Log in to create and rate content, and to follow, bookmark, and share content with other members. Not a member? Join Now!

AnsweredAssumed Answered

Unsigned B2 <...> requested a permission that only signed B2s are allowed to have

Question asked by aw21431 on Apr 13, 2017
Latest reply on Apr 27, 2017 by pyotr

Like • Show 0 Likes0
Comment • 6

We have just upgraded our test server to 2017 Q2 and we're seeing a bit of log spam caused by (mostly our in house) unsigned B2s.

I had a quick search around and couldn't see any guides on how to sign our B2s.

I'm using Eclipse and Gradle and any pointers / guides would be appreciated

shane Apr 23, 2017 9:19 PM

Correct Answer

Hi Andrew,

You cannot sign your B2s. Well, you can, but it wont help. What the error should say is the B2 "requested a permission that only B2s signed by Bb are allowed to have."

Cheers,

Shane.

See the reply in context

No one else had this question

Outcomes

6 Replies

shane Apr 23, 2017 9:19 PM
Unmark Correct
Correct Answer
Hi Andrew,

You cannot sign your B2s. Well, you can, but it wont help. What the error should say is the B2 "requested a permission that only B2s signed by Bb are allowed to have."

Cheers,
Shane.
Like • Show 0 Likes0
Actions
- aw21431 @ shane on Apr 24, 2017 3:48 PM
  Mark Correct
  Correct Answer
  Thanks Shane,
  I guess it's time to audit my B2s and see if they need the permissions to function and what the alternatives to how I'm using them are (if any).
  
  Which will probably mean moving to using DAO for most things rather than grabbing a Db connection directly.
  Like • Show 0 Likes0
  Actions
  - shane @ aw21431 on Apr 25, 2017 8:17 PM
    Mark Correct
    Correct Answer
    Hi Andrew Wiles,
    
    I'd love to hear the results of your auditing. It will be good to get a list together of what Blackboard is restricting.
    
    They have announced that the <<ALL FILES>> permission will be going in 2017 Q4.
    
    Cheers,
    Shane.
    Like • Show 0 Likes0
    Actions
    - aw21431 @ shane on Apr 26, 2017 4:21 AM
      Mark Correct
      Correct Answer
      Hi Shane,
      
      The results are in.
      There were only two (repeated) permissions that in my manifests which were generating the warnings, these were:
      <permission type="java.util.PropertyPermission" name="*" actions="read,write" />
      Which I think I've picked up from a Spring B2 tutorial / template somewhere? Learn 3200 seems content with having this left as actions="read".
      And,
      <permission type="java.lang.RuntimePermission" name="*"/>
      Which I must have picked up somewhere for my non-Springy B2s but doesn't affect anything when I remove it.
      
      Panic over!
      
      Cheers,
      Andrew
      2 people found this helpful
      Like • Show 1 Like1
      Actions
      - shane @ aw21431 on Apr 26, 2017 7:32 PM
        Mark Correct
        Correct Answer
        I wonder if perhaps it is the asterisk in the name field that is blocked as of 2017 Q2. Mark Kauffman or Scott Hurrey are you able to provide any light on what permissions are being restricted in which versions (beyond the ALL FILES permission).
        
        Cheers,
        Shane.
        Like • Show 0 Likes0
        Actions
- pyotr @ shane on Apr 27, 2017 5:29 AM
  Mark Correct
  Correct Answer
  Actually, you can. But it's only practical when you're self-hosted as you need to put the public key (corresponding to the private key that you used for signing) somewhere in the Blackboard configuration directory (config/internal/certs/ ?) and restart Blackboard before uploading your b2. At least, that worked a few years back (unfortunately I didn't document the exact steps taken).
  Like • Show 0 Likes0
  Actions

Unsigned B2 <...> requested a permission that only signed B2s are allowed to have

Outcomes

Related Content

Recommended Content