I am in the process of expanding a web site I am developing to attach to a "test"
server. In the process of my expansion into further testing, I've altered my data
base access to point to a different server than my Tomcat server.
Everything runs just fine until I attempt to access the "test" data base server. I
get a security error message - as I expected. Looking thru all of the documentation I
could find - I discovered that I needed to add a grant statement to the
catalina.policy file pointing to the codeBase for my JDBC driver.
(as an aside, I am uncertain what I broke, but as soon as I get a security access
violation on my external DataBase jar, tomcat server stops accepting commands on
127.0.0.1 to shutdown)
I opened catalina.policy and added my DataBase driver via this grant statement:
grant codeBase
"file:${catalina.home}/common/lib/mysql-connector-java-3.0.8-stable-bin.jar" {
permission java.net.SocketPermission "127.0.0.1:3306", "accept, connect, listen,
resolve";
};
I loaded Tomcat up with the -security command line option and reloaded my servlet.
Problem is - now, instead of getting access to my data, I get a message in the Tomcat
screen saying that the dbcp code had tried 3 times to load before it gave up. Making
matters worse, with -security active, I can no longer access my data source on
127.0.0.1
Reading thru any message I could find on this subject, I noticed someone mentioned
having your codeBase say "jar:file:". I also noticed someone mentioning putting "!/-"
at the end of the codeBase string.
I've tried both of these and get the same error from the dbcp code whenever it tries
to create a database connection. I noticed that I should turn debugging on with an
option to CATALINA_OPTS - but the volume of output is so overwhelming that I can't see
SecurityManager determine if my data base access is valid.
I gotta believe someone is using Tomcat 4.1.24 is a multi-tier environment. This
tells me I'm missing something...
Bob Bateman
_______________________________________________
Join Excite! - http://www.excite.com
The most personalized portal on the Web!
---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
