incubator-jspwiki-user mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "George, Kenneth V [NTK]" <Kenneth.V.Geo...@sprint.com>
Subject RE: Profile Security NOT WORKING!!!
Date Thu, 31 Mar 2011 21:49:27 GMT
That's fine, and I don't necessarily disagree with you.

However, although I am running as root (which I probably should not be - but this is a simple
install), I have not changed any of the env. values out-of-the-box for CENTOS 5.5.   Other
than me specifying JAVA_HOME, no other env. variable is being set.  What is very strange about
this, is that is happens exactly the same on 2 different machines, using 2 different OS'es,
and 2 slightly different JDK's.

Just for grins, I re-tested again on the Windows installation (Tomcat 6.0.32, JDK 1.6.0_24/1.5.0_32).

After running the Security Configuration Verification page, I still get ALL GREENS for JDK
1.6 and mixed GREEN/RED for JDK 1.5.

-----Original Message-----
From: Joseph Mocker [mailto:mock@fakebelieve.org]
Sent: Thursday, March 31, 2011 3:27 PM
To: jspwiki-user@incubator.apache.org
Subject: Re: Profile Security NOT WORKING!!!

Are there freshly installed JDKs and servers, user accounts?
Are you using JDKs provided by the Linux distro or one you downloaded separately from Oracle?
(Its always possible that there is some configuration anywhere in the above that is interfering
with reading jspwiki.policy.)

What do the user environment variables look like when you start tomcat?
Do you have any special CATALINA_OPTS or JAVA_OPTS defined in catalina.sh?

It would appear to be something in your environment, as Janne, myself and others all have
been successful so its got to be something in your environment, just need to find it.

FWIW: I installed tomcat6 ubuntu dist (via apt-get tomcat6) which also installed OpenJDK,
also worked for me.

   --joe

On 3/31/2011 12:34 PM, George, Kenneth V [NTK] wrote:
> Thanks for taking the time to research all of this.
>
> I am not sure why things are not working for me with 2 different machines and flavors
1.6 JDK (which is very frustrating since I think 1.5 is about to go the way of 1.4 - eol).
>
> I enabled the SecurityConfig.jsp and was able to show using 1.6 and Tomcat 6.0.32  I
would get ALL GREEN boxes no matter what I would set jspwiki.policy to, and would get a mix
of GREEN and RED using 1.5.
>
> I was thinking that maybe I should d/l the source and try to build the JSPWiki.jar file
using 1.6 and see if I get different results.  Just not sure.
>
> From: Joseph Mocker [mailto:mock@fakebelieve.org]
> Sent: Thursday, March 31, 2011 2:16 PM
> To: jspwiki-user@incubator.apache.org
> Subject: Re: Profile Security NOT WORKING!!!
>
> All this commotion got the best of me, so I gave it a spin. Plus I'm running 2.4 and
I probably should really upgrade.
>
> At any rate, seemed to work for me, here's what I did:
>
>    1.  Spun up a new Ubuntu Server 10.10 X64 VM
>    2.  Created install folder /app
>    3.  Downloaded JDK 1.6.0_24 X64 from Oracle
>    4.  Installed Java into /app/jdk1.6.0_24
>    5.  export JAVA_HOME=/app/jdk1.6.0_24
>    6.  Downloaded Tomcat 6.0.32
>    7.  Installed Tomcat in /app/web/apache-tomcat-6.0.32
>    8.  Started up Tomcat to make sure its working. It was. Shut it down.
>    9.  Downloaded JSPWiki 2.8.4
>    10. Installed JSPWiki into /app/web/sites/default/webapps/wiki
>    11. Installed corepages into /app/web/sites/default/webapps/wiki
>    12. Edited jspwiki.properties to fix paths for pageDir and storageDir
>    13. Created Tomcat webapp descriptor in /app/web/apache-tomcat-6.0.32/conf/Catalina/localhost/wiki.xml
(attached)
>    14. Started up Tomcat hit the /wiki/Installer.jsp page in browser.
>    15. Restarted Tomcat. Verified I could create files as anonymous, and I could login
to admin account.
>    16. Changed WEB-INF/jspwiki.policy (attached) file so that only logged in users can
create/modify pages.
>    17. Restarted Tomcat. Verified I could not created/modify pages until I logged in.
> Seemed pretty straight forward to me. Much easier than getting JSPWiki 2.4 with a custom
jspwiki.policy to work with Sun Java System Web Server 7.0.
>
> :-)
>
>   The Security Configuration Verifier showed the exact permissions of what I could do.
>
>    --joe
>
>
> On 3/31/2011 6:28 AM, George, Kenneth V [NTK] wrote:
>
> ...AND...on my test machine (local) I am using  1.6.0_24
>
>
>
> C:\Documents and Settings\kvg6037>java -version
>
> java version "1.6.0_24"
>
> Java(TM) SE Runtime Environment (build 1.6.0_24-b07)
>
> Java HotSpot(TM) Client VM (build 19.1-b02, mixed mode, sharing)
>
>
>
> -----Original Message-----
>
> From: Janne Jalkanen [mailto:Janne.Jalkanen@ecyrd.com]
>
> Sent: Thursday, March 31, 2011 1:42 AM
>
> To:
> jspwiki-user@incubator.apache.org<mailto:jspwiki-user@incubator.apache
> .org>
>
> Subject: Re: Profile Security NOT WORKING!!!
>
>
>
>
>
> This is odd, since I'm running on same JSPWiki, Ubuntu 10.04, Tomcat 6.0.32 (which is
BTW a recommended upgrade; Chrome 10 breaks on occasion otherwise), and I have jspwiki.policy
working. However, I am running OpenJDK 6b20-1.9.7-0ubuntu1~10.04.1.
>
>
>
> Is it possible that for some reason Sun JDK's built-in policy management is kicking in
here? Or that it might just be broken in some odd fashion. Can you try OpenJDK and see if
that works for you?
>
>
>
> /Janne
>
>
> ________________________________
>
> This e-mail may contain Sprint Nextel proprietary information intended for the sole use
of the recipient(s). Any use by others is prohibited. If you are not the intended recipient,
please contact the sender and delete all copies of the message.
>



________________________________

This e-mail may contain Sprint Nextel proprietary information intended for the sole use of
the recipient(s). Any use by others is prohibited. If you are not the intended recipient,
please contact the sender and delete all copies of the message.


Mime
View raw message