[opencms-dev] OpenCms and Tomcat security manager
Wolfgang Jeltsch
lmegd704 at acme.softbase.org
Sun Apr 20 22:22:35 CEST 2008
Hello,
I try to run OpenCms with Tomcat 5.0 on Debian GNU/Linux 4.0. The Debian
Tomcat 5.0 package uses a security manager. This causes an
java.security.AccessControlException during the deployment of OpenCms.
Disabling the security manager results in absence of this exception.
However, I don’t want to run Tomcat without the security manager. So what
rights do I have to grant to OpenCms in the Tomcat configuration?
Here the relevant part of /usr/share/doc/tomcat5/README.Debian.gz:
> Tomcat is started using a security manager, you can define the permissions
> for your servlets and JSPs in /etc/tomcat5/policy.d/*. All files in this
> directory are joined to /etc/tomcat5/catalina.policy at startup.
>
> If your webapp does not work with the tomcat5 Debian package but works fine
> with the binary distribution from Jakarta, try to disbale the security
> manager in /etc/default/tomcat5 first. If this works, add the required
> permissions in a new file in /etc/tomcat5/policy.d/ restart and re-enable
> the security manager.
>
> Disabling the security manager is not recommended on production systems
> since a call to System.exit() in a servlet of JSP page would then stop the
> whole virtual machine that is running Tomcat.
Thanks a lot for any help.
Best wishes,
Wolfgang
More information about the opencms-dev
mailing list