struts-user mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Martin Gainty <mgai...@hotmail.com>
Subject RE: Access Denied error with Struts 2.1.8
Date Mon, 05 Oct 2009 19:39:38 GMT

1)check that the jar is located is a valid jar(can be opened by tomcat container)
chances are if you cant open with winzip or 7zip its an invalid jar

2)in $CATALINA_HOME/conf/catalina.policy grant permissions for catalina container to read
that jar
grant codeBase "file:${catalina.home}/webapps/war/WEB-INF/lib/struts2-core-2.1.8.jar" 
{
        permission java.security.AllPermission;
};

3)make sure the user running tomcat has read and execute access to the file e.g.
ls -al ${catalina.home}/webapps/war/WEB-INF/lib/struts2-core-2.1.8.jar" 

$ ls -al struts2-core-2.1.8.jar
---------- 1 foouser foopasswd 11142686 Oct  4 21:58 struts2-core-2.1.8.jar

$ chmod +rx struts2-core-2.1.8.jar

$ ls -al struts2-core-2.1.8.jar
-r-xr-xr-x 1 Administrator mkpasswd 11142686 Oct  4 21:58 struts2-core-2.1.8.jar

foouser can now read and execute struts2-core-2.1.8.jar
Martin Gainty 
______________________________________________ 
Verzicht und Vertraulichkeitanmerkung/Note de déni et de confidentialité
 
Diese Nachricht ist vertraulich. Sollten Sie nicht der vorgesehene Empfaenger sein, so bitten
wir hoeflich um eine Mitteilung. Jede unbefugte Weiterleitung oder Fertigung einer Kopie ist
unzulaessig. Diese Nachricht dient lediglich dem Austausch von Informationen und entfaltet
keine rechtliche Bindungswirkung. Aufgrund der leichten Manipulierbarkeit von E-Mails koennen
wir keine Haftung fuer den Inhalt uebernehmen.
Ce message est confidentiel et peut être privilégié. Si vous n'êtes pas le destinataire
prévu, nous te demandons avec bonté que pour satisfaire informez l'expéditeur. N'importe
quelle diffusion non autorisée ou la copie de ceci est interdite. Ce message sert à l'information
seulement et n'aura pas n'importe quel effet légalement obligatoire. Étant donné que les
email peuvent facilement être sujets à la manipulation, nous ne pouvons accepter aucune
responsabilité pour le contenu fourni.




> Date: Mon, 5 Oct 2009 12:41:34 -0600
> From: daneclab@gmail.com
> To: user@struts.apache.org
> Subject: Re: Access Denied error with Struts 2.1.8
> 
> I am still looking for a solution to my problem. Does anyone have any 
> other ideas. I'm not quite sure how to go about checking the security 
> manager as mentioned below. I tried the 2.1.8.1 version but that didn't 
> work. That's what I expected since it looks like 2.1.8.1 did not touch 
> the struts2 core jar file.
> 
> On 10/2/2009 2:01 AM, Allen Lee wrote:
> > It kind of looks like a security manager / policy permissions issue to
> > me from the access denied message.  Like your app server has a grant
> > codebase set for the old struts jar but not the new one.  I'm not sure
> > how to set the grant codebase perms on Jetty though (jetty.policy?).
> >
> > On Thu, Oct 1, 2009 at 3:04 PM, Dan R. Olsen III<daneclab@gmail.com>  wrote:
> >    
> >> When I am trying to run my Struts application under 2.1.8 I am getting an
> >> "Access Denied" error. I have checked the file permissions on the
> >> struts-core-2.1.8.jar file and it is the same as my 2.1.6 file. Under 2.1.6
> >> it works just fine. Any ideas? The error and stack trace I get are below.
> >>
> >>
> >>    HTTP ERROR: 500
> >>
> >> access denied (java.io.FilePermission jar:file:\C:\Documents and
> >> Settings\...\war\WEB-INF\lib\struts2-core-2.1.8.jar read)
> >>
> >> RequestURI=/success
> >>
> >>
> >>      Caused by:
> >>
> >> java.security.AccessControlException: access denied (java.io.FilePermission
> >> jar:file:\C:\Documents and Settings\DOLSEN\My
> >> Documents\Eclipse3.5Projects\Temp\war\WEB-INF\lib\struts2-core-2.1.8.jar
> >> read)
> >>         at
> >> java.security.AccessControlContext.checkPermission(AccessControlContext.java:323)
> >>         at
> >> java.security.AccessController.checkPermission(AccessController.java:546)
> >>         at
> >> java.lang.SecurityManager.checkPermission(SecurityManager.java:532)
> >>         at
> >> com.google.appengine.tools.development.DevAppServerFactory$CustomSecurityManager.checkPermission(DevAppServerFactory.java:139)
> >>         at java.lang.SecurityManager.checkRead(SecurityManager.java:871)
> >>         at java.util.zip.ZipFile.(ZipFile.java:109)
> >>         at java.util.jar.JarFile.(JarFile.java:133)
> >>         at java.util.jar.JarFile.(JarFile.java:70)
> >>         at
> >> com.opensymphony.xwork2.util.FileManager$JarEntryRevision.needsReloading(FileManager.java:264)
> >>         at
> >> com.opensymphony.xwork2.util.FileManager.fileNeedsReloading(FileManager.java:70)
> >>         at
> >> com.opensymphony.xwork2.config.providers.XmlConfigurationProvider.needsReload(XmlConfigurationProvider.java:324)
> >>         at
> >> org.apache.struts2.config.StrutsXmlConfigurationProvider.needsReload(StrutsXmlConfigurationProvider.java:168)
> >>         at
> >> com.opensymphony.xwork2.config.ConfigurationManager.conditionalReload(ConfigurationManager.java:220)
> >>         at
> >> com.opensymphony.xwork2.config.ConfigurationManager.getConfiguration(ConfigurationManager.java:61)
> >>         at
> >> org.apache.struts2.dispatcher.Dispatcher.getContainer(Dispatcher.java:819)
> >>         at
> >> org.apache.struts2.dispatcher.ng.PrepareOperations.createActionContext(PrepareOperations.java:77)
> >>         at
> >> org.apache.struts2.dispatcher.ng.filter.StrutsPrepareAndExecuteFilter.doFilter(StrutsPrepareAndExecuteFilter.java:78)
> >>         at
> >> org.mortbay.jetty.servlet.ServletHandler$CachedChain.doFilter(ServletHandler.java:1084)
> >>         at
> >> com.google.apphosting.utils.servlet.TransactionCleanupFilter.doFilter(TransactionCleanupFilter.java:43)
> >>         at
> >> org.mortbay.jetty.servlet.ServletHandler$CachedChain.doFilter(ServletHandler.java:1084)
> >>         at
> >> com.google.appengine.tools.development.StaticFileFilter.doFilter(StaticFileFilter.java:121)
> >>         at
> >> org.mortbay.jetty.servlet.ServletHandler$CachedChain.doFilter(ServletHandler.java:1084)
> >>         at
> >> org.mortbay.jetty.servlet.ServletHandler.handle(ServletHandler.java:360)
> >>         at
> >> org.mortbay.jetty.security.SecurityHandler.handle(SecurityHandler.java:216)
> >>         at
> >> org.mortbay.jetty.servlet.SessionHandler.handle(SessionHandler.java:181)
> >>         at
> >> org.mortbay.jetty.handler.ContextHandler.handle(ContextHandler.java:712)
> >>         at
> >> org.mortbay.jetty.webapp.WebAppContext.handle(WebAppContext.java:405)
> >>         at
> >> com.google.apphosting.utils.jetty.DevAppEngineWebAppContext.handle(DevAppEngineWebAppContext.java:54)
> >>         at
> >> org.mortbay.jetty.handler.HandlerWrapper.handle(HandlerWrapper.java:139)
> >>         at
> >> com.google.appengine.tools.development.JettyContainerService$ApiProxyHandler.handle(JettyContainerService.java:313)
> >>         at
> >> org.mortbay.jetty.handler.HandlerWrapper.handle(HandlerWrapper.java:139)
> >>         at org.mortbay.jetty.Server.handle(Server.java:313)
> >>         at
> >> org.mortbay.jetty.HttpConnection.handleRequest(HttpConnection.java:506)
> >>         at
> >> org.mortbay.jetty.HttpConnection$RequestHandler.headerComplete(HttpConnection.java:830)
> >>         at org.mortbay.jetty.HttpParser.parseNext(HttpParser.java:514)
> >>         at org.mortbay.jetty.HttpParser.parseAvailable(HttpParser.java:211)
> >>         at org.mortbay.jetty.HttpConnection.handle(HttpConnection.java:381)
> >>         at
> >> org.mortbay.io.nio.SelectChannelEndPoint.run(SelectChannelEndPoint.java:396)
> >>         at
> >> org.mortbay.thread.BoundedThreadPool$PoolThread.run(BoundedThreadPool.java:442)
> >>
> >> /Powered by Jetty://<http://jetty.mortbay.org/>/
> >>
> >>
> >>
> >>
> >>
> >>
> >>
> >>
> >>
> >>
> >>
> >>
> >>
> >>
> >>
> >>
> >>
> >>
> >>
> >>
> >>
> >>
> >>
> >>      
> > ---------------------------------------------------------------------
> > To unsubscribe, e-mail: user-unsubscribe@struts.apache.org
> > For additional commands, e-mail: user-help@struts.apache.org
> >
> >    
 		 	   		  
_________________________________________________________________
Hotmail: Powerful Free email with security by Microsoft.
http://clk.atdmt.com/GBL/go/171222986/direct/01/
Mime
  • Unnamed multipart/alternative (inline, None, 0 bytes)
View raw message