Return-Path: Delivered-To: apmail-jakarta-tomcat-user-archive@www.apache.org Received: (qmail 93605 invoked from network); 24 Aug 2004 18:35:48 -0000 Received: from hermes.apache.org (HELO mail.apache.org) (209.237.227.199) by minotaur-2.apache.org with SMTP; 24 Aug 2004 18:35:48 -0000 Received: (qmail 5723 invoked by uid 500); 24 Aug 2004 18:35:24 -0000 Delivered-To: apmail-jakarta-tomcat-user-archive@jakarta.apache.org Received: (qmail 5712 invoked by uid 500); 24 Aug 2004 18:35:24 -0000 Mailing-List: contact tomcat-user-help@jakarta.apache.org; run by ezmlm Precedence: bulk List-Unsubscribe: List-Subscribe: List-Help: List-Post: List-Id: "Tomcat Users List" Reply-To: "Tomcat Users List" Delivered-To: mailing list tomcat-user@jakarta.apache.org Received: (qmail 5699 invoked by uid 99); 24 Aug 2004 18:35:24 -0000 X-ASF-Spam-Status: No, hits=0.0 required=10.0 tests= X-Spam-Check-By: apache.org Received: from [209.10.25.250] (HELO mail.mypublisher.com) (209.10.25.250) by apache.org (qpsmtpd/0.27.1) with ESMTP; Tue, 24 Aug 2004 11:35:21 -0700 Received: from snalgonda ([209.73.202.194]) by mail.mypublisher.com with Microsoft SMTPSVC(5.0.2195.5329); Tue, 24 Aug 2004 14:42:13 -0400 From: "Shilpa Nalgonda" To: "Tomcat Users List" Subject: problem with security manager. Date: Tue, 24 Aug 2004 14:31:22 -0400 Message-ID: MIME-Version: 1.0 Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: 7bit X-Priority: 3 (Normal) X-MSMail-Priority: Normal X-Mailer: Microsoft Outlook IMO, Build 9.0.2416 (9.0.2910.0) X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2800.1106 Importance: Normal X-OriginalArrivalTime: 24 Aug 2004 18:42:13.0328 (UTC) FILETIME=[12397D00:01C48A0A] X-Virus-Checked: Checked X-Spam-Rating: minotaur-2.apache.org 1.6.2 0/1000/N I am running Tomcat4.1.30 on windows 2000, with security option turned on. My java application which is using JDK 1.4, connects to the the credit card authorizing company called verisign, and returns the approval authorization code. I have installed the digital certificate on $TOMCAT_HOME\certs directory. There are read permissions on the cert file. But still for some reason the verisign is not able to read the cert file due to the below error. RESULT=-31&RESPMSG=The certificate chain did not validate, no local certificate found, java.security.AccessControlException: access denied (java.io.FilePermissi on C:\Program Files\Apache Group\Tomcat 4.1\certs read) However when i run Tomcat server without security, everything is file. Somehow tomcat is restricting the permission to read the cert file. Verisign uses Jsse.jar to do the security authentication. I have modofied both java.policy and catalina.policy to grant permission on the cert file as below. permission java.io.FilePermission "C:\\Program Files\\Apache Group\\Tomcat 4.1\\certs\\-", "read"; But this does not help, is there anything else i should do to the server.xml file... How does the security manager runs in Tomcat4.1 Please help... --------------------------------------------------------------------- To unsubscribe, e-mail: tomcat-user-unsubscribe@jakarta.apache.org For additional commands, e-mail: tomcat-user-help@jakarta.apache.org