Re: starting a binary by calling a servlet
Excuse me for a moment. Now I have the trouble that I cannot restart Tomcat and so I had to reboot the whole system. Now tomcat start while the bootprocess but cannot be accessed over the browser. And I don't have a process called catalina nor tomcat !?!?! Gruss Christian Im now back again. Now I have time to fix the tomcat-problem. But first I have another problem: I cannot start tomcat!!! I got this from my latest logfile: catalina_2005-06-17.log This is of course only a small part of it. Is this caused by a mistaken entry in the catalina.policy? [quote] Using Security Manager Created MBeanServer with ID: 4aa0ce:10489ba2bdb:-8000:gandalf:1 Jun 17, 2005 11:56:17 AM org.apache.coyote.http11.Http11Protocol init INFO: Initializing Coyote HTTP/1.1 on http-8180 Jun 17, 2005 11:56:17 AM org.apache.commons.digester.Digester fatalError SEVERE: Parse Fatal Error at line 1 column 1: Content is not allowed in prolog. org.xml.sax.SAXParseException: Content is not allowed in prolog. at org.apache.xerces.u. [/quote] But the weired thing is, my own entry into the catalina.policy is gone, is erased!!! And this happens everytime I reboot my system. Each time I edit the cataline.policy I cannot restart tomcat again. So I choose the windows(tm) solution and reboot the whole system! But when the system is up and running again. Tomcat cannot start at all. AND my entry in the catalina.policy is gone Gruss Christian -- Christian Stalp Institut fr Medizinische Biometrie, Epidemiologie und Informatik Johannes-Gutenberg-Universitt Mainz Tel.: 06131 / 17-3107 E-Mail: [EMAIL PROTECTED] - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: starting a binary by calling a servlet
Am Freitag, 17. Juni 2005 14:56 schrieb Christian Stalp: Please don't CC me. I'm reading the list and have set the Reply-To for a reason. Thanks. Im now back again. Now I have time to fix the tomcat-problem. But first I have another problem: I cannot start tomcat!!! I got this from my latest logfile: catalina_2005-06-17.log This is of course only a small part of it. Is this caused by a mistaken entry in the catalina.policy? [quote] Using Security Manager Created MBeanServer with ID: 4aa0ce:10489ba2bdb:-8000:gandalf:1 Jun 17, 2005 11:56:17 AM org.apache.coyote.http11.Http11Protocol init INFO: Initializing Coyote HTTP/1.1 on http-8180 Jun 17, 2005 11:56:17 AM org.apache.commons.digester.Digester fatalError SEVERE: Parse Fatal Error at line 1 column 1: Content is not allowed in prolog. org.xml.sax.SAXParseException: Content is not allowed in prolog. at org.apache.xerces.u. [/quote] I doubt this has anything to do with catalina.policy. This seems to be an error thrown by the XML parser - but catalina.polica is plain-text file. Check the XML config files and context descriptors. Maybe there's something wrong with them - for example byte order marks at the beginning of the file (i. e. before the ?xml version... line). But the weired thing is, my own entry into the catalina.policy is gone, is erased!!! And this happens everytime I reboot my system. Each time I edit the cataline.policy I cannot restart tomcat again. So I choose the windows(tm) solution and reboot the whole system! But when the system is up and running again. Tomcat cannot start at all. AND my entry in the catalina.policy is gone Can't help you with that. Your system seems to behave a bit - hm - strange. I doubt that tomcat is removing entries from catalina.policy. Regards mks - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: starting a binary by calling a servlet
Am Montag, 13. Juni 2005 16:24 schrieb Markus Schönhaber: Am Montag, 13. Juni 2005 16:01 schrieb Christian Stalp: But at the Moment I get an error that this is not allowed for a Servlet which seems logical to me. So I have to change the catalina.policy. The question is now: how? What I have to do, to enable my servlet to start binarys on my host? Have you even tried to use the policy-entries I posted as an answer to the very same question you asked on pug-talk? If so, what went wrong? Hey Markus, nice to meet you here at the tomcat-mailing list. I really didn't read your answer. My Problem is, Im a student and a programer 50/50 and work for 4 projects in our institute. So sometimes you loose the overview :-\ ---snip--- Ein grant-Eintrag im Policy-File könnte dann so aussehen: grant codeBase file:${catalina.home}/webapps/my_exec/- { permission java.io.FilePermission Pfad zum aszuführenden Programm, execute; }; Oder wenn Du Deiner WebApp vertraust: grant codeBase file:${catalina.home}/webapps/my_exec/- { permission java.security.AllPermission; }; ---snap--- Regards mks I'll check this in the afternoon. ;-) Gruss Christian -- Christian Stalp Institut für Medizinische Biometrie, Epidemiologie und Informatik Johannes-Gutenberg-Universität Mainz Tel.: 06131 / 17-3107 E-Mail: [EMAIL PROTECTED] - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: starting a binary by calling a servlet
Ein grant-Eintrag im Policy-File könnte dann so aussehen: grant codeBase file:${catalina.home}/webapps/my_exec/- { permission java.io.FilePermission Pfad zum aszuführenden Programm, execute; }; And the /my_exec/-, is that the context-path? That means I can call my Servlet whatever I want, but I have to put it into a package called my_exec.WAR ? Is that correct? Gruss Christian -- Christian Stalp Institut für Medizinische Biometrie, Epidemiologie und Informatik Johannes-Gutenberg-Universität Mainz Tel.: 06131 / 17-3107 E-Mail: [EMAIL PROTECTED] - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: starting a binary by calling a servlet
I did it. I made this entry in catalina-policy: // Mein Eintrag zum ausführen eines Prozesses: grant codeBase file:${catalina.home}/webapps/my_exec/- { permission java.io.FilePermission /home/chris/c/file-test,execute; }; Then I wrote this servlet: [code] import java.io.*; import javax.servlet.*; import javax.servlet.http.*; public class FireStarter extends HttpServlet { public void doGet ( HttpServletRequest req, HttpServletResponse res ) throws ServletException, IOException { int rueckgabe = 0; rueckgabe = Fireone(); res.setContentType ( text/html ); PrintWriter out = res.getWriter(); out.println ( HTML ); out.println ( HEADTITLEFirestarter/TITLE/HEAD ); out.println ( BODY ); out.println ( BIG Firestarter /BIG ); out.println ( /BODY/HTML ); } public int Fireone ( ) { int rueck_gabe = 0; try { String cmd1 = /home/chris/c/file-test; Runtime rt = Runtime.getRuntime(); Process myproc = rt.exec( cmd1 ); rueck_gabe = myproc.waitFor(); System.out.println(die Rueckgabe war: + rueck_gabe ); } catch( IOException ioexc ) { ioexc.printStackTrace(); } catch( InterruptedException intexc ) { intexc.printStackTrace(); } return ( rueck_gabe ); } } [/code] And I put into a package ( with WEB-INF/ the web.xml-files and so on...) my_exec.WAR. BUT this is the result/trace I got :-( [quote] HTTP Status 500 - type Exception report message description The server encountered an internal error () that prevented it from fulfilling this request. exception java.security.AccessControlException: access denied (java.io.FilePermission /home/chris/c/file-test execute) at java.security.AccessControlContext.checkPermission(AccessControlContext.java:269) at java.security.AccessController.checkPermission(AccessController.java:401) at java.lang.SecurityManager.checkPermission(SecurityManager.java:524) at java.lang.SecurityManager.checkExec(SecurityManager.java:771) at java.lang.Runtime.exec(Runtime.java:563) at java.lang.Runtime.exec(Runtime.java:428) at java.lang.Runtime.exec(Runtime.java:364) at java.lang.Runtime.exec(Runtime.java:326) at FireStarter.Fireone(FireStarter.java:32) at FireStarter.doGet(FireStarter.java:12) at javax.servlet.http.HttpServlet.service(HttpServlet.java:740) at javax.servlet.http.HttpServlet.service(HttpServlet.java:853) at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:200) at org.apache.catalina.core.ApplicationFilterChain.access$000 (ApplicationFilterChain.java:51) at org.apache.catalina.core.ApplicationFilterChain$1.run(ApplicationFilterChain.java:129) at java.security.AccessController.doPrivileged(Native Method) at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:125) at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:209) at org.apache.catalina.core.StandardPipeline$StandardPipelineValveContext.invokeNext(StandardPipeline.java:596) at org.apache.catalina.core.StandardPipeline.invoke(StandardPipeline.java:433) at org.apache.catalina.core.ContainerBase.invoke(ContainerBase.java:948) at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:144) at org.apache.catalina.core.StandardPipeline$StandardPipelineValveContext.invokeNext(StandardPipeline.java:596) at org.apache.catalina.core.StandardPipeline.invoke(StandardPipeline.java:433) at org.apache.catalina.core.ContainerBase.invoke(ContainerBase.java:948) at org.apache.catalina.core.StandardContext.invoke(StandardContext.java:2358) at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:133) at org.apache.catalina.core.StandardPipeline$StandardPipelineValveContext.invokeNext(StandardPipeline.java:596) at org.apache.catalina.valves.ErrorDispatcherValve.invoke(ErrorDispatcherValve.java:118) at org.apache.catalina.core.StandardPipeline$StandardPipelineValveContext.invokeNext(StandardPipeline.java:594) at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:116) at org.apache.catalina.core.StandardPipeline$StandardPipelineValveContext.invokeNext(StandardPipeline.java:594) at org.apache.catalina.core.StandardPipeline.invoke(StandardPipeline.java:433) at org.apache.catalina.core.ContainerBase.invoke(ContainerBase.java:948) at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:127) at org.apache.catalina.core.StandardPipeline$StandardPipelineValveContext.invokeNext(StandardPipeline.java:596) at org.apache.catalina.core.StandardPipeline.invoke(StandardPipeline.java:433) at org.apache.catalina.core.ContainerBase.invoke(ContainerBase.java:948) at
Re: starting a binary by calling a servlet
Am Dienstag, 14. Juni 2005 14:27 schrieb Christian Stalp: Ein grant-Eintrag im Policy-File könnte dann so aussehen: grant codeBase file:${catalina.home}/webapps/my_exec/- { permission java.io.FilePermission Pfad zum aszuführenden Programm, execute; }; And the /my_exec/-, is that the context-path? Yes. That means I can call my Servlet whatever I want, but I have to put it into a package called my_exec.WAR ? Is that correct? Well, kind of. The trailing - in the path specification above means: grant that right to all files in this directory and all subdirectories thereof. So, as a result, the name of your servlet really doesn't matter, since it resides somewhere in (a subdirectoy of) the webapp-directory. But better to see it just the other way round: you don't adopt your webapp to match the configuration parameter but the configuration parameter to match the webapp. Example: the servlet that shall be able to execute an external binary is contained a webapp named My1stWebApp which is placed at the default location (i. e. the location tomcat's default configuration specifies). The path to your webapp's directory will therefore be ${catalina.home}/webapps/My1stWebApp and the configuration parameter grant codeBase file:${catalina.home}/webapps/My1stWebApp/- ... If you have for example placed your webapp in /some/strange/dir/mywebapps/My1stWebApp the entry in catalina.policy should the read grant codeBase file:/some/strange/dir/mywebapps/My1stWebApp/- ... Regards mks - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: starting a binary by calling a servlet
Am Dienstag, 14. Juni 2005 14:52 schrieb Christian Stalp: I did it. I made this entry in catalina-policy: // Mein Eintrag zum ausführen eines Prozesses: grant codeBase file:${catalina.home}/webapps/my_exec/- { permission java.io.FilePermission /home/chris/c/file-test,execute; }; Is the path really correct? Is the webapp's directory really named my_exec? Try to use the absolute pathname of your webapp's directory, i. e. something like grant codeBase file:/opt/tomcat-4.1/webapps/my_exec_or_whatever/- ... Is the file really executable for the account tomcat runs under? Regards mks - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: starting a binary by calling a servlet
Is the path really correct? Is the webapp's directory really named my_exec? Try to use the absolute pathname of your webapp's directory, i. e. something like grant codeBase file:/opt/tomcat-4.1/webapps/my_exec_or_whatever/- ... Is the file really executable for the account tomcat runs under? Regards mks Excuse me for a moment. Now I have the trouble that I cannot restart Tomcat and so I had to reboot the whole system. Now tomcat start while the bootprocess but cannot be accessed over the browser. And I don't have a process called catalina nor tomcat !?!?! Gruss Christian P.S. Tomorrow Im on university again, sh -- Christian Stalp Institut für Medizinische Biometrie, Epidemiologie und Informatik Johannes-Gutenberg-Universität Mainz Tel.: 06131 / 17-3107 E-Mail: [EMAIL PROTECTED] - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
starting a binary by calling a servlet
Hello out there, I want to start a process, a program by calling a servlet. The servlet itself is creating a runtime on its vm. It looks something like this: [code] String cmd1 = /usr/bin/myproc; Runtime rt = Runtime.getRuntime(); Process myproc = rt.exec( cmd1 ); rueck_gabe = myproc.waitFor(); [/code] But at the Moment I get an error that this is not allowed for a Servlet which seems logical to me. So I have to change the catalina.policy. The question is now: how? What I have to do, to enable my servlet to start binarys on my host? Can anybody help me? Thank you very much! Gruss Christian -- Christian Stalp Institut für Medizinische Biometrie, Epidemiologie und Informatik Johannes-Gutenberg-Universität Mainz Tel.: 06131 / 17-3107 E-Mail: [EMAIL PROTECTED] - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: starting a binary by calling a servlet
Am Montag, 13. Juni 2005 16:01 schrieb Christian Stalp: But at the Moment I get an error that this is not allowed for a Servlet which seems logical to me. So I have to change the catalina.policy. The question is now: how? What I have to do, to enable my servlet to start binarys on my host? Have you even tried to use the policy-entries I posted as an answer to the very same question you asked on pug-talk? If so, what went wrong? ---snip--- Ein grant-Eintrag im Policy-File könnte dann so aussehen: grant codeBase file:${catalina.home}/webapps/my_exec/- { permission java.io.FilePermission Pfad zum aszuführenden Programm, execute; }; Oder wenn Du Deiner WebApp vertraust: grant codeBase file:${catalina.home}/webapps/my_exec/- { permission java.security.AllPermission; }; ---snap--- Regards mks - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: starting a binary by calling a servlet
Am Montag, 13. Juni 2005 16:01 schrieb Christian Stalp: But at the Moment I get an error that this is not allowed for a Servlet which seems logical to me. So I have to change the catalina.policy. The question is now: how? What I have to do, to enable my servlet to start binarys on my host? Have you even tried to use the policy-entries I posted as an answer to the very same question you asked on pug-talk? If so, what went wrong? ---snip--- Ein grant-Eintrag im Policy-File könnte dann so aussehen: grant codeBase file:${catalina.home}/webapps/my_exec/- { permission java.io.FilePermission Pfad zum aszuführenden Programm, execute; }; Oder wenn Du Deiner WebApp vertraust: grant codeBase file:${catalina.home}/webapps/my_exec/- { permission java.security.AllPermission; }; ---snap--- Regards mks - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]