Public bug reported: Binary package hint: tomcat6
The current settings of the security manager in /etc/policy.d/ do not allow to list the active sessions in the Tomcat Web Application Manager. Steps to reproduce: * Install tomcat6-admin including dependencies * Open Tomcat Web Application Manager (default location http://localhost:8080/manager/html/) * Try to open the session list of an application * Instead of seeing the sessions administration, a "java.security.AccessControlException" error occurs (example stacktrace is attached) This was tested on Karmic with Tomcat version 6.0.20-2ubuntu2 and openjdk-6-jre-headless 6b16-1.6.1-3ubuntu1. To fix this add the following rules to the security manager settings (not thoroughly tested): grant { permission java.lang.RuntimePermission "accessClassInPackage.org.apache.catalina"; permission java.lang.RuntimePermission "accessClassInPackage.org.apache.catalina.manager"; permission java.lang.RuntimePermission "accessClassInPackage.org.apache.catalina.manager.util"; } ** Affects: tomcat6 (Ubuntu) Importance: Undecided Status: New -- Security manager breaks session listing https://bugs.launchpad.net/bugs/509528 You received this bug notification because you are a member of Ubuntu Server Team, which is subscribed to tomcat6 in ubuntu. -- Ubuntu-server-bugs mailing list Ubuntu-server-bugs@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs
