Christopher Schultz wrote:
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Pete,
On 10/30/2009 7:59 PM, Pete McNeil wrote:
Fresh install of Tomcat6 on fresh install of ubuntu.
Be specific: exactly which version of Tomcat 6?
Using CATALINA_BASE: /usr/share/tomcat6
Using CATALINA_HOME: /usr/share/tomcat6
Using CATALINA_TMPDIR: /usr/share/tomcat6/temp
Using JRE_HOME: /usr
Server version: Apache Tomcat/6.0.18
Server built: Feb 27 2009 06:50:18
Server number: 6.0.0.0
OS Name: Linux
OS Version: 2.6.24-24-xen
Architecture: amd64
JVM Version: 1.6.0_0-b14
JVM Vendor: Sun Microsystems Inc.
<Host name="someplace" appBase="/home/someplace/webapps"
unpackWARs="true" autoDeploy="true"
xmlValidation="false" xmlNamespaceAware="false">
<Context
path=""
docBase="/home/someplace/www.someplace.com"
reloadable="true"/>
NB: <Context> should be in a context.xml file on the disk, not in your
server.xml file.
Tried that -- couldn't make it work. I want this to be the default
application on this server and I want to host it from a specific user
directory. This seems to be the recommended way to do that, and it works.
<snip/>
First access after what? Tomcat restart? Webapp restart?
Thought I was clear on that, sorry. First request after restarting tomcat.
<snip/>
That's interesting that this exception happens only once, given that
each time it should attempt to load the same class.
Given the exception, I suspect it's an incorrectly-configured
SecurityManager.
<snip/>
I have seen suggestions that this might be some kind of timing issue
with the security manager.
I've also received the following suggestion directly (off list):
$CATALINA_HOME/conf/catalina.policy
grant codeBase "file:${catalina.home}/lib/tomcat-coyote.jar" {
{
//set coyote perms
permission java.lang.RuntimePermission
"accessClassInPackage.org.apache.coyote.*";
}
===
In the mean time I was trying to solve something else and stumbled upon
fixing this issue at the same time... However I don't pretend to
completely understand it and I'm sure the underlying issue isn't
resolved since it wasn't really addressed. I will dig deeper tomorrow
and try to find the answer. I hope also that this thread will eventually
show the answer for others to find.
My temporary solution was to add the following to
/etc/tomcat6/policy.d/50local.policy
grant codeBase "file:/home/someplace/www.someplace.com/-" {
permission java.security.AllPermission;
};
----
I am porting this app from a different resin based server to a new
tomcat based server. My previous server did not have a security manager.
The other problem I was attempting to solve was a security issue where a
tool we built in a .jar was not able to connect to one of our servers. I
tried to grant specific permissions for that jar - - and the result was
nothing would work...
I finally granted all permissions (I know this is heavy handed) to the
app's root and not only did it solve my server access problem, but the
problem that started this thread also went away. Now that I have this in
place the first request after a tomcat restart does not create an error.
----
I read that a grant read entry is created automatically for any app that
is deployed.
I read in other places that this kind of thing might be a timing issue.
I wonder if the error occurred because the automatically generated grant
read entry was not in place for the first request after a tomcat
restart; and that my heavy-handed grant for the entire app has "hidden"
this problem because my entry is always in place as tomcat comes up.
Those are my thoughts.
I look forward to eliminating the mystery and finding the correct
solution (even if what I have now seems to work).
Best,
_M
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
For additional commands, e-mail: users-h...@tomcat.apache.org
