When I use the security manager in Tomcat (4.1.12-LE-jdk1.4) some strange
problems occur.
When I execute the following simple JSP code:
<% request.getParameter("foo"); %>
I get the following exception:
org.apache.jasper.JasperException: org/apache/catalina/util/ParameterMap
at
org.apache.jasper.servlet.JspServletWrapper.service(JspServletWrapper.java:2
48)
at
org.apache.jasper.servlet.JspServlet.serviceJspFile(JspServlet.java:289)
at org.apache.jasper.servlet.JspServlet.service(JspServlet.java:240)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:853)
at
org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(Application
FilterChain
...
I also start tomcat with security debub info enabled (i.e.
CATALINA_OPTS=-Djava.security.debug=failure) but the log files do not
report any errors, except for the exception of course.
I use the standard policy rules as stated in the file catalina.policy. I
even tried to grant the additional following rules, but nothing have helped
so far:
permission java.lang.RuntimePermission
"accessClassInPackage.javax.servlet";
permission java.lang.RuntimePermission
"accessClassInPackage.javax.servlet.*";
If I grant all permissions (i.e. permission java.security.AllPermission;) to
my code base, then everything works fine.
What is the problem?
Have I missed something obvious here?
/Tommy
--
To unsubscribe, e-mail: <mailto:tomcat-user-unsubscribe@;jakarta.apache.org>
For additional commands, e-mail: <mailto:tomcat-user-help@;jakarta.apache.org>
