struts-user mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "White, Joshua A (HTSC, CASD)" <Joshua.Wh...@thehartford.com>
Subject REPOST: Help! - java.security.AccessControlException
Date Tue, 01 Jul 2003 10:16:39 GMT


-----Original Message-----
From: White, Joshua A (HTSC, CASD) 
Sent: Monday, June 30, 2003 3:32 PM
To: struts-user@jakarta.apache.org
Subject: Help! - java.security.AccessControlException


Hello all,

I am now receiving the below error when attempting to upload files (I was
not receiving this message before).  Has something changed?  How do I
resolve this problem?  I have included (below the error message) the
security manager file that I am using.  If I am reading this correctly,
<<ALL FILES>> in the default code base have read/write permissions.  

Joshua


java.security.AccessControlException: access denied (java.io.FilePermission
C:\Sun\AppServer7\domains\domain1\server1\generated\jsp\j2ee-modules\myapp\u
pload_00000000.tmp delete)
	at
java.security.AccessControlContext.checkPermission(AccessControlContext.java
:270)
	at
java.security.AccessController.checkPermission(AccessController.java:401)
	at
java.lang.SecurityManager.checkPermission(SecurityManager.java:542)
	at java.lang.SecurityManager.checkDelete(SecurityManager.java:1002)
	at java.io.File.deleteOnExit(File.java:878)
	at
org.apache.commons.fileupload.DefaultFileItem.getTempFile(DefaultFileItem.ja
va:620)
	at
org.apache.commons.fileupload.DefaultFileItem.getOutputStream(DefaultFileIte
m.java:557)
	at
org.apache.commons.fileupload.FileUploadBase.parseRequest(FileUploadBase.jav
a:391)
	at
org.apache.struts.upload.CommonsMultipartRequestHandler.handleRequest(Common
sMultipartRequestHandler.java:233)
	at
org.apache.struts.util.RequestUtils.populate(RequestUtils.java:1209)
	at
org.apache.struts.action.RequestProcessor.processPopulate(RequestProcessor.j
ava:821)
	at
org.apache.struts.action.RequestProcessor.process(RequestProcessor.java:254)
	at
org.apache.struts.action.ActionServlet.process(ActionServlet.java:1482)
	at
org.apache.struts.action.ActionServlet.doPost(ActionServlet.java:525)
	at javax.servlet.http.HttpServlet.service(HttpServlet.java:760)
	at javax.servlet.http.HttpServlet.service(HttpServlet.java:853)
	at
org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(Application
FilterChain.java:247)
	at
org.apache.catalina.core.ApplicationFilterChain.access$000(ApplicationFilter
Chain.java:98)
	at
org.apache.catalina.core.ApplicationFilterChain$1.run(ApplicationFilterChain
.java:176)
	at java.security.AccessController.doPrivileged(Native Method)
	at
org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterCh
ain.java:172)
	at comptrak.web.signon.SignOnFilter.doFilter(SignOnFilter.java:111)
	at
org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(Application
FilterChain.java:213)
	at
org.apache.catalina.core.ApplicationFilterChain.access$000(ApplicationFilter
Chain.java:98)
	at
org.apache.catalina.core.ApplicationFilterChain$1.run(ApplicationFilterChain
.java:176)
	at java.security.AccessController.doPrivileged(Native Method)
	at
org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterCh
ain.java:172)
	at
org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.ja
va:265)
	at
org.apache.catalina.core.StandardPipeline.invoke(StandardPipeline.java:505)
	at
org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.ja
va:212)
	at
org.apache.catalina.core.StandardPipeline.invoke(StandardPipeline.java:505)
	at
org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:203
)
	at
org.apache.catalina.core.StandardPipeline.invoke(StandardPipeline.java:505)
	at
com.iplanet.ias.web.connector.nsapi.NSAPIProcessor.process(NSAPIProcessor.ja
va:157)
	at com.iplanet.ias.web.WebContainer.service(WebContainer.java:598)







FROM server.policy


/*  Copyright (c) 2002 Sun Microsystems, Inc.  All rights reserved.  */
/*  Use is subject to license terms.                                 */

// Core server classes get all permissions by default
grant codeBase "file:${com.sun.aas.installRoot}/lib/-" {
	permission java.security.AllPermission;
};

// iMQ classes get all permissions by default
grant codeBase "file:${com.sun.aas.imqLib}/-" {
	permission java.security.AllPermission;
};

// Web Services classes get all permissions by default
grant codeBase "file:${com.sun.aas.webServicesLib}/-" {
	permission java.security.AllPermission;
};

// Basic set of required permissions granted to all remaining code
grant {
	permission java.lang.RuntimePermission  "loadLibrary.*";
	permission java.lang.RuntimePermission  "queuePrintJob";
	permission java.net.SocketPermission    "*", "connect";
	permission java.io.FilePermission       "<<ALL FILES>>",
"read,write";
	permission java.util.PropertyPermission "*", "read";

	permission java.lang.RuntimePermission	"modifyThreadGroup";
};


// Following grant block is only required by Connectors. If Connectors
// are not in use the recommendation is to remove this grant.
grant {
	permission javax.security.auth.PrivateCredentialPermission
"javax.resource.spi.security.PasswordCredential
com.sun.enterprise.security.PrincipalImpl \"ANONYMOUS\"", "read";
};

// Following grant block is only required for Reflection. If Reflection
// is not in use the recommendation is to remove this section.
grant {
	permission java.lang.RuntimePermission "accessDeclaredMembers";
};


This communication, including attachments, is for the exclusive use of 
addressee and may contain proprietary, confidential or privileged 
information. If you are not the intended recipient, any use, copying, 
disclosure, dissemination or distribution is strictly prohibited. If 
you are not the intended recipient, please notify the sender 
immediately by return email and delete this communication and destroy all copies.


---------------------------------------------------------------------
To unsubscribe, e-mail: struts-user-unsubscribe@jakarta.apache.org
For additional commands, e-mail: struts-user-help@jakarta.apache.org


Mime
View raw message