This is a special use case depending on where you install the mail API jars. Since there are potentially 1000's of special use cases I don't see where adding these examples to catalina.policy would help.
A better solution would be to add a section to the Tomcat SecurityManager doc which lists what permissions are required for different standard API's. JDBC, mail, etc.
If you want to create a patch for the Tomcat security manager docs I would be happy to review it and commit it.
Thanks,
Glenn
Jun Inamori wrote:
Hi,
We faced the same problem as: http://www.mail-archive.com/[EMAIL PROTECTED]/msg48320.html The message reports the exception when sending e-mail. It looks like this:
javax.activation.UnsupportedDataTypeException: no object DCH for MIME type text/plain at javax.mail.Transport.send0(Transport.java:219)
We re-produce this, only if we enable SecurityManager and place "mail.jar" and "activation.jar" into: ${catalina.home}/shared/lib SecurityManager seems to prevent "javax.activation.CommandMap" to load: META-INF/mailcap from "mail.jar"
To avoid this kind of problem, "catalina.policy" should include the entity like this:
grant codeBase "file:${catalina.home}/shared/lib/activation.jar" { permission java.io.FilePermission "/usr/local/jakarta-tomcat-4.1.12-LE-jdk14/shared/lib/mail.jar","read"; };
I request you to add the lines below to "catalina.policy".
// If you place "mail.jar" and "activation.jar" into: // ${catalina.home}/shared/lib // please activate the entity below and update the target of // FilePermission.
//grant codeBase "file:${catalina.home}/shared/lib/activation.jar" { // permission java.io.FilePermission "/usr/local/jakarta-tomcat-4.1.12-LE-jdk14/shared/lib/mail.jar","read"; //};
I think this will help many Tomcat users, but do no harm. Any suggestion/questions are welcome to me.
--------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
