You are viewing a plain text version of this content. The canonical link for it is here.
Posted to users@tomcat.apache.org by "George S." <ge...@mhsoftware.com> on 2017/01/31 05:27:56 UTC
Security Policy
I have a question about security policies.
I have a jar file that I'm putting in my WEB-INF/lib directory. The jar
is signed with a certificate. I've inspected the jar file using
jarsigner and it is signed. There is a policy entry that basically says
if a jar is signed with that key, grant all permissions.
When I call a method that opens a file, I'm getting access control
exception.
Another jar, signed with the same certificate does work.
The one huge difference is that the working example is a servlet inside
the signed jar.
The non-working example is a JSP that's in the application's top-level
directory. IOW JSP -> calls instance method of class in signed jar.
I expected that by having the JSP call into a signed jar, I would be
able to open the file under the security manager. Is that wrong?
--
George S.
*MH Software, Inc.*
Voice: 303 438 9585
http://www.connectdaily.com
Re: Security Policy
Posted by Mark Thomas <ma...@apache.org>.
On 31/01/2017 05:27, George S. wrote:
> I have a question about security policies.
>
> I have a jar file that I'm putting in my WEB-INF/lib directory. The jar
> is signed with a certificate. I've inspected the jar file using
> jarsigner and it is signed. There is a policy entry that basically says
> if a jar is signed with that key, grant all permissions.
>
> When I call a method that opens a file, I'm getting access control
> exception.
>
> Another jar, signed with the same certificate does work.
>
> The one huge difference is that the working example is a servlet inside
> the signed jar.
>
> The non-working example is a JSP that's in the application's top-level
> directory. IOW JSP -> calls instance method of class in signed jar.
>
> I expected that by having the JSP call into a signed jar, I would be
> able to open the file under the security manager. Is that wrong?
It depends.
When a thread tries to execute something that requires a security
permission then the code source for every method in the call stack (or
as far up the stack as the first privileged block) must be granted the
necessary permission.
At a guess, the Servlet works because the methods on the call stack at
the time are either from the signed JAR or from Tomcat - both of which
have all permissions.
I suspect the JSP fails because there are methods from the JAR, the JSP
and Tomcat on the call stack and those from the JSP do not have the
necessary read file permission.
Mark
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
For additional commands, e-mail: users-help@tomcat.apache.org