You are viewing a plain text version of this content. The canonical link for it is here.
Posted to issues@commons.apache.org by "Stéphane Van Espen (JIRA)" <ji...@apache.org> on 2009/07/01 15:22:47 UTC
[jira] Created: (CONFIGURATION-391) Double file permissions
required in WAS 6.1
Double file permissions required in WAS 6.1
-------------------------------------------
Key: CONFIGURATION-391
URL: https://issues.apache.org/jira/browse/CONFIGURATION-391
Project: Commons Configuration
Issue Type: Bug
Affects Versions: 1.5
Environment: - WebSphere AS 6.1with J2EE securit enabled
- AIX
Reporter: Stéphane Van Espen
We are using Commons Configuration as follows:
{code}
final PropertiesConfiguration config = new PropertiesConfiguration("velocity.properties");
{code}
_Noteworthy points_:
- properties files are embedded in JARs
- Application is deployed in WAS 6.1, where J2EE security is activated (was.policy)
*Problem is the following*:
Two entries are necessary in _was.policy_ in order to make the application work.
Example:
{code}
permission java.io.FilePermission "velocity.properties","read";
permission java.io.FilePermission "/home/wasadmin/velocity.properties","read";
{code}
The first entry is valid.
The second entry (with "/*home*/*wasadmin*/...") is wrong but necesarry in order to make WebSphere happy.
We would like to remove this second entry (useless and less secure) from our was.policy.
What could be the cause of this issue ?
Thank you,
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.
[jira] Commented: (CONFIGURATION-391) Double file permissions
required in WAS 6.1
Posted by "Stéphane Van Espen (JIRA)" <ji...@apache.org>.
[ https://issues.apache.org/jira/browse/CONFIGURATION-391?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=12739437#action_12739437 ]
Stéphane Van Espen commented on CONFIGURATION-391:
--------------------------------------------------
Thank you for your answer.
If PropertiesConfiguration tries several locations (hard disk, jars) it is indeed possible WAS blocks unauthorized locations (the reason why we had to add "irrelevant" permissions in our was.policy).
I will investigate this further.
Thanks again,
> Double file permissions required in WAS 6.1
> -------------------------------------------
>
> Key: CONFIGURATION-391
> URL: https://issues.apache.org/jira/browse/CONFIGURATION-391
> Project: Commons Configuration
> Issue Type: Bug
> Affects Versions: 1.5
> Environment: - WebSphere AS 6.1with J2EE securit enabled
> - AIX
> Reporter: Stéphane Van Espen
>
> We are using Commons Configuration as follows:
> {code}
> final PropertiesConfiguration config = new PropertiesConfiguration("velocity.properties");
> {code}
> _Noteworthy points_:
> - properties files are embedded in JARs
> - Application is deployed in WAS 6.1, where J2EE security is activated (was.policy)
> *Problem is the following*:
> Two entries are necessary in _was.policy_ in order to make the application work.
> Example:
> {code}
> permission java.io.FilePermission "velocity.properties","read";
> permission java.io.FilePermission "/home/wasadmin/velocity.properties","read";
> {code}
> The first entry is valid.
> The second entry (with "/*home*/*wasadmin*/...") is wrong but necesarry in order to make WebSphere happy.
> We would like to remove this second entry (useless and less secure) from our was.policy.
> What could be the cause of this issue ?
> Thank you,
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.
[jira] Commented: (CONFIGURATION-391) Double file permissions
required in WAS 6.1
Posted by "Oliver Heger (JIRA)" <ji...@apache.org>.
[ https://issues.apache.org/jira/browse/CONFIGURATION-391?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=12732131#action_12732131 ]
Oliver Heger commented on CONFIGURATION-391:
--------------------------------------------
Unfortunately I am no expert for WAS, so I don't know whether this server does something special which confuses Commons Configuration.
Just a guess: {{PropertiesConfiguration}} tries several locations where to look for the file to be loaded. Maybe, due to the deployment in WAS, the file can be found on multiple places in the class path, and the algorithm picks the wrong place. Could this be possible?
> Double file permissions required in WAS 6.1
> -------------------------------------------
>
> Key: CONFIGURATION-391
> URL: https://issues.apache.org/jira/browse/CONFIGURATION-391
> Project: Commons Configuration
> Issue Type: Bug
> Affects Versions: 1.5
> Environment: - WebSphere AS 6.1with J2EE securit enabled
> - AIX
> Reporter: Stéphane Van Espen
>
> We are using Commons Configuration as follows:
> {code}
> final PropertiesConfiguration config = new PropertiesConfiguration("velocity.properties");
> {code}
> _Noteworthy points_:
> - properties files are embedded in JARs
> - Application is deployed in WAS 6.1, where J2EE security is activated (was.policy)
> *Problem is the following*:
> Two entries are necessary in _was.policy_ in order to make the application work.
> Example:
> {code}
> permission java.io.FilePermission "velocity.properties","read";
> permission java.io.FilePermission "/home/wasadmin/velocity.properties","read";
> {code}
> The first entry is valid.
> The second entry (with "/*home*/*wasadmin*/...") is wrong but necesarry in order to make WebSphere happy.
> We would like to remove this second entry (useless and less secure) from our was.policy.
> What could be the cause of this issue ?
> Thank you,
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.