tomcat-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Josef Vosyka <pep...@bigfoot.com>
Subject Trouble with SecurityManager with Tomcat 5.5
Date Mon, 18 Apr 2005 20:40:04 GMT
Hi,

I've got 3 exceptions, when I run simple webapp under SecurityManager with standard
policy file and:
-IntelliJ 4.5
-JDK 5.0
-Tomcat 5.5

The exceptions are:

SEVERE: Parse error in default web.xml
java.security.AccessControlException: access denied (java.lang.RuntimePermission
accessClassInPackage.org.apache.catalina.core)

SEVERE: Parse error in application web.xml
java.security.AccessControlException: access denied (java.io.FilePermission
D:\usr\tomcat-5.5\common\lib\servlet-api.jar read)

SEVERE: Parse error in default web.xml
java.security.AccessControlException: access denied (java.lang.RuntimePermission
accessClassInPackage.org.apache.catalina.core)


The standard policy file indeed contains the following:

grant codeBase "file:${catalina.home}/common/-" {
        permission java.security.AllPermission;
};

The accessClassInPackage problem disappears when I add this:

permission java.lang.RuntimePermission "accessClassInPackage.org.apache";
permission java.lang.RuntimePermission "accessClassInPackage.org.apache.*";
permission java.lang.RuntimePermission "accessClassInPackage.org.apache.catalina";
permission java.lang.RuntimePermission "accessClassInPackage.org.apache.catalina.*";
permission java.lang.RuntimePermission "accessClassInPackage.org.apache.catalina.core";
permission java.lang.RuntimePermission "accessClassInPackage.org.apache.catalina.core.*";


But the FilePermission remains even after adding the explicit and redundant:

grant codeBase "file:${catalina.home}/common/lib/-" {
        permission java.security.AllPermission;
};

or even this:

grant codeBase "file:${catalina.home}/common/lib/servlet-api.jar" {
        permission java.security.AllPermission;
};

I'm really hopeless to locate the cause of the problems. Seems like this should work out
of the box.

Any help is appreciated in advance.
Thanks!
--Josef

---------------------------------------------------------------------
To unsubscribe, e-mail: tomcat-user-unsubscribe@jakarta.apache.org
For additional commands, e-mail: tomcat-user-help@jakarta.apache.org


Mime
View raw message