Software
 » 
Apache
 » 
Tomcat
 » 
Tomcat - User

Problems with Java Security Manager

View: New views
1 Messages — Rating Filter:   Alert me  

Problems with Java Security Manager

by Jonathan O'Donovan :: Rate this Message:

Reply to Author | View Threaded | Show Only this Message

Hi All,

Can someone check my reasoning here? I am having difficulty with the Java Security Manager. I am encountering the following 2 exceptions with some of my servlets :

I am running :
 
Tomcat 4.1
Apache/1.3.33 (Win32)
mod_jk/1.2.8
JRE Version 1.4.2_03

I have enabled security manager logging using the following Java option (I've set this in the configuration dialogue box for Tomcat as I'm running Tomcat as a service on NT)

set CATALINA_OPTS=-Djava.security.debug=access,failure



Exception #1 (generated when using RMI):

access: access allowed (java.util.PropertyPermission java.rmi.server.hostname read)
access: access allowed (java.util.PropertyPermission sun.rmi.transport.connectionTimeout read)
access: access allowed (java.util.PropertyPermission sun.rmi.transport.tcp.handshakeTimeout read)
access: access allowed (java.util.PropertyPermission sun.rmi.transport.tcp.responseTimeout read)
access: access allowed (java.io.FilePermission C:\Tomcat41\server\lib\tomcat-util.jar read)
access: access allowed (java.io.FilePermission C:\Tomcat41\server\lib\tomcat-util.jar read)
access: access allowed (java.io.FilePermission C:\Tomcat41\server\lib\tomcat-util.jar read)
access: access allowed (java.util.PropertyPermission socksProxyHost read)
access: access denied (java.net.SocketPermission XX.XX.XX resolve)


Exception #2 :

java.security.AccessControlException: access denied (java.util.PropertyPermission catalina.base read)




I presume that the above 2 exceptions are generated by the Java Security Manager. I have tried the following in my
catalina.policy file

grant codeBase "file:${catalina.home}/webapps/mywebapp/-" {
  permission java.security.AllPermission;
};

but it makes no difference.


Also, I am wondering why catalina.base should have a problem reading files (I am running Tomcat as Administrator)

These problems are happening in the test environment, but on the live system there are no such exceptions being generated. I can't figure out why this should be the case as the java.policy and catalina.policy files in the Catalina.home/conf directory are identical for both live and test environments.

Does anybody know how to disable the Security Manager for Tomcat when running as a service in NT or is it disabled by default?


Many thanks in advance,
Jonathan O'Donovan
Free Forum Powered by Nabble Forum Help