Re: java.lang.RuntimePermission accessClassInPackage.org.apache.catalina

Mon, 09 Aug 2010 11:18:51 -0700 

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Rashid,

On 8/9/2010 1:24 PM, Rashid Jilani wrote:
> Hi: Gurus I am having the following exception when I try to fire Tomcat with
> -security option with JAAS Realm.
> 
> java.security.AccessControlException: access denied
> (java.lang.RuntimePermission accessClassInPackage.org.apache.catalina)

You should provide more of the stack trace for us to be able to help you.

> BTW I also try to add the following lines in catalina.policy file but no
> luck
> 
> grant codeBase "file:/C:/Documents and
> Settings/xxx/workspace/WebSecurity/WebContent/WEB-INF/classes/-" {
> 
>     permission java.security.AllPermission;
> 
>     permission java.lang.RuntimePermission
> "accessClassInPackage.org.apache.catalina";
> 
>     permission java.lang.RuntimePermission
> "accessClassInPackage.org.apache.catalina.manager";
> 
>     permission java.lang.RuntimePermission
> "accessClassInPackage.org.apache.catalina.manager.util";
> 
> };

You may need to grant permissions to your webapp's library .jar files, too.

> Hensley how the JAAS can integrate with Tomcat has almost no real example or
> documentation, so I am just trying my luck with trails and errors, please
> let me know if some has any idea why I am having these errors.

It seems pretty clear that you simply haven't given permission for some
code to perform some task.

The stack trace tells you which code failed and what permission you
need: it should be trivial to add a "grant" that allows that code those
permissions.

You might want to read the thread back in March 2010 titled "[OT]
SecurityManager and Java Policy Files". Unfortunately, we didn't get
very far.

- -chris
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.10 (MingW32)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/

iEYEARECAAYFAkxgRmgACgkQ9CaO5/Lv0PBKtQCfdKoXx8HfVD+dVpwGeg9DiIWP
p9oAoKWK4tLMB4wKh3xAfsoOdxQXOuSM
=300m
-----END PGP SIGNATURE-----

---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
For additional commands, e-mail: users-h...@tomcat.apache.org

Reply via email to