tomcat-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Pid <...@pidster.com>
Subject Re: AccessControlException when starting embedded Tomcat from Java Webstart
Date Mon, 26 Mar 2012 10:03:02 GMT
On 26/03/2012 10:32, Witoslaw Koczewski wrote:
> Hello,
> 
> for our Kunagi Java web application we have a signed kunagi.jar file which contains our
classes together with classes from embedded Tomcat 6. This runs perfectly when calling java
-jar kunagi.jar.
> 
> But when starting it with Java WebStart, I get an exception while embedded Tomcat is
starting:
> 
> java.security.AccessControlException: access denied (java.lang.RuntimePermission accessClassInPackage.org.apache.catalina.deploy)
> at java.security.AccessControlContext.checkPermission(AccessControlContext.java:393)
> at java.security.AccessController.checkPermission(AccessController.java:553)
> at java.lang.SecurityManager.checkPermission(SecurityManager.java:549)
> at java.lang.SecurityManager.checkPackageAccess(SecurityManager.java:1529)
> at sun.misc.Launcher$AppClassLoader.loadClass(Launcher.java:291)
> at java.lang.ClassLoader.loadClass(ClassLoader.java:266)
> at net.sourceforge.jnlp.runtime.JNLPClassLoader.loadClass(JNLPClassLoader.java:1018)
> at java.lang.Class.getDeclaredMethods0(Native Method)
> at java.lang.Class.privateGetDeclaredMethods(Class.java:2444)
> at java.lang.Class.getMethod0(Class.java:2687)
> at java.lang.Class.getMethod(Class.java:1620)
> at org.apache.catalina.startup.SetPublicIdRule.begin(WebRuleSet.java:639)
> at org.apache.tomcat.util.digester.Digester.startElement(Digester.java:1276)
> ... 33 more
> 
> Of course kunagi.jar is signed, otherwise it wouldn't even start. It seams Java WebStart
enables Java Security globally, which somehow embedded Tomcat "inherits" and fails to initialize.
> 
> Is there a way to disable security checks for Tomcat inside of Java WebStart? Or how
can I configure embedded Tomcat to permit access to org.apache.catalina...?

There's a file called catalina.policy in tomcat/conf, which has some
rules in it.  You'll need compare those rules to the ones implemented in
the client's policy file to work out what you need to add.


> I have already posted this problem on StackOverflow, where someone said, this could be
a Tomcat bug: stackoverflow.com/questions...

Really.  URL please?


p

> Best regards,
> Witek 
> 
> ---
> http://koczewski.de
> 
> 
> 
> 
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
> For additional commands, e-mail: users-help@tomcat.apache.org


-- 

[key:62590808]


Mime
View raw message