signer information in fs-access.jar und personalisation.jar
Author: kannengi
Publication Date: 9/22/2015 14:51
Hallo community,
ich versuche, gerade einen erfolgreichen Login mit Dynamic Personalization zustande zu bringen.
Login-Modul ist Request Parameter Login, Authentifizierung ORMapper gegen eine FS-Datenquelle.
Das ganze auf dem Web-Server (Tomcat 7.0).
Leider bekomme ich beim Abschicken der Login-Daten eine Exception
Sep 22, 2015 3:26:19 PM org.apache.catalina.core.StandardWrapperValve invoke
Schwerwiegend: Servlet.service() for servlet [fsp-LoginServlet] in context with path [/intranet] threw exception
java.lang.SecurityException: class "de.espirit.common.io.ServletUtil"'s signer information does not match signer information of other classes in the same package
at java.lang.ClassLoader.checkCerts(ClassLoader.java:952)
at java.lang.ClassLoader.preDefineClass(ClassLoader.java:666)
at java.lang.ClassLoader.defineClass(ClassLoader.java:794)
at java.security.SecureClassLoader.defineClass(SecureClassLoader.java:142)
at org.apache.catalina.loader.WebappClassLoader.findClassInternal(WebappClassLoader.java:2957)
at org.apache.catalina.loader.WebappClassLoader.findClass(WebappClassLoader.java:1210)
at org.apache.catalina.loader.WebappClassLoader.loadClass(WebappClassLoader.java:1690)
at org.apache.catalina.loader.WebappClassLoader.loadClass(WebappClassLoader.java:1571)
at de.espirit.firstspirit.opt.personalisation.servlets.LoginServlet.doPost(LoginServlet.java:84)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:646)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:727)
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:303)
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:208)
at org.apache.tomcat.websocket.server.WsFilter.doFilter(WsFilter.java:52)
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:241)
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:208)
at com.relounge.badenova.filter.Utf8Filter.doFilter(Utf8Filter.java:21)
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:241)
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:208)
at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:220)
at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:122)
at org.apache.catalina.authenticator.AuthenticatorBase.invoke(AuthenticatorBase.java:501)
at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:170)
at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:98)
at org.apache.catalina.valves.AccessLogValve.invoke(AccessLogValve.java:950)
at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:116)
at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:408)
at org.apache.coyote.http11.AbstractHttp11Processor.process(AbstractHttp11Processor.java:1040)
at org.apache.coyote.AbstractProtocol$AbstractConnectionHandler.process(AbstractProtocol.java:607)
at org.apache.tomcat.util.net.AprEndpoint$SocketProcessor.doRun(AprEndpoint.java:2441)
at org.apache.tomcat.util.net.AprEndpoint$SocketProcessor.run(AprEndpoint.java:2430)
at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1145)
at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:615)
at java.lang.Thread.run(Thread.java:745)
Das server.log zeigt auch schon beim Serverstart ähnliche Exceptions:
Sep 22, 2015 3:25:25 PM org.apache.catalina.core.ApplicationContext log
Schwerwiegend: fsi-InitSchemata: couldn't initialize integration module!
de.espirit.or.ORException: java.lang.SecurityException: class "de.espirit.common.PropertiesUtil"'s signer information does not match signer information of other classes in the same package
at de.espirit.or.impl.web.SessionManagerImpl.createSessionHandler(SessionManagerImpl.java:147)
at de.espirit.or.impl.web.SessionManagerImpl.register(SessionManagerImpl.java:90)
at de.espirit.or.web.InitServlet.analyzeSchemataConfiguration(InitServlet.java:126)
at de.espirit.or.web.InitServlet.init(InitServlet.java:85)
at javax.servlet.GenericServlet.init(GenericServlet.java:158)
at org.apache.catalina.core.StandardWrapper.initServlet(StandardWrapper.java:1284)
at org.apache.catalina.core.StandardWrapper.loadServlet(StandardWrapper.java:1197)
at org.apache.catalina.core.StandardWrapper.load(StandardWrapper.java:1087)
at org.apache.catalina.core.StandardContext.loadOnStartup(StandardContext.java:5210)
at org.apache.catalina.core.StandardContext.startInternal(StandardContext.java:5493)
at org.apache.catalina.util.LifecycleBase.start(LifecycleBase.java:150)
at org.apache.catalina.core.StandardContext.reload(StandardContext.java:3988)
at org.apache.catalina.startup.HostConfig.reload(HostConfig.java:1459)
at org.apache.catalina.startup.HostConfig.checkResources(HostConfig.java:1442)
at org.apache.catalina.startup.HostConfig.check(HostConfig.java:1626)
at org.apache.catalina.startup.HostConfig.lifecycleEvent(HostConfig.java:328)
at org.apache.catalina.util.LifecycleSupport.fireLifecycleEvent(LifecycleSupport.java:117)
at org.apache.catalina.util.LifecycleBase.fireLifecycleEvent(LifecycleBase.java:90)
at org.apache.catalina.core.ContainerBase.backgroundProcess(ContainerBase.java:1374)
at org.apache.catalina.core.ContainerBase$ContainerBackgroundProcessor.processChildren(ContainerBase.java:1530)
at org.apache.catalina.core.ContainerBase$ContainerBackgroundProcessor.processChildren(ContainerBase.java:1540)
at org.apache.catalina.core.ContainerBase$ContainerBackgroundProcessor.run(ContainerBase.java:1519)
at java.lang.Thread.run(Thread.java:745)
Caused by: java.lang.SecurityException: class "de.espirit.common.PropertiesUtil"'s signer information does not match signer information of other classes in the same package
at java.lang.ClassLoader.checkCerts(ClassLoader.java:952)
at java.lang.ClassLoader.preDefineClass(ClassLoader.java:666)
at java.lang.ClassLoader.defineClass(ClassLoader.java:794)
at java.security.SecureClassLoader.defineClass(SecureClassLoader.java:142)
at org.apache.catalina.loader.WebappClassLoader.findClassInternal(WebappClassLoader.java:2957)
at org.apache.catalina.loader.WebappClassLoader.findClass(WebappClassLoader.java:1210)
at org.apache.catalina.loader.WebappClassLoader.loadClass(WebappClassLoader.java:1690)
at org.apache.catalina.loader.WebappClassLoader.loadClass(WebappClassLoader.java:1571)
at de.espirit.or.impl.generic.GenericLayer.init(GenericLayer.java:53)
at de.espirit.or.impl.web.SessionManagerImpl.createSessionHandler(SessionManagerImpl.java:134)
... 22 more
Wenn ich den Tomcat classpath analysiere (WEB-INF/lib), dann sind die betreffenden Klassen tatsächliche alle zweimal vorhanden, nämlich im fs-access.jar und personalisation.jar.
Die fs-access.jar ist Version 5.1.414.67329 (Manifest) und die personalisation.jar 5.1.414.67315 (ServerManager -> Module).
Habe ich hier irgendetwas falsch gemacht? Ich habe es auch schon mit 5.1.507 probiert - gleicher Fehler.
Oder sollte ich irgendwie die Validierung der signierten jars ausschalten??
Danke für einen Tip!!
Gruß,
Benny Kannengießer
// re-lounge.com
Tags: fs-access, personalisierung, signaturen, tomcat
-
Author: kannengi - 9/25/2015 10:38
OK,
nur zur Info, ich konnte die Sache aufklären - ein altes crc.jar lag da auch noch im classpath.
Im crc.jar werden zwar nicht Klassen aus dem personalisation.jar dupliziert, aber die Packages (mit Klassen darin) überlappen sich. Dann müssen sie mit dem gleichen Zertifikat signiert sein, was sie wohl nicht waren
Gruß,
Benny Kannengießer
// re-lounge
0
Please sign in to leave a comment.
Comments
1 comment