ode-user mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Alex Boisvert" <boisv...@intalio.com>
Subject Re: ODE/Tomcat Setup with java security manager enabled
Date Tue, 09 Dec 2008 19:33:08 GMT
Understood; but if it means no webapps can read/write to disk, then there's
a problem.  I think you're the first to try to run Ode in this
configuration.  We would need to understand the limitations when running in
that mode and address each issue individually.   Whether it's worth it or
not, I don't know.

alex


On Tue, Dec 9, 2008 at 11:26 AM, Christian Fonden <
christian.fonden@die-rooter.de> wrote:

> Hi Alex,
>
> it seems that the java security manager is enabled with that flag.
>
> In my oppinion  this is something similar to a sandbox for java code
> running as a servlet, hosted by the tomcat webserver.
> In the past two years I worked with the Microsoft IIS Webserver and I think
> the java security manager can be compared with the dotnet CLR runtime of a
> dotnet web app hosted in the IIS.
>
> Please correct me if I'm wrong....
>
>
> greets
> Chris
>
> ----- Original Message ----- From: "Alex Boisvert" <boisvert@intalio.com>
> To: <user@ode.apache.org>
> Sent: Monday, December 08, 2008 7:44 PM
> Subject: Re: ODE/Tomcat Setup with java security manager enabled
>
>
>
>  What does the TOMCAT5_SECURITY setting actually do?
>>
>> alex
>>
>> On Mon, Dec 8, 2008 at 5:08 AM, Christian Fonden <
>> christian.fonden@die-rooter.de> wrote:
>>
>>  Hello ODE users list,
>>>
>>> I'm new to Apache ODE and Tomcat and just have set up ODE successfully
>>> under debian linux.
>>>
>>> During the Setup process I encountered the following Exception Stack
>>> Trace
>>> when trying to access the ODE Url:
>>> org.apache.jasper.JasperException: access denied
>>> (java.lang.RuntimePermission
>>>
>>> accessClassInPackage.org.apache.jasper.compiler)
>>>
>>> org.apache.jasper.compiler.JspConfig.processWebDotXml(JspConfig.java:185)
>>>  org.apache.jasper.compiler.JspConfig.init(JspConfig.java:198)
>>>
>>> Causing an HTTP 500 Error.
>>>
>>> When turning off the Tomcat Security settings in the /etc/init.d/tomcat55
>>> startup script
>>> in
>>> # Use the Java security manager? (yes/no)
>>>  TOMCAT5_SECURITY=yes (changed to no later)
>>>
>>> everything works fine. The axis2 start page is loading correctly when
>>> accessing the ODE url.
>>>
>>> As turning off the TOMCAT5_SECURITY setting does not seem to be a very
>>> trustworthy solution, my question is:
>>>
>>> How can I get ODE working without turning off that option in the tomcat
>>> settings.
>>>
>>>
>>> greets
>>> Chris
>>>
>>
>>
>

Mime
  • Unnamed multipart/alternative (inline, None, 0 bytes)
View raw message