ode-user mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Christian Fonden" <christian.fon...@die-rooter.de>
Subject Re: ODE/Tomcat Setup with java security manager enabled
Date Tue, 09 Dec 2008 19:26:50 GMT
Hi Alex,

it seems that the java security manager is enabled with that flag.

In my oppinion  this is something similar to a sandbox for java code running 
as a servlet, hosted by the tomcat webserver.
In the past two years I worked with the Microsoft IIS Webserver and I think 
the java security manager can be compared with the dotnet CLR runtime of a 
dotnet web app hosted in the IIS.

Please correct me if I'm wrong....


----- Original Message ----- 
From: "Alex Boisvert" <boisvert@intalio.com>
To: <user@ode.apache.org>
Sent: Monday, December 08, 2008 7:44 PM
Subject: Re: ODE/Tomcat Setup with java security manager enabled

> What does the TOMCAT5_SECURITY setting actually do?
> alex
> On Mon, Dec 8, 2008 at 5:08 AM, Christian Fonden <
> christian.fonden@die-rooter.de> wrote:
>> Hello ODE users list,
>> I'm new to Apache ODE and Tomcat and just have set up ODE successfully
>> under debian linux.
>> During the Setup process I encountered the following Exception Stack 
>> Trace
>> when trying to access the ODE Url:
>> org.apache.jasper.JasperException: access denied
>> (java.lang.RuntimePermission
>> accessClassInPackage.org.apache.jasper.compiler)
>> org.apache.jasper.compiler.JspConfig.processWebDotXml(JspConfig.java:185)
>>  org.apache.jasper.compiler.JspConfig.init(JspConfig.java:198)
>> Causing an HTTP 500 Error.
>> When turning off the Tomcat Security settings in the /etc/init.d/tomcat55
>> startup script
>> in
>> # Use the Java security manager? (yes/no)
>>  TOMCAT5_SECURITY=yes (changed to no later)
>> everything works fine. The axis2 start page is loading correctly when
>> accessing the ODE url.
>> As turning off the TOMCAT5_SECURITY setting does not seem to be a very
>> trustworthy solution, my question is:
>> How can I get ODE working without turning off that option in the tomcat
>> settings.
>> greets
>> Chris

View raw message