Comments on: Security policy permissions for Grails in Tomcat http://haxx.sinequanon.net/2009/06/security-policy/ Tue, 17 Jan 2012 18:42:24 +0000 hourly 1 http://wordpress.org/?v=3.2.1 By: jja http://haxx.sinequanon.net/2009/06/security-policy/comment-page-1/#comment-929 jja Tue, 17 Jan 2012 18:42:24 +0000 http://haxx.sinequanon.net/?p=200#comment-929 It depends on your servlet container where the security policy is stored. For a production Tomcat 6 instance, it's usually in the conf/ directory and named "catalina.policy", and your Tomcat startup uses the same -D arguments to java, e.g. -Djava.security.manager -Djava.security.policy=${CATALINA_BASE}/conf/catalina.policy It depends on your servlet container where the security policy is stored. For a production Tomcat 6 instance, it’s usually in the conf/ directory and named “catalina.policy”, and your Tomcat startup uses the same -D arguments to java, e.g. -Djava.security.manager -Djava.security.policy=${CATALINA_BASE}/conf/catalina.policy

]]> By: Tom http://haxx.sinequanon.net/2009/06/security-policy/comment-page-1/#comment-928 Tom Wed, 11 Jan 2012 17:47:53 +0000 http://haxx.sinequanon.net/?p=200#comment-928 Hi, I am new to Grails. I am trying to run the following java RMI-client code from within my Grails web app: (grails/appname/src/java/ClientProgram.java) ... import java.rmi.registry.LocateRegistry; import java.rmi.registry.Registry; import java.math.BigDecimal; import compute.Compute; import java.util.Properties; import java.io.FileInputStream; public class ClientProgram { ... public static void run( String regHost, String precision ) { setSystemProps(); if(System.getSecurityManager() == null) { System.setSecurityManager(new SecurityManager()); } try { String name = "Compute"; Registry registry = LocateRegistry.getRegistry(regHost); Compute comp = (Compute) registry.lookup(name); Pi task = new Pi(Integer.parseInt(precision)); BigDecimal pi = comp.executeTask(task); System.out.println(pi); } catch(Exception e) { System.err.println("ComputePi exception."); e.printStackTrace(); } } ... } See http://pastebin.com/GpQVhvee for the complete class source. I get the following error when the code is executed: 2012-01-09 19:20:48,794 [http-9876-1] ERROR [/smartmeters].[gsp] - Servlet.service() for servlet gsp threw exception java.security.AccessControlException: access denied (java.util.PropertyPermission grails.full.stacktrace read) at java.security.AccessControlContext.checkPermission(AccessControlContext.java:374) at java.security.AccessController.checkPermission(AccessController.java:546) at java.lang.SecurityManager.checkPermission(SecurityManager.java:532) at java.lang.SecurityManager.checkPropertyAccess(SecurityManager.java:1285) at java.lang.System.getProperty(System.java:650) ... Please see http://pastebin.com/jTzaiWfj for the full error message. I believe this error may appear because I have not got the correct policy settings for this code. I need the following rule in the security policy: grant codeBase "file:/opt/grails/grails-1.3.7/appname/src/" { permission java.security.AllPermission; }; But I cannot find where the policy file is created or stored. If this was just a normal java application I would pass the security policy file in as a system property as follows: java -Djava.security.policy=policy.file main-class But I don't know how to achieve the same effect in Grails. Please can someone tell me how to set the java security policy for my Grails app? Thanks, Tom Hi,

I am new to Grails. I am trying to run the following java RMI-client code from within my Grails web app:

(grails/appname/src/java/ClientProgram.java)

import java.rmi.registry.LocateRegistry;
import java.rmi.registry.Registry;
import java.math.BigDecimal;
import compute.Compute;
import java.util.Properties;
import java.io.FileInputStream;

public class ClientProgram {

public static void run( String regHost, String precision ) {
setSystemProps();
if(System.getSecurityManager() == null) {
System.setSecurityManager(new SecurityManager());
}
try {
String name = “Compute”;
Registry registry = LocateRegistry.getRegistry(regHost);
Compute comp = (Compute) registry.lookup(name);
Pi task = new Pi(Integer.parseInt(precision));
BigDecimal pi = comp.executeTask(task);
System.out.println(pi);
} catch(Exception e) {
System.err.println(“ComputePi exception.”);
e.printStackTrace();
}
}


}

See http://pastebin.com/GpQVhvee for the complete class source.

I get the following error when the code is executed:

2012-01-09 19:20:48,794 [http-9876-1] ERROR [/smartmeters].[gsp] – Servlet.service() for servlet gsp threw exception
java.security.AccessControlException: access denied (java.util.PropertyPermission grails.full.stacktrace read)
at java.security.AccessControlContext.checkPermission(AccessControlContext.java:374)
at java.security.AccessController.checkPermission(AccessController.java:546)
at java.lang.SecurityManager.checkPermission(SecurityManager.java:532)
at java.lang.SecurityManager.checkPropertyAccess(SecurityManager.java:1285)
at java.lang.System.getProperty(System.java:650)

Please see http://pastebin.com/jTzaiWfj for the full error message.

I believe this error may appear because I have not got the correct policy settings for this code. I need the following rule in the security policy:

grant codeBase “file:/opt/grails/grails-1.3.7/appname/src/” {
permission java.security.AllPermission;
};

But I cannot find where the policy file is created or stored. If this was just a normal java application I would pass the security policy file in as a system property as follows:

java -Djava.security.policy=policy.file main-class

But I don’t know how to achieve the same effect in Grails. Please can someone tell me how to set the java security policy for my Grails app?

Thanks,
Tom

]]> By: Security policy permissions for Grails in Tomcat « haxx qua non | MySQL Security http://haxx.sinequanon.net/2009/06/security-policy/comment-page-1/#comment-663 Security policy permissions for Grails in Tomcat « haxx qua non | MySQL Security Fri, 05 Jun 2009 01:02:50 +0000 http://haxx.sinequanon.net/?p=200#comment-663 [...] See the original post: Security policy permissions for Grails in Tomcat « haxx qua non [...] [...] See the original post: Security policy permissions for Grails in Tomcat « haxx qua non [...]

]]>