You are viewing a plain text version of this content. The canonical link for it is here.
Posted to users@tomcat.apache.org by eric chacon <ch...@hotmail.com> on 2001/04/17 19:58:23 UTC
JNDI / Tomcat Security Policy
Folks,
I am trying to deploy a PoolMan DataSource with JNDI, accessible from
Tomcat.
I'm running Tomcat 3.2.1, Linux, Postgresql 7.0.?, and Apache (using
mod_jk.so).
I seem to be having trouble with my security policies--
Poolman 1.4.1 (the most recent version I could make work--2.0 was a crashing
failure) comes with a DeployDataSource tool that is used to attach a
DataSource to a JNDI server.
It is run with the command line
java -Djava.security.policy=poolman.policy DeployDataSource userdb
This policy is very simple:
grant {
permission java.security.AllPermission;
};
If I understand this correctly, this should give ANY codeBase access to
whatever is run in this process (basically, everything).
However...
When I try to run from my servlet, I get an AccessControl Exception (stack
dump attached to the bottom of this email).
1) Has ANYBODY gotten this working? I can make Poolman work with standard
datasource stuff (the test servlet works fine, reads my database, etc.)
2) Has anyone used JNDI for other things along with PoolMan? Is it standard
practice to deploy resources (such as Data Sources) to JNDI servers from
external (non-Tomcat) applications, and then have them be read by Tomcat (I
would assume this is standard--I would assume this is what JNDI is for...)
3) Am I wrong about my understanding of the way Policies work?
Interesting Note: This may help--after an attempt to run the code that
causes this exception, Tomcat stops working has has to be bounced.
Basically, ANY attempt to play with tomcat (to reload a previously loaded
JSP, for example) results in an access control error...
Interesting... in the ancient curse sense of the word ;)
Thanks,
E.
Failed to get datasource: dataSourceName =
e=java.security.AccessControlExceptio
n: access denied (java.net.SocketPermission 127.0.0.1:1099 connect,resolve)
java.security.AccessControlException: access denied
(java.net.SocketPermission 1
27.0.0.1:1099 connect,resolve)
at
java.security.AccessControlContext.checkPermission(AccessControlConte
xt.java:272)
at
java.security.AccessController.checkPermission(AccessController.java:
399)
at
java.lang.SecurityManager.checkPermission(SecurityManager.java:545)
at java.lang.SecurityManager.checkConnect(SecurityManager.java:1044)
at java.net.Socket.<init>(Socket.java:262)
at java.net.Socket.<init>(Socket.java:100)
at
sun.rmi.transport.proxy.RMIDirectSocketFactory.createSocket(RMIDirect
SocketFactory.java:25)
at
sun.rmi.transport.proxy.RMIMasterSocketFactory.createSocket(RMIMaster
SocketFactory.java:120)
at sun.rmi.transport.tcp.TCPEndpoint.newSocket(TCPEndpoint.java:499)
at
sun.rmi.transport.tcp.TCPChannel.createConnection(TCPChannel.java:190
)
at
sun.rmi.transport.tcp.TCPChannel.newConnection(TCPChannel.java:174)
at sun.rmi.server.UnicastRef.newCall(UnicastRef.java:318)
at sun.rmi.registry.RegistryImpl_Stub.lookup(Unknown Source)
at
com.sun.jndi.rmi.registry.RegistryContext.lookup(RegistryContext.java
:91)
at
com.sun.jndi.rmi.registry.RegistryContext.lookup(RegistryContext.java
:101)
at javax.naming.InitialContext.lookup(InitialContext.java:350)
at org.eric.cserve.db.DSSingleton.initialize(DSSingleton.java:91)
at org.eric.cserve.db.DSSingleton.getDataSource(DSSingleton.java:43)
at org.eric.cserve.db.UserDB.executeSQL(UserDB.java:14)
at
org.eric.mysite.authenticate.Authenticate.isAuthenticated(Authenticat
e.java:17)
at
org.eric.mysite.authenticate.AuthenticateServlet.doService(Authentica
teServlet.java:33)
at
org.eric.mysite.authenticate.AuthenticateServlet.doPost(AuthenticateS
ervlet.java:14)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:760)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:853)
at
org.apache.tomcat.core.ServletWrapper.doService(ServletWrapper.java:4
04)
at org.apache.tomcat.core.Handler.service(Handler.java:286)
at
org.apache.tomcat.core.ServletWrapper.service(ServletWrapper.java:372
)
at
org.apache.tomcat.core.ContextManager.internalService(ContextManager.
java:797)
at
org.apache.tomcat.core.ContextManager.service(ContextManager.java:743
)
at
org.apache.tomcat.service.connector.Ajp12ConnectionHandler.processCon
nection(Ajp12ConnectionHandler.java:166)
at
org.apache.tomcat.service.TcpWorkerThread.runIt(PoolTcpEndpoint.java:
416)
at
org.apache.tomcat.util.ThreadPool$ControlRunnable.run(ThreadPool.java
:498)
at java.lang.Thread.run(Thread.java:484)
Could not find 'poolman.props' -- now attempting to read deprecated file
name 'p
ool.props'... failed.
java.sql.SQLException:
ERROR: Unable to find and read a valid PoolMan properties file. Please
ensure th
at 'poolman.props' is in a directory that is in your CLASSPATH.
at com.codestudio.sql.PoolMan.connect(PoolMan.java:172)
at
com.codestudio.sql.PoolManDataSource.getConnection(PoolManDataSource.
java:48)
at
org.eric.cserve.db.DataSourceAccess.execute(DataSourceAccess.java:26)
at org.eric.cserve.db.UserDB.executeSQL(UserDB.java:14)
at
org.eric.mysite.authenticate.Authenticate.isAuthenticated(Authenticat
e.java:17)
at
org.eric.mysite.authenticate.AuthenticateServlet.doService(Authentica
teServlet.java:33)
at
org.eric.mysite.authenticate.AuthenticateServlet.doPost(AuthenticateS
ervlet.java:14)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:760)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:853)
at
org.apache.tomcat.core.ServletWrapper.doService(ServletWrapper.java:4
04)
at org.apache.tomcat.core.Handler.service(Handler.java:286)
at
org.apache.tomcat.core.ServletWrapper.service(ServletWrapper.java:372
)
at
org.apache.tomcat.core.ContextManager.internalService(ContextManager.
java:797)
at
org.apache.tomcat.core.ContextManager.service(ContextManager.java:743
)
at
org.apache.tomcat.service.connector.Ajp12ConnectionHandler.processCon
nection(Ajp12ConnectionHandler.java:166)
at
org.apache.tomcat.service.TcpWorkerThread.runIt(PoolTcpEndpoint.java:
416)
at
org.apache.tomcat.util.ThreadPool$ControlRunnable.run(ThreadPool.java
:498)
at java.lang.Thread.run(Thread.java:484)
Error -- No Result Set returned
java.lang.NullPointerException
at
org.eric.mysite.authenticate.Authenticate.isAuthenticated(Authenticat
e.java:19)
at
org.eric.mysite.authenticate.AuthenticateServlet.doService(Authentica
teServlet.java:33)
at
org.eric.mysite.authenticate.AuthenticateServlet.doPost(AuthenticateS
ervlet.java:14)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:760)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:853)
at
org.apache.tomcat.core.ServletWrapper.doService(ServletWrapper.java:4
04)
at org.apache.tomcat.core.Handler.service(Handler.java:286)
at
org.apache.tomcat.core.ServletWrapper.service(ServletWrapper.java:372
_________________________________________________________________
Get your FREE download of MSN Explorer at http://explorer.msn.com