Some Eclipse Foundation services are deprecated, or will be soon. Please ensure you've read this important communication.

Bug 344418

Summary: BIRT Viewer WAS Security ERROR
Product: z_Archived Reporter: Vijayts <vijayts>
Component: BIRTAssignee: Birt-ReportViewer <Birt-ReportViewer-inbox>
Status: RESOLVED WORKSFORME QA Contact:
Severity: major    
Priority: P3 CC: bluesoldier, jouyang
Version: 2.6.2   
Target Milestone: 3.7.0   
Hardware: PC   
OS: Windows XP   
Whiteboard:
Attachments:
Description Flags
Stack trace of the execption that occurs during startup none

Description Vijayts CLA 2011-05-02 05:13:13 EDT 
Build Identifier: 2.6.2

On Websphere Application Server , when Java 2 security is enabled the BIRTViewer throws up few errors at the time of startup

[4/4/11 15:49:14:847 BST] 0000000a FfdcProvider W com.ibm.ws.ffdc.impl.FfdcProvider logIncident FFDC1003I: FFDC Incident emitted on /p8880/logs/ffdc/server1_764b764b_11.04.04_15.49.14.8396342556118287165467.txt com.ibm.ws.security.core.SecurityManager 180
[4/4/11 15:49:14:850 BST] 0000000a SecurityManag W SECJ0314W: Current Java 2 Security policy reported a potential violation of Java 2 Security Permission. Refer to the InfoCenter for further information.

Permission:

was.repository.root : Access denied (java.util.PropertyPermission was.repository.root write)

Code:
org.eclipse.osgi.framework.internal.core.FrameworkProperties in {file:/p8880/installedApps/myNode01Cell/BIRTReportViewer.ear/BIRTReportViewer.war/WEB-INF/platform/plugins/org.eclipse.osgi_3.6.1.R36x_v20100806.jar}
The details of the stacktrace are attached.

This issue however seems to go away when the following steps are taken
[/list]In the config.ini of the BIRTViewer add an entry
eclipse.security=null
[/list] Include a was.policy file and provide explicit permission to the BIRTViewer application as java.security.AllPermission

This seems to be more a hack rather than a fix and also having the eclipse.security=null entry does not seem to work in Tomcat .
What are the implications of the above hack? If you can provide some info on any possible side effects , would be greatly helpful

Reproducible: Always

Steps to Reproduce:
1.With BIRT Viewer installed as an ear in Websphere Application Server , enable application security and Java 2 security 
2.Restart the server and the above error should be got at the time of startup
Comment 1 Vijayts CLA 2011-05-02 05:16:57 EDT 
Created attachment 194466 [details]
Stack trace of the execption that occurs during startup

Stack trace
Comment 2 Vijayts CLA 2011-05-02 05:18:30 EDT 
This behaviour is noticed when running on Websphere Application Server V 7.0.13
Comment 3 Xiaoying Gu CLA 2011-05-02 22:07:22 EDT 
Please refer tohttps://bugs.eclipse.org/bugs/show_bug.cgi?id=182161#c32 and
have a try to see if it works for you.
Comment 4 Vijayts CLA 2011-05-03 00:52:54 EDT 
I did try that but still ending up with the same error . As indicated earlier the entry eclipse.security=null in config.ini makes this error go away ..
am not sure if this is a hack or is this a valid fix ..not sure of any sideeffects this solution has .

Let me know if this is a fix .. will provide add documentation in the deployment section ..

Cheers
Vijay
Comment 5 Jun Ouyang CLA 2011-05-08 23:45:25 EDT 
See http://help.eclipse.org/helios/index.jsp?topic=/org.eclipse.platform.doc.isv/reference/misc/runtime-options.html for the eclipse.security option.

Through "eclipse.security=null" is not mentioned in the document, it seems to apply all permission to the whole osgi framework, so you didn't get the error.

This fix is just same as setting "eclipse.security=true" and allowing "java.security.AllPermission" for BIRT application. It's not a hack through you may think it's reasonable to allow detail permissions one by one, however, there are toooo many permissions like you encountered. You will have have to add them into policy file one by one if you don't use AllPermission.