GeoServer doesn't Start-up

classic Classic list List threaded Threaded
9 messages Options
Reply | Threaded
Open this post in threaded view
|

GeoServer doesn't Start-up

mentaer
Hi,

today I realized that my GeoServer instance doesn't startup anymore
(must have been since yesterday) as GeoNode layer views and layer
downloads didn't work anymore. Latest thing we did was removing the
admin password; but after we encountered the problem we tried to restore
this now - without much success. Also I may mention that I restarted the
server yesterday after seeing some inexplicable high load on the server
(all 6 assigned processors were used => a guess could be that someone
tried to download a bigger image file, 300gb+ ??)

I have checked if there is content in the gwc xml files and also deleted
the geoserver work directory in tomcat, but without much success.
GeoServer doesn't startup

The only think left is sending you logs for GeoServer (don't say much to
me what is going on and what initiates the shutdown) and Catalina.out.
Perhaps the "datastore" not found error is relevant. As it is GeoNode
this should be our postgis on another server. However, I checked and had
no problem connecting to Postgis with pgAdmin.

I run GeoServer (2.4) as it came installed with  GeoNode 2.0 on Tomcat7.
Also I let GeoNode with GeoServer run in a VM that has Ubuntu 12.04
installed.

any help is highly appreciated!
best,

Stefan

PS: as GeoServer doesn't start up I am getting of course 404 errors

------------------------------------------------------------------------------
Mobile security can be enabling, not merely restricting. Employees who
bring their own devices (BYOD) to work are irked by the imposition of MDM
restrictions. Mobile Device Manager Plus allows you to control only the
apps on BYO-devices by containerizing them, leaving personal data untouched!
https://ad.doubleclick.net/ddm/clk/304595813;131938128;j
_______________________________________________
Geoserver-users mailing list
[hidden email]
https://lists.sourceforge.net/lists/listinfo/geoserver-users

catalina-log.txt (182K) Download Attachment
geoserver-log.txt (119K) Download Attachment
Reply | Threaded
Open this post in threaded view
|

Re: GeoServer doesn't Start-up

Christian Mueller-3
Hi 

What do you mean with deleting the admin password ?

Obviously GeoServer cannot decode the password of your datastore. I assume you did a fresh installation and the GeoServer internal key material  
has changed.  Different GeoServer installations use different key material. 

Solution: find the xml config file for your datastore. Search the XML element named "password".  Replace the password with:

plain:mypassword.

After restarting, use the admin GUI, open the edit view of your datastore and save the config. This will encrypt the password using your new internal keys.

Cheers
Christian















On Thu, May 26, 2016 at 1:09 AM, Stefan Steiniger <[hidden email]> wrote:
Hi,

today I realized that my GeoServer instance doesn't startup anymore (must have been since yesterday) as GeoNode layer views and layer downloads didn't work anymore. Latest thing we did was removing the admin password; but after we encountered the problem we tried to restore this now - without much success. Also I may mention that I restarted the server yesterday after seeing some inexplicable high load on the server (all 6 assigned processors were used => a guess could be that someone tried to download a bigger image file, 300gb+ ??)

I have checked if there is content in the gwc xml files and also deleted the geoserver work directory in tomcat, but without much success. GeoServer doesn't startup

The only think left is sending you logs for GeoServer (don't say much to me what is going on and what initiates the shutdown) and Catalina.out. Perhaps the "datastore" not found error is relevant. As it is GeoNode this should be our postgis on another server. However, I checked and had no problem connecting to Postgis with pgAdmin.

I run GeoServer (2.4) as it came installed with  GeoNode 2.0 on Tomcat7. Also I let GeoNode with GeoServer run in a VM that has Ubuntu 12.04 installed.

any help is highly appreciated!
best,

Stefan

PS: as GeoServer doesn't start up I am getting of course 404 errors

------------------------------------------------------------------------------
Mobile security can be enabling, not merely restricting. Employees who
bring their own devices (BYOD) to work are irked by the imposition of MDM
restrictions. Mobile Device Manager Plus allows you to control only the
apps on BYO-devices by containerizing them, leaving personal data untouched!
https://ad.doubleclick.net/ddm/clk/304595813;131938128;j
_______________________________________________
Geoserver-users mailing list
[hidden email]
https://lists.sourceforge.net/lists/listinfo/geoserver-users




--
DI Christian Mueller MSc (GIS), MSc (IT-Security)
OSS Open Source Solutions GmbH


------------------------------------------------------------------------------
Mobile security can be enabling, not merely restricting. Employees who
bring their own devices (BYOD) to work are irked by the imposition of MDM
restrictions. Mobile Device Manager Plus allows you to control only the
apps on BYO-devices by containerizing them, leaving personal data untouched!
https://ad.doubleclick.net/ddm/clk/304595813;131938128;j
_______________________________________________
Geoserver-users mailing list
[hidden email]
https://lists.sourceforge.net/lists/listinfo/geoserver-users
Reply | Threaded
Open this post in threaded view
|

Re: GeoServer doesn't Start-up

mentaer
Hi,

thanks for the idea. I meant: deleting the default password file as the instructions suggest. The problem seems also that we would have to get GeoServer running at least once, but we haven't achieved this.
Apart from that we did no new installation, everything is as it was before. But it seems like the problem is related to a security feature according to a new extended log output (see below) - my colleague is looking into that now (as I am giving a course all day).

stefan

===============
26 May 12:27:00 INFO [geoserver.wps] - Found 29 bindable processes in Vector processes
26 May 12:27:00 INFO [geoserver.wps] - Blacklisting process geonode:BatchDownload as the input LAYERS of type class org.geonode.process.batchdownload.LayerReference cannot be handled
26 May 12:27:00 INFO [geoserver.wps] - Blacklisting process geonode:BatchDownload as the input map of type class org.geonode.process.batchdownload.MapMetadata cannot be handled
26 May 12:27:00 INFO [geoserver.wps] - Blacklisting process geonode:BatchDownload as the output ZippedFile of type interface org.geonode.process.storage.Resource cannot be handled
26 May 12:27:00 INFO [geoserver.wps] - Found 0 bindable processes in Batch Downloader
26 May 12:27:00 INFO [geoserver.wps] - Found 4 bindable processes in GeoServer specific processes
26 May 12:27:00 INFO [geoserver.wps] - Found 89 bindable processes in Deprecated processes
May 26, 2016 12:27:00 PM org.apache.catalina.core.StandardContext listenerStart
SEVERE: Exception sending context initialized event to listener instance of class org.geoserver.platform.GeoServerContextLoaderListener
org.springframework.beans.factory.BeanCreationException: Error occured reading security configuration; nested exception is java.lang.RuntimeException: org.jasypt.exceptions.EncryptionOperationNotPossibleException
    at org.geoserver.security.GeoServerSecurityManager.onApplicationEvent(GeoServerSecurityManager.java:346)
    at org.springframework.context.event.SimpleApplicationEventMulticaster.multicastEvent(SimpleApplicationEventMulticaster.java:97)
    at org.springframework.context.support.AbstractApplicationContext.publishEvent(AbstractApplicationContext.java:327)
    at org.geoserver.platform.GeoServerContextLoaderListener.contextInitialized(GeoServerContextLoaderListener.java:25)
    at org.apache.catalina.core.StandardContext.listenerStart(StandardContext.java:4779)
    at org.apache.catalina.core.StandardContext.startInternal(StandardContext.java:5273)
    at org.apache.catalina.util.LifecycleBase.start(LifecycleBase.java:150)
    at org.apache.catalina.core.ContainerBase.addChildInternal(ContainerBase.java:895)
    at org.apache.catalina.core.ContainerBase.addChild(ContainerBase.java:871)
    at org.apache.catalina.core.StandardHost.addChild(StandardHost.java:615)
    at org.apache.catalina.startup.HostConfig.deployDescriptor(HostConfig.java:649)
    at org.apache.catalina.startup.HostConfig$DeployDescriptor.run(HostConfig.java:1581)
    at java.util.concurrent.Executors$RunnableAdapter.call(Executors.java:471)
    at java.util.concurrent.FutureTask$Sync.innerRun(FutureTask.java:334)
    at java.util.concurrent.FutureTask.run(FutureTask.java:166)
    at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1146)
    at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:615)
    at java.lang.Thread.run(Thread.java:701)
Caused by: java.lang.RuntimeException: org.jasypt.exceptions.EncryptionOperationNotPossibleException
    at org.geoserver.security.GeoServerSecurityManager.getMasterPassword(GeoServerSecurityManager.java:1631)
    at org.geoserver.security.KeyStoreProviderImpl.assertActivatedKeyStore(KeyStoreProviderImpl.java:236)
    at org.geoserver.security.KeyStoreProviderImpl.reloadKeyStore(KeyStoreProviderImpl.java:103)
    at org.geoserver.security.concurrent.LockingKeyStoreProvider.reloadKeyStore(LockingKeyStoreProvider.java:79)
    at org.geoserver.security.GeoServerSecurityManager.init(GeoServerSecurityManager.java:429)
    at org.geoserver.security.GeoServerSecurityManager.init(GeoServerSecurityManager.java:420)
    at org.geoserver.security.GeoServerSecurityManager.onApplicationEvent(GeoServerSecurityManager.java:339)
    ... 17 more
Caused by: org.jasypt.exceptions.EncryptionOperationNotPossibleException
    at org.jasypt.encryption.pbe.StandardPBEByteEncryptor.decrypt(StandardPBEByteEncryptor.java:918)
    at org.geoserver.security.password.URLMasterPasswordProvider.decode(URLMasterPasswordProvider.java:130)
    at org.geoserver.security.password.URLMasterPasswordProvider.doGetMasterPassword(URLMasterPasswordProvider.java:76)
    at org.geoserver.security.MasterPasswordProvider.getMasterPassword(MasterPasswordProvider.java:34)
    at org.geoserver.security.GeoServerSecurityManager.getMasterPassword(GeoServerSecurityManager.java:1629)
    ... 23 more
May 26, 2016 12:27:00 PM org.apache.catalina.core.StandardContext startInternal
SEVERE: Error listenerStart
May 26, 2016 12:27:00 PM org.apache.catalina.core.StandardContext startInternal
SEVERE: Context [/geoserver] startup failed due to previous errors
May 26, 2016 12:27:00 PM org.apache.catalina.core.ApplicationContext log
INFO: Closing Spring root WebApplicationContext
26 May 12:27:00 WARN [support.DisposableBeanAdapter] - Invocation of destroy method failed on bean with name 'printingWrapper': java.lang.NullPointerException
26 May 12:27:00 INFO [georss.GeoRSSPoller] - destroy() invoked
26 May 12:27:00 INFO [geowebcache.GeoWebCacheDispatcher] - GeoWebCacheDispatcher.destroy() was invoked, shutting down.
26 May 12:27:00 INFO [diskquota.DiskQuotaMonitor] - Disk quota monitor shutting down...
26 May 12:27:00 INFO [diskquota.DiskQuotaMonitor] - Shutting down quota usage monitor...
26 May 12:27:00 INFO [diskquota.QuotaUpdatesMonitor] - Shutting down quota usage monitor...
26 May 12:27:00 INFO [diskquota.DiskQuotaMonitor] - Shutting down quota statistics gathering monitor...
26 May 12:27:00 INFO [diskquota.QueuedQuotaUpdatesConsumer] - Shutting down quota update background task due to InterruptedException
26 May 12:27:00 INFO [diskquota.QueuedUsageStatsConsumer] - Shutting down quota update background task due to interrupted exception
26 May 12:27:00 INFO [seed.SeederThreadPoolExecutor] - Initiating shut down for running and pending seed tasks...
26 May 12:27:00 INFO [seed.SeederThreadPoolExecutor] - Seeder thread pool executor shut down complete.
26 May 12:27:00 INFO [storage.DefaultStorageBroker] - Destroying StorageBroker
26 May 12:27:00 WARN [support.DisposableBeanAdapter] - Invocation of destroy method failed on bean with name 'geoServerLoader': org.springframework.beans.factory.BeanCreationNotAllowedException: Error creating bean with name 'GWCLifeCycleHandler': Singleton bean creation not allowed while the singletons of this factory are in destruction (Do not request a bean from a BeanFactory in a destroy method implementation!)
May 26, 2016 12:27:02 PM org.apache.catalina.loader.WebappClassLoader checkThreadLocalMapForLeaks
SEVERE: The web application [/geoserver] created a ThreadLocal with key of type [java.lang.ThreadLocal] (value [java.lang.ThreadLocal@4668c5ea]) and a value of type [org.geotools.referencing.operation.projection.TransverseMercator.Provider] (value [PROJECTION["Transverse_Mercator"]]) but failed to remove it when the web application was stopped. Threads are going to be renewed over time to try and avoid a probable memory leak.
May 26, 2016 12:27:02 PM org.apache.catalina.loader.WebappClassLoader checkThreadLocalMapForLeaks
SEVERE: The web application [/geoserver] created a ThreadLocal with key of type [org.apache.commons.lang.builder.HashCodeBuilder$1] (value [org.apache.commons.lang.builder.HashCodeBuilder$1@20b9f0d0]) and a value of type [java.util.HashSet] (value [[]]) but failed to remove it when the web application was stopped. Threads are going to be renewed over time to try and avoid a probable memory leak.
May 26, 2016 12:27:02 PM org.apache.catalina.loader.WebappClassLoader checkThreadLocalMapForLeaks
SEVERE: The web application [/geoserver] created a ThreadLocal with key of type [org.eclipse.emf.ecore.xml.type.util.XMLTypeUtil.CharArrayThreadLocal] (value [org.eclipse.emf.ecore.xml.type.util.XMLTypeUtil$CharArrayThreadLocal@53877bc7]) and a value of type [char[]] (value [[C@63cf70a8]) but failed to remove it when the web application was stopped. Threads are going to be renewed over time to try and avoid a probable memory leak.
May 26, 2016 12:27:02 PM org.apache.catalina.loader.WebappClassLoader checkThreadLocalMapForLeaks
SEVERE: The web application [/geoserver] created a ThreadLocal with key of type [java.lang.ThreadLocal] (value [java.lang.ThreadLocal@47ed58c9]) and a value of type [org.geotools.referencing.wkt.Formatter] (value []) but failed to remove it when the web application was stopped. Threads are going to be renewed over time to try and avoid a probable memory leak.
May 26, 2016 12:27:02 PM org.apache.catalina.loader.WebappClassLoader checkThreadLocalMapForLeaks
SEVERE: The web application [/geoserver] created a ThreadLocal with key of type [java.lang.ThreadLocal] (value [java.lang.ThreadLocal@2f601903]) and a value of type [org.springframework.security.core.context.SecurityContextImpl] (value [org.springframework.security.core.context.SecurityContextImpl@ffffffff: Null authentication]) but failed to remove it when the web application was stopped. Threads are going to be renewed over time to try and avoid a probable memory leak.
May 26, 2016 12:27:02 PM org.apache.catalina.loader.WebappClassLoader checkThreadLocalMapForLeaks
SEVERE: The web application [/geoserver] created a ThreadLocal with key of type [org.eclipse.emf.ecore.impl.EClassImpl$1] (value [org.eclipse.emf.ecore.impl.EClassImpl$1@4e0a2c41]) and a value of type [java.util.HashSet] (value [[]]) but failed to remove it when the web application was stopped. Threads are going to be renewed over time to try and avoid a probable memory leak.
May 26, 2016 12:27:02 PM org.apache.catalina.startup.HostConfig deployDirectory
INFO: Deploying web application directory /var/lib/tomcat7/webapps/ROOT
May 26, 2016 12:27:02 PM org.apache.coyote.AbstractProtocol start
INFO: Starting ProtocolHandler ["http-bio-8080"]
May 26, 2016 12:27:02 PM org.apache.catalina.startup.Catalina start
INFO: Server startup in 20835 ms



On 05/26/2016 08:22 AM, Christian Mueller wrote:
Hi 

What do you mean with deleting the admin password ?

Obviously GeoServer cannot decode the password of your datastore. I assume you did a fresh installation and the GeoServer internal key material  
has changed.  Different GeoServer installations use different key material. 

Solution: find the xml config file for your datastore. Search the XML element named "password".  Replace the password with:

plain:mypassword.

After restarting, use the admin GUI, open the edit view of your datastore and save the config. This will encrypt the password using your new internal keys.

Cheers
Christian





------------------------------------------------------------------------------
Mobile security can be enabling, not merely restricting. Employees who
bring their own devices (BYOD) to work are irked by the imposition of MDM
restrictions. Mobile Device Manager Plus allows you to control only the
apps on BYO-devices by containerizing them, leaving personal data untouched!
https://ad.doubleclick.net/ddm/clk/304595813;131938128;j
_______________________________________________
Geoserver-users mailing list
[hidden email]
https://lists.sourceforge.net/lists/listinfo/geoserver-users
Reply | Threaded
Open this post in threaded view
|

Re: GeoServer doesn't Start-up

geowolf
Hi,
I'm making a wild guess and I might be way off the mark, so sorry in advance if it does not help but... 
could it be that you once installed the unrestricted policy jars for strong encryption, and then
a JDK upgrade happened, it wiped out those jars (they are in the JDK itself), and now you cannot perform the same
type of encryption anymore?

Cheers
Andrea

On Thu, May 26, 2016 at 7:33 PM, Stefan Steiniger <[hidden email]> wrote:
Hi,

thanks for the idea. I meant: deleting the default password file as the instructions suggest. The problem seems also that we would have to get GeoServer running at least once, but we haven't achieved this.
Apart from that we did no new installation, everything is as it was before. But it seems like the problem is related to a security feature according to a new extended log output (see below) - my colleague is looking into that now (as I am giving a course all day).

stefan

===============
26 May 12:27:00 INFO [geoserver.wps] - Found 29 bindable processes in Vector processes
26 May 12:27:00 INFO [geoserver.wps] - Blacklisting process geonode:BatchDownload as the input LAYERS of type class org.geonode.process.batchdownload.LayerReference cannot be handled
26 May 12:27:00 INFO [geoserver.wps] - Blacklisting process geonode:BatchDownload as the input map of type class org.geonode.process.batchdownload.MapMetadata cannot be handled
26 May 12:27:00 INFO [geoserver.wps] - Blacklisting process geonode:BatchDownload as the output ZippedFile of type interface org.geonode.process.storage.Resource cannot be handled
26 May 12:27:00 INFO [geoserver.wps] - Found 0 bindable processes in Batch Downloader
26 May 12:27:00 INFO [geoserver.wps] - Found 4 bindable processes in GeoServer specific processes
26 May 12:27:00 INFO [geoserver.wps] - Found 89 bindable processes in Deprecated processes
May 26, 2016 12:27:00 PM org.apache.catalina.core.StandardContext listenerStart
SEVERE: Exception sending context initialized event to listener instance of class org.geoserver.platform.GeoServerContextLoaderListener
org.springframework.beans.factory.BeanCreationException: Error occured reading security configuration; nested exception is java.lang.RuntimeException: org.jasypt.exceptions.EncryptionOperationNotPossibleException
    at org.geoserver.security.GeoServerSecurityManager.onApplicationEvent(GeoServerSecurityManager.java:346)
    at org.springframework.context.event.SimpleApplicationEventMulticaster.multicastEvent(SimpleApplicationEventMulticaster.java:97)
    at org.springframework.context.support.AbstractApplicationContext.publishEvent(AbstractApplicationContext.java:327)
    at org.geoserver.platform.GeoServerContextLoaderListener.contextInitialized(GeoServerContextLoaderListener.java:25)
    at org.apache.catalina.core.StandardContext.listenerStart(StandardContext.java:4779)
    at org.apache.catalina.core.StandardContext.startInternal(StandardContext.java:5273)
    at org.apache.catalina.util.LifecycleBase.start(LifecycleBase.java:150)
    at org.apache.catalina.core.ContainerBase.addChildInternal(ContainerBase.java:895)
    at org.apache.catalina.core.ContainerBase.addChild(ContainerBase.java:871)
    at org.apache.catalina.core.StandardHost.addChild(StandardHost.java:615)
    at org.apache.catalina.startup.HostConfig.deployDescriptor(HostConfig.java:649)
    at org.apache.catalina.startup.HostConfig$DeployDescriptor.run(HostConfig.java:1581)
    at java.util.concurrent.Executors$RunnableAdapter.call(Executors.java:471)
    at java.util.concurrent.FutureTask$Sync.innerRun(FutureTask.java:334)
    at java.util.concurrent.FutureTask.run(FutureTask.java:166)
    at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1146)
    at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:615)
    at java.lang.Thread.run(Thread.java:701)
Caused by: java.lang.RuntimeException: org.jasypt.exceptions.EncryptionOperationNotPossibleException
    at org.geoserver.security.GeoServerSecurityManager.getMasterPassword(GeoServerSecurityManager.java:1631)
    at org.geoserver.security.KeyStoreProviderImpl.assertActivatedKeyStore(KeyStoreProviderImpl.java:236)
    at org.geoserver.security.KeyStoreProviderImpl.reloadKeyStore(KeyStoreProviderImpl.java:103)
    at org.geoserver.security.concurrent.LockingKeyStoreProvider.reloadKeyStore(LockingKeyStoreProvider.java:79)
    at org.geoserver.security.GeoServerSecurityManager.init(GeoServerSecurityManager.java:429)
    at org.geoserver.security.GeoServerSecurityManager.init(GeoServerSecurityManager.java:420)
    at org.geoserver.security.GeoServerSecurityManager.onApplicationEvent(GeoServerSecurityManager.java:339)
    ... 17 more
Caused by: org.jasypt.exceptions.EncryptionOperationNotPossibleException
    at org.jasypt.encryption.pbe.StandardPBEByteEncryptor.decrypt(StandardPBEByteEncryptor.java:918)
    at org.geoserver.security.password.URLMasterPasswordProvider.decode(URLMasterPasswordProvider.java:130)
    at org.geoserver.security.password.URLMasterPasswordProvider.doGetMasterPassword(URLMasterPasswordProvider.java:76)
    at org.geoserver.security.MasterPasswordProvider.getMasterPassword(MasterPasswordProvider.java:34)
    at org.geoserver.security.GeoServerSecurityManager.getMasterPassword(GeoServerSecurityManager.java:1629)
    ... 23 more
May 26, 2016 12:27:00 PM org.apache.catalina.core.StandardContext startInternal
SEVERE: Error listenerStart
May 26, 2016 12:27:00 PM org.apache.catalina.core.StandardContext startInternal
SEVERE: Context [/geoserver] startup failed due to previous errors
May 26, 2016 12:27:00 PM org.apache.catalina.core.ApplicationContext log
INFO: Closing Spring root WebApplicationContext
26 May 12:27:00 WARN [support.DisposableBeanAdapter] - Invocation of destroy method failed on bean with name 'printingWrapper': java.lang.NullPointerException
26 May 12:27:00 INFO [georss.GeoRSSPoller] - destroy() invoked
26 May 12:27:00 INFO [geowebcache.GeoWebCacheDispatcher] - GeoWebCacheDispatcher.destroy() was invoked, shutting down.
26 May 12:27:00 INFO [diskquota.DiskQuotaMonitor] - Disk quota monitor shutting down...
26 May 12:27:00 INFO [diskquota.DiskQuotaMonitor] - Shutting down quota usage monitor...
26 May 12:27:00 INFO [diskquota.QuotaUpdatesMonitor] - Shutting down quota usage monitor...
26 May 12:27:00 INFO [diskquota.DiskQuotaMonitor] - Shutting down quota statistics gathering monitor...
26 May 12:27:00 INFO [diskquota.QueuedQuotaUpdatesConsumer] - Shutting down quota update background task due to InterruptedException
26 May 12:27:00 INFO [diskquota.QueuedUsageStatsConsumer] - Shutting down quota update background task due to interrupted exception
26 May 12:27:00 INFO [seed.SeederThreadPoolExecutor] - Initiating shut down for running and pending seed tasks...
26 May 12:27:00 INFO [seed.SeederThreadPoolExecutor] - Seeder thread pool executor shut down complete.
26 May 12:27:00 INFO [storage.DefaultStorageBroker] - Destroying StorageBroker
26 May 12:27:00 WARN [support.DisposableBeanAdapter] - Invocation of destroy method failed on bean with name 'geoServerLoader': org.springframework.beans.factory.BeanCreationNotAllowedException: Error creating bean with name 'GWCLifeCycleHandler': Singleton bean creation not allowed while the singletons of this factory are in destruction (Do not request a bean from a BeanFactory in a destroy method implementation!)
May 26, 2016 12:27:02 PM org.apache.catalina.loader.WebappClassLoader checkThreadLocalMapForLeaks
SEVERE: The web application [/geoserver] created a ThreadLocal with key of type [java.lang.ThreadLocal] (value [java.lang.ThreadLocal@4668c5ea]) and a value of type [org.geotools.referencing.operation.projection.TransverseMercator.Provider] (value [PROJECTION["Transverse_Mercator"]]) but failed to remove it when the web application was stopped. Threads are going to be renewed over time to try and avoid a probable memory leak.
May 26, 2016 12:27:02 PM org.apache.catalina.loader.WebappClassLoader checkThreadLocalMapForLeaks
SEVERE: The web application [/geoserver] created a ThreadLocal with key of type [org.apache.commons.lang.builder.HashCodeBuilder$1] (value [org.apache.commons.lang.builder.HashCodeBuilder$1@20b9f0d0]) and a value of type [java.util.HashSet] (value [[]]) but failed to remove it when the web application was stopped. Threads are going to be renewed over time to try and avoid a probable memory leak.
May 26, 2016 12:27:02 PM org.apache.catalina.loader.WebappClassLoader checkThreadLocalMapForLeaks
SEVERE: The web application [/geoserver] created a ThreadLocal with key of type [org.eclipse.emf.ecore.xml.type.util.XMLTypeUtil.CharArrayThreadLocal] (value [org.eclipse.emf.ecore.xml.type.util.XMLTypeUtil$CharArrayThreadLocal@53877bc7]) and a value of type [char[]] (value [[C@63cf70a8]) but failed to remove it when the web application was stopped. Threads are going to be renewed over time to try and avoid a probable memory leak.
May 26, 2016 12:27:02 PM org.apache.catalina.loader.WebappClassLoader checkThreadLocalMapForLeaks
SEVERE: The web application [/geoserver] created a ThreadLocal with key of type [java.lang.ThreadLocal] (value [java.lang.ThreadLocal@47ed58c9]) and a value of type [org.geotools.referencing.wkt.Formatter] (value []) but failed to remove it when the web application was stopped. Threads are going to be renewed over time to try and avoid a probable memory leak.
May 26, 2016 12:27:02 PM org.apache.catalina.loader.WebappClassLoader checkThreadLocalMapForLeaks
SEVERE: The web application [/geoserver] created a ThreadLocal with key of type [java.lang.ThreadLocal] (value [java.lang.ThreadLocal@2f601903]) and a value of type [org.springframework.security.core.context.SecurityContextImpl] (value [org.springframework.security.core.context.SecurityContextImpl@ffffffff: Null authentication]) but failed to remove it when the web application was stopped. Threads are going to be renewed over time to try and avoid a probable memory leak.
May 26, 2016 12:27:02 PM org.apache.catalina.loader.WebappClassLoader checkThreadLocalMapForLeaks
SEVERE: The web application [/geoserver] created a ThreadLocal with key of type [org.eclipse.emf.ecore.impl.EClassImpl$1] (value [org.eclipse.emf.ecore.impl.EClassImpl$1@4e0a2c41]) and a value of type [java.util.HashSet] (value [[]]) but failed to remove it when the web application was stopped. Threads are going to be renewed over time to try and avoid a probable memory leak.
May 26, 2016 12:27:02 PM org.apache.catalina.startup.HostConfig deployDirectory
INFO: Deploying web application directory /var/lib/tomcat7/webapps/ROOT
May 26, 2016 12:27:02 PM org.apache.coyote.AbstractProtocol start
INFO: Starting ProtocolHandler ["http-bio-8080"]
May 26, 2016 12:27:02 PM org.apache.catalina.startup.Catalina start
INFO: Server startup in 20835 ms



On 05/26/2016 08:22 AM, Christian Mueller wrote:
Hi 

What do you mean with deleting the admin password ?

Obviously GeoServer cannot decode the password of your datastore. I assume you did a fresh installation and the GeoServer internal key material  
has changed.  Different GeoServer installations use different key material. 

Solution: find the xml config file for your datastore. Search the XML element named "password".  Replace the password with:

plain:mypassword.

After restarting, use the admin GUI, open the edit view of your datastore and save the config. This will encrypt the password using your new internal keys.

Cheers
Christian





------------------------------------------------------------------------------
Mobile security can be enabling, not merely restricting. Employees who
bring their own devices (BYOD) to work are irked by the imposition of MDM
restrictions. Mobile Device Manager Plus allows you to control only the
apps on BYO-devices by containerizing them, leaving personal data untouched!
https://ad.doubleclick.net/ddm/clk/304595813;131938128;j
_______________________________________________
Geoserver-users mailing list
[hidden email]
https://lists.sourceforge.net/lists/listinfo/geoserver-users




--
==
GeoServer Professional Services from the experts! Visit
http://goo.gl/it488V for more information.
==

Ing. Andrea Aime 
@geowolf
Technical Lead

GeoSolutions S.A.S.
Via di Montramito 3/A
55054  Massarosa (LU)
phone: +39 0584 962313
fax: +39 0584 1660272
mob: +39  339 8844549


AVVERTENZE AI SENSI DEL D.Lgs. 196/2003

Le informazioni contenute in questo messaggio di posta elettronica e/o nel/i file/s allegato/i sono da considerarsi strettamente riservate. Il loro utilizzo è consentito esclusivamente al destinatario del messaggio, per le finalità indicate nel messaggio stesso. Qualora riceviate questo messaggio senza esserne il destinatario, Vi preghiamo cortesemente di darcene notizia via e-mail e di procedere alla distruzione del messaggio stesso, cancellandolo dal Vostro sistema. Conservare il messaggio stesso, divulgarlo anche in parte, distribuirlo ad altri soggetti, copiarlo, od utilizzarlo per finalità diverse, costituisce comportamento contrario ai principi dettati dal D.Lgs. 196/2003.

 

The information in this message and/or attachments, is intended solely for the attention and use of the named addressee(s) and may be confidential or proprietary in nature or covered by the provisions of privacy act (Legislative Decree June, 30 2003, no.196 - Italy's New Data Protection Code).Any use not in accord with its purpose, any disclosure, reproduction, copying, distribution, or either dissemination, either whole or partial, is strictly forbidden except previous formal approval of the named addressee(s). If you are not the intended recipient, please contact immediately the sender by telephone, fax or e-mail and delete the information in this message that has been received in error. The sender does not give any warranty or accept liability as the content, accuracy or completeness of sent messages and accepts no responsibility  for changes made after they were sent or for other risks which arise as a result of e-mail transmission, viruses, etc.


-------------------------------------------------------

------------------------------------------------------------------------------
Mobile security can be enabling, not merely restricting. Employees who
bring their own devices (BYOD) to work are irked by the imposition of MDM
restrictions. Mobile Device Manager Plus allows you to control only the
apps on BYO-devices by containerizing them, leaving personal data untouched!
https://ad.doubleclick.net/ddm/clk/304595813;131938128;j
_______________________________________________
Geoserver-users mailing list
[hidden email]
https://lists.sourceforge.net/lists/listinfo/geoserver-users
Reply | Threaded
Open this post in threaded view
|

Re: GeoServer doesn't Start-up

Christian Mueller-3
Hi

@Andrea, this is not a wild guess and could be the reason for this problem. Concerning security, OpenJDK makes live easier because it is unrestricted out of the box whilst Oralce JDK is not.

Cheers
Christian

On Thu, May 26, 2016 at 8:46 PM, Andrea Aime <[hidden email]> wrote:
Hi,
I'm making a wild guess and I might be way off the mark, so sorry in advance if it does not help but... 
could it be that you once installed the unrestricted policy jars for strong encryption, and then
a JDK upgrade happened, it wiped out those jars (they are in the JDK itself), and now you cannot perform the same
type of encryption anymore?

Cheers
Andrea

On Thu, May 26, 2016 at 7:33 PM, Stefan Steiniger <[hidden email]> wrote:
Hi,

thanks for the idea. I meant: deleting the default password file as the instructions suggest. The problem seems also that we would have to get GeoServer running at least once, but we haven't achieved this.
Apart from that we did no new installation, everything is as it was before. But it seems like the problem is related to a security feature according to a new extended log output (see below) - my colleague is looking into that now (as I am giving a course all day).

stefan

===============
26 May 12:27:00 INFO [geoserver.wps] - Found 29 bindable processes in Vector processes
26 May 12:27:00 INFO [geoserver.wps] - Blacklisting process geonode:BatchDownload as the input LAYERS of type class org.geonode.process.batchdownload.LayerReference cannot be handled
26 May 12:27:00 INFO [geoserver.wps] - Blacklisting process geonode:BatchDownload as the input map of type class org.geonode.process.batchdownload.MapMetadata cannot be handled
26 May 12:27:00 INFO [geoserver.wps] - Blacklisting process geonode:BatchDownload as the output ZippedFile of type interface org.geonode.process.storage.Resource cannot be handled
26 May 12:27:00 INFO [geoserver.wps] - Found 0 bindable processes in Batch Downloader
26 May 12:27:00 INFO [geoserver.wps] - Found 4 bindable processes in GeoServer specific processes
26 May 12:27:00 INFO [geoserver.wps] - Found 89 bindable processes in Deprecated processes
May 26, 2016 12:27:00 PM org.apache.catalina.core.StandardContext listenerStart
SEVERE: Exception sending context initialized event to listener instance of class org.geoserver.platform.GeoServerContextLoaderListener
org.springframework.beans.factory.BeanCreationException: Error occured reading security configuration; nested exception is java.lang.RuntimeException: org.jasypt.exceptions.EncryptionOperationNotPossibleException
    at org.geoserver.security.GeoServerSecurityManager.onApplicationEvent(GeoServerSecurityManager.java:346)
    at org.springframework.context.event.SimpleApplicationEventMulticaster.multicastEvent(SimpleApplicationEventMulticaster.java:97)
    at org.springframework.context.support.AbstractApplicationContext.publishEvent(AbstractApplicationContext.java:327)
    at org.geoserver.platform.GeoServerContextLoaderListener.contextInitialized(GeoServerContextLoaderListener.java:25)
    at org.apache.catalina.core.StandardContext.listenerStart(StandardContext.java:4779)
    at org.apache.catalina.core.StandardContext.startInternal(StandardContext.java:5273)
    at org.apache.catalina.util.LifecycleBase.start(LifecycleBase.java:150)
    at org.apache.catalina.core.ContainerBase.addChildInternal(ContainerBase.java:895)
    at org.apache.catalina.core.ContainerBase.addChild(ContainerBase.java:871)
    at org.apache.catalina.core.StandardHost.addChild(StandardHost.java:615)
    at org.apache.catalina.startup.HostConfig.deployDescriptor(HostConfig.java:649)
    at org.apache.catalina.startup.HostConfig$DeployDescriptor.run(HostConfig.java:1581)
    at java.util.concurrent.Executors$RunnableAdapter.call(Executors.java:471)
    at java.util.concurrent.FutureTask$Sync.innerRun(FutureTask.java:334)
    at java.util.concurrent.FutureTask.run(FutureTask.java:166)
    at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1146)
    at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:615)
    at java.lang.Thread.run(Thread.java:701)
Caused by: java.lang.RuntimeException: org.jasypt.exceptions.EncryptionOperationNotPossibleException
    at org.geoserver.security.GeoServerSecurityManager.getMasterPassword(GeoServerSecurityManager.java:1631)
    at org.geoserver.security.KeyStoreProviderImpl.assertActivatedKeyStore(KeyStoreProviderImpl.java:236)
    at org.geoserver.security.KeyStoreProviderImpl.reloadKeyStore(KeyStoreProviderImpl.java:103)
    at org.geoserver.security.concurrent.LockingKeyStoreProvider.reloadKeyStore(LockingKeyStoreProvider.java:79)
    at org.geoserver.security.GeoServerSecurityManager.init(GeoServerSecurityManager.java:429)
    at org.geoserver.security.GeoServerSecurityManager.init(GeoServerSecurityManager.java:420)
    at org.geoserver.security.GeoServerSecurityManager.onApplicationEvent(GeoServerSecurityManager.java:339)
    ... 17 more
Caused by: org.jasypt.exceptions.EncryptionOperationNotPossibleException
    at org.jasypt.encryption.pbe.StandardPBEByteEncryptor.decrypt(StandardPBEByteEncryptor.java:918)
    at org.geoserver.security.password.URLMasterPasswordProvider.decode(URLMasterPasswordProvider.java:130)
    at org.geoserver.security.password.URLMasterPasswordProvider.doGetMasterPassword(URLMasterPasswordProvider.java:76)
    at org.geoserver.security.MasterPasswordProvider.getMasterPassword(MasterPasswordProvider.java:34)
    at org.geoserver.security.GeoServerSecurityManager.getMasterPassword(GeoServerSecurityManager.java:1629)
    ... 23 more
May 26, 2016 12:27:00 PM org.apache.catalina.core.StandardContext startInternal
SEVERE: Error listenerStart
May 26, 2016 12:27:00 PM org.apache.catalina.core.StandardContext startInternal
SEVERE: Context [/geoserver] startup failed due to previous errors
May 26, 2016 12:27:00 PM org.apache.catalina.core.ApplicationContext log
INFO: Closing Spring root WebApplicationContext
26 May 12:27:00 WARN [support.DisposableBeanAdapter] - Invocation of destroy method failed on bean with name 'printingWrapper': java.lang.NullPointerException
26 May 12:27:00 INFO [georss.GeoRSSPoller] - destroy() invoked
26 May 12:27:00 INFO [geowebcache.GeoWebCacheDispatcher] - GeoWebCacheDispatcher.destroy() was invoked, shutting down.
26 May 12:27:00 INFO [diskquota.DiskQuotaMonitor] - Disk quota monitor shutting down...
26 May 12:27:00 INFO [diskquota.DiskQuotaMonitor] - Shutting down quota usage monitor...
26 May 12:27:00 INFO [diskquota.QuotaUpdatesMonitor] - Shutting down quota usage monitor...
26 May 12:27:00 INFO [diskquota.DiskQuotaMonitor] - Shutting down quota statistics gathering monitor...
26 May 12:27:00 INFO [diskquota.QueuedQuotaUpdatesConsumer] - Shutting down quota update background task due to InterruptedException
26 May 12:27:00 INFO [diskquota.QueuedUsageStatsConsumer] - Shutting down quota update background task due to interrupted exception
26 May 12:27:00 INFO [seed.SeederThreadPoolExecutor] - Initiating shut down for running and pending seed tasks...
26 May 12:27:00 INFO [seed.SeederThreadPoolExecutor] - Seeder thread pool executor shut down complete.
26 May 12:27:00 INFO [storage.DefaultStorageBroker] - Destroying StorageBroker
26 May 12:27:00 WARN [support.DisposableBeanAdapter] - Invocation of destroy method failed on bean with name 'geoServerLoader': org.springframework.beans.factory.BeanCreationNotAllowedException: Error creating bean with name 'GWCLifeCycleHandler': Singleton bean creation not allowed while the singletons of this factory are in destruction (Do not request a bean from a BeanFactory in a destroy method implementation!)
May 26, 2016 12:27:02 PM org.apache.catalina.loader.WebappClassLoader checkThreadLocalMapForLeaks
SEVERE: The web application [/geoserver] created a ThreadLocal with key of type [java.lang.ThreadLocal] (value [java.lang.ThreadLocal@4668c5ea]) and a value of type [org.geotools.referencing.operation.projection.TransverseMercator.Provider] (value [PROJECTION["Transverse_Mercator"]]) but failed to remove it when the web application was stopped. Threads are going to be renewed over time to try and avoid a probable memory leak.
May 26, 2016 12:27:02 PM org.apache.catalina.loader.WebappClassLoader checkThreadLocalMapForLeaks
SEVERE: The web application [/geoserver] created a ThreadLocal with key of type [org.apache.commons.lang.builder.HashCodeBuilder$1] (value [org.apache.commons.lang.builder.HashCodeBuilder$1@20b9f0d0]) and a value of type [java.util.HashSet] (value [[]]) but failed to remove it when the web application was stopped. Threads are going to be renewed over time to try and avoid a probable memory leak.
May 26, 2016 12:27:02 PM org.apache.catalina.loader.WebappClassLoader checkThreadLocalMapForLeaks
SEVERE: The web application [/geoserver] created a ThreadLocal with key of type [org.eclipse.emf.ecore.xml.type.util.XMLTypeUtil.CharArrayThreadLocal] (value [org.eclipse.emf.ecore.xml.type.util.XMLTypeUtil$CharArrayThreadLocal@53877bc7]) and a value of type [char[]] (value [[C@63cf70a8]) but failed to remove it when the web application was stopped. Threads are going to be renewed over time to try and avoid a probable memory leak.
May 26, 2016 12:27:02 PM org.apache.catalina.loader.WebappClassLoader checkThreadLocalMapForLeaks
SEVERE: The web application [/geoserver] created a ThreadLocal with key of type [java.lang.ThreadLocal] (value [java.lang.ThreadLocal@47ed58c9]) and a value of type [org.geotools.referencing.wkt.Formatter] (value []) but failed to remove it when the web application was stopped. Threads are going to be renewed over time to try and avoid a probable memory leak.
May 26, 2016 12:27:02 PM org.apache.catalina.loader.WebappClassLoader checkThreadLocalMapForLeaks
SEVERE: The web application [/geoserver] created a ThreadLocal with key of type [java.lang.ThreadLocal] (value [java.lang.ThreadLocal@2f601903]) and a value of type [org.springframework.security.core.context.SecurityContextImpl] (value [org.springframework.security.core.context.SecurityContextImpl@ffffffff: Null authentication]) but failed to remove it when the web application was stopped. Threads are going to be renewed over time to try and avoid a probable memory leak.
May 26, 2016 12:27:02 PM org.apache.catalina.loader.WebappClassLoader checkThreadLocalMapForLeaks
SEVERE: The web application [/geoserver] created a ThreadLocal with key of type [org.eclipse.emf.ecore.impl.EClassImpl$1] (value [org.eclipse.emf.ecore.impl.EClassImpl$1@4e0a2c41]) and a value of type [java.util.HashSet] (value [[]]) but failed to remove it when the web application was stopped. Threads are going to be renewed over time to try and avoid a probable memory leak.
May 26, 2016 12:27:02 PM org.apache.catalina.startup.HostConfig deployDirectory
INFO: Deploying web application directory /var/lib/tomcat7/webapps/ROOT
May 26, 2016 12:27:02 PM org.apache.coyote.AbstractProtocol start
INFO: Starting ProtocolHandler ["http-bio-8080"]
May 26, 2016 12:27:02 PM org.apache.catalina.startup.Catalina start
INFO: Server startup in 20835 ms



On 05/26/2016 08:22 AM, Christian Mueller wrote:
Hi 

What do you mean with deleting the admin password ?

Obviously GeoServer cannot decode the password of your datastore. I assume you did a fresh installation and the GeoServer internal key material  
has changed.  Different GeoServer installations use different key material. 

Solution: find the xml config file for your datastore. Search the XML element named "password".  Replace the password with:

plain:mypassword.

After restarting, use the admin GUI, open the edit view of your datastore and save the config. This will encrypt the password using your new internal keys.

Cheers
Christian





------------------------------------------------------------------------------
Mobile security can be enabling, not merely restricting. Employees who
bring their own devices (BYOD) to work are irked by the imposition of MDM
restrictions. Mobile Device Manager Plus allows you to control only the
apps on BYO-devices by containerizing them, leaving personal data untouched!
https://ad.doubleclick.net/ddm/clk/304595813;131938128;j
_______________________________________________
Geoserver-users mailing list
[hidden email]
https://lists.sourceforge.net/lists/listinfo/geoserver-users




--
==
GeoServer Professional Services from the experts! Visit
http://goo.gl/it488V for more information.
==

Ing. Andrea Aime 
@geowolf
Technical Lead

GeoSolutions S.A.S.
Via di Montramito 3/A
55054  Massarosa (LU)
phone: <a href="tel:%2B39%200584%20962313" value="+390584962313" target="_blank">+39 0584 962313
fax: <a href="tel:%2B39%200584%201660272" value="+3905841660272" target="_blank">+39 0584 1660272
mob: <a href="tel:%2B39%20%C2%A0339%208844549" value="+393398844549" target="_blank">+39  339 8844549


AVVERTENZE AI SENSI DEL D.Lgs. 196/2003

Le informazioni contenute in questo messaggio di posta elettronica e/o nel/i file/s allegato/i sono da considerarsi strettamente riservate. Il loro utilizzo è consentito esclusivamente al destinatario del messaggio, per le finalità indicate nel messaggio stesso. Qualora riceviate questo messaggio senza esserne il destinatario, Vi preghiamo cortesemente di darcene notizia via e-mail e di procedere alla distruzione del messaggio stesso, cancellandolo dal Vostro sistema. Conservare il messaggio stesso, divulgarlo anche in parte, distribuirlo ad altri soggetti, copiarlo, od utilizzarlo per finalità diverse, costituisce comportamento contrario ai principi dettati dal D.Lgs. 196/2003.

 

The information in this message and/or attachments, is intended solely for the attention and use of the named addressee(s) and may be confidential or proprietary in nature or covered by the provisions of privacy act (Legislative Decree June, 30 2003, no.196 - Italy's New Data Protection Code).Any use not in accord with its purpose, any disclosure, reproduction, copying, distribution, or either dissemination, either whole or partial, is strictly forbidden except previous formal approval of the named addressee(s). If you are not the intended recipient, please contact immediately the sender by telephone, fax or e-mail and delete the information in this message that has been received in error. The sender does not give any warranty or accept liability as the content, accuracy or completeness of sent messages and accepts no responsibility  for changes made after they were sent or for other risks which arise as a result of e-mail transmission, viruses, etc.


-------------------------------------------------------

------------------------------------------------------------------------------
Mobile security can be enabling, not merely restricting. Employees who
bring their own devices (BYOD) to work are irked by the imposition of MDM
restrictions. Mobile Device Manager Plus allows you to control only the
apps on BYO-devices by containerizing them, leaving personal data untouched!
https://ad.doubleclick.net/ddm/clk/304595813;131938128;j
_______________________________________________
Geoserver-users mailing list
[hidden email]
https://lists.sourceforge.net/lists/listinfo/geoserver-users




--
DI Christian Mueller MSc (GIS), MSc (IT-Security)
OSS Open Source Solutions GmbH


------------------------------------------------------------------------------
What NetFlow Analyzer can do for you? Monitors network bandwidth and traffic
patterns at an interface-level. Reveals which users, apps, and protocols are
consuming the most bandwidth. Provides multi-vendor support for NetFlow,
J-Flow, sFlow and other flows. Make informed decisions using capacity
planning reports. https://ad.doubleclick.net/ddm/clk/305295220;132659582;e
_______________________________________________
Geoserver-users mailing list
[hidden email]
https://lists.sourceforge.net/lists/listinfo/geoserver-users
Reply | Threaded
Open this post in threaded view
|

Re: GeoServer doesn't Start-up

mentaer

Hi, just want to confirm that we found a new JDK version installed from auto update. Which brings us most likely closer to a solution.

thanks,
stefan

On 5/26/16 23:16, Christian Mueller wrote:
Hi

@Andrea, this is not a wild guess and could be the reason for this problem. Concerning security, OpenJDK makes live easier because it is unrestricted out of the box whilst Oralce JDK is not.

Cheers
Christian

On Thu, May 26, 2016 at 8:46 PM, Andrea Aime <[hidden email]> wrote:
Hi,
I'm making a wild guess and I might be way off the mark, so sorry in advance if it does not help but... 
could it be that you once installed the unrestricted policy jars for strong encryption, and then
a JDK upgrade happened, it wiped out those jars (they are in the JDK itself), and now you cannot perform the same
type of encryption anymore?

Cheers
Andrea

On Thu, May 26, 2016 at 7:33 PM, Stefan Steiniger <[hidden email]> wrote:
Hi,

thanks for the idea. I meant: deleting the default password file as the instructions suggest. The problem seems also that we would have to get GeoServer running at least once, but we haven't achieved this.
Apart from that we did no new installation, everything is as it was before. But it seems like the problem is related to a security feature according to a new extended log output (see below) - my colleague is looking into that now (as I am giving a course all day).

stefan

===============
26 May 12:27:00 INFO [geoserver.wps] - Found 29 bindable processes in Vector processes
26 May 12:27:00 INFO [geoserver.wps] - Blacklisting process geonode:BatchDownload as the input LAYERS of type class org.geonode.process.batchdownload.LayerReference cannot be handled
26 May 12:27:00 INFO [geoserver.wps] - Blacklisting process geonode:BatchDownload as the input map of type class org.geonode.process.batchdownload.MapMetadata cannot be handled
26 May 12:27:00 INFO [geoserver.wps] - Blacklisting process geonode:BatchDownload as the output ZippedFile of type interface org.geonode.process.storage.Resource cannot be handled
26 May 12:27:00 INFO [geoserver.wps] - Found 0 bindable processes in Batch Downloader
26 May 12:27:00 INFO [geoserver.wps] - Found 4 bindable processes in GeoServer specific processes
26 May 12:27:00 INFO [geoserver.wps] - Found 89 bindable processes in Deprecated processes
May 26, 2016 12:27:00 PM org.apache.catalina.core.StandardContext listenerStart
SEVERE: Exception sending context initialized event to listener instance of class org.geoserver.platform.GeoServerContextLoaderListener
org.springframework.beans.factory.BeanCreationException: Error occured reading security configuration; nested exception is java.lang.RuntimeException: org.jasypt.exceptions.EncryptionOperationNotPossibleException
    at org.geoserver.security.GeoServerSecurityManager.onApplicationEvent(GeoServerSecurityManager.java:346)
    at org.springframework.context.event.SimpleApplicationEventMulticaster.multicastEvent(SimpleApplicationEventMulticaster.java:97)
    at org.springframework.context.support.AbstractApplicationContext.publishEvent(AbstractApplicationContext.java:327)
    at org.geoserver.platform.GeoServerContextLoaderListener.contextInitialized(GeoServerContextLoaderListener.java:25)
    at org.apache.catalina.core.StandardContext.listenerStart(StandardContext.java:4779)
    at org.apache.catalina.core.StandardContext.startInternal(StandardContext.java:5273)
    at org.apache.catalina.util.LifecycleBase.start(LifecycleBase.java:150)
    at org.apache.catalina.core.ContainerBase.addChildInternal(ContainerBase.java:895)
    at org.apache.catalina.core.ContainerBase.addChild(ContainerBase.java:871)
    at org.apache.catalina.core.StandardHost.addChild(StandardHost.java:615)
    at org.apache.catalina.startup.HostConfig.deployDescriptor(HostConfig.java:649)
    at org.apache.catalina.startup.HostConfig$DeployDescriptor.run(HostConfig.java:1581)
    at java.util.concurrent.Executors$RunnableAdapter.call(Executors.java:471)
    at java.util.concurrent.FutureTask$Sync.innerRun(FutureTask.java:334)
    at java.util.concurrent.FutureTask.run(FutureTask.java:166)
    at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1146)
    at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:615)
    at java.lang.Thread.run(Thread.java:701)
Caused by: java.lang.RuntimeException: org.jasypt.exceptions.EncryptionOperationNotPossibleException
    at org.geoserver.security.GeoServerSecurityManager.getMasterPassword(GeoServerSecurityManager.java:1631)
    at org.geoserver.security.KeyStoreProviderImpl.assertActivatedKeyStore(KeyStoreProviderImpl.java:236)
    at org.geoserver.security.KeyStoreProviderImpl.reloadKeyStore(KeyStoreProviderImpl.java:103)
    at org.geoserver.security.concurrent.LockingKeyStoreProvider.reloadKeyStore(LockingKeyStoreProvider.java:79)
    at org.geoserver.security.GeoServerSecurityManager.init(GeoServerSecurityManager.java:429)
    at org.geoserver.security.GeoServerSecurityManager.init(GeoServerSecurityManager.java:420)
    at org.geoserver.security.GeoServerSecurityManager.onApplicationEvent(GeoServerSecurityManager.java:339)
    ... 17 more
Caused by: org.jasypt.exceptions.EncryptionOperationNotPossibleException
    at org.jasypt.encryption.pbe.StandardPBEByteEncryptor.decrypt(StandardPBEByteEncryptor.java:918)
    at org.geoserver.security.password.URLMasterPasswordProvider.decode(URLMasterPasswordProvider.java:130)
    at org.geoserver.security.password.URLMasterPasswordProvider.doGetMasterPassword(URLMasterPasswordProvider.java:76)
    at org.geoserver.security.MasterPasswordProvider.getMasterPassword(MasterPasswordProvider.java:34)
    at org.geoserver.security.GeoServerSecurityManager.getMasterPassword(GeoServerSecurityManager.java:1629)
    ... 23 more
May 26, 2016 12:27:00 PM org.apache.catalina.core.StandardContext startInternal
SEVERE: Error listenerStart
May 26, 2016 12:27:00 PM org.apache.catalina.core.StandardContext startInternal
SEVERE: Context [/geoserver] startup failed due to previous errors
May 26, 2016 12:27:00 PM org.apache.catalina.core.ApplicationContext log
INFO: Closing Spring root WebApplicationContext
26 May 12:27:00 WARN [support.DisposableBeanAdapter] - Invocation of destroy method failed on bean with name 'printingWrapper': java.lang.NullPointerException
26 May 12:27:00 INFO [georss.GeoRSSPoller] - destroy() invoked
26 May 12:27:00 INFO [geowebcache.GeoWebCacheDispatcher] - GeoWebCacheDispatcher.destroy() was invoked, shutting down.
26 May 12:27:00 INFO [diskquota.DiskQuotaMonitor] - Disk quota monitor shutting down...
26 May 12:27:00 INFO [diskquota.DiskQuotaMonitor] - Shutting down quota usage monitor...
26 May 12:27:00 INFO [diskquota.QuotaUpdatesMonitor] - Shutting down quota usage monitor...
26 May 12:27:00 INFO [diskquota.DiskQuotaMonitor] - Shutting down quota statistics gathering monitor...
26 May 12:27:00 INFO [diskquota.QueuedQuotaUpdatesConsumer] - Shutting down quota update background task due to InterruptedException
26 May 12:27:00 INFO [diskquota.QueuedUsageStatsConsumer] - Shutting down quota update background task due to interrupted exception
26 May 12:27:00 INFO [seed.SeederThreadPoolExecutor] - Initiating shut down for running and pending seed tasks...
26 May 12:27:00 INFO [seed.SeederThreadPoolExecutor] - Seeder thread pool executor shut down complete.
26 May 12:27:00 INFO [storage.DefaultStorageBroker] - Destroying StorageBroker
26 May 12:27:00 WARN [support.DisposableBeanAdapter] - Invocation of destroy method failed on bean with name 'geoServerLoader': org.springframework.beans.factory.BeanCreationNotAllowedException: Error creating bean with name 'GWCLifeCycleHandler': Singleton bean creation not allowed while the singletons of this factory are in destruction (Do not request a bean from a BeanFactory in a destroy method implementation!)
May 26, 2016 12:27:02 PM org.apache.catalina.loader.WebappClassLoader checkThreadLocalMapForLeaks
SEVERE: The web application [/geoserver] created a ThreadLocal with key of type [java.lang.ThreadLocal] (value [java.lang.ThreadLocal@4668c5ea]) and a value of type [org.geotools.referencing.operation.projection.TransverseMercator.Provider] (value [PROJECTION["Transverse_Mercator"]]) but failed to remove it when the web application was stopped. Threads are going to be renewed over time to try and avoid a probable memory leak.
May 26, 2016 12:27:02 PM org.apache.catalina.loader.WebappClassLoader checkThreadLocalMapForLeaks
SEVERE: The web application [/geoserver] created a ThreadLocal with key of type [org.apache.commons.lang.builder.HashCodeBuilder$1] (value [org.apache.commons.lang.builder.HashCodeBuilder$1@20b9f0d0]) and a value of type [java.util.HashSet] (value [[]]) but failed to remove it when the web application was stopped. Threads are going to be renewed over time to try and avoid a probable memory leak.
May 26, 2016 12:27:02 PM org.apache.catalina.loader.WebappClassLoader checkThreadLocalMapForLeaks
SEVERE: The web application [/geoserver] created a ThreadLocal with key of type [org.eclipse.emf.ecore.xml.type.util.XMLTypeUtil.CharArrayThreadLocal] (value [org.eclipse.emf.ecore.xml.type.util.XMLTypeUtil$CharArrayThreadLocal@53877bc7]) and a value of type [char[]] (value [[C@63cf70a8]) but failed to remove it when the web application was stopped. Threads are going to be renewed over time to try and avoid a probable memory leak.
May 26, 2016 12:27:02 PM org.apache.catalina.loader.WebappClassLoader checkThreadLocalMapForLeaks
SEVERE: The web application [/geoserver] created a ThreadLocal with key of type [java.lang.ThreadLocal] (value [java.lang.ThreadLocal@47ed58c9]) and a value of type [org.geotools.referencing.wkt.Formatter] (value []) but failed to remove it when the web application was stopped. Threads are going to be renewed over time to try and avoid a probable memory leak.
May 26, 2016 12:27:02 PM org.apache.catalina.loader.WebappClassLoader checkThreadLocalMapForLeaks
SEVERE: The web application [/geoserver] created a ThreadLocal with key of type [java.lang.ThreadLocal] (value [java.lang.ThreadLocal@2f601903]) and a value of type [org.springframework.security.core.context.SecurityContextImpl] (value [org.springframework.security.core.context.SecurityContextImpl@ffffffff: Null authentication]) but failed to remove it when the web application was stopped. Threads are going to be renewed over time to try and avoid a probable memory leak.
May 26, 2016 12:27:02 PM org.apache.catalina.loader.WebappClassLoader checkThreadLocalMapForLeaks
SEVERE: The web application [/geoserver] created a ThreadLocal with key of type [org.eclipse.emf.ecore.impl.EClassImpl$1] (value [org.eclipse.emf.ecore.impl.EClassImpl$1@4e0a2c41]) and a value of type [java.util.HashSet] (value [[]]) but failed to remove it when the web application was stopped. Threads are going to be renewed over time to try and avoid a probable memory leak.
May 26, 2016 12:27:02 PM org.apache.catalina.startup.HostConfig deployDirectory
INFO: Deploying web application directory /var/lib/tomcat7/webapps/ROOT
May 26, 2016 12:27:02 PM org.apache.coyote.AbstractProtocol start
INFO: Starting ProtocolHandler ["http-bio-8080"]
May 26, 2016 12:27:02 PM org.apache.catalina.startup.Catalina start
INFO: Server startup in 20835 ms



On 05/26/2016 08:22 AM, Christian Mueller wrote:
Hi 

What do you mean with deleting the admin password ?

Obviously GeoServer cannot decode the password of your datastore. I assume you did a fresh installation and the GeoServer internal key material  
has changed.  Different GeoServer installations use different key material. 

Solution: find the xml config file for your datastore. Search the XML element named "password".  Replace the password with:

plain:mypassword.

After restarting, use the admin GUI, open the edit view of your datastore and save the config. This will encrypt the password using your new internal keys.

Cheers
Christian





------------------------------------------------------------------------------
Mobile security can be enabling, not merely restricting. Employees who
bring their own devices (BYOD) to work are irked by the imposition of MDM
restrictions. Mobile Device Manager Plus allows you to control only the
apps on BYO-devices by containerizing them, leaving personal data untouched!
https://ad.doubleclick.net/ddm/clk/304595813;131938128;j
_______________________________________________
Geoserver-users mailing list
[hidden email]
https://lists.sourceforge.net/lists/listinfo/geoserver-users




--
==
GeoServer Professional Services from the experts! Visit
http://goo.gl/it488V for more information.
==

Ing. Andrea Aime 
@geowolf
Technical Lead

GeoSolutions S.A.S.
Via di Montramito 3/A
55054  Massarosa (LU)
phone: <a moz-do-not-send="true" href="tel:%2B39%200584%20962313" value="+390584962313" target="_blank">+39 0584 962313
fax: <a moz-do-not-send="true" href="tel:%2B39%200584%201660272" value="+3905841660272" target="_blank">+39 0584 1660272
mob: <a moz-do-not-send="true" href="tel:%2B39%20%C2%A0339%208844549" value="+393398844549" target="_blank">+39  339 8844549


AVVERTENZE AI SENSI DEL D.Lgs. 196/2003

Le informazioni contenute in questo messaggio di posta elettronica e/o nel/i file/s allegato/i sono da considerarsi strettamente riservate. Il loro utilizzo è consentito esclusivamente al destinatario del messaggio, per le finalità indicate nel messaggio stesso. Qualora riceviate questo messaggio senza esserne il destinatario, Vi preghiamo cortesemente di darcene notizia via e-mail e di procedere alla distruzione del messaggio stesso, cancellandolo dal Vostro sistema. Conservare il messaggio stesso, divulgarlo anche in parte, distribuirlo ad altri soggetti, copiarlo, od utilizzarlo per finalità diverse, costituisce comportamento contrario ai principi dettati dal D.Lgs. 196/2003.

 

The information in this message and/or attachments, is intended solely for the attention and use of the named addressee(s) and may be confidential or proprietary in nature or covered by the provisions of privacy act (Legislative Decree June, 30 2003, no.196 - Italy's New Data Protection Code).Any use not in accord with its purpose, any disclosure, reproduction, copying, distribution, or either dissemination, either whole or partial, is strictly forbidden except previous formal approval of the named addressee(s). If you are not the intended recipient, please contact immediately the sender by telephone, fax or e-mail and delete the information in this message that has been received in error. The sender does not give any warranty or accept liability as the content, accuracy or completeness of sent messages and accepts no responsibility  for changes made after they were sent or for other risks which arise as a result of e-mail transmission, viruses, etc.


-------------------------------------------------------

------------------------------------------------------------------------------
Mobile security can be enabling, not merely restricting. Employees who
bring their own devices (BYOD) to work are irked by the imposition of MDM
restrictions. Mobile Device Manager Plus allows you to control only the
apps on BYO-devices by containerizing them, leaving personal data untouched!
https://ad.doubleclick.net/ddm/clk/304595813;131938128;j
_______________________________________________
Geoserver-users mailing list
[hidden email]
https://lists.sourceforge.net/lists/listinfo/geoserver-users




--
DI Christian Mueller MSc (GIS), MSc (IT-Security)
OSS Open Source Solutions GmbH



------------------------------------------------------------------------------
What NetFlow Analyzer can do for you? Monitors network bandwidth and traffic
patterns at an interface-level. Reveals which users, apps, and protocols are
consuming the most bandwidth. Provides multi-vendor support for NetFlow,
J-Flow, sFlow and other flows. Make informed decisions using capacity
planning reports. https://ad.doubleclick.net/ddm/clk/305295220;132659582;e
_______________________________________________
Geoserver-users mailing list
[hidden email]
https://lists.sourceforge.net/lists/listinfo/geoserver-users
Reply | Threaded
Open this post in threaded view
|

Re: GeoServer doesn't Start-up

Christian Mueller-3
Hi Stefan

OpenJDK or Oracle JDK ?

Cheers
Christian

On Fri, May 27, 2016 at 2:53 PM, Stefan Steiniger <[hidden email]> wrote:

Hi, just want to confirm that we found a new JDK version installed from auto update. Which brings us most likely closer to a solution.

thanks,
stefan


On 5/26/16 23:16, Christian Mueller wrote:
Hi

@Andrea, this is not a wild guess and could be the reason for this problem. Concerning security, OpenJDK makes live easier because it is unrestricted out of the box whilst Oralce JDK is not.

Cheers
Christian

On Thu, May 26, 2016 at 8:46 PM, Andrea Aime <[hidden email]> wrote:
Hi,
I'm making a wild guess and I might be way off the mark, so sorry in advance if it does not help but... 
could it be that you once installed the unrestricted policy jars for strong encryption, and then
a JDK upgrade happened, it wiped out those jars (they are in the JDK itself), and now you cannot perform the same
type of encryption anymore?

Cheers
Andrea

On Thu, May 26, 2016 at 7:33 PM, Stefan Steiniger <[hidden email][hidden email]> wrote:
Hi,

thanks for the idea. I meant: deleting the default password file as the instructions suggest. The problem seems also that we would have to get GeoServer running at least once, but we haven't achieved this.
Apart from that we did no new installation, everything is as it was before. But it seems like the problem is related to a security feature according to a new extended log output (see below) - my colleague is looking into that now (as I am giving a course all day).

stefan

===============
26 May 12:27:00 INFO [geoserver.wps] - Found 29 bindable processes in Vector processes
26 May 12:27:00 INFO [geoserver.wps] - Blacklisting process geonode:BatchDownload as the input LAYERS of type class org.geonode.process.batchdownload.LayerReference cannot be handled
26 May 12:27:00 INFO [geoserver.wps] - Blacklisting process geonode:BatchDownload as the input map of type class org.geonode.process.batchdownload.MapMetadata cannot be handled
26 May 12:27:00 INFO [geoserver.wps] - Blacklisting process geonode:BatchDownload as the output ZippedFile of type interface org.geonode.process.storage.Resource cannot be handled
26 May 12:27:00 INFO [geoserver.wps] - Found 0 bindable processes in Batch Downloader
26 May 12:27:00 INFO [geoserver.wps] - Found 4 bindable processes in GeoServer specific processes
26 May 12:27:00 INFO [geoserver.wps] - Found 89 bindable processes in Deprecated processes
May 26, 2016 12:27:00 PM org.apache.catalina.core.StandardContext listenerStart
SEVERE: Exception sending context initialized event to listener instance of class org.geoserver.platform.GeoServerContextLoaderListener
org.springframework.beans.factory.BeanCreationException: Error occured reading security configuration; nested exception is java.lang.RuntimeException: org.jasypt.exceptions.EncryptionOperationNotPossibleException
    at org.geoserver.security.GeoServerSecurityManager.onApplicationEvent(GeoServerSecurityManager.java:346)
    at org.springframework.context.event.SimpleApplicationEventMulticaster.multicastEvent(SimpleApplicationEventMulticaster.java:97)
    at org.springframework.context.support.AbstractApplicationContext.publishEvent(AbstractApplicationContext.java:327)
    at org.geoserver.platform.GeoServerContextLoaderListener.contextInitialized(GeoServerContextLoaderListener.java:25)
    at org.apache.catalina.core.StandardContext.listenerStart(StandardContext.java:4779)
    at org.apache.catalina.core.StandardContext.startInternal(StandardContext.java:5273)
    at org.apache.catalina.util.LifecycleBase.start(LifecycleBase.java:150)
    at org.apache.catalina.core.ContainerBase.addChildInternal(ContainerBase.java:895)
    at org.apache.catalina.core.ContainerBase.addChild(ContainerBase.java:871)
    at org.apache.catalina.core.StandardHost.addChild(StandardHost.java:615)
    at org.apache.catalina.startup.HostConfig.deployDescriptor(HostConfig.java:649)
    at org.apache.catalina.startup.HostConfig$DeployDescriptor.run(HostConfig.java:1581)
    at java.util.concurrent.Executors$RunnableAdapter.call(Executors.java:471)
    at java.util.concurrent.FutureTask$Sync.innerRun(FutureTask.java:334)
    at java.util.concurrent.FutureTask.run(FutureTask.java:166)
    at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1146)
    at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:615)
    at java.lang.Thread.run(Thread.java:701)
Caused by: java.lang.RuntimeException: org.jasypt.exceptions.EncryptionOperationNotPossibleException
    at org.geoserver.security.GeoServerSecurityManager.getMasterPassword(GeoServerSecurityManager.java:1631)
    at org.geoserver.security.KeyStoreProviderImpl.assertActivatedKeyStore(KeyStoreProviderImpl.java:236)
    at org.geoserver.security.KeyStoreProviderImpl.reloadKeyStore(KeyStoreProviderImpl.java:103)
    at org.geoserver.security.concurrent.LockingKeyStoreProvider.reloadKeyStore(LockingKeyStoreProvider.java:79)
    at org.geoserver.security.GeoServerSecurityManager.init(GeoServerSecurityManager.java:429)
    at org.geoserver.security.GeoServerSecurityManager.init(GeoServerSecurityManager.java:420)
    at org.geoserver.security.GeoServerSecurityManager.onApplicationEvent(GeoServerSecurityManager.java:339)
    ... 17 more
Caused by: org.jasypt.exceptions.EncryptionOperationNotPossibleException
    at org.jasypt.encryption.pbe.StandardPBEByteEncryptor.decrypt(StandardPBEByteEncryptor.java:918)
    at org.geoserver.security.password.URLMasterPasswordProvider.decode(URLMasterPasswordProvider.java:130)
    at org.geoserver.security.password.URLMasterPasswordProvider.doGetMasterPassword(URLMasterPasswordProvider.java:76)
    at org.geoserver.security.MasterPasswordProvider.getMasterPassword(MasterPasswordProvider.java:34)
    at org.geoserver.security.GeoServerSecurityManager.getMasterPassword(GeoServerSecurityManager.java:1629)
    ... 23 more
May 26, 2016 12:27:00 PM org.apache.catalina.core.StandardContext startInternal
SEVERE: Error listenerStart
May 26, 2016 12:27:00 PM org.apache.catalina.core.StandardContext startInternal
SEVERE: Context [/geoserver] startup failed due to previous errors
May 26, 2016 12:27:00 PM org.apache.catalina.core.ApplicationContext log
INFO: Closing Spring root WebApplicationContext
26 May 12:27:00 WARN [support.DisposableBeanAdapter] - Invocation of destroy method failed on bean with name 'printingWrapper': java.lang.NullPointerException
26 May 12:27:00 INFO [georss.GeoRSSPoller] - destroy() invoked
26 May 12:27:00 INFO [geowebcache.GeoWebCacheDispatcher] - GeoWebCacheDispatcher.destroy() was invoked, shutting down.
26 May 12:27:00 INFO [diskquota.DiskQuotaMonitor] - Disk quota monitor shutting down...
26 May 12:27:00 INFO [diskquota.DiskQuotaMonitor] - Shutting down quota usage monitor...
26 May 12:27:00 INFO [diskquota.QuotaUpdatesMonitor] - Shutting down quota usage monitor...
26 May 12:27:00 INFO [diskquota.DiskQuotaMonitor] - Shutting down quota statistics gathering monitor...
26 May 12:27:00 INFO [diskquota.QueuedQuotaUpdatesConsumer] - Shutting down quota update background task due to InterruptedException
26 May 12:27:00 INFO [diskquota.QueuedUsageStatsConsumer] - Shutting down quota update background task due to interrupted exception
26 May 12:27:00 INFO [seed.SeederThreadPoolExecutor] - Initiating shut down for running and pending seed tasks...
26 May 12:27:00 INFO [seed.SeederThreadPoolExecutor] - Seeder thread pool executor shut down complete.
26 May 12:27:00 INFO [storage.DefaultStorageBroker] - Destroying StorageBroker
26 May 12:27:00 WARN [support.DisposableBeanAdapter] - Invocation of destroy method failed on bean with name 'geoServerLoader': org.springframework.beans.factory.BeanCreationNotAllowedException: Error creating bean with name 'GWCLifeCycleHandler': Singleton bean creation not allowed while the singletons of this factory are in destruction (Do not request a bean from a BeanFactory in a destroy method implementation!)
May 26, 2016 12:27:02 PM org.apache.catalina.loader.WebappClassLoader checkThreadLocalMapForLeaks
SEVERE: The web application [/geoserver] created a ThreadLocal with key of type [java.lang.ThreadLocal] (value [java.lang.ThreadLocal@4668c5ea]) and a value of type [org.geotools.referencing.operation.projection.TransverseMercator.Provider] (value [PROJECTION["Transverse_Mercator"]]) but failed to remove it when the web application was stopped. Threads are going to be renewed over time to try and avoid a probable memory leak.
May 26, 2016 12:27:02 PM org.apache.catalina.loader.WebappClassLoader checkThreadLocalMapForLeaks
SEVERE: The web application [/geoserver] created a ThreadLocal with key of type [org.apache.commons.lang.builder.HashCodeBuilder$1] (value [org.apache.commons.lang.builder.HashCodeBuilder$1@20b9f0d0]) and a value of type [java.util.HashSet] (value [[]]) but failed to remove it when the web application was stopped. Threads are going to be renewed over time to try and avoid a probable memory leak.
May 26, 2016 12:27:02 PM org.apache.catalina.loader.WebappClassLoader checkThreadLocalMapForLeaks
SEVERE: The web application [/geoserver] created a ThreadLocal with key of type [org.eclipse.emf.ecore.xml.type.util.XMLTypeUtil.CharArrayThreadLocal] (value [org.eclipse.emf.ecore.xml.type.util.XMLTypeUtil$CharArrayThreadLocal@53877bc7]) and a value of type [char[]] (value [[C@63cf70a8]) but failed to remove it when the web application was stopped. Threads are going to be renewed over time to try and avoid a probable memory leak.
May 26, 2016 12:27:02 PM org.apache.catalina.loader.WebappClassLoader checkThreadLocalMapForLeaks
SEVERE: The web application [/geoserver] created a ThreadLocal with key of type [java.lang.ThreadLocal] (value [java.lang.ThreadLocal@47ed58c9]) and a value of type [org.geotools.referencing.wkt.Formatter] (value []) but failed to remove it when the web application was stopped. Threads are going to be renewed over time to try and avoid a probable memory leak.
May 26, 2016 12:27:02 PM org.apache.catalina.loader.WebappClassLoader checkThreadLocalMapForLeaks
SEVERE: The web application [/geoserver] created a ThreadLocal with key of type [java.lang.ThreadLocal] (value [java.lang.ThreadLocal@2f601903]) and a value of type [org.springframework.security.core.context.SecurityContextImpl] (value [org.springframework.security.core.context.SecurityContextImpl@ffffffff: Null authentication]) but failed to remove it when the web application was stopped. Threads are going to be renewed over time to try and avoid a probable memory leak.
May 26, 2016 12:27:02 PM org.apache.catalina.loader.WebappClassLoader checkThreadLocalMapForLeaks
SEVERE: The web application [/geoserver] created a ThreadLocal with key of type [org.eclipse.emf.ecore.impl.EClassImpl$1] (value [org.eclipse.emf.ecore.impl.EClassImpl$1@4e0a2c41]) and a value of type [java.util.HashSet] (value [[]]) but failed to remove it when the web application was stopped. Threads are going to be renewed over time to try and avoid a probable memory leak.
May 26, 2016 12:27:02 PM org.apache.catalina.startup.HostConfig deployDirectory
INFO: Deploying web application directory /var/lib/tomcat7/webapps/ROOT
May 26, 2016 12:27:02 PM org.apache.coyote.AbstractProtocol start
INFO: Starting ProtocolHandler ["http-bio-8080"]
May 26, 2016 12:27:02 PM org.apache.catalina.startup.Catalina start
INFO: Server startup in 20835 ms



On 05/26/2016 08:22 AM, Christian Mueller wrote:
Hi 

What do you mean with deleting the admin password ?

Obviously GeoServer cannot decode the password of your datastore. I assume you did a fresh installation and the GeoServer internal key material  
has changed.  Different GeoServer installations use different key material. 

Solution: find the xml config file for your datastore. Search the XML element named "password".  Replace the password with:

plain:mypassword.

After restarting, use the admin GUI, open the edit view of your datastore and save the config. This will encrypt the password using your new internal keys.

Cheers
Christian





------------------------------------------------------------------------------
Mobile security can be enabling, not merely restricting. Employees who
bring their own devices (BYOD) to work are irked by the imposition of MDM
restrictions. Mobile Device Manager Plus allows you to control only the
apps on BYO-devices by containerizing them, leaving personal data untouched!
https://ad.doubleclick.net/ddm/clk/304595813;131938128;j
_______________________________________________
Geoserver-users mailing list
[hidden email]
https://lists.sourceforge.net/lists/listinfo/geoserver-users




--
==
GeoServer Professional Services from the experts! Visit
http://goo.gl/it488V for more information.
==

Ing. Andrea Aime 
@geowolf
Technical Lead

GeoSolutions S.A.S.
Via di Montramito 3/A
55054  Massarosa (LU)
phone: <a href="tel:%2B39%200584%20962313" value="+390584962313" target="_blank">+39 0584 962313
fax: <a href="tel:%2B39%200584%201660272" value="+3905841660272" target="_blank">+39 0584 1660272
mob: <a href="tel:%2B39%20%C2%A0339%208844549" value="+393398844549" target="_blank">+39  339 8844549


AVVERTENZE AI SENSI DEL D.Lgs. 196/2003

Le informazioni contenute in questo messaggio di posta elettronica e/o nel/i file/s allegato/i sono da considerarsi strettamente riservate. Il loro utilizzo è consentito esclusivamente al destinatario del messaggio, per le finalità indicate nel messaggio stesso. Qualora riceviate questo messaggio senza esserne il destinatario, Vi preghiamo cortesemente di darcene notizia via e-mail e di procedere alla distruzione del messaggio stesso, cancellandolo dal Vostro sistema. Conservare il messaggio stesso, divulgarlo anche in parte, distribuirlo ad altri soggetti, copiarlo, od utilizzarlo per finalità diverse, costituisce comportamento contrario ai principi dettati dal D.Lgs. 196/2003.

 

The information in this message and/or attachments, is intended solely for the attention and use of the named addressee(s) and may be confidential or proprietary in nature or covered by the provisions of privacy act (Legislative Decree June, 30 2003, no.196 - Italy's New Data Protection Code).Any use not in accord with its purpose, any disclosure, reproduction, copying, distribution, or either dissemination, either whole or partial, is strictly forbidden except previous formal approval of the named addressee(s). If you are not the intended recipient, please contact immediately the sender by telephone, fax or e-mail and delete the information in this message that has been received in error. The sender does not give any warranty or accept liability as the content, accuracy or completeness of sent messages and accepts no responsibility  for changes made after they were sent or for other risks which arise as a result of e-mail transmission, viruses, etc.


-------------------------------------------------------

------------------------------------------------------------------------------
Mobile security can be enabling, not merely restricting. Employees who
bring their own devices (BYOD) to work are irked by the imposition of MDM
restrictions. Mobile Device Manager Plus allows you to control only the
apps on BYO-devices by containerizing them, leaving personal data untouched!
https://ad.doubleclick.net/ddm/clk/304595813;131938128;j
_______________________________________________
Geoserver-users mailing list
[hidden email]
https://lists.sourceforge.net/lists/listinfo/geoserver-users




--
DI Christian Mueller MSc (GIS), MSc (IT-Security)
OSS Open Source Solutions GmbH





--
DI Christian Mueller MSc (GIS), MSc (IT-Security)
OSS Open Source Solutions GmbH


------------------------------------------------------------------------------
What NetFlow Analyzer can do for you? Monitors network bandwidth and traffic
patterns at an interface-level. Reveals which users, apps, and protocols are
consuming the most bandwidth. Provides multi-vendor support for NetFlow,
J-Flow, sFlow and other flows. Make informed decisions using capacity
planning reports. https://ad.doubleclick.net/ddm/clk/305295220;132659582;e
_______________________________________________
Geoserver-users mailing list
[hidden email]
https://lists.sourceforge.net/lists/listinfo/geoserver-users
Reply | Threaded
Open this post in threaded view
|

Re: GeoServer doesn't Start-up

mentaer

Hi Christian,

is OpenJDK. Based on an older VM backup from last year we actually got the problem fixed like 15mins ago. From what my colleague mentioned shortly in the email, the JDK update was actually not really the problem... (well we run now again on 1.6 IcedTea6 1.13.11). I hope to report back in detail on Monday.

have a good weekend,
stefan

On 5/27/16 23:49, Christian Mueller wrote:
Hi Stefan

OpenJDK or Oracle JDK ?

Cheers
Christian

On Fri, May 27, 2016 at 2:53 PM, Stefan Steiniger <[hidden email]> wrote:

Hi, just want to confirm that we found a new JDK version installed from auto update. Which brings us most likely closer to a solution.

thanks,
stefan


On 5/26/16 23:16, Christian Mueller wrote:
Hi

@Andrea, this is not a wild guess and could be the reason for this problem. Concerning security, OpenJDK makes live easier because it is unrestricted out of the box whilst Oralce JDK is not.

Cheers
Christian

On Thu, May 26, 2016 at 8:46 PM, Andrea Aime <[hidden email]> wrote:
Hi,
I'm making a wild guess and I might be way off the mark, so sorry in advance if it does not help but... 
could it be that you once installed the unrestricted policy jars for strong encryption, and then
a JDK upgrade happened, it wiped out those jars (they are in the JDK itself), and now you cannot perform the same
type of encryption anymore?

Cheers
Andrea

On Thu, May 26, 2016 at 7:33 PM, Stefan Steiniger <[hidden email]> wrote:
Hi,

thanks for the idea. I meant: deleting the default password file as the instructions suggest. The problem seems also that we would have to get GeoServer running at least once, but we haven't achieved this.
Apart from that we did no new installation, everything is as it was before. But it seems like the problem is related to a security feature according to a new extended log output (see below) - my colleague is looking into that now (as I am giving a course all day).

stefan

===============
26 May 12:27:00 INFO [geoserver.wps] - Found 29 bindable processes in Vector processes
26 May 12:27:00 INFO [geoserver.wps] - Blacklisting process geonode:BatchDownload as the input LAYERS of type class org.geonode.process.batchdownload.LayerReference cannot be handled
26 May 12:27:00 INFO [geoserver.wps] - Blacklisting process geonode:BatchDownload as the input map of type class org.geonode.process.batchdownload.MapMetadata cannot be handled
26 May 12:27:00 INFO [geoserver.wps] - Blacklisting process geonode:BatchDownload as the output ZippedFile of type interface org.geonode.process.storage.Resource cannot be handled
26 May 12:27:00 INFO [geoserver.wps] - Found 0 bindable processes in Batch Downloader
26 May 12:27:00 INFO [geoserver.wps] - Found 4 bindable processes in GeoServer specific processes
26 May 12:27:00 INFO [geoserver.wps] - Found 89 bindable processes in Deprecated processes
May 26, 2016 12:27:00 PM org.apache.catalina.core.StandardContext listenerStart
SEVERE: Exception sending context initialized event to listener instance of class org.geoserver.platform.GeoServerContextLoaderListener
org.springframework.beans.factory.BeanCreationException: Error occured reading security configuration; nested exception is java.lang.RuntimeException: org.jasypt.exceptions.EncryptionOperationNotPossibleException
    at org.geoserver.security.GeoServerSecurityManager.onApplicationEvent(GeoServerSecurityManager.java:346)
    at org.springframework.context.event.SimpleApplicationEventMulticaster.multicastEvent(SimpleApplicationEventMulticaster.java:97)
    at org.springframework.context.support.AbstractApplicationContext.publishEvent(AbstractApplicationContext.java:327)
    at org.geoserver.platform.GeoServerContextLoaderListener.contextInitialized(GeoServerContextLoaderListener.java:25)
    at org.apache.catalina.core.StandardContext.listenerStart(StandardContext.java:4779)
    at org.apache.catalina.core.StandardContext.startInternal(StandardContext.java:5273)
    at org.apache.catalina.util.LifecycleBase.start(LifecycleBase.java:150)
    at org.apache.catalina.core.ContainerBase.addChildInternal(ContainerBase.java:895)
    at org.apache.catalina.core.ContainerBase.addChild(ContainerBase.java:871)
    at org.apache.catalina.core.StandardHost.addChild(StandardHost.java:615)
    at org.apache.catalina.startup.HostConfig.deployDescriptor(HostConfig.java:649)
    at org.apache.catalina.startup.HostConfig$DeployDescriptor.run(HostConfig.java:1581)
    at java.util.concurrent.Executors$RunnableAdapter.call(Executors.java:471)
    at java.util.concurrent.FutureTask$Sync.innerRun(FutureTask.java:334)
    at java.util.concurrent.FutureTask.run(FutureTask.java:166)
    at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1146)
    at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:615)
    at java.lang.Thread.run(Thread.java:701)
Caused by: java.lang.RuntimeException: org.jasypt.exceptions.EncryptionOperationNotPossibleException
    at org.geoserver.security.GeoServerSecurityManager.getMasterPassword(GeoServerSecurityManager.java:1631)
    at org.geoserver.security.KeyStoreProviderImpl.assertActivatedKeyStore(KeyStoreProviderImpl.java:236)
    at org.geoserver.security.KeyStoreProviderImpl.reloadKeyStore(KeyStoreProviderImpl.java:103)
    at org.geoserver.security.concurrent.LockingKeyStoreProvider.reloadKeyStore(LockingKeyStoreProvider.java:79)
    at org.geoserver.security.GeoServerSecurityManager.init(GeoServerSecurityManager.java:429)
    at org.geoserver.security.GeoServerSecurityManager.init(GeoServerSecurityManager.java:420)
    at org.geoserver.security.GeoServerSecurityManager.onApplicationEvent(GeoServerSecurityManager.java:339)
    ... 17 more
Caused by: org.jasypt.exceptions.EncryptionOperationNotPossibleException
    at org.jasypt.encryption.pbe.StandardPBEByteEncryptor.decrypt(StandardPBEByteEncryptor.java:918)
    at org.geoserver.security.password.URLMasterPasswordProvider.decode(URLMasterPasswordProvider.java:130)
    at org.geoserver.security.password.URLMasterPasswordProvider.doGetMasterPassword(URLMasterPasswordProvider.java:76)
    at org.geoserver.security.MasterPasswordProvider.getMasterPassword(MasterPasswordProvider.java:34)
    at org.geoserver.security.GeoServerSecurityManager.getMasterPassword(GeoServerSecurityManager.java:1629)
    ... 23 more
May 26, 2016 12:27:00 PM org.apache.catalina.core.StandardContext startInternal
SEVERE: Error listenerStart
May 26, 2016 12:27:00 PM org.apache.catalina.core.StandardContext startInternal
SEVERE: Context [/geoserver] startup failed due to previous errors
May 26, 2016 12:27:00 PM org.apache.catalina.core.ApplicationContext log
INFO: Closing Spring root WebApplicationContext
26 May 12:27:00 WARN [support.DisposableBeanAdapter] - Invocation of destroy method failed on bean with name 'printingWrapper': java.lang.NullPointerException
26 May 12:27:00 INFO [georss.GeoRSSPoller] - destroy() invoked
26 May 12:27:00 INFO [geowebcache.GeoWebCacheDispatcher] - GeoWebCacheDispatcher.destroy() was invoked, shutting down.
26 May 12:27:00 INFO [diskquota.DiskQuotaMonitor] - Disk quota monitor shutting down...
26 May 12:27:00 INFO [diskquota.DiskQuotaMonitor] - Shutting down quota usage monitor...
26 May 12:27:00 INFO [diskquota.QuotaUpdatesMonitor] - Shutting down quota usage monitor...
26 May 12:27:00 INFO [diskquota.DiskQuotaMonitor] - Shutting down quota statistics gathering monitor...
26 May 12:27:00 INFO [diskquota.QueuedQuotaUpdatesConsumer] - Shutting down quota update background task due to InterruptedException
26 May 12:27:00 INFO [diskquota.QueuedUsageStatsConsumer] - Shutting down quota update background task due to interrupted exception
26 May 12:27:00 INFO [seed.SeederThreadPoolExecutor] - Initiating shut down for running and pending seed tasks...
26 May 12:27:00 INFO [seed.SeederThreadPoolExecutor] - Seeder thread pool executor shut down complete.
26 May 12:27:00 INFO [storage.DefaultStorageBroker] - Destroying StorageBroker
26 May 12:27:00 WARN [support.DisposableBeanAdapter] - Invocation of destroy method failed on bean with name 'geoServerLoader': org.springframework.beans.factory.BeanCreationNotAllowedException: Error creating bean with name 'GWCLifeCycleHandler': Singleton bean creation not allowed while the singletons of this factory are in destruction (Do not request a bean from a BeanFactory in a destroy method implementation!)
May 26, 2016 12:27:02 PM org.apache.catalina.loader.WebappClassLoader checkThreadLocalMapForLeaks
SEVERE: The web application [/geoserver] created a ThreadLocal with key of type [java.lang.ThreadLocal] (value [java.lang.ThreadLocal@4668c5ea]) and a value of type [org.geotools.referencing.operation.projection.TransverseMercator.Provider] (value [PROJECTION["Transverse_Mercator"]]) but failed to remove it when the web application was stopped. Threads are going to be renewed over time to try and avoid a probable memory leak.
May 26, 2016 12:27:02 PM org.apache.catalina.loader.WebappClassLoader checkThreadLocalMapForLeaks
SEVERE: The web application [/geoserver] created a ThreadLocal with key of type [org.apache.commons.lang.builder.HashCodeBuilder$1] (value [org.apache.commons.lang.builder.HashCodeBuilder$1@20b9f0d0]) and a value of type [java.util.HashSet] (value [[]]) but failed to remove it when the web application was stopped. Threads are going to be renewed over time to try and avoid a probable memory leak.
May 26, 2016 12:27:02 PM org.apache.catalina.loader.WebappClassLoader checkThreadLocalMapForLeaks
SEVERE: The web application [/geoserver] created a ThreadLocal with key of type [org.eclipse.emf.ecore.xml.type.util.XMLTypeUtil.CharArrayThreadLocal] (value [org.eclipse.emf.ecore.xml.type.util.XMLTypeUtil$CharArrayThreadLocal@53877bc7]) and a value of type [char[]] (value [[C@63cf70a8]) but failed to remove it when the web application was stopped. Threads are going to be renewed over time to try and avoid a probable memory leak.
May 26, 2016 12:27:02 PM org.apache.catalina.loader.WebappClassLoader checkThreadLocalMapForLeaks
SEVERE: The web application [/geoserver] created a ThreadLocal with key of type [java.lang.ThreadLocal] (value [java.lang.ThreadLocal@47ed58c9]) and a value of type [org.geotools.referencing.wkt.Formatter] (value []) but failed to remove it when the web application was stopped. Threads are going to be renewed over time to try and avoid a probable memory leak.
May 26, 2016 12:27:02 PM org.apache.catalina.loader.WebappClassLoader checkThreadLocalMapForLeaks
SEVERE: The web application [/geoserver] created a ThreadLocal with key of type [java.lang.ThreadLocal] (value [java.lang.ThreadLocal@2f601903]) and a value of type [org.springframework.security.core.context.SecurityContextImpl] (value [org.springframework.security.core.context.SecurityContextImpl@ffffffff: Null authentication]) but failed to remove it when the web application was stopped. Threads are going to be renewed over time to try and avoid a probable memory leak.
May 26, 2016 12:27:02 PM org.apache.catalina.loader.WebappClassLoader checkThreadLocalMapForLeaks
SEVERE: The web application [/geoserver] created a ThreadLocal with key of type [org.eclipse.emf.ecore.impl.EClassImpl$1] (value [org.eclipse.emf.ecore.impl.EClassImpl$1@4e0a2c41]) and a value of type [java.util.HashSet] (value [[]]) but failed to remove it when the web application was stopped. Threads are going to be renewed over time to try and avoid a probable memory leak.
May 26, 2016 12:27:02 PM org.apache.catalina.startup.HostConfig deployDirectory
INFO: Deploying web application directory /var/lib/tomcat7/webapps/ROOT
May 26, 2016 12:27:02 PM org.apache.coyote.AbstractProtocol start
INFO: Starting ProtocolHandler ["http-bio-8080"]
May 26, 2016 12:27:02 PM org.apache.catalina.startup.Catalina start
INFO: Server startup in 20835 ms



On 05/26/2016 08:22 AM, Christian Mueller wrote:
Hi 

What do you mean with deleting the admin password ?

Obviously GeoServer cannot decode the password of your datastore. I assume you did a fresh installation and the GeoServer internal key material  
has changed.  Different GeoServer installations use different key material. 

Solution: find the xml config file for your datastore. Search the XML element named "password".  Replace the password with:

plain:mypassword.

After restarting, use the admin GUI, open the edit view of your datastore and save the config. This will encrypt the password using your new internal keys.

Cheers
Christian





------------------------------------------------------------------------------
Mobile security can be enabling, not merely restricting. Employees who
bring their own devices (BYOD) to work are irked by the imposition of MDM
restrictions. Mobile Device Manager Plus allows you to control only the
apps on BYO-devices by containerizing them, leaving personal data untouched!
https://ad.doubleclick.net/ddm/clk/304595813;131938128;j
_______________________________________________
Geoserver-users mailing list
[hidden email]
https://lists.sourceforge.net/lists/listinfo/geoserver-users




--
==
GeoServer Professional Services from the experts! Visit
http://goo.gl/it488V for more information.
==

Ing. Andrea Aime 
@geowolf
Technical Lead

GeoSolutions S.A.S.
Via di Montramito 3/A
55054  Massarosa (LU)
phone: <a moz-do-not-send="true" href="tel:%2B39%200584%20962313" value="+390584962313" target="_blank">+39 0584 962313
fax: <a moz-do-not-send="true" href="tel:%2B39%200584%201660272" value="+3905841660272" target="_blank">+39 0584 1660272
mob: <a moz-do-not-send="true" href="tel:%2B39%20%C2%A0339%208844549" value="+393398844549" target="_blank">+39  339 8844549


AVVERTENZE AI SENSI DEL D.Lgs. 196/2003

Le informazioni contenute in questo messaggio di posta elettronica e/o nel/i file/s allegato/i sono da considerarsi strettamente riservate. Il loro utilizzo è consentito esclusivamente al destinatario del messaggio, per le finalità indicate nel messaggio stesso. Qualora riceviate questo messaggio senza esserne il destinatario, Vi preghiamo cortesemente di darcene notizia via e-mail e di procedere alla distruzione del messaggio stesso, cancellandolo dal Vostro sistema. Conservare il messaggio stesso, divulgarlo anche in parte, distribuirlo ad altri soggetti, copiarlo, od utilizzarlo per finalità diverse, costituisce comportamento contrario ai principi dettati dal D.Lgs. 196/2003.

 

The information in this message and/or attachments, is intended solely for the attention and use of the named addressee(s) and may be confidential or proprietary in nature or covered by the provisions of privacy act (Legislative Decree June, 30 2003, no.196 - Italy's New Data Protection Code).Any use not in accord with its purpose, any disclosure, reproduction, copying, distribution, or either dissemination, either whole or partial, is strictly forbidden except previous formal approval of the named addressee(s). If you are not the intended recipient, please contact immediately the sender by telephone, fax or e-mail and delete the information in this message that has been received in error. The sender does not give any warranty or accept liability as the content, accuracy or completeness of sent messages and accepts no responsibility  for changes made after they were sent or for other risks which arise as a result of e-mail transmission, viruses, etc.


-------------------------------------------------------

------------------------------------------------------------------------------
Mobile security can be enabling, not merely restricting. Employees who
bring their own devices (BYOD) to work are irked by the imposition of MDM
restrictions. Mobile Device Manager Plus allows you to control only the
apps on BYO-devices by containerizing them, leaving personal data untouched!
https://ad.doubleclick.net/ddm/clk/304595813;131938128;j
_______________________________________________
Geoserver-users mailing list
[hidden email]
https://lists.sourceforge.net/lists/listinfo/geoserver-users




--
DI Christian Mueller MSc (GIS), MSc (IT-Security)
OSS Open Source Solutions GmbH





--
DI Christian Mueller MSc (GIS), MSc (IT-Security)
OSS Open Source Solutions GmbH



------------------------------------------------------------------------------
What NetFlow Analyzer can do for you? Monitors network bandwidth and traffic
patterns at an interface-level. Reveals which users, apps, and protocols are
consuming the most bandwidth. Provides multi-vendor support for NetFlow,
J-Flow, sFlow and other flows. Make informed decisions using capacity
planning reports. https://ad.doubleclick.net/ddm/clk/305295220;132659582;e
_______________________________________________
Geoserver-users mailing list
[hidden email]
https://lists.sourceforge.net/lists/listinfo/geoserver-users
Reply | Threaded
Open this post in threaded view
|

Re: GeoServer doesn't Start-up

mentaer
In reply to this post by Christian Mueller-3

Hi,

so not really sure what was the problem but we solved our issue by copying the folder /usr/share/geoserver/data/security with the encryption parts from a mid 2015 copy of our GeoNode VM to our current live GeoNode VM. After rebooting, GeoServer did start-up again :)

If (re-)installing the older Java 1.6 did help as well... we are not really sure about. Could be also that with a reboot that I did earlier - due to the inexplicable high CPU loads - files got damaged. 

And below about the same in Spanish from my colleague.

Thanks for giving the hints.

stefan

====

Lo que pude ver fue que el problema era ocasionado por fallos en encriptación, lo que hice fue analizar en que parte del código de geoserver se utiliza éste, con ello encontré que en la carpeta 'security' que se encuentra en /usr/share/geoserver/data es en donde se encuentran archivos con distintas encriptaciones, por lo que respaldé dicha carpeta y la reemplacé por la que poseia la máquina antigua (sin tener fe en que resultaría) y funcionó, más que eso no hice ningún otro cambio.
No me puedo explicar el problema pero puede haber algún error o daño en uno de los archivos que contenía una contraseña encriptada, ya que en el log que vimos el primer día salían errores de comparación '='.

====

On 5/27/16 23:49, Christian Mueller wrote:
Hi Stefan

OpenJDK or Oracle JDK ?

Cheers
Christian

On Fri, May 27, 2016 at 2:53 PM, Stefan Steiniger <[hidden email]> wrote:

Hi, just want to confirm that we found a new JDK version installed from auto update. Which brings us most likely closer to a solution.

thanks,
stefan


On 5/26/16 23:16, Christian Mueller wrote:
Hi

@Andrea, this is not a wild guess and could be the reason for this problem. Concerning security, OpenJDK makes live easier because it is unrestricted out of the box whilst Oralce JDK is not.

Cheers
Christian

On Thu, May 26, 2016 at 8:46 PM, Andrea Aime <[hidden email]> wrote:
Hi,
I'm making a wild guess and I might be way off the mark, so sorry in advance if it does not help but... 
could it be that you once installed the unrestricted policy jars for strong encryption, and then
a JDK upgrade happened, it wiped out those jars (they are in the JDK itself), and now you cannot perform the same
type of encryption anymore?

Cheers
Andrea

On Thu, May 26, 2016 at 7:33 PM, Stefan Steiniger <[hidden email]> wrote:
Hi,

thanks for the idea. I meant: deleting the default password file as the instructions suggest. The problem seems also that we would have to get GeoServer running at least once, but we haven't achieved this.
Apart from that we did no new installation, everything is as it was before. But it seems like the problem is related to a security feature according to a new extended log output (see below) - my colleague is looking into that now (as I am giving a course all day).

stefan

===============
26 May 12:27:00 INFO [geoserver.wps] - Found 29 bindable processes in Vector processes
26 May 12:27:00 INFO [geoserver.wps] - Blacklisting process geonode:BatchDownload as the input LAYERS of type class org.geonode.process.batchdownload.LayerReference cannot be handled
26 May 12:27:00 INFO [geoserver.wps] - Blacklisting process geonode:BatchDownload as the input map of type class org.geonode.process.batchdownload.MapMetadata cannot be handled
26 May 12:27:00 INFO [geoserver.wps] - Blacklisting process geonode:BatchDownload as the output ZippedFile of type interface org.geonode.process.storage.Resource cannot be handled
26 May 12:27:00 INFO [geoserver.wps] - Found 0 bindable processes in Batch Downloader
26 May 12:27:00 INFO [geoserver.wps] - Found 4 bindable processes in GeoServer specific processes
26 May 12:27:00 INFO [geoserver.wps] - Found 89 bindable processes in Deprecated processes
May 26, 2016 12:27:00 PM org.apache.catalina.core.StandardContext listenerStart
SEVERE: Exception sending context initialized event to listener instance of class org.geoserver.platform.GeoServerContextLoaderListener
org.springframework.beans.factory.BeanCreationException: Error occured reading security configuration; nested exception is java.lang.RuntimeException: org.jasypt.exceptions.EncryptionOperationNotPossibleException
    at org.geoserver.security.GeoServerSecurityManager.onApplicationEvent(GeoServerSecurityManager.java:346)
    at org.springframework.context.event.SimpleApplicationEventMulticaster.multicastEvent(SimpleApplicationEventMulticaster.java:97)
    at org.springframework.context.support.AbstractApplicationContext.publishEvent(AbstractApplicationContext.java:327)
    at org.geoserver.platform.GeoServerContextLoaderListener.contextInitialized(GeoServerContextLoaderListener.java:25)
    at org.apache.catalina.core.StandardContext.listenerStart(StandardContext.java:4779)
    at org.apache.catalina.core.StandardContext.startInternal(StandardContext.java:5273)
    at org.apache.catalina.util.LifecycleBase.start(LifecycleBase.java:150)
    at org.apache.catalina.core.ContainerBase.addChildInternal(ContainerBase.java:895)
    at org.apache.catalina.core.ContainerBase.addChild(ContainerBase.java:871)
    at org.apache.catalina.core.StandardHost.addChild(StandardHost.java:615)
    at org.apache.catalina.startup.HostConfig.deployDescriptor(HostConfig.java:649)
    at org.apache.catalina.startup.HostConfig$DeployDescriptor.run(HostConfig.java:1581)
    at java.util.concurrent.Executors$RunnableAdapter.call(Executors.java:471)
    at java.util.concurrent.FutureTask$Sync.innerRun(FutureTask.java:334)
    at java.util.concurrent.FutureTask.run(FutureTask.java:166)
    at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1146)
    at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:615)
    at java.lang.Thread.run(Thread.java:701)
Caused by: java.lang.RuntimeException: org.jasypt.exceptions.EncryptionOperationNotPossibleException
    at org.geoserver.security.GeoServerSecurityManager.getMasterPassword(GeoServerSecurityManager.java:1631)
    at org.geoserver.security.KeyStoreProviderImpl.assertActivatedKeyStore(KeyStoreProviderImpl.java:236)
    at org.geoserver.security.KeyStoreProviderImpl.reloadKeyStore(KeyStoreProviderImpl.java:103)
    at org.geoserver.security.concurrent.LockingKeyStoreProvider.reloadKeyStore(LockingKeyStoreProvider.java:79)
    at org.geoserver.security.GeoServerSecurityManager.init(GeoServerSecurityManager.java:429)
    at org.geoserver.security.GeoServerSecurityManager.init(GeoServerSecurityManager.java:420)
    at org.geoserver.security.GeoServerSecurityManager.onApplicationEvent(GeoServerSecurityManager.java:339)
    ... 17 more
Caused by: org.jasypt.exceptions.EncryptionOperationNotPossibleException
    at org.jasypt.encryption.pbe.StandardPBEByteEncryptor.decrypt(StandardPBEByteEncryptor.java:918)
    at org.geoserver.security.password.URLMasterPasswordProvider.decode(URLMasterPasswordProvider.java:130)
    at org.geoserver.security.password.URLMasterPasswordProvider.doGetMasterPassword(URLMasterPasswordProvider.java:76)
    at org.geoserver.security.MasterPasswordProvider.getMasterPassword(MasterPasswordProvider.java:34)
    at org.geoserver.security.GeoServerSecurityManager.getMasterPassword(GeoServerSecurityManager.java:1629)
    ... 23 more
May 26, 2016 12:27:00 PM org.apache.catalina.core.StandardContext startInternal
SEVERE: Error listenerStart
May 26, 2016 12:27:00 PM org.apache.catalina.core.StandardContext startInternal
SEVERE: Context [/geoserver] startup failed due to previous errors
May 26, 2016 12:27:00 PM org.apache.catalina.core.ApplicationContext log
INFO: Closing Spring root WebApplicationContext
26 May 12:27:00 WARN [support.DisposableBeanAdapter] - Invocation of destroy method failed on bean with name 'printingWrapper': java.lang.NullPointerException
26 May 12:27:00 INFO [georss.GeoRSSPoller] - destroy() invoked
26 May 12:27:00 INFO [geowebcache.GeoWebCacheDispatcher] - GeoWebCacheDispatcher.destroy() was invoked, shutting down.
26 May 12:27:00 INFO [diskquota.DiskQuotaMonitor] - Disk quota monitor shutting down...
26 May 12:27:00 INFO [diskquota.DiskQuotaMonitor] - Shutting down quota usage monitor...
26 May 12:27:00 INFO [diskquota.QuotaUpdatesMonitor] - Shutting down quota usage monitor...
26 May 12:27:00 INFO [diskquota.DiskQuotaMonitor] - Shutting down quota statistics gathering monitor...
26 May 12:27:00 INFO [diskquota.QueuedQuotaUpdatesConsumer] - Shutting down quota update background task due to InterruptedException
26 May 12:27:00 INFO [diskquota.QueuedUsageStatsConsumer] - Shutting down quota update background task due to interrupted exception
26 May 12:27:00 INFO [seed.SeederThreadPoolExecutor] - Initiating shut down for running and pending seed tasks...
26 May 12:27:00 INFO [seed.SeederThreadPoolExecutor] - Seeder thread pool executor shut down complete.
26 May 12:27:00 INFO [storage.DefaultStorageBroker] - Destroying StorageBroker
26 May 12:27:00 WARN [support.DisposableBeanAdapter] - Invocation of destroy method failed on bean with name 'geoServerLoader': org.springframework.beans.factory.BeanCreationNotAllowedException: Error creating bean with name 'GWCLifeCycleHandler': Singleton bean creation not allowed while the singletons of this factory are in destruction (Do not request a bean from a BeanFactory in a destroy method implementation!)
May 26, 2016 12:27:02 PM org.apache.catalina.loader.WebappClassLoader checkThreadLocalMapForLeaks
SEVERE: The web application [/geoserver] created a ThreadLocal with key of type [java.lang.ThreadLocal] (value [java.lang.ThreadLocal@4668c5ea]) and a value of type [org.geotools.referencing.operation.projection.TransverseMercator.Provider] (value [PROJECTION["Transverse_Mercator"]]) but failed to remove it when the web application was stopped. Threads are going to be renewed over time to try and avoid a probable memory leak.
May 26, 2016 12:27:02 PM org.apache.catalina.loader.WebappClassLoader checkThreadLocalMapForLeaks
SEVERE: The web application [/geoserver] created a ThreadLocal with key of type [org.apache.commons.lang.builder.HashCodeBuilder$1] (value [org.apache.commons.lang.builder.HashCodeBuilder$1@20b9f0d0]) and a value of type [java.util.HashSet] (value [[]]) but failed to remove it when the web application was stopped. Threads are going to be renewed over time to try and avoid a probable memory leak.
May 26, 2016 12:27:02 PM org.apache.catalina.loader.WebappClassLoader checkThreadLocalMapForLeaks
SEVERE: The web application [/geoserver] created a ThreadLocal with key of type [org.eclipse.emf.ecore.xml.type.util.XMLTypeUtil.CharArrayThreadLocal] (value [org.eclipse.emf.ecore.xml.type.util.XMLTypeUtil$CharArrayThreadLocal@53877bc7]) and a value of type [char[]] (value [[C@63cf70a8]) but failed to remove it when the web application was stopped. Threads are going to be renewed over time to try and avoid a probable memory leak.
May 26, 2016 12:27:02 PM org.apache.catalina.loader.WebappClassLoader checkThreadLocalMapForLeaks
SEVERE: The web application [/geoserver] created a ThreadLocal with key of type [java.lang.ThreadLocal] (value [java.lang.ThreadLocal@47ed58c9]) and a value of type [org.geotools.referencing.wkt.Formatter] (value []) but failed to remove it when the web application was stopped. Threads are going to be renewed over time to try and avoid a probable memory leak.
May 26, 2016 12:27:02 PM org.apache.catalina.loader.WebappClassLoader checkThreadLocalMapForLeaks
SEVERE: The web application [/geoserver] created a ThreadLocal with key of type [java.lang.ThreadLocal] (value [java.lang.ThreadLocal@2f601903]) and a value of type [org.springframework.security.core.context.SecurityContextImpl] (value [org.springframework.security.core.context.SecurityContextImpl@ffffffff: Null authentication]) but failed to remove it when the web application was stopped. Threads are going to be renewed over time to try and avoid a probable memory leak.
May 26, 2016 12:27:02 PM org.apache.catalina.loader.WebappClassLoader checkThreadLocalMapForLeaks
SEVERE: The web application [/geoserver] created a ThreadLocal with key of type [org.eclipse.emf.ecore.impl.EClassImpl$1] (value [org.eclipse.emf.ecore.impl.EClassImpl$1@4e0a2c41]) and a value of type [java.util.HashSet] (value [[]]) but failed to remove it when the web application was stopped. Threads are going to be renewed over time to try and avoid a probable memory leak.
May 26, 2016 12:27:02 PM org.apache.catalina.startup.HostConfig deployDirectory
INFO: Deploying web application directory /var/lib/tomcat7/webapps/ROOT
May 26, 2016 12:27:02 PM org.apache.coyote.AbstractProtocol start
INFO: Starting ProtocolHandler ["http-bio-8080"]
May 26, 2016 12:27:02 PM org.apache.catalina.startup.Catalina start
INFO: Server startup in 20835 ms



On 05/26/2016 08:22 AM, Christian Mueller wrote:
Hi 

What do you mean with deleting the admin password ?

Obviously GeoServer cannot decode the password of your datastore. I assume you did a fresh installation and the GeoServer internal key material  
has changed.  Different GeoServer installations use different key material. 

Solution: find the xml config file for your datastore. Search the XML element named "password".  Replace the password with:

plain:mypassword.

After restarting, use the admin GUI, open the edit view of your datastore and save the config. This will encrypt the password using your new internal keys.

Cheers
Christian





------------------------------------------------------------------------------
Mobile security can be enabling, not merely restricting. Employees who
bring their own devices (BYOD) to work are irked by the imposition of MDM
restrictions. Mobile Device Manager Plus allows you to control only the
apps on BYO-devices by containerizing them, leaving personal data untouched!
https://ad.doubleclick.net/ddm/clk/304595813;131938128;j
_______________________________________________
Geoserver-users mailing list
[hidden email]
https://lists.sourceforge.net/lists/listinfo/geoserver-users




--
==
GeoServer Professional Services from the experts! Visit
http://goo.gl/it488V for more information.
==

Ing. Andrea Aime 
@geowolf
Technical Lead

GeoSolutions S.A.S.
Via di Montramito 3/A
55054  Massarosa (LU)
phone: <a moz-do-not-send="true" href="tel:%2B39%200584%20962313" value="+390584962313" target="_blank">+39 0584 962313
fax: <a moz-do-not-send="true" href="tel:%2B39%200584%201660272" value="+3905841660272" target="_blank">+39 0584 1660272
mob: <a moz-do-not-send="true" href="tel:%2B39%20%C2%A0339%208844549" value="+393398844549" target="_blank">+39  339 8844549


AVVERTENZE AI SENSI DEL D.Lgs. 196/2003

Le informazioni contenute in questo messaggio di posta elettronica e/o nel/i file/s allegato/i sono da considerarsi strettamente riservate. Il loro utilizzo è consentito esclusivamente al destinatario del messaggio, per le finalità indicate nel messaggio stesso. Qualora riceviate questo messaggio senza esserne il destinatario, Vi preghiamo cortesemente di darcene notizia via e-mail e di procedere alla distruzione del messaggio stesso, cancellandolo dal Vostro sistema. Conservare il messaggio stesso, divulgarlo anche in parte, distribuirlo ad altri soggetti, copiarlo, od utilizzarlo per finalità diverse, costituisce comportamento contrario ai principi dettati dal D.Lgs. 196/2003.

 

The information in this message and/or attachments, is intended solely for the attention and use of the named addressee(s) and may be confidential or proprietary in nature or covered by the provisions of privacy act (Legislative Decree June, 30 2003, no.196 - Italy's New Data Protection Code).Any use not in accord with its purpose, any disclosure, reproduction, copying, distribution, or either dissemination, either whole or partial, is strictly forbidden except previous formal approval of the named addressee(s). If you are not the intended recipient, please contact immediately the sender by telephone, fax or e-mail and delete the information in this message that has been received in error. The sender does not give any warranty or accept liability as the content, accuracy or completeness of sent messages and accepts no responsibility  for changes made after they were sent or for other risks which arise as a result of e-mail transmission, viruses, etc.


-------------------------------------------------------

------------------------------------------------------------------------------
Mobile security can be enabling, not merely restricting. Employees who
bring their own devices (BYOD) to work are irked by the imposition of MDM
restrictions. Mobile Device Manager Plus allows you to control only the
apps on BYO-devices by containerizing them, leaving personal data untouched!
https://ad.doubleclick.net/ddm/clk/304595813;131938128;j
_______________________________________________
Geoserver-users mailing list
[hidden email]
https://lists.sourceforge.net/lists/listinfo/geoserver-users




--
DI Christian Mueller MSc (GIS), MSc (IT-Security)
OSS Open Source Solutions GmbH





--
DI Christian Mueller MSc (GIS), MSc (IT-Security)
OSS Open Source Solutions GmbH



------------------------------------------------------------------------------
What NetFlow Analyzer can do for you? Monitors network bandwidth and traffic
patterns at an interface-level. Reveals which users, apps, and protocols are
consuming the most bandwidth. Provides multi-vendor support for NetFlow,
J-Flow, sFlow and other flows. Make informed decisions using capacity
planning reports. https://ad.doubleclick.net/ddm/clk/305295220;132659582;e
_______________________________________________
Geoserver-users mailing list
[hidden email]
https://lists.sourceforge.net/lists/listinfo/geoserver-users