Hi,
We have a security policy for Resin running on our servers. This policy causes
JSP compilation to be blocked for Resin 3.1, although it works fine on Resin 2.
The issue appears to be caused by Active CodeSource set to null during the
compilation of JSP page. Did somebody happen to find a workaround for this?
Additional details:
CentOS 4, Resin 3.1.9, jdk1.6.0_17
Java security policy debug for failed JSP compilation attempt:
policy: evaluation (codesource/principals) passed
policy: evaluate codesources:
Policy CodeSource: (file:/usr/resin/resin-3.1.9/- <no signer
certificates>)
Active CodeSource: (null <no signer certificates>)
policy: evaluation (codesource) failed
policy: evaluate codesources:
Policy CodeSource: (file:/home/test/- <no signer certificates>)
Active CodeSource: (null <no signer certificates>)
policy: evaluation (codesource) failed
policy: evaluate codesources:
Policy CodeSource: (file:/usr/java/jdk1.6.0_17/jre/lib/ext/* <no signer
certificates>)
Active CodeSource: (null <no signer certificates>)
policy: evaluation (codesource) failed
policy: evaluate codesources:
Policy CodeSource: (file:/usr/java/packages/lib/ext/* <no signer
certificates>)
Active CodeSource: (null <no signer certificates>)
policy: evaluation (codesource) failed
policy: evaluate codesources:
Policy CodeSource: (null <no signer certificates>)
Active CodeSource: (null <no signer certificates>)
policy: evaluate principals:
Policy Principals: []
Active Principals: []
policy: granting (java.lang.RuntimePermission stopThread)
policy: granting (java.net.SocketPermission localhost:1024- listen,resolve)
policy: granting (java.util.PropertyPermission java.version read)
policy: granting (java.util.PropertyPermission java.vendor read)
policy: granting (java.util.PropertyPermission java.vendor.url read)
policy: granting (java.util.PropertyPermission java.class.version read)
policy: granting (java.util.PropertyPermission os.name read)
policy: granting (java.util.PropertyPermission os.version read)
policy: granting (java.util.PropertyPermission os.arch read)
policy: granting (java.util.PropertyPermission file.separator read)
policy: granting (java.util.PropertyPermission path.separator read)
policy: granting (java.util.PropertyPermission line.separator read)
policy: granting (java.util.PropertyPermission java.specification.version
read)
policy: granting (java.util.PropertyPermission java.specification.vendor read)
policy: granting (java.util.PropertyPermission java.specification.name read)
policy: granting (java.util.PropertyPermission java.vm.specification.version
read)
policy: granting (java.util.PropertyPermission java.vm.specification.vendor
read)
policy: granting (java.util.PropertyPermission java.vm.specification.name
read)
policy: granting (java.util.PropertyPermission java.vm.version read)
policy: granting (java.util.PropertyPermission java.vm.vendor read)
policy: granting (java.util.PropertyPermission java.vm.name read)
policy: evaluation (codesource/principals) passed
[11:18:56.134] java.security.AccessControlException: access denied
(java.io.FilePermission /home/test/public_html/WEB-INF/work read)
[11:18:56.134] at
java.security.AccessControlContext.checkPermission(AccessControlContext.java:323)
[11:18:56.134] at
java.security.AccessController.checkPermission(AccessController.java:546)
11:18:56.134] at
java.lang.SecurityManager.checkPermission(SecurityManager.java:532)
[11:18:56.134] at java.lang.SecurityManager.checkRead(SecurityManager.java:871)
[11:18:56.134] at java.io.File.isDirectory(File.java:752)
[11:18:56.134] at com.caucho.vfs.FilePath.isDirectory(FilePath.java:330)
[11:18:56.134] at
com.caucho.loader.SimpleLoader.buildClassPath(SimpleLoader.java:248)
[11:18:56.134] at com.caucho.loader.Loader.buildSourcePath(Loader.java:215)
[11:18:56.134] at
com.caucho.loader.DynamicClassLoader.buildResourcePathSpecificFirst(DynamicClassLoader.java:986)
[11:18:56.134] at
com.caucho.loader.DynamicClassLoader.getResourcePathSpecificFirst(DynamicClassLoader.java:956)
[11:18:56.134] at _jsp._jsp__jsp.init(_jsp__jsp.java:110)
[11:18:56.134] at com.caucho.jsp.JspManager.loadPage(JspManager.java:397)
[11:18:56.134] at com.caucho.jsp.JspManager.compile(JspManager.java:247)
[11:18:56.134] at com.caucho.jsp.JspManager.createPage(JspManager.java:171)
[11:18:56.134] at com.caucho.jsp.JspManager.createPage(JspManager.java:150)
[11:18:56.134] at com.caucho.jsp.PageManager.getPage(PageManager.java:248)
[11:18:56.134] at com.caucho.jsp.PageManager.getPage(PageManager.java:178)
Best Regards,
Vlad
_______________________________________________
resin-interest mailing list
[email protected]
http://maillist.caucho.com/mailman/listinfo/resin-interest
