I'm having a hard time with the security permissions for a webapp using tomcat 4.1.30.
The application needs to write files to the java.io.tmp directory and it works fine in the first scenario ( without a war file ) but in the second scenario I keep getting:
"java.security.AccessControlException: access denied ..."
For both scenario's, I have a MyApp.xml file in the webapps directory which contains a context fragment. The java.io.tmp is the default <catalina_home>/temp and it's been chmod to 777.
The first scenario works:
1) I set the docBase in the context fragment to "/www" and unzip the MyApp.war file in /www
2) I edit conf/catalina.policy and add:
grant codeBase "file:/www/WEB-INF/classes/-" {
permission java.security.AllPermission;
};
grant codeBase "file:/www/WEB-INF/lib/*" {
permission java.security.AllPermission;
};The second scenario does not work:
1) I set the docBase in the context fragment to "/www/MyApp.war" and place the MyApp.war file in /www
2) I edit conf/catalina policy, remove the above from the first scenarion and add:
grant codeBase "file:/www/MyApp.war" {
permission java.security.AllPermission;
};I've been trying all sorts of other possibilities based on what I found in various user google searches - I can't seem to find a decent example or any further detail on how this is supposed to work.
Even the O'Reilly Tomcat book doesn't cover this very well.
Any help would be appreciated.
Thanks,
Hollister
--------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
