The documentation says the default configuration file (server.policy) has everything enabled and "What is a reasonable set of permissions is entirely up to you."
Does anyone know of a server.policy example that contains everything necessary for JBoss/Tomcat to run correctly. I've created my own server.policy file by adding in Permissions that show up as missing when I run JBoss in a secure mode, but something is still missing because 5 packages don't get deployed by org.jboss.web.catalina.EmbeddedCatalinaService.
My current server.policy file looks like this:
grant {
permission java.util.PropertyPermission "*", "read,write";
permission java.lang.RuntimePermission "*", "getProtectionDomain";
permission java.io.FilePermission "/tools/-", "read,write,execute";
permission java.io.FilePermission "/jboss-3.0.4_tomcat-4.1.12/server/default/-", "delete";
permission javax.security.auth.AuthPermission "*", "createLoginContext.jbossmq";
permission java.net.SocketPermission "*", "accept,resolve";
permission org.apache.naming.JndiPermission "*";
};
grant Principal org.jboss.security.SimplePrincipal "Administrator" {
// Allow everything for now
permission java.security.AllPermission;
};
grant Principal org.jboss.security.SimplePrincipal "Operator" {
permission com.transdyn.dynac.security.AccessPermission;
};
Thanks