You are viewing a plain text version of this content. The canonical link for it is here.
Posted to users@tomcat.apache.org by Conway Liu <cl...@xtra.co.nz> on 2011/05/12 01:37:17 UTC
Enable Security Manager in Tomcat 5
Good day!
For testing purposes I have setup a website to run in Tomcat 5, Tomcat 6, and
Tomcat 7.
The site runs on Windows Server 2008 R2, and I used the service.bat to install
the windows service so that I can start and stop the site.
When it came to enable the security manager, I read from the web somewhere that
suggested to add the following code into service.bat:
"%EXECUTABLE%" //US//%SERVICE_NAME% ++JvmOptions "-Djava.security.manager"
"%EXECUTABLE%" //US//%SERVICE_NAME% ++JvmOptions
"-Djava.security.policy==c:\mywebapp\conf\catalina.policy"
I did accordingly for all three versions of Tomcat. This worked for my website
in Tomcat 6 and 7. However, when starting the Tomcat 5 service, the service
could not start.
Reviewing the stderr log file I see this information:
java.security.AccessControlException: access denied
(java.util..PropertyPermission catalina.home read)
at
java.security.AccessControlContext.checkPermission(AccessControlContext.java:323)
at java.security.AccessController.checkPermission(AccessController.java:546)
at java.lang.SecurityManager.checkPermission(SecurityManager.java:532)
at java.lang.SecurityManager.checkPropertyAccess(SecurityManager.java:1285)
at java.lang.System.getProperty(System.java:650)
at org.apache.catalina.startup.Bootstrap.setCatalinaHome(Bootstrap.java:478)
at org.apache.catalina.startup.Bootstrap.init(Bootstrap.java:210)
at org.apache.catalina.startup.Bootstrap.main(Bootstrap.java:410)
I then tried to put the following into catalina.policy but it didn't help.
grant {
permission java.util.PropertyPermission "catalina.home", "read";
};
I have tried to google further, but so far haven't found the solution.
If anyone knows what I should do, it will be very much appreciated for pointing
me to the right direction.
Thanks in advance
Conway
Re: Enable Security Manager in Tomcat 5
Posted by Conway Liu <cl...@xtra.co.nz>.
After a days google, trial and error, I finally realised that the person who
migrated the website from linux to Windows did not change the paths in
catalina.policy.
I got a fresh copy of catalina.policy from Tomcat 5 installation and re-add my
bits of security settings and it is working now.
Conway
________________________________
From: Conway Liu <cl...@xtra.co.nz>
To: users@tomcat.apache.org
Sent: Thu, 12 May, 2011 11:37:17 AM
Subject: Enable Security Manager in Tomcat 5
Good day!
For testing purposes I have setup a website to run in Tomcat 5, Tomcat 6, and
Tomcat 7.
The site runs on Windows Server 2008 R2, and I used the service.bat to install
the windows service so that I can start and stop the site.
When it came to enable the security manager, I read from the web somewhere that
suggested to add the following code into service.bat:
"%EXECUTABLE%" //US//%SERVICE_NAME% ++JvmOptions "-Djava..security.manager"
"%EXECUTABLE%" //US//%SERVICE_NAME% ++JvmOptions
"-Djava.security.policy==c:\mywebapp\conf\catalina.policy"
I did accordingly for all three versions of Tomcat. This worked for my website
in Tomcat 6 and 7. However, when starting the Tomcat 5 service, the service
could not start.
Reviewing the stderr log file I see this information:
java.security.AccessControlException: access denied
(java.util...PropertyPermission catalina.home read)
at
java.security.AccessControlContext.checkPermission(AccessControlContext.java:323)
at java.security.AccessController.checkPermission(AccessController.java:546)
at java.lang.SecurityManager.checkPermission(SecurityManager.java:532)
at java.lang.SecurityManager.checkPropertyAccess(SecurityManager.java:1285)
at java.lang.System.getProperty(System.java:650)
at org.apache.catalina.startup.Bootstrap.setCatalinaHome(Bootstrap.java:478)
at org.apache.catalina.startup.Bootstrap.init(Bootstrap.java:210)
at org.apache.catalina.startup.Bootstrap.main(Bootstrap.java:410)
I then tried to put the following into catalina.policy but it didn't help.
grant {
permission java.util.PropertyPermission "catalina.home", "read";
};
I have tried to google further, but so far haven't found the solution.
If anyone knows what I should do, it will be very much appreciated for pointing
me to the right direction.
Thanks in advance
Conway