You are viewing a plain text version of this content. The canonical link for it is here.
Posted to users@tomcat.apache.org by Josef Vosyka <pe...@bigfoot.com> on 2005/04/18 22:40:04 UTC
Trouble with SecurityManager with Tomcat 5.5
Hi,
I've got 3 exceptions, when I run simple webapp under SecurityManager with standard
policy file and:
-IntelliJ 4.5
-JDK 5.0
-Tomcat 5.5
The exceptions are:
SEVERE: Parse error in default web.xml
java.security.AccessControlException: access denied (java.lang.RuntimePermission
accessClassInPackage.org.apache.catalina.core)
SEVERE: Parse error in application web.xml
java.security.AccessControlException: access denied (java.io.FilePermission
D:\usr\tomcat-5.5\common\lib\servlet-api.jar read)
SEVERE: Parse error in default web.xml
java.security.AccessControlException: access denied (java.lang.RuntimePermission
accessClassInPackage.org.apache.catalina.core)
The standard policy file indeed contains the following:
grant codeBase "file:${catalina.home}/common/-" {
permission java.security.AllPermission;
};
The accessClassInPackage problem disappears when I add this:
permission java.lang.RuntimePermission "accessClassInPackage.org.apache";
permission java.lang.RuntimePermission "accessClassInPackage.org.apache.*";
permission java.lang.RuntimePermission "accessClassInPackage.org.apache.catalina";
permission java.lang.RuntimePermission "accessClassInPackage.org.apache.catalina.*";
permission java.lang.RuntimePermission "accessClassInPackage.org.apache.catalina.core";
permission java.lang.RuntimePermission "accessClassInPackage.org.apache.catalina.core.*";
But the FilePermission remains even after adding the explicit and redundant:
grant codeBase "file:${catalina.home}/common/lib/-" {
permission java.security.AllPermission;
};
or even this:
grant codeBase "file:${catalina.home}/common/lib/servlet-api.jar" {
permission java.security.AllPermission;
};
I'm really hopeless to locate the cause of the problems. Seems like this should work out
of the box.
Any help is appreciated in advance.
Thanks!
--Josef
---------------------------------------------------------------------
To unsubscribe, e-mail: tomcat-user-unsubscribe@jakarta.apache.org
For additional commands, e-mail: tomcat-user-help@jakarta.apache.org