tomcat-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From bogdan ivascu <ivascu.bogdan...@gmail.com>
Subject Tomcat Security Permission Issue
Date Wed, 08 Aug 2012 22:50:02 GMT
System: ubuntu server 11.10
              tomcat6 ( installed from apt-get not downloaded ).

Starting without -security enabled all works fine. Starting tomcat with
-security enabled gives the following:

SEVERE: Exception starting filter app
org.apache.tapestry5.ioc.internal.OperationException: Error building
service proxy for service 'RegistryStartup' (at
org.apache.tapestry5.ioc.internal.services.RegistryStartup(Logger, List)
(at RegistryStartup.java:36) via
org.apache.tapestry5.ioc.services.TapestryIOCModule.bind(ServiceBinder) (at
TapestryIOCModule.java:49)): Unable to locate class file for
'java.lang.Runnable' in class loader WebappClassLoader
  context:
  delegate: false
  repositories:
    /WEB-INF/classes/
----------> Parent Classloader:
org.apache.catalina.loader.StandardClassLoader@4d911540
.
        at
org.apache.tapestry5.ioc.internal.OperationTrackerImpl.logAndRethrow(OperationTrackerImpl.java:121)
         ...
        at org.apache.catalina.startup.Bootstrap.main(Bootstrap.java:414)
Caused by: java.lang.RuntimeException: Error building service proxy for
service 'RegistryStartup' (at
org.apache.tapestry5.ioc.internal.services.RegistryStartup(Logger, List)
(at RegistryStartup.java:36) via
org.apache.tapestry5.ioc.services.TapestryIOCModule.bind(ServiceBinder) (at
TapestryIOCModule.java:49)): Unable to locate class file for
'java.lang.Runnable' in class loader WebappClassLoader
  context:
  delegate: false
  repositories:
    /WEB-INF/classes/
----------> Parent Classloader:
org.apache.catalina.loader.StandardClassLoader@4d911540
.
        at
org.apache.tapestry5.ioc.internal.ModuleImpl$4.invoke(ModuleImpl.java:327)
        at
org.apache.tapestry5.ioc.internal.OperationTrackerImpl.invoke(OperationTrackerImpl.java:74)
        ... 44 more
Caused by: java.lang.RuntimeException: Unable to locate class file for
'java.lang.Runnable' in class loader WebappClassLoader
  context:
  delegate: false
  repositories:
    /WEB-INF/classes/
----------> Parent Classloader:
org.apache.catalina.loader.StandardClassLoader@4d911540
.
...
        at
org.apache.tapestry5.ioc.internal.ModuleImpl$4.invoke(ModuleImpl.java:311)
        ... 45 more

Below my webapp.policy file:

grant {
    // Required for JNDI lookup of named JDBC DataSource's and
    // javamail named MimePart DataSource used to send mail
    permission java.util.PropertyPermission "java.home", "read";
    permission java.util.PropertyPermission "java.naming.*", "read";
    permission java.util.PropertyPermission "javax.sql.*", "read";

    // OS Specific properties to allow read access
    permission java.util.PropertyPermission "os.name", "read";
    permission java.util.PropertyPermission "os.version", "read";
    permission java.util.PropertyPermission "os.arch", "read";
    permission java.util.PropertyPermission "file.separator", "read";
    permission java.util.PropertyPermission "path.separator", "read";
    permission java.util.PropertyPermission "line.separator", "read";

    // JVM properties to allow read access
    permission java.util.PropertyPermission "java.version", "read";
    permission java.util.PropertyPermission "java.vendor", "read";
    permission java.util.PropertyPermission "java.vendor.url", "read";
    permission java.util.PropertyPermission "java.class.version", "read";
    permission java.util.PropertyPermission "java.specification.version",
"read";
    permission java.util.PropertyPermission "java.specification.vendor",
"read";
    permission java.util.PropertyPermission "java.specification.name",
"read";

    permission java.util.PropertyPermission
"java.vm.specification.version", "read";
    permission java.util.PropertyPermission "java.vm.specification.vendor",
"read";
    permission java.util.PropertyPermission "java.vm.specification.name",
"read";
    permission java.util.PropertyPermission "java.vm.version", "read";
    permission java.util.PropertyPermission "java.vm.vendor", "read";
    permission java.util.PropertyPermission "java.vm.name", "read";

    // Required for OpenJMX
    permission java.lang.RuntimePermission "getAttribute";

    // Allow read of JAXP compliant XML parser debug
    permission java.util.PropertyPermission "jaxp.debug", "read";

    // Precompiled JSPs need access to this package.
    permission java.lang.RuntimePermission
"accessClassInPackage.org.apache.jasper.runtime";
    permission java.lang.RuntimePermission
"accessClassInPackage.org.apache.jasper.runtime.*";

    // Example JSPs need those to work properly
    permission java.lang.RuntimePermission
"accessClassInPackage.org.apache.jasper.el";
    permission java.lang.RuntimePermission "accessDeclaredMembers";

    // Precompiled JSPs need access to this system property.
    permission java.util.PropertyPermission
"org.apache.jasper.runtime.BodyContentImpl.LIMIT_BUFFER", "read";

    // java.io.tmpdir should be usable as a temporary file directory
    permission java.util.PropertyPermission "java.io.tmpdir", "read";
    permission java.io.FilePermission "${java.io.tmpdir}/-",
"read,write,delete";

   //TAPESTRY SPECIFIC PERMISSIONS
   permission java.util.PropertyPermission "tapestry.*","read";
  // permission java.io.FilePermission
"/var/lib/tomcat6/webapps/ROOT/WEB-INF/lib/*", "read";
   permission java.io.FilePermission
"/var/lib/tomcat6/webapps/ROOT/WEB-INF/-", "read";
   permission java.lang.RuntimePermission "getenv.*";
   permission java.lang.reflect.ReflectPermission "suppressAccessChecks";
   permission java.lang.RuntimePermission  "getClassLoader";
   permission java.util.PropertyPermission "javassist-write-dir", "read";
   permission java.lang.RuntimePermission "getProtectionDomain";
   permission java.lang.RuntimePermission "createClassLoader";



I cannot figure out what permission the system is missing.

Thank you,

Mime
  • Unnamed multipart/alternative (inline, None, 0 bytes)
View raw message