Exception while running web application with Tomcat security manager enabled

Wed, 08 Oct 2008 12:32:58 -0700 

hello,         I am trying to run a simple webapp on tomcat 5.0  with the
security manager enabled
i.e with the additional options -Djava.security.manager
-Djava.security.policy=%CATALINA_BASE%\conf\catalina.policy for the tomcat
JVM.

I get the following Stack Trace when I point the browser to my webapp

exception:

javax.servlet.ServletException: Servlet.init() for servlet
struts-controller threw exception
                at 
org.apache.catalina.authenticator.AuthenticatorBase.invoke(AuthenticatorBase.java:540)
                at 
org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:118)
                at 
org.apache.coyote.tomcat5.CoyoteAdapter.service(CoyoteAdapter.java:160)
                at 
org.apache.coyote.http11.Http11Processor.process(Http11Processor.java:799)

Root Cause:

java.lang.NullPointerException
                at 
java.security.AccessControlContext.<init>(AccessControlContext.java:68)
                at javax.security.auth.Subject$5.run(Subject.java:728)
                at 
java.security.AccessController.doPrivileged(AccessController.java:147)
                at javax.security.auth.Subject.createContext(Subject.java:718)
                at javax.security.auth.Subject.doAsPrivileged(Subject.java:709)
                at 
org.apache.catalina.security.SecurityUtil.execute(SecurityUtil.java:268)
                at 
org.apache.catalina.security.SecurityUtil.doAsPrivilege(SecurityUtil.java:157)
                at 
org.apache.catalina.security.SecurityUtil.doAsPrivilege(SecurityUtil.java:110)
                at 
org.apache.catalina.authenticator.AuthenticatorBase.invoke(AuthenticatorBase.java:540)
                at 
org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:118)
                at 
org.apache.coyote.tomcat5.CoyoteAdapter.service(CoyoteAdapter.java:160)

I tried digging into the code of AccessController [
http://www.docjar.com/html/api/java/security/AccessController.java.html]<http://www.docjar.com/html/api/java/security/AccessController.java.html>
where I gathered that public static native <T> T
doPrivileged(PrivilegedAction<T> action); throws a NullPointerException in
case the action is null

I am not able to understand the reason for the action being null.

Has it something to do with missing native library files?
I have given all permissions to the webapp in catalina.policy. hence I feel
that missing privileges should not be an issue.

grant codeBase "file:${catalina.home}/webapps/adminconsole/-" {
        permission java.security.AllPermission;
};

I am trying running tomcat on Lin 64 an the Java version is 1.4.2

Please help
vijay

Reply via email to