Issue:
java.security.AccessControlException: access denied
("oracle.security.jps.service.credstore.CredentialAccessPermission"
"context=SYSTEM,mapName=oim,keyName=OIMSchemaPassword"
"read")
at
java.security.AccessControlContext.checkPermission(AccessControlContext.java:366)
at
java.security.AccessController.checkPermission(AccessController.java:560)
at
oracle.security.jps.util.JpsAuth$AuthorizationMechanism$3.checkPermission(JpsAuth.java:458)
at
oracle.security.jps.util.JpsAuth.checkPermission(JpsAuth.java:518)
at
oracle.security.jps.util.JpsAuth.checkPermission(JpsAuth.java:544)
Truncated. see
log file for complete stacktrace
Caused By: java.security.AccessControlException: access
denied
("oracle.security.jps.service.credstore.CredentialAccessPermission"
"context=SYSTEM,mapName=oim,keyName=OIMSchemaPassword"
"read")
at
java.security.AccessControlContext.checkPermission(AccessControlContext.java:366)
at
java.security.AccessController.checkPermission(AccessController.java:560)
at
oracle.security.jps.util.JpsAuth$AuthorizationMechanism$3.checkPermission(JpsAuth.java:458)
at
oracle.security.jps.util.JpsAuth.checkPermission(JpsAuth.java:518)
at
oracle.security.jps.util.JpsAuth.checkPermission(JpsAuth.java:544)
Truncated. see
log file for complete stacktrace
Fix/Resolution:
1. Take the backup of weblogic.policy file to recover easily
in case of any issues.
a.
Go
to $WLS_HOME/server/lib/weblogic.policy
b. cp weblogic.policy weblogic.policy_backup
2. Add the below lines(end of the file)
into weblogic.policy file
grant codeBase "file:$MW_HOME/patch_wls1036/patch_jars/*"
{
permission
java.security.AllPermission;
};
3. Take the backup of system-jazn-data.xml file to recover
easily in case of any issues
a.
Go
to $DOMAIN_HOME/config/fmwconfig/system-jazn-data.xml
b. $cp system-jazn-data.xml system-jazn-data.xml_backup
4. Add the below lines (end of the file)
into $DOMAIN_HOME/config/fmwconfig/system-jazn-data.xml:
<grant>
<grantee>
<codesource>
<url>file:${wls.home}/../../patch_wls1036/patch_jars/*</url>
</codesource>
</grantee>
<permissions>
<permission>
<class>oracle.security.jps.service.credstore.CredentialAccessPermission</class>
<class>oracle.security.jps.service.credstore.CredentialAccessPermission</class>
<name>context=SYSTEM,mapName=oim,keyName=*</name>
<actions>read,write</actions>
</permission>
</permissions>
</grant>
5. Restart Admin and managed servers.
NOTE: Kindly note, MW_HOME will vary from
environment to environment depends on your machine path.
Also, similar solution is applicable to any component like OAM/OIF/OID etc..
Hope this post helps you to resolve this issue.
Thank you for reading out my blog !!
No comments:
Post a Comment