Re: NullPointerException with Tomcat Howto

[Bastian Bowe]

Ok, I was playing around with the policy files. Now I've got some
improved (alternative) versions to add to my 04webapps.policy.

very restrictive but hard to manage:
==================================================
grant codeBase "file:${catalina.home}/webapps/cactusTest/WEB-INF/lib/junit-3.7.jar" {
        permission java.util.PropertyPermission "user.home", "read";
        permission java.util.PropertyPermission "cactus.*", "read";
        permission java.io.FilePermission "${catalina.home}/junit.properties", "read";
        permission java.net.SocketPermission "localhost:8082", "connect, resolve";
};

grant codeBase "file:${catalina.home}/webapps/cactusTest/WEB-INF/lib/cactus-1.4.1.jar" 
{
        permission java.util.PropertyPermission "cactus.*", "write";
//may be more restrictive?
        permission java.util.PropertyPermission "*", "read";
        permission java.io.FilePermission "${catalina.home}/junit.properties", "read";
        permission java.net.SocketPermission "localhost:8082", "connect, resolve";
};

grant codeBase 
"file:${catalina.home}/webapps/cactusTest/WEB-INF/lib/commons-logging-1.0.jar" {
//may be more restrictive?
        permission java.util.PropertyPermission "*", "read";
};

grant codeBase 
"file:${catalina.home}/webapps/cactusTest/WEB-INF/lib/commons-httpclient-2.0alpha1-20020606.jar"
 {
        permission java.net.SocketPermission "localhost:8082", "connect, resolve";
};
==================================================

less restrictive but easier to manage:
==================================================
grant codeBase "file:${catalina.home}/webapps/cactusTest/WEB-INF/lib/-" {
        permission java.util.PropertyPermission "cactus.*", "write";
//may be more restrictive?
        permission java.util.PropertyPermission "*", "read";
        permission java.io.FilePermission "${catalina.home}/junit.properties", "read";
        permission java.net.SocketPermission "localhost:8082", "connect, resolve";
};
==================================================

to use log4j add:
==================================================
//for log4j
        permission java.lang.RuntimePermission "getClassLoader";
//log4j.appender.cactus.File:
        permission java.io.FilePermission "/tmp/cactus_client.log", "write, read";
==================================================

Maybe that helps someone. If you've got good knowledge in .policy
files and have got a better solution, let us know.
-- 
Bastian Bowe
Sent using Debian GNU/Linux - http://www.debian.org

---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]