Hello, I have been working with the Security Manager and I think it is a good aproximation of what I need, thank you very much for the advice. I have read that it is possible to create your own Permission class, but I haven't found any documentation or example. Could anybody tell me where I can find information about create a Permission class?
Thank you very much. 2013/10/23 Caldarale, Charles R <chuck.caldar...@unisys.com> > > From: Christopher Schultz [mailto:ch...@christopherschultz.net] > > Subject: Re: Restrict the use of JDK classes Tomcat 7 or 6 > > > When you say "Java classes", are you talking about re-defining > > something like java.lang.String? If so, then the servlet spec (3.0: > > 10.7.2) prohibits web applications from loading classes from any of > > these packages from a web application class loader. > > java.* > > javax.* > > Looking at current trunk, Tomcat appears to take a lazy view and just > > look for these two classes: > > javax.servlet.Servlet > > javax.el.Expression > > So it looks like you might be able to redefine java.lang.String if you > > want. > > As I recall, the JVM itself prevents loading of java.* classes from > anywhere other than the registered JRE jar locations. Not sure about > javax.* classes. > > - Chuck > > > THIS COMMUNICATION MAY CONTAIN CONFIDENTIAL AND/OR OTHERWISE PROPRIETARY > MATERIAL and is thus for use only by the intended recipient. If you > received this in error, please contact the sender and delete the e-mail and > its attachments from all computers. > > > --------------------------------------------------------------------- > To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org > For additional commands, e-mail: users-h...@tomcat.apache.org > >
