[
https://issues.apache.org/jira/browse/CONFIGURATION-391?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=12739437#action_12739437
]
Stéphane Van Espen commented on CONFIGURATION-391:
--------------------------------------------------
Thank you for your answer.
If PropertiesConfiguration tries several locations (hard disk, jars) it is
indeed possible WAS blocks unauthorized locations (the reason why we had to add
"irrelevant" permissions in our was.policy).
I will investigate this further.
Thanks again,
> Double file permissions required in WAS 6.1
> -------------------------------------------
>
> Key: CONFIGURATION-391
> URL: https://issues.apache.org/jira/browse/CONFIGURATION-391
> Project: Commons Configuration
> Issue Type: Bug
> Affects Versions: 1.5
> Environment: - WebSphere AS 6.1with J2EE securit enabled
> - AIX
> Reporter: Stéphane Van Espen
>
> We are using Commons Configuration as follows:
> {code}
> final PropertiesConfiguration config = new
> PropertiesConfiguration("velocity.properties");
> {code}
> _Noteworthy points_:
> - properties files are embedded in JARs
> - Application is deployed in WAS 6.1, where J2EE security is activated
> (was.policy)
> *Problem is the following*:
> Two entries are necessary in _was.policy_ in order to make the application
> work.
> Example:
> {code}
> permission java.io.FilePermission "velocity.properties","read";
> permission java.io.FilePermission "/home/wasadmin/velocity.properties","read";
> {code}
> The first entry is valid.
> The second entry (with "/*home*/*wasadmin*/...") is wrong but necesarry in
> order to make WebSphere happy.
> We would like to remove this second entry (useless and less secure) from our
> was.policy.
> What could be the cause of this issue ?
> Thank you,
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.
