Renato wrote:
Hi all,
( sorry to post here... in users list nobody answered )
One of my users is asking for the following permission in his context
java.security.AccessControlException: access denied (java.lang.RuntimePermission accessClassInPackage.org.apache.catalina.realm)
He is using the securityfilter.jar library
I'm using Tomcat 4.1.12 with SecurityManager.
Is is safe to grant this permission ?
it is never safe to grant access to an internal catalina permission. You
need to (1) trust your users and then (2) add the following to your
tomcat.policy:
grant codeBase file:${catalina.home}/webapps/{you user webapp name}/- {
};
This will only grant his webapp to accessClassInPackage. But be aware
that you *are* possibly opening a security hole. At you own risk ;-)
-- Jeanfrancois
Thanks
Renato
-
Do you Yahoo!?
HotJobs - Search new jobs daily now
--
To unsubscribe, e-mail: mailto:tomcat-dev-unsubscribe;jakarta.apache.org
For additional commands, e-mail: mailto:tomcat-dev-help;jakarta.apache.org
