Solved

JSP SecurityException

Posted on 2002-07-18
4
248 Views
Last Modified: 2012-06-21
Hello, all
I know how to set the java policy file for a normal application through the java command.

My problem now is that I use it as a bean inside a JSP page.

How I set the policy file for the bean ?

I take a SecurityException because the bean tries to connect to a Socket.

The instantiation of the bean inside the JSP is like taht:
<jsp:useBean id="roomCoordinator" class="com.game.arena.RoomCoordinator" scope="application"/>


Any ideas ?

0
Comment
Question by:pouli
  • 3
4 Comments
 

Author Comment

by:pouli
ID: 7162343
I found that inside the <apache>/conf/catalina.policy file the security restrictions are loaded.

I added at the end of the file the following lines:
grant{
    permission java.net.SocketPermission "*:1024-65535", "connect,accept,resolve";
};

but when I run the web page, again I took the AccessControlException: access denied......127.0.0.1:1099

I tried as well to add a codebase to the grant. I set the codebase to the class that tries the Naming.rebind (where the exception is thrown, the .jsp file and the parent class of the one that raises the exception (in other words the applet)

But none of them had any success.
It should be noted that I tried the previous things 1 at a time.

please help
0
 

Author Comment

by:pouli
ID: 7162852
I found that in catalina.bat file you couls enter arguments when the java command loads the server.

Unfortunately this do not work either.

0
 

Author Comment

by:pouli
ID: 7163538
The problem is solved.

After granting the permissions to the
<apache_home>/conf/catalina.policy file

the server MUT be started like this

<apache_home>/bin/catalina.bat start -security (windows)

Analogous for Linux
the key is the -security option
0
 
LVL 1

Accepted Solution

by:
Computer101 earned 0 total points
ID: 7163544
Points refunded and placed in PAQ

Computer101
E-E Moderator
0

Featured Post

Is Your Active Directory as Secure as You Think?

More than 75% of all records are compromised because of the loss or theft of a privileged credential. Experts have been exploring Active Directory infrastructure to identify key threats and establish best practices for keeping data safe. Attend this month’s webinar to learn more.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
groupSumClump challenge 9 102
groovy example issue 10 90
servlet example 17 5
hibernate jars 4 0
After being asked a question last year, I went into one of my moods where I did some research and code just for the fun and learning of it all.  Subsequently, from this journey, I put together this article on "Range Searching Using Visual Basic.NET …
By the end of 1980s, object oriented programming using languages like C++, Simula69 and ObjectPascal gained momentum. It looked like programmers finally found the perfect language. C++ successfully combined the object oriented principles of Simula w…
Viewers will learn about if statements in Java and their use The if statement: The condition required to create an if statement: Variations of if statements: An example using if statements:
Viewers will learn about basic arrays, how to declare them, and how to use them. Introduction and definition: Declare an array and cover the syntax of declaring them: Initialize every index in the created array: Example/Features of a basic arr…

895 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

15 Experts available now in Live!

Get 1:1 Help Now