Problem solved. Just renaming the ${java.home}/lib/ext/jaas.jar to some
random name does not stop JVM from attempting to load it as a jar file
so the classes were still being loaded from there. The file must be
removed.
Antony
Antony Bowesman wrote:
>
> Hi,
>
> I am running tomcat and using JAAS for authentication and
> authorization. If I have jaas.jar installed as an installed extension
> in ${java.home}/lib/ext and I have the following entries in the tomcat
> policy file
>
> grant codeBase "file:${java.home}/lib/ext/jaas.jar" {
> permission java.security.AllPermission;
> };
>
> then all is OK.
>
> However, if I put jaas.jar in ${tomcat.home}/lib and remove it from
> ${java.home}/lib/ext
>
> and change the grant entry to say
>
> grant codeBase "file:${tomcat.home}/lib/jaas.jar" {
> permission java.security.AllPermission;
> };
>
> then I get an access control exception when instantiating my
> LoginContext.
>
> java.security.AccessControlException: access denied
> (java.util.PropertyPermission java.security.auth.debug read)
> at
> java.security.AccessControlContext.checkPermission(AccessControlContext.java:272)
>
> Any ideas why the tomcat policy is being ignored?
>
> Rgds
> Antony
> --
> Antony Bowesman
> Teamware Group
> [EMAIL PROTECTED]
> tel: +358 9 5128 2562
> fax: +358 9 5128 2705
--
Antony Bowesman
Teamware Group
[EMAIL PROTECTED]
tel: +358 9 5128 2562
fax: +358 9 5128 2705
