accesscontroltool
accesscontroltool copied to clipboard
Published
20 hours ago •
Netcentric
Netcentric
PackageException: No modifiable ACL
During installation of our configuration package we get the following exception (full stacktrace at the end of the description).
org.apache.jackrabbit.vault.packaging.PackageException: No modifiable ACL at /etc/tags/articleType
System:
- AEM 6.3 (SP2, CFP 6.3.2.1)
- Access Control Tool Version 2.0.1 and 2.0.11
The same exception happens every time the package is installed (so installing it twice) will also get you the same exception.
Steps to reproduce:
Sadly, at the moment I can not provide information on how to reproduce this issue since this does not happen on all of our environments (locally it can not be reproduced).
Full Stacktrace:
06.08.2018 10:59:07.798 *WARN* [qtp1864180663-29491] org.apache.jackrabbit.vault.packaging.impl.InstallHookProcessorImpl Hook actool threw package exception. Prepare aborted.
org.apache.jackrabbit.vault.packaging.PackageException: No modifiable ACL at /etc/tags/articleType
at biz.netcentric.cq.tools.actool.installhook.AcToolInstallHook.execute(AcToolInstallHook.java:68)
at org.apache.jackrabbit.vault.packaging.impl.InstallHookProcessorImpl.execute(InstallHookProcessorImpl.java:148)
at org.apache.jackrabbit.vault.packaging.impl.ZipVaultPackage.extract(ZipVaultPackage.java:227)
at org.apache.jackrabbit.vault.packaging.impl.JcrPackageImpl.extract(JcrPackageImpl.java:398)
at org.apache.jackrabbit.vault.packaging.impl.JcrPackageImpl.extract(JcrPackageImpl.java:357)
at org.apache.jackrabbit.vault.packaging.impl.JcrPackageImpl.install(JcrPackageImpl.java:351)
at com.day.crx.packaging.impl.J2EEPackageManager.consoleInstall(J2EEPackageManager.java:353)
at com.day.crx.packaging.impl.J2EEPackageManager.doPost(J2EEPackageManager.java:191)
at com.day.crx.packaging.impl.PackageManagerServlet.doPost(PackageManagerServlet.java:128)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:644)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:725)
at org.apache.felix.http.base.internal.handler.ServletHandler.handle(ServletHandler.java:85)
at org.apache.felix.http.base.internal.dispatch.InvocationChain.doFilter(InvocationChain.java:79)
at com.adobe.granite.license.impl.LicenseCheckFilter.doFilter(LicenseCheckFilter.java:308)
at org.apache.felix.http.base.internal.handler.FilterHandler.handle(FilterHandler.java:135)
at org.apache.felix.http.base.internal.dispatch.InvocationChain.doFilter(InvocationChain.java:74)
at org.apache.felix.http.sslfilter.internal.SslFilter.doFilter(SslFilter.java:96)
at org.apache.felix.http.base.internal.handler.FilterHandler.handle(FilterHandler.java:135)
at org.apache.felix.http.base.internal.dispatch.InvocationChain.doFilter(InvocationChain.java:74)
at org.apache.sling.security.impl.ReferrerFilter.doFilter(ReferrerFilter.java:295)
at org.apache.felix.http.base.internal.handler.FilterHandler.handle(FilterHandler.java:135)
at org.apache.felix.http.base.internal.dispatch.InvocationChain.doFilter(InvocationChain.java:74)
at org.apache.sling.i18n.impl.I18NFilter.doFilter(I18NFilter.java:138)
at org.apache.felix.http.base.internal.handler.FilterHandler.handle(FilterHandler.java:135)
at org.apache.felix.http.base.internal.dispatch.InvocationChain.doFilter(InvocationChain.java:74)
at org.apache.felix.http.base.internal.dispatch.Dispatcher.dispatch(Dispatcher.java:127)
at org.apache.felix.http.base.internal.dispatch.DispatcherServlet.service(DispatcherServlet.java:49)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:725)
at org.eclipse.jetty.servlet.ServletHolder.handle(ServletHolder.java:812)
at org.eclipse.jetty.servlet.ServletHandler.doHandle(ServletHandler.java:587)
at org.eclipse.jetty.server.session.SessionHandler.doHandle(SessionHandler.java:221)
at org.eclipse.jetty.server.handler.ContextHandler.doHandle(ContextHandler.java:1127)
at org.eclipse.jetty.servlet.ServletHandler.doScope(ServletHandler.java:515)
at org.eclipse.jetty.server.session.SessionHandler.doScope(SessionHandler.java:185)
at org.eclipse.jetty.server.handler.ContextHandler.doScope(ContextHandler.java:1061)
at org.eclipse.jetty.server.handler.ScopedHandler.handle(ScopedHandler.java:141)
at org.eclipse.jetty.server.handler.ContextHandlerCollection.handle(ContextHandlerCollection.java:215)
at org.eclipse.jetty.server.handler.HandlerWrapper.handle(HandlerWrapper.java:97)
at org.eclipse.jetty.server.Server.handle(Server.java:499)
at org.eclipse.jetty.server.HttpChannel.handle(HttpChannel.java:311)
at org.eclipse.jetty.server.HttpConnection.onFillable(HttpConnection.java:257)
at org.eclipse.jetty.io.AbstractConnection$2.run(AbstractConnection.java:544)
at org.eclipse.jetty.util.thread.QueuedThreadPool.runJob(QueuedThreadPool.java:635)
at org.eclipse.jetty.util.thread.QueuedThreadPool$3.run(QueuedThreadPool.java:555)
at java.lang.Thread.run(Thread.java:748)
Caused by: javax.jcr.security.AccessControlException: No modifiable ACL at /etc/tags/articleType
at biz.netcentric.cq.tools.actool.helper.AccessControlUtils.getModifiableAcl(AccessControlUtils.java:235)
at biz.netcentric.cq.tools.actool.aceinstaller.BaseAceBeanInstaller.installPathBasedACEs(BaseAceBeanInstaller.java:75)
at biz.netcentric.cq.tools.actool.impl.AcInstallationServiceImpl.installAces(AcInstallationServiceImpl.java:382)
at biz.netcentric.cq.tools.actool.impl.AcInstallationServiceImpl.installAcConfiguration(AcInstallationServiceImpl.java:242)
at biz.netcentric.cq.tools.actool.impl.AcInstallationServiceImpl.installMergedConfigurations(AcInstallationServiceImpl.java:520)
at biz.netcentric.cq.tools.actool.impl.AcInstallationServiceImpl.installConfigurationFiles(AcInstallationServiceImpl.java:205)
at biz.netcentric.cq.tools.actool.installhook.impl.AcToolInstallHookServiceImpl.installYamlFilesFromPackage(AcToolInstallHookServiceImpl.java:47)
at biz.netcentric.cq.tools.actool.installhook.AcToolInstallHook.execute(AcToolInstallHook.java:62)
... 44 common frames omitted
Could this be related to the usage of the Composite NodeStore? That would indeed prevent modifying ACLs on that area. But I fear there is nothing that the ACTool could in that case...
