0 Replies Latest reply on Apr 23, 2003 3:12 PM by brucec

    Enabling security causing Webapp Loader exception

    brucec Newbie

      I'm trying to enable JAAS security starting with a minimal configuration and have run into a NullPointerException from ContainerBase.addChild pointing to WebappLoader.start (678) and WebappClassLoader.addPermission (497).

      Maybe somone can tell me what I've forgotten to do or done wrong.

      I am running jboss-3.0.4_tomcat-4.1.12 on RedHat Linux 7.3

      The minimal changes I've added so far are:

      $JBOSS_HOME/bin/run.sh:

      # Added modifications for security manager
      if [ "$CONFIG" == "" ]; then CONFIG=default; fi
      PF=../server/$CONFIG/conf/server.policy
      OPTS=-Djava.security.manager
      OPTS="$OPTS -Djava.security.policy=$PF"
      OPTS="$OPTS -Djava.security.debug=failure"

      exec $JAVA $JAVA_OPTS $OPTS\

      $JBOSS_HOME/server/default/conf/security.policy:

      grant {
      permission java.util.PropertyPermission "*", "read,write";
      permission java.lang.RuntimePermission "*", "getProtectionDomain";
      permission java.io.FilePermission "/-", "read,write,execute";
      permission java.io.FilePermission jboss-3.0.4_tomcat-4.1.12/server/default/-", "delete";
      permission javax.security.auth.AuthPermission "*", "createLoginContext.jbossmq";
      permission java.net.SocketPermission "*", "accept,resolve";
      permission org.apache.naming.JndiPermission "*";
      };
      grant Principal org.jboss.security.SimplePrincipal "Admin" {
      // Allow everything for now
      permission java.security.AllPermission;
      };
      grant Principal org.jboss.security.SimplePrincipal "Operator" {
      permission com.transdyn.dynac.security.AccessPermission;
      };


      Thanks