You are viewing a plain text version of this content. The canonical link for it is here.

Posted to users@tomcat.apache.org by "Shiau, Eric" <es...@lehman.com> on 2007/03/22 17:07:35 UTC

Invoker - Security

Tomcat version 6.0.10.  When I enabled servlet invoker by uncommented
following lines, got following errors.  How can I get around the
problem?  I know invoker is evil, but very convenient at development
stage.  I tried to do some research my own, but after I sent e-mail
'users-index.1_100@tomcat.apache.org' to get first 100 subjects from
thread, it returned nothing.

SEVERE: Error deploying web application directory docs
java.lang.SecurityException: Servlet of class
org.apache.catalina.servlets.InvokerServlet is privileged and cannot be
loaded by this web application

=======
   <servlet>
        <servlet-name>invoker</servlet-name>
        <servlet-class>
          org.apache.catalina.servlets.InvokerServlet
        </servlet-class>
        <init-param>
            <param-name>debug</param-name>
            <param-value>0</param-value>
        </init-param>
        <load-on-startup>2</load-on-startup>
    </servlet>
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

This message is intended only for the personal and confidential use of the designated recipient(s) named above.  If you are not the intended recipient of this message you are hereby notified that any review, dissemination, distribution or copying of this message is strictly prohibited.  This communication is for information purposes only and should not be regarded as an offer to sell or as a solicitation of an offer to buy any financial product, an official confirmation of any transaction, or as an official statement of Lehman Brothers.  Email transmission cannot be guaranteed to be secure or error-free.  Therefore, we do not represent that this information is complete or accurate and it should not be relied upon as such.  All information is subject to change without notice.

--------
IRS Circular 230 Disclosure:
Please be advised that any discussion of U.S. tax matters contained within this communication (including any attachments) is not intended or written to be used and cannot be used for the purpose of (i) avoiding U.S. tax related penalties or (ii) promoting, marketing or recommending to another party any transaction or matter addressed herein.



---------------------------------------------------------------------
To start a new topic, e-mail: users@tomcat.apache.org
To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
For additional commands, e-mail: users-help@tomcat.apache.org

RE: Invoker - Security

Posted by "Raghupathy, Gurumoorthy" <Gu...@nielsen.com>.

I think that privileged="true" in your context file ..... 

<Context privileged="true" otherparametersgohere /> should fix it ...

Regards
Guru
 

-----Original Message-----
From: Shiau, Eric [mailto:eshiau@lehman.com] 
Sent: 22 March 2007 16:08
To: Tomcat Users List
Subject: Invoker - Security


Tomcat version 6.0.10.  When I enabled servlet invoker by uncommented
following lines, got following errors.  How can I get around the
problem?  I know invoker is evil, but very convenient at development
stage.  I tried to do some research my own, but after I sent e-mail
'users-index.1_100@tomcat.apache.org' to get first 100 subjects from
thread, it returned nothing.

SEVERE: Error deploying web application directory docs
java.lang.SecurityException: Servlet of class
org.apache.catalina.servlets.InvokerServlet is privileged and cannot be
loaded by this web application

=======
   <servlet>
        <servlet-name>invoker</servlet-name>
        <servlet-class>
          org.apache.catalina.servlets.InvokerServlet
        </servlet-class>
        <init-param>
            <param-name>debug</param-name>
            <param-value>0</param-value>
        </init-param>
        <load-on-startup>2</load-on-startup>
    </servlet>
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
- - - - - - - -

This message is intended only for the personal and confidential use of
the designated recipient(s) named above.  If you are not the intended
recipient of this message you are hereby notified that any review,
dissemination, distribution or copying of this message is strictly
prohibited.  This communication is for information purposes only and
should not be regarded as an offer to sell or as a solicitation of an
offer to buy any financial product, an official confirmation of any
transaction, or as an official statement of Lehman Brothers.  Email
transmission cannot be guaranteed to be secure or error-free.
Therefore, we do not represent that this information is complete or
accurate and it should not be relied upon as such.  All information is
subject to change without notice.

--------
IRS Circular 230 Disclosure:
Please be advised that any discussion of U.S. tax matters contained
within this communication (including any attachments) is not intended or
written to be used and cannot be used for the purpose of (i) avoiding
U.S. tax related penalties or (ii) promoting, marketing or recommending
to another party any transaction or matter addressed herein.



---------------------------------------------------------------------
To start a new topic, e-mail: users@tomcat.apache.org
To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
For additional commands, e-mail: users-help@tomcat.apache.org


---------------------------------------------------------------------
To start a new topic, e-mail: users@tomcat.apache.org
To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
For additional commands, e-mail: users-help@tomcat.apache.org