Hi,

We have a security policy for Resin running on our servers. This policy causes 
JSP compilation to be blocked for Resin 3.1, although it works fine on Resin 2. 
The issue appears to be caused by Active CodeSource set to null during the 
compilation of JSP page. Did somebody happen to find a workaround for this?

Additional details:

CentOS 4, Resin 3.1.9, jdk1.6.0_17

Java security policy debug for failed  JSP compilation attempt:

policy: evaluation (codesource/principals) passed
policy: evaluate codesources:
        Policy CodeSource: (file:/usr/resin/resin-3.1.9/- <no signer 
certificates>)
        Active CodeSource: (null <no signer certificates>)
policy: evaluation (codesource) failed
policy: evaluate codesources:
        Policy CodeSource: (file:/home/test/- <no signer certificates>)
        Active CodeSource: (null <no signer certificates>)
policy: evaluation (codesource) failed
policy: evaluate codesources:
        Policy CodeSource: (file:/usr/java/jdk1.6.0_17/jre/lib/ext/* <no signer 
certificates>)
        Active CodeSource: (null <no signer certificates>)
policy: evaluation (codesource) failed
policy: evaluate codesources:
        Policy CodeSource: (file:/usr/java/packages/lib/ext/* <no signer 
certificates>)
        Active CodeSource: (null <no signer certificates>)
policy: evaluation (codesource) failed
policy: evaluate codesources:
        Policy CodeSource: (null <no signer certificates>)
        Active CodeSource: (null <no signer certificates>)
policy: evaluate principals:
        Policy Principals: []
        Active Principals: []
policy:   granting (java.lang.RuntimePermission stopThread)
policy:   granting (java.net.SocketPermission localhost:1024- listen,resolve)
policy:   granting (java.util.PropertyPermission java.version read)
policy:   granting (java.util.PropertyPermission java.vendor read)
policy:   granting (java.util.PropertyPermission java.vendor.url read)
policy:   granting (java.util.PropertyPermission java.class.version read)
policy:   granting (java.util.PropertyPermission os.name read)
policy:   granting (java.util.PropertyPermission os.version read)
policy:   granting (java.util.PropertyPermission os.arch read)
policy:   granting (java.util.PropertyPermission file.separator read)
policy:   granting (java.util.PropertyPermission path.separator read)
policy:   granting (java.util.PropertyPermission line.separator read)
policy:   granting (java.util.PropertyPermission java.specification.version 
read)
policy:   granting (java.util.PropertyPermission java.specification.vendor read)
policy:   granting (java.util.PropertyPermission java.specification.name read)
policy:   granting (java.util.PropertyPermission java.vm.specification.version 
read)
policy:   granting (java.util.PropertyPermission java.vm.specification.vendor 
read)
policy:   granting (java.util.PropertyPermission java.vm.specification.name 
read)
policy:   granting (java.util.PropertyPermission java.vm.version read)
policy:   granting (java.util.PropertyPermission java.vm.vendor read)
policy:   granting (java.util.PropertyPermission java.vm.name read)
policy: evaluation (codesource/principals) passed
[11:18:56.134] java.security.AccessControlException: access denied 
(java.io.FilePermission /home/test/public_html/WEB-INF/work read)
[11:18:56.134]  at 
java.security.AccessControlContext.checkPermission(AccessControlContext.java:323)
[11:18:56.134]  at 
java.security.AccessController.checkPermission(AccessController.java:546)
11:18:56.134]  at 
java.lang.SecurityManager.checkPermission(SecurityManager.java:532)
[11:18:56.134]  at java.lang.SecurityManager.checkRead(SecurityManager.java:871)
[11:18:56.134]  at java.io.File.isDirectory(File.java:752)
[11:18:56.134]  at com.caucho.vfs.FilePath.isDirectory(FilePath.java:330)
[11:18:56.134]  at 
com.caucho.loader.SimpleLoader.buildClassPath(SimpleLoader.java:248)
[11:18:56.134]  at com.caucho.loader.Loader.buildSourcePath(Loader.java:215)
[11:18:56.134]  at 
com.caucho.loader.DynamicClassLoader.buildResourcePathSpecificFirst(DynamicClassLoader.java:986)
[11:18:56.134]  at 
com.caucho.loader.DynamicClassLoader.getResourcePathSpecificFirst(DynamicClassLoader.java:956)
[11:18:56.134]  at _jsp._jsp__jsp.init(_jsp__jsp.java:110)
[11:18:56.134]  at com.caucho.jsp.JspManager.loadPage(JspManager.java:397)
[11:18:56.134]  at com.caucho.jsp.JspManager.compile(JspManager.java:247)
[11:18:56.134]  at com.caucho.jsp.JspManager.createPage(JspManager.java:171)
[11:18:56.134]  at com.caucho.jsp.JspManager.createPage(JspManager.java:150)
[11:18:56.134]  at com.caucho.jsp.PageManager.getPage(PageManager.java:248)
[11:18:56.134]  at com.caucho.jsp.PageManager.getPage(PageManager.java:178)


Best Regards,
Vlad


_______________________________________________
resin-interest mailing list
resin-interest@caucho.com
http://maillist.caucho.com/mailman/listinfo/resin-interest

Reply via email to