Hi, On redhat the xmlparser jar file (xerces.jar) is installed in /usr/share/java
If you don't grant read access to this repository, you will not be able to start tomcat. If this is not the problem, you should try to start tomcat with the following command : tomcat4 run -security and you will probably have an exception teling you which security acces is not granted good luck Olivier ___________________________________________________ http://www.robostrike.com : Online multiplayer game ___________________________________________________ ----- Original Message ----- From: "Rune Hamnvik" <[EMAIL PROTECTED]> To: <[EMAIL PROTECTED]> Sent: Monday, April 22, 2002 1:58 PM Subject: SecurityManager and codeBase > Hello > We planned to start using the SecutiryManager on our Tomcat installations, > but we have problems getting the SecurityManager to work as supposed to. We > have a project located under the webapps catalog called isp. The application > works well if we set up the catalina.policy file with the following rules > (specifying no codeBase): > grant { > permission java.net.SocketPermission "localhost:1599", "connect"; // > Naming lookup > permission java.net.SocketPermission "localhost:43163", "connect"; > // EJB lookup > permission java.net.SocketPermission "localhost:6666", "connect"; // > RMI to EJB server > permission java.net.SocketPermission "localhost:389", "connect"; // > LDAP access > permission java.net.SocketPermission "localhost:25", "connect"; // > SMTP access > permission java.lang.RuntimePermission "accessDeclaredMembers"; > permission java.security.SecurityPermission "insertProvider.SunJCE"; > permission java.util.PropertyPermission "*", "read,write"; > }; > > But if add the codeBase attribute to the grant part, the application stops > working. Here is the updated grant part: > > grant codeBase "file:${catalina.home}/webapps/isp/-" { > permission java.net.SocketPermission "localhost:1599", "connect"; // > Naming lookup > permission java.net.SocketPermission "localhost:43163", "connect"; > // EJB lookup > permission java.net.SocketPermission "localhost:6666", "connect"; // > RMI to EJB server > permission java.net.SocketPermission "localhost:389", "connect"; // > LDAP access > permission java.net.SocketPermission "localhost:25", "connect"; // > SMTP access > permission java.lang.RuntimePermission "accessDeclaredMembers"; > permission java.security.SecurityPermission "insertProvider.SunJCE"; > permission java.util.PropertyPermission "*", "read,write"; > }; > > Are we doing any wrong ? We have tested on both RedHat 7.2 and Win 2000, > using JDK1.4.0. We have tried Tomcat 4.0.1, 4.0.3 and the 4.0.4 beta 2 > version. > > We know of the bug report: Bugzilla Bug 7319 codeBase in catalina.policy > broken with jars > But this bug seems to have been rejected. > > Anyone have any idea ? > > Rune Hamnvik > Mobinor > Norway > > > -- > To unsubscribe: <mailto:[EMAIL PROTECTED]> > For additional commands: <mailto:[EMAIL PROTECTED]> > Troubles with the list: <mailto:[EMAIL PROTECTED]> > -- To unsubscribe: <mailto:[EMAIL PROTECTED]> For additional commands: <mailto:[EMAIL PROTECTED]> Troubles with the list: <mailto:[EMAIL PROTECTED]>
