Re: Servlets / JSP can't connect to MySQL in Ubuntu Server

Thu, 20 Nov 2008 02:20:00 -0800 

Krapacs Ambrose wrote:



Well I thought that I had tried turning off the security manager but I 
couldn't remember how I did it. I tried again by modifying 
/etc/init.d/tomcat and set TOMCAT_SECURITY to "no". I executed the JSP 
again and EVERY TEST SUCCESSFULLY CONNECTED! Wow, finally!



So now I guess I need to determine the proper way to do this because I'm 
guessing that disabling the security mangager is not smart. I really do 
not know anything about the tomcat security  manager so I'm not sure how 
to properly allow this in security  manager without disabling it 
completely.



So, you see, in the end it was a TCP/IP connection issue.

But it was not at the level of your MySQL server, but at the source : 
your JVM would not let your webapp do a "connect" to that port.



Now here comes a complication : finding where in the configuration you 
need to change this thing.

That depends a bit on where you got your Tomcat from.

In the end, you should find a file named like 
"(tomcat_dir)/conf/catalina.policy", which contains the permissions 
given to different webapps.
You should find enough examples in there to guess what you need to add 
to make it work. (*)
But, the file "catalina.policy" may be a file that is re-created each 
time you start Tomcat, from bits and pieces located somewhere else.
So check you Tomcat startup script carefully, and see whether it is 
doing something like that.  It may be that different bits related to 
permissions are located in a series of files under /etc/tomcat/policy.d 
for example.  If so, then add  a new file there, with the required 
permissions, and it will be picked up and concatenated with the others 
at the next startup, into a new catalina.policy file.

(And re-enable the security manager of course).


Maybe someone else will want to comment on the usefulness criteria of 
the security manager.  It does slow things down, so you may not 
necessarily want to enable it.




(*) something like :
grant codeBase "file:/var/lib/tomcat/webapps/yourwebapp/WEB-INF/classes/-" {
      permission java.net.SocketPermission "localhost", "connect,resolve";
      permission java.net.SocketPermission "*:3636", "connect,resolve";
};

---------------------------------------------------------------------
To start a new topic, e-mail: users@tomcat.apache.org
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
























					Reply via email to