You are viewing a plain text version of this content. The canonical link for it is here.
Posted to users@tomcat.apache.org by jamana ramesh <ra...@gmail.com> on 2011/02/17 06:42:48 UTC
Re: Tomcat Secuirty Problem
>
> Hi,
>
> I am new to Tomcat server. I have installed Tomcat 6 and deployed a web
> application. This application has to decrypt some files and store in a temp
> folder. I have created a folder with name "temp' in WEB-INF folder of my
> applciation. But When I am running my application, at the time of
> decryption, I am getting "Access Denied" exception. Through Tomcat security
> features, I came to know that we need to grant the permission in
> catalina.policy in conf folder. Below is the line I have added in it. But
> still I am getting the same exception.
>
> grant codeBase "http://localhost:8080/lanwan/-" {
> permission java.io.FilePermission "C:\\Program Files\\Apache Software
> Foundation\\Tomcat 6.0\\webapps\\lanwan\\WEB-INF\\docs\\temp\\-",
> "read,write,delete";
> }
>
> Please help me how to configure this security settings.
>
> Thanks in advance,
> Ramesh
>
>
Re: Tomcat Secuirty Problem
Posted by Christopher Schultz <ch...@christopherschultz.net>.
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Jamana,
On 2/17/2011 12:42 AM, jamana ramesh wrote:
>> I am new to Tomcat server.
I agree with /all/ of Chuck's comments.
>> grant codeBase "http://localhost:8080/lanwan/-" {
Your code is in a JAR, not being served from a URL, right? Or, are you
talking about an applet? I think your codeBase is wrong.
- -chris
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.10 (MingW32)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/
iEYEARECAAYFAk1kEH0ACgkQ9CaO5/Lv0PBXEQCfXt/u5K3uaIiH4bj50nHw8NqI
FKwAoMCxwpba42KGgBTcPokl0UcJa4/L
=7/gi
-----END PGP SIGNATURE-----
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
For additional commands, e-mail: users-help@tomcat.apache.org
RE: Tomcat Secuirty Problem
Posted by "Caldarale, Charles R" <Ch...@unisys.com>.
> From: jamana ramesh [mailto:ramesh.jamana@gmail.com]
> Subject: Re: Tomcat Secuirty Problem
> I am new to Tomcat server.
And unaware of basic etiquette:
1) Don't cross-post.
2) Always provide the exact Tomcat version, JVM level, and OS you're running on.
> This application has to decrypt some files and store
> in a temp folder. I have created a folder with name
> "temp' in WEB-INF folder of my applciation.
That's a really, really bad idea - you should never try to write into the webapp's deployment directory. You have no guarantee that there even is a deployment directory, or even a file system. The servlet specification requires that the container (Tomcat, in this case) provide a scratch area for just this purpose. Read section 4.7.1 of the servlet spec, which states, in part:
"A temporary storage directory is required for each servlet context. Servlet containers must provide a private temporary directory for each servlet context, and make it available via the javax.servlet.context.tempdir context attribute. The objects associated with the attribute must be of type java.io.File."
- Chuck
THIS COMMUNICATION MAY CONTAIN CONFIDENTIAL AND/OR OTHERWISE PROPRIETARY MATERIAL and is thus for use only by the intended recipient. If you received this in error, please contact the sender and delete the e-mail and its attachments from all computers.
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
For additional commands, e-mail: users-help@tomcat.apache.org