You are viewing a plain text version of this content. The canonical link for it is here.
Posted to users@tomcat.apache.org by Juergen Weber <we...@yahoo.com> on 2004/07/11 23:42:52 UTC
Mysql connector and security manager
Hi,
I try to run the mysql connector with Tomcat with
security enabled
(NT4, jakarta-tomcat-5.0.25, j2sdk1.4.2_05,
mysql-connector-java-3.1.2-alpha-bin.jar)
With the rule
grant {
permission java.net.SocketPermission
"localhost:3306", "connect,resolve";
};
it works. But this rule is not specific enough, any
code could connect to the database.
I put the driver jar into ${catalina.home}/common/lib,
so the default rule
in the Tomcat distribution policy file
grant codeBase "file:${catalina.home}/common/-" {
permission java.security.AllPermission;
};
should trigger, but there is the exception given far
below. I wonder if the actual database call is done by
code, that has no rule.
So, has anybody succeded with a specific rule that
allows the driver to connect to the database?
Btw, how do I call catalina.bat to have JPDA and
-security ?
Thanks in advance for your help,
Juergen
** BEGIN NESTED EXCEPTION **
java.security.AccessControlException
MESSAGE: access denied (java.net.SocketPermission
127.0.0.1:3306 connect,resolve
)
STACKTRACE:
java.security.AccessControlException: access denied
(java.net.SocketPermission 1
27.0.0.1:3306 connect,resolve)
at
java.security.AccessControlContext.checkPermission(AccessControlConte
xt.java:269)
at
java.security.AccessController.checkPermission(AccessController.java:
401)
at
java.lang.SecurityManager.checkPermission(SecurityManager.java:524)
at
java.lang.SecurityManager.checkConnect(SecurityManager.java:1026)
at java.net.Socket.connect(Socket.java:446)
at java.net.Socket.connect(Socket.java:402)
at java.net.Socket.<init>(Socket.java:309)
at java.net.Socket.<init>(Socket.java:124)
at
com.mysql.jdbc.StandardSocketFactory.connect(StandardSocketFactory.ja
va:130)
at
com.mysql.jdbc.MysqlIO.<init>(MysqlIO.java:265)
at
com.mysql.jdbc.Connection.createNewIO(Connection.java:1796)
at
com.mysql.jdbc.Connection.<init>(Connection.java:400)
__________________________________
Do you Yahoo!?
Yahoo! Mail - Helps protect you from nasty viruses.
http://promotions.yahoo.com/new_mail
---------------------------------------------------------------------
To unsubscribe, e-mail: tomcat-user-unsubscribe@jakarta.apache.org
For additional commands, e-mail: tomcat-user-help@jakarta.apache.org