Our company has a security policy for tomcat we will have to request if there is any new security policy required. I am using spring-cloud-starter-hystrix-1.4.1.RELEASE which is using archaius-core-0.7.4.jar. Our server administrators definitely not going to give the following permission which basically asking for read write permissions for everything
Caused by: java.lang.ExceptionInInitializerError
at com.netflix.config.DynamicPropertyFactory.getInstance(DynamicPropertyFactory.java:277)
at com.netflix.hystrix.contrib.metrics.eventstream.HystrixMetricsStreamServlet.<clinit>(HystrixMetricsStreamServlet.java:55)
at sun.reflect.NativeConstructorAccessorImpl.newInstance0(Native Method)
at sun.reflect.NativeConstructorAccessorImpl.newInstance(NativeConstructorAccessorImpl.java:62)
at sun.reflect.DelegatingConstructorAccessorImpl.newInstance(DelegatingConstructorAccessorImpl.java:45)
at java.lang.reflect.Constructor.newInstance(Constructor.java:423)
at java.lang.Class.newInstance(Class.java:442)
at org.springframework.web.servlet.mvc.ServletWrappingController.afterPropertiesSet(ServletWrappingController.java:144)
at org.springframework.cloud.netflix.endpoint.ServletWrappingEndpoint.afterPropertiesSet(ServletWrappingEndpoint.java:50)
at org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory$6.run(AbstractAutowireCapableBeanFactory.java:1677)
at java.security.AccessController.doPrivileged(Native Method)
at org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.invokeInitMethods(AbstractAutowireCapableBeanFactory.java:1674)
at org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.initializeBean(AbstractAutowireCapableBeanFactory.java:1624)
... 107 more
Caused by: java.lang.RuntimeException: Error initializing configuration
at com.netflix.config.ConfigurationManager.<clinit>(ConfigurationManager.java:109)
... 120 more
Caused by: java.security.AccessControlException: access denied ("java.util.PropertyPermission" "*" "read,write")
at java.security.AccessControlContext.checkPermission(AccessControlContext.java:472)
at java.security.AccessController.checkPermission(AccessController.java:884)
at java.lang.SecurityManager.checkPermission(SecurityManager.java:549)
at java.lang.SecurityManager.checkPropertiesAccess(SecurityManager.java:1262)
at java.lang.System.getProperties(System.java:630)
at org.apache.commons.configuration.SystemConfiguration.<init>(SystemConfiguration.java:44)
at com.netflix.config.ConfigurationManager.createDefaultConfigInstance(ConfigurationManager.java:146)
at com.netflix.config.ConfigurationManager.getConfigInstance(ConfigurationManager.java:161)
at com.netflix.config.ConfigurationManager.getConfigInstance(ConfigurationManager.java:176)
at com.netflix.config.ConfigurationBasedDeploymentContext.<init>(ConfigurationBasedDeploymentContext.java:108)
at com.netflix.config.ConfigurationManager.<clinit>(ConfigurationManager.java:104)
... 120 more
After researching on why archaius.dynamicProperty.disableSystemConfig value in ConfigurationManager is false by default which is letting archaius default system configuration. commons-configuration jar has a code which is using System.getProperties() and that is why I am seeing this error.
We are not using archaius so excluded ArchaiusAutoConfiguration.class from spring boot application class but it seems like it is still looking for configuration.
My question is how do i disable archaius ? Is ArchaiusAutoConfiguration exclusion from spring boot application class itself is not enough ? If i have to set archaius.dynamicProperty.disableSystemConfig value to true, how can i do it and where ?
Raised an issue on github as well https://github.com/Netflix/archaius/issues/539
The property archaius.dynamicProperty.disableSystemConfig
must be declared as System Property. Archaius only tries to read this value of this property from System Property.
Source Code : https://github.com/Netflix/archaius/blob/master/archaius-core/src/main/java/com/netflix/config/ConfigurationManager.java#L165
I think that disabling ArchaiusAutoConfiguration
itself is not a good idea. Netflix OSS is using archaius and Spring Cloud provides its properties - defined in Spring - into archaius. Therefore Netflix OSS inside Spring Cloud would not work properly without it.