Return-Path: Delivered-To: apmail-jakarta-tomcat-dev-archive@jakarta.apache.org Received: (qmail 92293 invoked by uid 500); 9 Jul 2001 15:27:26 -0000 Mailing-List: contact tomcat-dev-help@jakarta.apache.org; run by ezmlm Precedence: bulk list-help: list-unsubscribe: list-post: Reply-To: tomcat-dev@jakarta.apache.org Delivered-To: mailing list tomcat-dev@jakarta.apache.org Received: (qmail 92183 invoked from network); 9 Jul 2001 15:27:23 -0000 Message-ID: <2F4FF3A58E8BD211A28C0000836A21890782AD0C@hqexch.serena.com> From: Vladimir Grishchenko To: "'tomcat-dev@jakarta.apache.org'" Subject: webapp classloader ProtectionDomain (running secured tomcat) Date: Mon, 9 Jul 2001 08:26:34 -0700 MIME-Version: 1.0 X-Mailer: Internet Mail Service (5.5.2653.19) Content-Type: text/plain; charset="iso-8859-1" X-Spam-Rating: h31.sny.collab.net 1.6.2 0/1000/N Hi there, I've posted the message below to tomcat-user but it didn't get much attention. Is any work being done to address this? Thanks, --V. ------------------------------------------------ Hi all, It seems that webapp classloader puts all classes loaded from a webapp directory into the same ProtectionDomain regardless of the location where the class was loaded from (like classes dir or a jar file). It means that any security grant entry granting permssions to a webapp codesource effectively grants the same set of permissions to each and every class in web application. This is probably fine in most cases but leaves no possibility to fine tune security within web-application. My particular problem is that I'm trying to use JAAS to enable access control with custom JAAS policy implementation. CodeSOurce partitioning that Sun suggests requires that the code sensitive to user-based operations shoud be put into separate ProtectionDomain for JAAS mechanisms to work. The only way to do this with Tomcat is to put classes someplace out of webapp directory, so they don't inherit any permissions assigned to webapp ProtectionDomain. I think that webapp class loader should put classes loaded from class directory and every jar file into diffrent protection domains, like class loaders that load classes from the system classpath in Java. Well, if all that makes any sense to you may be there's something I'm missing here? Just wanted to get other people's opinions... --Vlad. *********************************************************************** This email and any files transmitted with it are confidential and intended solely for the use of the individual or entity to whom they are addressed. Any unauthorized review, use, disclosure or distribution is prohibited. If you are not the intended recipient, please contact the sender by reply e-mail and destroy all copies of the original message. ***********************************************************************