Java security policy files for JServ

Fri, 16 Jun 2000 06:45:35 -0700 

----------------------------------------------------------------
BEFORE YOU POST, search the faq at <http://java.apache.org/faq/>
WHEN YOU POST, include all relevant version numbers, log files,
and configuration files.  Don't make us guess your problem!!!
----------------------------------------------------------------

I am currently trying to configure the Java security policy files on a 
machine running Apache with Apache JServ. The servlet classes reside in jar 
files along with RMI jar files. The servlets make calls to remote objects 
using RMI so I need to assign read FilePermissions and SocketPermissions to 
Apache JServ. However, the only way I have found of doing this is to assign 
these permissions universally:

grant {
  permission java.io.FilePermission "d:\\build\\-", "read";
  permission java.net.SocketPermission "127.0.0.1", "accept, connect, 
listen, resolve";
  permission java.net.SocketPermission "192.168.1.100", "accept, connect";
};

If I specify solely the homes of Apache and of JServ as the codeBase for 
these permissions

grant codeBase "file:/D:/pfiles/apache/*" {
  permission java.io.FilePermission "d:\\build\\-", "read";
  permission java.net.SocketPermission "127.0.0.1", "accept, connect, 
listen, resolve";
  permission java.net.SocketPermission "192.168.1.100", "accept, connect";
};

grant codeBase "file:/D:/pfiles/jserv/*" {
  permission java.io.FilePermission "d:\\build\\-", "read";
  permission java.net.SocketPermission "127.0.0.1", "accept, connect, 
listen, resolve";
  permission java.net.SocketPermission "192.168.1.100", "accept, connect";
};

then I get the following exception being registered in the error log on 
starting up Apache:

java.lang.ExceptionInInitializerError: java.security.AccessControlException: 
access denied (java.io.FilePermission d:\build\itccrmi.jar read)
        at 
java.security.AccessControlContext.checkPermission(AccessControlContext.java:195)
        at 
java.security.AccessController.checkPermission(AccessController.java:403)
        at java.lang.SecurityManager.checkPermission(SecurityManager.java:549)
        at java.lang.SecurityManager.checkRead(SecurityManager.java:873)
        at java.io.File.isDirectory(File.java:566)
        at 
org.apache.java.lang.AdaptiveClassLoader.loadClass(AdaptiveClassLoader.java, 
Compiled Code)
        at java.lang.ClassLoader.loadClass(ClassLoader.java:247)
        at com.itcc.servlets.FolderServlet.<clinit>(FolderServlet.java:24)
        at java.lang.Class.newInstance0(Native Method)
        at java.lang.Class.newInstance(Class.java:241)
        at 
org.apache.jserv.JServServletManager.load_init(JServServletManager.java:526)
        at 
org.apache.jserv.JServServletManager.loadServlet(JServServletManager.java:488)
        at 
org.apache.jserv.JServServletManager.loadStartupServlets(JServServletManager.java, 
Compiled Code)
        at org.apache.jserv.JServServletManager.init(JServServletManager.java, 
Compiled Code)
        at org.apache.jserv.JServ.start(JServ.java, Compiled Code)
        at org.apache.jserv.JServ.main(JServ.java, Compiled Code)

I have also tried assigning the permissions to the codeBase of the servlet 
and RMI jar files but no no avail. How is it possible to specifically assign 
permissions to JServ?

I am using Apache 1.3.12, JServ 1.1 and devleoping on NT but deploying on 
Tru64 Unix.

Thanking you in advance for any assistance you may be able to provide.

Yao Tsan Ng ([EMAIL PROTECTED])

________________________________________________________________________
Get Your Private, Free E-mail from MSN Hotmail at http://www.hotmail.com



--
--------------------------------------------------------------
Please read the FAQ! <http://java.apache.org/faq/>
To subscribe:        [EMAIL PROTECTED]
To unsubscribe:      [EMAIL PROTECTED]
Archives and Other:  <http://java.apache.org/main/mail.html>
Problems?:           [EMAIL PROTECTED]

Reply via email to