You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@tomcat.apache.org by bu...@apache.org on 2005/04/11 11:17:53 UTC

DO NOT REPLY [Bug 34396] New: - security exception using datasource in .init()

DO NOT REPLY TO THIS EMAIL, BUT PLEASE POST YOUR BUG�
RELATED COMMENTS THROUGH THE WEB INTERFACE AVAILABLE AT
<http://issues.apache.org/bugzilla/show_bug.cgi?id=34396>.
ANY REPLY MADE TO THIS MESSAGE WILL NOT BE COLLECTED AND�
INSERTED IN THE BUG DATABASE.

http://issues.apache.org/bugzilla/show_bug.cgi?id=34396

           Summary: security exception using datasource in <servlet-
                    instance>.init()
           Product: Tomcat 5
           Version: 5.5.7
          Platform: All
        OS/Version: Windows XP
            Status: NEW
          Severity: minor
          Priority: P3
         Component: Catalina
        AssignedTo: tomcat-dev@jakarta.apache.org
        ReportedBy: dario.bonino@rgi.it


########################################################################
Startup Java Option added:
-Djava.security.manager
-Djava.security.policy=<TOMCAT_HOME>/conf/catalina.policy
########################################################################


java.security.AccessControlException: access denied (java.lang.RuntimePermission
accessClassInPackage.org.apache.tomcat.dbcp.collections)
	at
java.security.AccessControlContext.checkPermission(AccessControlContext.java:264)
	at java.security.AccessController.checkPermission(AccessController.java:427)
	at java.lang.SecurityManager.checkPermission(SecurityManager.java:532)
	at java.lang.SecurityManager.checkPackageAccess(SecurityManager.java:1512)
	at sun.misc.Launcher$AppClassLoader.loadClass(Launcher.java:265)
	at java.lang.ClassLoader.loadClass(ClassLoader.java:299)
	at java.lang.ClassLoader.loadClass(ClassLoader.java:251)
	at java.lang.ClassLoader.loadClassInternal(ClassLoader.java:319)
	at
org.apache.tomcat.dbcp.pool.impl.GenericObjectPool.<init>(GenericObjectPool.java:392)
	at
org.apache.tomcat.dbcp.pool.impl.GenericObjectPool.<init>(GenericObjectPool.java:258)
	at
org.apache.tomcat.dbcp.dbcp.BasicDataSource.createDataSource(BasicDataSource.java:795)
	at
org.apache.tomcat.dbcp.dbcp.BasicDataSource.getConnection(BasicDataSource.java:540)
	at it.rgi.webapp.dbms.jdbc.DataSourcePool.get(DataSourcePool.java:123)
	at
it.rgi.webapp.dbms.jdbc.JdbcConnettoreRetry.acquisisciConnessione(JdbcConnettoreRetry.java:901)
	at
it.rgi.webapp.dbms.jdbc.JdbcConnettoreRetry.getDatabaseInfo(JdbcConnettoreRetry.java:754)
	at
it.rgi.webapp.dbms.jdbc.JdbcConnettoreRetry.getDatabaseInfo(JdbcConnettoreRetry.java:752)
	at it.rgi.webapp.admin.StartUpProcess.database(StartUpProcess.java:534)
	at it.rgi.webapp.admin.StartUpProcess.execStartUpProcess(StartUpProcess.java:399)
	at it.rgi.webapp.admin.StartUpProcess.startup(StartUpProcess.java:282)
	at it.rgi.webapp.admin.StartUpProcess.startup(StartUpProcess.java:254)
	at it.rgi.webapp.admin.ServletAdmin.single_init(ServletAdmin.java:88)
	at it.rgi.webapp.admin.ServletAdmin.init(ServletAdmin.java:80)
	at javax.servlet.GenericServlet.init(GenericServlet.java:211)
	at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
	at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
	at
sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
	at java.lang.reflect.Method.invoke(Method.java:585)
	at org.apache.catalina.security.SecurityUtil$1.run(SecurityUtil.java:243)
	at java.security.AccessController.doPrivileged(Native Method)
	at javax.security.auth.Subject.doAsPrivileged(Subject.java:517)
	at org.apache.catalina.security.SecurityUtil.execute(SecurityUtil.java:275)
	at org.apache.catalina.security.SecurityUtil.doAsPrivilege(SecurityUtil.java:161)
	at org.apache.catalina.security.SecurityUtil.doAsPrivilege(SecurityUtil.java:114)
	at org.apache.catalina.core.StandardWrapper.loadServlet(StandardWrapper.java:1062)
	at org.apache.catalina.core.StandardWrapper.load(StandardWrapper.java:900)
	at
org.apache.catalina.core.StandardContext.loadOnStartup(StandardContext.java:3823)
	at org.apache.catalina.core.StandardContext.start(StandardContext.java:4087)
	at org.apache.catalina.core.ContainerBase.addChildInternal(ContainerBase.java:759)
	at org.apache.catalina.core.ContainerBase.access$000(ContainerBase.java:121)
	at
org.apache.catalina.core.ContainerBase$PrivilegedAddChild.run(ContainerBase.java:143)
	at java.security.AccessController.doPrivileged(Native Method)
	at org.apache.catalina.core.ContainerBase.addChild(ContainerBase.java:737)
	at org.apache.catalina.core.StandardHost.addChild(StandardHost.java:524)
	at org.apache.catalina.startup.HostConfig.deployDescriptor(HostConfig.java:590)
	at org.apache.catalina.startup.HostConfig.deployDescriptors(HostConfig.java:535)
	at org.apache.catalina.startup.HostConfig.deployApps(HostConfig.java:470)
	at org.apache.catalina.startup.HostConfig.start(HostConfig.java:1106)
	at org.apache.catalina.startup.HostConfig.lifecycleEvent(HostConfig.java:310)
	at
org.apache.catalina.util.LifecycleSupport.fireLifecycleEvent(LifecycleSupport.java:119)
	at org.apache.catalina.core.ContainerBase.start(ContainerBase.java:1019)
	at org.apache.catalina.core.StandardHost.start(StandardHost.java:718)
	at org.apache.catalina.core.ContainerBase.start(ContainerBase.java:1011)
	at org.apache.catalina.core.StandardEngine.start(StandardEngine.java:440)
	at org.apache.catalina.core.StandardService.start(StandardService.java:450)
	at org.apache.catalina.core.StandardServer.start(StandardServer.java:683)
	at org.apache.catalina.startup.Catalina.start(Catalina.java:537)
	at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
	at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
	at
sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
	at java.lang.reflect.Method.invoke(Method.java:585)
	at org.apache.catalina.startup.Bootstrap.start(Bootstrap.java:271)
	at org.apache.catalina.startup.Bootstrap.main(Bootstrap.java:409)









##############################################################################
##### CATALINA.POLICY (ADDED ROWS)
##############################################################################

// JDBC DRIVERS
grant codeBase "file:C:/Java/jdbcDrivers/-" {
  permission java.security.AllPermission;
  };

// Web applications permission, J2EE Specification 1.4
// Minimum set of permissions that Web Components components can expect.
grant {
	permission java.lang.RuntimePermission  "loadLibrary.*";
	permission java.lang.RuntimePermission  "queuePrintJob";
	permission java.net.SocketPermission    "*", "connect";
	permission java.io.FilePermission       "<<ALL FILES>>", "read,write";
	permission java.util.PropertyPermission "*", "read";
    };

// My Requirements
grant {
    permission java.io.FilePermission "<<ALL FILES>>", "delete";
    permission java.net.SocketPermission "*:1024-65535", "accept,listen";
    };

-- 
Configure bugmail: http://issues.apache.org/bugzilla/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug, or are watching the assignee.

---------------------------------------------------------------------
To unsubscribe, e-mail: tomcat-dev-unsubscribe@jakarta.apache.org
For additional commands, e-mail: tomcat-dev-help@jakarta.apache.org