I'm trying to get my app to run under the security manager and I'm hitting some problems.
I have class B, derived from class A, in Jar B in the WEB-INF/lib directory Class A is in Jar A in the shared/lib directory. I created an entry in the catalina.policy file: grant codeBase "file:${catalina.base}/shared/-" { permission java.lang.RuntimePermission "accessClassInPackage.*"; permission java.security.AllPermission; }; When a method defined in Class A uses reflection to get the constructors for Class B, the following error message happens: 01/20/2006 13:24:36 java.security.AccessControlException: access denied (java.lang.RuntimePermission accessDeclaredMembers) at java.security.AccessControlContext.checkPermission(AccessControlContext.java :264) at java.security.AccessController.checkPermission(AccessController.java:427) at java.lang.SecurityManager.checkPermission(SecurityManager.java:532) at java.lang.SecurityManager.checkMemberAccess(SecurityManager.java:1662) at java.lang.Class.checkMemberAccess(Class.java:2125) at java.lang.Class.getDeclaredConstructor(Class.java:1952) I've done some research and it seems like what I'm trying to do should work if I specify accessClassInPackage. I've tried explicitly setting the class A package in the accessClassInPackage statement but I'm not making any headway. I would rather not put Jar A in WEB-INF/lib because I have something like 100 contexts that all use that jar and I'm already hitting issues with PermGenSpace. I also can't put Jar B in shared/lib because of design (or lack thereof). Does anyone have any ideas (other than the obvious one of putting Jar A in WEB-INF/lib)? George Sexton MH Software, Inc. http://www.mhsoftware.com/ Voice: 303 438 9585 --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]