You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@stanbol.apache.org by Som Satpathy <so...@gmail.com> on 2013/03/30 22:58:27 UTC
Possible security policy issue with Stanbol's jersey server
Hi All,
I have exposed a a new Stanbol engine that needs to write to some temporary
files when run through the launcher. But I have been consistently getting
"java.security.AccessControlException: access denied
(java.io.FilePermission ** write)" exceptions. Does Stanbol server support
writing to temporary files? It seems like a security policy issue with
Stanbol's jersey server to me.
I would appreciate if any one can provide some pointers to help me get
through with this problem.
Thanks,
Som
Re: Possible security policy issue with Stanbol's jersey server
Posted by Som Satpathy <so...@gmail.com>.
Thanks Reto, some refactoring with the privileged code sections I had
written earlier helped me fix the problem.
Som
On Sat, Mar 30, 2013 at 11:58 PM, Reto Bachmann-Gmür <re...@apache.org>wrote:
> Hi Som
>
> Temporary files are subject to the same security restrictions as any
> file. By the current default the anonymous user has no right to write
> to any file.
>
> If you code needs to write to a file independently on the permission
> of the user it should do so in a privileged code section, see:
> https://stanbol.apache.org/development/security.html on how to do
> this.
>
> Cheers,
> Reto
>
> On Sat, Mar 30, 2013 at 10:58 PM, Som Satpathy <so...@gmail.com>
> wrote:
> > Hi All,
> >
> > I have exposed a a new Stanbol engine that needs to write to some
> temporary
> > files when run through the launcher. But I have been consistently getting
> > "java.security.AccessControlException: access denied
> > (java.io.FilePermission ** write)" exceptions. Does Stanbol server
> support
> > writing to temporary files? It seems like a security policy issue with
> > Stanbol's jersey server to me.
> >
> > I would appreciate if any one can provide some pointers to help me get
> > through with this problem.
> >
> > Thanks,
> > Som
>
Re: Possible security policy issue with Stanbol's jersey server
Posted by Reto Bachmann-Gmür <re...@apache.org>.
Hi Som
Temporary files are subject to the same security restrictions as any
file. By the current default the anonymous user has no right to write
to any file.
If you code needs to write to a file independently on the permission
of the user it should do so in a privileged code section, see:
https://stanbol.apache.org/development/security.html on how to do
this.
Cheers,
Reto
On Sat, Mar 30, 2013 at 10:58 PM, Som Satpathy <so...@gmail.com> wrote:
> Hi All,
>
> I have exposed a a new Stanbol engine that needs to write to some temporary
> files when run through the launcher. But I have been consistently getting
> "java.security.AccessControlException: access denied
> (java.io.FilePermission ** write)" exceptions. Does Stanbol server support
> writing to temporary files? It seems like a security policy issue with
> Stanbol's jersey server to me.
>
> I would appreciate if any one can provide some pointers to help me get
> through with this problem.
>
> Thanks,
> Som