Monday, 24 May 2010

SECJ0314W: Current Java 2 Security policy reported a potential violation of Java 2 Security Permission

Was seeing another weird problem with my WebSphere Portal 6.1.5 cluster, having deployed the Lotus Connections 2.5 portlets, available on the Catalog here: -


When I deployed the portlets to a page, I was getting "This portlet is not available", even though I'd stopped/started the cluster, resynchronised the nodes etc.

Initially, I thought it was related to this earlier problem: -


but, when I checked the SystemOut.log file on one of the two nodes, I saw this: -

[5/21/10 16:08:34:445 BST] 000000b7 SecurityManag W   SECJ0314W: Current Java 2 
Security policy reported a potential violation of Java 2 Security Permission. Please refer to InfoCenter for further information.

Permission:

      suppressAccessChecks : Access denied (java.lang.reflect.ReflectPermission suppressAccessChecks)
Code:

     org.apache.commons.beanutils.MethodUtils  in  {file:/opt/IBM/WebSphere/wp_profile/installedApps/cmwputCell01/PA_WPF.ear/snor.pf.portlets.war/WEB-INF/lib/commons-beanutils.jar}

java.security.AccessControlException: Access denied (java.lang.reflect.ReflectPermission suppressAccessChecks)

[5/21/10 16:08:34:448 BST] 000000b7 MethodUtils   W org.apache.commons.beanutils.MethodUtils getMatchingAccessibleMethod Current Security Manager restricts use of workarounds for reflection bugs  in pre-1.4 JVMs.

Despite being for a completely different product, this Technote: -

Java 2 security warning (SECJ0314W) reported on Business Space


showed me the way to go.

In essence, when I'd enabled security, I'd unwittingly (!) set Java2 security via the Integrated Solutions Console ( via Security -> Secure administration, applications, and infrastructure -> Use Java 2 security to restrict application access to local option ).

Once I un-checked this option, and restarted the cluster, all was well.


2 comments:

Dave Patterson said...

This post was a life saver. I just tripped over exactly the same java2 security problem on websphere. Spent 4 hours scratching my head trying to work out why all our apps were refusing to write to the log file.

Thanks very much.

Dave Hay said...

@Dave - excellent, thanks for letting me know