| Home | Forums | Reviews | Guides | Newsgroups | Register | Search |
 |
| Thread Tools |
|
Guest
Posts: n/a
|
I'm trying to run a web service using tomcat with its security manager
enabled. I have it running fine, except now i wish to add a call to an executable in the web service. Normally i would give the axis webapp read and execute permissions in the catalina.policy file to the executable in question. However this is not working correctly and still throwing a security exception. I have been running with the jvm arg -Djava.security.debug=access to give me some more information but its not being to helpful. If grant all permissions to every class then all is fine (as expected) for example grant{ permission java.security.AllPermission; }; the following statements do not work and throws the same security exception: grant codeBase "file:/usr/local/jakarta-tomcat-5.5.4/webapps/axis/WEB-INF/lib/axis.jar"{ permission java.security.AllPermission; }; grant codeBase "file:/usr/local/jakarta-tomcat-5.5.4/webapps/axis/-"{ permission java.security.AllPermission; }; and even grant codeBase "file:/-"{ permission java.security.AllPermission; }; Any help/ideas would great. Thanks in advance. Tim The thrown exception is shown below: java.security.AccessControlException: access denied (java.io.FilePermission /usr/bin/quota execute) at java.security.AccessControlContext.checkPermission (AccessControlContext.java:264) at java.security.AccessController.checkPermission(Acc essController.java:427) at java.lang.SecurityManager.checkPermission(Security Manager.java:532) at java.lang.SecurityManager.checkExec(SecurityManage r.java:779) at java.lang.ProcessBuilder.start(ProcessBuilder.java :447) at java.lang.Runtime.exec(Runtime.java:591) at java.lang.Runtime.exec(Runtime.java:429) at java.lang.Runtime.exec(Runtime.java:326) at Quota.getUsage(Quota.java:12) <!-- my class in axis webapp at sun.reflect.NativeMethodAccessorImpl.invoke0(Nativ e Method) at sun.reflect.NativeMethodAccessorImpl.invoke(Native MethodAccessorImpl.java:39) at sun.reflect.DelegatingMethodAccessorImpl.invoke(De legatingMethodAccessorImpl.java:25) at java.lang.reflect.Method.invoke(Method.java:585) at org.apache.axis.providers.java.RPCProvider.invokeM ethod(RPCProvider.java:397) at org.apache.axis.providers.java.RPCProvider.process Message(RPCProvider.java:186) at org.apache.axis.providers.java.JavaProvider.invoke (JavaProvider.java:323) at org.apache.axis.strategies.InvocationStrategy.visi t(InvocationStrategy.java:32) at org.apache.axis.SimpleChain.doVisiting(SimpleChain .java:11  at org.apache.axis.SimpleChain.invoke(SimpleChain.jav a:83) at org.apache.axis.handlers.soap.SOAPService.invoke(S OAPService.java:453) at org.apache.axis.server.AxisServer.invoke(AxisServe r.java:281) at org.apache.axis.transport.http.AxisServlet.doPost( AxisServlet.java:699) at javax.servlet.http.HttpServlet.service(HttpServlet .java:709) at org.apache.axis.transport.http.AxisServletBase.ser vice(AxisServletBase.java:327) at javax.servlet.http.HttpServlet.service(HttpServlet .java:802) at sun.reflect.NativeMethodAccessorImpl.invoke0(Nativ e Method) at sun.reflect.NativeMethodAccessorImpl.invoke(Native MethodAccessorImpl.java:39) at sun.reflect.DelegatingMethodAccessorImpl.invoke(De legatingMethodAccessorImpl.java:25) at java.lang.reflect.Method.invoke(Method.java:585) at org.apache.catalina.security.SecurityUtil$1.run(Se curityUtil.java:239) at java.security.AccessController.doPrivileged(Native Method) at javax.security.auth.Subject.doAsPrivileged(Subject .java:517) at org.apache.catalina.security.SecurityUtil.execute( SecurityUtil.java:271) at org.apache.catalina.security.SecurityUtil.doAsPriv ilege(SecurityUtil.java:157) at org.apache.catalina.core.ApplicationFilterChain.in ternalDoFilter(ApplicationFilterChain.java:231) at org.apache.catalina.core.ApplicationFilterChain.ac cess$000(ApplicationFilterChain.java:50) at org.apache.catalina.core.ApplicationFilterChain$1. run(ApplicationFilterChain.java:140) at java.security.AccessController.doPrivileged(Native Method) at org.apache.catalina.core.ApplicationFilterChain.do Filter(ApplicationFilterChain.java:136) at org.apache.catalina.core.StandardWrapperValve.invo ke(StandardWrapperValve.java:214) at org.apache.catalina.core.StandardContextValve.invo ke(StandardContextValve.java:17 at org.apache.catalina.core.StandardHostValve.invoke( StandardHostValve.java:126) at org.apache.catalina.valves.ErrorReportValve.invoke (ErrorReportValve.java:105) at org.apache.catalina.core.StandardEngineValve.invok e(StandardEngineValve.java:107) at org.apache.catalina.connector.CoyoteAdapter.servic e(CoyoteAdapter.java:14 at org.apache.coyote.http11.Http11Processor.process(H ttp11Processor.java:825) at org.apache.coyote.http11.Http11Protocol$Http11Conn ectionHandler.processConnection(Http11Protocol.jav a:731) at org.apache.tomcat.util.net.PoolTcpEndpoint.process Socket(PoolTcpEndpoint.java:526) at org.apache.tomcat.util.net.LeaderFollowerWorkerThr ead.runIt(LeaderFollowerWorkerThread.java:80) at org.apache.tomcat.util.threads.ThreadPool$ControlR unnable.run(ThreadPool.java:684) at java.lang.Thread.run(Thread.java:595) |
|
|
|
|||
|
|
| |
|
| Thread Tools | |
|
|
