Advertisement

07.10.2008 at 06:42AM PDT, ID: 23553650
[x]
Attachment Details

Tomcat JasperException: access denied trying to test a JSP file (Apache/Ubuntu)

Asked by bored_shiva in Apache Tomcat Application Server, Apache Web Server, Java Server Pages (JSP)

Tags: , , , , ,

I run the following configuration:
Ubuntu 8.04 (Hardy)
Apache 2.2.8
Tomcat 5.5 (installed via ubuntu packege)
Sun Java 6
Sun NetBeans 6.01 as my IDE.

When I try to deploy any project that uses JSP from NetBeans to the Apache/Tomcat server, I get the response below. I got as far as figuring out that this has something to do with the catalina.policy file, but I don't know how to fix it. (The file I use is also below.) I'm also attaching as a file the catalina.out file (renamed cataline.out.txt  and truncated to comply with site req. (original file is over 15MB)), which is suppose to be the log of what is not working.

My question is what is this and, more importantly, how do you fix it?!?
ThanksStart Free Trial 
1:
2:
3:
4:
5:
6:
7:
8:
9:
10:
11:
12:
13:
14:
15:
16:
17:
18:
19:
20:
21:
22:
23:
24:
25:
26:
27:
28:
29:
30:
31:
32:
33:
34:
35:
36:
37:
38:
39:
40:
41:
42:
43:
44:
45:
46:
47:
48:
49:
50:
51:
52:
53:
54:
55:
56:
57:
58:
59:
60:
61:
62:
63:
64:
65:
66:
67:
68:
69:
70:
71:
72:
73:
74:
75:
76:
77:
78:
79:
80:
81:
82:
83:
84:
85:
86:
87:
88:
89:
90:
91:
92:
93:
94:
95:
96:
97:
98:
99:
100:
101:
102:
103:
104:
105:
106:
107:
108:
109:
110:
111:
112:
113:
114:
115:
116:
117:
118:
119:
120:
121:
122:
123:
124:
125:
126:
127:
128:
129:
130:
131:
132:
133:
134:
135:
136:
137:
138:
139:
140:
141:
142:
143:
144:
145:
146:
147:
148:
149:
150:
151:
152:
153:
154:
155:
156:
157:
158:
159:
160:
161:
162:
163:
164:
165:
166:
167:
168:
169:
170:
171:
172:
173:
174:
175:
176:
177:
178:
179:
180:
181:
182:
183:
184:
185:
186:
187:
188:
189:
190:
191:
192:
193:
194:
195:
196:
197:
198:
199:
200:
201:
202:
203:
204:
205:
206:
207:
208:
209:
210:
211:
212:
213:
214:
215:
216:
217:
218:
219:
220:
221:
222:
223:
224:
225:
226:
227:
228:
229:
230:
231:
232:
233:
234:
235:
236:
237:
238:
239:
240:
241:
242:
243:
244:
245:
246:
247:
248:
249:
250:
251:
252:
253:
254:
255:
256:
257:
258:
259:
260:
261:
262:
263:
264:
265:
266:

HTTP Status 500 -
 
type Exception report
 
message
 
description The server encountered an internal error () that prevented it from fulfilling this request.
 
exception
 
org.apache.jasper.JasperException: access denied (java.io.FilePermission /media/Code/netbeans/java/webtest2/build/web/WEB-INF/classes/logging.properties read)
	org.apache.jasper.servlet.JspServletWrapper.handleJspException(JspServletWrapper.java:460)
	org.apache.jasper.servlet.JspServletWrapper.service(JspServletWrapper.java:373)
	org.apache.jasper.servlet.JspServlet.serviceJspFile(JspServlet.java:329)
	org.apache.jasper.servlet.JspServlet.service(JspServlet.java:265)
	javax.servlet.http.HttpServlet.service(HttpServlet.java:802)
	sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
	sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
	sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
	java.lang.reflect.Method.invoke(Method.java:597)
	org.apache.catalina.security.SecurityUtil$1.run(SecurityUtil.java:244)
	java.security.AccessController.doPrivileged(Native Method)
	javax.security.auth.Subject.doAsPrivileged(Subject.java:517)
	org.apache.catalina.security.SecurityUtil.execute(SecurityUtil.java:276)
	org.apache.catalina.security.SecurityUtil.doAsPrivilege(SecurityUtil.java:162)
 
root cause
 
java.security.AccessControlException: access denied (java.io.FilePermission /media/Code/netbeans/java/webtest2/build/web/WEB-INF/classes/logging.properties read)
	java.security.AccessControlContext.checkPermission(AccessControlContext.java:323)
	java.security.AccessController.checkPermission(AccessController.java:546)
	java.lang.SecurityManager.checkPermission(SecurityManager.java:532)
	java.lang.SecurityManager.checkRead(SecurityManager.java:871)
	java.io.File.exists(File.java:731)
	org.apache.naming.resources.FileDirContext.file(FileDirContext.java:828)
	org.apache.naming.resources.FileDirContext.lookup(FileDirContext.java:211)
	org.apache.naming.resources.ProxyDirContext.lookup(ProxyDirContext.java:294)
	org.apache.catalina.loader.WebappClassLoader.findResourceInternal(WebappClassLoader.java:1924)
	org.apache.catalina.loader.WebappClassLoader.findResource(WebappClassLoader.java:936)
	org.apache.juli.ClassLoaderLogManager.readConfiguration(ClassLoaderLogManager.java:299)
	org.apache.juli.ClassLoaderLogManager$2.run(ClassLoaderLogManager.java:273)
	java.security.AccessController.doPrivileged(Native Method)
	org.apache.juli.ClassLoaderLogManager.getClassLoaderInfo(ClassLoaderLogManager.java:270)
	org.apache.juli.ClassLoaderLogManager.getLogger(ClassLoaderLogManager.java:175)
	java.util.logging.Logger.getLogger(Logger.java:275)
	jmaki.runtime.AjaxContext.getLogger(AjaxContext.java:411)
	jmaki.runtime.WidgetCommonRenderer.init(WidgetCommonRenderer.java:141)
	jmaki.runtime.jsp.WidgetTag.doEndTag(WidgetTag.java:128)
	org.apache.jsp.index_jsp._jspx_meth_a_005fwidget_005f0(index_jsp.java:126)
	org.apache.jsp.index_jsp._jspService(index_jsp.java:90)
	org.apache.jasper.runtime.HttpJspBase.service(HttpJspBase.java:98)
	javax.servlet.http.HttpServlet.service(HttpServlet.java:802)
	org.apache.jasper.servlet.JspServletWrapper.service(JspServletWrapper.java:331)
	org.apache.jasper.servlet.JspServlet.serviceJspFile(JspServlet.java:329)
	org.apache.jasper.servlet.JspServlet.service(JspServlet.java:265)
	javax.servlet.http.HttpServlet.service(HttpServlet.java:802)
	sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
	sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
	sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
	java.lang.reflect.Method.invoke(Method.java:597)
	org.apache.catalina.security.SecurityUtil$1.run(SecurityUtil.java:244)
	java.security.AccessController.doPrivileged(Native Method)
	javax.security.auth.Subject.doAsPrivileged(Subject.java:517)
	org.apache.catalina.security.SecurityUtil.execute(SecurityUtil.java:276)
	org.apache.catalina.security.SecurityUtil.doAsPrivilege(SecurityUtil.java:162)
 
note The full stack trace of the root cause is available in the Apache Tomcat/5.5 logs.
Apache Tomcat/5.5
 
 
===========================
Catalina.policy
===========================
// AUTO-GENERATED FILE -- DO NOT EDIT!
// Edit the files in /etc/tomcat5.5/policy.d/ instead
 
// ============================================================================
// catalina.corepolicy - Security Policy Permissions for Tomcat 5
//
// This file contains a default set of security policies to be enforced (by the
// JVM) when Catalina is executed with the "-security" option.  In addition
// to the permissions granted here, the following additional permissions are
// granted to the codebase specific to each web application:
//
// * Read access to the document root directory
//
// $Id: 01system.policy 2783 2006-11-22 10:50:31Z marcusb-guest $
// ============================================================================
 
 
// ========== SYSTEM CODE PERMISSIONS =========================================
 
 
// These permissions apply to javac
grant codeBase "file:${java.home}/lib/-" {
        permission java.security.AllPermission;
};
 
// These permissions apply to all shared system extensions
grant codeBase "file:${java.home}/jre/lib/ext/-" {
        permission java.security.AllPermission;
};
 
// These permissions apply to javac when ${java.home] points at $JAVA_HOME/jre
grant codeBase "file:${java.home}/../lib/-" {
        permission java.security.AllPermission;
};
 
// These permissions apply to all shared system extensions when
// ${java.home} points at $JAVA_HOME/jre
grant codeBase "file:${java.home}/lib/ext/-" {
        permission java.security.AllPermission;
};
// These permissions apply to all JARs from Debian packages
grant codeBase "file:/usr/share/java/-" {
  permission java.security.AllPermission;
};
grant codeBase "file:/usr/share/ant/lib/-" {
  permission java.security.AllPermission;
};
// ========== CATALINA CODE PERMISSIONS =======================================
 
// These permissions apply to the launcher code
grant codeBase "file:${catalina.home}/bin/commons-launcher.jar" {
        permission java.security.AllPermission;
};
 
// These permissions apply to the daemon code
grant codeBase "file:${catalina.home}/bin/commons-daemon.jar" {
        permission java.security.AllPermission;
};
 
// These permissions apply to the commons-logging API
grant codeBase "file:${catalina.home}/bin/commons-logging-api.jar" {
        permission java.security.AllPermission;
};
 
// These permissions apply to the server startup code
grant codeBase "file:${catalina.home}/bin/bootstrap.jar" {
        permission java.security.AllPermission;
};
 
// These permissions apply to the JMX server
grant codeBase "file:${catalina.home}/bin/jmx.jar" {
        permission java.security.AllPermission;
};
 
// These permissions apply to JULI
grant codeBase "file:${catalina.home}/bin/tomcat-juli.jar" {
	permission java.util.PropertyPermission "java.util.logging.config.class", "read";
	permission java.util.PropertyPermission "java.util.logging.config.file", "read";
	permission java.lang.RuntimePermission "shutdownHooks";
	permission java.io.FilePermission "${catalina.base}${file.separator}conf${file.separator}logging.properties", "read";
	permission java.util.PropertyPermission "catalina.base", "read";
	permission java.util.logging.LoggingPermission "control";
	permission java.io.FilePermission "${catalina.base}${file.separator}logs", "read, write";
	permission java.io.FilePermission "${catalina.base}${file.separator}logs${file.separator}*", "read, write";
	permission java.lang.RuntimePermission "getClassLoader";
	// To enable per context logging configuration, permit read access to the appropriate file.
	// Be sure that the logging configuration is secure before enabling such access
	// eg for the examples web application:
	// permission java.io.FilePermission "${catalina.base}${file.separator}webapps${file.separator}examples${file.separator}WEB-INF${file.separator}classes${file.separator}logging.properties", "read";
};
 
// These permissions apply to the servlet API classes
// and those that are shared across all class loaders
// located in the "common" directory
grant codeBase "file:${catalina.home}/common/-" {
        permission java.security.AllPermission;
};
 
// These permissions apply to the container's core code, plus any additional
// libraries installed in the "server" directory
grant codeBase "file:${catalina.home}/server/-" {
        permission java.security.AllPermission;
};
// ========== WEB APPLICATION PERMISSIONS =====================================
 
 
// These permissions are granted by default to all web applications
// In addition, a web application will be given a read FilePermission
// and JndiPermission for all files and directories in its document root.
grant { 
    // Required for JNDI lookup of named JDBC DataSource's and
    // javamail named MimePart DataSource used to send mail
    permission java.util.PropertyPermission "java.home", "read";
    permission java.util.PropertyPermission "java.naming.*", "read";
    permission java.util.PropertyPermission "javax.sql.*", "read";
 
    // OS Specific properties to allow read access
    permission java.util.PropertyPermission "os.name", "read";
    permission java.util.PropertyPermission "os.version", "read";
    permission java.util.PropertyPermission "os.arch", "read";
    permission java.util.PropertyPermission "file.separator", "read";
    permission java.util.PropertyPermission "path.separator", "read";
    permission java.util.PropertyPermission "line.separator", "read";
    permission java.util.PropertyPermission "catalina.base", "read";
    permission java.util.PropertyPermission "catalina.home", "read";
 
    // JVM properties to allow read access
    permission java.util.PropertyPermission "java.version", "read";
    permission java.util.PropertyPermission "java.vendor", "read";
    permission java.util.PropertyPermission "java.vendor.url", "read";
    permission java.util.PropertyPermission "java.class.version", "read";
	permission java.util.PropertyPermission "java.specification.version", "read";
	permission java.util.PropertyPermission "java.specification.vendor", "read";
	permission java.util.PropertyPermission "java.specification.name", "read";
 
	permission java.util.PropertyPermission "java.vm.specification.version", "read";
	permission java.util.PropertyPermission "java.vm.specification.vendor", "read";
	permission java.util.PropertyPermission "java.vm.specification.name", "read";
	permission java.util.PropertyPermission "java.vm.version", "read";
	permission java.util.PropertyPermission "java.vm.vendor", "read";
	permission java.util.PropertyPermission "java.vm.name", "read";
 
    // Required for OpenJMX
    permission java.lang.RuntimePermission "getAttribute";
 
	// Allow read of JAXP compliant XML parser debug
	permission java.util.PropertyPermission "jaxp.debug", "read";
 
    // Precompiled JSPs need access to this package.
    permission java.lang.RuntimePermission "accessClassInPackage.org.apache.jasper.runtime";
    permission java.lang.RuntimePermission "accessClassInPackage.org.apache.jasper.runtime.*";
    
};
 
// The permissions granted to the balancer WEB-INF/classes and WEB-INF/lib directory
grant codeBase "file:/usr/share/tomcat5.5-webapps/balancer/-" {
    permission java.lang.RuntimePermission "accessClassInPackage.org.apache.tomcat.util.digester";
    permission java.lang.RuntimePermission "defineClassInPackage.org.apache.tomcat.util.digester";
};
grant codeBase "file:/usr/share/struts1.2/struts.jar" {
  permission java.security.AllPermission;
};
// You can assign additional permissions to particular web applications by
// adding additional "grant" entries here, based on the code base for that
// application, /WEB-INF/classes/, or /WEB-INF/lib/ jar files.
//
// Different permissions can be granted to JSP pages, classes loaded from
// the /WEB-INF/classes/ directory, all jar files in the /WEB-INF/lib/
// directory, or even to individual jar files in the /WEB-INF/lib/ directory.
//
// For instance, assume that the standard "examples" application
// included a JDBC driver that needed to establish a network connection to the
// corresponding database and used the scrape taglib to get the weather from
// the NOAA web server.  You might create a "grant" entries like this:
//
// The permissions granted to the context root directory apply to JSP pages.
// grant codeBase "file:${catalina.base}/webapps/examples/-" {
//      permission java.net.SocketPermission "dbhost.mycompany.com:5432", "connect";
//      permission java.net.SocketPermission "*.noaa.gov:80", "connect";
// };
//
// The permissions granted to the context WEB-INF/classes directory
// grant codeBase "file:${catalina.base}/webapps/examples/WEB-INF/classes/-" {
// };
//
// The permission granted to your JDBC driver
// grant codeBase "jar:file:${catalina.base}/webapps/examples/WEB-INF/lib/driver.jar!/-" {
//      permission java.net.SocketPermission "dbhost.mycompany.com:5432", "connect";
// };
// The permission granted to the scrape taglib
// grant codeBase "jar:file:${catalina.base}/webapps/examples/WEB-INF/lib/scrape.jar!/-" {
//      permission java.net.SocketPermission "*.noaa.gov:80", "connect";
// };
Attachments:
 
catalina.out.txt (1.4 MB) (File Type Details) 
catalina.out file from my system
 
[+][-]07.10.2008 at 04:26PM PDT, ID: 21978288

View this solution now by starting your 7-day free trial. Setting up your free trial is quick, easy, and secure. We will return you to this solution, unlocked, when you're done.

 

About this solution

Zones: Apache Tomcat Application Server, Apache Web Server, Java Server Pages (JSP)
Tags: Tomcat, 5.5, Apache/2.2.8 (Ubuntu 8.04), Sun NetBeans 6.01 IDE, JSP, Firefox 3, JasperException: access denied
Sign Up Now!
Solution Provided By: objects
Participating Experts: 1
Solution Grade: A
 
 
[+][-]07.11.2008 at 12:48AM PDT, ID: 21980618

Often, when Experts are collaborating with members who have asked questions, they will request additional information about the problem. Askers respond with an author comment like this one.

Start your 7-day free trial to view this Author Comment or ask the Experts your question.

 
 
Loading Advertisement...
20080716-EE-VQP-32 / EE_QW_2_20070628