I work with security policies on Tomcat 6. I have successfully granted permissions for all of my webapp, but would like to grant some permissions only to certain classes. However, when I try to do this, my doPrivileged block gets an AccessControlException.
Since I successfully provided a more general code base, I went back to that code base and tested when I added each additional subdirectory. So the most specific grant I can make is this:
grant codeBase "file: $ {catalina.home} / webapps / ROOT / WEB-INF / -" {...}
If I add "classes /", as in:
grant codeBase "file: $ {catalina.home} / webapps / ROOT / WEB-INF / classes / -" {...}
then I will again see an AccessControlException. The class I'm trying to resolve is below the class directory. Webapp was deployed as a .war file and unpacked by Tomcat.
What am I doing wrong here? I intend to follow the example provided in the catalina.policy directory with Tomcat.
source
share