Hi
I am trying to start using the SecurityManager/catalina.policy for a
servelt/jsp application that accesses an Oracle Database for read/write.
Everything works fine when I set: permission java.security.AllPermission for
the entire application.
but if I try and limit permissions, any table varchar2 data I get back
from queries via ResultSet.getObject().toString() seems to be (?URL)encoded
- Dates and ints are OK.
I can't work out which file or driver doesn't have appropriate conditions -
can anyone help?
I have tried:
permission java.net.SocketPermission "xxx.xxx.xxx.xxx:xxxx", "connect";
permission java.util.PropertyPermission "oracle.jserver.version",
"read";
permission java.util.PropertyPermission
"oracle.jdbc.driver.OracleDriver", "read";
permission java.util.PropertyPermission "/WEB-INF/lib/ojdbc.jar",
"read";
permission java.util.PropertyPermission "java.net.*", "read";
permission java.util.PropertyPermission "java.sql.*", "read";
currently running jdk 1.4 and Tomcat 4.1.12 and Oracle 9i
Ta Trevor
