You are viewing a plain text version of this content. The canonical link for it is here.
Posted to users@tomcat.apache.org by Etienne Deleflie <et...@proxima-tech.com> on 2003/06/25 04:28:29 UTC
tomcat 4.0 and jaas (without JASSRealm)
Hello,
I am getting a security exception when my servlet is loaded:
java.lang.ExceptionInInitializerError: java.lang.SecurityException:
java.lang.ClassNotFoundException: javax.security.auth.SubjectDomainCombiner
at javax.security.auth.Subject.(Subject.java:170)
at bla.bla.blaom.mycompmany.etc. UserManager.java:107)
I assume it is because I need to declare that I can trust jaas.jar. I am
using jdk 1.3.... and tomcat 4.0.1
If I understand correctly, Tomcat makes the JDK's resident policy file
defunct for its webapps, and replaces it with catalina.policy.
so in catalina.policy, I am trying to grant jaas.jar all permissions
(for tests sake) with the following lines:
grant codeBase "file:${catalina.home}/webapps/myApp/lib/-" {
permission java.security.AllPermission;
};
This does not work. I get the same error.
So I have created a jaas.policy file and a jaas.conf and I am referring
them into the JVM by running Tomcat with the following options:
CATALINA_OPTS= -Djava.security.auth.policy==/bla/bla/bin/jaas.policy
-Djava.security.auth.login.config=/bla/bla/config/jaas.conf
Should this do the trick ? or will the Tomcat sandbox environement
ignore this ?
any suggestions ?
any help is appreciated
etienne
---------------------------------------------------------------------
To unsubscribe, e-mail: tomcat-user-unsubscribe@jakarta.apache.org
For additional commands, e-mail: tomcat-user-help@jakarta.apache.org