tomcat-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Mouradk <mourad...@gmail.com>
Subject Re: Tomcat Security Limitation
Date Wed, 10 Oct 2012 14:04:56 GMT
Hi Chris,

I am using Tomcat6 on ubuntu 10.10. I suppose when you say CATALINA_OPTS you mean that in
/usr/share/tomcat6/bin/catalina.sh .
I have added this as such:

CATALINA_OPTS="$CATALINA_OPTS $JPDA_OPTS, -Djava.security.debug=all"

I have also set the logging level to FINE in $CATALINA_HOME/conf/logging.properties
org.apache.catalina.core.ContainerBase.[Catalina].[localhost].level = FINE

But not getting debug messages?

Thanks for you help.

Mourad





On 10 Oct 2012, at 14:20, Christopher Schultz <chris@christopherschultz.net> wrote:

> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
> 
> Mouradk,
> 
> On 10/10/12 7:49 AM, Mouradk wrote:
>> I am running a servlet that reads and writes to an remote instance
>> of = Hbase/Hadoop on ec2. When the security manager is off, all is
>> fine. But = when the manager is on, write and read operations
>> fail.
>> 
>> I have the following permissions on my 04webapps.policy file:
> 
> 04webapps.policy isn't a file I recognize as one that Tomcat reads. Is
> this something that your local installation supports in some way?
> 
>> permission java.net.SocketPermission = 
>> "ip-10-234-X-X.eu-west-1.compute.internal:*", "connect,resolve"; 
>> permission java.net.SocketPermission "10.234.X.X:*", = 
>> "connect,resolve"; =20 (10.234.X.X) being the address of the remote
>> instance with Hbase.
>> 
>> I cannot track anything in the logs. No error or exception,the app
>> just = freezes.
> 
> Try adding this to CATALINA_OPTS:
> 
>  -Djava.security.debug=all
> 
> This will give you a whole bunch of information about what the
> SecurityManager is doing, including dumping errors when security
> checks fail.
> 
> If you only want to see failures (which is usually the case), try this:
> 
>  -Djava.security.debug=access:failure
> 
> If you want to know the full range of options in your environment, run:
> 
>  java -Djava.security.debug=help
> 
> Hope that helps,
> - -chris
> -----BEGIN PGP SIGNATURE-----
> Version: GnuPG/MacGPG2 v2.0.17 (Darwin)
> Comment: GPGTools - http://gpgtools.org
> Comment: Using GnuPG with Mozilla - http://www.enigmail.net/
> 
> iEYEARECAAYFAlB1diIACgkQ9CaO5/Lv0PARYACeNGI54lL44lGSbOOArxtZ3sYB
> 0A8An2CM1W90Yh08C0yNMc1n8wmcR/7D
> =O6NC
> -----END PGP SIGNATURE-----
> 
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
> For additional commands, e-mail: users-help@tomcat.apache.org
> 


---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
For additional commands, e-mail: users-help@tomcat.apache.org


Mime
View raw message