-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 All,
I'm working on getting my application working under a SecurityManager. It's actually been a little less painful than I thought it would be. I'm using Solr for some index searching. I'm using SolrJ for the library to communicate via HTTP to a localhost Solr server. When using this grant: grant { permission "java.util.PropertyPermission" "solr.httpclient.builder.factory", "read"; permission "java.net.SocketPermission", "localhost:8983", "resolve,connect"; } My application can can contact Solr without any errors. If I change the "grant" to include a codeBase to restrict those connections to the Solr library, I get a AccessControlException: access denied to the system property. Here is the modified grant: grant codeBase "file:${catalina.base}${file.separator}webapps${file.separator}myapp${fi le.separator}WEB-INF${file.separator}lib${file.separator}solr-solrj-7.2. 1.jar" { permission "java.util.PropertyPermission" "solr.httpclient.builder.factory", "read"; permission "java.net.SocketPermission" "localhost:8983", "resolve,connect"; }; I have verified that the file exists under the path specified above. I tried both ${file.separator} and '/' as the file separator. I also tried "jar:/path/to/jar!/-" as the codeBase. No luck. These grants are added to the end of the stock catalina.policy file that ships with Tomcat. What am I missing, here? - -chris -----BEGIN PGP SIGNATURE----- Comment: GPGTools - http://gpgtools.org Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/ iQJRBAEBCAA7FiEEMmKgYcQvxMe7tcJcHPApP6U8pFgFAlq0IpkdHGNocmlzQGNo cmlzdG9waGVyc2NodWx0ei5uZXQACgkQHPApP6U8pFj/og//dsN0nnYfal37ceL5 pEtIUtOGq87vwHRRMvTuWwxGmm5DqqfC+ZC07IWnJJt5Ap9ir8mYRiYluoCvx0yx LdmUVEesygbhOmyLm6EX3deJ7ozaO5MkFcDx0084y/dHfx+L3mg2n/ysG/qnqoxS 69RvbQNh7ByRsDOnhlSXLc0ZSSB6L9GtE9UpgGdCdyvyBXKS5X3/XOvygJ13lHZH lZH1/iXEUzatZtR7wSySfVdEXSx2JjSagClPmYVi4Lj4Fi9qugbwnpakT8Sr3mJx A/lK/KLPA3NqH/T91fzZBzlmLXqZ6L5GFz2P9iOaQ+1QfcCiMktFxJ2tXzqYDQm1 g0OtE/k2Jf3+QZtpUDJ+cDzLjWdUXs/6oa0Uo37ZXTRU1wowPeX+PHsKr9aqQB+T rx7OXTL/ZLh+bQobaQV4oyiF+mSRLZfrtI7cHoF8ZiwwsXpo4y+4CQqxzsWR6w4A 9wYV/lKecONJnwNey6JujapbcFcWmCZps5crvUyi/YNx/Rl/szdI2vWOevCJwnvQ LgyvbNF8AglERID8bL0fT9RL9Ws5/taII3egavGBMUGi+VYu/qjY2c9unP3W7UR6 42NNGkDxQlum8M3uu3FpDMmsfcRcYzQSZ1yCEharMLzKR6zn0c4odnJpUWmVzLnO brtsSvTBTsIlH3F7dlocMV63W+U= =xlk2 -----END PGP SIGNATURE----- --------------------------------------------------------------------- To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org