Where did you add the -security? Did you move the catalina.policy file?
System.getSecurityManager() returning null is generally taken to mean that the JVM is not running under the manager at all: this is obvious, I know, but it also indicates the converse. So if you start a security manager up, the system's behavior will change. In fact, I never considered the trouble one could cause calling setSecurityManager at runtime when there was no manager in effect (as opposed to trying to override an existing policy, for which there's a permission check). The AccessControlException means that after you started the manager, some bit of code tried to get its ContextClassLoader, and it did not have the appropriate runtime permissions. Are the policy file entries you indicated are all that is in your policy file? Benjamin J. Armintor Operations Systems Specialist ITS-Systems: Mainframe Group University of Texas - Austin tele: (512) 232-6562 email: [EMAIL PROTECTED] -----Original Message----- From: Seaman, Sloan [mailto:[EMAIL PROTECTED] Sent: Thursday, August 26, 2004 1:28 PM To: '[EMAIL PROTECTED]' Subject: SecurityManager I'm trying to get an application I have to use the SecurityManager object from Tomcat. I've added the -security to my startup so that it is enabled. When I do a System.getSecurityManager() it returns a null object. If I try and create my own SecurityManager and set it via System.setSecurityManager, I get: 004-08-26 14:07:47 StandardContext[/clinicalTrials]Exception starting filter SessionFilter java.security.AccessControlException: access denied (java.lang.RuntimePermission getClassLoader) at java.security.AccessControlContext.checkPermission(AccessControlContext. java :269) at java.security.AccessController.checkPermission(AccessController.java:401 ) at java.lang.SecurityManager.checkPermission(SecurityManager.java:524) at java.lang.Thread.getContextClassLoader(Thread.java:1182) at org.apache.catalina.core.ApplicationFilterConfig.getFilter(ApplicationFi lter Config.java:207) at org.apache.catalina.core.ApplicationFilterConfig.setFilterDef(Applicatio nFil terConfig.java:308) at org.apache.catalina.core.ApplicationFilterConfig.<init>(ApplicationFilte rCon fig.java:79) The only info I have added to the catalina.policy file is: grant { permission javax.security.auth.AuthPermission "createLoginContext"; permission javax.security.auth.AuthPermission "doAs"; permission javax.security.auth.AuthPermission "doAsPrivileged"; permission javax.security.auth.AuthPermission "modifyPrincipals"; permission javax.security.auth.AuthPermission "getSubject"; }; grant principal com.ptilabs.commons.jaas.authentication.ldap.LDAPPrincipal "_app_Clinical_Trials" { permission com.ptilabs.commons.jaas.authorization.URLPermission "/clinicalTrials/app/*"; }; Can someone tell me what I am doing wrong? I have a command line version for testing that works fine. It is when I try and do things under Tomcat that everything blows up. Thanks! -- Sloan --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
