2

I'm trying to configure the Java Security Manager to protect WebLogic Resources, but when I start the WL, I get an error:

<Server subsystem failed. Reason: java.lang.ExceptionInInitializerError  
java.lang.ExceptionInInitializerError  
  at com.rsa.cryptoj.c.pi.<clinit>(Unknown Source)  
  at com.rsa.jsafe.CryptoJ.isFIPS140Compliant(Unknown Source)  
  at weblogic.security.internal.encryption.JSafeEncryptionServiceImpl.getNonFIPS140Ctx(JSafeEncryptionServiceImpl.java:497)  
  at weblogic.security.internal.encryption.JSafeEncryptionServiceImpl.getSymmetricCipher(JSafeEncryptionServiceImpl.java:487)  
  at weblogic.security.internal.encryption.JSafeSecretKeyEncryptor.decryptSecretKey(JSafeSecretKeyEncryptor.java:89)  
  at weblogic.security.internal.encryption.JSafeEncryptionServiceImpl.createCiphers(JSafeEncryptionServiceImpl.java:398)  
  at weblogic.security.internal.encryption.JSafeEncryptionServiceImpl.create3DESKeyContext(JSafeEncryptionServiceImpl.java:362)  
  at weblogic.security.internal.encryption.JSafeEncryptionServiceImpl.<init>(JSafeEncryptionServiceImpl.java:334)  
  at weblogic.security.internal.encryption.JSafeEncryptionServiceFactory.getEncryptionService(JSafeEncryptionServiceFactory.java:48)  
  at weblogic.security.internal.SerializedSystemIni.getEncryptionService(SerializedSystemIni.java:293)  
  at weblogic.security.internal.SerializedSystemIni.getEncryptionService(SerializedSystemIni.java:340)  
  at weblogic.security.internal.BootProperties.initialize(BootProperties.java:530)  
  at weblogic.security.internal.BootProperties.<init>(BootProperties.java:448)  
  at weblogic.security.internal.BootProperties.load(BootProperties.java:220)  
  at weblogic.security.internal.ServerAuthenticate.main(ServerAuthenticate.java:86)  
  at weblogic.management.provider.PropertyService.initializeSecurityProperties(PropertyService.java:254)  
  at weblogic.management.provider.internal.RuntimeAccessService.start(RuntimeAccessService.java:48)  
  at weblogic.t3.srvr.ServerServicesManager.startService(ServerServicesManager.java:461)  
  at weblogic.t3.srvr.ServerServicesManager.startInStandbyState(ServerServicesManager.java:166)  
  at weblogic.t3.srvr.T3Srvr.initializeStandby(T3Srvr.java:881)  
  at weblogic.t3.srvr.T3Srvr.startup(T3Srvr.java:568)  
  at weblogic.t3.srvr.T3Srvr.run(T3Srvr.java:469)  
  at weblogic.Server.main(Server.java:71)

AccessControlException : access denied

Caused By: java.security.AccessControlException: access denied ("java.security.SecurityPermission" "getProperty.com.rsa.cryptoj.jsafe.fips140initialmode")  
  at java.security.AccessControlContext.checkPermission(AccessControlContext.java:372)  
  at java.security.AccessController.checkPermission(AccessController.java:559)  
  at java.lang.SecurityManager.checkPermission(SecurityManager.java:549)  
  at java.security.Security.getProperty(Security.java:761)  
  at com.rsa.cryptoj.c.ip.l(Unknown Source)  
  at com.rsa.cryptoj.c.ip.<clinit>(Unknown Source)  
  at com.rsa.cryptoj.c.pi.<clinit>(Unknown Source)  
  at com.rsa.jsafe.CryptoJ.isFIPS140Compliant(Unknown Source)  
  at weblogic.security.internal.encryption.JSafeEncryptionServiceImpl.getNonFIPS140Ctx(JSafeEncryptionServiceImpl.java:497)  
  at weblogic.security.internal.encryption.JSafeEncryptionServiceImpl.getSymmetricCipher(JSafeEncryptionServiceImpl.java:487)  
  at weblogic.security.internal.encryption.JSafeSecretKeyEncryptor.decryptSecretKey(JSafeSecretKeyEncryptor.java:89)  
  at weblogic.security.internal.encryption.JSafeEncryptionServiceImpl.createCiphers(JSafeEncryptionServiceImpl.java:398)  
  at weblogic.security.internal.encryption.JSafeEncryptionServiceImpl.create3DESKeyContext(JSafeEncryptionServiceImpl.java:362)  
  at weblogic.security.internal.encryption.JSafeEncryptionServiceImpl.<init>(JSafeEncryptionServiceImpl.java:334)  
  at weblogic.security.internal.encryption.JSafeEncryptionServiceFactory.getEncryptionService(JSafeEncryptionServiceFactory.java:48)  
  at weblogic.security.internal.SerializedSystemIni.getEncryptionService(SerializedSystemIni.java:293)  
  at weblogic.security.internal.SerializedSystemIni.getEncryptionService(SerializedSystemIni.java:340)  
  at weblogic.security.internal.BootProperties.initialize(BootProperties.java:530)  
  at weblogic.security.internal.BootProperties.<init>(BootProperties.java:448)  
  at weblogic.security.internal.BootProperties.load(BootProperties.java:220)  
  at weblogic.security.internal.ServerAuthenticate.main(ServerAuthenticate.java:86)  
  at weblogic.management.provider.PropertyService.initializeSecurityProperties(PropertyService.java:254)  
  at weblogic.management.provider.internal.RuntimeAccessService.start(RuntimeAccessService.java:48)  
  at weblogic.t3.srvr.ServerServicesManager.startService(ServerServicesManager.java:461)  
  at weblogic.t3.srvr.ServerServicesManager.startInStandbyState(ServerServicesManager.java:166)  
  at weblogic.t3.srvr.T3Srvr.initializeStandby(T3Srvr.java:881)  
  at weblogic.t3.srvr.T3Srvr.startup(T3Srvr.java:568)  
  at weblogic.t3.srvr.T3Srvr.run(T3Srvr.java:469)  
  at weblogic.Server.main(Server.java:71)

My weblogic.policy include:

grant {  
  permission java.util.PropertyPermission "*", "read,write";   
  permission java.lang.RuntimePermission "*";   
  permission java.io.FilePermission "<<ALL FILES>>", "read,write,delete";   
  permission javax.management.MBeanPermission "*", "*";  

  permission java.security.SecurityPermission "getProperty.com.rsa.cryptoj.jsafe.fips140initialmode", "";  
};

+ all, that I get by using Printing Security Manager. What I'm doing wrong ?

Tamara Koliada
  • 1,200
  • 2
  • 14
  • 31
AbrakadabrA
  • 21
  • 2

0 Answers0