You are viewing a plain text version of this content. The canonical link for it is here.

Posted to users@tomcat.apache.org by Raigo <Ra...@netscape.net> on 2001/08/29 11:04:42 UTC

Tomcat security

Hi

I am using JSP, Tomcat 3.2.3 on JDK 1.3 (what comes with JBuilder4 Foundation). 
>From time to time I have seen several exception messages in Tomcat window with content "Action forbidden by JVM" several "IOExceptions" and "net" Exceptions etc. 

On normal case these don't appear. 

In Tomcat documentation topic "Using the Java SecurityManager with Tomcat" I read that
java.util.PropertyPermission, java.lang.RuntimePermission, java.io.FilePermission, java.net.SocketPermission, java.net.NetPermission, java.lang.reflect.ReflectPermission, java.security.SecurityPermission, java.security.AllPermission  should be used to define security permissions.

What exactly should there be done to secure Tomcat and server? Where to find examples and info on the topic?

Thanks,
Raigo


__________________________________________________________________
Your favorite stores, helpful shopping tools and great gift ideas. Experience the convenience of buying online with Shop@Netscape! http://shopnow.netscape.com/

Get your own FREE, personal Netscape Mail account today at http://webmail.netscape.com/