Unable to Migrate the Policy Store from LDAP to File using migrateSecurityStore Command : java.security.AccessControlException: java.security.AccessControlException: access denied
Last updated on JUNE 18, 2018
Applies to:
Oracle WebCenter Portal - Version 11.1.1.9.0 and laterInformation in this document applies to any platform.
Symptoms
When attempting to migrate the Policy and Credential store from LDAP to File using migrateSecurityStore wlst command, the following error occurs:
ERROR
wls:/webcenter/serverConfig>migrateSecurityStore(type="appPolicies", configFile="/refresh/oracle/Middleware/user_projects/domains/wc_domain/config/fmwconfig/jps-config.xml.tmp", src="default", srcApp="webcenter", dstApp="webcenter", dst="defaultXML", migrateIdStoreMapping="true", reportFile="report.html")
May 08, 2018 2:21:08 PM oracle.security.jps.internal.common.util.JpsCommonUtil initPolicyProvider
INFO: Initializing OPSS Java Policy Provider.
May 08, 2018 2:21:11 PM oracle.security.jps.internal.common.util.JpsCommonUtil initPolicyProvider
INFO: OPSS Java Policy Provider initialized.
May 08, 2018 2:21:11 PM oracle.security.jps.internal.common.util.JpsCommonUtil initPolicyProvider
INFO: OPSS Java Policy Provider is set as the system-wide Policy object.
May 08, 2018 2:21:25 PM oracle.security.audit.Auditor init
WARNING: IAU:IAU-6012: Unable to determine the audit log directory. No log directory specified.
May 08, 2018 2:21:25 PM oracle.security.jps.util.JpsUtil disableAudit
INFO: JpsUtil: isAuditDisabled set to true
May 08, 2018 2:21:25 PM oracle.security.jps.internal.audit.AuditServiceImpl validateLogPossible
WARNING: No audit log directory is set. Cannot perform audit operations for component JPS.
WLS ManagedService is not up running. Fall back to use system properties for configuration.
May 08, 2018 2:21:28 PM oracle.security.jps.internal.policystore.ldap.LdapPolicyStore checkMigrateCompatibility
WARNING: Customization related meta-data if present will be striped during migration
May 08, 2018 2:21:28 PM oracle.security.jps.internal.tools.utility.JpsUtilMigrationPolicyImpl migrateAppPolicyData
INFO: Migration of Application Policies webcenter in progress.....
COMMAND FAILED due to an unknown reason, Check the stack trace for details
Traceback (innermost last):
File "<console>", line 1, in ?
File "/a01/app/oraweb/middle/oracle_common/common/wlst/jpsWlstCmd.py", line 983, in migrateSecurityStore
File "/a01/app/oraweb/middle/oracle_common/common/wlst/jpsWlstCmd.py", line 944, in migrateSecurityStoreImpl
at java.security.AccessControlContext.checkPermission(AccessControlContext.java:395)
at java.security.AccessController.checkPermission(AccessController.java:559)
at oracle.security.jps.util.JpsAuth$AuthorizationMechanism$3.checkPermission(JpsAuth.java:478)
at oracle.security.jps.util.JpsAuth.checkPermission(JpsAuth.java:538)
at oracle.security.jps.util.JpsAuth.checkPermission(JpsAuth.java:564)
at oracle.security.jps.internal.policystore.AbstractPolicyStore.checkPolicyStoreAccessPermission(AbstractPolicyStore.java:603)
at oracle.security.jps.internal.policystore.ldap.LdapPolicyStore.getApplicationPolicy(LdapPolicyStore.java:919)
at oracle.security.jps.internal.tools.utility.source.migrate.JpsMigSourcePolicy.getDataToMigrate(JpsMigSourcePolicy.java:110)
at oracle.security.jps.internal.tools.utility.destination.apibased.JpsDstPolicy.migrateDataInternal(JpsDstPolicy.java:703)
at oracle.security.jps.internal.tools.utility.destination.apibased.JpsDstPolicy.migrateData(JpsDstPolicy.java:639)
at oracle.security.jps.internal.tools.utility.destination.JpsDsts.migrateData(JpsDsts.java:88)
at oracle.security.jps.internal.tools.utility.JpsUtility.migrateData(JpsUtility.java:72)
at oracle.security.jps.internal.tools.utility.JpsUtilMigrationPolicyImpl.migrateData(JpsUtilMigrationPolicyImpl.java:670)
at oracle.security.jps.internal.tools.utility.JpsUtilMigrationPolicyImpl.migrateAppPolicyData(JpsUtilMigrationPolicyImpl.java:305)
at oracle.security.jps.tools.utility.JpsUtilMigrationTool.executeCommand(JpsUtilMigrationTool.java:366)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:57)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
at java.lang.reflect.Method.invoke(Method.java:606)
java.security.AccessControlException: java.security.AccessControlException: access denied (oracle.security.jps.service.policystore.PolicyStoreAccessPermission Context:APPLICATION Context Name:webcenter Actions:getApplicationPolicy)
STEPS
The issue can be reproduced at will with the following steps:
- Create an xml file with the source and target destination for the migration.
- Run the migrateSecurityStore command.
Changes
Cause
Sign In with your My Oracle Support account |
|
Don't have a My Oracle Support account? Click to get started |
My Oracle Support provides customers with access to over a
Million Knowledge Articles and hundreds of Community platforms