So you can edit the tomcat.policy file but not specify what properties are set when Tomcat is started? What a trusting app hosting service.
By default Tomcat will grant a file read permission to the root of your web application context, in this case "/home/.sites/5/site513/web/". But all of the java classes on the stack must also have been granted the appropriate read permission. The permissions the code for your webapp has is the intersection of those permissions granted to your webapp and all other code bases for java classes on the stack. So the permission problem could be in another code base grant in tomcat.policy. If you indeed do have permission to set all java properties you might try setting the property javax.security.debug to "access,failure" programattically in your JSP/servlet, then remove that property in a finally clause at the end of your JSP/servlet. That may turn on security debug for you if you indeed have permission to read/write all properties. Regards, Glenn ben keeping wrote:
Hello All,
I hope someone can help ... you are my last chance as I have posted on tek-tips forums, the sun.java.com developers forum, read the tomcat documentation, read this address's mail archives, contacted my web host, and still no joy !
I have recently bought some web hosting space, and when testing that all works, I get this error, when invoking a servlet from a jsp page :
java.security.AccessControlException: access denied (java.io.FilePermission /home/.sites/5/site513/web/WEB-INF/classes read)
This is what the TOMCAT_HOME/conf/tomcat.policy looks like (relative snippet)
grant codeBase "file:/home/.sites/5/site513/web/-" {
permission SocketPermission "localhost:1024-", "listen,connect,resolve";
permission java.util.PropertyPermission "*", "read,write";
permission java.io.FilePermission "/home/.sites/5/site513/-", "read,write,delete";
permission java.lang.RuntimePermission "accessClassInPackage.sun.io";
};
and this is what the server.xml looks like (snippet)
<Host name="www.mywebsite.com"> <!-- Site site513 -->
<Context path="" docBase="/home/.sites/5/site513/web" debug="0"/>
<!-- user web contexts -->
</Host>
I have checked the OS file permissions also, which are : drwxrwsr-x
To me it all looks well ??!!
I believe they are running 3.2.3 on a Linux Cobalt server.
The problem is is that I can't run tomcat in debug or security mode because its a web hosting company, and they are being less than helpful about the matter ! Neither can I gain access to the tomcat log directory.
Any ideas ?
Thanks for your time,
Regards
Ben
_________________________________________________________________
Protect your PC - get McAfee.com VirusScan Online http://clinic.mcafee.com/clinic/ibuy/campaign.asp?cid=3963
--
To unsubscribe, e-mail: <mailto:[EMAIL PROTECTED]>
For additional commands, e-mail: <mailto:[EMAIL PROTECTED]>
-- To unsubscribe, e-mail: <mailto:[EMAIL PROTECTED]> For additional commands, e-mail: <mailto:[EMAIL PROTECTED]>
