tomcat-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Shilpa Nalgonda" <snalgo...@mypublisher.com>
Subject problem with security manager.
Date Tue, 24 Aug 2004 18:31:22 GMT
I am running Tomcat4.1.30 on windows 2000, with security option turned on.
My java application which is using JDK 1.4, connects to the the credit card
authorizing company called verisign, and returns the approval authorization
code.
I have installed the digital certificate  on $TOMCAT_HOME\certs directory.
There are read permissions on the cert file.
But still for some reason the verisign is not able to read the cert file due
to the below error.

RESULT=-31&RESPMSG=The certificate chain did not validate, no local
certificate
found, java.security.AccessControlException: access denied
(java.io.FilePermissi
on C:\Program Files\Apache Group\Tomcat 4.1\certs read)

However when i run Tomcat server without security, everything is file.
Somehow tomcat is restricting the permission to read the cert file.

Verisign uses Jsse.jar to do the security authentication.
I have modofied both java.policy and catalina.policy to grant permission on
the cert file as below.
permission java.io.FilePermission "C:\\Program Files\\Apache Group\\Tomcat
4.1\\certs\\-", "read";

But this does not help, is there anything else i should do to the server.xml
file...

How does the security manager runs in Tomcat4.1
Please help...


---------------------------------------------------------------------
To unsubscribe, e-mail: tomcat-user-unsubscribe@jakarta.apache.org
For additional commands, e-mail: tomcat-user-help@jakarta.apache.org


Mime
View raw message