Hi, all,
Thanks for reading this far, now don't give up yet...
I'm trying to use Tomcat standalone with security turned on (with tomcat.bat
run -security), with my servlet in the Webapps/myApp/.
I have followed the direction of uguide/tomcat_security.txt that's in the
doc of the distribution.
I modified conf/server.xml to:
1) add
<SecurityManager className="java.security.SecurityManager">
<Permission className="java.lang.RuntimePermission"
attribute="stopThread"/>
<Permission className="java.util.PropertyPermission"
attribute="java.version" value="read"/>
</SecurityManager>
2) uncommented
<ContextInterceptor
className="org.apache.tomcat.context.PolicyInterceptor" />
3) edit myServlet's context to be:
<Context path="/myApp"
docBase="webapps/myApp"
debug="0"
reloadable="false"
trusted="true" >
<Permission className="java.util.PropertyPermission"
attribute="*" value="read,write" />
<Permission className="java.io.FilePermission"
attribute="<<ALL FILES>>" value="read,write" />
</Context>
I also changed the "webapps/examples" permission to AllPermission.
But I get the following error still (I tried AllPermission and same thing
happens, so it's not the file permission):
java.security.AccessControlException: access denied (java.io.FilePermission
I:\tomcat\Webapps\myApp\Web-inf\classes read)
at java.security.AccessControlContext.checkPermission(Unknown
Source)
at java.security.AccessController.checkPermission(Unknown Source)
at java.lang.SecurityManager.checkPermission(Unknown Source)
at java.lang.SecurityManager.checkRead(Unknown Source)
at java.io.File.isDirectory(Unknown Source)
at
org.apache.tomcat.loader.AdaptiveClassLoader.loadClass(AdaptiveClassLoa
der.java:465)
at java.lang.ClassLoader.loadClass(Unknown Source)
at java.lang.ClassLoader.loadClassInternal(Unknown Source)
at neverhood.myApp.myServlet.<init>(MyServlet.java:59)
at java.lang.Class.newInstance0(Native Method)
at java.lang.Class.newInstance(Unknown Source)
at
org.apache.tomcat.core.ServletWrapper.loadServlet(ServletWrapper.java:2
68)
at
org.apache.tomcat.core.ServletWrapper.init(ServletWrapper.java:289)
at
org.apache.tomcat.context.LoadOnStartupInterceptor.contextInit(LoadOnSt
artupInterceptor.java:130)
at
org.apache.tomcat.core.ContextManager.initContext(ContextManager.java:4
43)
at
org.apache.tomcat.core.ContextManager.init(ContextManager.java:403)
at org.apache.tomcat.startup.Tomcat.execute(Tomcat.java:197)
at org.apache.tomcat.startup.Tomcat.main(Tomcat.java:237)
cannot load servlet name: myServlet
I also tried accessing the examples, same thing:
java.security.AccessControlException: access denied (java.io.FilePermission
I:\production\tomcat\Webapps\examples\Web-inf\classes read)
at java.security.AccessControlContext.checkPermission(Unknown
Source)
at java.security.AccessController.checkPermission(Unknown Source)
at java.lang.SecurityManager.checkPermission(Unknown Source)
at java.lang.SecurityManager.checkRead(Unknown Source)
at java.io.File.isDirectory(Unknown Source)
at
org.apache.tomcat.loader.AdaptiveClassLoader.loadClass(AdaptiveClassLoader.j
ava:465)
at java.lang.ClassLoader.loadClass(Unknown Source)
at java.lang.ClassLoader.loadClassInternal(Unknown Source)
at HelloWorldExample.doGet(HelloWorldExample.java:25)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:740)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:853)
at
org.apache.tomcat.core.ServletWrapper.doService(ServletWrapper.java:387)
at org.apache.tomcat.core.Handler.service(Handler.java:263)
at
org.apache.tomcat.core.ServletWrapper.service(ServletWrapper.java:371)
at
org.apache.tomcat.core.ContextManager.internalService(ContextManager.java:74
9)
at
org.apache.tomcat.core.ContextManager.service(ContextManager.java:695)
at
org.apache.tomcat.service.http.HttpConnectionHandler.processConnection(HttpC
onnectionHandler.java:207)
at
org.apache.tomcat.service.TcpWorkerThread.runIt(PoolTcpEndpoint.java:403)
at
org.apache.tomcat.util.ThreadPool$ControlRunnable.run(ThreadPool.java:498)
at java.lang.Thread.run(Unknown Source)
Help??
bye,
Tao
---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, email: [EMAIL PROTECTED]
