On 14/09/2010 22:01, Steve Ryder wrote: > Thanks for your response, I really do need some help. After lots of > testing (when mail was working), I migrated my production workload to a > new server. Yesterday, Java Mail stopped working, I suspect because I > added the wrong permission in the wrong place. (see #2). > I have tried removing that, but the error still happens. HELP.
Are you sure you've reverted all of the changes?
If not, can you? Better to work up again, one at a time...
You could grab a fresh Tomcat and copy the file from there if yours is
mangled badly.
> 1) There is no logging.properties file under any ROOT/WEB-INF/ classes, it
> is the security check that is failing.
> 2) "permission java.io.FilePermission "*", "read,write"; " was in
> catalina.policy. I have been experimenting all day with alternate
> permission statements. I did notice that I should not be updating
> catalina.policy so have since move the permission stuff down into policy.d
> folder as recommended.
Recommended where?
What I need to know is to WHAT DO I GIVE
> PERMISSION?
No need to shout.
p
> From the stack
> com.jsrsys.web.JsrSendMail.sendMail(JsrSendMail.java:507) <--- my code
> gets to:
> javax.activation.MailcapCommandMap.<init>(MailcapCommandMap.java:153)
> <---- failing here because:
> java.security.AccessControlException: access denied (java.io.FilePermission
> /home/sryder/JsrSystems.info/ROOT/WEB-INF/classes/logging.properties read)
> java.security.AccessControlContext.checkPermission(AccessControlContext.java:264)3)application
> code in JsrSendMail has been working for years under Tomcat5.0and was
> working under Tomcat 5.5 until I apparently startedaddingpermissions
> because of a bunch of mBean failures at startup. AfterthatMail started
> to fail. Removing those permissions does not help.The codesnippet that
> fails is: msg.setSentDate(new Date()); if(!connectionIsOpen)
> result = setTransport(); if(!result.equals("OK")) return
> result;sysout.display("JsrSendMail--line 509: keepOpen="+keepOpen+"
> connectionIsOpen="+connectionIsOpen
> +"result="+result ); msg.saveChanges(); //
> don'tforget this <---- this is the linethat fails.
> tr.sendMessage(msg,msg.getAllRecipients());here is the whole stack from
> my call to the securityfailurejava.security.AccessControlException:
> access
> denied(java.io.FilePermission/home/sryder/JsrSystems.info/ROOT/WEB-IN
> F/classes/logging.properties
> read)java.security.AccessControlContext.checkPermission(AccessControlContext.java:264)java.security.AccessController.checkPermission(AccessController.java:427)java.lang.SecurityManager.checkPermission(SecurityManager.java:532)java.lang.SecurityManager.checkRead(SecurityManager.java:871)java.io.File.exists(File.java:700)org.apache.naming.resources.FileDirContext.file(FileDirContext.java:828)org.apache.naming.resources.FileDirContext.lookup(FileDirContext.java:211)org.apache.naming.resources.ProxyDirContext.lookup(ProxyDirContext.java:294)org.apache.catalina.loader.WebappClassLoader.findResourceInternal(WebappClassLoader.java:1924)org.apache.catalina.loader.WebappClassLoader.findResource(WebappClassLoader.java:936)org.apache.juli.ClassLoaderLogManager.readConfiguration(ClassLoaderLogManager.java:299)org.apache.juli.ClassLoaderLogManager$2.run(ClassLoaderLogManager.java:273)java.security.AccessController.doPrivileged(Native
> Method)org.apache.juli.Cl
> assLoaderLogManager.getClassLoaderInfo(ClassLoaderLogManager.java:270)org.apache.juli.ClassLoaderLogManager.getLogger(ClassLoaderLogManager.java:175)
> java.util.logging.Logger.getLogger(Logger.java:255)com.sun.activation.registries.LogSupport.<clinit>(LogSupport.java:60)javax.activation.MailcapCommandMap.<init>(MailcapCommandMap.java:153)<----failing
> herejavax.activation.CommandMap.getDefaultCommandMap(CommandMap.java:74)javax.activation.DataHandler.getCommandMap(DataHandler.java:167)javax.activation.DataHandler.getDataContentHandler(DataHandler.java:625)javax.activation.DataHandler.writeTo(DataHandler.java:329)javax.mail.internet.MimeUtility.getEncoding(MimeUtility.java:264)javax.mail.internet.MimeBodyPart.updateHeaders(MimeBodyPart.java:1301)javax.mail.internet.MimeBodyPart.updateHeaders(MimeBodyPart.java:1008)javax.mail.internet.MimeMultipart.updateHeaders(MimeMultipart.java:415)javax.mail.internet.MimeBodyPart.updateHeaders(MimeBodyPart.java:1287)javax.mail.internet.MimeM
>
> essage.updateHeaders(MimeMessage.java:2072)javax.mail.internet.MimeMessage.saveChanges(MimeMessage.java:2040)com.jsrsys.web.JsrSendMail.sendMail(JsrSendMail.java:507)
>
> <--- mycode----- Original Message -----From: "Pid" <p...@pidster.com>To:
> "TomcatUsers List" <users@tomcat.apache.org>Sent: Tuesday, September 14,
> 2010 3:33PMSubject: Re: Tomcat 5.5: java.io.FilePermission read access
> deniedtologging.propertiesOn 14/09/2010 16:17, Steve Ryder
> wrote:>java.security.AccessControlException:
> accessdenied(java.io.FilePermission/home/sryder/JsrSystems.info/ROOT/WEB-INF/classes/logging.properties
> read)>> When I first noticed this I added thejava.io.FilePermission> to
> catalina.policy under WEB APP PERMISSIONS> grant{> // Added by JSR
> 2010-09-13:> permission java.io.FilePermission "*","read,write";>
> // Added by JSR 2010-02-08:> permissionjava.util.PropertyPermission
> "*", "read,write";> permissionjava.net.SocketPermission "*",
> "connect,resolve";>> I still get the errorat
> startup!>> I have no logging.properties file under either the classes
> orundercommon/classes.> Do I need to add one? Can it be just a
> blankline?Silly question: does the file have the appropriate user
> permissionsforTomcat to access it?p
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
> For additional commands, e-mail: users-h...@tomcat.apache.org
>
0x62590808.asc
Description: application/pgp-keys
signature.asc
Description: OpenPGP digital signature
