You are viewing a plain text version of this content. The canonical link for it is here.
Posted to users@tomcat.apache.org by Vijayaraghavan Amirisetty <am...@gmail.com> on 2008/10/08 21:32:24 UTC
Exception while running web application with Tomcat security manager enabled
hello, I am trying to run a simple webapp on tomcat 5.0 with the
security manager enabled
i.e with the additional options -Djava.security.manager
-Djava.security.policy=%CATALINA_BASE%\conf\catalina.policy for the tomcat
JVM.
I get the following Stack Trace when I point the browser to my webapp
exception:
javax.servlet.ServletException: Servlet.init() for servlet
struts-controller threw exception
at org.apache.catalina.authenticator.AuthenticatorBase.invoke(AuthenticatorBase.java:540)
at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:118)
at org.apache.coyote.tomcat5.CoyoteAdapter.service(CoyoteAdapter.java:160)
at org.apache.coyote.http11.Http11Processor.process(Http11Processor.java:799)
Root Cause:
java.lang.NullPointerException
at java.security.AccessControlContext.<init>(AccessControlContext.java:68)
at javax.security.auth.Subject$5.run(Subject.java:728)
at java.security.AccessController.doPrivileged(AccessController.java:147)
at javax.security.auth.Subject.createContext(Subject.java:718)
at javax.security.auth.Subject.doAsPrivileged(Subject.java:709)
at org.apache.catalina.security.SecurityUtil.execute(SecurityUtil.java:268)
at org.apache.catalina.security.SecurityUtil.doAsPrivilege(SecurityUtil.java:157)
at org.apache.catalina.security.SecurityUtil.doAsPrivilege(SecurityUtil.java:110)
at org.apache.catalina.authenticator.AuthenticatorBase.invoke(AuthenticatorBase.java:540)
at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:118)
at org.apache.coyote.tomcat5.CoyoteAdapter.service(CoyoteAdapter.java:160)
I tried digging into the code of AccessController [
http://www.docjar.com/html/api/java/security/AccessController.java.html]<http://www.docjar.com/html/api/java/security/AccessController.java.html>
where I gathered that public static native <T> T
doPrivileged(PrivilegedAction<T> action); throws a NullPointerException in
case the action is null
I am not able to understand the reason for the action being null.
Has it something to do with missing native library files?
I have given all permissions to the webapp in catalina.policy. hence I feel
that missing privileges should not be an issue.
grant codeBase "file:${catalina.home}/webapps/adminconsole/-" {
permission java.security.AllPermission;
};
I am trying running tomcat on Lin 64 an the Java version is 1.4.2
Please help
vijay
Re: Exception while running web application with Tomcat security manager enabled
Posted by Vijayaraghavan Amirisetty <am...@gmail.com>.
Adding some more findings.-The
java.security.AccessController.doPrivileged(AccessController.java:147)
is a native method.
-Using java 1.5.0 to start the tomcat with Security Manager enabled works
fine.
Figuring out what has changed in java.security across 1.4.2 and 1.5
On Thu, Oct 9, 2008 at 4:55 AM, Vijayaraghavan Amirisetty <
amirisetty.vijayaraghavan@gmail.com> wrote:
> Hi Charles,
> The additional
>
>
>
> On Thu, Oct 9, 2008 at 1:49 AM, Caldarale, Charles R <
> Chuck.Caldarale@unisys.com> wrote:
>
>> > From: Vijayaraghavan Amirisetty
>> > [mailto:amirisetty.vijayaraghavan@gmail.com]
>> > Subject: Exception while running web application with Tomcat
>> > security manager enabled
>> >
>> > I am trying to run a simple webapp on tomcat 5.0
>>
>> The 5.0 branch is no longer supported; can you try it on 5.5 or 6.0?
>
>
> I tried it on 5.5.23 and it worked fine. But I need to make it work on
> Tomcat 5.0 as it is a production setup and I cannot change the Tomcat
> setup.
>
>
>>
>> > i.e with the additional options -Djava.security.manager
>> > -Djava.security.policy=%CATALINA_BASE%\conf\catalina.policy
>>
>> > I am trying running tomcat on Lin 64 an the Java version is 1.4.2
>>
>> If you're on Linux, why does the path to the policy file have back slashes
>> in it?
>
>
>
> aah .. This was for windows.. For linux I am using
>
> -Djava.security.manager \
> -Djava.security.policy="${CATALINA_BASE}/conf/catalina.policy" \
>
>
> Still trying to figure it out .. Does the Tomcat Security Manager use any
> native libraries for it's operations?
>
>
>> - Chuck
>>
>>
>> THIS COMMUNICATION MAY CONTAIN CONFIDENTIAL AND/OR OTHERWISE PROPRIETARY
>> MATERIAL and is thus for use only by the intended recipient. If you received
>> this in error, please contact the sender and delete the e-mail and its
>> attachments from all computers.
>>
>> ---------------------------------------------------------------------
>> To start a new topic, e-mail: users@tomcat.apache.org
>> To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
>> For additional commands, e-mail: users-help@tomcat.apache.org
>>
>>
>
>
>
>
RE: Exception while running web application with Tomcat security
manager enabled
Posted by "Caldarale, Charles R" <Ch...@unisys.com>.
> From: Vijayaraghavan Amirisetty
> [mailto:amirisetty.vijayaraghavan@gmail.com]
> Subject: Re: Exception while running web application with
> Tomcat security manager enabled
>
> Does the Tomcat Security Manager use any
> native libraries for it's operations?
No.
- Chuck
THIS COMMUNICATION MAY CONTAIN CONFIDENTIAL AND/OR OTHERWISE PROPRIETARY MATERIAL and is thus for use only by the intended recipient. If you received this in error, please contact the sender and delete the e-mail and its attachments from all computers.
---------------------------------------------------------------------
To start a new topic, e-mail: users@tomcat.apache.org
To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
For additional commands, e-mail: users-help@tomcat.apache.org
Re: Exception while running web application with Tomcat security manager enabled
Posted by Vijayaraghavan Amirisetty <am...@gmail.com>.
Hi Charles,
The additional
On Thu, Oct 9, 2008 at 1:49 AM, Caldarale, Charles R <
Chuck.Caldarale@unisys.com> wrote:
> > From: Vijayaraghavan Amirisetty
> > [mailto:amirisetty.vijayaraghavan@gmail.com]
> > Subject: Exception while running web application with Tomcat
> > security manager enabled
> >
> > I am trying to run a simple webapp on tomcat 5.0
>
> The 5.0 branch is no longer supported; can you try it on 5.5 or 6.0?
I tried it on 5.5.23 and it worked fine. But I need to make it work on
Tomcat 5.0 as it is a production setup and I cannot change the Tomcat
setup.
>
> > i.e with the additional options -Djava.security.manager
> > -Djava.security.policy=%CATALINA_BASE%\conf\catalina.policy
>
> > I am trying running tomcat on Lin 64 an the Java version is 1.4.2
>
> If you're on Linux, why does the path to the policy file have back slashes
> in it?
aah .. This was for windows.. For linux I am using
-Djava.security.manager \
-Djava.security.policy="${CATALINA_BASE}/conf/catalina.policy" \
Still trying to figure it out .. Does the Tomcat Security Manager use any
native libraries for it's operations?
> - Chuck
>
>
> THIS COMMUNICATION MAY CONTAIN CONFIDENTIAL AND/OR OTHERWISE PROPRIETARY
> MATERIAL and is thus for use only by the intended recipient. If you received
> this in error, please contact the sender and delete the e-mail and its
> attachments from all computers.
>
> ---------------------------------------------------------------------
> To start a new topic, e-mail: users@tomcat.apache.org
> To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
> For additional commands, e-mail: users-help@tomcat.apache.org
>
>
RE: Exception while running web application with Tomcat security
manager enabled
Posted by "Caldarale, Charles R" <Ch...@unisys.com>.
> From: Vijayaraghavan Amirisetty
> [mailto:amirisetty.vijayaraghavan@gmail.com]
> Subject: Exception while running web application with Tomcat
> security manager enabled
>
> I am trying to run a simple webapp on tomcat 5.0
The 5.0 branch is no longer supported; can you try it on 5.5 or 6.0?
> i.e with the additional options -Djava.security.manager
> -Djava.security.policy=%CATALINA_BASE%\conf\catalina.policy
> I am trying running tomcat on Lin 64 an the Java version is 1.4.2
If you're on Linux, why does the path to the policy file have back slashes in it?
- Chuck
THIS COMMUNICATION MAY CONTAIN CONFIDENTIAL AND/OR OTHERWISE PROPRIETARY MATERIAL and is thus for use only by the intended recipient. If you received this in error, please contact the sender and delete the e-mail and its attachments from all computers.
---------------------------------------------------------------------
To start a new topic, e-mail: users@tomcat.apache.org
To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
For additional commands, e-mail: users-help@tomcat.apache.org