On Aug 26, 2009, at 11:13 PM, Kai Virkki wrote:
> Hi,
>
> Is it really so that nobody uses JSPs and SecurityManager with Resin?
> :) Could this problem be solved by pre-compiling jsps to Java classes?
> Now we just let Resin handle the compilation from directories under
> WEB-INF.
Well, the security manager kills performance, so we generally
discourage it. I've added a bug report, though.
-- Scott
>
>
> Cheers,
>
> Kai
>
> 2009/8/25 Kai Virkki <kai.vir...@gmail.com>:
>> Hi!
>>
>> We are trying to use SecurityManager with Resin 3.1.9 and run into
>> the
>> following problem: CodeSource.getLocation() returns null for compiled
>> JSPs.
>>
>> This means that we cannot use a specific codebase in grant clause in
>> our policy file, for example:
>>
>> grant codeBase "file:/path_to_resin/runtime/work/-" {
>> OR grant codeBase "file:/path_to_resin/webapp/JSP-source/-" {
>> ...some jsp-specific permissions
>> };
>>
>> Instead, we have to use a universal grant clause:
>> grant {
>> ..some jsp-specific permissions. Unfortunately, these will be applied
>> to all code!!!
>> };
>>
>> Is there a way to make JSPs have a proper CodeSource?
>>
>> Cheers,
>>
>> Kai
>>
>
>
> _______________________________________________
> resin-interest mailing list
> resin-interest@caucho.com
> http://maillist.caucho.com/mailman/listinfo/resin-interest
_______________________________________________
resin-interest mailing list
resin-interest@caucho.com
http://maillist.caucho.com/mailman/listinfo/resin-interest
