Hi Daniel,

Thanks so much for your response!

I have tried specifying it through the command line and also through the
resin.conf file.  Neither seems to work, and I have tried with 3.1.2, and
two recent snapshots. 

In your environment do you use a load balancer?  I am using Apache 2.0 to
pass traffic back to resin.  I suppose I could try to use Resin as the load
balancer, but I don't think that should make a difference.

With a completely empty policy file, shouldn't java be prevented from
reading files?  Tomcat seems to handle this feature very well and I am maybe
doing things wrong.

1.)  Start Apache as load balancer.
2.)  Start resin on port 6802
3.)  Start subsequent JVM's to load additional sites 6803,6804,6805,etc....
4.)  Prevent users from maliciously using java with the <security-manager/>
tag and a resin.policy file that locks down the entire java application.  I
don't want the users to have any rights unless I grant them the specific
rights to do things.  

Thanks again for your help!

Joey

-----Original Message-----
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of Daniel López
Sent: Friday, September 28, 2007 12:01 AM
To: General Discussion for the Resin application server
Subject: Re: [Resin-interest] Unable to prevent file access on ISP server

Hi,

I have this working with a previous version of Resin, but I think the 
problem might be that right now the way of specifying JVM parameters has 
changed, so your prolicy file is probably being applied to the watchdog 
process, instead of to the resin server.

How are you specifying the policy file to be used? If I'm not mistaken, 
you should now do it through the resin.conf file, instead of through the 
command line.

S!
D.


Mktg. Incorporate Fast escribió:
> Hello,
> 
>  
> 
> With resin installed all files are readable via java source.  The 
> java.io.FilePermission setting in the policy file doesn’t seem to have 
> any affect at all.
> 
>  
> 
> Can anybody please help if you have this working?  I’m not sure what I 
> have missing.  If this has worked in a previous version I don’t mind 
> rolling back.
> 
>  
> 
> Using resin 3.1.3 (snapshot as of 2007/09/17), Apache, Java 1.5
> 
>  
> 
> Thanks,
> 
>  
> 
> Joey


_______________________________________________
resin-interest mailing list
resin-interest@caucho.com
http://maillist.caucho.com/mailman/listinfo/resin-interest




_______________________________________________
resin-interest mailing list
resin-interest@caucho.com
http://maillist.caucho.com/mailman/listinfo/resin-interest

Reply via email to