Hi there! I'm using Tomcat 5.5.9 and JDK 1.5.0 and I was probbing to implement a JAAS Authentication mechanism for may webapps. I followed some tutorials and the Tomcat 5.5 JAASRealm configuration and I did it in that way.
I updated the "java.policy" file with the next lines: grant codeBase "file:/usr/local/java/server/tomcat/*" { permission java.security.AllPermission; }; Now I try to start tomcat with the "-security" flag and I get long stack trace of exceptions, this is how it begins: WARN - MethodUtils.getMatchingAccessibleMethod(583) | Cannot use JVM pre-1.4access bug workaround die to restrictive security manager. Sep 6, 2005 7:16:55 PM org.apache.catalina.core.StandardContext start SEVERE: Error filterStart Sep 6, 2005 7:16:55 PM org.apache.catalina.core.StandardContext start SEVERE: Context [/balancer] startup failed due to previous errors Sep 6, 2005 7:16:56 PM org.apache.catalina.core.StandardHost start INFO: XML validation disabled Sep 6, 2005 7:16:56 PM org.apache.catalina.core.StandardPipelineregisterValve INFO: Can't register valve [EMAIL PROTECTED] org.apache.commons.logging.LogConfigurationException: java.lang.ExceptionInInitializerError (Caused by java.lang.ExceptionInInitializerError) at org.apache.commons.logging.impl.LogFactoryImpl.newInstance( LogFactoryImpl.java:538) at org.apache.commons.logging.impl.LogFactoryImpl.getInstance( LogFactoryImpl.java:235) at org.apache.commons.logging.LogFactory.getLog(LogFactory.java:370) at org.apache.catalina.core.ContainerBase.getLogger(ContainerBase.java:380) at org.apache.catalina.valves.ValveBase.createObjectName(ValveBase.java:242) at org.apache.catalina.core.StandardPipeline.registerValve( StandardPipeline.java:296) at org.apache.catalina.core.StandardPipeline.start(StandardPipeline.java :233) at org.apache.catalina.core.StandardContext.start(StandardContext.java:4045) at org.apache.catalina.core.ContainerBase.start(ContainerBase.java:1012) at org.apache.catalina.core.StandardHost.start(StandardHost.java:718) at org.apache.catalina.core.ContainerBase.start(ContainerBase.java:1012) at org.apache.catalina.core.StandardEngine.start(StandardEngine.java:442) at org.apache.catalina.core.StandardService.start(StandardService.java:450) at org.apache.catalina.core.StandardServer.start(StandardServer.java:683) at org.apache.catalina.startup.Catalina.start(Catalina.java:537) at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java :39) at sun.reflect.DelegatingMethodAccessorImpl.invoke( DelegatingMethodAccessorImpl.java:25) at java.lang.reflect.Method.invoke(Method.java:585) at org.apache.catalina.startup.Bootstrap.start(Bootstrap.java:271) at org.apache.catalina.startup.Bootstrap.main(Bootstrap.java:409) Caused by: java.lang.ExceptionInInitializerError at org.apache.log4j.Logger.getLogger(Logger.java:94) at org.apache.commons.logging.impl.Log4JLogger.getLogger(Log4JLogger.java :229) at org.apache.commons.logging.impl.Log4JLogger.<init>(Log4JLogger.java:65) at sun.reflect.NativeConstructorAccessorImpl.newInstance0(Native Method) at sun.reflect.NativeConstructorAccessorImpl.newInstance( NativeConstructorAccessorImpl.java:39) at sun.reflect.DelegatingConstructorAccessorImpl.newInstance( DelegatingConstructorAccessorImpl.java:27) at java.lang.reflect.Constructor.newInstance(Constructor.java:494) at org.apache.commons.logging.impl.LogFactoryImpl.newInstance( LogFactoryImpl.java:529) ... 20 more Caused by: java.security.AccessControlException: access denied ( java.io.FilePermission /var/log/tomcat/www.interlogical.com.log write) at java.security.AccessControlContext.checkPermission( AccessControlContext.java:264) at java.security.AccessController.checkPermission(AccessController.java:427) at java.lang.SecurityManager.checkPermission(SecurityManager.java:532) at java.lang.SecurityManager.checkWrite(SecurityManager.java:962) at java.io.FileOutputStream.<init>(FileOutputStream.java:169) at java.io.FileOutputStream.<init>(FileOutputStream.java:102) at org.apache.log4j.FileAppender.setFile(FileAppender.java:273) at org.apache.log4j.FileAppender.activateOptions(FileAppender.java:152) at org.apache.log4j.DailyRollingFileAppender.activateOptions( DailyRollingFileAppender.java:206) at org.apache.log4j.config.PropertySetter.activate(PropertySetter.java:247) at org.apache.log4j.config.PropertySetter.setProperties(PropertySetter.java :123) at org.apache.log4j.config.PropertySetter.setProperties(PropertySetter.java :87) at org.apache.log4j.PropertyConfigurator.parseAppender( PropertyConfigurator.java:645) at org.apache.log4j.PropertyConfigurator.parseCategory( PropertyConfigurator.java:603) at org.apache.log4j.PropertyConfigurator.configureRootCategory( PropertyConfigurator.java:500) at org.apache.log4j.PropertyConfigurator.doConfigure( PropertyConfigurator.java:406) at org.apache.log4j.PropertyConfigurator.doConfigure( PropertyConfigurator.java:432) at org.apache.log4j.helpers.OptionConverter.selectAndConfigure( OptionConverter.java:460) at org.apache.log4j.LogManager.<clinit>(LogManager.java:113) ... 28 more The real cause is maybe the AccessControlException, the folder "/var/log/tomcat" is a symlink to "/usr/local/java/server/tomcat/logs" If anyone could help me I will be very grateful. Regards, Alonso