[opencms-dev] Newbie Install Help : Permissions

Sam Batschelet sam at westbranchresort.com
Sat Oct 7 22:11:50 CEST 2006 



On 10/7/06 12:39 PM, "Jonathan Woods" <jonathan.woods at scintillance.com>
wrote:


> 
>>> From a bit of Googling on the exception trace (the BeanUtils carp
>>> about not being able to access something or other) it does look like
>>> restrictive security permissions are the problem.  Security perms may
>>> be set on the Java invocation which fires up the Sun app server (i.e.
>>> on the command line or in properties files which it refers to) or else
>>> they're buried deep in app server config.
>>> 
>>> Is this any help?:
>>> http://docs.sun.com/app/docs/doc/819-3659/6n5s6m58n?a=view
>>> 
>>> Jon
>> 
>> Jon,
>>   Yes that doc is helpful as it does outline the guidelines to what I have
>> been hacking around from google examples.  But the problem is that I have
>> set these permissions for the files that are being complained about
>> opencms-vfs.xml .  It seems more involved than actually reading the XML
>> config file.  Here is my server file <below>.  Now this is very random and
>> messy because I am adding these from things I have read.  Some have unlocked
>> problems but I still have a few.  Is there a document which highlights the
>> necessary security perms for opencms?  I know some of this is very
>> promiscuous and possibly very wrong but it seems like these perms should be
>> outlined in the docs which I haven't found.  Thanks again Jon for your time.
> 
> 
> Well, you know a lot more about this than I do!  I confess that I have been
> known to grant all permissions to Java (i.e. I don't run with a security
> manager), and I rely instead on Unix security.  The Java process runs as a
> severely limited user, and therefore it can attempt what it likes without
> much compromising anything else.  So I guess what I'm saying is... would
> that be enough for you?  You could then turn off JVM-level security
> altogether, though I agree it's better to be as complete as possible.
> 
> Or more palatably, you could turn off JVM security while developing, at
> least making some visible progress, and hopefully keep your fledgling
> OpenCms installation closed to the world at large.  Maybe the JVM security
> answer would come in time for opening things up.
> 
> Jon

When I read your post I got very excited that I could remove the permission
issue all together but I think that I have found that it is already off.
>From reading the docs and the config file domain.xml the security is off by
default.  Now I could be off but I read how to turn it on and it doesn't
seem to show how to turn it off so I assume its off by default.  What a mess
I wish I could use tomcat5.

More information about the opencms-dev mailing list