Injecting AuthzClient in quarkus 1.13 an error occured.
#Inject
AuthzClient authzClient;
Caused by: javax.enterprise.inject.spi.DeploymentException: javax.enterprise.inject.UnsatisfiedResolutionException: Unsatisfied dependency for type org.keycloak.authorization.client.AuthzClient and qualifiers [#Default]
- java member: io.github.jithset.services.KeycloakServices#authzClient
- declared on CLASS bean [types=[io.github.jithset.services.KeycloakServices, java.lang.Object], qualifiers=[#Default, #Any], target=io.github.jithset.services.KeycloakServices]
at io.quarkus.arc.processor.BeanDeployment.processErrors(BeanDeployment.java:1081)
at io.quarkus.arc.processor.BeanDeployment.init(BeanDeployment.java:255)
at io.quarkus.arc.processor.BeanProcessor.initialize(BeanProcessor.java:129)
at io.quarkus.arc.deployment.ArcProcessor.validate(ArcProcessor.java:419)
at java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62)
at java.base/jdk.internal.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
at java.base/java.lang.reflect.Method.invoke(Method.java:566)
at io.quarkus.deployment.ExtensionLoader$2.execute(ExtensionLoader.java:920)
at io.quarkus.builder.BuildContext.run(BuildContext.java:277)
at org.jboss.threads.EnhancedQueueExecutor$Task.run(EnhancedQueueExecutor.java:2415)
at org.jboss.threads.EnhancedQueueExecutor$ThreadBody.run(EnhancedQueueExecutor.java:1452)
at java.base/java.lang.Thread.run(Thread.java:829)
at org.jboss.threads.JBossThread.run(JBossThread.java:501)
Caused by: javax.enterprise.inject.UnsatisfiedResolutionException: Unsatisfied dependency for type org.keycloak.authorization.client.AuthzClient and qualifiers [#Default]
- java member: io.github.jithset.services.KeycloakServices#authzClient
- declared on CLASS bean [types=[io.github.jithset.services.KeycloakServices, java.lang.Object], qualifiers=[#Default, #Any], target=io.github.jithset.services.KeycloakServices]
at io.quarkus.arc.processor.Beans.resolveInjectionPoint(Beans.java:484)
at io.quarkus.arc.processor.BeanInfo.init(BeanInfo.java:378)
at io.quarkus.arc.processor.BeanDeployment.init(BeanDeployment.java:247)
If that is not possible how can i check if user has certain permission with access token.
Thanks
I do not agree with #loicmathieu and #Ladicek. If you want to manage protected resources you NEED to be able to inject the AuthzClient.
This a common usecase when you want to implement user managed authorization. A good example is in the keycloak quickstart repo : https://github.com/keycloak/keycloak-quickstarts/tree/latest/app-authz-uma-photoz.
There is an IT test where the AuthzClient is injected in the official quarkus repository : https://github.com/quarkusio/quarkus/blob/9b09229b86b775a9452d09fca42f18e32f81e924/integration-tests/keycloak-authorization/src/main/java/io/quarkus/it/keycloak/ProtectedResource.java
And the use of the AuthzClient is documented here : https://quarkus.io/guides/security-keycloak-authorization#injecting-the-authorization-client
After some experimentation I found that the AuthzClient bean will only exist when quarkus.keycloak.policy-enforcer.enable=true is added to the configuration.
The easiest way to check for permissions is to use the security annotations as explained in the USING OAUTH2 RBAC guide or injext the security context via #Context SecurityContext ctx.
If you want to have access to the token, assuming you're using the authorization code flow, you can inject the JWT token via #Inject JwtToken jwtToken, more details in the USING OPENID CONNECT TO PROTECT WEB APPLICATIONS USING AUTHORIZATION CODE FLOW guide.
If you"re using Keycloack, you can also inject a io.quarkus.security.identity.SecurityIdentity but as #Ladicek said you're not supposed to directly used internal Keycloack classes, see the USING OPENID CONNECT AND KEYCLOAK TO CENTRALIZE AUTHORIZATION guide.
Related
Currently I am running scala play application, now it's HTTP APIs are working fine in my Angular UI application locally. But in our organization for higher environment we need to convert it to SSL HTTPS API.
We use our own organizational root CA and I got the myCA_trust.jks certificate file with me.
I added following properties in application.conf file,
play.server.https.keyStore.path="./myCA_trust.jks"
play.server.https.keyStore.password="change_me"
And for deploying the code I am creating the dist, and using following command to deploy it on linux server
./scala-rest-api -Dplay.http.secret.key="application_secreate_key" -Dhttps.port=8094 -Dplay.server.https.keyStore.path=./myCA_trust.jks -Dplay.server.https.keyStore.password=change_me
After doing this I can hit to the HTTPS URL using server address, but getting errors in server console like,
[error] a.a.OneForOneStrategy - ./myCA_trust.jks
akka.actor.ActorInitializationException: akka://application/system/StreamSupervisor-0/flow-2-1: exception during creation
at akka.actor.ActorInitializationException$.apply(Actor.scala:202)
at akka.actor.ActorCell.create(ActorCell.scala:698)
at akka.actor.ActorCell.invokeAll$1(ActorCell.scala:549)
at akka.actor.ActorCell.systemInvoke(ActorCell.scala:571)
at akka.dispatch.Mailbox.processAllSystemMessages(Mailbox.scala:293)
at akka.dispatch.Mailbox.run(Mailbox.scala:228)
at akka.dispatch.Mailbox.exec(Mailbox.scala:241)
at akka.dispatch.forkjoin.ForkJoinTask.doExec(ForkJoinTask.java:260)
at akka.dispatch.forkjoin.ForkJoinPool$WorkQueue.runTask(ForkJoinPool.java:1339)
at akka.dispatch.forkjoin.ForkJoinPool.runWorker(ForkJoinPool.java:1979)
Caused by: java.lang.reflect.InvocationTargetException: null
at sun.reflect.NativeConstructorAccessorImpl.newInstance0(Native Method)
at sun.reflect.NativeConstructorAccessorImpl.newInstance(NativeConstructorAccessorImpl.java:62)
at sun.reflect.DelegatingConstructorAccessorImpl.newInstance(DelegatingConstructorAccessorImpl.java:45)
at java.lang.reflect.Constructor.newInstance(Constructor.java:423)
at play.core.server.ssl.ServerSSLEngine$.createScalaSSLEngineProvider(ServerSSLEngine.scala:116)
at play.core.server.ssl.ServerSSLEngine$.createSSLEngineProvider(ServerSSLEngine.scala:39)
at play.core.server.AkkaHttpServer$$anon$4$$anon$5.sslEngineProvider$lzycompute(AkkaHttpServer.scala:527)
at play.core.server.AkkaHttpServer$$anon$4$$anon$5.sslEngineProvider(AkkaHttpServer.scala:526)
at play.core.server.AkkaHttpServer$$anon$4$$anon$5.engineCreateSSLEngine(AkkaHttpServer.scala:528)
at javax.net.ssl.SSLContext.createSSLEngine(SSLContext.java:329)
Caused by: java.nio.file.NoSuchFileException: ./myCA_trust.jks
Please help me to configure HTTPS rest API URL, do let me know if there is anything else I need to add in the code and where.
Thanks and in advance.
I want to enable REST service for CAS Apereo version cas-overlay-template-6.0 (on Ubuntu 16.04)
I have done following this step:
Step 1: Add compile for REST API to build.gradle file
root#ubuntu16:~/cas-overlay-template-6.0# nano build.gradle
And add two line below under dependencies clock
compile "org.apereo.cas:cas-server-support-rest:6.0.0"
compile "org.apereo.cas:cas-server-support-rest-services:6.0.0"
Step 2: clean build
root#ubuntu16:~/cas-overlay-template-6.0# ./build.sh clean
Step 3: Build source code again
root#ubuntu16:~/cas-overlay-template-6.0# ./build.sh run
But in step 3, I got error like this.
CAS is configured to accept a static list of credentials for authentication. While this is generally useful for demo purposes, it is STRONGLY recommended that you DISABLE this authentication method (by setting 'cas.authn.accept.users' to a blank value) and switch to a mode that is more suitable for production.>
2019-12-30 01:17:55,465 WARN [org.apereo.cas.config.support.authentication.AcceptUsersAuthenticationEventExecutionPlanConfiguration] - <>
2019-12-30 01:17:55,806 INFO [org.apereo.cas.config.CasPersonDirectoryConfiguration] - <Found and added static attributes [[email]] to the list of candidate attribute repositories>
2019-12-30 01:17:59,004 WARN [org.apereo.cas.web.CasWebApplicationContext] - <Exception encountered during context initialization - cancelling refresh attempt: org.springframework.beans.factory.BeanCreationException: Error creating bean with name 'registeredServiceResourceRestController' defined in class path resource [org/apereo/cas/support/rest/config/RestServicesConfiguration.class]: Bean instantiation via factory method failed; nested exception is org.springframework.beans.BeanInstantiationException: Failed to instantiate [org.apereo.cas.support.rest.RegisteredServiceResource]: Factory method 'registeredServiceResourceRestController' threw exception; nested exception is org.springframework.beans.factory.BeanCreationException: No attribute name is defined to enforce authorization when adding services via CAS REST APIs. This is likely due to misconfiguration in CAS settings where the attribute name definition is absent>
Where have I gone wrong?
Remove this:
compile "org.apereo.cas:cas-server-support-rest-services:6.0.0"
This module does this:
Invoke CAS to register applications into its own service registry. The REST call must be authenticated using basic authentication where credentials are authenticated and accepted by the existing CAS authentication strategy, and furthermore the authenticated principal must be authorized with a pre-configured role/attribute name and value that is designated in the CAS configuration via the CAS properties. The body of the request must be the service definition that shall be registered in JSON format and of course, CAS must be configured to accept the particular service type defined in the body. The accepted media type for this request is application/json.
So you can remove it, if you don't need the functionality.
If you do need it, you will need to define attribute names/values that can enforce authorization as the error message is telling you.
No attribute name is defined to enforce authorization when adding services via CAS REST APIs. This is likely due to misconfiguration in CAS settings where the attribute name definition is absent.
So, define:
# cas.rest.attributeName=
# cas.rest.attributeValue=
PS Don't add things you do not need.
I'm using jhipster and I want to integrate spring batch admin console in my webapp. (http://localhost:8080/batch-console for example)
I tried to integrate the following response in my jhipster webapp Is there a way to integrate spring-batch-admin and spring-boot properly? but I get the following error (properties seems to be not loaded)
org.springframework.beans.factory.BeanCreationException: Error creating bean with name 'loggingConfiguration': Injection of autowired dependencies failed; nested exception is java.lang.IllegalArgumentException: Could not resolve placeholder 'spring.application.name' in string value "${spring.application.name}"
at org.springframework.beans.factory.annotation.AutowiredAnnotationBeanPostProcessor.postProcessPropertyValues(AutowiredAnnotationBeanPostProcessor.java:355)
at org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.populateBean(AbstractAutowireCapableBeanFactory.java:1219)
at org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.doCreateBean(AbstractAutowireCapableBeanFactory.java:543)
at org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.createBean(AbstractAutowireCapableBeanFactory.java:482)
at org.springframework.beans.factory.support.AbstractBeanFactory$1.getObject(AbstractBeanFactory.java:306)
at org.springframework.beans.factory.support.DefaultSingletonBeanRegistry.getSingleton(DefaultSingletonBeanRegistry.java:230)
at org.springframework.beans.factory.support.AbstractBeanFactory.doGetBean(AbstractBeanFactory.java:302)
at org.springframework.beans.factory.support.AbstractBeanFactory.getBean(AbstractBeanFactory.java:197)
at org.springframework.beans.factory.support.DefaultListableBeanFactory.preInstantiateSingletons(DefaultListableBeanFactory.java:751)
at org.springframework.context.support.AbstractApplicationContext.finishBeanFactoryInitialization(AbstractApplicationContext.java:861)
at org.springframework.context.support.AbstractApplicationContext.refresh(AbstractApplicationContext.java:541)
at org.springframework.boot.context.embedded.EmbeddedWebApplicationContext.refresh(EmbeddedWebApplicationContext.java:122)
at org.springframework.boot.SpringApplication.refresh(SpringApplication.java:761)
at org.springframework.boot.SpringApplication.refreshContext(SpringApplication.java:371)
at org.springframework.boot.SpringApplication.run(SpringApplication.java:315)
at com.mycompany.myapp.JhipsterApp.main(JhipsterApp.java:64)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
at java.lang.reflect.Method.invoke(Method.java:497)
at org.springframework.boot.devtools.restart.RestartLauncher.run(RestartLauncher.java:49)
Caused by: java.lang.IllegalArgumentException: Could not resolve placeholder 'spring.application.name' in string value "${spring.application.name}"
at org.springframework.util.PropertyPlaceholderHelper.parseStringValue(PropertyPlaceholderHelper.java:174)
at org.springframework.util.PropertyPlaceholderHelper.replacePlaceholders(PropertyPlaceholderHelper.java:126)
at org.springframework.beans.factory.config.PropertyPlaceholderConfigurer$PlaceholderResolvingStringValueResolver.resolveStringValue(PropertyPlaceholderConfigurer.java:258)
at org.springframework.beans.factory.support.AbstractBeanFactory.resolveEmbeddedValue(AbstractBeanFactory.java:813)
at org.springframework.beans.factory.support.DefaultListableBeanFactory.doResolveDependency(DefaultListableBeanFactory.java:1076)
at org.springframework.beans.factory.support.DefaultListableBeanFactory.resolveDependency(DefaultListableBeanFactory.java:1056)
at org.springframework.beans.factory.annotation.AutowiredAnnotationBeanPostProcessor$AutowiredFieldElement.inject(AutowiredAnnotationBeanPostProcessor.java:566)
at org.springframework.beans.factory.annotation.InjectionMetadata.inject(InjectionMetadata.java:88)
at org.springframework.beans.factory.annotation.AutowiredAnnotationBeanPostProcessor.postProcessPropertyValues(AutowiredAnnotationBeanPostProcessor.java:349)
... 20 common frames omitted
If I hard code these properties for testing, my jhipster application starts but I get :
Request URL:http://localhost:8080/
Request Method:GET
Status Code:403 Forbidden
What do I need to doexactly to integrate spring batch admin in my Jhipster app?
Do I need to add the following dependency to my pom?
<dependency>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-starter-batch</artifactId>
</dependency>
Spring boot version : 1.4.1.RELEASE
Jhipster version : 3.8.0
Thanks
You don't have to add spring-boot. JHipster is a spring-boot app. As for spring-batch-admin for what I see in the documentation is a web UI using Spring MVC which actualy is also a part of the JHipster stack, but JHipster is using as a client a single page app with AngularJS wich is consuming REST services, i.e. you can have some issue when integrating your batch-admin app.
Your
Request URL:http://localhost:8080/ Request Method:GET Status Code:403 Forbidden it indicates that there are some changing at your authorization since
http://localhost:8080/ is the normal entry point in a JHipster app.
As a solution I will recommend to use the micro service approach. The documentation of spring-batch-admin indicates that there is RESTful (JSON) API. This will perfectly fits into micro services app.
Background: I have a web app that utilizes AngularJS, spring-mvc, and spring-rest for delivering the UI. I have a requirement to load balance using an Elastic LB and it is not using sticky sessions; requests are round robin. I implemented session replication using spring-session with gemfire for session storage. This works well.
I need to integrate with an OAuth2 auth server (and eventually multiple OAuth2 servers) purely for authentication and the passing of userInfo. I attempted to use the spring cloud oauth2 #EnableOAuth2Sso on the web-app and hit some session serialization issues. The mere addition of the oauth2ClientContext to the session seemed to cause ClassCastException problems during session saving.
I attempted to pull down the following samples and they worked well out of the box, Particularly the UI and the Authserver.
https://github.com/spring-guides/tut-spring-security-and-angular-js
However, when I added spring session into the mix, trying to serialize to a gemfire server, I encountered the exact same issue.
Here is the stacktrace highlight:
java.lang.ClassCastException: cannot assign instance of org.springframework.beans.factory.support.StaticListableBeanFactory to field org.springframework.aop.scope.DefaultScopedObject.beanFactory of type org.springframework.beans.factory.config.ConfigurableBeanFactory in instance of org.springframework.aop.scope.DefaultScopedObject
Below is abbreviated stacktrace:
ERROR o.a.c.c.C.[.[.[/].[dispatcherServlet] : Servlet.service() for servlet [dispatcherServlet] in context with path [] threw exception
org.springframework.dao.DataAccessResourceFailureException: remote server on machine(gemfire:21800:loner):57660:9d1f3438:gemfire: : While performing a remote put; nested exception is com.gemstone.gemfire.cache.client.ServerOperationException: remote server on machine(gemfire:21800:loner):57660:9d1f3438:gemfire: : While performing a remote put
at org.springframework.data.gemfire.GemfireCacheUtils.convertGemfireAccessException(GemfireCacheUtils.java:238) ~[spring-data-gemfire-1.7.4.RELEASE.jar:1.7.4.RELEASE]
at org.springframework.data.gemfire.GemfireAccessor.convertGemFireAccessException(GemfireAccessor.java:91) ~[spring-data-gemfire-1.7.4.RELEASE.jar:1.7.4.RELEASE]
at org.springframework.data.gemfire.GemfireTemplate.put(GemfireTemplate.java:190) ~[spring-data-gemfire-1.7.4.RELEASE.jar:1.7.4.RELEASE]
at org.springframework.session.data.gemfire.GemFireOperationsSessionRepository.save(GemFireOperationsSessionRepository.java:147) ~[spring-session-1.2.1.RELEASE.jar:na]
at org.springframework.session.data.gemfire.GemFireOperationsSessionRepository.save(GemFireOperationsSessionRepository.java:35) ~[spring-session-1.2.1.RELEASE.jar:na]
at org.springframework.session.web.http.SessionRepositoryFilter$SessionRepositoryRequestWrapper.commitSession(SessionRepositoryFilter.java:244) ~[spring-session-1.2.1.RELEASE.jar:na]
at org.springframework.session.web.http.SessionRepositoryFilter$SessionRepositoryRequestWrapper.access$100(SessionRepositoryFilter.java:214) ~[spring-session-1.2.1.RELEASE.jar:na]
at org.springframework.session.web.http.SessionRepositoryFilter.doFilterInternal(SessionRepositoryFilter.java:167) ~[spring-session-1.2.1.RELEASE.jar:na]
at org.springframework.session.web.http.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:80) ~[spring-session-1.2.1.RELEASE.jar:na]
... tomcat filter chain and spring filter stuff
Caused by: com.gemstone.gemfire.cache.client.ServerOperationException: remote server on machine(gemfire:21800:loner):57660:9d1f3438:gemfire: : While performing a remote put
... gemfire internal stuff
at org.springframework.data.gemfire.GemfireTemplate.put(GemfireTemplate.java:187) ~[spring-data-gemfire-1.7.4.RELEASE.jar:1.7.4.RELEASE]
... 31 common frames omitted
Caused by: java.lang.ClassCastException: cannot assign instance of org.springframework.beans.factory.support.StaticListableBeanFactory to field org.springframework.aop.scope.DefaultScopedObject.beanFactory of type org.springframework.beans.factory.config.ConfigurableBeanFactory in instance of org.springframework.aop.scope.DefaultScopedObject
at java.io.ObjectStreamClass$FieldReflector.setObjFieldValues(ObjectStreamClass.java:2133) ~[na:1.7.0_80]
at java.io.ObjectStreamClass.setObjFieldValues(ObjectStreamClass.java:1305) ~[na:1.7.0_80]
... java.io stuff
at org.springframework.aop.framework.AdvisedSupport.readObject(AdvisedSupport.java:557) ~[spring-aop-4.3.2.RELEASE.jar:4.3.2.RELEASE]
at sun.reflect.GeneratedMethodAccessor224.invoke(Unknown Source) ~[na:na]
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43) ~[na:1.7.0_80]
at java.lang.reflect.Method.invoke(Method.java:497) ~[na:1.7.0_80]
at java.io.ObjectStreamClass.invokeReadObject(ObjectStreamClass.java:1058) ~[na:1.7.0_80]
... java.io stuff
at com.gemstone.gemfire.internal.InternalDataSerializer.basicReadObject(InternalDataSerializer.java:2966) ~[gemfire-8.1.0.jar:na]
at com.gemstone.gemfire.DataSerializer.readObject(DataSerializer.java:3210) ~[gemfire-8.1.0.jar:na]
at org.springframework.session.data.gemfire.AbstractGemFireOperationsSessionRepository$GemFireSessionAttributes.readObject(AbstractGemFireOperationsSessionRepository.java:800) ~[spring-session-1.2.1.RELEASE.jar:na]
at org.springframework.session.data.gemfire.AbstractGemFireOperationsSessionRepository$GemFireSessionAttributes.fromDelta(AbstractGemFireOperationsSessionRepository.java:834) ~[spring-session-1.2.1.RELEASE.jar:na]
at org.springframework.session.data.gemfire.AbstractGemFireOperationsSessionRepository$GemFireSession.fromDelta(AbstractGemFireOperationsSessionRepository.java:589) ~[spring-session-1.2.1.RELEASE.jar:na]
at com.gemstone.gemfire.internal.cache.EntryEventImpl.processDeltaBytes(EntryEventImpl.java:1345) ~[gemfire-8.1.0.jar:na]
... gemfire internal stuff
at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1142) [na:1.7.0_80]
at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:617) [na:1.7.0_80]
at com.gemstone.gemfire.internal.cache.tier.sockets.AcceptorImpl$1$1.run(AcceptorImpl.java:577) ~[gemfire-8.1.0.jar:na]
... 1 common frames omitted
I found the following, https://jira.spring.io/browse/SPR-14117, which encouraged me to update some of the jars to the newest versions, hoping the spring boot versions were simply behind, however it didn't seem to help.
Version info:
spring-cloud-starter-parent: Brixton.SR4
spring-cloud-security: 1.1.2.RELEASE
spring-core: 4.3.2.RELEASE
spring-security-oauth2: 2.0.10.RELEASE
spring-session: 1.2.1.RELEASE
I've considered a few options: rewiring the OAuth2 framework to no longer use ScopedProxyMode.INTERFACES (seems daunting), use Redis vs. Gemfire, write the entire client from scratch (I've done it before... wasn't fun).
FWIW I've already added the RequestContextFilter as recommended here: OAuth2ClientContext (spring-security-oauth2) not persisted in Redis when using spring-session and spring-cloud-security
Does anyone have any guidance?
I don't know if this speaks to your problem directly but I had/have a similar problem and I think I have all the same versions as you. Seems that there are so many Spring projects and they all try to keep up with each other so sometimes there seem to be compatibility issues. I found the steps outlined here by Rob Winch fixed my issue -https://github.com/spring-projects/spring-session/issues/395
I am trying to deploy my gwt app to tomcat6 under ubuntu 9.10 and get
the (i suppose known to many of you)
"java.security.AccessControlException: access denied" error (Full
exception can be found at the end). I have searched the net in general and found that the Java default security
permissions are preventing the serializer from accessing my classes
private members (they do have getters and setters) and that i should
add to tomcat policy with a file at /etc/tomcat6/policy.d/60gwt.policy
the following:
grant codeBase "file:/var/lib/tomcat6/webapps/-" {
permission java.security.AllPermission;
}
Although i have done that (and i understand the implications) i still
get the same error, no matter how many times i restart the server. The
next step would problably be to disable tomcats security manager
completely but this app will eventually go into production and i d
like to know what's going on here. Also, i'd rather not make any
member variables public...
Any ideas?
cheers
SEVERE: Exception while dispatching incoming RPC call
java.security.AccessControlException: access denied
(java.lang.reflect.ReflectPermission suppressAccessChecks)
at java.security.AccessControlContext.checkPermission
(AccessControlContext.java:323)
at java.security.AccessController.checkPermission
(AccessController.java:546)
at java.lang.SecurityManager.checkPermission(SecurityManager.java:
532)
at java.lang.reflect.AccessibleObject.setAccessible
(AccessibleObject.java:107)
at
com.google.gwt.user.server.rpc.impl.ServerSerializationStreamWriter.seriali zeClass
(ServerSerializationStreamWriter.java:694)
at
com.google.gwt.user.server.rpc.impl.ServerSerializationStreamWriter.seriali zeImpl
(ServerSerializationStreamWriter.java:730)
at
com.google.gwt.user.server.rpc.impl.ServerSerializationStreamWriter.seriali zeClass
(ServerSerializationStreamWriter.java:712)
at
com.google.gwt.user.server.rpc.impl.ServerSerializationStreamWriter.seriali zeImpl
(ServerSerializationStreamWriter.java:730)
at
com.google.gwt.user.server.rpc.impl.ServerSerializationStreamWriter.seriali ze
(ServerSerializationStreamWriter.java:612)
at
com.google.gwt.user.client.rpc.impl.AbstractSerializationStreamWriter.write Object
(AbstractSerializationStreamWriter.java:129)
at com.google.gwt.user.server.rpc.impl.ServerSerializationStreamWriter
$ValueWriter$8.write(ServerSerializationStreamWriter.java:152)
at
com.google.gwt.user.server.rpc.impl.ServerSerializationStreamWriter.seriali zeValue
(ServerSerializationStreamWriter.java:534)
at com.google.gwt.user.server.rpc.RPC.encodeResponse(RPC.java:609)
at com.google.gwt.user.server.rpc.RPC.encodeResponseForFailure
(RPC.java:383)
at com.google.gwt.user.server.rpc.RPC.invokeAndEncodeResponse
(RPC.java:581)
at com.google.gwt.user.server.rpc.RemoteServiceServlet.processCall
(RemoteServiceServlet.java:188)
at com.google.gwt.user.server.rpc.RemoteServiceServlet.processPost
(RemoteServiceServlet.java:224)
at com.google.gwt.user.server.rpc.AbstractRemoteServiceServlet.doPost
(AbstractRemoteServiceServlet.java:62)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:637)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:717)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at sun.reflect.NativeMethodAccessorImpl.invoke
(NativeMethodAccessorImpl.java:39)
at sun.reflect.DelegatingMethodAccessorImpl.invoke
(DelegatingMethodAccessorImpl.java:25)
at java.lang.reflect.Method.invoke(Method.java:597)
at org.apache.catalina.security.SecurityUtil$1.run(SecurityUtil.java:
269)
at java.security.AccessController.doPrivileged(Native Method)
at javax.security.auth.Subject.doAsPrivileged(Subject.java:517)
at org.apache.catalina.security.SecurityUtil.execute
(SecurityUtil.java:301)
at org.apache.catalina.security.SecurityUtil.doAsPrivilege
(SecurityUtil.java:162)
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter
(ApplicationFilterChain.java:283)
at org.apache.catalina.core.ApplicationFilterChain.access$000
(ApplicationFilterChain.java:56)
at org.apache.catalina.core.ApplicationFilterChain$1.run
(ApplicationFilterChain.java:189)
at java.security.AccessController.doPrivileged(Native Method)
at org.apache.catalina.core.ApplicationFilterChain.doFilter
(ApplicationFilterChain.java:185)
at org.apache.catalina.core.StandardWrapperValve.invoke
(StandardWrapperValve.java:233)
at org.apache.catalina.core.StandardContextValve.invoke
(StandardContextValve.java:191)
at org.apache.catalina.core.StandardHostValve.invoke
(StandardHostValve.java:128)
at org.apache.catalina.valves.ErrorReportValve.invoke
(ErrorReportValve.java:102)
at org.apache.catalina.core.StandardEngineValve.invoke
(StandardEngineValve.java:109)
at org.apache.catalina.connector.CoyoteAdapter.service
(CoyoteAdapter.java:293)
at org.apache.coyote.http11.Http11Processor.process
(Http11Processor.java:849)
at org.apache.coyote.http11.Http11Protocol
$Http11ConnectionHandler.process(Http11Protocol.java:583)
at org.apache.tomcat.util.net.JIoEndpoint$Worker.run(JIoEndpoint.java:
454)
at java.lang.Thread.run(Thread.java:619)
Never mind, i solved the problem. I was actually using file:$
{catalina.base}webapps/- instead of file:/var/lib/tomcat6/webapps that
i wrote previously.Tomcat config in /etc/default/tomcat says that if
you don't set catalina.base then /var/lib/tomcat6/ is used by default
but...
Well anyway: GWT can not serialize this kind of exception because the type is not available in the emulated JRE library. So either you define it yourself via en supersource or you hande the exception on the server and make sure that you only throw supported exceptions.