RE: java.security.AccessControlException: access denied
i was able to get this fixed by replacing the
permission java.io.FilePermission C:\\Program Files\\Apache Group\\Tomcat
4.1\\certs\\-, read;
with
permission java.io.FilePermission ALL FILES, read;
-Original Message-
From: Benjamin Armintor [mailto:[EMAIL PROTECTED]
Sent: Wednesday, August 25, 2004 1:23 PM
To: Shilpa Nalgonda
Subject: RE: java.security.AccessControlException: access denied
That's really curious. I'd try two things:
1) change the file permission to this:
permission java.io.FilePermission ALL FILES, read;
If that works, then there's a problem with the path in the file
permission. If that doesn't work, then...
2) add a java.security.AllPermission permission (for testing only) If
that doesn't work, then this is not the policy file in use. If it does,
then another permission is missing, and the exception is being
misreported.
Again, I'd also try writing a JSP that creates a java.io.File at the
certs location, and calls File#canRead() in a
try{}catch(SecurityException) block to make sure that we're looking at
the right problem.
Benjamin J. Armintor
Operations Systems Specialist
ITS-Systems: Mainframe Group
University of Texas - Austin
tele: (512) 232-6562
email: [EMAIL PROTECTED]
-Original Message-
From: Shilpa Nalgonda [mailto:[EMAIL PROTECTED]
Sent: Tuesday, August 24, 2004 5:36 PM
To: Tomcat Users List
Subject: RE: java.security.AccessControlException: access denied
I wrote a jsp file to read the cert file from the C:/certs dir. Initially i
got the same error,
then i changed the catalina.policy file to include file name
permission java.io.FilePermission C:/certs/f73e89fd.0, read;
and it worked.
But for some reason the verisign authentication still shows the same error.
-Original Message-
From: Shilpa Nalgonda [mailto:[EMAIL PROTECTED]
Sent: Tuesday, August 24, 2004 4:50 PM
To: Tomcat Users List
Subject: RE: java.security.AccessControlException: access denied
I am using -security option to run TC.
I am not quite sure about the syntax of the policy file, i should check
that,
but can u suggest me what is the correct syntax ?
and also i will try to read this file using some test.jsp and let you know.
thanks.
-Original Message-
From: Benjamin Armintor [mailto:[EMAIL PROTECTED]
Sent: Tuesday, August 24, 2004 4:42 PM
To: Tomcat Users List
Subject: RE: java.security.AccessControlException: access denied
You shouldn't need to add it anywhere else: Permissions are cumulative,
so if that file permission is in a grant{} block, all the code running
under the jvm will have it. You mentioned making the changes to
java.policy as well: This should be unnecessary, as the catalina.policy
file is the only one in effect if you start TC with the -security
option. The situation as you're describing it sounds right, but since I
know from experience that the security manager works just fine in 4.1.x,
something is getting left out.
Are you using the -security option to get the security manager, or are
you using some parameters in $JAVA_OPTS?
Are you certain about the syntax of your policy file (although that
usually fails more dramatically than this)?
Can you write a test JSP or servlet that reads a file out of that
directory?
Benjamin J. Armintor
Operations Systems Specialist
ITS-Systems: Mainframe Group
University of Texas - Austin
tele: (512) 232-6562
email: [EMAIL PROTECTED]
-Original Message-
From: Shilpa Nalgonda [mailto:[EMAIL PROTECTED]
Sent: Tuesday, August 24, 2004 3:10 PM
To: Tomcat Users List
Subject: RE: java.security.AccessControlException: access denied
No certs is a directory. shall i add it in other place other than the
general grant block.
-Original Message-
From: Benjamin Armintor [mailto:[EMAIL PROTECTED]
Sent: Tuesday, August 24, 2004 4:09 PM
To: Tomcat Users List
Subject: RE: java.security.AccessControlException: access denied
If certs is a file and not a directory, take off the \\- at the end
of the permission url.
Benjamin J. Armintor
Operations Systems Specialist
ITS-Systems: Mainframe Group
University of Texas - Austin
tele: (512) 232-6562
email: [EMAIL PROTECTED]
-Original Message-
From: Shilpa Nalgonda [mailto:[EMAIL PROTECTED]
Sent: Tuesday, August 24, 2004 2:50 PM
To: Tomcat Users List
Subject: RE: java.security.AccessControlException: access denied
I added the below line in the general grant{} block.
permission java.io.FilePermission C:\\Program Files\\Apache
Group\\Tomcat 4.1\\certs\\-, read;
I tried placing the certs file in other directory too where there is no
whitespace issue. But i still have the problem. can you think of
anything else?
-Original Message-
From: Benjamin Armintor [mailto:[EMAIL PROTECTED]
Sent: Tuesday, August 24, 2004 3:32 PM
To: Tomcat Users List
Subject: RE: java.security.AccessControlException: access denied
Where did you add the permission in the catalina.policy file? In a
general grant{} block? If not, it's possible that your code doesn't
have
tomcat5: Error java.security.AccessControlException: Access denied (mx4j.server.MBeanTrustPermission register): MBean class org.apache.commons.modeler.BaseModelMBean is not trusted for registration
I get a really strange error when tomcat5 is loading our webapps. I have no clue where does it comes from. Please help Aug 24, 2004 5:57:00 PM org.apache.commons.modeler.Registry registerComponent SEVERE: Error registering Catalina:j2eeType=WebModule,name=//localhost/xclin,J2EEApplication=none, J2EEServer=none java.security.AccessControlException: Access denied (mx4j.server.MBeanTrustPermission register): MBean class org.apache.commons.modeler.BaseModelMBean is not trusted for registration at mx4j.server.interceptor.SecurityMBeanServerInterceptor.checkTrustRegistr ation(SecurityMBeanServerInterceptor.java:156) at mx4j.server.interceptor.SecurityMBeanServerInterceptor.registration(Secu rityMBeanServerInterceptor.java:116) at mx4j.server.interceptor.DefaultMBeanServerInterceptor.registration(Defau ltMBeanServerInterceptor.java:113) at mx4j.server.interceptor.DefaultMBeanServerInterceptor.registration(Defau ltMBeanServerInterceptor.java:113) at mx4j.server.interceptor.ContextClassLoaderMBeanServerInterceptor.registr ation(ContextClassLoaderMBeanServerInterceptor.java:108) at mx4j.server.MBeanServerImpl.registerImpl(MBeanServerImpl.java:1051) at mx4j.server.MBeanServerImpl.registerMBeanImpl(MBeanServerImpl.java:1002) at mx4j.server.MBeanServerImpl.registerMBean(MBeanServerImpl.java:978) at org.apache.commons.modeler.Registry.registerComponent(Registry.java:871) at org.apache.catalina.core.StandardContext.registerJMX(StandardContext.jav a:5361) at org.apache.catalina.core.StandardContext.start(StandardContext.java:4379 ) at org.apache.catalina.core.ContainerBase.start(ContainerBase.java:1083) at org.apache.catalina.core.StandardHost.start(StandardHost.java:789) at org.apache.catalina.core.ContainerBase.start(ContainerBase.java:1083) at org.apache.catalina.core.StandardEngine.start(StandardEngine.java:478) at org.apache.catalina.core.StandardService.start(StandardService.java:480) at org.apache.catalina.core.StandardServer.start(StandardServer.java:2313) at org.apache.catalina.startup.Catalina.start(Catalina.java:556) at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.jav a:39) at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessor Impl.java:25) at java.lang.reflect.Method.invoke(Method.java:324) at org.apache.catalina.startup.Bootstrap.start(Bootstrap.java:284) at org.apache.catalina.startup.Bootstrap.main(Bootstrap.java:422) Aug 24, 2004 5:57:00 PM org.apache.catalina.core.StandardContext registerJMX Benoit Marchal Director NovaXon BV Tel: +31 43 356 14 60 Fax: +31 43 356 14 61
java.security.AccessControlException: access denied
I am running Tomcat4.1.30 on windows 2000, with security option turned on. My java application which is using JDK 1.4, connects to the the credit card authorizing company called verisign, and returns the approval authorization code. I have installed the digital certificate on $TOMCAT_HOME\certs directory. There are read permissions on the cert file. But still for some reason the verisign is not able to read the cert file due to the below error. RESULT=-31RESPMSG=The certificate chain did not validate, no local certificate found, java.security.AccessControlException: access denied (java.io.FilePermissi on C:\Program Files\Apache Group\Tomcat 4.1\certs read) However when i run Tomcat server without security, everything is file. Somehow tomcat is restricting the permission to read the cert file. Verisign uses Jsse.jar to do the security authentication. I have modofied both java.policy and catalina.policy to grant permission on the cert file as below. permission java.io.FilePermission C:\\Program Files\\Apache Group\\Tomcat 4.1\\certs\\-, read; But this does not help, is there anything else i should do to the server.xml file... How does the security manager runs in Tomcat4.1 Please help... - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
RE: java.security.AccessControlException: access denied
Where did you add the permission in the catalina.policy file? In a
general grant{} block?
If not, it's possible that your code doesn't have the permission.
It may also be the case that the whitespace in the filepath causes
problems, but someone who actually runs on Windows could tell you better
than I.
Benjamin J. Armintor
Operations Systems Specialist
ITS-Systems: Mainframe Group
University of Texas - Austin
tele: (512) 232-6562
email: [EMAIL PROTECTED]
-Original Message-
From: Shilpa Nalgonda [mailto:[EMAIL PROTECTED]
Sent: Tuesday, August 24, 2004 1:51 PM
To: [EMAIL PROTECTED]
Subject: java.security.AccessControlException: access denied
I am running Tomcat4.1.30 on windows 2000, with security option turned
on. My java application which is using JDK 1.4, connects to the the
credit card authorizing company called verisign, and returns the
approval authorization code. I have installed the digital certificate
on $TOMCAT_HOME\certs directory. There are read permissions on the cert
file. But still for some reason the verisign is not able to read the
cert file due to the below error.
RESULT=-31RESPMSG=The certificate chain did not validate, no local
certificate found, java.security.AccessControlException: access denied
(java.io.FilePermissi on C:\Program Files\Apache Group\Tomcat 4.1\certs
read)
However when i run Tomcat server without security, everything is file.
Somehow tomcat is restricting the permission to read the cert file.
Verisign uses Jsse.jar to do the security authentication.
I have modofied both java.policy and catalina.policy to grant permission
on the cert file as below. permission java.io.FilePermission
C:\\Program Files\\Apache Group\\Tomcat 4.1\\certs\\-, read;
But this does not help, is there anything else i should do to the
server.xml file...
How does the security manager runs in Tomcat4.1
Please help...
-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
RE: java.security.AccessControlException: access denied
I added the below line in the general grant{} block.
permission java.io.FilePermission C:\\Program Files\\Apache Group\\Tomcat
4.1\\certs\\-, read;
I tried placing the certs file in other directory too where there is no
whitespace issue. But i still have the problem.
can you think of anything else?
-Original Message-
From: Benjamin Armintor [mailto:[EMAIL PROTECTED]
Sent: Tuesday, August 24, 2004 3:32 PM
To: Tomcat Users List
Subject: RE: java.security.AccessControlException: access denied
Where did you add the permission in the catalina.policy file? In a
general grant{} block?
If not, it's possible that your code doesn't have the permission.
It may also be the case that the whitespace in the filepath causes
problems, but someone who actually runs on Windows could tell you better
than I.
Benjamin J. Armintor
Operations Systems Specialist
ITS-Systems: Mainframe Group
University of Texas - Austin
tele: (512) 232-6562
email: [EMAIL PROTECTED]
-Original Message-
From: Shilpa Nalgonda [mailto:[EMAIL PROTECTED]
Sent: Tuesday, August 24, 2004 1:51 PM
To: [EMAIL PROTECTED]
Subject: java.security.AccessControlException: access denied
I am running Tomcat4.1.30 on windows 2000, with security option turned
on. My java application which is using JDK 1.4, connects to the the
credit card authorizing company called verisign, and returns the
approval authorization code. I have installed the digital certificate
on $TOMCAT_HOME\certs directory. There are read permissions on the cert
file. But still for some reason the verisign is not able to read the
cert file due to the below error.
RESULT=-31RESPMSG=The certificate chain did not validate, no local
certificate found, java.security.AccessControlException: access denied
(java.io.FilePermissi on C:\Program Files\Apache Group\Tomcat 4.1\certs
read)
However when i run Tomcat server without security, everything is file.
Somehow tomcat is restricting the permission to read the cert file.
Verisign uses Jsse.jar to do the security authentication.
I have modofied both java.policy and catalina.policy to grant permission
on the cert file as below. permission java.io.FilePermission
C:\\Program Files\\Apache Group\\Tomcat 4.1\\certs\\-, read;
But this does not help, is there anything else i should do to the
server.xml file...
How does the security manager runs in Tomcat4.1
Please help...
-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
RE: java.security.AccessControlException: access denied
If certs is a file and not a directory, take off the \\- at the end
of the permission url.
Benjamin J. Armintor
Operations Systems Specialist
ITS-Systems: Mainframe Group
University of Texas - Austin
tele: (512) 232-6562
email: [EMAIL PROTECTED]
-Original Message-
From: Shilpa Nalgonda [mailto:[EMAIL PROTECTED]
Sent: Tuesday, August 24, 2004 2:50 PM
To: Tomcat Users List
Subject: RE: java.security.AccessControlException: access denied
I added the below line in the general grant{} block.
permission java.io.FilePermission C:\\Program Files\\Apache
Group\\Tomcat 4.1\\certs\\-, read;
I tried placing the certs file in other directory too where there is no
whitespace issue. But i still have the problem. can you think of
anything else?
-Original Message-
From: Benjamin Armintor [mailto:[EMAIL PROTECTED]
Sent: Tuesday, August 24, 2004 3:32 PM
To: Tomcat Users List
Subject: RE: java.security.AccessControlException: access denied
Where did you add the permission in the catalina.policy file? In a
general grant{} block? If not, it's possible that your code doesn't
have the permission.
It may also be the case that the whitespace in the filepath causes
problems, but someone who actually runs on Windows could tell you better
than I.
Benjamin J. Armintor
Operations Systems Specialist
ITS-Systems: Mainframe Group
University of Texas - Austin
tele: (512) 232-6562
email: [EMAIL PROTECTED]
-Original Message-
From: Shilpa Nalgonda [mailto:[EMAIL PROTECTED]
Sent: Tuesday, August 24, 2004 1:51 PM
To: [EMAIL PROTECTED]
Subject: java.security.AccessControlException: access denied
I am running Tomcat4.1.30 on windows 2000, with security option turned
on. My java application which is using JDK 1.4, connects to the the
credit card authorizing company called verisign, and returns the
approval authorization code. I have installed the digital certificate on
$TOMCAT_HOME\certs directory. There are read permissions on the cert
file. But still for some reason the verisign is not able to read the
cert file due to the below error.
RESULT=-31RESPMSG=The certificate chain did not validate, no local
certificate found, java.security.AccessControlException: access denied
(java.io.FilePermissi on C:\Program Files\Apache Group\Tomcat 4.1\certs
read)
However when i run Tomcat server without security, everything is file.
Somehow tomcat is restricting the permission to read the cert file.
Verisign uses Jsse.jar to do the security authentication.
I have modofied both java.policy and catalina.policy to grant permission
on the cert file as below. permission java.io.FilePermission
C:\\Program Files\\Apache Group\\Tomcat 4.1\\certs\\-, read;
But this does not help, is there anything else i should do to the
server.xml file...
How does the security manager runs in Tomcat4.1
Please help...
-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
RE: java.security.AccessControlException: access denied
No certs is a directory. shall i add it in other place other than the
general grant block.
-Original Message-
From: Benjamin Armintor [mailto:[EMAIL PROTECTED]
Sent: Tuesday, August 24, 2004 4:09 PM
To: Tomcat Users List
Subject: RE: java.security.AccessControlException: access denied
If certs is a file and not a directory, take off the \\- at the end
of the permission url.
Benjamin J. Armintor
Operations Systems Specialist
ITS-Systems: Mainframe Group
University of Texas - Austin
tele: (512) 232-6562
email: [EMAIL PROTECTED]
-Original Message-
From: Shilpa Nalgonda [mailto:[EMAIL PROTECTED]
Sent: Tuesday, August 24, 2004 2:50 PM
To: Tomcat Users List
Subject: RE: java.security.AccessControlException: access denied
I added the below line in the general grant{} block.
permission java.io.FilePermission C:\\Program Files\\Apache
Group\\Tomcat 4.1\\certs\\-, read;
I tried placing the certs file in other directory too where there is no
whitespace issue. But i still have the problem. can you think of
anything else?
-Original Message-
From: Benjamin Armintor [mailto:[EMAIL PROTECTED]
Sent: Tuesday, August 24, 2004 3:32 PM
To: Tomcat Users List
Subject: RE: java.security.AccessControlException: access denied
Where did you add the permission in the catalina.policy file? In a
general grant{} block? If not, it's possible that your code doesn't
have the permission.
It may also be the case that the whitespace in the filepath causes
problems, but someone who actually runs on Windows could tell you better
than I.
Benjamin J. Armintor
Operations Systems Specialist
ITS-Systems: Mainframe Group
University of Texas - Austin
tele: (512) 232-6562
email: [EMAIL PROTECTED]
-Original Message-
From: Shilpa Nalgonda [mailto:[EMAIL PROTECTED]
Sent: Tuesday, August 24, 2004 1:51 PM
To: [EMAIL PROTECTED]
Subject: java.security.AccessControlException: access denied
I am running Tomcat4.1.30 on windows 2000, with security option turned
on. My java application which is using JDK 1.4, connects to the the
credit card authorizing company called verisign, and returns the
approval authorization code. I have installed the digital certificate on
$TOMCAT_HOME\certs directory. There are read permissions on the cert
file. But still for some reason the verisign is not able to read the
cert file due to the below error.
RESULT=-31RESPMSG=The certificate chain did not validate, no local
certificate found, java.security.AccessControlException: access denied
(java.io.FilePermissi on C:\Program Files\Apache Group\Tomcat 4.1\certs
read)
However when i run Tomcat server without security, everything is file.
Somehow tomcat is restricting the permission to read the cert file.
Verisign uses Jsse.jar to do the security authentication.
I have modofied both java.policy and catalina.policy to grant permission
on the cert file as below. permission java.io.FilePermission
C:\\Program Files\\Apache Group\\Tomcat 4.1\\certs\\-, read;
But this does not help, is there anything else i should do to the
server.xml file...
How does the security manager runs in Tomcat4.1
Please help...
-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
RE: java.security.AccessControlException: access denied
You shouldn't need to add it anywhere else: Permissions are cumulative,
so if that file permission is in a grant{} block, all the code running
under the jvm will have it. You mentioned making the changes to
java.policy as well: This should be unnecessary, as the catalina.policy
file is the only one in effect if you start TC with the -security
option. The situation as you're describing it sounds right, but since I
know from experience that the security manager works just fine in 4.1.x,
something is getting left out.
Are you using the -security option to get the security manager, or are
you using some parameters in $JAVA_OPTS?
Are you certain about the syntax of your policy file (although that
usually fails more dramatically than this)?
Can you write a test JSP or servlet that reads a file out of that
directory?
Benjamin J. Armintor
Operations Systems Specialist
ITS-Systems: Mainframe Group
University of Texas - Austin
tele: (512) 232-6562
email: [EMAIL PROTECTED]
-Original Message-
From: Shilpa Nalgonda [mailto:[EMAIL PROTECTED]
Sent: Tuesday, August 24, 2004 3:10 PM
To: Tomcat Users List
Subject: RE: java.security.AccessControlException: access denied
No certs is a directory. shall i add it in other place other than the
general grant block.
-Original Message-
From: Benjamin Armintor [mailto:[EMAIL PROTECTED]
Sent: Tuesday, August 24, 2004 4:09 PM
To: Tomcat Users List
Subject: RE: java.security.AccessControlException: access denied
If certs is a file and not a directory, take off the \\- at the end
of the permission url.
Benjamin J. Armintor
Operations Systems Specialist
ITS-Systems: Mainframe Group
University of Texas - Austin
tele: (512) 232-6562
email: [EMAIL PROTECTED]
-Original Message-
From: Shilpa Nalgonda [mailto:[EMAIL PROTECTED]
Sent: Tuesday, August 24, 2004 2:50 PM
To: Tomcat Users List
Subject: RE: java.security.AccessControlException: access denied
I added the below line in the general grant{} block.
permission java.io.FilePermission C:\\Program Files\\Apache
Group\\Tomcat 4.1\\certs\\-, read;
I tried placing the certs file in other directory too where there is no
whitespace issue. But i still have the problem. can you think of
anything else?
-Original Message-
From: Benjamin Armintor [mailto:[EMAIL PROTECTED]
Sent: Tuesday, August 24, 2004 3:32 PM
To: Tomcat Users List
Subject: RE: java.security.AccessControlException: access denied
Where did you add the permission in the catalina.policy file? In a
general grant{} block? If not, it's possible that your code doesn't
have the permission.
It may also be the case that the whitespace in the filepath causes
problems, but someone who actually runs on Windows could tell you better
than I.
Benjamin J. Armintor
Operations Systems Specialist
ITS-Systems: Mainframe Group
University of Texas - Austin
tele: (512) 232-6562
email: [EMAIL PROTECTED]
-Original Message-
From: Shilpa Nalgonda [mailto:[EMAIL PROTECTED]
Sent: Tuesday, August 24, 2004 1:51 PM
To: [EMAIL PROTECTED]
Subject: java.security.AccessControlException: access denied
I am running Tomcat4.1.30 on windows 2000, with security option turned
on. My java application which is using JDK 1.4, connects to the the
credit card authorizing company called verisign, and returns the
approval authorization code. I have installed the digital certificate on
$TOMCAT_HOME\certs directory. There are read permissions on the cert
file. But still for some reason the verisign is not able to read the
cert file due to the below error.
RESULT=-31RESPMSG=The certificate chain did not validate, no local
certificate found, java.security.AccessControlException: access denied
(java.io.FilePermissi on C:\Program Files\Apache Group\Tomcat 4.1\certs
read)
However when i run Tomcat server without security, everything is file.
Somehow tomcat is restricting the permission to read the cert file.
Verisign uses Jsse.jar to do the security authentication.
I have modofied both java.policy and catalina.policy to grant permission
on the cert file as below. permission java.io.FilePermission
C:\\Program Files\\Apache Group\\Tomcat 4.1\\certs\\-, read;
But this does not help, is there anything else i should do to the
server.xml file...
How does the security manager runs in Tomcat4.1
Please help...
-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED
RE: java.security.AccessControlException: access denied
I am using -security option to run TC.
I am not quite sure about the syntax of the policy file, i should check
that,
but can u suggest me what is the correct syntax ?
and also i will try to read this file using some test.jsp and let you know.
thanks.
-Original Message-
From: Benjamin Armintor [mailto:[EMAIL PROTECTED]
Sent: Tuesday, August 24, 2004 4:42 PM
To: Tomcat Users List
Subject: RE: java.security.AccessControlException: access denied
You shouldn't need to add it anywhere else: Permissions are cumulative,
so if that file permission is in a grant{} block, all the code running
under the jvm will have it. You mentioned making the changes to
java.policy as well: This should be unnecessary, as the catalina.policy
file is the only one in effect if you start TC with the -security
option. The situation as you're describing it sounds right, but since I
know from experience that the security manager works just fine in 4.1.x,
something is getting left out.
Are you using the -security option to get the security manager, or are
you using some parameters in $JAVA_OPTS?
Are you certain about the syntax of your policy file (although that
usually fails more dramatically than this)?
Can you write a test JSP or servlet that reads a file out of that
directory?
Benjamin J. Armintor
Operations Systems Specialist
ITS-Systems: Mainframe Group
University of Texas - Austin
tele: (512) 232-6562
email: [EMAIL PROTECTED]
-Original Message-
From: Shilpa Nalgonda [mailto:[EMAIL PROTECTED]
Sent: Tuesday, August 24, 2004 3:10 PM
To: Tomcat Users List
Subject: RE: java.security.AccessControlException: access denied
No certs is a directory. shall i add it in other place other than the
general grant block.
-Original Message-
From: Benjamin Armintor [mailto:[EMAIL PROTECTED]
Sent: Tuesday, August 24, 2004 4:09 PM
To: Tomcat Users List
Subject: RE: java.security.AccessControlException: access denied
If certs is a file and not a directory, take off the \\- at the end
of the permission url.
Benjamin J. Armintor
Operations Systems Specialist
ITS-Systems: Mainframe Group
University of Texas - Austin
tele: (512) 232-6562
email: [EMAIL PROTECTED]
-Original Message-
From: Shilpa Nalgonda [mailto:[EMAIL PROTECTED]
Sent: Tuesday, August 24, 2004 2:50 PM
To: Tomcat Users List
Subject: RE: java.security.AccessControlException: access denied
I added the below line in the general grant{} block.
permission java.io.FilePermission C:\\Program Files\\Apache
Group\\Tomcat 4.1\\certs\\-, read;
I tried placing the certs file in other directory too where there is no
whitespace issue. But i still have the problem. can you think of
anything else?
-Original Message-
From: Benjamin Armintor [mailto:[EMAIL PROTECTED]
Sent: Tuesday, August 24, 2004 3:32 PM
To: Tomcat Users List
Subject: RE: java.security.AccessControlException: access denied
Where did you add the permission in the catalina.policy file? In a
general grant{} block? If not, it's possible that your code doesn't
have the permission.
It may also be the case that the whitespace in the filepath causes
problems, but someone who actually runs on Windows could tell you better
than I.
Benjamin J. Armintor
Operations Systems Specialist
ITS-Systems: Mainframe Group
University of Texas - Austin
tele: (512) 232-6562
email: [EMAIL PROTECTED]
-Original Message-
From: Shilpa Nalgonda [mailto:[EMAIL PROTECTED]
Sent: Tuesday, August 24, 2004 1:51 PM
To: [EMAIL PROTECTED]
Subject: java.security.AccessControlException: access denied
I am running Tomcat4.1.30 on windows 2000, with security option turned
on. My java application which is using JDK 1.4, connects to the the
credit card authorizing company called verisign, and returns the
approval authorization code. I have installed the digital certificate on
$TOMCAT_HOME\certs directory. There are read permissions on the cert
file. But still for some reason the verisign is not able to read the
cert file due to the below error.
RESULT=-31RESPMSG=The certificate chain did not validate, no local
certificate found, java.security.AccessControlException: access denied
(java.io.FilePermissi on C:\Program Files\Apache Group\Tomcat 4.1\certs
read)
However when i run Tomcat server without security, everything is file.
Somehow tomcat is restricting the permission to read the cert file.
Verisign uses Jsse.jar to do the security authentication.
I have modofied both java.policy and catalina.policy to grant permission
on the cert file as below. permission java.io.FilePermission
C:\\Program Files\\Apache Group\\Tomcat 4.1\\certs\\-, read;
But this does not help, is there anything else i should do to the
server.xml file...
How does the security manager runs in Tomcat4.1
Please help...
-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED
RE: java.security.AccessControlException: access denied
I wrote a jsp file to read the cert file from the C:/certs dir. Initially i
got the same error,
then i changed the catalina.policy file to include file name
permission java.io.FilePermission C:/certs/f73e89fd.0, read;
and it worked.
But for some reason the verisign authentication still shows the same error.
-Original Message-
From: Shilpa Nalgonda [mailto:[EMAIL PROTECTED]
Sent: Tuesday, August 24, 2004 4:50 PM
To: Tomcat Users List
Subject: RE: java.security.AccessControlException: access denied
I am using -security option to run TC.
I am not quite sure about the syntax of the policy file, i should check
that,
but can u suggest me what is the correct syntax ?
and also i will try to read this file using some test.jsp and let you know.
thanks.
-Original Message-
From: Benjamin Armintor [mailto:[EMAIL PROTECTED]
Sent: Tuesday, August 24, 2004 4:42 PM
To: Tomcat Users List
Subject: RE: java.security.AccessControlException: access denied
You shouldn't need to add it anywhere else: Permissions are cumulative,
so if that file permission is in a grant{} block, all the code running
under the jvm will have it. You mentioned making the changes to
java.policy as well: This should be unnecessary, as the catalina.policy
file is the only one in effect if you start TC with the -security
option. The situation as you're describing it sounds right, but since I
know from experience that the security manager works just fine in 4.1.x,
something is getting left out.
Are you using the -security option to get the security manager, or are
you using some parameters in $JAVA_OPTS?
Are you certain about the syntax of your policy file (although that
usually fails more dramatically than this)?
Can you write a test JSP or servlet that reads a file out of that
directory?
Benjamin J. Armintor
Operations Systems Specialist
ITS-Systems: Mainframe Group
University of Texas - Austin
tele: (512) 232-6562
email: [EMAIL PROTECTED]
-Original Message-
From: Shilpa Nalgonda [mailto:[EMAIL PROTECTED]
Sent: Tuesday, August 24, 2004 3:10 PM
To: Tomcat Users List
Subject: RE: java.security.AccessControlException: access denied
No certs is a directory. shall i add it in other place other than the
general grant block.
-Original Message-
From: Benjamin Armintor [mailto:[EMAIL PROTECTED]
Sent: Tuesday, August 24, 2004 4:09 PM
To: Tomcat Users List
Subject: RE: java.security.AccessControlException: access denied
If certs is a file and not a directory, take off the \\- at the end
of the permission url.
Benjamin J. Armintor
Operations Systems Specialist
ITS-Systems: Mainframe Group
University of Texas - Austin
tele: (512) 232-6562
email: [EMAIL PROTECTED]
-Original Message-
From: Shilpa Nalgonda [mailto:[EMAIL PROTECTED]
Sent: Tuesday, August 24, 2004 2:50 PM
To: Tomcat Users List
Subject: RE: java.security.AccessControlException: access denied
I added the below line in the general grant{} block.
permission java.io.FilePermission C:\\Program Files\\Apache
Group\\Tomcat 4.1\\certs\\-, read;
I tried placing the certs file in other directory too where there is no
whitespace issue. But i still have the problem. can you think of
anything else?
-Original Message-
From: Benjamin Armintor [mailto:[EMAIL PROTECTED]
Sent: Tuesday, August 24, 2004 3:32 PM
To: Tomcat Users List
Subject: RE: java.security.AccessControlException: access denied
Where did you add the permission in the catalina.policy file? In a
general grant{} block? If not, it's possible that your code doesn't
have the permission.
It may also be the case that the whitespace in the filepath causes
problems, but someone who actually runs on Windows could tell you better
than I.
Benjamin J. Armintor
Operations Systems Specialist
ITS-Systems: Mainframe Group
University of Texas - Austin
tele: (512) 232-6562
email: [EMAIL PROTECTED]
-Original Message-
From: Shilpa Nalgonda [mailto:[EMAIL PROTECTED]
Sent: Tuesday, August 24, 2004 1:51 PM
To: [EMAIL PROTECTED]
Subject: java.security.AccessControlException: access denied
I am running Tomcat4.1.30 on windows 2000, with security option turned
on. My java application which is using JDK 1.4, connects to the the
credit card authorizing company called verisign, and returns the
approval authorization code. I have installed the digital certificate on
$TOMCAT_HOME\certs directory. There are read permissions on the cert
file. But still for some reason the verisign is not able to read the
cert file due to the below error.
RESULT=-31RESPMSG=The certificate chain did not validate, no local
certificate found, java.security.AccessControlException: access denied
(java.io.FilePermissi on C:\Program Files\Apache Group\Tomcat 4.1\certs
read)
However when i run Tomcat server without security, everything is file.
Somehow tomcat is restricting the permission to read the cert file.
Verisign uses Jsse.jar to do the security authentication.
I have modofied both java.policy
