframework.beans.factory.support.AbstractBeanFactory.getBean(AbstractBeanFactory.java:247)
at org.springframework.beans.factory.support.AbstractBeanFactory.getBean(AbstractBeanFactory.java:161)
at org.springframework.beans.factory.support.DefaultListableBeanFactory.preInstantiateSingletons(DefaultListableBeanFactory.java:273)
at org.springframework.context.support.AbstractApplicationContext.refresh(AbstractApplicationContext.java:346)
at org.springframework.web.context.support.AbstractRefreshableWebApplicationContext.refresh(AbstractRefreshableWebApplicationContext.java:156)
at org.springframework.web.context.ContextLoader.createWebApplicationContext(ContextLoader.java:246)
at org.springframework.web.context.ContextLoader.initWebApplicationContext(ContextLoader.java:184)
at org.springframework.web.context.ContextLoaderListener.contextInitialized(ContextLoaderListener.java:49)
at org.apache.catalina.core.StandardContext.listenerStart(StandardContext.java:3763)
at org.apache.catalina.core.StandardContext.start(StandardContext.java:4211)
at org.apache.catalina.core.ContainerBase.addChildInternal(ContainerBase.java:759)
at org.apache.catalina.core.ContainerBase.access$0(ContainerBase.java:743)
at org.apache.catalina.core.ContainerBase$PrivilegedAddChild.run(ContainerBase.java:143)
at java.security.AccessController.doPrivileged(Native Method)
at org.apache.catalina.core.ContainerBase.addChild(ContainerBase.java:737)
at org.apache.catalina.core.StandardHost.addChild(StandardHost.java:524)
at org.apache.catalina.startup.HostConfig.deployWAR(HostConfig.java:809)
at org.apache.catalina.startup.HostConfig.deployWARs(HostConfig.java:698)
at org.apache.catalina.startup.HostConfig.deployApps(HostConfig.java:472)
at org.apache.catalina.startup.HostConfig.start(HostConfig.java:1122)
at org.apache.catalina.startup.HostConfig.lifecycleEvent(HostConfig.java:310)
at org.apache.catalina.util.LifecycleSupport.fireLifecycleEvent(LifecycleSupport.java:119)
at org.apache.catalina.core.ContainerBase.start(ContainerBase.java:1021)
at org.apache.catalina.core.StandardHost.start(StandardHost.java:718)
at org.apache.catalina.core.ContainerBase.start(ContainerBase.java:1013)
at org.apache.catalina.core.StandardEngine.start(StandardEngine.java:442)
at org.apache.catalina.core.StandardService.start(StandardService.java:450)
at org.apache.catalina.core.StandardServer.start(StandardServer.java:709)
at org.apache.catalina.startup.Catalina.start(Catalina.java:551)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
at java.lang.reflect.Method.invoke(Method.java:585)
at org.apache.catalina.startup.Bootstrap.start(Bootstrap.java:294)
at org.apache.catalina.startup.Bootstrap.main(Bootstrap.java:432)
[ERROR] org.apache.catalina.core.ContainerBase.[Catalina].[localhost].[/subsonic] - Exception sending context initialized event to listener instance of class org.springframework.web.context.ContextLoaderListener
org.springframework.beans.factory.BeanCreationException: Error creating bean with name 'playerDao' defined in ServletContext resource [/WEB-INF/applicationContext-service.xml]: Cannot resolve reference to bean 'daoHelper' while setting bean property 'daoHelper'; nested exception is org.springframework.beans.factory.BeanCreationException: Error creating bean with name 'daoHelper' defined in ServletContext resource [/WEB-INF/applicationContext-service.xml]: Instantiation of bean failed; nested exception is org.springframework.beans.BeanInstantiationException: Could not instantiate bean class [net.sourceforge.subsonic.dao.DaoHelper]: Constructor threw exception; nested exception is java.security.AccessControlException: access denied (java.util.PropertyPermission subsonic.home read)
Caused by: org.springframework.beans.factory.BeanCreationException: Error creating bean with name 'daoHelper' defined in ServletContext resource [/WEB-INF/applicationContext-service.xml]: Inst
antiation of bean failed; nested exception is org.springframework.beans.BeanInstantiationException: Could not instantiate bean class [net.sourceforge.subsonic.dao.DaoHelper]: Constructor threw exception; nested exception is java.security.AccessControlException: access denied (java.util.PropertyPermission subsonic.home read)
Caused by: org.springframework.beans.BeanInstantiationException: Could not instantiate bean class [net.sourceforge.subsonic.dao.DaoHelper]: Constructor threw exception; nested exception is java.security.AccessControlException: access denied (java.util.PropertyPermission subsonic.home read)
Caused by:
java.security.AccessControlException: access denied (java.util.PropertyPermission subsonic.home read)
at java.security.AccessControlContext.checkPermission(AccessControlContext.java:264)
at java.security.AccessController.checkPermission(AccessController.java:427)
at java.lang.SecurityManager.checkPermission(SecurityManager.java:532)
at java.lang.SecurityManager.checkPropertyAccess(SecurityManager.java:1285)
at java.lang.System.getProperty(System.java:628)
at net.sourceforge.subsonic.service.SettingsService.getSubsonicHome(SettingsService.java:181)
at net.sourceforge.subsonic.dao.DaoHelper.createDataSource(DaoHelper.java:38)
at net.sourceforge.subsonic.dao.DaoHelper.<init>(DaoHelper.java:25)
at sun.reflect.NativeConstructorAccessorImpl.newInstance0(Native Method)
at sun.reflect.NativeConstructorAccessorImpl.newInstance(NativeConstructorAccessorImpl.java:39)
at sun.reflect.DelegatingConstructorAccessorImpl.newInstance(DelegatingConstructorAccessorImpl.java:27)
at java.lang.reflect.Constructor.newInstance(Constructor.java:494)
at org.springframework.beans.BeanUtils.instantiateClass(BeanUtils.java:84)
at org.springframework.beans.BeanUtils.instantiateClass(BeanUtils.java:60)
at org.springframework.beans.factory.support.SimpleInstantiationStrategy.instantiate(SimpleInstantiationStrategy.java:45)
at org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.instantiateBean(AbstractAutowireCapableBeanFactory.java:701)
at org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.createBeanInstance(AbstractAutowireCapableBeanFactory.java:687)
at org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.createBean(AbstractAutowireCapableBeanFactory.java:388)
at org.springframework.beans.factory.support.AbstractBeanFactory$1.getObject(AbstractBeanFactory.java:250)
at org.springframework.beans.factory.support.DefaultSingletonBeanRegistry.getSingleton(DefaultSingletonBeanRegistry.java:141)
at org.springframework.beans.factory.support.AbstractBeanFactory.getBean(AbstractBeanFactory.java:247)
at org.springframework.beans.factory.support.AbstractBeanFactory.getBean(AbstractBeanFactory.java:161)
at org.springframework.beans.factory.support.BeanDefinitionValueResolver.resolveReference(BeanDefinitionValueResolver.java:245)
at org.springframework.beans.factory.support.BeanDefinitionValueResolver.resolveValueIfNecessary(BeanDefinitionValueResolver.java:124)
at org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.applyPropertyValues(AbstractAutowireCapableBeanFactory.java:1019)
at org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.populateBean(AbstractAutowireCapableBeanFactory.java:809)
at org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.createBean(AbstractAutowireCapableBeanFactory.java:425)
at org.springframework.beans.factory.support.AbstractBeanFactory$1.getObject(AbstractBeanFactory.java:250)
at org.springframework.beans.factory.support.DefaultSingletonBeanRegistry.getSingleton(DefaultSingletonBeanRegistry.java:141)
at org.springframework.beans.factory.support.AbstractBeanFactory.getBean(AbstractBeanFactory.java:247)
at org.springframework.beans.factory.support.AbstractBeanFactory.getBean(AbstractBeanFactory.java:161)
at org.springframework.beans.factory.support.DefaultListableBeanFactory.preInstantiateSingletons(DefaultListableBeanFactory.java:273)
at org.springframework.context.support.AbstractApplicationContext.refresh(AbstractApplicationContext.java:346)
at org.springframework.web.context.support.AbstractRefreshableWebApplicationContext.refresh(AbstractRefreshableWebApplicationContext.java:156)
at org.springframework.web.context.ContextLoader.createWebApplicationContext(ContextLoader.java:246)
at org.springframework.web.context.ContextLoader.initWebApplicationContext(ContextLoader.java:184)
at org.springframework.web.context.ContextLoaderListener.contextInitialized(ContextLoaderListener.java:49)
at org.apache.catalina.core.StandardContext.listenerStart(StandardContext.java:3763)
at org.apache.catalina.core.StandardContext.start(StandardContext.java:4211)
at org.apache.catalina.core.ContainerBase.addChildInternal(ContainerBase.java:759)
at org.apache.catalina.core.ContainerBase.access$0(ContainerBase.java:743)
at org.apache.catalina.core.ContainerBase$PrivilegedAddChild.run(ContainerBase.java:143)
at java.security.AccessController.doPrivileged(Native Method)
at org.apache.catalina.core.ContainerBase.addChild(ContainerBase.java:737)
at org.apache.catalina.core.StandardHost.addChild(StandardHost.java:524)
at org.apache.catalina.startup.HostConfig.deployWAR(HostConfig.java:809)
at org.apache.catalina.startup.HostConfig.deployWARs(HostConfig.java:698)
at org.apache.catalina.startup.HostConfig.deployApps(HostConfig.java:472)
at org.apache.catalina.startup.HostConfig.start(HostConfig.java:1122)
at org.apache.catalina.startup.HostConfig.lifecycleEvent(HostConfig.java:310)
at org.apache.catalina.util.LifecycleSupport.fireLifecycleEvent(LifecycleSupport.java:119)
at org.apache.catalina.core.ContainerBase.start(ContainerBase.java:1021)
at org.apache.catalina.core.StandardHost.start(StandardHost.java:718)
at org.apache.catalina.core.ContainerBase.start(ContainerBase.java:1013)
at org.apache.catalina.core.StandardEngine.start(StandardEngine.java:442)
at org.apache.catalina.core.StandardService.start(StandardService.java:450)
at org.apache.catalina.core.StandardServer.start(StandardServer.java:709)
at org.apache.catalina.startup.Catalina.start(Catalina.java:551)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
at java.lang.reflect.Method.invoke(Method.java:585)
at org.apache.catalina.startup.Bootstrap.start(Bootstrap.java:294)
at org.apache.catalina.startup.Bootstrap.main(Bootstrap.java:432)
May 11, 2007 6:52:47 PM org.apache.catalina.core.StandardContext start
SEVERE: Error listenerStart
May 11, 2007 6:52:47 PM org.apache.catalina.core.StandardContext start
SEVERE: Context [/subsonic] startup failed due to previous errors
May 11, 2007 6:52:50 PM org.apache.coyote.http11.Http11BaseProtocol start
INFO: Starting Coyote HTTP/1.1 on http-8180
May 11, 2007 6:52:50 PM org.apache.jk.common.ChannelSocket init
INFO: JK: ajp13 listening on /0.0.0.0:8009
May 11, 2007 6:52:50 PM org.apache.jk.server.JkMain start
INFO: Jk running ID=0 time=1/306 config=null
May 11, 2007 6:52:50 PM org.apache.catalina.storeconfig.StoreLoader load
INFO: Find registry server-registry.xml at classpath resource
May 11, 2007 6:52:51 PM org.apache.catalina.startup.Catalina start
INFO: Server startup in 15080 ms




In /etc/default/tomcat5.5 I have the following options set:
TOMCAT5_USER=tomcat55
JAVA_HOME=/usr/lib/jvm/java-1.5.0-sun-1.5.0.10
CATALINA_BASE=/var/lib/tomcat5.5
CATALINA_OPTS="-Djava.awt.headless=true -Xmx512M -server"
TOMCAT5_SECURITY=yes


Any suggestions would be appreciated.
signor
 
Posts: 2
Joined: Fri May 11, 2007 11:49 pm

Return to Help

Who is online

Users browsing this forum: No registered users and 7 guests