You are viewing a plain text version of this content. The canonical link for it is here.
Posted to users@tomcat.apache.org by Kai Hofmann <ap...@kai-hofmann.de> on 2019/01/24 12:19:44 UTC
Tomcat 9.0 with security manager reports access denied
Hello,
I try to activate the security manager for my own Application within
Tomcat 9.0.x. The problem ist that I got 2 different access denied's
that should (from my point of view) not happen. So this might be a bug -
but I am not 100% sure.
To make a long story short I have put all information into a
stackoverflow question:
https://stackoverflow.com/questions/54254003/tomcat-9-0-with-security-manager-reports-access-denied
Maybe someone could help me with this problem?
Thanks in advance
Kai
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
For additional commands, e-mail: users-help@tomcat.apache.org
Re: Tomcat 9.0 with security manager reports access denied
Posted by Kai Hofmann <ap...@kai-hofmann.de>.
Am 25.01.2019 um 21:58 schrieb Mark Thomas:
> On 25/01/2019 20:34, Mark Thomas wrote:
>> On 25/01/2019 11:12, Mark Thomas wrote:
>>> On 24/01/2019 12:19, Kai Hofmann wrote:
>>>> Hello,
>>>>
>>>> I try to activate the security manager for my own Application within
>>>> Tomcat 9.0.x. The problem ist that I got 2 different access denied's
>>>> that should (from my point of view) not happen. So this might be a bug -
>>>> but I am not 100% sure.
>>>>
>>>> To make a long story short I have put all information into a
>>>> stackoverflow question:
>>>>
>>>> https://stackoverflow.com/questions/54254003/tomcat-9-0-with-security-manager-reports-access-denied
>>>>
>>>> Maybe someone could help me with this problem?
>>>
>>> Strange.
>>>
>>> The failures might be related to running as a Windows service but I
>>> don't immediately see how. I wonder if there is a configuration issue.
>>>
>>> I ran a similar test locally on Linux and I don't see those failures. I
>>> did see a couple of other minor issues that I am in the process of fixing.
>>>
>>> Once I've finished fixing the issues I can see on Linux, I'll install
>>> the latest 9.0.x code as a Windows service and see if I can reproduce
>>> any of those failures.
>>
>> I see some additional instances of "denied" but not the ones you saw,
>>
>> I did notice that the security policy file was not configured correctly.
>> "==" is required when setting catalina.policy
>>
>> I'll look into getting the additional failures I've observed fixed but
>> it would help if you could provide the steps to reproduce the failures
>> you see from a clean Tomcat install.
>
> The additional failures are expected. java.beans.Introspector is trying
> to load classes that don't exist and they fail.
>
> Mark
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
> For additional commands, e-mail: users-help@tomcat.apache.org
>
Dear Mark,
thanks for the hint with the '==' for the catalina.policy definition.
This fixed one of my exceptions.
The seconds exception could then be fixed with adding
permission java.util.PropertyPermission
"org.apache.juli.logging.UserDataHelper.CONFIG", "read";
to the policies.
So every thing works here on windows as service ;-)
Greetings
PowerStat
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
For additional commands, e-mail: users-help@tomcat.apache.org
Re: Tomcat 9.0 with security manager reports access denied
Posted by Mark Thomas <ma...@apache.org>.
On 25/01/2019 20:34, Mark Thomas wrote:
> On 25/01/2019 11:12, Mark Thomas wrote:
>> On 24/01/2019 12:19, Kai Hofmann wrote:
>>> Hello,
>>>
>>> I try to activate the security manager for my own Application within
>>> Tomcat 9.0.x. The problem ist that I got 2 different access denied's
>>> that should (from my point of view) not happen. So this might be a bug -
>>> but I am not 100% sure.
>>>
>>> To make a long story short I have put all information into a
>>> stackoverflow question:
>>>
>>> https://stackoverflow.com/questions/54254003/tomcat-9-0-with-security-manager-reports-access-denied
>>>
>>> Maybe someone could help me with this problem?
>>
>> Strange.
>>
>> The failures might be related to running as a Windows service but I
>> don't immediately see how. I wonder if there is a configuration issue.
>>
>> I ran a similar test locally on Linux and I don't see those failures. I
>> did see a couple of other minor issues that I am in the process of fixing.
>>
>> Once I've finished fixing the issues I can see on Linux, I'll install
>> the latest 9.0.x code as a Windows service and see if I can reproduce
>> any of those failures.
>
> I see some additional instances of "denied" but not the ones you saw,
>
> I did notice that the security policy file was not configured correctly.
> "==" is required when setting catalina.policy
>
> I'll look into getting the additional failures I've observed fixed but
> it would help if you could provide the steps to reproduce the failures
> you see from a clean Tomcat install.
The additional failures are expected. java.beans.Introspector is trying
to load classes that don't exist and they fail.
Mark
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
For additional commands, e-mail: users-help@tomcat.apache.org
Re: Tomcat 9.0 with security manager reports access denied
Posted by Mark Thomas <ma...@apache.org>.
On 25/01/2019 11:12, Mark Thomas wrote:
> On 24/01/2019 12:19, Kai Hofmann wrote:
>> Hello,
>>
>> I try to activate the security manager for my own Application within
>> Tomcat 9.0.x. The problem ist that I got 2 different access denied's
>> that should (from my point of view) not happen. So this might be a bug -
>> but I am not 100% sure.
>>
>> To make a long story short I have put all information into a
>> stackoverflow question:
>>
>> https://stackoverflow.com/questions/54254003/tomcat-9-0-with-security-manager-reports-access-denied
>>
>> Maybe someone could help me with this problem?
>
> Strange.
>
> The failures might be related to running as a Windows service but I
> don't immediately see how. I wonder if there is a configuration issue.
>
> I ran a similar test locally on Linux and I don't see those failures. I
> did see a couple of other minor issues that I am in the process of fixing.
>
> Once I've finished fixing the issues I can see on Linux, I'll install
> the latest 9.0.x code as a Windows service and see if I can reproduce
> any of those failures.
I see some additional instances of "denied" but not the ones you saw,
I did notice that the security policy file was not configured correctly.
"==" is required when setting catalina.policy
I'll look into getting the additional failures I've observed fixed but
it would help if you could provide the steps to reproduce the failures
you see from a clean Tomcat install.
Mark
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
For additional commands, e-mail: users-help@tomcat.apache.org
Re: Tomcat 9.0 with security manager reports access denied
Posted by Mark Thomas <ma...@apache.org>.
On 24/01/2019 12:19, Kai Hofmann wrote:
> Hello,
>
> I try to activate the security manager for my own Application within
> Tomcat 9.0.x. The problem ist that I got 2 different access denied's
> that should (from my point of view) not happen. So this might be a bug -
> but I am not 100% sure.
>
> To make a long story short I have put all information into a
> stackoverflow question:
>
> https://stackoverflow.com/questions/54254003/tomcat-9-0-with-security-manager-reports-access-denied
>
> Maybe someone could help me with this problem?
Strange.
The failures might be related to running as a Windows service but I
don't immediately see how. I wonder if there is a configuration issue.
I ran a similar test locally on Linux and I don't see those failures. I
did see a couple of other minor issues that I am in the process of fixing.
Once I've finished fixing the issues I can see on Linux, I'll install
the latest 9.0.x code as a Windows service and see if I can reproduce
any of those failures.
Mark
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
For additional commands, e-mail: users-help@tomcat.apache.org