tomcat-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From André Warnier ...@ice-sa.com>
Subject Re: Tomcat Security Limitation
Date Wed, 10 Oct 2012 14:05:13 GMT
Christopher Schultz wrote:
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
> 
> Mouradk,
> 
> On 10/10/12 7:49 AM, Mouradk wrote:
>> I am running a servlet that reads and writes to an remote instance
>> of = Hbase/Hadoop on ec2. When the security manager is off, all is
>> fine. But = when the manager is on, write and read operations
>> fail.
>>
>> I have the following permissions on my 04webapps.policy file:
> 
> 04webapps.policy isn't a file I recognize as one that Tomcat reads. Is
> this something that your local installation supports in some way?

Info: this looks very much like what the Linux Debian Tomcat package is doing : splitting

up "catalina.policy" into chunks stored in /etc/tomcat/policy.d/*, which are then 
re-combined into "catalina.policy" by the package's Tomcat startup script just before 
launching the JVM.

Practically speaking, it is not a bad idea. catalina.policy as one big chunk is not very 
easy to read or edit.

---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
For additional commands, e-mail: users-help@tomcat.apache.org


Mime
View raw message