Craig,
Thanks for your prompt reply.
>The first thing to understand is that security manager support in Tomcat
4.0 is
>not complete yet. This should be fixed within the next couple weeks. By
>default, it is not enabled -- the exception above has a different cause.
No worries. Thanks for all your work on Catalina.
>Yes. The docs about Java2's security model are in the JDK 1.2 or 1.3
>documentation bundle, under the "Security" heading.
I read through them but have never had to digest them before, hence some
confusion on my part.
>However, a sealing violation error occurs under the following
circumstances:
>* Classes are packaged into JAR files (assume your classes
> are in package com.mycompany.mypackage).
>* JAR files are marked as "sealed" in the JAR manifest entry.
>* You attempt to load a class in the "com.mycompany.mypackage"
> class from some *other* JAR file.
>
>The basic idea of sealing is that a Java package can say "all of the
classes in
>this package are in this JAR file -- any classes who claim they are part of
this
>package from elsewhere are imposters."
ok I was barking up the wrong tree then, I thought it was the reference to a
File Object pointing outside of Tomcat which was causing it.
In my case I have 'mypackage' classes compiled to /WEB-INF/classes without
being jarred. The particular class and method that is causing the sealed
Exception is in package com.mycompany.util, the method though uses Objects
from jdom-b5.jar. The jdom JAR is in the /WEB-INF/lib, it isnt marked
"sealed" and my classes arent in a JAR. Are classes compiled to
/WEB-INF/classes assumed sealed? I tried adding a manifest file to the
/classes/meta-inf directory but to no effect.
Cameron Riley
---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, email: [EMAIL PROTECTED]
