You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@tomcat.apache.org by bu...@apache.org on 2002/11/17 16:18:43 UTC
DO NOT REPLY [Bug 14622] -
Jasper fails when security manager is set by a jsp
DO NOT REPLY TO THIS EMAIL, BUT PLEASE POST YOUR BUG
RELATED COMMENTS THROUGH THE WEB INTERFACE AVAILABLE AT
<http://nagoya.apache.org/bugzilla/show_bug.cgi?id=14622>.
ANY REPLY MADE TO THIS MESSAGE WILL NOT BE COLLECTED AND
INSERTED IN THE BUG DATABASE.
http://nagoya.apache.org/bugzilla/show_bug.cgi?id=14622
Jasper fails when security manager is set by a jsp
glenn@apache.org changed:
What |Removed |Added
----------------------------------------------------------------------------
Status|NEW |RESOLVED
Resolution| |INVALID
------- Additional Comments From glenn@apache.org 2002-11-17 15:18 -------
This is not a bug. The SecurityManager is global to the entire JVM Tomcat/Jasper
is running in. It is the responsibility of the container to set the
SecurityManager. This will not be changed. Allowing a JSP page to set
the SecurityManager would be a huge security risk. To use the Tomcat 4
SecurityManager start Tomcat with the -security option.
--
To unsubscribe, e-mail: <ma...@jakarta.apache.org>
For additional commands, e-mail: <ma...@jakarta.apache.org>