Renato wrote:
Hi all,it is never safe to grant access to an internal catalina permission. You need to (1) trust your users and then (2) add the following to your tomcat.policy:
( sorry to post here... in users list nobody answered )
One of my users is asking for the following permission in his context
java.security.AccessControlException: access denied (java.lang.RuntimePermission accessClassInPackage.org.apache.catalina.realm)
He is using the securityfilter.jar library
I'm using Tomcat 4.1.12 with SecurityManager.
Is is safe to grant this permission ?
grant codeBase "file:${catalina.home}/webapps/{you user webapp name}/-" {
....
};
This will only grant his webapp to accessClassInPackage. But be aware that you *are* possibly opening a security hole. At you own risk ;-)
-- Jeanfrancois
Thanks
Renato
---------------------------------
Do you Yahoo!?
HotJobs - Search new jobs daily now
-- To unsubscribe, e-mail: <mailto:tomcat-dev-unsubscribe@;jakarta.apache.org> For additional commands, e-mail: <mailto:tomcat-dev-help@;jakarta.apache.org>
