|
»
eXist-db with Java security manager
|
View:
New views
3 Messages
—
Rating Filter:
Alert me
|
 |
eXist-db with Java security manager
by Markku Laine
::
Rate this Message:
Hi,
I am sending the question below on behalf of a colleague of mine. Regards -Markku ------------------------- 8< ------------------------- I wonder if anyone has managed to run eXist-db successfully with Java security manager. I have problems at setting up catalina.policy correctly. The requirement is that eXist-db writes its data outside of Apache Tomcat's "webapps" directory. I have created a "webappsdata/exist/data" folder into Apache Tomcat's installation directory. I have already added some policies into the catalina.policy file. eXist-db starts, but when it tries to load the main page (http://localhost:8080/exist/index.xml), the document is empty. If I disable the security manager, eXist-db runs fine. So, conf.xml etc. should be OK. I have the following policies in my catalina.policy. Any idea what's missing? Or even better, if somebody could send me a catalina.policy file which works. ----- permission java.io.FilePermission "${catalina.base}${file.separator}logs", "read, write"; permission java.io.FilePermission "${catalina.base}${file.separator}logs${file.separator}*", "read, write"; permission java.io.FilePermission "${catalina.base}${file.separator}webappsdata", "read, write"; permission java.io.FilePermission "${catalina.base}${file.separator}webappsdata${file.separator}*", "read, write"; // File Encoding Property permission java.util.PropertyPermission "file.property", "read"; // XML SAX and DOM Parsers Configuration Properties permission java.util.PropertyPermission "org.xml.sax.driver", "read"; permission java.util.PropertyPermission "org.apache.cocoon.components.parser.Parser", "read"; permission java.util.PropertyPermission "org.apache.excalibur.xml.sax.SAXParser", "read"; permission java.util.PropertyPermission "javax.xml.parsers.SAXParserFactory", "read"; permission java.util.PropertyPermission "javax.xml.parsers.DocumentBuilderFactory", "read"; // XML Catalog Properties permission java.util.PropertyPermission "xml.catalog.ignoreMissing", "read"; permission java.util.PropertyPermission "xml.catalog.files", "read"; permission java.util.PropertyPermission "xml.catalog.staticCatalog", "read"; permission java.util.PropertyPermission "xml.catalog.className", "read"; permission java.util.PropertyPermission "xml.catalog.prefer", "read"; permission java.util.PropertyPermission "user.dir", "read"; // Cocoon ClassLoader permission java.lang.RuntimePermission "createClassLoader"; // For Cocoon permission java.lang.RuntimePermission "createSecurityManager"; permission java.util.PropertyPermission "*", "read,write"; permission java.lang.RuntimePermission "shutdownHooks"; // For exist permission java.lang.RuntimePermission "getClassLoader"; permission java.lang.RuntimePermission "setContextClassLoader"; ----- Kind regards -Mikko ------------------------- 8< ------------------------- ------------------------------------------------------------------------------ Come build with us! The BlackBerry(R) Developer Conference in SF, CA is the only developer event you need to attend this year. Jumpstart your developing skills, take BlackBerry mobile applications to market and stay ahead of the curve. Join us from November 9 - 12, 2009. Register now! http://p.sf.net/sfu/devconference _______________________________________________ Exist-open mailing list Exist-open@... https://lists.sourceforge.net/lists/listinfo/exist-open |
|
|
Re: eXist-db with Java security manager
by Dannes Wessels-2
::
Rate this Message:
Hi,
regards Dannes ------------------------------------------------------------------------------ Come build with us! The BlackBerry(R) Developer Conference in SF, CA is the only developer event you need to attend this year. Jumpstart your developing skills, take BlackBerry mobile applications to market and stay ahead of the curve. Join us from November 9 - 12, 2009. Register now! http://p.sf.net/sfu/devconference _______________________________________________ Exist-open mailing list Exist-open@... https://lists.sourceforge.net/lists/listinfo/exist-open |
|
|
Re: eXist-db with Java security manager
by Mikko Pohja
::
Rate this Message:
Hi,
Dannes Wessels wrote: > permission java.io.FilePermission > "${catalina.base}${file.separator}webappsdata", "read, write"; > > permission java.io.FilePermission > "${catalina.base}${file.separator}webappsdata${file.separator}*", > "read, write"; > > > I would expect that if the security manager blocks access to resources, > the manager will provide logs on what is wrong...... eighet in exist.log > or the tomcat log. I've checked the logs and everything should be fine regarding my custom folder. The problem is that both eXist-db and Cocoon require number of permissions to work. As you can see from the Markku's email, I've found about 20 of them so far. However, I'm still not able to run eXist-db. I'm just wondering has anyone been able to find all the required permissions for eXist and Cocoon? Regards, Mikko ------------------------------------------------------------------------------ Come build with us! The BlackBerry(R) Developer Conference in SF, CA is the only developer event you need to attend this year. Jumpstart your developing skills, take BlackBerry mobile applications to market and stay ahead of the curve. Join us from November 9 - 12, 2009. Register now! http://p.sf.net/sfu/devconference _______________________________________________ Exist-open mailing list Exist-open@... https://lists.sourceforge.net/lists/listinfo/exist-open |
| Free embeddable forum powered by Nabble | Forum Help |
