You are viewing a plain text version of this content. The canonical link for it is here.
Posted to users@tomcat.apache.org by Stephen Pegg <st...@gmail.com> on 2007/08/07 11:46:22 UTC
tomcat5.5 and mysql5 permission problem on Ubuntu 7.04 (Fiesty)
I am having a very bad time trying to get a webapp to connect to a MySQL
database. I am using tomcat 5.5 and mysql 5 on a Ubuntu Server 7.04 (Fiesty
Fawn)
As far as i am aware i have set everything up okay and the webapp does
actually try and connect to the database.
However, it doesn't! See tracestack below.
org.apache.jasper.JasperException: Unable to get connection,
DataSource invalid: "org.apache.commons.dbcp.SQLNestedException:
Cannot create PoolableConnectionFactory (Communications link failure
due to underlying exception:
** BEGIN NESTED EXCEPTION **
java.security.AccessControlException
MESSAGE: access denied (java.net.SocketPermission localhost resolve)
STACKTRACE:
java.security.AccessControlException: access denied (
java.net.SocketPermission localhost resolve)
at java.security.AccessControlContext.checkPermission(AccessControlContext.java:264)
at java.security.AccessController.checkPermission(AccessController.java:427)
at
java.lang.SecurityManager.checkPermission(SecurityManager.java:532)
at java.lang.SecurityManager.checkConnect(SecurityManager.java:1031)
at java.net.InetAddress.getAllByName0(InetAddress.java:1117)
at java.net.InetAddress.getAllByName0
(InetAddress.java:1098)
at java.net.InetAddress.getAllByName(InetAddress.java:1061)
at com.mysql.jdbc.StandardSocketFactory.connect(StandardSocketFactory.java:138)
at com.mysql.jdbc.MysqlIO.<init>(MysqlIO.java
:277)
at com.mysql.jdbc.Connection.createNewIO(Connection.java:2668)
at com.mysql.jdbc.Connection.<init>(Connection.java:1531)
at com.mysql.jdbc.NonRegisteringDriver.connect(NonRegisteringDriver.java:266)
at org.apache.commons.dbcp.DriverConnectionFactory.createConnection(DriverConnectionFactory.java:37)
at org.apache.commons.dbcp.PoolableConnectionFactory.makeObject(PoolableConnectionFactory.java:290)
at org.apache.commons.dbcp.BasicDataSource.validateConnectionFactory
(BasicDataSource.java:877)
at org.apache.commons.dbcp.BasicDataSource.createDataSource(BasicDataSource.java:851)
at org.apache.commons.dbcp.BasicDataSource.getConnection(BasicDataSource.java:540)
at org.apache.taglibs.standard.tag.common.sql.QueryTagSupport.getConnection
(QueryTagSupport.java:274)
at org.apache.taglibs.standard.tag.common.sql.QueryTagSupport.doStartTag(QueryTagSupport.java:159)
at org.apache.jsp.index_jsp._jspx_meth_sql_query_0(index_jsp.java:100)
at org.apache.jsp.index_jsp._jspService
(index_jsp.java:58)
at org.apache.jasper.runtime.HttpJspBase.service(HttpJspBase.java:97)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:802)
at org.apache.jasper.servlet.JspServletWrapper.service(
JspServletWrapper.java:334)
at org.apache.jasper.servlet.JspServlet.serviceJspFile(JspServlet.java:314)
at org.apache.jasper.servlet.JspServlet.service(JspServlet.java:264)
at javax.servlet.http.HttpServlet.service
(HttpServlet.java:802)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
at sun.reflect.DelegatingMethodAccessorImpl.invoke
(DelegatingMethodAccessorImpl.java:25)
at java.lang.reflect.Method.invoke(Method.java:585)
at org.apache.catalina.security.SecurityUtil$1.run(SecurityUtil.java:243)
at java.security.AccessController.doPrivileged
(Native Method)
at javax.security.auth.Subject.doAsPrivileged(Subject.java:517)
at org.apache.catalina.security.SecurityUtil.execute(SecurityUtil.java:275)
at org.apache.catalina.security.SecurityUtil.doAsPrivilege
(SecurityUtil.java:161)
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:245)
at org.apache.catalina.core.ApplicationFilterChain.access$0(ApplicationFilterChain.java:177)
at org.apache.catalina.core.ApplicationFilterChain$1.run(ApplicationFilterChain.java:156)
at java.security.AccessController.doPrivileged(Native Method)
at org.apache.catalina.core.ApplicationFilterChain.doFilter
(ApplicationFilterChain.java:152)
at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:213)
at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:178)
at
org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:126)
at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:105)
at org.apache.catalina.core.StandardEngineValve.invoke
(StandardEngineValve.java:107)
at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:148)
at org.apache.coyote.http11.Http11Processor.process(Http11Processor.java:869)
at org.apache.coyote.http11.Http11BaseProtocol$Http11ConnectionHandler.processConnection
(Http11BaseProtocol.java:664)
at org.apache.tomcat.util.net.PoolTcpEndpoint.processSocket(PoolTcpEndpoint.java:527)
at org.apache.tomcat.util.net.LeaderFollowerWorkerThread.runIt(LeaderFollowerWorkerThread.java:80)
at org.apache.tomcat.util.threads.ThreadPool$ControlRunnable.run(ThreadPool.java:684)
at java.lang.Thread.run(Thread.java:595)
** END NESTED EXCEPTION **
Last packet sent to the server was 6 ms ago.)"
org.apache.jasper.servlet.JspServletWrapper.handleJspException(JspServletWrapper.java:512)
org.apache.jasper.servlet.JspServletWrapper.service(JspServletWrapper.java:377)
org.apache.jasper.servlet.JspServlet.serviceJspFile
(JspServlet.java:314)
org.apache.jasper.servlet.JspServlet.service(JspServlet.java:264)
javax.servlet.http.HttpServlet.service(HttpServlet.java:802)
sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
java.lang.reflect.Method.invoke(Method.java:585)
org.apache.catalina.security.SecurityUtil$1.run(SecurityUtil.java:243)
java.security.AccessController.doPrivileged(Native Method)
javax.security.auth.Subject.doAsPrivileged(Subject.java:517)
org.apache.catalina.security.SecurityUtil.execute
(SecurityUtil.java:275)
org.apache.catalina.security.SecurityUtil.doAsPrivilege(SecurityUtil.java:161)
I can connect to the database in command line, MySQL admin and query browser
with the same user and pass that i am using for the webapp. I gave this user
full permissions from any host. I have read about the security manager
possible stopping it from working even though i'm working with localhost.
The webapp itself has the resource in its /META-INF/context.xml (see below)
as i want to stay away from tomcats server.xml. I have a resource reference
in the webapps /WEB-INF/web.xml (See below). I have a copy of
mysql-connector-java-5.0.4.jar in the /common/lib/ directory as suggested.
There is no mysql jar in the webapps /WEB-INF/lib dir. I created the webapp
in netbeans5.5 on a windows platform, built it and deployed the
webapp.jarusing tomcat manager.
---- Context.xml ----
<Context path="/DBTest" docBase="DBTest">
<Resource name="jdbc/time_management" auth="Container" type="
javax.sql.DataSource" maxActive="100" maxIdle="30" maxWait="10000"
username="timemanaccess" password="timeman101" driverClassName="
com.mysql.jdbc.Driver"
url="jdbc:mysql://localhost:3306/time_management_db"/>
</Context>
-----------------
---- Web.xml ----
<resource-ref>
<res-ref-name>jdbc/time_management</res-ref-name>
<res-type>javax.sql.DataSource</res-type>
<res-auth>Application</res-auth>
<res-sharing-scope>Shareable</res-sharing-scope>
</resource-ref>
-----------------
I have been editing the 50user.policy to try and give permissions to
localhost. See below.
grant codeBase "file:${catalina.home}/webapps/DBTest/-" {
//permission java.net.SocketPermission "localhost", "resolve";
//permission java.net.SocketPermission "localhost:3306",
"connect,resolve";
permission java.security.AllPermission;
};
grant codeBase "file:/usr/share/tomcat5.5/common/lib/mysql-
connector-java-5.0.4.jar" {
//permission java.net.SocketPermission "localhost", "resolve";
//permission java.net.SocketPermission "localhost:3306",
"connect,resolve";
permission java.security.AllPermission ;
};
I have tried a number of variations of the permissions below. None worked.
Can somebody please help? I can provide more information if needed.
Thanks in advance,
Stephen