tomcat-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Jean-Francois Arcand <jfarc...@apache.org>
Subject Re: socket permission catalina.policy question
Date Thu, 17 Oct 2002 19:22:22 GMT
Have you try to directly invoke builder.build outside the 
AccessController? Also, I think you have an extra ! at the end of the 
jdom jar file:

grant codeBase 
"file:${catalina.home}/myApplication/WEB-INF/lib/jdom.jar!/-"
{
 permission java.net.SocketPermission "the.third.machine:8080", "accept,
connect, listen, resolve";
 permission java.security.AllPermission;
};
 

should be

grant codeBase "file:${catalina.home}/myApplication/WEB-INF/lib/jdom.jar"
{
 permission java.net.SocketPermission "the.third.machine:8080", "accept,
connect, listen, resolve";
 permission java.security.AllPermission;
};

--Jeanfrancois

Andrew Cheng wrote:

>>Everything seems fine...What is the exact error? I will try to setup my
>>environment similar to you and see if I can reproduce the problem....The
>>socket exception is from which component exactly?
>>
>>-- Jeanfrancois
>>    
>>
>
>1/3 inside myServlet... see marked line in the middle
>----------------------------------------------------------------------------
>final String fs = s;
>final org.jdom.input.SAXBuilder builder = new
>org.jdom.input.SAXBuilder(true); // true=validate
>org.jdom.Document doc = null;
>try {
>  doc = (org.jdom.Document)AccessController.doPrivileged
>    (new PrivilegedExceptionAction() {
>       public Object run() throws org.jdom.JDOMException {
>/*err->*/return builder.build(new java.io.StringReader(fs)); // SAXBuilder
>in jdom.jar
>       }
>     }
>    );
>} catch (PrivilegedActionException e) {
>  // e.getException() should be an instance of org.jdom.JDOMException,
>  // as only "checked" exceptions will be "wrapped" in a
>  // PrivilegedActionException.
>  throw (org.jdom.JDOMException) e.getException();
>}
>----------------------------------------------------------------------------
>2/3 string fs is the text of an xml file. refers to DTD:
>http://the.third.machine:8080/dtd/my.dtd
>
>----------------------------------------------------------------------------
>3/3 error occurs parsing line 2 of string fs, which contains the reference
>to http://the.third.machine:8080/dtd/my.dtd
>org.jdom.JDOM Exception: error on line 2: access denied
>(java.net.SocketPermission the.third.machine:8080 connect, resolve)
>SAXBuilder: 367
>SAXBuilder: 740
>myClass: 1767 (this is the line marked in the code above, with comments)
>AccessController.doPrivileged (native method)
>----------------------------------------------------------------------------
>
>
>--
>To unsubscribe, e-mail:   <mailto:tomcat-user-unsubscribe@jakarta.apache.org>
>For additional commands, e-mail: <mailto:tomcat-user-help@jakarta.apache.org>
>
>
>  
>

Mime
  • Unnamed multipart/alternative (inline, None, 0 bytes)
View raw message