You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@tomee.apache.org by rz...@apache.org on 2022/02/16 10:53:18 UTC
[tomee] branch master updated: TOMEE-3840 - Fix TomEE does not start with security enabled
This is an automated email from the ASF dual-hosted git repository.
rzo1 pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/tomee.git
The following commit(s) were added to refs/heads/master by this push:
new 18f174b TOMEE-3840 - Fix TomEE does not start with security enabled
18f174b is described below
commit 18f174b6acb6873c41f7da73f8a1cd952be95e87
Author: Richard Zowalla <rz...@apache.org>
AuthorDate: Wed Feb 16 11:52:58 2022 +0100
TOMEE-3840 - Fix TomEE does not start with security enabled
---
.../src/main/resources/tomee/conf/catalina.policy | 4 ++++
boms/tomee-plume/src/main/resources/tomee/conf/catalina.policy | 4 ++++
boms/tomee-plus/src/main/resources/tomee/conf/catalina.policy | 4 ++++
.../src/main/resources/tomee/conf/catalina.policy | 4 ++++
tomee/apache-tomee/pom.xml | 3 +++
tomee/apache-tomee/src/main/assembly/tomee-microprofile.xml | 8 ++++++++
tomee/apache-tomee/src/main/assembly/tomee-plume.xml | 8 ++++++++
tomee/apache-tomee/src/main/assembly/tomee-plus.xml | 8 ++++++++
tomee/apache-tomee/src/main/assembly/tomee-webprofile.xml | 8 ++++++++
.../apache-tomee/src/main/resources}/catalina.policy | 4 ++++
10 files changed, 55 insertions(+)
diff --git a/boms/tomee-microprofile/src/main/resources/tomee/conf/catalina.policy b/boms/tomee-microprofile/src/main/resources/tomee/conf/catalina.policy
index 7aab95d..1a081a3 100644
--- a/boms/tomee-microprofile/src/main/resources/tomee/conf/catalina.policy
+++ b/boms/tomee-microprofile/src/main/resources/tomee/conf/catalina.policy
@@ -94,6 +94,10 @@ grant codeBase "file:${catalina.home}/bin/tomcat-juli.jar" {
permission java.util.PropertyPermission "org.apache.juli.ClassLoaderLogManager.debug", "read";
permission java.util.PropertyPermission "catalina.base", "read";
+ // TOMEE-3840
+ permission java.util.PropertyPermission "tomee.skip-tomcat-log", "read";
+ permission java.lang.RuntimePermission "accessDeclaredMembers";
+
// Note: To enable per context logging configuration, permit read access to
// the appropriate file. Be sure that the logging configuration is
// secure before enabling such access.
diff --git a/boms/tomee-plume/src/main/resources/tomee/conf/catalina.policy b/boms/tomee-plume/src/main/resources/tomee/conf/catalina.policy
index 7aab95d..1a081a3 100644
--- a/boms/tomee-plume/src/main/resources/tomee/conf/catalina.policy
+++ b/boms/tomee-plume/src/main/resources/tomee/conf/catalina.policy
@@ -94,6 +94,10 @@ grant codeBase "file:${catalina.home}/bin/tomcat-juli.jar" {
permission java.util.PropertyPermission "org.apache.juli.ClassLoaderLogManager.debug", "read";
permission java.util.PropertyPermission "catalina.base", "read";
+ // TOMEE-3840
+ permission java.util.PropertyPermission "tomee.skip-tomcat-log", "read";
+ permission java.lang.RuntimePermission "accessDeclaredMembers";
+
// Note: To enable per context logging configuration, permit read access to
// the appropriate file. Be sure that the logging configuration is
// secure before enabling such access.
diff --git a/boms/tomee-plus/src/main/resources/tomee/conf/catalina.policy b/boms/tomee-plus/src/main/resources/tomee/conf/catalina.policy
index 7aab95d..1a081a3 100644
--- a/boms/tomee-plus/src/main/resources/tomee/conf/catalina.policy
+++ b/boms/tomee-plus/src/main/resources/tomee/conf/catalina.policy
@@ -94,6 +94,10 @@ grant codeBase "file:${catalina.home}/bin/tomcat-juli.jar" {
permission java.util.PropertyPermission "org.apache.juli.ClassLoaderLogManager.debug", "read";
permission java.util.PropertyPermission "catalina.base", "read";
+ // TOMEE-3840
+ permission java.util.PropertyPermission "tomee.skip-tomcat-log", "read";
+ permission java.lang.RuntimePermission "accessDeclaredMembers";
+
// Note: To enable per context logging configuration, permit read access to
// the appropriate file. Be sure that the logging configuration is
// secure before enabling such access.
diff --git a/boms/tomee-webprofile/src/main/resources/tomee/conf/catalina.policy b/boms/tomee-webprofile/src/main/resources/tomee/conf/catalina.policy
index 7aab95d..1a081a3 100644
--- a/boms/tomee-webprofile/src/main/resources/tomee/conf/catalina.policy
+++ b/boms/tomee-webprofile/src/main/resources/tomee/conf/catalina.policy
@@ -94,6 +94,10 @@ grant codeBase "file:${catalina.home}/bin/tomcat-juli.jar" {
permission java.util.PropertyPermission "org.apache.juli.ClassLoaderLogManager.debug", "read";
permission java.util.PropertyPermission "catalina.base", "read";
+ // TOMEE-3840
+ permission java.util.PropertyPermission "tomee.skip-tomcat-log", "read";
+ permission java.lang.RuntimePermission "accessDeclaredMembers";
+
// Note: To enable per context logging configuration, permit read access to
// the appropriate file. Be sure that the logging configuration is
// secure before enabling such access.
diff --git a/tomee/apache-tomee/pom.xml b/tomee/apache-tomee/pom.xml
index bfcccf4..8340c16 100644
--- a/tomee/apache-tomee/pom.xml
+++ b/tomee/apache-tomee/pom.xml
@@ -159,6 +159,9 @@
<resource>
<directory>src/main/resources</directory>
<filtering>true</filtering>
+ <excludes>
+ <exclude>*.policy</exclude>
+ </excludes>
</resource>
<resource>
<directory>src/main/resources</directory>
diff --git a/tomee/apache-tomee/src/main/assembly/tomee-microprofile.xml b/tomee/apache-tomee/src/main/assembly/tomee-microprofile.xml
index e026258..a7949d5 100644
--- a/tomee/apache-tomee/src/main/assembly/tomee-microprofile.xml
+++ b/tomee/apache-tomee/src/main/assembly/tomee-microprofile.xml
@@ -38,6 +38,7 @@
<exclude>NOTICE</exclude>
<exclude>**/bin/**/*</exclude>
<exclude>**/lib/tomcat-annotations-api*.jar</exclude>
+ <exclude>**/conf/catalina.policy</exclude>
</excludes>
</fileSet>
<fileSet>
@@ -49,6 +50,13 @@
</fileSet>
<fileSet>
<directory>${project.basedir}/target/classes</directory>
+ <outputDirectory>/apache-tomee-microprofile-${project.version}/conf</outputDirectory>
+ <includes>
+ <include>catalina.policy</include>
+ </includes>
+ </fileSet>
+ <fileSet>
+ <directory>${project.basedir}/target/classes</directory>
<outputDirectory>/apache-tomee-microprofile-${project.version}/bin</outputDirectory>
<includes>
<include>service.*</include>
diff --git a/tomee/apache-tomee/src/main/assembly/tomee-plume.xml b/tomee/apache-tomee/src/main/assembly/tomee-plume.xml
index 0ba6892..d8f6763 100644
--- a/tomee/apache-tomee/src/main/assembly/tomee-plume.xml
+++ b/tomee/apache-tomee/src/main/assembly/tomee-plume.xml
@@ -38,6 +38,7 @@
<exclude>NOTICE</exclude>
<exclude>**/bin/**/*</exclude>
<exclude>**/lib/tomcat-annotations-api*.jar</exclude>
+ <exclude>**/conf/catalina.policy</exclude>
</excludes>
</fileSet>
<fileSet>
@@ -49,6 +50,13 @@
</fileSet>
<fileSet>
<directory>${project.basedir}/target/classes</directory>
+ <outputDirectory>/apache-tomee-plume-${project.version}/conf</outputDirectory>
+ <includes>
+ <include>catalina.policy</include>
+ </includes>
+ </fileSet>
+ <fileSet>
+ <directory>${project.basedir}/target/classes</directory>
<outputDirectory>/apache-tomee-plume-${project.version}/bin</outputDirectory>
<includes>
<include>service.*</include>
diff --git a/tomee/apache-tomee/src/main/assembly/tomee-plus.xml b/tomee/apache-tomee/src/main/assembly/tomee-plus.xml
index 5e1ac51..57c63cb 100644
--- a/tomee/apache-tomee/src/main/assembly/tomee-plus.xml
+++ b/tomee/apache-tomee/src/main/assembly/tomee-plus.xml
@@ -38,6 +38,7 @@
<exclude>NOTICE</exclude>
<exclude>**/bin/**/*</exclude>
<exclude>**/lib/tomcat-annotations-api*.jar</exclude>
+ <exclude>**/conf/catalina.policy</exclude>
</excludes>
</fileSet>
<fileSet>
@@ -49,6 +50,13 @@
</fileSet>
<fileSet>
<directory>${project.basedir}/target/classes</directory>
+ <outputDirectory>/apache-tomee-plus-${project.version}/conf</outputDirectory>
+ <includes>
+ <include>catalina.policy</include>
+ </includes>
+ </fileSet>
+ <fileSet>
+ <directory>${project.basedir}/target/classes</directory>
<outputDirectory>/apache-tomee-plus-${project.version}/bin</outputDirectory>
<includes>
<include>service.*</include>
diff --git a/tomee/apache-tomee/src/main/assembly/tomee-webprofile.xml b/tomee/apache-tomee/src/main/assembly/tomee-webprofile.xml
index e84b860..6602155 100644
--- a/tomee/apache-tomee/src/main/assembly/tomee-webprofile.xml
+++ b/tomee/apache-tomee/src/main/assembly/tomee-webprofile.xml
@@ -38,6 +38,7 @@
<exclude>NOTICE</exclude>
<exclude>**/bin/**/*</exclude>
<exclude>**/lib/tomcat-annotations-api*.jar</exclude>
+ <exclude>**/conf/catalina.policy</exclude>
</excludes>
</fileSet>
<fileSet>
@@ -49,6 +50,13 @@
</fileSet>
<fileSet>
<directory>${project.basedir}/target/classes</directory>
+ <outputDirectory>/apache-tomee-webprofile-${project.version}/conf</outputDirectory>
+ <includes>
+ <include>catalina.policy</include>
+ </includes>
+ </fileSet>
+ <fileSet>
+ <directory>${project.basedir}/target/classes</directory>
<outputDirectory>/apache-tomee-webprofile-${project.version}/bin</outputDirectory>
<includes>
<include>service.*</include>
diff --git a/boms/tomee-microprofile/src/main/resources/tomee/conf/catalina.policy b/tomee/apache-tomee/src/main/resources/catalina.policy
similarity index 98%
copy from boms/tomee-microprofile/src/main/resources/tomee/conf/catalina.policy
copy to tomee/apache-tomee/src/main/resources/catalina.policy
index 7aab95d..1a081a3 100644
--- a/boms/tomee-microprofile/src/main/resources/tomee/conf/catalina.policy
+++ b/tomee/apache-tomee/src/main/resources/catalina.policy
@@ -94,6 +94,10 @@ grant codeBase "file:${catalina.home}/bin/tomcat-juli.jar" {
permission java.util.PropertyPermission "org.apache.juli.ClassLoaderLogManager.debug", "read";
permission java.util.PropertyPermission "catalina.base", "read";
+ // TOMEE-3840
+ permission java.util.PropertyPermission "tomee.skip-tomcat-log", "read";
+ permission java.lang.RuntimePermission "accessDeclaredMembers";
+
// Note: To enable per context logging configuration, permit read access to
// the appropriate file. Be sure that the logging configuration is
// secure before enabling such access.