Hi!
I'm using Tomcat 8.0.18.
I've a webapp myapp.war which is deployed at context path "some/path/myapp"
and unpackWARs is set to "false".
That means, I have a conf/Catalina/localhost/some#path#myapp.xml with
"<Context docBase="/somewhere/myapp.war">..."
Running this app with Tomcat 8.0.18 without security manager causes no
problem.
Running this app with Tomcat 7.x with and without security manager causes
no problem, but Tomcat 8 with security manager throws security exceptions.
Tomcat 7 (and also Tomcat 6 and Tomcat 5.5) creates
"work/Catalina/localhost/some_path_myapp/WEB-INF/lib" directory with all
JARs. So I can use this path as codebase in catalina.policy file, eg:
grant codeBase
"file:${catalina.base}/work/Catalina/localhost/some_path_myapp/-"
or
grant codeBase
"file:${catalina.base}/work/Catalina/localhost/some_path_myapp/WEB-INF/lib/somejar.jar"
Tomcat 8 creates a "work/Catalina/localhost/some#path#myapp" directory, it
uses "#" instead of "_" and Tomcat 8 does not create WEB-INF/lib directory
below.
So I do not know which codebase to use in catalina.policy?
Which codebase can I use in catalina.policy for granting permissions to the
whole webapp and which codebase for granting permissions for a special jar
(inside WEB-INF/lib)?
Many thanks in advance!
