Security restricted Error in Script
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
05-18-2015 03:06 AM
We are trying to get private key from a .pkcs file by following script.
_getPrivateKey: function(){
var BufferedInputStream = Packages.java.io.BufferedInputStream;
var KeyFactory = Packages.java.security.KeyFactory; gs.log("after key factory calling REST msgt");
var PKCS8EncodedKeySpec = Packages.java.security.spec.PKCS8EncodedKeySpec;
var SysAttachment = Packages.com.glide.ui.SysAttachment;
var certID = gs.getProperty("com.snc.integration.chef.privateKeySysId");
var sa = new SysAttachment(); var privKeyBytes = sa.getBytes("sys_certificate", certID);
var keyFactory = KeyFactory.getInstance("RSA");
var ks = new PKCS8EncodedKeySpec(privKeyBytes); var privKey = keyFactory.generatePrivate(ks);
return privKey;
}
But we are getting Error: Security restricted: Attempted access to restricted class name java.security.KeyFactory Evaluator: java.lang.SecurityException: Illegal attempt to access class 'java.security.KeyFactory' via script Caused by error in Script Include
Kindly provide some guidelines to resolve this error.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
05-19-2015 02:15 PM
Anurag,
It appears that the code you are using is from this website and was written 2 years and was probably developed for Calgary. I did a quick test and that error does not seem to appear on Calgary instances, but does occur on Eureka. What version of ServiceNow are you running? Also, have you tried reaching out to John Andersen?
Opscode Chef Integration Library for ServiceNow-John Andersen
I noticed that someone else from your company has also submitted a HI incident for this as well. Please be sure to post the answer you receive through the HI incident in this thread to share with the community.
Thanks
Brian
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
05-20-2015 02:34 AM
Hi Brian,
We are using Eureka version, we have created an incident in Hi as well, we got this response:-
(However this error is from the implementation idea from blog but not from any instruction from our wiki page, at technical support, troubleshooting any error getting from implementation of the external blog is out of scope, you will need to contact the author of the blog or post question on community for further advise.)
Plz Help US!!
Thanks
Anurag
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
05-20-2015 08:01 AM
Anurag,
The latest versions of ServiceNow prevent any access to Java Packages through JavaScript calls. If you would like to see a JavaScript API to access java.security.KeyFactory you will have to submit an enhancement request.
ServiceNow KB: Requesting ServiceNow product enhancements (KB0547257)
As I mentioned and as the support team suggested, it would be best to contact the author of the original Script Include to see if there is an updated version. John Andersen is a member of the community so you will want to reach out to him.
Is there a reason you can not use the Chef plugin?
http://wiki.servicenow.com/index.php?title=Chef_Configuration_Automation#gsc.tab=0
Thanks
Brian
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
05-20-2015 09:24 AM
Brian is right on with this. Package calls access continues to be removed from the platform. This library I wrote is older and existed before they removed Package access. The Chef Configuration script has not been updated primarily because our development team built the Chef Automation components for orchestration. I recommend going to OOB ServiceNow code that you don't have to build and maintain Chef code yourself.
