AppD Archive
×

Are you a member of the Splunk Community?

Sign in or Register with your Splunk account to get your questions answered, access valuable resources and connect with experts!
cancel
Turn on suggestions
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Ask a Question

AppDynamics on WebSphere with Java 2 Security Enabled.

CommunityUser
Splunk Employee
Splunk Employee
‎11-17-2015 05:41 AM

Hello,

We currently have the AppDynamics Java agent installed for WebSphere Application Server v7. The application server that is hosting the application that we want to monitor has "Java 2 Security" enabled.

Our AppDynamics agent is installed in /opt/AppDynamics and the error we see in the application server SystemOut.log is:

[11/16/15 15:14:00:683 AST] 00000016 SecurityManag W SECJ0314W: Current Java 2 Security policy reported a potential violation of Java 2 Security Permission. Refer to the InfoCenter for further information.

Permission:

/opt/AppDynamics/APPAGENT/logs/APPAGENT_617/ByteCodeTransformer.2015_11_16__15_13_45.0.log : Access denied (java.io.FilePermission /opt/AppDynamics/APPAGENT/logs/APPAGENT_617/ByteCodeTransformer.2015_11_16__15_13_45.0.log read)


Code:

com.singularity.ee.agent.util.pe in {file:/opt/AppDynamics/APPAGENT/lib/appagent.jar}

Stack Trace:

java.security.AccessControlException: Access denied (java.io.FilePermission /opt/AppDynamics/APPAGENT/logs/APPAGENT_617/ByteCodeTransformer.2015_11_16__15_13_45.0.log read)

From what I can see, we need to edit the server.policy file to add the missing permissions for AppDynamics to read local resources?

What do you recommend?

Thank you,

Joey

0 Karma
Reply

Arun_Dasetty
Super Champion
‎11-19-2015 10:35 AM

Hi Joey,

Adding to Allan comments, to answer your query in specific , yes one way is to add below similar snippet of code in your server.policy file referred part of server jvm args (you can get the server.policy file location by seeing jvm args issuing command "ps -ef | grep java" output on same jvm machine shell prompt)

grant codeBase "file:/opt/AppDynamics/APPAGENT/-" {
permission java.security.AllPermission;
permission java.io.FilePermission;
};

0 Karma
Reply

CommunityUser
Splunk Employee
Splunk Employee
‎11-19-2015 11:21 AM

Hi akumar,

Thank you very much for your reply. After investigation I had also found that I could use that snippet of code to make it work. My concern was if it could affect the other application servers on the same server since the change is made in the "server.policy" file (and not in app.policy or was.policy).

I will check with AppDynamics support if their solution is similar to yours.

Thank you,

Joey

0 Karma
Reply

Allan_Schiebold
Communicator
‎11-19-2015 08:18 AM

Hi. I'd recommend contacting support as there can be several ways to resolve this depending on the environment. 

0 Karma
Reply
Get Updates on the Splunk Community!

Splunk Answers Content Calendar, June Edition

Get ready for this week’s post dedicated to Splunk Dashboards! We're celebrating the power of community by ...

What You Read The Most: Splunk Lantern’s Most Popular Articles!

Splunk Lantern is a Splunk customer success center that provides advice from Splunk experts on valuable data ...

See your relevant APM services, dashboards, and alerts in one place with the updated ...

As a Splunk Observability user, you have a lot of data you have to manage, prioritize, and troubleshoot on a ...
Top