glenn 00/12/28 13:59:35
Modified: src/doc/uguide Tag: tomcat_32 tomcat-security.html
Log:
SecurityManager under unix
Revision Changes Path
No revision
No revision
1.1.2.2 +2 -168 jakarta-tomcat/src/doc/uguide/Attic/tomcat-security.html
Index: tomcat-security.html
===================================================================
RCS file: /home/cvs/jakarta-tomcat/src/doc/uguide/Attic/tomcat-security.html,v
retrieving revision 1.1.2.1
retrieving revision 1.1.2.2
diff -u -r1.1.2.1 -r1.1.2.2
--- tomcat-security.html 2000/11/17 20:44:51 1.1.2.1
+++ tomcat-security.html 2000/12/28 21:59:34 1.1.2.2
@@ -1,6 +1,7 @@
<!doctype html public "-//w3c//dtd html 4.0 transitional//en">
<html>
<head>
+ <title>Using the Java SecurityManager with Tomcat</title>
<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1">
<meta name="GENERATOR" content="Mozilla/4.7 [en] (X11; I; SunOS 5.7 i86pc)
[Netscape]">
</head>
@@ -23,18 +24,11 @@
<a href="#permissions">Types of Permissions</a></li>
<li>
-<a href="#config">Configuring Tomcat for use with a SecurityManager</a></li>
+<a href="tomcat-security-unix.html">Tomcat SecurityManager setup with Unix</a></li>
<li>
-<a href="#start">Starting Tomcat with a SecurityManager</a></li>
-
-<li>
<a href="#violation">What happens when the SecurityManager detects a Security
violation?</a></li>
-
-<li>
-<a href="#trouble">Trouble shooting tomcat.policy configuration and Security
-Violations</a></li>
</ul>
<h3>
@@ -102,170 +96,10 @@
were running Tomcat without a SecurityManager.
<br>
<h3>
-<a NAME="config"></a>Configuring Tomcat for use with a SecurityManager</h3>
-<b>tomcat.policy</b>
-<p>The security policies implemented by the Java SecurityManager are configured
-in the <b>tomcat.policy </b>file located in the tomcat conf directory.
-The tomcat.policy file replaces any system java.policy file. The
-tomcat.policy file can be edited by hand or you can use the <b>policytool
-</b>application
-that comes with Java 1.2.
-<p>Entries in the tomcat.policy file use the standard java.policy file
-format as follows:
-<table BORDER=0 >
-<tr>
-<td>
-<pre>// Example policy file entry
-
-grant [signedBy <signer> [,codeBase <code source>] {
- permission <class> [<name> [, <action list>]];
-};</pre>
-</td>
-</tr>
-</table>
-The <b>signedBy</b> and <b>codeBase </b>entries are optional when granting
-permissions. Comment lines begin with // and end at a new line.
-<p>The codeBase is in the form of a URL and for a file URL can use the
-${java.home} and ${tomcat.home} properties which are expanded out to the
-directory paths defined for them.
-<p>Default tomcat.policy file
-<table BORDER=0 >
-<tr>
-<td>
-<pre>// Permissions for tomcat.
-
-// javac needs this
-grant codeBase "file:${java.home}/lib/-" {
- permission java.security.AllPermission;
-};
-
-// Tomcat gets all permissions
-grant codeBase "file:${tomcat.home}/lib/-" {
- permission java.security.AllPermission;
-};
-
-grant codeBase "file:${tomcat.home}/classes/-" {
- permission java.security.AllPermission;
-};
-
-// Example webapp policy
-// By default we grant read access on webapp dir
-// and read of the line.separator PropertyPermission
-grant codeBase "file:${tomcat.home}/webapps/examples" {
- permission java.net.SocketPermission "localhost:1024-","listen";
- permission java.util.PropertyPermission "*","read";
-};</pre>
-</td>
-</tr>
-</table>
-
-<p>Here is an example where in addition to the above, we want to grant
-the examples web application the ability to connect to the localhost smtp
-port so that it can send mail.
-<table BORDER=0 >
-<tr>
-<td>
-<pre>grant codeBase "file:${tomcat.home}/webapps/examples" {
- permission java.net.SocketPermission "localhost:25","connect";
- permission java.net.SocketPermission "localhost:1024","listen";
- permission java.util.PropertyPermission "*","read";
-};</pre>
-</td>
-</tr>
-</table>
-Now what if we wanted to give all contexts not configured by their own
-grant entry some default permissions in addition to what Tomcat assigns
-by default.
-<table BORDER=0 >
-<tr>
-<td>
-<pre>grant {
- permission java.net.SocketPermission "localhost:1024","listen";
- permission java.util.PropertyPermission "*","read";
-};</pre>
-</td>
-</tr>
-</table>
-Finally, a more complex tomcat.policy file. In this case we are using
-Tomcat as an app server for a number of remote web servers. We want
-to limit what remote web servers can connect to Tomcat by using the Java
-SecurityManager.
-<br>
-<table BORDER=0 >
-<tr>
-<td>
-<pre>// Permissions for tomcat.
-// javac needs this
-grant codeBase "file:${java.home}/lib/-" {
- permission java.security.AllPermission;
-};
-
-// Tomcat with IP filtering
-grant codeBase "file:${tomcat.home}/lib/-" {
- // Tomcat should be able to read/write all properties
- permission java.util.PropertyPermission "*","read,write";
- // Tomcat needs to be able to read files in its own directory
- permission java.io.FilePermission "${tomcat.home}/-","read";
- // Tomcat has to be able to write its logs
- permission java.io.FilePermission "${tomcat.home}/logs/-","read,write";
- // Tomcat has to be able to write to the conf directory
- permission java.io.FilePermission "${tomcat.home}/conf/-","read,write";
- // Tomcat has to be able to compile JSP's
- permission java.io.FilePermission
"${tomcat.home}/work/-","read,write,delete";
- // Tomcat needs all the RuntimePermission's
- permission java.lang.RuntimePermission "*";
- // Needed so Tomcat can set security policy for a Context
- permission java.security.SecurityPermission "*";
- // Needed so that Tomcat will accept connections from a remote web server
- // Replace XXX.XXX.XXX.XXX with the IP address of the remote web server
- permission java.net.SocketPermission
"XXX.XXX.XXX.XXX:1024-","accept,listen,resolve";
- // Tomcat has to be able to use its port on the localhost
- permission java.net.SocketPermission
"localhost:1024-","connect,accept,listen,resolve";
-};
-
-// Example webapp policy
-// By default we grant read access on webapp dir
-// and read of the line.separator PropertyPermission
-grant codeBase "file:${tomcat.home}/webapps/examples" {
- permission java.net.SocketPermission "localhost:1024-","listen";
- permission java.util.PropertyPermission "*","read";
-};</pre>
-</td>
-</tr>
-</table>
-
-<p><b>server.xml</b>
-<p>Uncomment out the entry in server.xml for the ContextInterceptor which
-defines the class named PolicyInterceptor.
-<br>
-<h3>
-<a NAME="start"></a>Starting Tomcat with a SecurityManager</h3>
-Once you have configured the tomcat.policy and server.xml files for use
-with a SecurityManager, Tomcat can be started with the SecurityManager
-in place by using the "-security" option to bin/startup.bat or bin/startup.sh.
-<br>
-<h3>
<a NAME="violation"></a>What happens when the SecurityManager detects a
Security violation?</h3>
The JVM will throw an AccessControlException or a SecurityException when
the SecurityManager detects a security policy violation.
-<br>
-<h2>
-<a NAME="trouble"></a>Trouble shooting tomcat.policy configuration and
-Security Violations</h2>
-<b>JSP Compile using JVM internal javac fails with AccessControlException
-for RuntimePermission accessClassInPackage sun.tools.javac.</b>
-<p>Check your JAVA_HOME/jre/lib/security/java.security file configuration.
-Comment out the line "package.access=sun.".
-<p><b>JSP Compile using JVM internal javac fails with AccessControlException
-for FilePermission read of tomcat work directory.</b>
-<p>Try defining an absolute path for the codeBase needed in the policy
-grant for java itself instead of the ${java.home} property.
-<p>
-<pre>// javac needs this
-grant codeBase "file:/usr/java/lib/-" {
- permission java.security.AllPermission;
-};</pre>
<br>
</body>
</html>
