How to setup proper security in tomcat?

Fri, 11 May 2001 11:19:31 -0700 

To enable security on startup I have added the "-security" option to the
command line as well as modifying tomcat.sh to shift after qualifying the
"-security" option.

The path to my TOMCAT_HOME is correct.

I have modified tomcat.policy to enable read perms on ${tomcat.home}/conf/-

server.xml has security-constraints.

When I try starting tomcat with the -security option, it fails to read
server.xml due to the following error:

ERROR reading /u3/jakarta/build/tomcat/conf/server.xml
At access denied (java.io.FilePermission
/u3/jakarta/build/tomcat/conf/server.xml read)

For anyone interested, here's the stack trace as well, which doesn't really
shed any addition insight:

java.security.AccessControlException: access denied (java.io.FilePermission
/u3/jakarta/build/tomcat/conf/server.xml
 read)
        at
java.security.AccessControlContext.checkPermission(AccessControlContext.java
:272)
        at
java.security.AccessController.checkPermission(AccessController.java:399)
        at
java.lang.SecurityManager.checkPermission(SecurityManager.java:545)
        at java.lang.SecurityManager.checkRead(SecurityManager.java:890)
        at java.io.File.isDirectory(File.java:564)
        at
sun.net.www.protocol.file.FileURLConnection.connect(FileURLConnection.java:6
5)
        at
sun.net.www.protocol.file.FileURLConnection.getInputStream(FileURLConnection
.java:133)
        at java.net.URL.openStream(URL.java:798)
        at org.apache.crimson.parser.InputEntity.init(InputEntity.java:209)
        at org.apache.crimson.parser.Parser2.parseInternal(Parser2.java:470)
        at org.apache.crimson.parser.Parser2.parse(Parser2.java:304)
        at
org.apache.crimson.parser.XMLReaderImpl.parse(XMLReaderImpl.java:433)
        at
org.xml.sax.helpers.XMLReaderAdapter.parse(XMLReaderAdapter.java:217)
        at javax.xml.parsers.SAXParser.parse(SAXParser.java:317)
        at javax.xml.parsers.SAXParser.parse(SAXParser.java:260)
        at org.apache.tomcat.util.xml.XmlMapper.readXml(XmlMapper.java:214)
        at org.apache.tomcat.startup.Tomcat.execute(Tomcat.java:187)
        at org.apache.tomcat.startup.Tomcat.main(Tomcat.java:235)


Any suggestion on how to properly configure tomcat.sh or tomcat.policy so
that it may properly read my server.xml file and continue with startup?

Greg

Reply via email to