Bug 1006876 - EAP fails to shutdown on ibm jdk 6 with SecurityException: unable to instantiate Subject-based policy
EAP fails to shutdown on ibm jdk 6 with SecurityException: unable to instanti...
Status: CLOSED CURRENTRELEASE
Product: JBoss Enterprise Application Platform 6
Classification: JBoss
Component: Domain Management, Transaction Manager (Show other bugs)
6.2.0
Unspecified Unspecified
unspecified Severity urgent
: ER3
: EAP 6.2.0
Assigned To: Darran Lofthouse
Petr Kremensky
Russell Dickenson
: Regression, TestBlocker
Depends On:
Blocks: 1008337
  Show dependency treegraph
 
Reported: 2013-09-11 08:44 EDT by Richard Janík
Modified: 2013-12-15 11:22 EST (History)
9 users (show)

See Also:
Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Environment:
Last Closed: 2013-12-15 11:22:45 EST
Type: Bug
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---


Attachments (Terms of Use)


External Trackers
Tracker ID Priority Status Summary Last Updated
JBoss Issue Tracker WFLY-2106 None None None 2017-06-16 06:23 EDT

  None (edit)
Description Richard Janík 2013-09-11 08:44:07 EDT
Description of problem:

EAP 6.2.0.ER1
smoke tests

shutdown command fails:
{
    "outcome" => "failed",
    "failure-description" => "JBAS014749: Operation handler failed: unable to instantiate Subject-based policy",
    "rolled-back" => true
}


full stacktrace:
[0m[31m02:50:22,461 ERROR [org.jboss.as.controller.management-operation] (management-handler-thread - 1) JBAS014612: Operation ("read-attribute") failed - address: ([]): java.lang.SecurityException: unable to instantiate Subject-based policy
	at javax.security.auth.Policy.getPolicyNoCheck(Policy.java:268) [rt.jar:1.6.0]
	at javax.security.auth.Policy.getPolicy(Policy.java:219) [rt.jar:1.6.0]
	at javax.security.auth.SubjectDomainCombiner$5.run(SubjectDomainCombiner.java:513) [rt.jar:1.6.0]
	at java.security.AccessController.doPrivileged(AccessController.java:228) [vm.jar:]
	at javax.security.auth.SubjectDomainCombiner.compatPolicy(SubjectDomainCombiner.java:509) [rt.jar:1.6.0]
	at javax.security.auth.SubjectDomainCombiner.combine(SubjectDomainCombiner.java:223) [rt.jar:1.6.0]
	at java.security.AccessController.getContext(AccessController.java:167) [vm.jar:]
	at org.jboss.as.controller.SecurityActions$CreateCallerActions$1.getCaller(SecurityActions.java:151) [jboss-as-controller-7.3.0.Final-redhat-1.jar:7.3.0.Final-redhat-1]
	at org.jboss.as.controller.SecurityActions.getCaller(SecurityActions.java:136) [jboss-as-controller-7.3.0.Final-redhat-1.jar:7.3.0.Final-redhat-1]
	at org.jboss.as.controller.AbstractOperationContext.getCaller(AbstractOperationContext.java:870) [jboss-as-controller-7.3.0.Final-redhat-1.jar:7.3.0.Final-redhat-1]
	at org.jboss.as.controller.OperationContextImpl.getBasicAuthorizationResponse(OperationContextImpl.java:1120) [jboss-as-controller-7.3.0.Final-redhat-1.jar:7.3.0.Final-redhat-1]
	at org.jboss.as.controller.OperationContextImpl.authorize(OperationContextImpl.java:1053) [jboss-as-controller-7.3.0.Final-redhat-1.jar:7.3.0.Final-redhat-1]
	at org.jboss.as.controller.OperationContextImpl.authorize(OperationContextImpl.java:1018) [jboss-as-controller-7.3.0.Final-redhat-1.jar:7.3.0.Final-redhat-1]
	at org.jboss.as.controller.OperationContextImpl.getResourceRegistration(OperationContextImpl.java:267) [jboss-as-controller-7.3.0.Final-redhat-1.jar:7.3.0.Final-redhat-1]
	at org.jboss.as.controller.operations.global.ReadAttributeHandler.doExecuteInternal(ReadAttributeHandler.java:119) [jboss-as-controller-7.3.0.Final-redhat-1.jar:7.3.0.Final-redhat-1]
	at org.jboss.as.controller.operations.global.ReadAttributeHandler.doExecute(ReadAttributeHandler.java:96) [jboss-as-controller-7.3.0.Final-redhat-1.jar:7.3.0.Final-redhat-1]
	at org.jboss.as.controller.operations.global.GlobalOperationHandlers$AbstractMultiTargetHandler.execute(GlobalOperationHandlers.java:284) [jboss-as-controller-7.3.0.Final-redhat-1.jar:7.3.0.Final-redhat-1]
	at org.jboss.as.controller.AbstractOperationContext.executeStep(AbstractOperationContext.java:625) [jboss-as-controller-7.3.0.Final-redhat-1.jar:7.3.0.Final-redhat-1]
	at org.jboss.as.controller.AbstractOperationContext.doCompleteStep(AbstractOperationContext.java:503) [jboss-as-controller-7.3.0.Final-redhat-1.jar:7.3.0.Final-redhat-1]
	at org.jboss.as.controller.AbstractOperationContext.completeStepInternal(AbstractOperationContext.java:285) [jboss-as-controller-7.3.0.Final-redhat-1.jar:7.3.0.Final-redhat-1]
	at org.jboss.as.controller.AbstractOperationContext.executeOperation(AbstractOperationContext.java:280) [jboss-as-controller-7.3.0.Final-redhat-1.jar:7.3.0.Final-redhat-1]
	at org.jboss.as.controller.ModelControllerImpl.internalExecute(ModelControllerImpl.java:217) [jboss-as-controller-7.3.0.Final-redhat-1.jar:7.3.0.Final-redhat-1]
	at org.jboss.as.controller.ModelControllerImpl.execute(ModelControllerImpl.java:134) [jboss-as-controller-7.3.0.Final-redhat-1.jar:7.3.0.Final-redhat-1]
	at org.jboss.as.controller.remote.ModelControllerClientOperationHandler$ExecuteRequestHandler.doExecute(ModelControllerClientOperationHandler.java:194) [jboss-as-controller-7.3.0.Final-redhat-1.jar:7.3.0.Final-redhat-1]
	at org.jboss.as.controller.remote.ModelControllerClientOperationHandler$ExecuteRequestHandler$1$2.run(ModelControllerClientOperationHandler.java:150) [jboss-as-controller-7.3.0.Final-redhat-1.jar:7.3.0.Final-redhat-1]
	at org.jboss.as.controller.remote.ModelControllerClientOperationHandler$ExecuteRequestHandler$1$2.run(ModelControllerClientOperationHandler.java:146) [jboss-as-controller-7.3.0.Final-redhat-1.jar:7.3.0.Final-redhat-1]
	at java.security.AccessController.doPrivileged(AccessController.java:310) [vm.jar:]
	at javax.security.auth.Subject.doAs(Subject.java:573) [rt.jar:1.6.0]
	at org.jboss.as.controller.remote.ModelControllerClientOperationHandler$ExecuteRequestHandler$1.execute(ModelControllerClientOperationHandler.java:146) [jboss-as-controller-7.3.0.Final-redhat-1.jar:7.3.0.Final-redhat-1]
	at org.jboss.as.protocol.mgmt.AbstractMessageHandler$2$1.doExecute(AbstractMessageHandler.java:296) [jboss-as-protocol-7.3.0.Final-redhat-1.jar:7.3.0.Final-redhat-1]
	at org.jboss.as.protocol.mgmt.AbstractMessageHandler$AsyncTaskRunner.run(AbstractMessageHandler.java:518) [jboss-as-protocol-7.3.0.Final-redhat-1.jar:7.3.0.Final-redhat-1]
	at java.util.concurrent.ThreadPoolExecutor$Worker.runTask(ThreadPoolExecutor.java:908) [rt.jar:1.6.0]
	at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:931) [rt.jar:1.6.0]
	at java.lang.Thread.run(Thread.java:738) [vm.jar:1.6.0]
	at org.jboss.threads.JBossThread.run(JBossThread.java:122) [jboss-threads-2.1.1.Final-redhat-1.jar:2.1.1.Final-redhat-1]
Comment 1 Michal Karm Babacek 2013-09-11 09:30:42 EDT
I've just cross-checked with EAP 6.1.1.ER7 on the same JDK with the same environment and this error didn't appear.

Furthermore, I confirm that this error does not occur on OpenJDK6, OpenJDK7, Opeacle JDK6, Opracle JDK7 nor on IBM JDK7  [both RHEL 6/5] 


One may want to see the full error log: https://url.corp.redhat.com/3154abf  (a simple test that starts several AS7 instances...)
Comment 2 Rostislav Svoboda 2013-09-13 08:26:14 EDT
We have met this error in interoperability tests too.
Comment 3 Ondrej Chaloupka 2013-09-17 10:02:33 EDT
There is not possible to do any DMR operation on java IBM JDK6. It really blocks my testing as I use arquillian tests and doing changes via DMR api.

Reproduce:
 - switch to IBM JDK 6
 - $JBOSS_HOME/bin/standalone.sh
 - $JBOSS_HOME/bin/jboss-cli.sh

You'll get exceptions like:
BAS014612: Operation ("read-children-types") failed - address: ([]): java.lang.SecurityException: unable to instantiate Subject-based policy
and
JBAS014612: Operation ("read-attribute") failed - address: ([]): java.lang.SecurityException: unable to instantiate Subject-based policy
Comment 4 Jitka Kozana 2013-09-18 04:00:45 EDT
ER2 update: this is still an important and test blocking issue. 

See the snippet of the server log here: http://pastebin.test.redhat.com/164593
Comment 6 Petr Kremensky 2013-09-30 08:13:00 EDT
Verified on EAP 6.2.0.ER3

Note You need to log in before you can comment on or make changes to this bug.