tomcat-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Alfonso Alba García <aalbagar...@wanadoo.es>
Subject Re: problem with security manager, plesk and mysql (catalina.policy ignored?)
Date Sat, 30 Oct 2004 08:10:19 GMT
I see now where my problem can be. If I extract the war file to
directory ${catalina.home}/psa-webapps/mydomain.com/myapplication/
and insert in the policy file 

grant codeBase
"file:${catalina.home}/psa-webapps/mydomain.com/myapplication/" {
permission java.net.SocketPermission "localhost","resolve";
permission java.net.SocketPermission "localhost:3306","connect,resolve";
};


I can then connect to the database, so I guess my problem is I'm not
using the proper syntax in the policy file for the .war

I will google for a while :-)

Alfonso.

El sáb, 30-10-2004 a las 00:21, Alfonso Alba García escribió:
> Hi everybody,
> 
> I have problems when connecting to mysql. I'm getting the following
> exception when trying to connect to a mysql database:
> 
> (SQLException): java.sql.SQLException: Unable to connect to any hosts
> due to exception: java.security.AccessControlException: access denied
> (java.net.SocketPermission localhost resolve)
> 
> I have read about similar problems in google and tried to modify the
> catalina.policy without success.
> 
> I deploy applications via a Plesk web interface which loads my .war
> file, sets it in /var/tomcat4/psa-wars/mydomain.com/ creates a symlink 
> to the war file in /var/tomcat4/psa-webapps/mydomain.com/ and makes the
> application available via mydomain.com/myapplication.
> 
> It works fine except when an application tries to access a mysql
> database. I´m getting the exception above, even though I tried the
> following lines in catalina.policy without success (found similar
> exeptions to this one in google):
> 
> grant codeBase
> "file:${catalina.home}/psa-webapps/mydomain.com/myapplication/-" {
>       permission java.net.SocketPermission "localhost","resolve";
>       permission java.net.SocketPermission
> "localhost:3306","connect,resolve";
> };
> 
> grant codeBase
> "file:${catalina.home}/psa-webapps/mydomain.com/myapplication/WEB-INF/lib/mysql-connector-java-3.0.9-stable-bin.jar"
{
>       permission java.net.SocketPermission "localhost","resolve";
>       permission java.net.SocketPermission
> "localhost:3306","connect,resolve";
> };
> 
> I tried both of them one at a time and I restarted tomcat after every
> modification made to the catalina.policy
> 
> I´m using tomcat 4.1.24 on a redhat linux Enterprise server, with
> /mysql-connector-java-3.0.9 and jre 1.4.2.
> 
> Tomcat and mysql are in the same server.
> 
> The way I´m trying to access the database in a jsp is 
> conexion =
> DriverManager.getConnection("jdbc:mysql://localhost/DATABASE?user=USER&password=PASSWORD");
> 
> I've checked that the database exists, I can connect to the database
> from a console as user USER with password PASSWORD.
> 
> The application works perfectly well in another server (debian woody
> with tomcat 4.0) where it was not necessary to modify the security
> policy. 
> 
> I talked to a friend of mine who also knows something about tomcat and
> told me that to access a database in the same server where tomcat is, it
> should not be necessary to modify the catalina.policy file.
> 
> I have some experience with tomcat but i run out of ideas and things to
> try. Any help to open my eyes would be appreciated.
> 
> Thanks a lot in advance,
> 
> Alfonso
> 
> 
> 

Mime
View raw message