tomcat-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Vladimir Grishchenko <VGrishche...@SERENA.com>
Subject RE: webapp classloader ProtectionDomain (running secured tomcat)
Date Mon, 09 Jul 2001 17:42:16 GMT
I have a feeling that it's a general problem with servlet containers. It's
not in the spec (well, I don't remember exatctly...) so every container
implementation can choose what to do. What it means is that there's no way
to create a container neutral application if one wants to use Java security
mechanisms.

--V.

-----Original Message-----
From: Glenn Nielsen [mailto:glenn@voyager.apg.more.net]
Sent: Monday, July 09, 2001 10:13 AM
To: tomcat-dev@jakarta.apache.org
Subject: Re: webapp classloader ProtectionDomain (running secured
tomcat)


This is true form tomcat 3.x, but not for Tomcat 4.
Tomcat 4 allows setting of different policies for different
locations within a webapp.

Regards,

Glenn

Vladimir Grishchenko wrote:
> 
> Hi there,
> I've posted the message below to tomcat-user but it didn't get much
> attention. Is any work being done to address this?
> 
> Thanks,
> --V.
> 
> ------------------------------------------------
> Hi all,
> 
> It seems that webapp classloader puts all classes loaded from
> a webapp directory into the same ProtectionDomain regardless
> of the location where the class was loaded from (like classes
> dir or a jar file). It means that any security grant entry granting
> permssions to a webapp codesource effectively grants the same set
> of permissions to each and every class in web application. This
> is probably fine in most cases but leaves no possibility to fine
> tune security within web-application. My particular problem is
> that I'm trying to use JAAS to enable access control with custom
> JAAS policy implementation. CodeSOurce partitioning that Sun
> suggests requires that the code sensitive to user-based
>  operations shoud be put into separate ProtectionDomain for JAAS
> mechanisms to work. The only way to do this with Tomcat is to put
> classes someplace out of webapp directory, so they don't inherit
> any permissions assigned to webapp ProtectionDomain. I think that
> webapp class loader should put classes loaded from class directory
> and every jar file into diffrent protection domains, like class
> loaders that load classes from the system classpath in Java.
> 
> Well, if all that makes any sense to you may be there's something
> I'm missing here?
> Just wanted to get other people's opinions...
> 
> --Vlad.
> 
> ***********************************************************************
> This email and any files transmitted with it are confidential and
> intended solely for the use of the individual or entity to whom they
> are addressed. Any unauthorized review, use, disclosure or distribution
> is prohibited. If you are not the intended recipient, please contact
> the sender by reply e-mail and destroy all copies of the original
> message.
> ***********************************************************************

-- 
----------------------------------------------------------------------
Glenn Nielsen             glenn@more.net | /* Spelin donut madder    |
MOREnet System Programming               |  * if iz ina coment.      |
Missouri Research and Education Network  |  */                       |
----------------------------------------------------------------------

Mime
View raw message