On Fri, 13 Apr 2001, Glenn Nielsen wrote:
> I have tested Tomcat 3.2.2 B3 with and without the Java SecurityManager
> on a Solaris x86 system using J2SE 1.3. I found one minor problem in
> the tomcat.policy file, after fixing that all watchdog test were OK.
>
> I committed the changes to the tomcat.policy file.
Great. Thanks Glenn !
BTW, I was thinking about the original proposal you made, with permissions
specified in server.xml.
Right now it would be quite easy to do a very clean implementation for
that - a PermissionInterceptor that could be set per context. What I would
like is to go back to setting everything in server.xml/app-foo.xml
so later on an admin page could edit all properties, including
permissions.
In other words, an admin page that would edit generic modules properties
would work with no change for permissions. Another argument is to allow
other, non-file based configuration systems - like LDAP. Right now the
policy is "special", it uses a different file format.
( I know, I know, I spent a lot of time arguing the reverse of what I'm
saying now :-)
Costin
