I'm experiencing this same issue. I've got Tomcat 5.0.27, Apache 2.0.46,
and jk2 version 2.0.4. Has there been any solution? It occurs primarily
under heavy load.
-Joshua Szmajda
We've got a similar issue, though this in on Linux and using channelUnix/JNI instead
of normal tcp channelSocket.
I'm experiencing this same issue. I've got Tomcat 5.0.27, Apache 2.0.46,
and jk2 version 2.0.4. Has there been any solution? It occurs primarily
under heavy load.
-Joshua Szmajda
We've got a similar issue, though this in on Linux and using channelUnix/JNI instead
of normal tcp channelSocket.
Hi !
On Tue, 27 Jan 2004 12:14:16 -0500, Jeanfrancois Arcand [EMAIL PROTECTED] escreveu:
De: Jeanfrancois Arcand [EMAIL PROTECTED]
Data: Tue, 27 Jan 2004 12:14:16 -0500
Para: Tomcat Users List [EMAIL PROTECTED]
Assunto: Re: Tomcat + Hibernate2 + Security Manager
Webmaster wrote
Webmaster wrote:
Hi !
On Tue, 27 Jan 2004 12:14:16 -0500, Jeanfrancois Arcand [EMAIL PROTECTED] escreveu:
De: Jeanfrancois Arcand [EMAIL PROTECTED]
Data: Tue, 27 Jan 2004 12:14:16 -0500
Para: Tomcat Users List [EMAIL PROTECTED]
Assunto: Re: Tomcat + Hibernate2 + Security Manager
Hi all,
I know this is a little bit out of topic, but the general concept is useful for
everybody.
I run tomcat with security manager for a dozen users. Recently, people started to use
the hibernate 2 which requires some funky permissions.
I had to put these lines in the 'global' permission
Howdy,
I know this is a little bit out of topic, but the general concept is
useful
for everybody.
I agree this is useful for everyone. Posting off-topic is fine as long
as you mark it by placing [OFF-TOPIC] at the beginning of the subject
line.
Note: I DID test using a codebase like:
grant
, 27 Jan 2004 12:04:21 -0500, Shapira, Yoav [EMAIL PROTECTED] escreveu:
De: Shapira, Yoav [EMAIL PROTECTED]
Data: Tue, 27 Jan 2004 12:04:21 -0500
Para: Tomcat Users List [EMAIL PROTECTED]
Assunto: RE: Tomcat + Hibernate2 + Security Manager
Howdy,
I know this is a little bit out of topic
Howdy,
Could you give an example of how a malicious code could affect the
security
of the JVM ?
You mean in general? How about System.exit()?
Usually I have a codebase policy like this for each user:
permission java.io.FilePermission /home/client/public_html/-,
read,write,delete;
I guess
Webmaster wrote:
Hi all,
I know this is a little bit out of topic, but the general concept is useful for everybody.
I run tomcat with security manager for a dozen users. Recently, people started to use the hibernate 2 which requires some funky permissions.
I had to put these lines
FYI: This has also been discussed here:
http://freeroller.net/page/jcarreira/20040126
-Original Message-
From: Shapira, Yoav [mailto:[EMAIL PROTECTED]
Sent: Tuesday, January 27, 2004 11:04 AM
To: Tomcat Users List
Subject: RE: Tomcat + Hibernate2 + Security Manager
Howdy
13:02
An: Tomcat Users List
Betreff: Re: Tomcat 4.1.24 + Security Manager + weird Exceptions
- man ulimit
- Google (java Too many open files solaris)
-Tim
Haug Thomas wrote:
Hi everybody,
I am experiencing some strange behaviour with Tomcat 4.1.24
running
We've got a similar issue, though this in on Linux and using channelUnix/JNI instead
of normal tcp channelSocket.
We're using Apache2/mod_jk2 (built from tomcat-connectors-1.1M1).
On heavy load, there are over 3000 sockets open by one Tomcat/JVM, they don't seem to
go down again too while
. It this a known bug?
Regards,
Thomas
-Ursprüngliche Nachricht-
Von: Tim Funk [mailto:[EMAIL PROTECTED]
Gesendet am: Dienstag, 15. Juli 2003 13:02
An: Tomcat Users List
Betreff: Re: Tomcat 4.1.24 + Security Manager + weird Exceptions
- man ulimit
- Google (java Too many open files solaris
Hi everybody,
I am experiencing some strange behaviour with Tomcat 4.1.24 running with a
SecurityManager. The system is running on Solaris 8 using Jdk 1.4.1_02
and/or 1.4.2
Our software seems to use up all available file descriptors. If then tomcat
tries to accept a new request the IO system
- man ulimit
- Google (java Too many open files solaris)
-Tim
Haug Thomas wrote:
Hi everybody,
I am experiencing some strange behaviour with Tomcat 4.1.24 running with a
SecurityManager. The system is running on Solaris 8 using Jdk 1.4.1_02
and/or 1.4.2
Our software seems to use up all available
Don't know if this mailing list filters my post, try it again.
I am frustrated. I have a webapp developed by struts. If I start Tomcat
without security manager, everything works fine. I can access
https://myhost.mydomain.com/myapp/mylink.do?myparam=myvalue.
After I start Tomcat -security
without security manager, everything works fine. I can access
https://myhost.mydomain.com/myapp/mylink.do?myparam=myvalue.
After I start Tomcat -security and access the above link, I got the
following error. There is an index.jsp. When some one type
https://myhost.mydomain.com/myapp, this index.jsp
java.security.AllPermission;
};
But I am wondering if this AllPermission is secure enough or I am opening
more holes.
-Original Message-
From: John Turner [mailto:[EMAIL PROTECTED]
Sent: June 23, 2003 2:34 PM
To: Tomcat Users List
Subject: Re: [REPOST]Tomcat with security manager
On Tue, 24 Jun 2003 02:41, Phillip Qin wrote:
I solved this problem by including a grant entry
grant codeBase file:${catalina.home}/webapps/myapp/WEB-INF/struts.jar {
permission java.security.AllPermission;
};
Why isn't it in WEB-INF/lib ? That is probably why you had to add that grant
Typo, it is WEB-INF/lib.
When there is no grant entry for this jar, tomcat throws
NoClassDefFoundError.
-Original Message-
From: Jason Bainbridge [mailto:[EMAIL PROTECTED]
Sent: June 23, 2003 2:44 PM
To: Tomcat Users List
Subject: Re: [REPOST]Tomcat with security manager
Good eye, Jason.
John
On Tue, 24 Jun 2003 02:43:59 +0800, Jason Bainbridge [EMAIL PROTECTED]
wrote:
On Tue, 24 Jun 2003 02:41, Phillip Qin wrote:
I solved this problem by including a grant entry
grant codeBase file:${catalina.home}/webapps/myapp/WEB-INF/struts.jar
{
permission
[mailto:[EMAIL PROTECTED]
Sent: June 23, 2003 2:44 PM
To: Tomcat Users List
Subject: Re: [REPOST]Tomcat with security manager + NoClassDefFoundError
On Tue, 24 Jun 2003 02:41, Phillip Qin wrote:
I solved this problem by including a grant entry
grant codeBase file:${catalina.home}/webapps
Bainbridge [mailto:[EMAIL PROTECTED]
Sent: Monday, June 23, 2003 2:53 PM
To: Tomcat Users List
Subject: Re: [REPOST]Tomcat with security manager + NoClassDefFoundError
What other struts.jar files have you got laying around? Have you maybe got
one
in common/lib? I'm not sure why setting a grant like
with security manager + NoClassDefFoundError
On Tue, 24 Jun 2003 02:41, Phillip Qin wrote:
I solved this problem by including a grant entry
grant codeBase file:${catalina.home}/webapps/myapp/WEB-INF/struts.jar
{
permission java.security.AllPermission;
};
Why isn't it in WEB-INF/lib
]
Sent: June 23, 2003 3:01 PM
To: Tomcat Users List
Subject: Re: [REPOST]Tomcat with security manager + NoClassDefFoundError
NoClassDefFound is not the same as ClassNotFound...NoClassDefFound
typically means Tomcat is confused about which class you want it to use. I
agree with Jason, I think you
Howdy,
Is your catalina.policy the default or modified?
Yoav Shapira
Millennium ChemInformatics
-Original Message-
From: Phillip Qin [mailto:[EMAIL PROTECTED]
Sent: Monday, June 23, 2003 3:10 PM
To: 'Tomcat Users List'
Subject: RE: [REPOST]Tomcat with security manager
[mailto:[EMAIL PROTECTED]
Sent: June 23, 2003 2:53 PM
To: Tomcat Users List
Subject: Re: [REPOST]Tomcat with security manager + NoClassDefFoundError
What other struts.jar files have you got laying around? Have you maybe got
one
in common/lib? I'm not sure why setting a grant like that would make
2:53 PM
To: Tomcat Users List
Subject: Re: [REPOST]Tomcat with security manager + NoClassDefFoundError
What other struts.jar files have you got laying around? Have you maybe got
one
in common/lib? I'm not sure why setting a grant like that would make a
NoClassDefFoundError go away, maybe
:[EMAIL PROTECTED]
Sent: June 23, 2003 2:53 PM
To: Tomcat Users List
Subject: Re: [REPOST]Tomcat with security manager + NoClassDefFoundError
What other struts.jar files have you got laying around? Have you maybe got
one
in common/lib? I'm not sure why setting a grant like that would make
Bainbridge [mailto:[EMAIL PROTECTED]
Sent: June 23, 2003 3:48 PM
To: Tomcat Users List
Subject: Re: [REPOST]Tomcat with security manager + NoClassDefFoundError
Was just doing a bit of reading:
http://jakarta.apache.org/struts/userGuide/installation.html
Running Struts Applications Under A Security
?... first, I got this error.
I looked into catalina.out, there was no permission exception.
-Original Message-
From: Jean-Francois Arcand [mailto:[EMAIL PROTECTED]
Sent: June 23, 2003 4:42 PM
To: Tomcat Users List
Subject: Re: [REPOST]Tomcat with security manager + NoClassDefFoundError
Hi
;
};
** End of catalina.policy
**
- Original Message -
From: Jeanfrancois Arcand [EMAIL PROTECTED]
To: Tomcat Users List [EMAIL PROTECTED]
Sent: Thursday, February 06, 2003 7:34 AM
Subject: Re: Tomcat with Security manager
Can you post your catalina.policy file
with appropriate File IO permissions set for the directory to which I was trying to save the file.
I proceeded to add the required grant directive in the catalina.policy file, and when I started Tomcat with the security manager enabledit wouldn't start! I checked catalina.out and saw that Tomcat
directive in the catalina.policy
file, and when I started Tomcat with the security manager enabledit
wouldn't start! I checked catalina.out and saw that Tomcat is not able to
read server.xml. Here is the stacktrace I found in catalina.out
Catalina.start
, 2003 7:34 AM
Subject: Re: Tomcat with Security manager
Can you post your catalina.policy file? Your file should contains that
permission:
// These permissions apply to the server startup code
grant codeBase file:${catalina.home}/bin/bootstrap.jar {
permission java.security.AllPermission
to be enabled
with appropriate File IO permissions set for the directory to which I was trying to
save the file.
I proceeded to add the required grant directive in the catalina.policy file, and
when I started Tomcat with the security manager enabledit wouldn't start! I
checked catalina.out
)Class.forName(DriverName).newInstance(); // This is a
part of opening a connection to the mysql-db
To get that straight: Everything runs fine without security manager - But
who wants to run a root-tomcat without a security manager ;-)
Could anyone give me a clue where we could look at? After one
* J.P.Jarolim [EMAIL PROTECTED] [1217 11:17]:
java.security.AccessControlException: access denied (java.io.FilePermission
/home/.sites/143/site40/web/test.txt read)
We looked into the tomcat docs how to setup the security manager correctly
and looked into the tomcat.policy file
in the
(); // This is a
part of opening a connection to the mysql-db
To get that straight: Everything runs fine without security manager - But
who wants to run a root-tomcat without a security manager ;-)
Could anyone give me a clue where we could look at? After one week of
googling we're somehow out of ideas
Hi - thanks for the answer;
I found the following line in the description for java.io.FilePermission
indicating that i could have a serious problem in understanding english
(nosarkasm):
A pathname that ends with /- indicates (recursively) all files and
subdirectories contained in that directory.
Hi all.
We solved the problem with tomcat ignoring all grants for individual user
sites. It was a pure RTFM.
For every user site, a unique context is created on startup (as seen in
tomcat.log on debug level)
There is a outcommented line in the server.xml which has to be activated:
!--
Richard Smith wrote:
Hi All,
Just wondering if you could help me clarify a few questions I have about
tomcat
and catalina.policy. Im running tomcat 4.0.4 (w/ security manager) with
mod_jk
on solaris with about 300+ users, all of whom can deploy jsp/servlets
from their public_html
Unix permissions do take precedence over java security policy.
Regards,
Rossen
-Original Message-
From: Richard Smith [mailto:[EMAIL PROTECTED]]
Sent: Sunday, August 18, 2002 11:12 PM
To: [EMAIL PROTECTED]
Subject: tomcat/unix security manager questions
Hi All,
Just
On Tue, 2002-08-20 at 03:13, Rossen Raykov wrote:
Unix permissions do take precedence over java security policy.
With a logical AND. If unix permissions say you do have write access,
but the java security policy says you do not, then you do not have write
access, and vice versa. This, of
Hi All,
Just wondering if you could help me clarify a few questions I have about
tomcat
and catalina.policy. Im running tomcat 4.0.4 (w/ security manager) with
mod_jk
on solaris with about 300+ users, all of whom can deploy jsp/servlets from
their public_html directory.
A user requirement
I'm developing a webapp with tomcat and struts and must use a
security manager in tomcat (the -security startup arg). I have the
following problem:
Tomcat has and uses commons-logging.jar
Struts has and uses commons-logging.jar
The two jar files are identical. Normally, one is supposed
i have an application in servlet and
jsp
in directory format
in /myapp
i have put the /myapp in
c:\sites\myapp
i have created a host int server.xml file
like
Host name="10.0.0.1"
Context
path=""
docBase="c:\sites\myapp" //Host
now i start the tomcat in secure mode by giving
command
47 matches
Mail list logo