Debian has the security manager enabled by default. For development, you can just edit /etc/default//tomcat5 and set TOMCAT5_SECURITY=no. For testing/production, add a policy file to /etc/tomcat5/policy.d for your webapp with the permissions listed on the wiki.
On 2/12/07, Gabor Szokoli <[EMAIL PROTECTED]> wrote: > Hi! > > Thanks for your quick response. > > On 2/12/07, Johan Compagner <[EMAIL PROTECTED]> wrote: > > First wi try to do it through the context classloader: > > This is clearly the way I'd like it. > What version of wicket does it like this? > What I experienced with wicket 1.2.4 was constistent with what I have > found here: > http://svn.apache.org/viewvc/incubator/wicket/trunk/wicket/src/main/java/wicket/protocol/http/ContextParamWebApplicationFactory.java?revision=473918&view=markup > > > But sharing jars is not a good thing anyway. Because what happens if other > > webapps are deployed > > that don't use the exact wicket version as you have deployed in the shared > > lib? > > You are right, I would only deploy the wicket jars like that when I > have complete control over the servlet container. > > > In development you can use tomcat with the tomcat launcher : > > http://www.sysdeo.com/eclipse/tomcatplugin > > I just run ant from the IDE (eclipse) with the tomcat-specific > targets, but I guess I'll realise the usefulness of this plugin when > my project gets more complicated. > > > or just use the build in jetty. See the quickstart of wicket how to use > > that. > > That works great, just gives me less insite into how things work. > > > As for that security thats very strange by default i don't have to change > > any security settings in tomcat. > > If you can't use reflection that i think most webapp frameworks won't work. > > This is on debian, tomcat5 package. Didn't even have default admin or > manager user out of the box, I guesss the policy is maximum security > unless configured otherwise. > > Guestbook example throws this: > > WicketMessage: unable to get object, model: > Model:classname=[wicket.model.PropertyModel]:attached=true:[EMAIL > PROTECTED]:expression=[text]:propertyType=[null], > called with component [MarkupContainer [Component id = text, page = > com.deverto.test.GuestBook, path = 1:commentForm:text.TextArea, > isVisible = true, isVersioned = false]] > > Root cause: > > java.security.AccessControlException: access denied > (java.lang.reflect.ReflectPermission suppressAccessChecks) > at > java.security.AccessControlContext.checkPermission(AccessControlContext.java:264) > at java.security.AccessController.checkPermission(AccessController.java:427) > at java.lang.SecurityManager.checkPermission(SecurityManager.java:532) > at java.lang.reflect.AccessibleObject.setAccessible(AccessibleObject.java:107) > at > wicket.util.lang.PropertyResolver$MethodGetAndSet.<init>(PropertyResolver.java:789) > [...] > > ------------------------------------------------------------------------- > Using Tomcat but need to do more? Need to support web services, security? > Get stuff done quickly with pre-integrated technology to make your job easier. > Download IBM WebSphere Application Server v.1.0.1 based on Apache Geronimo > http://sel.as-us.falkag.net/sel?cmd=lnk&kid=120709&bid=263057&dat=121642 > _______________________________________________ > Wicket-user mailing list > Wicket-user@lists.sourceforge.net > https://lists.sourceforge.net/lists/listinfo/wicket-user > ------------------------------------------------------------------------- Using Tomcat but need to do more? Need to support web services, security? Get stuff done quickly with pre-integrated technology to make your job easier. Download IBM WebSphere Application Server v.1.0.1 based on Apache Geronimo http://sel.as-us.falkag.net/sel?cmd=lnk&kid=120709&bid=263057&dat=121642 _______________________________________________ Wicket-user mailing list Wicket-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/wicket-user
