You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@tomee.apache.org by jl...@apache.org on 2021/04/26 17:32:46 UTC
[tomee-tck] branch jakartaee9-tck updated: JASPIC configuration (missing permissions)

This is an automated email from the ASF dual-hosted git repository.

jlmonteiro pushed a commit to branch jakartaee9-tck
in repository https://gitbox.apache.org/repos/asf/tomee-tck.git


The following commit(s) were added to refs/heads/jakartaee9-tck by this push:
     new 9979773  JASPIC configuration (missing permissions)
9979773 is described below

commit 99797738ca2933e2e883fb6ea91e5983a157490e
Author: Jean-Louis Monteiro <jl...@tomitribe.com>
AuthorDate: Mon Apr 26 19:32:32 2021 +0200

    JASPIC configuration (missing permissions)
    
    Signed-off-by: Jean-Louis Monteiro <jl...@tomitribe.com>
---
 src/test/tomee-plume/conf/catalina.policy | 14 ++++++++++++++
 1 file changed, 14 insertions(+)

diff --git a/src/test/tomee-plume/conf/catalina.policy b/src/test/tomee-plume/conf/catalina.policy
index 82499e5..6a316c8 100644
--- a/src/test/tomee-plume/conf/catalina.policy
+++ b/src/test/tomee-plume/conf/catalina.policy
@@ -291,6 +291,20 @@ grant codeBase "file:${catalina.home}/webapps/host-manager/-" {
 // };
 
 // TomEE for CTS configuration
+grant codeBase "file:${cts.home}/dist/com/sun/ts/tests/jaspic/-" {
+    permission java.io.FilePermission "${catalina.base}/conf/-", "read";
+    permission java.io.FilePermission "${catalina.base}/conf/jaspic-providers.xml", "read,write,delete"; // Tomcat ACF
+    permission java.io.FilePermission "${catalina.base}/conf/jaspic-providers.xml.new", "read,write,delete"; // Tomcat ACF
+    permission java.io.FilePermission "${catalina.base}/conf/jaspic-providers.xml.old", "read,write,delete"; // Tomcat ACF
+    permission java.io.FilePermission "${catalina.base}/temp/-", "read,write";
+    permission java.io.FilePermission "${catalina.base}/logs/-", "read,write";
+    permission java.io.FilePermission "${catalina.base}/work/-", "read,write";
+    permission java.util.PropertyPermission "*", "read,write"; // the log file
+    permission java.security.SecurityPermission "getProperty.authconfigprovider.factory";
+    permission java.security.SecurityPermission "setProperty.authconfigprovider.factory";
+    permission java.lang.RuntimePermission "accessClassInPackage.org.apache.catalina.authenticator.jaspic";
+    permission java.util.logging.LoggingPermission "control";
+};
 grant codeBase "file:${cts.home}/dist/com/sun/ts/tests/servlet/ee/spec/security/permissiondd/servlet_ee_spec_security_permissiondd_web/-" {
     permission java.util.PropertyPermission "cts.*", "read";