I am recently moved to ESAPi-2.5.0.0 so that blackduck doesnt complain about log4j. However i am getting the below error.
org.owasp.esapi.errors.ConfigurationException: java.lang.reflect.InvocationTargetException Encoder class (org.owasp.esapi.reference.DefaultEncoder) CTOR threw exception.
at org.owasp.esapi.util.ObjFactory.make(ObjFactory.java:129)
at org.owasp.esapi.ESAPI.encoder(ESAPI.java:101)
at
Caused by:
java.lang.reflect.InvocationTargetException
at sun.reflect.GeneratedMethodAccessor104.invoke(Unknown Source)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
at java.lang.reflect.Method.invoke(Method.java:498)
at org.owasp.esapi.util.ObjFactory.make(ObjFactory.java:86)
... 5 more
Caused by:
org.owasp.esapi.errors.ConfigurationException: java.lang.ClassNotFoundException: org.owasp.esapi.reference.Log4JLogFactory LogFactory class (org.owasp.esapi.reference.Log4JLogFactory) must be in class path.
at org.owasp.esapi.util.ObjFactory.make(ObjFactory.java:108)
at org.owasp.esapi.ESAPI.logFactory(ESAPI.java:139)
at org.owasp.esapi.ESAPI.getLogger(ESAPI.java:155)
Below are my ESAPI.prperties:
ESAPI.AccessControl=org.owasp.esapi.reference.DefaultAccessController
FileBasedAuthenticator requires users.txt file in .esapi directory
ESAPI.Authenticator=org.owasp.esapi.reference.FileBasedAuthenticator
ESAPI.Encoder=org.owasp.esapi.reference.DefaultEncoder
ESAPI.Encryptor=org.owasp.esapi.reference.crypto.JavaEncryptor
ESAPI.Executor=org.owasp.esapi.reference.DefaultExecutor
ESAPI.HTTPUtilities=org.owasp.esapi.reference.DefaultHTTPUtilities
ESAPI.IntrusionDetector=org.owasp.esapi.reference.DefaultIntrusionDetector
Log4JFactory Requires log4j.xml or log4j.properties in classpath - ``http://www.laliluna.de/log4j-tutorial.html
ESAPI.Logger=org.owasp.esapi.reference.JavaLogFactory
ESAPI.Randomizer=org.owasp.esapi.reference.DefaultRandomizer
ESAPI.Validator=org.owasp.esapi.reference.DefaultValidator
any help would be highly appreciated.
Tried Upgrading to ESAPI-2.5.0.0.
If I had to make a guess, it looks as though your ESAPI.properties file has the ESAPI.Logger property still set to org.owasp.esapi.reference.Log4JLogFactory. Log4J support was removed from ESAPI in release 2.5.0.0 so that class was removed with it. (It had been deprecated for just over 2 years before we removed it.) And that class had been renamed to org.owasp.esapi.logging.log4j.Log4JLogFactory at least as far back as 2.3.0.0.
But since you noted that you had set it to ESAPI.Logger to use JUL, it seems likely that you are not picking up the ESAPI.properties file that you think you are picking up because the last 'caused by' in the exception stack trace clearly shows org.owasp.esapi.reference.Log4JLogFactory as what is giving the ClassNotFoundError. (Or else you are using that class somewhere in your code.)
Related
I have created a large graph using the Neo4j's 2.2M02 import tool.
Now I want to use the same database in embedded version in 2.2RC01. I get the following error in Java, when I initialize the database:
Exception in thread "main" java.lang.RuntimeException: Error starting org.neo4j.kernel.EmbeddedGraphDatabase, D:\Neo4j\data\test3.db
at org.neo4j.kernel.InternalAbstractGraphDatabase.run(InternalAbstractGraphDatabase.java:331)
at org.neo4j.kernel.EmbeddedGraphDatabase.<init>(EmbeddedGraphDatabase.java:59)
at org.neo4j.graphdb.factory.GraphDatabaseFactory.newDatabase(GraphDatabaseFactory.java:103)
at org.neo4j.graphdb.factory.GraphDatabaseFactory$1.newDatabase(GraphDatabaseFactory.java:90)
at org.neo4j.graphdb.factory.GraphDatabaseBuilder.newGraphDatabase(GraphDatabaseBuilder.java:176)
at RCNeo4j.initDB(RCNeo4j.java:419)
at RCNeo4j.main(RCNeo4j.java:46)
Caused by: org.neo4j.kernel.lifecycle.LifecycleException: Component 'org.neo4j.kernel.impl.transaction.state.DataSourceManager#2c7e0aa0' was successfully initialized, but failed to start. Please see attached cause exception.
at org.neo4j.kernel.lifecycle.LifeSupport$LifecycleInstance.start(LifeSupport.java:513)
at org.neo4j.kernel.lifecycle.LifeSupport.start(LifeSupport.java:115)
at org.neo4j.kernel.InternalAbstractGraphDatabase.run(InternalAbstractGraphDatabase.java:326)
... 6 more
Caused by: org.neo4j.kernel.lifecycle.LifecycleException: Component 'org.neo4j.kernel.NeoStoreDataSource#37b86b14' was successfully initialized, but failed to start. Please see attached cause exception.
at org.neo4j.kernel.lifecycle.LifeSupport$LifecycleInstance.start(LifeSupport.java:513)
at org.neo4j.kernel.lifecycle.LifeSupport.start(LifeSupport.java:115)
at org.neo4j.kernel.impl.transaction.state.DataSourceManager.start(DataSourceManager.java:117)
at org.neo4j.kernel.lifecycle.LifeSupport$LifecycleInstance.start(LifeSupport.java:507)
... 8 more
Caused by: org.neo4j.kernel.impl.storemigration.StoreUpgrader$UnexpectedUpgradingStoreVersionException: 'neostore.nodestore.db' has a store version number that we cannot upgrade from. Expected 'v0.A.3' but file is version 'NodeStore v0.A.4'.
at org.neo4j.kernel.impl.storemigration.UpgradableDatabase.checkUpgradeable(UpgradableDatabase.java:88)
at org.neo4j.kernel.impl.storemigration.StoreMigrator.needsMigration(StoreMigrator.java:157)
at org.neo4j.kernel.impl.storemigration.StoreUpgrader.getParticipantsEagerToMigrate(StoreUpgrader.java:259)
at org.neo4j.kernel.impl.storemigration.StoreUpgrader.migrateIfNeeded(StoreUpgrader.java:134)
at org.neo4j.kernel.NeoStoreDataSource.upgradeStore(NeoStoreDataSource.java:562)
at org.neo4j.kernel.NeoStoreDataSource.start(NeoStoreDataSource.java:471)
at org.neo4j.kernel.lifecycle.LifeSupport$LifecycleInstance.start(LifeSupport.java:507)
... 11 more
message.log inside the database doesn't seem to show any exception either. I get the same error when I try to move from 2.1.7 to RC01.
Also, on a different note I would also like to know if it's possible to use the database generated from 2.2M02 in 2.1.7 (kind of like a downgrade). Because I prefer to have a more stable version to do some analysis.
Neo4j does not provide an upgrade path between milestone releases, so there is no direct way to upgrade 2.2.0-M02 to 2.2.0-RC1. Upgrades are only supported from one stable to another stable version. Downgrades are not supported at all in the product.
However there is a potential way to do it. Use Michael's store-utils (https://github.com/jexp/store-utils) and change the code using classloader separation in a way that the store you're reading from and the one you're writing to are using separate classloaders with different Neo4j versions.
I am trying to run RestClient .From this code I deleted all Loggers related code.But I kept classpath for log4j same. Then run the application ,it gives following two exceptions
java.lang.NoClassDefFoundError: org/apache/log4j/Level
Caused by: java.lang.ClassNotFoundException: org.apache.log4j.Level
Exception in thread "main" java.lang.NoClassDefFoundError: org/apache/log4j/Level
Please give reason for those exceptions.
Other jars that you use most likely will use log4j. Also, make sure you remove imports of log4j, not just the code that uses it.
My web app runs tomcat 7, myfaces, primefaces.
I have a problem on my production m/c that I am not able to replicate on development environment even though the exact code and libraries are loaded on both the machines. The only difference is the tomcat subversion, dev has tomcat7.0.35 and prod has tomcat7.0.40
javax.servlet.ServletException: javax.el.ELException: java.lang.NoClassDefFoundError: Could not initialize class com.myapps.util.UIStringUtil
javax.faces.webapp.FacesServlet.service(FacesServlet.java:229)
com.myapps.util.LoginFilter.doFilter(LoginFilter.java:56) **root cause** java.lang.NoClassDefFoundError: Could not initialize class com.myapps.util.UIStringUtil
com.myapps.bean.UserAuthBean.login(UserAuthBean.java:106)
sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
java.lang.reflect.Method.invoke(Method.java:597)
org.apache.el.parser.AstValue.invoke(AstValue.java:278)
org.apache.el.MethodExpressionImpl.invoke(MethodExpressionImpl.java:274)
org.apache.myfaces.view.facelets.el.ContextAwareTagMethodExpression.invoke(ContextAwareTagMethodExpression.java:96)
org.apache.myfaces.application.ActionListenerImpl.processAction(ActionListenerImpl.java:68)
javax.faces.component.UICommand.broadcast(UICommand.java:120)
javax.faces.component.UIViewRoot._broadcastAll(UIViewRoot.java:1028)
javax.faces.component.UIViewRoot.broadcastEvents(UIViewRoot.java:286)
javax.faces.component.UIViewRoot._process(UIViewRoot.java:1375)
javax.faces.component.UIViewRoot.processApplication(UIViewRoot.java:752)
org.apache.myfaces.lifecycle.InvokeApplicationExecutor.execute(InvokeApplicationExecutor.java:38)
org.apache.myfaces.lifecycle.LifecycleImpl.executePhase(LifecycleImpl.java:170)
org.apache.myfaces.lifecycle.LifecycleImpl.execute(LifecycleImpl.java:117)
javax.faces.webapp.FacesServlet.service(FacesServlet.java:197)
com.myapps.util.LoginFilter.doFilter(LoginFilter.java:56)
I am not sure why this is happening. I am curious why this is being thrown as a javax.el.Elexception, where was this is being thrown from with in java bean code. The exact line of code where this is happening is (UserAuthBean.java:106)
context.addMessage(null, new FacesMessage(FacesMessage.SEVERITY_INFO,
UIStringUtil.getUIString("msgKey"),
UIStringUtil.getUIString("msgKey")));
UIStringUtil class has static variables and methods that help read data from resource bundles.
As I mentioned earlier, this is only happening on the production box and we are not able to reproduce it on the development box.
Please provide some help here.
It's thrown as an ELException because it happened during executing some EL expression.
You should be looking at the root cause of the exception to learn about the root cause of the exception. Look further down in the stack trace to find the root cause. The first is already present in the incomplete stacktrace you posted:
java.lang.NoClassDefFoundError: Could not initialize class com.myapps.util.UIStringUtil
This basically means that loading of the class as done by Java under the covers as follows
Class.forName("com.myapps.util.UIStringUtil");
has failed with an exception. If you're absolutely positive that the class is present in the runtime classpath, then that can only mean that any of the static variables or initializer blocks of the class has thrown an exception. Loading a class namely initializes all static variables and executes all static initilaizer blocks (haven't you ever wondered how those JDBC drivers work?).
That exception should in turn be visible as the bottommost root cause in the stack trace, after the java.lang.NoClassDefFoundError cause. Perhaps a rather self-explaining java.lang.NullPointerException?
I have a big problem according to the bluecove library which I am trying to use in an ANT project.
My project is a platform which receive messages from different agents, such as TCP agents, SunSpot agents (which use UDP), and now I'm trying to set bluetooth agents.
For this purpose is required the bluecove library, but result in conflict with javax.microedition.io used for example in the UDP classes that I'm implementing.
I guess that it's a library conflict, I have tried to put the bluecove-2.1.1 jar into the jdk1.6_xx/jre/lib/ext but this throws an exception in the UDP classes:
Error checking for shared basestation: javax.microedition.io.ConnectionNotFoundException: radiogram
javax.microedition.io.ConnectionNotFoundException: udp
javax.microedition.io.ConnectionNotFoundException: udp
at com.intel.bluetooth.MicroeditionConnector.openImpl(MicroeditionConnector.java:185)
at com.intel.bluetooth.MicroeditionConnector.open(MicroeditionConnector.java:162)
at javax.microedition.io.Connector.open(Connector.java:83)
at org.sunspotworld.SunSpotListener.run(SunSpotListener.java:48)
However if I remove from the content of bluecove2.1.1 jar the folder javax/microedition the error thrown is completely different:
Exception in thread "main" java.lang.NoClassDefFoundError: javax/microedition/io/Connection
Exception in thread "main" java.lang.NoClassDefFoundError: javax/microedition/io/Connection
at java.lang.Class.forName0(Native Method)
at java.lang.Class.forName0(Native Method)
at java.lang.Class.forName(Class.java:169)
at com.intel.bluetooth.Utils.class$(Utils.java:44)
at com.intel.bluetooth.Utils.<clinit>(Utils.java:44)
at javax.bluetooth.UUID.<init>(UUID.java:224)
at org.sunspotworld.BTListener.<clinit>(BTListener.java:28)
at org.sunspotworld.SunSpotHostApplication.run(SunSpotHostApplication.java:67)
at org.sunspotworld.SunSpotHostApplication.main(SunSpotHostApplication.java:342)
Caused by: java.lang.ClassNotFoundException: javax.microedition.io.Connection
Caused by: java.lang.ClassNotFoundException: javax.microedition.io.Connection
at java.net.URLClassLoader$1.run(URLClassLoader.java:202)
at java.security.AccessController.doPrivileged(Native Method)
at java.security.AccessController.doPrivileged(Native Method)
at java.net.URLClassLoader.findClass(URLClassLoader.java:190)
at sun.misc.Launcher$ExtClassLoader.findClass(Launcher.java:229)
at java.lang.ClassLoader.loadClass(ClassLoader.java:306)
at java.lang.ClassLoader.loadClass(ClassLoader.java:247)
... 8 more
... 8 more
I have read some solution involving xbootclasspath/a but I have no any idea what is that o how I can manage it...
Edit: I have used Xboothclasspath/a and /p to add the bluecove jar route, and the only thing I got was the chance to remove the jar import from my NetBeans project. Still not working. =(
Thank you very much in advance !!
I don't know why you decided this error is caused by a conflict between the two libs as i don't see any mention to this in the error.
The second error (after removing the lib) simply states that it can't find the required classes (which is logical since you removed them :) ).
I'd suggest you check that the firewall is not blocking you.
I wrote an simple project using java rmi and exported to an executable jar file. When I tries to run it, sometimes i got exceptions and sometimes it works. When I specify -Djava.rmi.server.codebase=file:serverClasses/, it seems it didn't create the jar file correctly.
Here is the stacktrace:
java.rmi.ServerException: RemoteException occurred in server thread; nested exception is:
java.rmi.UnmarshalException: error unmarshalling arguments; nested exception is:
java.lang.ClassNotFoundException: com.ServerBootstrap.IServer
at sun.rmi.server.UnicastServerRef.oldDispatch(UnicastServerRef.java:413)
at sun.rmi.server.UnicastServerRef.dispatch(UnicastServerRef.java:267)
at sun.rmi.transport.Transport$1.run(Transport.java:177)
at java.security.AccessController.doPrivileged(Native Method)
at sun.rmi.transport.Transport.serviceCall(Transport.java:173)
at sun.rmi.transport.tcp.TCPTransport.handleMessages(TCPTransport.java:553)
at sun.rmi.transport.tcp.TCPTransport$ConnectionHandler.run0(TCPTransport.java:808)
at sun.rmi.transport.tcp.TCPTransport$ConnectionHandler.run(TCPTransport.java:667)
at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1110)
at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:603)
at java.lang.Thread.run(Thread.java:636)
at sun.rmi.transport.StreamRemoteCall.exceptionReceivedFromServer(StreamRemoteCall.java:273)
at sun.rmi.transport.StreamRemoteCall.executeCall(StreamRemoteCall.java:251)
at sun.rmi.server.UnicastRef.invoke(UnicastRef.java:377)
at sun.rmi.registry.RegistryImpl_Stub.rebind(Unknown Source)
at java.rmi.Naming.rebind(Naming.java:177)
at com.v3q6.eece411.A2.ServerBootstrap.ChatRoomServer.main(ChatRoomServer.java:37)
Caused by: java.rmi.UnmarshalException: error unmarshalling arguments; nested exception is:
java.lang.ClassNotFoundException: com.ServerBootstrap.IServer
at sun.rmi.registry.RegistryImpl_Skel.dispatch(Unknown Source)
at sun.rmi.server.UnicastServerRef.oldDispatch(UnicastServerRef.java:403)
at sun.rmi.server.UnicastServerRef.dispatch(UnicastServerRef.java:267)
at sun.rmi.transport.Transport$1.run(Transport.java:177)
at java.security.AccessController.doPrivileged(Native Method)
at sun.rmi.transport.Transport.serviceCall(Transport.java:173)
at sun.rmi.transport.tcp.TCPTransport.handleMessages(TCPTransport.java:553)
at sun.rmi.transport.tcp.TCPTransport$ConnectionHandler.run0(TCPTransport.java:808)
at sun.rmi.transport.tcp.TCPTransport$ConnectionHandler.run(TCPTransport.java:667)
at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1110)
at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:603)
at java.lang.Thread.run(Thread.java:636)
Caused by: java.lang.ClassNotFoundException: com.ServerBootstrap.IServer
at java.net.URLClassLoader$1.run(URLClassLoader.java:217)
at java.security.AccessController.doPrivileged(Native Method)
at java.net.URLClassLoader.findClass(URLClassLoader.java:205)
at java.lang.ClassLoader.loadClass(ClassLoader.java:323)
at java.lang.ClassLoader.loadClass(ClassLoader.java:268)
at java.lang.ClassLoader.loadClassInternal(ClassLoader.java:336)
at java.lang.Class.forName0(Native Method)
at java.lang.Class.forName(Class.java:264)
at sun.rmi.server.LoaderHandler.loadProxyInterfaces(LoaderHandler.java:728)
at sun.rmi.server.LoaderHandler.loadProxyClass(LoaderHandler.java:672)
at sun.rmi.server.LoaderHandler.loadProxyClass(LoaderHandler.java:609)
at java.rmi.server.RMIClassLoader$2.loadProxyClass(RMIClassLoader.java:646)
at java.rmi.server.RMIClassLoader.loadProxyClass(RMIClassLoader.java:311)
at sun.rmi.server.MarshalInputStream.resolveProxyClass(MarshalInputStream.java:255)
at java.io.ObjectInputStream.readProxyDesc(ObjectInputStream.java:1548)
at java.io.ObjectInputStream.readClassDesc(ObjectInputStream.java:1510)
at java.io.ObjectInputStream.readOrdinaryObject(ObjectInputStream.java:1749)
at java.io.ObjectInputStream.readObject0(ObjectInputStream.java:1346)
at java.io.ObjectInputStream.readObject(ObjectInputStream.java:368)
... 12 more
It seems the program doesn't recognize the codebase. In my case, all the files are local. Does anyone know what is the problem? thanks
Try explicitly specifying the name of the JAR file containing the com.ServerBootstrap.IServer class in your codebase, e.g.
-Djava.rmi.server.codebase=file:serverClasses/myjarfile.jar
The "Dynamic code downloading using JavaTM RMI (Using the java.rmi.server.codebase Property)" doc provides more information on the use of codebase and the options for its specification.
With a relative path specified for java.rmi.server.codebase, make sure that you are in the correct directory (the parent directory of "serverClasses") when starting the client. If that's hard to ensure, an absolute path for the codebase might be more reliable.
Also, remember that when running with the -jar option, the -classpath option is completely ignored. I don't think that's a problem here; the RMIClassLoader should still be able to work using the server's codebase setting. But if you are relying on the client having access to additional classes specified on the classpath, that won't work. You'll need to use the Class-path attribute in the main JAR file's manifest.
That's not a complete stacktrace, and I think you may have left out the part that shows the root cause of your problem.
If I recall correctly, ClassNotFoundException can sometimes be due to an exception thrown during static initialization of the class that is being loaded, or some class that it depends on. If this occurs, it will show up as a nested exception in the first stacktrace for the problem, at the next level of nesting. I recall (maybe incorrectly) that if your application repeats the attempted class load, the initialization exception is not in the resulting stacktrace.
EDIT: The complete stacktrace says that my theory is not correct.