Return-Path: Delivered-To: apmail-jakarta-tomcat-user-archive@www.apache.org Received: (qmail 38064 invoked from network); 27 Aug 2004 12:15:11 -0000 Received: from hermes.apache.org (HELO mail.apache.org) (209.237.227.199) by minotaur-2.apache.org with SMTP; 27 Aug 2004 12:15:11 -0000 Received: (qmail 17596 invoked by uid 500); 27 Aug 2004 12:14:40 -0000 Delivered-To: apmail-jakarta-tomcat-user-archive@jakarta.apache.org Received: (qmail 17523 invoked by uid 500); 27 Aug 2004 12:14:40 -0000 Mailing-List: contact tomcat-user-help@jakarta.apache.org; run by ezmlm Precedence: bulk List-Unsubscribe: List-Subscribe: List-Help: List-Post: List-Id: "Tomcat Users List" Reply-To: "Tomcat Users List" Delivered-To: mailing list tomcat-user@jakarta.apache.org Received: (qmail 17506 invoked by uid 99); 27 Aug 2004 12:14:39 -0000 X-ASF-Spam-Status: No, hits=0.1 required=10.0 tests=HTML_50_60,HTML_MESSAGE,MIME_HTML_NO_CHARSET X-Spam-Check-By: apache.org Received: from [208.233.209.85] (HELO pti0000mail1.ptilabs.com) (208.233.209.85) by apache.org (qpsmtpd/0.27.1) with SMTP; Fri, 27 Aug 2004 05:14:37 -0700 Received: by pti0000mail1.ptilabs.com with Internet Mail Service (5.5.2657.72) id ; Fri, 27 Aug 2004 08:14:35 -0400 Message-ID: <7D0D98D377BCDD4090F491F054A183AF012E2734@pti0000mail1.ptilabs.com> From: "Seaman, Sloan" To: tomcat-user@jakarta.apache.org Subject: SecurityManager Date: Fri, 27 Aug 2004 08:14:30 -0400 MIME-Version: 1.0 X-Mailer: Internet Mail Service (5.5.2657.72) Content-Type: multipart/alternative; boundary="----_=_NextPart_001_01C48C2F.67B36C60" X-Virus-Checked: Checked X-Spam-Rating: minotaur-2.apache.org 1.6.2 0/1000/N ------_=_NextPart_001_01C48C2F.67B36C60 Content-Type: text/plain > I'm trying to get an application I have to use the SecurityManager object > from Tomcat. > > I've added the -security to my startup so that it is enabled. > > When I do a System.getSecurityManager() it returns a null object. > > If I try and create my own SecurityManager and set it via > System.setSecurityManager, I get: > 004-08-26 14:07:47 StandardContext[/clinicalTrials]Exception starting > filter SessionFilter > java.security.AccessControlException: access denied > (java.lang.RuntimePermission getClassLoader) > at > java.security.AccessControlContext.checkPermission(AccessControlContext.ja > va:269) > at > java.security.AccessController.checkPermission(AccessController.java:401) > at > java.lang.SecurityManager.checkPermission(SecurityManager.java:524) > at java.lang.Thread.getContextClassLoader(Thread.java:1182) > at > org.apache.catalina.core.ApplicationFilterConfig.getFilter(ApplicationFilt > erConfig.java:207) > at > org.apache.catalina.core.ApplicationFilterConfig.setFilterDef(ApplicationF > ilterConfig.java:308) > at > org.apache.catalina.core.ApplicationFilterConfig.(ApplicationFilterC > onfig.java:79) > > The only info I have added to the catalina.policy file is: > grant { > permission javax.security.auth.AuthPermission "createLoginContext"; > permission javax.security.auth.AuthPermission "doAs"; > permission javax.security.auth.AuthPermission "doAsPrivileged"; > permission javax.security.auth.AuthPermission "modifyPrincipals"; > permission javax.security.auth.AuthPermission "getSubject"; > }; > > grant principal com.ptilabs.commons.jaas.authentication.ldap.LDAPPrincipal > "_app_Clinical_Trials" { > permission com.ptilabs.commons.jaas.authorization.URLPermission > "/clinicalTrials/app/*"; > }; > > Can someone tell me what I am doing wrong? > > I have a command line version for testing that works fine. It is when I > try and do things under Tomcat that everything blows up. > > Thanks! > > -- > Sloan ------_=_NextPart_001_01C48C2F.67B36C60--