Hi,
I'd tried to solve the problem by myself and got it a little further...
When I looked at the tomcat console more closely, I realized that occasionally
the speaker beeped at startup. Looking at the console output, there were
several access-denied messages for some of the jar's deployed with my webapp.
So I added those into my catalina.policy and gave them for a first try an
AllPermission.
With these settings my webapp came up with a SecurityManager! But there is a
function in my webapp that does an export into a PDF file, which doesn't work.
This function tries to write a file inside a directory in my webapp-folder. It
does this like this:
InputStream reportInStream = this.getClass().getResourceAsStream(
"/reports/" + reportFile + ".jasper");
if (reportInStream == null) {
throw new Exception("Cannot read report file /reports/" + reportFile
+ ".jasper as resource stream!");
}
ByteArrayOutputStream reportOutStream = new ByteArrayOutputStream();
File tmpFile = new File(targetPath);
tmpFile.deleteOnExit();
FileOutputStream pdfOutStream = new FileOutputStream(tmpFile);
if (pdfOutStream == null) {
throw new Exception("Cannot open pdf file " + targetPath + "!");
}
JasperFillManager.fillReportToStream(reportInStream, reportOutStream,
reportParameter, reportData);
JasperExportManager.exportReportToPdfStream(new ByteArrayInputStream(
reportOutStream.toByteArray()), pdfOutStream);
But an AccessControlException is thrown:
java.security.AccessControlException: access denied
(java.io.FilePermission
E:\Java\apache-tomcat-5.5.25\webapps\tmap\cache\ToolbarServer.print_0_310DE731BB2FFF78B76102A1A517DD15_JSP_PegaViewPrint.pdf
delete)
at
java.security.AccessControlContext.checkPermission(AccessControlContext.java:264)
at
java.security.AccessController.checkPermission(AccessController.java:427)
at java.lang.SecurityManager.checkPermission(SecurityManager.java:532)
at java.lang.SecurityManager.checkDelete(SecurityManager.java:990)
at java.io.File.deleteOnExit(File.java:901)
at
de.tmobile.pegaview.server.print.PrintServerBean.createReport(PrintServerBean.java:250)
at
de.tmobile.pegaview.server.print.PrintServerBean.print(PrintServerBean.java:130)
at
de.tmobile.tmap.server.print.TMapPrintServerBean.print(TMapPrintServerBean.java:223)
at
de.tmobile.pegaview.server.print.PrintValueBean.print(PrintValueBean.java:74)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at
sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
at
sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
at java.lang.reflect.Method.invoke(Method.java:585)
at
de.tmobile.pegaview.server.print.PrintAction.execute(PrintAction.java:73)
at de.tmobile.pegaview.server.BasicAction.execute(BasicAction.java:111)
at
org.apache.struts.action.RequestProcessor.processActionPerform(RequestProcessor.java:431)
at
org.apache.struts.action.RequestProcessor.process(RequestProcessor.java:236)
at
org.apache.struts.action.ActionServlet.process(ActionServlet.java:1196)
at org.apache.struts.action.ActionServlet.doGet(ActionServlet.java:414)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:690)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:803)
at sun.reflect.GeneratedMethodAccessor76.invoke(Unknown Source)
at
sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
at java.lang.reflect.Method.invoke(Method.java:585)
at
org.apache.catalina.security.SecurityUtil$1.run(SecurityUtil.java:244)
at java.security.AccessController.doPrivileged(Native Method)
at javax.security.auth.Subject.doAsPrivileged(Subject.java:517)
at
org.apache.catalina.security.SecurityUtil.execute(SecurityUtil.java:276)
at
org.apache.catalina.security.SecurityUtil.doAsPrivilege(SecurityUtil.java:162)
at
org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:262)
at
org.apache.catalina.core.ApplicationFilterChain.access$000(ApplicationFilterChain.java:52)
at
org.apache.catalina.core.ApplicationFilterChain$1.run(ApplicationFilterChain.java:171)
at java.security.AccessController.doPrivileged(Native Method)
at
org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:167)
at
org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:213)
at
org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:174)
at
org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:127)
at
org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:117)
at
org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:108)
at
org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:151)
at
org.apache.coyote.http11.Http11Processor.process(Http11Processor.java:874)
at
org.apache.coyote.http11.Http11BaseProtocol$Http11ConnectionHandler.processConnection(Http11BaseProtocol.java:665)
at
org.apache.tomcat.util.net.PoolTcpEndpoint.processSocket(PoolTcpEndpoint.java:528)
at
org.apache.tomcat.util.net.LeaderFollowerWorkerThread.runIt(LeaderFollowerWorkerThread.java:81)
at
org.apache.tomcat.util.threads.ThreadPool$ControlRunnable.run(ThreadPool.java:689)
at java.lang.Thread.run(Thread.java:595)
I don't know where to grant the permission to delete any file in the
cache-folder :-(
I already used another path as a base folder for the pdf-file and gave that
codebase also AllPermissions but to no avail. And I verified that a simple
JSP-Page within my webapp can indeed delete files in the cache-folder.
So, I'm stumped.
/Axel
---------------------------------------------------------------------
To start a new topic, e-mail: [email protected]
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
