Home/ Questions/Q 5993505
In Process

The Archive Base Latest Questions

Editorial Team
  • 0
Asked: 2026-05-22T23:41:05+00:00

I am using a Tomcat security enabled server, and Hibernate3 with c3p0. Here are

  • 0

I am using a Tomcat security enabled server, and Hibernate3 with c3p0.
Here are my policies in catalina.policy (I found these lines on the net and changed a bit):

grant codeBase "file:${catalina.base}/webapps/omiccir/-" 
{

    /////////////// FilePermission ////////// 
    permission java.io.FilePermission "${catalina.home}/log4j.properties", "read"; 
    permission java.io.FilePermission "${catalina.home}/logging.properties", "read"; 
    permission java.io.FilePermission "${catalina.home}/hibernate.properties", "read"; 
    permission java.io.FilePermission "${java.home}/lib/xerces.properties", "read"; 
    //permission java.io.FilePermission "opproject.log", "write"; 
    //permission java.io.FilePermission "${catalina.home}/Onepoint Project Home/-", "read, write, delete"; 


    // FIXME line below is VERY system specific, take care! 
    permission java.io.FilePermission "/tmp/tomcat6-tmp", "write"; 


    // thought it was java.io.tmpdir, but may be wrong // 
    permission java.io.FilePermission "${java.io.tmpdir}/tomcat6-tmp", "write"; 


    /////////////// LoggingPermission ////////// 
    permission java.util.logging.LoggingPermission "control"; 


    /////////////// PropertyPermission ////////// 
    permission java.util.PropertyPermission "org.apache.cxf.Logger", "read"; 
    permission java.util.PropertyPermission "org.apache.commons.logging.*", "read"; 
    permission java.util.PropertyPermission "log4j.*", "read"; 
    permission java.util.PropertyPermission "logger.home", "read"; 
    permission java.util.PropertyPermission "user.*", "read"; 
    permission java.util.PropertyPermission "org.apache.xerces.*", "read"; 
    permission java.util.PropertyPermission "ONEPOINT_PROJECT_HOME", "read"; 
    permission java.util.PropertyPermission "com.sun.xml.bind.v2.*", "read"; 
    permission java.util.PropertyPermission "com.sun.xml.bind.v2.runtime.JAXBContextImpl.fastBoot", "write"; 
    permission java.util.PropertyPermission "cglib.debugLocation", "read"; 
    permission java.util.PropertyPermission "org.dom4j.*", "read"; 
    permission java.util.PropertyPermission "c3p0.*", "read"; 
    permission java.util.PropertyPermission "net.sf.ehcache.*", "read"; 
    permission java.util.PropertyPermission "ANTLR_DO_NOT_EXIT", "read"; 
    permission java.util.PropertyPermission "ANTLR_USE_DIRECT_CLASS_LOADING", "read"; 


    /////////////// RuntimePermission ////////// 
    permission java.lang.RuntimePermission "accessClassInPackage.sun.jdbc.odbc"; 
    permission java.lang.RuntimePermission "accessClassInPackage.org.apache.tomcat.util.http"; 
    permission java.lang.RuntimePermission "accessClassInPackage.org.apache.tomcat.util.http.res"; 
    permission java.lang.RuntimePermission "accessClassInPackage.sun.reflect.generics.reflectiveObjects"; 
    permission java.lang.RuntimePermission "accessClassInPackage.sun.util.calendar"; 
    permission java.lang.RuntimePermission "defineClassInPackage.java.lang"; 
    permission java.lang.RuntimePermission "getClassLoader"; 
    permission java.lang.RuntimePermission "getProtectionDomain"; 



    /////////////// ReflectPermission ////////// 
    permission java.lang.reflect.ReflectPermission "suppressAccessChecks"; 

    permission java.net.SocketPermission "*", "resolve"; 
    permission java.net.SocketPermission "localhost:5432", "connect,resolve"; 

    //What is this line??
    //permission java.net.SocketPermission "www.onepoint.at:80", "connect,resolve"; 


    /////////////// MBean...Permission ///////// 
    permission javax.management.MBeanServerPermission "createMBeanServer"; 
    permission javax.management.MBeanPermission "com.mchange.v2.c3p0.*", "*"; 
    permission javax.management.MBeanTrustPermission "register"; 


    permission java.util.PropertyPermission "*", "read,write"; 
}

I don’t know what is wrong, but it seems that there is a problem with c3p0, and this goes away when I use Tomcat without a security manager.

This is my stack trace:

org.apache.jasper.JasperException: org.hibernate.exception.GenericJDBCException: Cannot open connection
    org.apache.jasper.servlet.JspServletWrapper.handleJspException(JspServletWrapper.java:491)
    org.apache.jasper.servlet.JspServletWrapper.service(JspServletWrapper.java:419)
    org.apache.jasper.servlet.JspServlet.serviceJspFile(JspServlet.java:313)
    org.apache.jasper.servlet.JspServlet.service(JspServlet.java:260)
    javax.servlet.http.HttpServlet.service(HttpServlet.java:717)
    sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
    sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
    sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
    java.lang.reflect.Method.invoke(Method.java:597)
    org.apache.catalina.security.SecurityUtil$1.run(SecurityUtil.java:269)
    java.security.AccessController.doPrivileged(Native Method)
    javax.security.auth.Subject.doAsPrivileged(Subject.java:517)
    org.apache.catalina.security.SecurityUtil.execute(SecurityUtil.java:301)
    org.apache.catalina.security.SecurityUtil.doAsPrivilege(SecurityUtil.java:162)

root cause

org.hibernate.exception.GenericJDBCException: Cannot open connection
    org.hibernate.exception.SQLStateConverter.handledNonSpecificException(SQLStateConverter.java:140)
    org.hibernate.exception.SQLStateConverter.convert(SQLStateConverter.java:128)
    org.hibernate.exception.JDBCExceptionHelper.convert(JDBCExceptionHelper.java:66)
    org.hibernate.exception.JDBCExceptionHelper.convert(JDBCExceptionHelper.java:52)
    org.hibernate.jdbc.ConnectionManager.openConnection(ConnectionManager.java:449)
    org.hibernate.jdbc.ConnectionManager.getConnection(ConnectionManager.java:167)
    org.hibernate.jdbc.JDBCContext.connection(JDBCContext.java:160)
    org.hibernate.transaction.JDBCTransaction.begin(JDBCTransaction.java:81)
    org.hibernate.impl.SessionImpl.beginTransaction(SessionImpl.java:1473)
    sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
    sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
    sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
    java.lang.reflect.Method.invoke(Method.java:597)
    org.hibernate.context.ThreadLocalSessionContext$TransactionProtectionWrapper.invoke(ThreadLocalSessionContext.java:345)
    $Proxy4.beginTransaction(Unknown Source)
    ir.omicc.classes.Publisher.getTop5News(Publisher.java:100)
    org.apache.jsp.index_jsp._jspService(index_jsp.java:229)
    org.apache.jasper.runtime.HttpJspBase.service(HttpJspBase.java:70)
    javax.servlet.http.HttpServlet.service(HttpServlet.java:717)
    org.apache.jasper.servlet.JspServletWrapper.service(JspServletWrapper.java:377)
    org.apache.jasper.servlet.JspServlet.serviceJspFile(JspServlet.java:313)
    org.apache.jasper.servlet.JspServlet.service(JspServlet.java:260)
    javax.servlet.http.HttpServlet.service(HttpServlet.java:717)
    sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
    sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
    sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
    java.lang.reflect.Method.invoke(Method.java:597)
    org.apache.catalina.security.SecurityUtil$1.run(SecurityUtil.java:269)
    java.security.AccessController.doPrivileged(Native Method)
    javax.security.auth.Subject.doAsPrivileged(Subject.java:517)
    org.apache.catalina.security.SecurityUtil.execute(SecurityUtil.java:301)
    org.apache.catalina.security.SecurityUtil.doAsPrivilege(SecurityUtil.java:162)

root cause

java.sql.SQLException: Connections could not be acquired from the underlying database!
    com.mchange.v2.sql.SqlUtils.toSQLException(SqlUtils.java:106)
    com.mchange.v2.c3p0.impl.C3P0PooledConnectionPool.checkoutPooledConnection(C3P0PooledConnectionPool.java:529)
    com.mchange.v2.c3p0.impl.AbstractPoolBackedDataSource.getConnection(AbstractPoolBackedDataSource.java:128)
    org.hibernate.connection.C3P0ConnectionProvider.getConnection(C3P0ConnectionProvider.java:78)
    org.hibernate.jdbc.ConnectionManager.openConnection(ConnectionManager.java:446)
    org.hibernate.jdbc.ConnectionManager.getConnection(ConnectionManager.java:167)
    org.hibernate.jdbc.JDBCContext.connection(JDBCContext.java:160)
    org.hibernate.transaction.JDBCTransaction.begin(JDBCTransaction.java:81)
    org.hibernate.impl.SessionImpl.beginTransaction(SessionImpl.java:1473)
    sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
    sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
    sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
    java.lang.reflect.Method.invoke(Method.java:597)
    org.hibernate.context.ThreadLocalSessionContext$TransactionProtectionWrapper.invoke(ThreadLocalSessionContext.java:345)
    $Proxy4.beginTransaction(Unknown Source)
    ir.omicc.classes.Publisher.getTop5News(Publisher.java:100)
    org.apache.jsp.index_jsp._jspService(index_jsp.java:229)
    org.apache.jasper.runtime.HttpJspBase.service(HttpJspBase.java:70)
    javax.servlet.http.HttpServlet.service(HttpServlet.java:717)
    org.apache.jasper.servlet.JspServletWrapper.service(JspServletWrapper.java:377)
    org.apache.jasper.servlet.JspServlet.serviceJspFile(JspServlet.java:313)
    org.apache.jasper.servlet.JspServlet.service(JspServlet.java:260)
    javax.servlet.http.HttpServlet.service(HttpServlet.java:717)
    sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
    sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
    sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
    java.lang.reflect.Method.invoke(Method.java:597)
    org.apache.catalina.security.SecurityUtil$1.run(SecurityUtil.java:269)
    java.security.AccessController.doPrivileged(Native Method)
    javax.security.auth.Subject.doAsPrivileged(Subject.java:517)
    org.apache.catalina.security.SecurityUtil.execute(SecurityUtil.java:301)
    org.apache.catalina.security.SecurityUtil.doAsPrivilege(SecurityUtil.java:162)

root cause

com.mchange.v2.resourcepool.CannotAcquireResourceException: A ResourcePool could not acquire a resource from its primary factory or source.
    com.mchange.v2.resourcepool.BasicResourcePool.awaitAvailable(BasicResourcePool.java:1319)
    com.mchange.v2.resourcepool.BasicResourcePool.prelimCheckoutResource(BasicResourcePool.java:557)
    com.mchange.v2.resourcepool.BasicResourcePool.checkoutResource(BasicResourcePool.java:477)
    com.mchange.v2.c3p0.impl.C3P0PooledConnectionPool.checkoutPooledConnection(C3P0PooledConnectionPool.java:525)
    com.mchange.v2.c3p0.impl.AbstractPoolBackedDataSource.getConnection(AbstractPoolBackedDataSource.java:128)
    org.hibernate.connection.C3P0ConnectionProvider.getConnection(C3P0ConnectionProvider.java:78)
    org.hibernate.jdbc.ConnectionManager.openConnection(ConnectionManager.java:446)
    org.hibernate.jdbc.ConnectionManager.getConnection(ConnectionManager.java:167)
    org.hibernate.jdbc.JDBCContext.connection(JDBCContext.java:160)
    org.hibernate.transaction.JDBCTransaction.begin(JDBCTransaction.java:81)
    org.hibernate.impl.SessionImpl.beginTransaction(SessionImpl.java:1473)
    sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
    sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
    sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
    java.lang.reflect.Method.invoke(Method.java:597)
    org.hibernate.context.ThreadLocalSessionContext$TransactionProtectionWrapper.invoke(ThreadLocalSessionContext.java:345)
    $Proxy4.beginTransaction(Unknown Source)
    ir.omicc.classes.Publisher.getTop5News(Publisher.java:100)
    org.apache.jsp.index_jsp._jspService(index_jsp.java:229)
    org.apache.jasper.runtime.HttpJspBase.service(HttpJspBase.java:70)
    javax.servlet.http.HttpServlet.service(HttpServlet.java:717)
    org.apache.jasper.servlet.JspServletWrapper.service(JspServletWrapper.java:377)
    org.apache.jasper.servlet.JspServlet.serviceJspFile(JspServlet.java:313)
    org.apache.jasper.servlet.JspServlet.service(JspServlet.java:260)
    javax.servlet.http.HttpServlet.service(HttpServlet.java:717)
    sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
    sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
    sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
    java.lang.reflect.Method.invoke(Method.java:597)
    org.apache.catalina.security.SecurityUtil$1.run(SecurityUtil.java:269)
    java.security.AccessController.doPrivileged(Native Method)
    javax.security.auth.Subject.doAsPrivileged(Subject.java:517)
    org.apache.catalina.security.SecurityUtil.execute(SecurityUtil.java:301)
    org.apache.catalina.security.SecurityUtil.doAsPrivilege(SecurityUtil.java:162)
Share

Leave an answer

You must login to add an answer.

Need An Account,

1 Answer

  1. Editorial Team

    Going by the stacktraces in the exception, it looks like the failure is due the inability to find a physical connection in the connection pool, after waiting for a sufficient period of time. The reason for this could be deduced to the following two permissions granted in the policy:

    permission java.net.SocketPermission "*", "resolve"; 
permission java.net.SocketPermission "localhost:5432", "connect,resolve";

    The “connect” action has been allowed only to the localhost, and only at port 5432. If this is not the database server, then it is most likely that physical connections were not created. You’ll need to grant the appropriate permission (SocketPermission) for the required actions (connect,resolve) to the database server.

    Note – the exception stack traces do not indicate that a permission was denied when creating the physical connection. This was deduced; you might want to look for other stack traces or other log files, or enable a lower level of logging, to determine if there are other failures.

    Related:

    1. c3p0 pool cannot establish a coonection. How to debug this?. The tips (especially the third one) in the answer to this question, would go some way in resolving this issue.
    • 0