Skip to main content


Eclipse Community Forums
Forum Search:

Search      Help    Register    Login    Home
Home » Modeling » TMF (Xtext) » java.lang.SecurityException during maven build
java.lang.SecurityException during maven build [message #1705038] Tue, 11 August 2015 15:12 Go to next message
Roland Menznerowski is currently offline Roland MenznerowskiFriend
Messages: 1
Registered: August 2015
Junior Member
After updating the xtext version from 2.6.2 to 2.8.4 for the Eclipse Smart Home project i get an SecurityException, during the maven build, which i'm not sure how to fix.

java.lang.RuntimeException: Problems instantiating module org.eclipse.smarthome.model.Sitemap: java.lang.SecurityException: class "org.eclipse.xtext.util.XtextSwitch"'s signer information does not match signer information of other classes in the same package

Does anyone have an idea what the rootcause could be and how i can fix this issue?

Thanks in advance
Re: java.lang.SecurityException during maven build [message #1705088 is a reply to message #1705038] Wed, 12 August 2015 04:33 Go to previous messageGo to next message
Christian Dietrich is currently offline Christian DietrichFriend
Messages: 14661
Registered: July 2009
Senior Member
Hi are you sure you dont have the xtext switch class on the classpath twice. Can you share a example project that reproduces the problem

Twitter : @chrdietrich
Blog : https://www.dietrich-it.de

[Updated on: Wed, 12 August 2015 04:36]

Report message to a moderator

Re: java.lang.SecurityException during maven build [message #1708687 is a reply to message #1705088] Fri, 18 September 2015 17:08 Go to previous messageGo to next message
Stephan Herrmann is currently offline Stephan HerrmannFriend
Messages: 1853
Registered: July 2009
Senior Member
Today this problem happened on one of my tycho builds on one machine - out of the blue.

This is what I did to reduce the risk of incompatibly signed versions of xtext:
- wipe all p2/osgi/bundle/org.eclipse.xtext* org/eclipse/xtext from local maven repo
- ensure tycho will not fetch xtext from any repos / mirrors, except my own local p2 mirror, which only contains one version of Xtext (2.8.4 release)
- after the build check that the local maven repo contains only one version of Xtext

At the last step I found in the local maven repo:
- a signed p2/osgi/bundle/org.eclipse.xtext-2.8.4.v201508050135
- an unsigned org/eclipse/xtext/org.eclipse.xtext-2.8.4.v201508050135.jar

Is s.o. publishing unsigned jars as maven artifacts in the "org.eclipse.xtext" groupId? Could this be stopped?

FWIW, in my case the solution seems to be to remove the following dependencies from the generator invocation (build.plugins.plugin:org.codehaus.mojo:exec-maven-plugin), which once were necessary, but no longer seem to be:
				<dependency>
					<groupId>org.eclipse.xtext</groupId>
					<artifactId>org.eclipse.xtext.xtext</artifactId>
					<version>${version.xtext}</version>
				</dependency>
				<dependency>
					<groupId>org.eclipse.xtext</groupId>
					<artifactId>org.eclipse.xtext.xbase</artifactId>
					<version>${version.xtext}</version>
				</dependency>

This seems to avoid the mix of xtext bundles from the two different maven groupIds.
But, if adding more xtext bundles to these plugin dependencies becomes necessary, using those from p2.osgi.bundle is not a good option, because we are not in a p2-enabled context here.

Stephan
Re: java.lang.SecurityException during maven build [message #1708692 is a reply to message #1708687] Fri, 18 September 2015 19:34 Go to previous messageGo to next message
Stephan Herrmann is currently offline Stephan HerrmannFriend
Messages: 1853
Registered: July 2009
Senior Member
Quote:
in my case the solution seems to be to remove the following dependencies ...


No, the opposite is true (strangely it worked locally, only on jenkins this change broke the build): the dependency must stay, but then I had added another dependency (the plugin containing the model definition against which the DSL is built) and that dependency must exclude the signed version of org.eclipse.xtext:
	<plugin>
		<groupId>org.codehaus.mojo</groupId>
		<artifactId>exec-maven-plugin</artifactId>
		<version>1.2.1</version>
		<executions>
			<execution>
				<id>generate MyDsl</id>
				<phase>generate-sources</phase>
				<goals><goal>java</goal></goals>
				<configuration>
					<arguments>
						<argument>file://${project.basedir}/src/main/java/path/to/GenerateMyDsl.mwe2</argument>
					</arguments>
				</configuration>
			</execution>
		</executions>
		<configuration>
			<includeProjectDependencies>false</includeProjectDependencies>
			<includePluginDependencies>true</includePluginDependencies>
			<mainClass>org.eclipse.emf.mwe2.launch.runtime.Mwe2Launcher</mainClass>
		</configuration>
		<dependencies>
			<dependency>
				<groupId>org.eclipse.xtext</groupId>
				<artifactId>org.eclipse.xtext.xtext</artifactId>
				<version>${version.xtext}</version>
			</dependency>
			<dependency>
				<groupId>org.eclipse.xtext</groupId>
				<artifactId>org.eclipse.xtext.xbase</artifactId>
				<version>${version.xtext}</version>
			</dependency>
			<dependency>
				<groupId>${project.groupId}</groupId>
				<artifactId>com.company.mydsl.model</artifactId>
				<version>${project.version}</version>
				<exclusions>
					<!-- Avoid conflict between signed/unsigned variants of the same jar: -->
					<exclusion>
						<groupId>p2.osgi.bundle</groupId>
						<artifactId>org.eclipse.xtext</artifactId>
					</exclusion>
				</exclusions>
			</dependency>
		</dependencies>
	</plugin>


This ensures that org.eclipse.xtext, which is included as a plain maven dependency isn't additionally included in it's p2 variant. Now we only get the unsigned variant of this jar (while other xtext plugins may be pulled in in either variant as long as there is no conflict).

may this help someone some time
Stephan
Re: java.lang.SecurityException during maven build [message #1708695 is a reply to message #1708692] Fri, 18 September 2015 21:09 Go to previous messageGo to next message
Stefan Oehme is currently offline Stefan OehmeFriend
Messages: 159
Registered: April 2010
Location: Kiel
Senior Member

<groupId>p2.osgi.bundle</groupId>
<artifactId>org.eclipse.xtext</artifactId>


Who is publishing these artifacts? They are not the official Xtext artifacts, so avoid them in your dependencies. All the Xtext artifacts are published under the groupId org.eclipse.xtext
Re: java.lang.SecurityException during maven build [message #1708699 is a reply to message #1708695] Fri, 18 September 2015 22:51 Go to previous messageGo to next message
Stephan Herrmann is currently offline Stephan HerrmannFriend
Messages: 1853
Registered: July 2009
Senior Member
Stefan Oehme wrote on Fri, 18 September 2015 23:09
<groupId>p2.osgi.bundle</groupId>
<artifactId>org.eclipse.xtext</artifactId>


Who is publishing these artifacts? They are not the official Xtext artifacts, so avoid them in your dependencies. All the Xtext artifacts are published under the groupId org.eclipse.xtext


Interestingly it seems that p2.osgi.bundle:org.eclipse.xtext is "more official" than org.eclipse.xtext:org.eclipse.xtext in that the former is signed by the Eclipse Foundation's certificate whereas the latter is not signed.

The groupId "p2.osgi.bundle" is assigned by tycho, so when I build my tool using tycho it populates the local maven repository with all xtext bundles in group "p2.osgi.bundle". Excluding this artifact would require to stop using Xtext, I believe Very Happy

Seriously, the situation seems to be unavoidable if a plugin defining a DSL depends on another plugin that depends on xtext, because in tycho builds those transitive dependencies will all be in the p2.osgi.bundle group.

Am I missing anything?

Stephan
Re: java.lang.SecurityException during maven build [message #1708700 is a reply to message #1708699] Fri, 18 September 2015 22:53 Go to previous messageGo to next message
Stephan Herrmann is currently offline Stephan HerrmannFriend
Messages: 1853
Registered: July 2009
Senior Member
BTW, I never specified any dependency on p2.osgi.bundle:org.eclipse.xtext, this dependency is generated from a Require-Bundle in my plugin's MANIFEST.MF.
Re: java.lang.SecurityException during maven build [message #1708755 is a reply to message #1708700] Sun, 20 September 2015 09:53 Go to previous messageGo to next message
Michael Bischoff is currently offline Michael BischoffFriend
Messages: 19
Registered: August 2012
Junior Member
Hi,
I just got the same problem when updating to 2.8.4 in the same context: In a build of one DSL which depends on another DSL.

It seems to have occurred before, as described by Lorenzo: https://www.eclipse.org/forums/index.php/t/1067923/

Adding the exclusion does not help when I start the build from the parent pom, but I can build the project when I do a module build only

I initially suspected a conflict between a dependency of the eclipse and xtext repos (because one is 2.8.3 the other 2.8.4):
    <repositories>
        <repository>
            <id>p2-xtext</id>
            <layout>p2</layout>
            <url>http://download.eclipse.org/modeling/tmf/xtext/updates/releases/2.8.4/</url>
        </repository>
        <repository>
            <id>p2-mars</id>
            <layout>p2</layout>
            <url>http://download.eclipse.org/releases/mars/201506241002/</url>
        </repository>
    </repositories>


Best regards,
Michael






Re: java.lang.SecurityException during maven build [message #1708756 is a reply to message #1708755] Sun, 20 September 2015 09:59 Go to previous messageGo to next message
Michael Bischoff is currently offline Michael BischoffFriend
Messages: 19
Registered: August 2012
Junior Member
P.S.: Something which I always wondered is that xtext pulls snapshots, despite the poms do not specify any snapshot repo:
Downloading: http://nexus.codehaus.org/snapshots/org/eclipse/emf/org.eclipse.emf.codegen.ecore/2.10.0-v20140519-SNAPSHOT/maven-metadata.xml

I first thought it's a wrong configuration in my pom, but I see these as well when I build https://github.com/xtext/maven-xtext-example
Re: java.lang.SecurityException during maven build [message #1708835 is a reply to message #1708755] Mon, 21 September 2015 15:54 Go to previous messageGo to next message
Stephan Herrmann is currently offline Stephan HerrmannFriend
Messages: 1853
Registered: July 2009
Senior Member
Michael Bischoff wrote on Sun, 20 September 2015 11:53
... Adding the exclusion does not help when I start the build from the parent pom, but I can build the project when I do a module build only


On Friday it worked for me in both kinds of builds. Today, and on a different DSL family I see the same: inividual module can be built, building the full set via the parent throws the same SecurityException.

On inspecting the maven debug output, I found yet another name for the "same" artifact: "p2.eclipse-plugin:org.eclipse.xtext:jar:2.8.4.v201508050135:system". I can assure that I never mentioned this G:A anywhere in my configuration. But "eclipse-plugin" sure looks like the name of the tycho packaging used. If, OTOH, "system" indicates that tycho + m2e-tycho-connector find this dependency in the host Eclipse (or target platform), then we're sure pulling in a correctly signed variant from yet another source, while we have to strictly avoid any signed bundles in this context.

In order to exclude this "p2.eclipse-plugin" variant I had to do some more steps:
- set includeProjectDependencies to false in the configuration of exec-maven-plugin
- explicitly include the current module(!) in the plugin dependencies of exec-maven-plugin
- explicitly exclude p2.eclipse-plugin:org.eclipse.xtext in all DSL related plugin dependencies

But then org.eclipse.emf.mwe2.launch.runtime.Mwe2Launcher was no longer found, so it seems I would have to repeat all dependencies from MANIFEST.MF in this plugin dependencies section. Wow ... I'm no longer sure I'll manage to workaround bug.


Quote:

I initially suspected a conflict between a dependency of the eclipse and xtext repos (because one is 2.8.3 the other 2.8.4):


I wouldn't expect that to create a conflict, because all artifacts on eclipse.org servers should be signed with the same certificate.

It requires a mix of different distribution channels to procude the bug.
Stephan
Re: java.lang.SecurityException during maven build [message #1708837 is a reply to message #1708835] Mon, 21 September 2015 16:34 Go to previous messageGo to next message
Stephan Herrmann is currently offline Stephan HerrmannFriend
Messages: 1853
Registered: July 2009
Senior Member
Cross referencing:
- I filed https://bugs.eclipse.org/477973
- I found that the dependency "p2.eclipse-plugin:org.eclipse.xtext:jar:2.8.4.v201508050135:system" seems to be caused by m2e

Thus: using the explicit exclusions mentioned above and always calling maven from a terminal successfully works around the bug for me (currently).

Stephan

[Updated on: Mon, 21 September 2015 16:35]

Report message to a moderator

Re: java.lang.SecurityException during maven build [message #1710356 is a reply to message #1708837] Tue, 06 October 2015 08:20 Go to previous messageGo to next message
Michael Bischoff is currently offline Michael BischoffFriend
Messages: 19
Registered: August 2012
Junior Member
Hi,
the change which caused the issue to occur for my project was switching from fornax to maven-exec.
I switched back to the fornax plugin now and have no more build issues.


Best regards,
Michael
Re: java.lang.SecurityException during maven build [message #1712927 is a reply to message #1710356] Thu, 29 October 2015 12:15 Go to previous messageGo to next message
Stephan Herrmann is currently offline Stephan HerrmannFriend
Messages: 1853
Registered: July 2009
Senior Member
Updates (after more discussion in the bug):

- m2e is not to blame, the groupId ps.eclipse-plugin enters the picture when upgrading to Maven 3.3.

- I've asked in tycho-users for clarification about tycho's role in this: https://dev.eclipse.org/mhonarc/lists/tycho-user/msg06826.html
Re: java.lang.SecurityException during maven build [message #1712944 is a reply to message #1712927] Thu, 29 October 2015 13:51 Go to previous messageGo to next message
Christian Dietrich is currently offline Christian DietrichFriend
Messages: 14661
Registered: July 2009
Senior Member
do you have somewhere a complete example for the problem?

Twitter : @chrdietrich
Blog : https://www.dietrich-it.de
Re: java.lang.SecurityException during maven build [message #1713469 is a reply to message #1712944] Wed, 04 November 2015 10:45 Go to previous messageGo to next message
Markus Rathgeb is currently offline Markus RathgebFriend
Messages: 105
Registered: August 2014
Senior Member

Christian Dietrich wrote on Thu, 29 October 2015 13:51
do you have somewhere a complete example for the problem?


See https://bugs.eclipse.org/bugs/show_bug.cgi?id=477973#c10, perhaps this sources could be used.

[Updated on: Wed, 04 November 2015 10:45]

Report message to a moderator

Re: java.lang.SecurityException during maven build [message #1713477 is a reply to message #1713469] Wed, 04 November 2015 12:29 Go to previous message
Christian Dietrich is currently offline Christian DietrichFriend
Messages: 14661
Registered: July 2009
Senior Member
i have attached a patch to that bug that reproduces the problem with maven-xtext-example

Twitter : @chrdietrich
Blog : https://www.dietrich-it.de
Previous Topic:How to get EObject node from proxy node?
Next Topic:Using Gradle to Generate XCore and IncQuery code
Goto Forum:
  


Current Time: Tue Mar 19 10:36:51 GMT 2024

Powered by FUDForum. Page generated in 0.03076 seconds
.:: Contact :: Home ::.

Powered by: FUDforum 3.0.2.
Copyright ©2001-2010 FUDforum Bulletin Board Software

Back to the top