RMI Server Codebase Permission Denied
I'm having a problem trying to get my application running in a test environment. I currently have this same application up and running in an almost identical location without any issues, and I'm at a loss to understand what the problem is.
My application is an RMI server-client setup. At the moment, I'm having trouble with solely the server portion, as I'm unable to get it to access the codebase. I start the application with the following runServer.sh file (located in /usr/local/app/app, so the $ROOT_DIR=pwd is correct):
Line: -----
#!/bin/bash
ROOT_DIR=`pwd`
JAVA_HOME=/usr/java/latest
CLASSPATH=''
#::------------------------------------------------------------------------
#:: Please edit the environmental variables below so that it refers
#:: to the location where you have distribution URL.
#::------------------------------------------------------------------------
DISTRIBUTION_URL=file://$ROOT_DIR
#::------------------------------------------------------------------------
find /usr/local/app/app/server -name '*.jar' -type f -print | while read FILE
do
if [ $CLASSPATH ]
then
CLASSPATH=$CLASSPATH:$FILE
else
CLASSPATH=$FILE
fi
echo $CLASSPATH > classpath.env
done
read CLASSPATH < classpath.env
find /usr/local/app/app/import -name '*.jar' -type f -print | while read FILE
do
if [ $CLASSPATH ]
then
CLASSPATH=$CLASSPATH:$FILE
else
CLASSPATH=$FILE
fi
echo $CLASSPATH > classpath.env
done
read CLASSPATH < classpath.env
find /usr/local/app/app/common -name '*.jar' -type f -print | while read FILE
do
if [ $CLASSPATH ]
then
CLASSPATH=$CLASSPATH:$FILE
else
CLASSPATH=$FILE
fi
echo $CLASSPATH > classpath.env
done
read CLASSPATH < classpath.env
echo ${CLASSPATH}
cd server
# start /min "RMI Registry"
$JAVA_HOME/bin/rmiregistry &
JAVA_SECURITY="-Djava.security.policy==config/admin.policy -Djava.security.auth.login.config==config/app_jaas.config"
IMPORT_PROPERTIES="-Dapp.import.properties=file://$ROOT_DIR/import/config/import.properties -Dapp.import.logging.properties=file://$ROOT_DIR/import/config/importlog.properties -Dapp.client.properties=file://$ROOT_DIR/client/config/client.properties"
app_PROPERTIES="-Dapp.root=$ROOT_DIR -Dconnection.pool.properties=file://$ROOT_DIR/server/config/database.properties -Dapp.common.properties=$DISTRIBUTION_URL/common/config/common.properties -Dapp.server.properties=file://$ROOT_DIR/server/config/server.properties -Dapp.server.logging.properties=file://$ROOT_DIR/server/config/log.properties"
echo
echo "-------------- app Server -------------------"
echo
$JAVA_HOME/bin/java -ms96m -mx256m -classpath $CLASSPATH -Djava.rmi.server.codebase=file:///usr/local/app/app/common/lib/common.jar $IMPORT_PROPERTIES $JAVA_SECURITY $app_PROPERTIES -Xdebug -Xnoagent -Xrunjdwp:transport=dt_socket,server=y,address=8000,suspend=n app.serverimpl.ServerStarter
cd $ROOT_DIR
Line: -----
After running this, it fails at that last line, $JAVA_HOME/bin/java etc. Near as I can see from the error is that it cannot access the -Djava.rmi.server.codebase.
Line: -----
app.serverimpl.service.ServiceException:java.rmi.ServerException: RemoteException occurred in server thread; nested exception is:
java.rmi.UnmarshalException: error unmarshalling arguments; nested exception is:
java.lang.ClassNotFoundException: access to class loader denied
at sun.rmi.server.UnicastServerRef.oldDispatch(UnicastServerRef.java:419)
at sun.rmi.server.UnicastServerRef.dispatch(UnicastServerRef.java:267)
at sun.rmi.transport.Transport$1.run(Transport.java:177)
at java.security.AccessController.doPrivileged(Native Method)
at sun.rmi.transport.Transport.serviceCall(Transport.java:173)
at sun.rmi.transport.tcp.TCPTransport.handleMessages(TCPTransport.java:553)
at sun.rmi.transport.tcp.TCPTransport$ConnectionHandler.run0(TCPTransport.java:808)
at sun.rmi.transport.tcp.TCPTransport$ConnectionHandler.run(TCPTransport.java:667)
at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1110)
at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:603)
at java.lang.Thread.run(Thread.java:636)
at sun.rmi.transport.StreamRemoteCall.exceptionReceivedFromServer(StreamRemoteCall.java:273)
at sun.rmi.transport.StreamRemoteCall.executeCall(StreamRemoteCall.java:251)
at sun.rmi.server.UnicastRef.invoke(UnicastRef.java:377)
at sun.rmi.registry.RegistryImpl_Stub.bind(Unknown Source)
at app.serverimpl.service.LoginManagerServiceImpl.start(LoginManagerServiceImpl.java:52)
at app.serverimpl.service.ServiceAdapter.start(ServiceAdapter.java:96)
at app.serverimpl.service.ServiceManager.startup(ServiceManager.java:78)
at app.serverimpl.ServerStarter.main(ServerStarter.java:62)
Caused by: java.rmi.UnmarshalException: error unmarshalling arguments; nested exception is:
java.lang.ClassNotFoundException: access to class loader denied
at sun.rmi.registry.RegistryImpl_Skel.dispatch(Unknown Source)
at sun.rmi.server.UnicastServerRef.oldDispatch(UnicastServerRef.java:409)
at sun.rmi.server.UnicastServerRef.dispatch(UnicastServerRef.java:267)
at sun.rmi.transport.Transport$1.run(Transport.java:177)
at java.security.AccessController.doPrivileged(Native Method)
at sun.rmi.transport.Transport.serviceCall(Transport.java:173)
at sun.rmi.transport.tcp.TCPTransport.handleMessages(TCPTransport.java:553)
at sun.rmi.transport.tcp.TCPTransport$ConnectionHandler.run0(TCPTransport.java:808)
at sun.rmi.transport.tcp.TCPTransport$ConnectionHandler.run(TCPTransport.java:667)
at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1110)
at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:603)
at java.lang.Thread.run(Thread.java:636)
Caused by: java.lang.ClassNotFoundException: access to class loader denied
at sun.rmi.server.LoaderHandler.loadClass(LoaderHandler.java:445)
at sun.rmi.server.LoaderHandler.loadClass(LoaderHandler.java:182)
at java.rmi.server.RMIClassLoader$2.loadClass(RMIClassLoader.java:637)
at java.rmi.server.RMIClassLoader.loadClass(RMIClassLoader.java:264)
at sun.rmi.server.MarshalInputStream.resolveClass(MarshalInputStream.java:214)
at java.io.ObjectInputStream.readNonProxyDesc(ObjectInputStream.java:1592)
at java.io.ObjectInputStream.readClassDesc(ObjectInputStream.java:1513)
at java.io.ObjectInputStream.readOrdinaryObject(ObjectInputStream.java:1749)
at java.io.ObjectInputStream.readObject0(ObjectInputStream.java:1346)
at java.io.ObjectInputStream.readObject(ObjectInputStream.java:368)
... 12 more
Caused by: java.security.AccessControlException: access denied (java.io.FilePermission /usr/local/app/app/common/lib/- read)
at java.security.AccessControlContext.checkPermission(AccessControlContext.java:393)
at java.security.AccessController.checkPermission(AccessController.java:553)
at java.lang.SecurityManager.checkPermission(SecurityManager.java:549)
at sun.rmi.server.LoaderHandler$Loader.checkPermissions(LoaderHandler.java:1173)
at sun.rmi.server.LoaderHandler$Loader.access$000(LoaderHandler.java:1127)
at sun.rmi.server.LoaderHandler.loadClass(LoaderHandler.java:409)
... 21 more
Line: -----
Out of growing desperation (and since it's a test VM in virtual box so I'm not really protecting anything) I've already granted full permissions to everyone for these these files in the filesystem itself - chmod -R 775 - and I've made sure that common.jar is accessible. I also double-checked the Security Policy, Djava.security.policy, and that's just a straight all permission to everything (again, I'm not protecting anything on this test).
Line: -----
grant {
permission java.security.AllPermission;
};
Line: -----
What's really driving me nuts is that this exact same code is already running and working on another machine. There are no environment variables that I'm missing, and I don't see how those would relate to this problem even if I did. The directories are identical, and I've verified the location that's listed as the cause (/usr/local/app/app/common/lib/) exists and is accessible. I keep coming back to the file permissions and the security policy and I'm sure I could be missing something obvious, but I am not seeing it at all. Can anyone give me some advice on this?
I'm running a VM in VirtualBox 4.1.4, running CentOS 5.7 32-bit. Java is JDK 1.6.0, just the basic yum install package.