On 26/03/2012 12:43, Witoslaw Koczewski wrote: >> On 26/03/2012 11:12, Witoslaw Koczewski wrote: >>>> There's a file called catalina.policy in tomcat/conf, which has some >>>> rules in it. You'll need compare those rules to the ones implemented in >>>> the client's policy file to work out what you need to add. >>> >>> Since I am using embedded Tomcat, there is no catalina.policy :-( >>> >>> Can't I just disable the checks in Tomcat? >> >> Yes, by applying the policy rules in the client JVM (as detailed in >> catalina.policy). > > I have configured WebStart with <security><all-permissions/>, why do I need > to define security rules for Tomcat?
Does that directly equate to applying an all-permission policy in a .policy file? > Shouldn't there be a switch in Tomcat to turn off this checks? Why? If you don't want the Security Manager, don't turn it on. >It works perfectly when starting from executable JAR file - why not work the >same way when starting from WebStart? Because WebStart turns on the Security Manager. Tomcat isn't doing anything extra special, it only checks permissions if the Security Manager is enabled. The following has details: http://tomcat.apache.org/tomcat-7.0-doc/security-manager-howto.html p > Best regards, > Witek > > > --- > http://koczewski.de > > > > > --------------------------------------------------------------------- > To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org > For additional commands, e-mail: users-h...@tomcat.apache.org -- [key:62590808]
signature.asc
Description: OpenPGP digital signature
