How do i configure the Security Manager to use different policies for each host/webapp/webapp(libs/classes)?
Example: 1. Install a clean Tomcat 4.1.xx 2. Creating a simple jsp page in examples/securityTest.jsp securityTest.jsp ---> <% secure.secureClass.readPasswd() %> <--- 3. Create a class secure.secureClass in examples/web-inf/classes ---> package secure; import java.io.*; public class secureClass { public static void readPasswd() throws Exception { File x = new File("/etc/passwd"); x.canRead(); } } <--- 4. Adding to catalina.policy grant "file:${catalina.home}/webapps/examples/WEB-INF/classes/-" { java.io.FilePermission "/etc/passwd", "read"; }; 5. starting tomcat with security manager 6. request securityTest.jsp => Security Exception? what i do wrong? Torsten Fohrer ********************************************************** * DCSI AG * Tel.: +49 7131 155 88-0 * * Lessingstrasse 17-19 * Fax.: +49 7131 155 88-99 * * D-74076 Heilbronn * [EMAIL PROTECTED] * * GERMANY * http://www.dcsi.de * ********************************************************** -- To unsubscribe, e-mail: <mailto:[EMAIL PROTECTED]> For additional commands, e-mail: <mailto:[EMAIL PROTECTED]>