You are viewing a plain text version of this content. The canonical link for it is here.
Posted to users@tomcat.apache.org by Juergen Weber <we...@yahoo.com> on 2004/07/11 23:42:52 UTC

Mysql connector and security manager

Hi,

I try to run the mysql connector with Tomcat with
security enabled
(NT4, jakarta-tomcat-5.0.25, j2sdk1.4.2_05,
mysql-connector-java-3.1.2-alpha-bin.jar)

With the rule

grant {
  permission java.net.SocketPermission
"localhost:3306", "connect,resolve";
};

it works. But this rule is not specific enough, any
code could connect to the database.

I put the driver jar into ${catalina.home}/common/lib,
so the default rule  
in the Tomcat distribution policy file

grant codeBase "file:${catalina.home}/common/-" {
        permission java.security.AllPermission;
};

should trigger, but there is the exception given far
below. I wonder if the actual database call is done by
code, that has no rule.

So, has anybody succeded with a specific rule that
allows the driver to connect to the database?

Btw, how do I call catalina.bat to have JPDA and
-security ?

Thanks in advance for your help,
Juergen





** BEGIN NESTED EXCEPTION **

java.security.AccessControlException
MESSAGE: access denied (java.net.SocketPermission
127.0.0.1:3306 connect,resolve
)

STACKTRACE:

java.security.AccessControlException: access denied
(java.net.SocketPermission 1
27.0.0.1:3306 connect,resolve)
        at
java.security.AccessControlContext.checkPermission(AccessControlConte
xt.java:269)
        at
java.security.AccessController.checkPermission(AccessController.java:
401)
        at
java.lang.SecurityManager.checkPermission(SecurityManager.java:524)
        at
java.lang.SecurityManager.checkConnect(SecurityManager.java:1026)
        at java.net.Socket.connect(Socket.java:446)
        at java.net.Socket.connect(Socket.java:402)
        at java.net.Socket.<init>(Socket.java:309)
        at java.net.Socket.<init>(Socket.java:124)
        at
com.mysql.jdbc.StandardSocketFactory.connect(StandardSocketFactory.ja
va:130)
        at
com.mysql.jdbc.MysqlIO.<init>(MysqlIO.java:265)
        at
com.mysql.jdbc.Connection.createNewIO(Connection.java:1796)
        at
com.mysql.jdbc.Connection.<init>(Connection.java:400)







		
__________________________________
Do you Yahoo!?
Yahoo! Mail - Helps protect you from nasty viruses.
http://promotions.yahoo.com/new_mail

---------------------------------------------------------------------
To unsubscribe, e-mail: tomcat-user-unsubscribe@jakarta.apache.org
For additional commands, e-mail: tomcat-user-help@jakarta.apache.org