You are viewing a plain text version of this content. The canonical link for it is here.
Posted to server-dev@james.apache.org by "Peter M. Goldstein" <pe...@yahoo.com> on 2002/08/26 04:17:08 UTC
FW: A question about Phoenix security policies...
This is Peter Donald's response to a question I sent to the Avalon
Applications Developer List (thanks Peter). His answer should allow us
to solve those nasty PHOENIX_SECURE problems that plague some of our
users. In accord with his suggestion, I'm going to remove the policy
element from the environment.xml.
--Peter
-----Original Message-----
From: Peter Donald [mailto:peter@apache.org]
Sent: Sunday, August 25, 2002 2:16 PM
To: Avalon Applications Developers List
Subject: Re: A question about Phoenix security policies...
On Mon, 26 Aug 2002 03:27, Peter M. Goldstein wrote:
> <policy>
> <grant code-base="sar:lib${/}*">
> <permission class="java.security.AllPermission" />
> </grant>
> </policy>
>
> If not, what is the correct form? Any help (or pointers to
appropriate
> documentation) would be appreciated. Thanks.
The most open grant is to do something like
<policy>
<grant code-base="sar:SAR-INF/lib/*">
<permission class="java.security.AllPermission" />
</grant>
</policy>
which will grant all permissions to all jars in library. However a
better
position may be to just not define the <policy /> element, ie remove it
from
environment.xml descriptor. That should give all classes loaded from
wherever
AllPermissions
--
Cheers,
Peter Donald
--------------------------------------------
Beer is proof that God loves us and wants
us to be happy. -- Benjamin Franklin
--------------------------------------------
--
To unsubscribe, e-mail:
<ma...@jakarta.apache.org>
For additional commands, e-mail:
<ma...@jakarta.apache.org>
--
To unsubscribe, e-mail: <ma...@jakarta.apache.org>
For additional commands, e-mail: <ma...@jakarta.apache.org>