More tomcat6 compatability changes.
This commit is contained in:
parent
bab6746822
commit
a4689eea3f
@ -40,19 +40,26 @@ grant codeBase "file:${java.home}/lib/ext/-" {
|
||||
// ========== CATALINA CODE PERMISSIONS =======================================
|
||||
|
||||
|
||||
// These permissions apply to the launcher code
|
||||
grant codeBase "file:${catalina.home}/bin/commons-launcher.jar" {
|
||||
permission java.security.AllPermission;
|
||||
};
|
||||
|
||||
// These permissions apply to the daemon code
|
||||
grant codeBase "file:${catalina.home}/bin/commons-daemon.jar" {
|
||||
permission java.security.AllPermission;
|
||||
};
|
||||
|
||||
// These permissions apply to the commons-logging API
|
||||
grant codeBase "file:${catalina.home}/bin/commons-logging-api.jar" {
|
||||
permission java.security.AllPermission;
|
||||
// These permissions apply to the logging API
|
||||
grant codeBase "file:${catalina.home}/bin/tomcat-juli.jar" {
|
||||
permission java.util.PropertyPermission "java.util.logging.config.class", "read";
|
||||
permission java.util.PropertyPermission "java.util.logging.config.file", "read";
|
||||
permission java.lang.RuntimePermission "shutdownHooks";
|
||||
permission java.io.FilePermission "${catalina.base}${file.separator}conf${file.separator}logging.properties", "read";
|
||||
permission java.util.PropertyPermission "catalina.base", "read";
|
||||
permission java.util.logging.LoggingPermission "control";
|
||||
permission java.io.FilePermission "${catalina.base}${file.separator}logs", "read, write";
|
||||
permission java.io.FilePermission "${catalina.base}${file.separator}logs${file.separator}*", "read, write";
|
||||
permission java.lang.RuntimePermission "getClassLoader";
|
||||
// To enable per context logging configuration, permit read access to the appropriate file.
|
||||
// Be sure that the logging configuration is secure before enabling such access
|
||||
// eg for the examples web application:
|
||||
// permission java.io.FilePermission "${catalina.base}${file.separator}webapps${file.separator}examples${file.separator}WEB-INF${file.separator}classes${file.separator}logging.properties", "read";
|
||||
};
|
||||
|
||||
// These permissions apply to the server startup code
|
||||
@ -60,23 +67,13 @@ grant codeBase "file:${catalina.home}/bin/bootstrap.jar" {
|
||||
permission java.security.AllPermission;
|
||||
};
|
||||
|
||||
// These permissions apply to the JMX server
|
||||
grant codeBase "file:${catalina.home}/bin/jmx.jar" {
|
||||
permission java.security.AllPermission;
|
||||
};
|
||||
|
||||
// These permissions apply to the servlet API classes
|
||||
// and those that are shared across all class loaders
|
||||
// located in the "common" directory
|
||||
grant codeBase "file:${catalina.home}/common/-" {
|
||||
// located in the "lib" directory
|
||||
grant codeBase "file:${catalina.home}/lib/-" {
|
||||
permission java.security.AllPermission;
|
||||
};
|
||||
|
||||
// These permissions apply to the container's core code, plus any additional
|
||||
// libraries installed in the "server" directory
|
||||
grant codeBase "file:${catalina.home}/server/-" {
|
||||
permission java.security.AllPermission;
|
||||
};
|
||||
|
||||
// ========== WEB APPLICATION PERMISSIONS =====================================
|
||||
|
||||
@ -104,31 +101,33 @@ grant {
|
||||
permission java.util.PropertyPermission "java.vendor", "read";
|
||||
permission java.util.PropertyPermission "java.vendor.url", "read";
|
||||
permission java.util.PropertyPermission "java.class.version", "read";
|
||||
permission java.util.PropertyPermission "java.specification.version", "read";
|
||||
permission java.util.PropertyPermission "java.specification.vendor", "read";
|
||||
permission java.util.PropertyPermission "java.specification.name", "read";
|
||||
permission java.util.PropertyPermission "java.specification.version", "read";
|
||||
permission java.util.PropertyPermission "java.specification.vendor", "read";
|
||||
permission java.util.PropertyPermission "java.specification.name", "read";
|
||||
|
||||
permission java.util.PropertyPermission "java.vm.specification.version", "read";
|
||||
permission java.util.PropertyPermission "java.vm.specification.vendor", "read";
|
||||
permission java.util.PropertyPermission "java.vm.specification.name", "read";
|
||||
permission java.util.PropertyPermission "java.vm.version", "read";
|
||||
permission java.util.PropertyPermission "java.vm.vendor", "read";
|
||||
permission java.util.PropertyPermission "java.vm.name", "read";
|
||||
permission java.util.PropertyPermission "java.vm.specification.version", "read";
|
||||
permission java.util.PropertyPermission "java.vm.specification.vendor", "read";
|
||||
permission java.util.PropertyPermission "java.vm.specification.name", "read";
|
||||
permission java.util.PropertyPermission "java.vm.version", "read";
|
||||
permission java.util.PropertyPermission "java.vm.vendor", "read";
|
||||
permission java.util.PropertyPermission "java.vm.name", "read";
|
||||
|
||||
// Required for OpenJMX
|
||||
permission java.lang.RuntimePermission "getAttribute";
|
||||
|
||||
// Allow read of JAXP compliant XML parser debug
|
||||
permission java.util.PropertyPermission "jaxp.debug", "read";
|
||||
// Allow read of JAXP compliant XML parser debug
|
||||
permission java.util.PropertyPermission "jaxp.debug", "read";
|
||||
|
||||
// Precompiled JSPs need access to this package.
|
||||
permission java.lang.RuntimePermission "accessClassInPackage.org.apache.jasper.runtime";
|
||||
permission java.lang.RuntimePermission "accessClassInPackage.org.apache.jasper.runtime.*";
|
||||
|
||||
// Precompiled JSPs need access to this system property.
|
||||
permission java.util.PropertyPermission "org.apache.jasper.runtime.BodyContentImpl.LIMIT_BUFFER", "read";
|
||||
|
||||
};
|
||||
|
||||
|
||||
// You can assign additional permissions to particular web applications by
|
||||
// adding additional "grant" entries here, based on the code base for that
|
||||
// application, /WEB-INF/classes/, or /WEB-INF/lib/ jar files.
|
||||
//
|
||||
|
Loading…
Reference in New Issue
Block a user