jackrabbit-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Charles Brooking" <public+jackrab...@charlie.brooking.id.au>
Subject Deploying to Tomcat
Date Sat, 22 Nov 2008 16:40:47 GMT
Hi all

Some quick notes and questions about deploying jackrabbit-webapp to Tomcat:

I found logging didn't get output to the usual catalina log. This may be
because Tomcat (on Debian at least) uses commons-logging and
jackabbit-webapp uses SLF4J/Log4J by default, or because the console
appender just doesn't get directed that way, or something else - I'm no
logging expert. But when I modified /WEB-INF/log4j.xml by enabling the
FileAppender and setting its path to
"${catalina.base}/logs/jackrabbit.log" I at least got something.

I also had issues with the security manager, which throws access denied
exceptions for many, many things. Are people just granting
"java.security.AllPermission" or running without a security manager? I
made a brief attempt at writing a policy, but didn't get far:

grant codeBase "file:${catalina.base}/webapps/jackrabbit/-" {
    permission java.util.PropertyPermission "*", "read, write";
    //permission java.lang.RuntimePermission "createClassLoader"; // for
derby (still get errors)
    permission java.net.SocketPermission "*", "connect,resolve"; //
localhost:1099, ...
    permission org.apache.naming.JndiPermission "*"; // jackrabbit.repository
    permission javax.security.auth.AuthPermission "*"; //
modifyPrincipals, modifyPublicCredentials, ...
    permission java.io.FilePermission
"${catalina.base}/webapps/jackrabbit/bootstrap.properties", "write";
    permission java.io.FilePermission
"${catalina.base}/webapps/jackrabbit/repository", "write";
    permission java.io.FilePermission
"${catalina.base}/webapps/jackrabbit/repository/-", "write, delete";
    permission java.io.FilePermission
"${catalina.base}/logs/jackrabbit.log", "read, write";
    permission java.io.FilePermission "${catalina.base}/temp/-", "read,
write, delete";
};

Would be interested to know if I'm going about this in a weird way...

Later
Charlie


Mime
View raw message