how to specify Tomcat policy

[Ramkumar Menon <ra...@oracle.com>]

How do I specify that a specific policy file is to be taken into
consideration while running applications(JSPs) on tomcat?

                ramkumar

Re: how to specify Tomcat policy

[Jun Inamori <j-...@osa.att.ne.jp>]

Hello,

> How do I specify that a specific policy file is to be taken into
> consideration while running applications(JSPs) on tomcat?

This kind of question should be posted to users-list, rather than this
list.

During the "PolicyInterceptor.contextInit()", the instances Permission
are retrieved from Policy object by "getPermissions()". And the instance
of CodeSource is specified as the argument for
"Policy.getPermissions()".
For each context, this instance of CodeSource is constructed with the
URL object pointing the docBase directory of that context.
So, to add the instances of Permission to each context, the codeBase for
that Permission must match the docBase for that context.
What does this mean?
To give the permissions for the Java library under some specific
context, we should specify the docBase directory for that context as the
codeBase.
Specifying "WEB-INF" directory as the codeBase will not work.

Only when the "codeBase" in the "tomcat.policy" matches the "docBase" in
the "server.xml", the permissions will be applied to that context.
For example, please append the following entities to your
"tomcat.policy":

grant codeBase "file:/export/home/foo/webapp/bar" {
  permission java.io.FilePermission "/export/home/foo/webapp/-", "read,
write, delete, execute";
};

And "/export/home/foo/webapp/bar" is the "docBase" directory specified
in "server.xml".

-- 

Happy Java programming!

Jun Inamori
OOP-Reserch
E-mail: jun@oop-reserch.com
URL:    http://www.oop-reserch.com/

---------------------------------------------------------------------
To unsubscribe, e-mail: tomcat-dev-unsubscribe@jakarta.apache.org
For additional commands, email: tomcat-dev-help@jakarta.apache.org