Have a look here: http://onjava.com/pub/a/onjava/2007/01/03/discovering-java-security-require ments.html?page=2
On 31/08/12 8:44 PM, "Ragini" <raginippa...@gmail.com> wrote: >Dear Darryl Lewis, > >Thanks for your quick response..I corrected that silly mistake..As I >told I am able to profile tomcat when I start and stop by (startup.sh >and shutdown.sh). I tried to start it with security manager as following: > >./startup.sh -security > >it runs fine and also the application executes the way it should >actually. But the problem is when I stop the server by "./shutdown.sh", >I dont get ouput of the profiler which I normally get when I start it >without security option(like ./startup.sh). Do you know how to start it >with security option and profile it as well ? > >I have added following things to setenv.sh to make tomacat profile. > >#!/bin/sh >export >CATALINA_OPTS=-Djava.security.auth.login.config=$(TOMCAT_HOME)/conf/jaas.c >onfig >export CATALINA_OPTS="-javaagent:lib/jborat-agent.jar \ > -Dch.usi.dag.jborat.exclusionList=conf/exclusion.lst \ > -Dch.usi.dag.jborat.liblist=conf/lib.lst \ > -Dch.usi.dag.jp2.outputFilePrefix=tomcat_output \ >-Dch.usi.dag.jborat.instrumentation=ch.usi.dag.jp2.instrument.AddInstrumen >tation >\ > -Dch.usi.dag.jp2.dumpers=ch.usi.dag.jp2.dump.xml.XmlDumper \ > -Dch.usi.dag.jborat.codemergerList=conf/codemerger.lst \ >-Xbootclasspath/p:./lib/Thread_JP2.jar:lib/jborat-runtime.jar:lib/jp2-runt >ime.jar >" > > >Any idea ? > >Ragini > > > > >> catalina.sh run -security >> >> Basically runs tomcat with the Security Manager. >> >> >> I think the "talina.sh" command is missing the "ca" in front of it :-). >>If >> not paste the script here, as it might be custom. >> >> On 31/08/12 8:18 PM, "Ragini" <raginippa...@gmail.com> wrote: >> >>> Hi all, >>> >>> I am trying to run JSF-JAAS based sample application which is here. >>> (http://www.ixtendo.com/secure-your-jsf-application-with-jaas/) >>> >>> I want to just use the application so just deployed jjwa.war file in >>> web-apps directory of tomcat. >>> >>> Profiling tomcat:- >>> I use tomcat 7.0 version. I try to profile tomcat so have added some >>> parameters to setenv.sh. So I start tomcat by ./startup.sh. In browser >>>I >>> access web application. perform some actions in it. then I stop the >>> server by ./shutdown.sh. After this the profiler dumps the output. This >>> is how profiling of tomcat works for me in general. >>> >>> Now As I want to use this jjwa sample application I specified above, As >>> the author has said I have added following thind to my catalina.policy >>> file, >>> >>> grant codeBase "file:${catalina.home}/webapps/jjwa/-" { >>> permission java.util.PropertyPermission "*", "read,write"; >>> permission javax.security.auth.AuthPermission "modifyPrincipals"; >>> permission javax.security.auth.AuthPermission >>> "modifyPublicCredentials"; >>> permission javax.security.auth.AuthPermission >>> "modifyPrivateCredentials"; >>> permission javax.security.auth.AuthPermission >>>"createLoginContext.*"; >>> permission javax.security.auth.AuthPermission "doAs"; >>> permission javax.security.auth.AuthPermission "doAsPrivileged"; >>> permission javax.security.auth.AuthPermission "getSubject"; >>> permission java.security.SecurityPermission "setPolicy"; >>> permission java.security.SecurityPermission "getPolicy"; >>> permission java.lang.RuntimePermission "accessClassInPackage.*"; >>> permission java.lang.RuntimePermission "getProtectionDomain"; >>> permission java.lang.RuntimePermission "loadLibrary.*"; >>> permission java.lang.RuntimePermission "modifyThread"; >>> permission java.lang.RuntimePermission "createClassLoader"; >>> permission java.lang.RuntimePermission "accessDeclaredMembers"; >>> permission java.net.SocketPermission "*:*", >>>"accept,connect,resolve"; >>> >>> permission java.lang.reflect.ReflectPermission >>>"suppressAccessChecks"; >>> permission java.lang.RuntimePermission "setContextClassLoader"; >>> permission java.lang.RuntimePermission "getClassLoader"; >>> permission java.io.FilePermission "<>", "read"; >>> }; >>> >>> I have set up my database also as said by the author. >>> >>> *Next the author asks to start the server by "/catalina.sh run >>> -security/". When I do that I get "catalina.sh run -security >>>catalina.sh: >>> command not found". but when I try to run it by "sh talina.sh run >>> -security", it throws some exception >>> but server gets started and then I am able to access the application >>>the >>> author has said. I end the process(to stop the server) in terminal by >>> pressing ctrl+c and it stops. But in this way I dont get any output >>>from >>> the profiler I use. >>> which I actually need. So my questions are as follow: >>> >>> 1) what does the/"catalina.sh run -security/" or "sh talina.sh run >>> -security" command exactly do ? >>> >>> 2) what difference it makes when I start tomcat by runninf catalina.sh >>>or >>> startup.sh ? >>> >>> 3) How should I actually start the tomcat to run the application with >>> security ? and getting it profiles too ?* >>> >>> I am new to tomcat and dont understand a lot the script files of it. >>> >>> I would highly appreciate any help.. >>> >>> Thanks >>> >>> Ragini >>> >>> >>> >>> >> >> --------------------------------------------------------------------- >> To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org >> For additional commands, e-mail: users-h...@tomcat.apache.org >> > > >--------------------------------------------------------------------- >To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org >For additional commands, e-mail: users-h...@tomcat.apache.org > --------------------------------------------------------------------- To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
