On 14/09/2010 22:01, Steve Ryder wrote: > Thanks for your response, I really do need some help. After lots of > testing (when mail was working), I migrated my production workload to a > new server. Yesterday, Java Mail stopped working, I suspect because I > added the wrong permission in the wrong place. (see #2). > I have tried removing that, but the error still happens. HELP.
Are you sure you've reverted all of the changes? If not, can you? Better to work up again, one at a time... You could grab a fresh Tomcat and copy the file from there if yours is mangled badly. > 1) There is no logging.properties file under any ROOT/WEB-INF/ classes, it > is the security check that is failing. > 2) "permission java.io.FilePermission "*", "read,write"; " was in > catalina.policy. I have been experimenting all day with alternate > permission statements. I did notice that I should not be updating > catalina.policy so have since move the permission stuff down into policy.d > folder as recommended. Recommended where? What I need to know is to WHAT DO I GIVE > PERMISSION? No need to shout. p > From the stack > com.jsrsys.web.JsrSendMail.sendMail(JsrSendMail.java:507) <--- my code > gets to: > javax.activation.MailcapCommandMap.<init>(MailcapCommandMap.java:153) > <---- failing here because: > java.security.AccessControlException: access denied (java.io.FilePermission > /home/sryder/JsrSystems.info/ROOT/WEB-INF/classes/logging.properties read) > java.security.AccessControlContext.checkPermission(AccessControlContext.java:264)3)application > code in JsrSendMail has been working for years under Tomcat5.0and was > working under Tomcat 5.5 until I apparently startedaddingpermissions > because of a bunch of mBean failures at startup. AfterthatMail started > to fail. Removing those permissions does not help.The codesnippet that > fails is: msg.setSentDate(new Date()); if(!connectionIsOpen) > result = setTransport(); if(!result.equals("OK")) return > result;sysout.display("JsrSendMail--line 509: keepOpen="+keepOpen+" > connectionIsOpen="+connectionIsOpen > +"result="+result ); msg.saveChanges(); // > don'tforget this <---- this is the linethat fails. > tr.sendMessage(msg,msg.getAllRecipients());here is the whole stack from > my call to the securityfailurejava.security.AccessControlException: > access > denied(java.io.FilePermission/home/sryder/JsrSystems.info/ROOT/WEB-IN > F/classes/logging.properties > read)java.security.AccessControlContext.checkPermission(AccessControlContext.java:264)java.security.AccessController.checkPermission(AccessController.java:427)java.lang.SecurityManager.checkPermission(SecurityManager.java:532)java.lang.SecurityManager.checkRead(SecurityManager.java:871)java.io.File.exists(File.java:700)org.apache.naming.resources.FileDirContext.file(FileDirContext.java:828)org.apache.naming.resources.FileDirContext.lookup(FileDirContext.java:211)org.apache.naming.resources.ProxyDirContext.lookup(ProxyDirContext.java:294)org.apache.catalina.loader.WebappClassLoader.findResourceInternal(WebappClassLoader.java:1924)org.apache.catalina.loader.WebappClassLoader.findResource(WebappClassLoader.java:936)org.apache.juli.ClassLoaderLogManager.readConfiguration(ClassLoaderLogManager.java:299)org.apache.juli.ClassLoaderLogManager$2.run(ClassLoaderLogManager.java:273)java.security.AccessController.doPrivileged(Native > Method)org.apache.juli.Cl > assLoaderLogManager.getClassLoaderInfo(ClassLoaderLogManager.java:270)org.apache.juli.ClassLoaderLogManager.getLogger(ClassLoaderLogManager.java:175) > java.util.logging.Logger.getLogger(Logger.java:255)com.sun.activation.registries.LogSupport.<clinit>(LogSupport.java:60)javax.activation.MailcapCommandMap.<init>(MailcapCommandMap.java:153)<----failing > herejavax.activation.CommandMap.getDefaultCommandMap(CommandMap.java:74)javax.activation.DataHandler.getCommandMap(DataHandler.java:167)javax.activation.DataHandler.getDataContentHandler(DataHandler.java:625)javax.activation.DataHandler.writeTo(DataHandler.java:329)javax.mail.internet.MimeUtility.getEncoding(MimeUtility.java:264)javax.mail.internet.MimeBodyPart.updateHeaders(MimeBodyPart.java:1301)javax.mail.internet.MimeBodyPart.updateHeaders(MimeBodyPart.java:1008)javax.mail.internet.MimeMultipart.updateHeaders(MimeMultipart.java:415)javax.mail.internet.MimeBodyPart.updateHeaders(MimeBodyPart.java:1287)javax.mail.internet.MimeM > > essage.updateHeaders(MimeMessage.java:2072)javax.mail.internet.MimeMessage.saveChanges(MimeMessage.java:2040)com.jsrsys.web.JsrSendMail.sendMail(JsrSendMail.java:507) > > <--- mycode----- Original Message -----From: "Pid" <p...@pidster.com>To: > "TomcatUsers List" <users@tomcat.apache.org>Sent: Tuesday, September 14, > 2010 3:33PMSubject: Re: Tomcat 5.5: java.io.FilePermission read access > deniedtologging.propertiesOn 14/09/2010 16:17, Steve Ryder > wrote:>java.security.AccessControlException: > accessdenied(java.io.FilePermission/home/sryder/JsrSystems.info/ROOT/WEB-INF/classes/logging.properties > read)>> When I first noticed this I added thejava.io.FilePermission> to > catalina.policy under WEB APP PERMISSIONS> grant{> // Added by JSR > 2010-09-13:> permission java.io.FilePermission "*","read,write";> > // Added by JSR 2010-02-08:> permissionjava.util.PropertyPermission > "*", "read,write";> permissionjava.net.SocketPermission "*", > "connect,resolve";>> I still get the errorat > startup!>> I have no logging.properties file under either the classes > orundercommon/classes.> Do I need to add one? Can it be just a > blankline?Silly question: does the file have the appropriate user > permissionsforTomcat to access it?p > > --------------------------------------------------------------------- > To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org > For additional commands, e-mail: users-h...@tomcat.apache.org >
0x62590808.asc
Description: application/pgp-keys
signature.asc
Description: OpenPGP digital signature