You are viewing a plain text version of this content. The canonical link for it is here.

Posted to users@tomcat.apache.org by Antony Bowesman <ad...@teamware.com> on 2001/11/14 16:12:07 UTC

Last straw - AccessControlException problem

Hi,

I'm getting an AccessControlException when trying to read the file
H:\Apache\jakarta-tomcat-4.0\bin\user.txt

Top part of stack trace is

java.security.AccessControlException: access denied
(java.io.FilePermission user.txt read)
        at
java.security.AccessControlContext.checkPermission(AccessControlContext.java:272)
        at
java.security.AccessController.checkPermission(AccessController.java:399)
        at
java.lang.SecurityManager.checkPermission(SecurityManager.java:545)
        at java.lang.SecurityManager.checkRead(SecurityManager.java:890)
        at java.io.FileInputStream.<init>(FileInputStream.java:61)
        at java.io.FileReader.<init>(FileReader.java:38)
        at
com.teamware.phoenix.security.auth.spi.TestLoginModule.login(Unknown
Source)
        at
com.teamware.phoenix.security.auth.spi.ProxyLoginModule.login(ProxyLoginModule.java:152)

My ProxyLoginModule is in file:${catalina.home}/bin/jaasproxylogin.jar
and catalina.policy has the following grant entry

grant codeBase "file:${catalina.home}/bin/jaasproxylogin.jar" {
       permission java.lang.RuntimePermission "getClassLoader";
       permission java.util.PropertyPermission "log4j.configuration",
"read";
       permission java.util.PropertyPermission "log4j.configDebug",
"read";
       permission java.util.PropertyPermission "user.dir", "read";
       permission java.util.FilePermission
"H:\\Apache\\jakarta-tomcat-4.0\\bin\\user.txt", "read";
       permission java.util.FilePermission "user.txt", "read";
};

The code does

  String fileName = "user.txt"; 
  File f = new File(fileName);
  System.out.println("Path=" + f.getAbsolutePath());
  BufferedReader br = new BufferedReader(new FileReader(fileName));

The output is

Path=H:\Apache\jakarta-tomcat-4.0\bin\user.txt

If I remove the PropertyPermission for user.dir I get an ACE on the
getAbsolutePath() call, this shows it is taking the grant entry.  Can
anyone see what's wrong with the grant entry.  I've tried the same with
no codebase and it does not work.  I've tried 

       permission java.util.FilePermission "<<ALL FILES>>", "read";

still doesn't work.

I'm running 4.0 on WinXP.

Antony


-- 
Antony Bowesman
Teamware Group 
adb@teamware.com
phone: +358 9 5128 2562
fax  : +358 9 5128 2705

intra / extra / Internet solutions at www.teamware.com

--
To unsubscribe:   <ma...@jakarta.apache.org>
For additional commands: <ma...@jakarta.apache.org>
Troubles with the list: <ma...@jakarta.apache.org>

Re: Last straw - AccessControlException problem

Posted by Antony Bowesman <ad...@teamware.com>.

Aargh,

Problem solved, I had java.util.FilePermission in my policy not
java.io.FilePermission...  Can't see the wood for the trees.

Antony

--
To unsubscribe:   <ma...@jakarta.apache.org>
For additional commands: <ma...@jakarta.apache.org>
Troubles with the list: <ma...@jakarta.apache.org>