%CATALINA_HOME%\bin\catalina start -security change to
Windows
%CATALINA_HOME%\bin\catalina.bat start -security
Unix
%CATALINA_HOME%\bin\catalina.sh start -security make sure you implement
java.lang.RuntimePermission ability for each package
catalina.properties
#
# List of comma-separated packages that start with or equal this string
# will cause a security exception to be thrown when
# passed to checkPackageAccess unless the
# corresponding RuntimePermission ("accessClassInPackage."+package) has
# been granted.
package.access=sun.,org.apache.catalina.,org.apache.coyote.,org.apache.tomcat.,org.apache.jasper.,sun.beans.
then in the catalina.policy file grant the necessary RuntimePermission
$CATALINA_BASE/conf/catalina.policy
// These permissions apply to the server startup code
grant codeBase "file:${catalina.home}/bin/bootstrap.jar" {
permission java.security.RuntimePermission;
};
HTH
Martin
______________________________________________
Disclaimer and Confidentiality/Verzicht und Vertraulichkeitanmerkung / Note de
déni et de confidentialité
This message is confidential. If you should not be the intended receiver, then
we ask politely to report. Each unauthorized forwarding or manufacturing of a
copy is inadmissible. This message serves only for the exchange of information
and has no legal binding effect. Due to the easy manipulation of emails we
cannot take responsibility over the the contents.
Diese Nachricht ist vertraulich. Sollten Sie nicht der vorgesehene Empfaenger
sein, so bitten wir hoeflich um eine Mitteilung. Jede unbefugte Weiterleitung
oder Fertigung einer Kopie ist unzulaessig. Diese Nachricht dient lediglich dem
Austausch von Informationen und entfaltet keine rechtliche Bindungswirkung.
Aufgrund der leichten Manipulierbarkeit von E-Mails koennen wir keine Haftung
fuer den Inhalt uebernehmen.
Ce message est confidentiel et peut être privilégié. Si vous n'êtes pas le
destinataire prévu, nous te demandons avec bonté que pour satisfaire informez
l'expéditeur. N'importe quelle diffusion non autorisée ou la copie de ceci est
interdite. Ce message sert à l'information seulement et n'aura pas n'importe
quel effet légalement obligatoire. Étant donné que les email peuvent facilement
être sujets à la manipulation, nous ne pouvons accepter aucune responsabilité
pour le contenu fourni.
> From: cabb...@hotmail.com
> To: users@tomcat.apache.org
> Subject: Tomcat 6.0.18 on Win32 - Enabling Security Manager
> Date: Mon, 4 May 2009 10:53:14 +1000
>
>
>
>
>
>
> Apologies for previous blank question, I am not sure what happened, actual
> question below.......
> Chris
> --------------------------------------------------------------------------------------------------------------------------------------
> Hi,
> I am writing a Tomcat 6 on Windows
> hardening guide at the moment and I am looking at the process for enabling the
> security manager. On the Tomcat 6 documentation website
> http://tomcat.apache.org/tomcat-6.0-doc/security-manager-howto.html it
> says that on Windows all you need to do is run the following command:
>
> %CATALINA_HOME%\bin\catalina start -security
>
>
>
> However, when I install Tomcat there is no such program as "catalina"
> in the bin directory so I can't run it like that. Within bin there is only
> bootstrap.jar, tomcat6.exe, tomcat6w.exe and tomcat-juli.jar
>
>
>
> Using the Tomcat monitor application there is a tab for startup and there is
> an
> input box for arguments that by default contains 'start' but if I try to add '
> -security' to this argument text box the service fails to start at all.
>
>
>
> Can anyone help in advising me how you get tomcat 6.0.18 to start with a
> security manager. Please note that tomcat was installed from the Tomcat
> Windows
> Service installer and it is running Windows Server 2003 SP2 (32bit).
>
>
>
> Any help is appreciated, I have searched the archives and googled the web and
> this has revealed nothing, it is most likely my error however I am currently
> at
> a loss.
>
>
>
> Thanks
>
>
>
> Chris
>
>
> _________________________________________________________________
> Looking to change your car this year? Find car news, reviews and more
> http://a.ninemsn.com.au/b.aspx?URL=http%3A%2F%2Fsecure%2Dau%2Eimrworldwide%2Ecom%2Fcgi%2Dbin%2Fa%2Fci%5F450304%2Fet%5F2%2Fcg%5F801459%2Fpi%5F1004813%2Fai%5F859641&_t=762955845&_r=tig_OCT07&_m=EXT
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
> For additional commands, e-mail: users-h...@tomcat.apache.org
>
_________________________________________________________________
Hotmail® has ever-growing storage! Don’t worry about storage limits.
http://windowslive.com/Tutorial/Hotmail/Storage?ocid=TXT_TAGLM_WL_HM_Tutorial_Storage1_052009
