Hi Joey, I'm using this with Resin 2.1.17 and I just specify -Djava.security.policy=/path_to_file at the command line when executing httdp.sh.
However, if I'm not mistaken, with 3.1.2 you would need to specify it through the resin.conf file with ... <jvm-arg>-Djava.security.policy=/path_to_file</jvm-arg> ... at the <server-default> level, for example. Regarding load balancing: no, I don't use any load balancer but as you say that should not make a difference. You simply need to create an empty policy file or with the most basic permissions and with that you will be able to check if Resin is reading & applying the policy file or not. If it does, Resin won't start as you need to explicitely give permission to the Caucho classes to be able to open ports, create temporary files etc. so you will see inmediately. I'll do a quick test on a local Resin 3.1.2 to see if it works as expected and come back to you. S! D. Mktg. Incorporate Fast escribió: > Hi Daniel, > > Thanks so much for your response! > > I have tried specifying it through the command line and also through the > resin.conf file. Neither seems to work, and I have tried with 3.1.2, and > two recent snapshots. > > In your environment do you use a load balancer? I am using Apache 2.0 to > pass traffic back to resin. I suppose I could try to use Resin as the load > balancer, but I don't think that should make a difference. > > With a completely empty policy file, shouldn't java be prevented from > reading files? Tomcat seems to handle this feature very well and I am maybe > doing things wrong. > > 1.) Start Apache as load balancer. > 2.) Start resin on port 6802 > 3.) Start subsequent JVM's to load additional sites 6803,6804,6805,etc.... > 4.) Prevent users from maliciously using java with the <security-manager/> > tag and a resin.policy file that locks down the entire java application. I > don't want the users to have any rights unless I grant them the specific > rights to do things. > > Thanks again for your help! > > Joey _______________________________________________ resin-interest mailing list resin-interest@caucho.com http://maillist.caucho.com/mailman/listinfo/resin-interest
