Monday, November 9, 2020

Error start managed-server Access denied ("oracle.security.jps.JpsPermission" "idstore.config")


Symptoms:

When tried to start the managed-server, after a few seconds get FAILED_START status.

The managed-server log (manage-server_name.out) presents the error such as:

oracle.security.jps.JpsException: oracle.security.jps.service.idstore.IdentityStoreException: java.security.AccessControlException: access denied ("oracle.security.jps.JpsPermission" "idstore.config")


Cause:

This is probably an error - no privilege - to access the jar libraries that provide access to the keystores.


Solution:

Possibly that the error message and the reason might varies according to the configuration, but you might check the privileges at weblogic.policy.

Add the following directives to the file - $WLS_HOME/wlserver/server/lib/weblogic.policy


//begin

grant codeBase "file:/u01/ofm/12.2.1-Domain/WLS/oracle_common/modules/oracle.jps/jps-api.jar" {

               permission java.security.AllPermission;

             };



grant codeBase "file:/u01/ofm/12.2.1-Domain/WLS/oracle_common/modules/oracle.jps_11.1.1/jps-api.jar" {

               permission java.security.AllPermission;

             };


grant codeBase "file:/u01/ofm/12.2.1-Domain/WLS/oracle_common/modules/oracle.jps/jps-internal.jar" {

               permission java.security.AllPermission;

             };


grant codeBase "file:/u01/ofm/12.2.1-Domain/WLS/oracle_common/modules/com.oracle.webservices.fmw.wsserver-impl.jar" {

               permission java.security.AllPermission;

             };


grant codeBase "file:/u01/ofm/12.2.1-Domain/WLS/oracle_common/modules/oracle.wsm.common/wsm-agent-core.jar" {

               permission java.security.AllPermission;

             };


grant codeBase "file:/u01/ofm/12.2.1-Domain/WLS/oracle_common/modules/oracle.wsm.common/wsm-pap.jar" {

               permission java.security.AllPermission;

             };

grant codeBase "file:/u01/ofm/12.2.1-Domain/WLS/oracle_common/modules/*" {

               permission java.security.AllPermission;

             };

//end


Restart the Weblogic server and then try to start the managed-server.

Hope this help.


at No comments:
Labels: , , ,
Subscribe to: Posts (Atom)

Configure the Oracle DB Access Control List to avoid error like ORA-24247: network access denied

Symptoms:  You try to make external connections from the Oracle Database and receive erros like ORA-24247: network access denied by access c...