Error in runtime permission -- access denied (javax.management.MBeanServerPermission findMBeanServer)

0
While creating a new java action in eclipse, we successfully retrieved objects from AmazonDynamoDB. After that we wanted to add the functionality to Mendix. Therefore we used the documentation https://docs.mendix.com/howto/logic-business-rules/extending-your-application-with-custom-java and created a custom java action.  When trying to connect to AmazonDynamoDB via the custom java action, an error occurs. This is when running the Mendix project in Eclipse, but also using Mendix. We think that there is a Runtime exception, where the java action does not have permission to certain classes. We tried to add   (javax.management.MBeanServerPermission "createMBeanServer")  to the security.policy file in the mendix modeler (6.10.13). Also, we added the new java.jar files neccesary of the AWS sdk to the userlib.  None of the above works, nor are we sure whether the changes made in the security.policy file will be saved when deploying the project to Production.     Eclipse error: java.security.AccessControlException: access denied ("javax.management.MBeanServerPermission" "findMBeanServer")     at java.security.AccessControlContext.checkPermission(AccessControlContext.java:472)     at java.security.AccessController.checkPermission(AccessController.java:884)     at java.lang.SecurityManager.checkPermission(SecurityManager.java:549)     at javax.management.MBeanServerFactory.checkPermission(Unknown Source)     at javax.management.MBeanServerFactory.findMBeanServer(Unknown Source)     at com.amazonaws.jmx.MBeans.getMBeanServer(MBeans.java:111)     at com.amazonaws.jmx.MBeans.registerMBean(MBeans.java:50)     at com.amazonaws.jmx.SdkMBeanRegistrySupport.registerMetricAdminMBean(SdkMBeanRegistrySupport.java:27)     at com.amazonaws.metrics.AwsSdkMetrics.registerMetricAdminMBean(AwsSdkMetrics.java:398)     at com.amazonaws.metrics.AwsSdkMetrics.<clinit>(AwsSdkMetrics.java:359)     at com.amazonaws.services.dynamodbv2.AmazonDynamoDBClient.<clinit>(AmazonDynamoDBClient.java:77)     at integration.actions.JA_Measurements_QueryAmazonDB.executeAction(JA_Measurements_QueryAmazonDB.java:59)     at integration.actions.JA_Measurements_QueryAmazonDB.executeAction(JA_Measurements_QueryAmazonDB.java:1)     at com.mendix.systemwideinterfaces.core.UserAction.execute(UserAction.java:49)     at com.mendix.core.actionmanagement.CoreAction.doCall(CoreAction.java:260)     at com.mendix.core.actionmanagement.CoreAction.call(CoreAction.java:248)     at com.mendix.core.actionmanagement.ActionManager$1.execute(ActionManager.java:168)     at com.mendix.util.classloading.Runner.doRunUsingClassLoaderOf(Runner.java:36)     at com.mendix.core.actionmanagement.ActionManager.executeSync(ActionManager.java:172)     at com.mendix.core.component.InternalCore.execute(InternalCore.java:496)     at com.mendix.modules.microflowengine.actions.actioncall.JavaAction.execute(JavaAction.scala:52)     at com.mendix.modules.microflowengine.microflow.impl.MicroflowObject.execute(MicroflowObject.java:47)     at com.mendix.modules.microflowengine.microflow.impl.MicroflowImpl.executeAfterBreakingIfNecessary(MicroflowImpl.java:192)     at com.mendix.modules.microflowengine.microflow.impl.MicroflowImpl.executeAction(MicroflowImpl.java:149)     at com.mendix.systemwideinterfaces.core.UserAction.execute(UserAction.java:49)     at com.mendix.core.actionmanagement.CoreAction.doCall(CoreAction.java:260)     at com.mendix.core.actionmanagement.CoreAction.call(CoreAction.java:248)     at com.mendix.core.actionmanagement.ActionManager$1.execute(ActionManager.java:168)     at com.mendix.util.classloading.Runner.doRunUsingClassLoaderOf(Runner.java:36)     at com.mendix.core.actionmanagement.ActionManager.executeSync(ActionManager.java:172)     at com.mendix.core.component.InternalCore.execute(InternalCore.java:496)     at com.mendix.webui.actions.client.ExecuteAction.execute(ExecuteAction.java:144)     at com.mendix.webui.requesthandling.ClientRequestHandler$$anonfun$handleRequest$1.apply$mcV$sp(ClientRequestHandler.scala:312)     at com.mendix.webui.requesthandling.ClientRequestHandler$$anonfun$handleRequest$1.apply(ClientRequestHandler.scala:302)     at com.mendix.webui.requesthandling.ClientRequestHandler$$anonfun$handleRequest$1.apply(ClientRequestHandler.scala:302)     at com.mendix.core.session.Worker$$anonfun$receive$3$$anonfun$2$$anon$1.execute(ActionDispatching.scala:161)     at com.mendix.util.classloading.Runner.doRunUsingClassLoaderOf(Runner.java:36)     at com.mendix.core.session.Worker$$anonfun$receive$3$$anonfun$2.apply(ActionDispatching.scala:163)     at scala.util.Try$.apply(Try.scala:192)     at com.mendix.core.session.Worker$$anonfun$receive$3.applyOrElse(ActionDispatching.scala:157)     at akka.actor.Actor$class.aroundReceive(Actor.scala:502)     at com.mendix.core.session.Worker.aroundReceive(ActionDispatching.scala:153)     at akka.actor.ActorCell.receiveMessage(ActorCell.scala:526)     at akka.actor.ActorCell.invoke(ActorCell.scala:495)     at akka.dispatch.Mailbox.processMailbox(Mailbox.scala:257)     at akka.dispatch.Mailbox.run(Mailbox.scala:224)     at akka.dispatch.Mailbox.exec(Mailbox.scala:234)     at scala.concurrent.forkjoin.ForkJoinTask.doExec(ForkJoinTask.java:260)     at scala.concurrent.forkjoin.ForkJoinPool$WorkQueue.runTask(ForkJoinPool.java:1339)     at scala.concurrent.forkjoin.ForkJoinPool.runWorker(ForkJoinPool.java:1979)     at scala.concurrent.forkjoin.ForkJoinWorkerThread.run(ForkJoinWorkerThread.java:107) Mendix error: com.mendix.modules.microflowengine.MicroflowException: com.mendix.core.CoreRuntimeException: com.mendix.systemwideinterfaces.MendixRuntimeException: org.apache.http.conn.ssl.SSLInitializationException: class configured for SSLContext: sun.security.ssl.SSLContextImpl$TLSContext not a SSLContext     at Administration.IVK_TEST_IntegrationAmazonUSingJAva (JavaAction : 'JA_Measurements_QueryAmazonDB') Advanced stacktrace:     at com.mendix.modules.microflowengine.MicroflowUtil.processException(MicroflowUtil.java:143) Caused by: com.mendix.core.CoreException: com.mendix.core.CoreRuntimeException: com.mendix.systemwideinterfaces.MendixRuntimeException: org.apache.http.conn.ssl.SSLInitializationException: class configured for SSLContext: sun.security.ssl.SSLContextImpl$TLSContext not a SSLContext     at com.mendix.core.component.InternalCore.execute(InternalCore.java:504) Caused by: com.mendix.core.CoreRuntimeException: com.mendix.systemwideinterfaces.MendixRuntimeException: org.apache.http.conn.ssl.SSLInitializationException: class configured for SSLContext: sun.security.ssl.SSLContextImpl$TLSContext not a SSLContext     at com.mendix.core.actionmanagement.ActionManager.executeSync(ActionManager.java:176) Caused by: com.mendix.systemwideinterfaces.MendixRuntimeException: org.apache.http.conn.ssl.SSLInitializationException: class configured for SSLContext: sun.security.ssl.SSLContextImpl$TLSContext not a SSLContext     at com.mendix.util.classloading.Runner.doRunUsingClassLoaderOf(Runner.java:40) Caused by: org.apache.http.conn.ssl.SSLInitializationException: class configured for SSLContext: sun.security.ssl.SSLContextImpl$TLSContext not a SSLContext     at com.amazonaws.internal.SdkSSLContext.getPreferredSSLContext(SdkSSLContext.java:37)     at com.amazonaws.http.apache.client.impl.ApacheConnectionManagerFactory.getPreferredSocketFactory(ApacheConnectionManagerFactory.java:89)     at com.amazonaws.http.apache.client.impl.ApacheConnectionManagerFactory.create(ApacheConnectionManagerFactory.java:63)     at com.amazonaws.http.apache.client.impl.ApacheConnectionManagerFactory.create(ApacheConnectionManagerFactory.java:56)     at com.amazonaws.http.apache.client.impl.ApacheHttpClientFactory.create(ApacheHttpClientFactory.java:50)     at com.amazonaws.http.apache.client.impl.ApacheHttpClientFactory.create(ApacheHttpClientFactory.java:38)     at com.amazonaws.http.AmazonHttpClient.<init>(AmazonHttpClient.java:317)     at com.amazonaws.http.AmazonHttpClient.<init>(AmazonHttpClient.java:301)     at com.amazonaws.AmazonWebServiceClient.<init>(AmazonWebServiceClient.java:184)     at com.amazonaws.AmazonWebServiceClient.<init>(AmazonWebServiceClient.java:172)     at com.amazonaws.AmazonWebServiceClient.<init>(AmazonWebServiceClient.java:157)     at com.amazonaws.services.dynamodbv2.AmazonDynamoDBClient.<init>(AmazonDynamoDBClient.java:241)     at com.amazonaws.services.dynamodbv2.AmazonDynamoDBClient.<init>(AmazonDynamoDBClient.java:220)     at integration.actions.JA_Measurements_QueryAmazonDB.executeAction(JA_Measurements_QueryAmazonDB.java:59)     at integration.actions.JA_Measurements_QueryAmazonDB.executeAction(JA_Measurements_QueryAmazonDB.java:1)     at com.mendix.systemwideinterfaces.core.UserAction.execute(UserAction.java:49)     at com.mendix.core.actionmanagement.CoreAction.doCall(CoreAction.java:260)     at com.mendix.core.actionmanagement.CoreAction.call(CoreAction.java:248)     at com.mendix.core.actionmanagement.ActionManager$1.execute(ActionManager.java:168)     at com.mendix.util.classloading.Runner.doRunUsingClassLoaderOf(Runner.java:36)     at com.mendix.core.actionmanagement.ActionManager.executeSync(ActionManager.java:172)     at com.mendix.core.component.InternalCore.execute(InternalCore.java:496)     at com.mendix.modules.microflowengine.actions.actioncall.JavaAction.execute(JavaAction.scala:52)     at com.mendix.modules.microflowengine.microflow.impl.MicroflowObject.execute(MicroflowObject.java:47)     at com.mendix.modules.microflowengine.microflow.impl.MicroflowImpl.executeAfterBreakingIfNecessary(MicroflowImpl.java:192)     at com.mendix.modules.microflowengine.microflow.impl.MicroflowImpl.executeAction(MicroflowImpl.java:149)     at com.mendix.systemwideinterfaces.core.UserAction.execute(UserAction.java:49)     at com.mendix.core.actionmanagement.CoreAction.doCall(CoreAction.java:260)     at com.mendix.core.actionmanagement.CoreAction.call(CoreAction.java:248)     at com.mendix.core.actionmanagement.ActionManager$1.execute(ActionManager.java:168)     at com.mendix.util.classloading.Runner.doRunUsingClassLoaderOf(Runner.java:36)     at com.mendix.core.actionmanagement.ActionManager.executeSync(ActionManager.java:172)     at com.mendix.core.component.InternalCore.execute(InternalCore.java:496)     at com.mendix.webui.actions.client.ExecuteAction.execute(ExecuteAction.java:144)     at com.mendix.webui.requesthandling.ClientRequestHandler$$anonfun$handleRequest$1.apply$mcV$sp(ClientRequestHandler.scala:312)     at com.mendix.webui.requesthandling.ClientRequestHandler$$anonfun$handleRequest$1.apply(ClientRequestHandler.scala:302)     at com.mendix.webui.requesthandling.ClientRequestHandler$$anonfun$handleRequest$1.apply(ClientRequestHandler.scala:302)     at com.mendix.core.session.Worker$$anonfun$receive$3$$anonfun$2$$anon$1.execute(ActionDispatching.scala:161)     at com.mendix.util.classloading.Runner.doRunUsingClassLoaderOf(Runner.java:36)     at com.mendix.core.session.Worker$$anonfun$receive$3$$anonfun$2.apply(ActionDispatching.scala:163)     at scala.util.Try$.apply(Try.scala:192)     at com.mendix.core.session.Worker$$anonfun$receive$3.applyOrElse(ActionDispatching.scala:157)     at akka.actor.Actor$class.aroundReceive(Actor.scala:502)     at com.mendix.core.session.Worker.aroundReceive(ActionDispatching.scala:153)     at akka.actor.ActorCell.receiveMessage(ActorCell.scala:526)     at akka.actor.ActorCell.invoke(ActorCell.scala:495)     at akka.dispatch.Mailbox.processMailbox(Mailbox.scala:257)     at akka.dispatch.Mailbox.run(Mailbox.scala:224)     at akka.dispatch.Mailbox.exec(Mailbox.scala:234)     at scala.concurrent.forkjoin.ForkJoinTask.doExec(ForkJoinTask.java:260)     at scala.concurrent.forkjoin.ForkJoinPool$WorkQueue.runTask(ForkJoinPool.java:1339)     at scala.concurrent.forkjoin.ForkJoinPool.runWorker(ForkJoinPool.java:1979)     at scala.concurrent.forkjoin.ForkJoinWorkerThread.run(ForkJoinWorkerThread.java:107) Caused by: java.security.NoSuchAlgorithmException: class configured for SSLContext: sun.security.ssl.SSLContextImpl$TLSContext not a SSLContext     at sun.security.jca.GetInstance.checkSuperClass(Unknown Source)     at sun.security.jca.GetInstance.getInstance(Unknown Source)     at sun.security.jca.GetInstance.getInstance(Unknown Source)     at javax.net.ssl.SSLContext.getInstance(Unknown Source)     at com.amazonaws.internal.SdkSSLContext.getPreferredSSLContext(SdkSSLContext.java:32)     at com.amazonaws.http.apache.client.impl.ApacheConnectionManagerFactory.getPreferredSocketFactory(ApacheConnectionManagerFactory.java:89)     at com.amazonaws.http.apache.client.impl.ApacheConnectionManagerFactory.create(ApacheConnectionManagerFactory.java:63)     at com.amazonaws.http.apache.client.impl.ApacheConnectionManagerFactory.create(ApacheConnectionManagerFactory.java:56)     at com.amazonaws.http.apache.client.impl.ApacheHttpClientFactory.create(ApacheHttpClientFactory.java:50)     at com.amazonaws.http.apache.client.impl.ApacheHttpClientFactory.create(ApacheHttpClientFactory.java:38)     at com.amazonaws.http.AmazonHttpClient.<init>(AmazonHttpClient.java:317)     at com.amazonaws.http.AmazonHttpClient.<init>(AmazonHttpClient.java:301)     at com.amazonaws.AmazonWebServiceClient.<init>(AmazonWebServiceClient.java:184)     at com.amazonaws.AmazonWebServiceClient.<init>(AmazonWebServiceClient.java:172)     at com.amazonaws.AmazonWebServiceClient.<init>(AmazonWebServiceClient.java:157)     at com.amazonaws.services.dynamodbv2.AmazonDynamoDBClient.<init>(AmazonDynamoDBClient.java:241)     at com.amazonaws.services.dynamodbv2.AmazonDynamoDBClient.<init>(AmazonDynamoDBClient.java:220)     at integration.actions.JA_Measurements_QueryAmazonDB.executeAction(JA_Measurements_QueryAmazonDB.java:59)     at integration.actions.JA_Measurements_QueryAmazonDB.executeAction(JA_Measurements_QueryAmazonDB.java:1)     at com.mendix.systemwideinterfaces.core.UserAction.execute(UserAction.java:49)     at com.mendix.core.actionmanagement.CoreAction.doCall(CoreAction.java:260)     at com.mendix.core.actionmanagement.CoreAction.call(CoreAction.java:248)     at com.mendix.core.actionmanagement.ActionManager$1.execute(ActionManager.java:168)     at com.mendix.util.classloading.Runner.doRunUsingClassLoaderOf(Runner.java:36)     at com.mendix.core.actionmanagement.ActionManager.executeSync(ActionManager.java:172)     at com.mendix.core.component.InternalCore.execute(InternalCore.java:496)     at com.mendix.modules.microflowengine.actions.actioncall.JavaAction.execute(JavaAction.scala:52)     at com.mendix.modules.microflowengine.microflow.impl.MicroflowObject.execute(MicroflowObject.java:47)     at com.mendix.modules.microflowengine.microflow.impl.MicroflowImpl.executeAfterBreakingIfNecessary(MicroflowImpl.java:192)     at com.mendix.modules.microflowengine.microflow.impl.MicroflowImpl.executeAction(MicroflowImpl.java:149)     at com.mendix.systemwideinterfaces.core.UserAction.execute(UserAction.java:49)     at com.mendix.core.actionmanagement.CoreAction.doCall(CoreAction.java:260)     at com.mendix.core.actionmanagement.CoreAction.call(CoreAction.java:248)     at com.mendix.core.actionmanagement.ActionManager$1.execute(ActionManager.java:168)     at com.mendix.util.classloading.Runner.doRunUsingClassLoaderOf(Runner.java:36)     at com.mendix.core.actionmanagement.ActionManager.executeSync(ActionManager.java:172)     at com.mendix.core.component.InternalCore.execute(InternalCore.java:496)     at com.mendix.webui.actions.client.ExecuteAction.execute(ExecuteAction.java:144)     at com.mendix.webui.requesthandling.ClientRequestHandler$$anonfun$handleRequest$1.apply$mcV$sp(ClientRequestHandler.scala:312)     at com.mendix.webui.requesthandling.ClientRequestHandler$$anonfun$handleRequest$1.apply(ClientRequestHandler.scala:302)     at com.mendix.webui.requesthandling.ClientRequestHandler$$anonfun$handleRequest$1.apply(ClientRequestHandler.scala:302)     at com.mendix.core.session.Worker$$anonfun$receive$3$$anonfun$2$$anon$1.execute(ActionDispatching.scala:161)     at com.mendix.util.classloading.Runner.doRunUsingClassLoaderOf(Runner.java:36)     at com.mendix.core.session.Worker$$anonfun$receive$3$$anonfun$2.apply(ActionDispatching.scala:163)     at scala.util.Try$.apply(Try.scala:192)     at com.mendix.core.session.Worker$$anonfun$receive$3.applyOrElse(ActionDispatching.scala:157)     at akka.actor.Actor$class.aroundReceive(Actor.scala:502)     at com.mendix.core.session.Worker.aroundReceive(ActionDispatching.scala:153)     at akka.actor.ActorCell.receiveMessage(ActorCell.scala:526)     at akka.actor.ActorCell.invoke(ActorCell.scala:495)     at akka.dispatch.Mailbox.processMailbox(Mailbox.scala:257)     at akka.dispatch.Mailbox.run(Mailbox.scala:224)     at akka.dispatch.Mailbox.exec(Mailbox.scala:234)     at scala.concurrent.forkjoin.ForkJoinTask.doExec(ForkJoinTask.java:260)     at scala.concurrent.forkjoin.ForkJoinPool$WorkQueue.runTask(ForkJoinPool.java:1339)     at scala.concurrent.forkjoin.ForkJoinPool.runWorker(ForkJoinPool.java:1979)     at scala.concurrent.forkjoin.ForkJoinWorkerThread.run(ForkJoinWorkerThread.java:107) Thanks in advance
asked
2 answers
3

From the error you posted it seems that the security policy was not changed correctly.

The change in the policy will not be available when moving your app to the cloud.

What you could do is in the settings disable the emulate cloud security and see if this fixes the issue. If so then fix the security policy for the used modeler and re-enable the emulate cloud security option to see that this fixed the issue.

If so then file a ticket with Mendix support to request your policy change to be added to your environment.

answered
0

Thanks Erwin, for your help. After disabling the emulate cloud security it seemed to fix this error.


Afterwards we found that adding the following permissions to modeler 6.10.13 works:
  permission javax.management.MBeanPermission "*", "*";
  permission javax.management.MBeanPermission "com.amazonaws.metrics.MetricAdmin#-[com.amazonaws.management:type=AwsSdkMetrics]", "registerMBean";
  permission javax.management.MBeanServerPermission "*";
  permission javax.management.MBeanServerPermission "createMBeanServer";
  permission javax.management.MBeanServerPermission "findMBeanServer";
  permission javax.management.MBeanTrustPermission "*";
  permission javax.management.MBeanTrustPermission "register";
 

However, we found a new error, where there is a conflict between the same libraries. We are now trying to figure that one out!

answered