SecurityConstraint.class not found Tomcat 8.0.30 - tomcat8

I am trying to upgrade my application server from Tomcat 6 to Tomcat 8, which is using cutom realm. After changing the server.xml file to point to our custom realm started getting exception :-
at org.apache.catalina.startup.Bootstrap.main(Bootstrap.java:485)
Caused by: java.lang.NoClassDefFoundError: org.apache.catalina.deploy.SecurityConstraint
at java.lang.Class.getMethods(Class.java:1357)
at org.apache.tomcat.util.modeler.modules.MbeansDescriptorsIntrospectionSource.createManagedBean(MbeansDescriptorsIntrospectionSource.java:297)
at org.apache.tomcat.util.modeler.modules.MbeansDescriptorsIntrospectionSource.execute(MbeansDescriptorsIntrospectionSource.java:77)
at org.apache.tomcat.util.modeler.modules.MbeansDescriptorsIntrospectionSource.loadDescriptors(MbeansDescriptorsIntrospectionSource.java:70)
at org.apache.tomcat.util.modeler.Registry.load(Registry.java:582)
at org.apache.tomcat.util.modeler.Registry.findManagedBean(Registry.java:485)
at org.apache.tomcat.util.modeler.Registry.registerComponent(Registry.java:614)
at org.apache.catalina.util.LifecycleMBeanBase.register(LifecycleMBeanBase.java:161)
at org.apache.catalina.util.LifecycleMBeanBase.initInternal(LifecycleMBeanBase.java:61)
at org.apache.catalina.realm.RealmBase.initInternal(RealmBase.java:1214)
at org.apache.catalina.util.LifecycleBase.init(LifecycleBase.java:102)
... 18 more
Caused by: java.lang.ClassNotFoundException: org.apache.catalina.deploy.SecurityConstraint
at java.net.URLClassLoader.findClass(URLClassLoader.java:607)
at java.lang.ClassLoader.loadClassHelper(ClassLoader.java:844)
at java.lang.ClassLoader.loadClass(ClassLoader.java:823)
at java.lang.ClassLoader.loadClass(ClassLoader.java:803)
at java.lang.Class.getVirtualMethodsImpl(Native Method)
Tried checking the catalian.jar in TOMCAT/lib, when extracted I could not find the SecurityConstraint.class.
Any idea
1)why is it not there
2) how to fix this issue . so that we can deploy the application.

SecurityConstraint class has moved to org.apache.tomcat.embed:tomcat-embed-core

The other answer mentions that SecurityConstraint was moved, but it mentions that it was moved to a location thats only relevant to the embedded version of Tomcat. For the regular version of tomcat 8, the class was moved to
org.apache.tomcat.util.descriptor.web.SecurityConstraint
inside tomcat-util-scan.jar

Related

weblogic errors in wls EncryptionServiceException: com.rsa.jsafe.JSAFE_PaddingException: Invalid padding

sorry for the delay.
to update to the question:
weblogic version is 12c. our installs are a bit different as we do not manually create a domain. we used a piece of software called maintenix that gets installed on top of the weblogic base install and it creates a domain the app runs under admin server
thank you
Hi everybody I am trying to decrypt the login and password for my WebLogic console
So I researched and seems this should work but i get the error below:
here are more details:
[webmstr#Ready4Use Oracle_Home]$ cd oracle_common/common/bin/
[webmstr#Ready4Use bin]$ ./wlst.sh
Initializing WebLogic Scripting Tool (WLST) ...
Welcome to WebLogic Server Administration Scripting Shell
Type help() for help on available commands
wls:/offline> domain = "/webapps/maint/maint35_install/domain/"
wls:/offline> service = weblogic.security.internal.SerializedSystemIni.getEncryptionService(domain)
wls:/offline> encryption = weblogic.security.internal.encryption.ClearOrEncryptedService(service)
wls:/offline> print encryption.decrypt("{AES}WDhZb5/IP95P4eM8jwYITiZs01kawSeliV59aFog1jE=")
Traceback (innermost last):
File "<console>", line 1, in ?
at weblogic.security.internal.encryption.JSafeEncryptionServiceImpl.decryptBytes(JSafeEncryptionServiceImpl.java:144)
at weblogic.security.internal.encryption.JSafeEncryptionServiceImpl.decryptString(JSafeEncryptionServiceImpl.java:192)
at weblogic.security.internal.encryption.ClearOrEncryptedService.decrypt(ClearOrEncryptedService.java:99)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
at java.lang.reflect.Method.invoke(Method.java:498)
weblogic.security.internal.encryption.EncryptionServiceException: weblogic.security.internal.encryption.EncryptionServiceException: com.rsa.jsafe.JSAFE_PaddingException: Invalid padding.
I am suspecting some env item is not set properly but for the life of me I cannot see it (I did run setDomainEnv.sh before hand.

How to use Windows Certificate Store with Jetty?

I'm trying to use the Windows Certificate Store from Jetty for HTTPS communication.
After setting up a web-application on client site, it should be easier for the client to update an expired certificate in the Windows Certificate Store than having to create or update a keyStore file.
This is what I've done:
Download the latest version 9.4.26 from https://www.eclipse.org/jetty/download.html
Added the following lines in start.ini:
jetty.ssl.port=443
jetty.sslContext.keyStoreType=Windows-MY
Run as:
"jre\bin\java" -jar start.jar --module=https,deploy
And this is the error I get:
java.lang.reflect.InvocationTargetException
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
at java.lang.reflect.Method.invoke(Method.java:498)
at org.eclipse.jetty.start.Main.invokeMain(Main.java:218)
at org.eclipse.jetty.start.Main.start(Main.java:491)
at org.eclipse.jetty.start.Main.main(Main.java:77)
Caused by: java.lang.IllegalStateException: no valid keystore
at org.eclipse.jetty.util.security.CertificateUtils.getKeyStore(CertificateUtils.java:50)
at org.eclipse.jetty.util.ssl.SslContextFactory.loadKeyStore(SslContextFactory.java:1188)
at org.eclipse.jetty.util.ssl.SslContextFactory.load(SslContextFactory.java:323)
at org.eclipse.jetty.util.ssl.SslContextFactory.doStart(SslContextFactory.java:245)
at org.eclipse.jetty.util.component.AbstractLifeCycle.start(AbstractLifeCycle.java:72)
at org.eclipse.jetty.util.component.ContainerLifeCycle.start(ContainerLifeCycle.java:169)
at org.eclipse.jetty.util.component.ContainerLifeCycle.doStart(ContainerLifeCycle.java:117)
at org.eclipse.jetty.server.SslConnectionFactory.doStart(SslConnectionFactory.java:92)
at org.eclipse.jetty.util.component.AbstractLifeCycle.start(AbstractLifeCycle.java:72)
at org.eclipse.jetty.util.component.ContainerLifeCycle.start(ContainerLifeCycle.java:169)
at org.eclipse.jetty.util.component.ContainerLifeCycle.doStart(ContainerLifeCycle.java:117)
at org.eclipse.jetty.server.AbstractConnector.doStart(AbstractConnector.java:320)
at org.eclipse.jetty.server.AbstractNetworkConnector.doStart(AbstractNetworkConnector.java:81)
at org.eclipse.jetty.server.ServerConnector.doStart(ServerConnector.java:231)
at org.eclipse.jetty.util.component.AbstractLifeCycle.start(AbstractLifeCycle.java:72)
at org.eclipse.jetty.server.Server.doStart(Server.java:385)
at org.eclipse.jetty.util.component.AbstractLifeCycle.start(AbstractLifeCycle.java:72)
at org.eclipse.jetty.xml.XmlConfiguration.lambda$main$0(XmlConfiguration.java:1888)
at java.security.AccessController.doPrivileged(Native Method)
at org.eclipse.jetty.xml.XmlConfiguration.main(XmlConfiguration.java:1837)
... 7 more
I also tried to add or change lines, same result:
jetty.sslContext.keyStoreType=Windows-MY
jetty.sslContext.trustStoreType=Windows-ROOT
-
jetty.sslContext.keyStoreType=Windows-ROOT
-
jetty.sslContext.keyStoreType=Windows-MY
jetty.sslContext.trustStoreType=Windows-ROOT
jetty.sslContext.keyStorePath=NONE
jetty.sslContext.trustStorePath=NONE
If you see the source code of Jetty, they expect some file system resource to be passed as keystore and truststore path. The following exception would come when keystore or truststore patch does not exist:
Caused by: java.lang.IllegalStateException: no valid keystore
at rg.eclipse.jetty.util.security.CertificateUtils.getKeyStore(CertificateUtils.java:50)
However there is a trick to load Windows store. You can specify:
jetty.sslContext.keyStoreType=Windows-MY (or Windows-ROOT)
and for jetty.sslContext.keyStorePath, you can specify any dummy file path which exists on the file system (you can even create an empty txt file and give its path!). In this case, Windows Store would be loaded and the jetty side resource validation would also pass.
FYI, when you provide keystore type as Windows-MY or Windows-ROOT, it would simply ignore any file input stream (if passed) while loading the keystore. Ultimately only one keystore is loaded, i.e. Windows Store.

Failure on installing S3 connector for AEM 6.3

I am trying to connect S3 data store following this instructions. I am getting exact error described in this SOF question.
Steps:
Created a vanilla AEM 6.3 instance and able to upload images to DAM
Downloaded S3 connector and copied all .jar files into crx-quickstart/install folder
Copied org.apache.jackrabbit.oak.segment.SegmentNodeStoreService.config file and set customBlobStore=B"true"
Copied org.apache.jackrabbit.oak.plugins.blob.datastore.S3DataStore.config file and looks like this:
accessKey="scribed" connectionTimeout="120000" maxConnections="40" maxErrorRetry="10" s3Bucket="myproj-s3bucket" s3Region="ap-southeast-1" s3EndPoint="https://scribed.signin.aws.amazon.com/console" secretKey="scribed" socketTimeout="120000" writeThreads="30" cacheSize="16GB" cachePurgeTrigFactory="1"
(have scribed the key and secret)
When I restart my AEM none of consoles start. It throws
HTTP ERROR: 503 Problem accessing /. Reason: AuthenticationSupport service missing. Cannot authenticate request.
This is the exception trace:
15.05.2017 07:42:56.156 *INFO* [FelixStartLevel] org.apache.jackrabbit.oak.blob.cloud.s3.Utils Configuring Amazon Client from property file.
15.05.2017 07:42:59.401 *INFO* [FelixStartLevel] org.apache.jackrabbit.oak.blob.cloud.s3.Utils S3 service endpoint [https://170564245278.signin.aws.amazon.com/console]
15.05.2017 07:43:04.292 *ERROR* [FelixStartLevel] org.apache.jackrabbit.oak-blob-cloud [org.apache.jackrabbit.oak.plugins.blob.datastore.S3DataStore(2946)] The activate method has thrown an exception (java.lang.NullPointerException: null value in entry: component.id=null) java.lang.NullPointerException: null value in entry: component.id=null at com.google.common.collect.CollectPreconditions.checkEntryNotNull(CollectPreconditions.java:33) at com.google.common.collect.ImmutableMap.entryOf(ImmutableMap.java:135) at com.google.common.collect.ImmutableMap$Builder.put(ImmutableMap.java:206) at com.google.common.collect.Maps.fromProperties(Maps.java:1187) at org.apache.jackrabbit.oak.blob.cloud.s3.S3Backend.init(S3Backend.java:166) at org.apache.jackrabbit.oak.plugins.blob.AbstractSharedCachingDataStore.init(AbstractSharedCachingDataStore.java:163) at org.apache.jackrabbit.oak.plugins.blob.datastore.AbstractDataStoreService.activate(AbstractDataStoreService.java:87) at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62) at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43) at java.lang.reflect.Method.invoke(Method.java:498) at org.apache.felix.scr.impl.inject.BaseMethod.invokeMethod(BaseMethod.java:224) at org.apache.felix.scr.impl.inject.BaseMethod.access$500(BaseMethod.java:39) at org.apache.felix.scr.impl.inject.BaseMethod$Resolved.invoke(BaseMethod.java:617) at org.apache.felix.scr.impl.inject.BaseMethod.invoke(BaseMethod.java:501) at org.apache.felix.scr.impl.inject.ActivateMethod.invoke(ActivateMethod.java:302) at org.apache.felix.scr.impl.inject.ActivateMethod.invoke(ActivateMethod.java:294) at org.apache.felix.scr.impl.manager.SingleComponentManager.createImplementationObject(SingleComponentManager.java:298) at org.apache.felix.scr.impl.manager.SingleComponentManager.createComponent(SingleComponentManager.java:109) at org.apache.felix.scr.impl.manager.SingleComponentManager.getService(SingleComponentManager.java:906) at org.apache.felix.scr.impl.manager.SingleComponentManager.getServiceInternal(SingleComponentManager.java:879) at org.apache.felix.scr.impl.manager.AbstractComponentManager.activateInternal(AbstractComponentManager.java:749) at org.apache.felix.scr.impl.manager.AbstractComponentManager.enableInternal(AbstractComponentManager.java:675) at org.apache.felix.scr.impl.manager.AbstractComponentManager.enable(AbstractComponentManager.java:430) at org.apache.felix.scr.impl.manager.ConfigurableComponentHolder.enableComponents(ConfigurableComponentHolder.java:657) at org.apache.felix.scr.impl.BundleComponentActivator.initialEnable(BundleComponentActivator.java:341) at org.apache.felix.scr.impl.Activator.loadComponents(Activator.java:390) at org.apache.felix.scr.impl.Activator.access$200(Activator.java:54) at org.apache.felix.scr.impl.Activator$ScrExtension.start(Activator.java:265) at org.apache.felix.utils.extender.AbstractExtender.createExtension(AbstractExtender.java:259) at org.apache.felix.utils.extender.AbstractExtender.modifiedBundle(AbstractExtender.java:232) at org.osgi.util.tracker.BundleTracker$Tracked.customizerModified(BundleTracker.java:482) at org.osgi.util.tracker.BundleTracker$Tracked.customizerModified(BundleTracker.java:415) at org.osgi.util.tracker.AbstractTracked.track(AbstractTracked.java:232) at org.osgi.util.tracker.BundleTracker$Tracked.bundleChanged(BundleTracker.java:444) at org.apache.felix.framework.util.EventDispatcher.invokeBundleListenerCallback(EventDispatcher.java:916) at org.apache.felix.framework.util.EventDispatcher.fireEventImmediately(EventDispatcher.java:835) at org.apache.felix.framework.util.EventDispatcher.fireBundleEvent(EventDispatcher.java:517) at org.apache.felix.framework.Felix.fireBundleEvent(Felix.java:4542) at org.apache.felix.framework.Felix.startBundle(Felix.java:2173) at org.apache.felix.framework.Felix.setActiveStartLevel(Felix.java:1372) at org.apache.felix.framework.FrameworkStartLevelImpl.run(FrameworkStartLevelImpl.java:308) at java.lang.Thread.run(Thread.java:745)
15.05.2017 07:43:04.308 *INFO* [FelixStartLevel] com.day.cq.cq-compat-codeupgrade BundleEvent RESOLVED
15.05.2017 07:43:04.310 *INFO* [FelixStartLevel] com.day.cq.cq-compat-codeupgrade BundleEvent STARTING
15.05.2017 07:43:04.310 *INFO* [FelixStartLevel] com.day.cq.cq-compat-codeupgrade BundleEvent STARTED
Am I missing any steps or config? Please help out
I got the answer to my question with help of my lead comparing the working config against failed. This parameter was incorrect:
s3EndPoint="https://scribed.signin.aws.amazon.com/console"
This can be blank as the connector will rebuild using s3Region. or it is https://region.aws.amazon.com. Since the error logs were throwing irrelevant errors, I was misguided. Removing this one parameter made difference.
Second observation was, while starting AEM, initially it does throw the error. But eventually it starts up. Need to wait for 3-4 mins. On logs I see connection refused during startup. But on subsequent request once all config is loaded, it is able to connect and upload successfully.

RMI Replication EhCache

I am working on ehcache replication using RMI for the first time. I am not able to get pass through the below error.
The root cause from the below stack trace shows:
Caused by: java.lang.ClassNotFoundException: net.sf.ehcache.distribution.RMICachePeer_Stub (no security manager: RMI class loader disabled)
I am using jdk1.6.0_16 with weblogic 12c and I have already tried below ways but didnt get any success.
Added the ehcache jar to the classpath. set CLASSPATH=%CLASSPATH%;C:\Oracle\Middleware\wlserver_12.1\server\lib\ehcache-2.8.3.jar;
set JAVA_OPTIONS=%JAVA_OPTIONS% -Djava.security.manager -Djava.security.policy==C:/Oracle/Middleware/wlserver_12.1/server/lib/weblogic.policy -Djava.rmi.server.codebase=file:///C:/Oracle/Middleware/wlserver_12.1/server/lib/ehcache-2.8.3.jar
set the System.setSecurityManager(new RMISecurityManager()) on the application startup.
Any help is appreciated.
Caused by: org.hibernate.cache.CacheException: net.sf.ehcache.CacheException: Problem starting listener for RMICachePeer //localhost:40001/com.wipro.dms.digi.domain.Location. Initial cause was
RemoteException occurred in server thread; nested exception is:
java.rmi.UnmarshalException: error unmarshalling arguments; nested exception is:
java.lang.ClassNotFoundException: net.sf.ehcache.distribution.RMICachePeer_Stub (no security manager: RMI class loader disabled)

Using JMeter + Maven with https protocol

I have been trying hard to make https request work with JMeter+Maven.
Whole Scenarios is - Lauch app URL > login to app (this is https) > on Home page (this is http)
I recorded these tests using HTTP Proxy of JMeter. And then as specified here changed the "HTTP request protocol" of sampler to "https"
Now when I execute the test form Maven I encounter following exception JMeter log -
2010/09/08 16:25:38 ERROR - jmeter.util.JsseSSLManager: Exception occurred java.lang.NullPointerException
at org.apache.jmeter.util.SSLManager.getKeyStore(SSLManager.java:132)
at org.apache.jmeter.util.JsseSSLManager.getContext(JsseSSLManager.java:141)
at org.apache.jmeter.util.JsseSSLManager.<init>(JsseSSLManager.java:88)
at sun.reflect.NativeConstructorAccessorImpl.newInstance0(Native Method)
at sun.reflect.NativeConstructorAccessorImpl.newInstance(NativeConstructorAccessorImpl.java:39)
at sun.reflect.DelegatingConstructorAccessorImpl.newInstance(DelegatingConstructorAccessorImpl.java:27)
at java.lang.reflect.Constructor.newInstance(Constructor.java:513)
at org.apache.jmeter.util.SSLManager.getInstance(SSLManager.java:231)
at org.apache.jmeter.protocol.http.sampler.HTTPSampler.setupConnection(HTTPSampler.java:148)
at org.apache.jmeter.protocol.http.sampler.HTTPSampler.sample(HTTPSampler.java:404)
at org.apache.jmeter.protocol.http.sampler.HTTPSamplerBase.sample(HTTPSamplerBase.java:658)
at org.apache.jmeter.protocol.http.sampler.HTTPSamplerBase.sample(HTTPSamplerBase.java:647)
at org.apache.jmeter.threads.JMeterThread.run(JMeterThread.java:247)
at java.lang.Thread.run(Thread.java:619)
2010/09/08 16:25:38 INFO - jmeter.util.JsseSSLManager: JsseSSLManager installed
2010/09/08 16:25:38 WARN - jmeter.protocol.http.sampler.HTTPSampler: You may have forgotten to set the ssl.provider property in jmeter.properties java.lang.IllegalStateException: SSLContextImpl is not initialized
at com.sun.net.ssl.internal.ssl.SSLContextImpl.engineGetSocketFactory(SSLContextImpl.java:145)
at javax.net.ssl.SSLContext.getSocketFactory(SSLContext.java:260)
at com.sun.net.ssl.SSLContextSpiWrapper.engineGetSocketFactory(SSLSecurity.java:365)
at com.sun.net.ssl.SSLContext.getSocketFactory(SSLContext.java:168)
at org.apache.jmeter.util.JsseSSLManager.setContext(JsseSSLManager.java:101)
at org.apache.jmeter.protocol.http.sampler.HTTPSampler.setupConnection(HTTPSampler.java:160)
at org.apache.jmeter.protocol.http.sampler.HTTPSampler.sample(HTTPSampler.java:404)
at org.apache.jmeter.protocol.http.sampler.HTTPSamplerBase.sample(HTTPSamplerBase.java:658)
at org.apache.jmeter.protocol.http.sampler.HTTPSamplerBase.sample(HTTPSamplerBase.java:647)
at org.apache.jmeter.threads.JMeterThread.run(JMeterThread.java:247)
at java.lang.Thread.run(Thread.java:619)
One more thing when I execute these tests from JMeter itself then I don't encounter any exception. But invocation of test from with in Maven causes this problem
Have u guys ever been able to execute test successfully on https using JMeter+Maven
Thanks in advance
Tarun K
JMeter group is suggested me to use updated version of "jmeter.jar" instead of the one available from JMeter Maven plugin.... I am going to mark this question as answered and have filed another query in this regard.
Thanks for ur time Black
~ T
Yes jmeter works with https i am able to get through jemter tests with maven and https, try adding the certificate to cacerts pointed by server.xml using keytool