Loading...

XML

Word

Printable

Details

Type: Bug
Resolution: Done
Priority: Major
Fix Version/s: JWS 3.1.0 DR3
Affects Version/s: JWS 3.1.0 DR2
Component/s: tomcat7, tomcat8
Labels:
None

Release Note Status:
Documented as Known Issue
Target Release:

JWS 3.1.0 GA
Steps to Reproduce:
Hide

Added user into tomcat-users.xml

Update catalina.properties to use vault jar

Generate keystore and config for keystore in vault.properties

Try to access manager app with added user.
Show
Added user into tomcat-users.xml Update catalina.properties to use vault jar Generate keystore and config for keystore in vault.properties Try to access manager app with added user.

SFDC Cases Links:
SFDC Cases Counter:

Description

After configuration of tomcat-vault:

Added user into tomcat-users.xml
Update catalina.properties to use vault jar
Generate keystore and config for keystore in vault.properties

With ibm-jdk 1.7 and 1.8 exception in catalina.out:

org.apache.tomcat.vault.security.vault.SecurityVaultException: java.lang.RuntimeException: PBOX000140: Unable to get keystore (/opt/ews/workspace/vault.keystore)
        at org.apache.tomcat.vault.security.vault.PicketBoxSecurityVault.init(PicketBoxSecurityVault.java:210)
        at org.apache.tomcat.vault.util.PropertySourceVault.init(PropertySourceVault.java:50)
        at org.apache.tomcat.vault.util.PropertySourceVault.<init>(PropertySourceVault.java:32)
        at java.lang.J9VMInternals.newInstanceImpl(Native Method)
        at java.lang.Class.newInstance(Class.java:1899)
        at org.apache.tomcat.util.digester.Digester.<clinit>(Digester.java:108)
        at org.apache.catalina.startup.Catalina.createStartDigester(Catalina.java:268)
        at org.apache.catalina.startup.Catalina.load(Catalina.java:487)
        at org.apache.catalina.startup.Catalina.start(Catalina.java:617)
        at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
        at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:95)
        at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:55)
        at java.lang.reflect.Method.invoke(Method.java:508)
        at org.apache.catalina.startup.Bootstrap.start(Bootstrap.java:351)
        at org.apache.catalina.startup.Bootstrap.main(Bootstrap.java:485)
Caused by: java.lang.RuntimeException: PBOX000140: Unable to get keystore (/opt/ews/workspace/vault.keystore)
        at org.apache.tomcat.vault.security.vault.PicketBoxSecurityVault.getKeyStore(PicketBoxSecurityVault.java:691)
        at org.apache.tomcat.vault.security.vault.PicketBoxSecurityVault.init(PicketBoxSecurityVault.java:205)
        ... 14 more
Caused by: java.io.IOException: com.sun.crypto.provider.SealedObjectForKeyProtector
        at com.ibm.crypto.provider.JceKeyStore.engineLoad(Unknown Source)
        at java.security.KeyStore.load(KeyStore.java:1456)
        at org.apache.tomcat.vault.util.KeyStoreUtil.getKeyStore(KeyStoreUtil.java:201)
        at org.apache.tomcat.vault.util.KeyStoreUtil.getKeyStore(KeyStoreUtil.java:151)
        at org.apache.tomcat.vault.security.vault.PicketBoxSecurityVault.getKeyStore(PicketBoxSecurityVault.java:688)
        ... 15 more

And login into manager app gets 401 Unauthorized response. Same configuration and test works with openjdk.

Attachments

Activity

People

Assignee:: Coty Sutherland

Reporter:: Filip Goldefus (Inactive)

Tester:: Filip Goldefus (Inactive)

Votes:: 0 Vote for this issue

Watchers:: 3 Start watching this issue

Dates

Created:: 2016/09/07 8:05 AM

Updated:: 2021/10/24 6:38 AM

Resolved:: 2016/09/09 11:34 AM