Unable to Migrate the Policy Store from LDAP to File using migrateSecurityStore Command: java.security.AccessControlException: java.security.AccessControlException: access denied
(Doc ID 2412001.1)
Last updated on SEPTEMBER 28, 2023
Applies to:
Oracle WebCenter Portal - Version 11.1.1.9.0 to 11.1.1.9.210720 [Release 11g]Information in this document applies to any platform.
Symptoms
When attempting to migrate the Policy and Credential store from LDAP to File using migrateSecurityStore wlst command, the following error occurs:
ERROR
wls:/webcenter/serverConfig>migrateSecurityStore(type="appPolicies", configFile="/<WCP_DOMAIN_HOME>/config/fmwconfig/jps-config.xml.tmp", src="default", srcApp="webcenter", dstApp="webcenter", dst="defaultXML", migrateIdStoreMapping="true", reportFile="report.html")
May 08, 2018 2:21:08 PM oracle.security.jps.internal.common.util.JpsCommonUtil initPolicyProvider
INFO: Initializing OPSS Java Policy Provider.
May 08, 2018 2:21:11 PM oracle.security.jps.internal.common.util.JpsCommonUtil initPolicyProvider
INFO: OPSS Java Policy Provider initialized.
May 08, 2018 2:21:11 PM oracle.security.jps.internal.common.util.JpsCommonUtil initPolicyProvider
INFO: OPSS Java Policy Provider is set as the system-wide Policy object.
May 08, 2018 2:21:25 PM oracle.security.audit.Auditor init
WARNING: IAU:IAU-6012: Unable to determine the audit log directory. No log directory specified.
May 08, 2018 2:21:25 PM oracle.security.jps.util.JpsUtil disableAudit
INFO: JpsUtil: isAuditDisabled set to true
May 08, 2018 2:21:25 PM oracle.security.jps.internal.audit.AuditServiceImpl validateLogPossible
WARNING: No audit log directory is set. Cannot perform audit operations for component JPS.
WLS ManagedService is not up running. Fall back to use system properties for configuration.
May 08, 2018 2:21:28 PM oracle.security.jps.internal.policystore.ldap.LdapPolicyStore checkMigrateCompatibility
WARNING: Customization related meta-data if present will be striped during migration
May 08, 2018 2:21:28 PM oracle.security.jps.internal.tools.utility.JpsUtilMigrationPolicyImpl migrateAppPolicyData
INFO: Migration of Application Policies webcenter in progress.....
COMMAND FAILED due to an unknown reason, Check the stack trace for details
Traceback (innermost last):
File "<console>", line 1, in ?
File "/a01/app/oraweb/middle/oracle_common/common/wlst/jpsWlstCmd.py", line 983, in migrateSecurityStore
File "/a01/app/oraweb/middle/oracle_common/common/wlst/jpsWlstCmd.py", line 944, in migrateSecurityStoreImpl
at java.security.AccessControlContext.checkPermission(AccessControlContext.java:395)
at java.security.AccessController.checkPermission(AccessController.java:559)
at oracle.security.jps.util.JpsAuth$AuthorizationMechanism$3.checkPermission(JpsAuth.java:478)
at oracle.security.jps.util.JpsAuth.checkPermission(JpsAuth.java:538)
at oracle.security.jps.util.JpsAuth.checkPermission(JpsAuth.java:564)
at oracle.security.jps.internal.policystore.AbstractPolicyStore.checkPolicyStoreAccessPermission(AbstractPolicyStore.java:603)
at oracle.security.jps.internal.policystore.ldap.LdapPolicyStore.getApplicationPolicy(LdapPolicyStore.java:919)
at oracle.security.jps.internal.tools.utility.source.migrate.JpsMigSourcePolicy.getDataToMigrate(JpsMigSourcePolicy.java:110)
at oracle.security.jps.internal.tools.utility.destination.apibased.JpsDstPolicy.migrateDataInternal(JpsDstPolicy.java:703)
at oracle.security.jps.internal.tools.utility.destination.apibased.JpsDstPolicy.migrateData(JpsDstPolicy.java:639)
at oracle.security.jps.internal.tools.utility.destination.JpsDsts.migrateData(JpsDsts.java:88)
at oracle.security.jps.internal.tools.utility.JpsUtility.migrateData(JpsUtility.java:72)
at oracle.security.jps.internal.tools.utility.JpsUtilMigrationPolicyImpl.migrateData(JpsUtilMigrationPolicyImpl.java:670)
at oracle.security.jps.internal.tools.utility.JpsUtilMigrationPolicyImpl.migrateAppPolicyData(JpsUtilMigrationPolicyImpl.java:305)
at oracle.security.jps.tools.utility.JpsUtilMigrationTool.executeCommand(JpsUtilMigrationTool.java:366)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:57)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
at java.lang.reflect.Method.invoke(Method.java:606)
java.security.AccessControlException: java.security.AccessControlException: access denied (oracle.security.jps.service.policystore.PolicyStoreAccessPermission Context:APPLICATION Context Name:webcenter Actions:getApplicationPolicy)
STEPS
The issue can be reproduced at will with the following steps:
- Create an xml file with the source and target destination for the migration.
- Run the migrateSecurityStore command.
Changes
Cause
To view full details, sign in with your My Oracle Support account. |
|
Don't have a My Oracle Support account? Click to get started! |
In this Document
Symptoms |
Changes |
Cause |
Solution |
References |