-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Johnny,
Johnny Kewl wrote: > Ok... beginning to think I'm the only one reading here... yes it is a > kludge, and I doubt very much whether changing anything in > catalina.policy will do anything in this case... I'm not expert (never used SecurityManager, actually), but I think they're suggesting that you use a SecurityManager to restrict Tomcat /from/ your own application. You don't want Tomcat to run it's own SecurityManager... you want to use one that you configure outside of Tomcat. Tomcat should run inside /your/ SecurityManager, rather than running in its own. I think you're thinking about using Tomcat to configure a SecurityManager to restrict webapps... they are talking about restricting all of Tomcat. > Tomcats System.Exit code kills the client calling tomcat... its rude ;) One could argue that Tomcat shouldn't need System.exit... there are other ways to end programs. I would imagine that all threads Tomcat creates are daemon threads so simply ending the Main thread would do ths trick. I'm not Tomcat developer, though. > I suppose I could write a class loader in the client... tell it to stop > System.Exits in a custom security manager... That's exactly what they are suggesting. You don't have to write your own ClassLoader, though. Use an existing one with a SecurityManager attached (configured outside of Tomcat). This should protect your app from Tomcat's "rudeness". > and then load up tomcat > using that classloader... little bit too much work dont you think? No... it's probably the right way to do it, unless you want to run a hacked-up version of Tomcat, or you want to suggest a real, workable solution to the problem. What you have suggested looks like it will prevent Tomcat from shutting down under normal operating conditions (i.e. standalone, like most people do it). - -chris -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.7 (MingW32) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iD8DBQFGVeoX9CaO5/Lv0PARAluYAJ9vjhrutyPHF7cQUNZ2TCBqWYG9FACgpyLo pfX3fghDQLsmFuLtpUD4vu0= =s8AN -----END PGP SIGNATURE----- --------------------------------------------------------------------- To start a new topic, e-mail: users@tomcat.apache.org To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
