tomcat-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Shapira, Yoav" <Yoav.Shap...@mpi.com>
Subject RE: Custom Policy file
Date Thu, 03 Apr 2003 15:08:19 GMT

Howdy,

>I want to use JAAS for authorization in a web-application that runs
under
>Tomcat4.1.
>I don't want to put my policy file neither in java_home/jre/security
>neither
>in user.home directories (because I think it's not correct). 

Unfortunately, I'm hearing other people with the same (valid) complaints
as you.

>to create my own implementation of java.security.Policy, that parses my

True.  As the JavaDoc for java.security.Policy suggests, it was always
intended for people to write custom Policy implementations for these
needs.

>But java.security.Policy is core class and it is loaded by Primordial
Class
>Loader. 

True.

>And if I replace default Policy by own implementation than all web
>applications will get my implementation of Policy when they invoke
>Policy.getPolicy().
>Am I right?

You're right.

>How can I populate my policy permissions in web environment?

Stick the policy file in $JAVA_HOME/jre/security is the easiest option.

One alternative is to find a container, if there is any, that supports
per-webapp policy files.  I'm not personally aware of any such
container.

Another alternative is as you say, to write your own policy
implementation, run just your webapp on the server that uses this
implementation, and stick your implementation high up in the classloader
hierarchy.

Yoav Shapira
Millennium ChemInformatics



This e-mail, including any attachments, is a confidential business communication, and may
contain information that is confidential, proprietary and/or privileged.  This e-mail is intended
only for the individual(s) to whom it is addressed, and may not be saved, copied, printed,
disclosed or used by anyone else.  If you are not the(an) intended recipient, please immediately
delete this e-mail from your computer system and notify the sender.  Thank you.


---------------------------------------------------------------------
To unsubscribe, e-mail: tomcat-user-unsubscribe@jakarta.apache.org
For additional commands, e-mail: tomcat-user-help@jakarta.apache.org


Mime
View raw message