security-manager-howto.xml

remm Tue, 17 Oct 2006 13:51:17 -0700

Author: remm
Date: Tue Oct 17 13:50:56 2006
New Revision: 465044

URL: http://svn.apache.org/viewvc?view=rev&rev=465044
Log:
- Also copy the policy file.
- server.xml tweaks.
- Remove the minimal server.xml, which isn't that helpful anymore.


Removed:
    tomcat/tc6.0.x/trunk/conf/server-minimal.xml
Modified:
    tomcat/tc6.0.x/trunk/build.xml
    tomcat/tc6.0.x/trunk/conf/catalina.policy
    tomcat/tc6.0.x/trunk/conf/server.xml
    tomcat/tc6.0.x/trunk/webapps/docs/security-manager-howto.xml

Modified: tomcat/tc6.0.x/trunk/build.xml
URL: 
http://svn.apache.org/viewvc/tomcat/tc6.0.x/trunk/build.xml?view=diff&rev=465044&r1=465043&r2=465044
==============================================================================
--- tomcat/tc6.0.x/trunk/build.xml (original)
+++ tomcat/tc6.0.x/trunk/build.xml Tue Oct 17 13:50:56 2006
@@ -450,6 +450,7 @@
        <!-- Copy static resource files -->
     <copy todir="${tomcat.build}/conf">
       <fileset dir="conf">
+        <include name="**/*.policy"/>
         <include name="**/*.xml"/>
         <include name="**/*.properties"/>
       </fileset>

Modified: tomcat/tc6.0.x/trunk/conf/catalina.policy
URL: 
http://svn.apache.org/viewvc/tomcat/tc6.0.x/trunk/conf/catalina.policy?view=diff&rev=465044&r1=465043&r2=465044
==============================================================================
--- tomcat/tc6.0.x/trunk/conf/catalina.policy (original)
+++ tomcat/tc6.0.x/trunk/conf/catalina.policy Tue Oct 17 13:50:56 2006
@@ -40,18 +40,13 @@
 // ========== CATALINA CODE PERMISSIONS =======================================
 
 
-// These permissions apply to the launcher code
-grant codeBase "file:${catalina.home}/bin/commons-launcher.jar" {
-        permission java.security.AllPermission;
-};
-
-// These permissions apply to the daemon code
+/ These permissions apply to the daemon code
 grant codeBase "file:${catalina.home}/bin/commons-daemon.jar" {
         permission java.security.AllPermission;
 };
 
-// These permissions apply to the commons-logging API
-grant codeBase "file:${catalina.home}/bin/commons-logging-api.jar" {
+// These permissions apply to the logging API
+grant codeBase "file:${catalina.home}/bin/tomcat-juli.jar" {
         permission java.security.AllPermission;
 };
 
@@ -62,16 +57,12 @@
 
 // These permissions apply to the servlet API classes
 // and those that are shared across all class loaders
-// located in the "common" directory
+// located in the "lib" directory
 grant codeBase "file:${catalina.home}/lib/-" {
         permission java.security.AllPermission;
 };
 
-// The permissions granted to the balancer WEB-INF/classes and WEB-INF/lib 
directory
-grant codeBase "file:${catalina.home}/webapps/balancer/-" {
-        permission java.lang.RuntimePermission 
"accessClassInPackage.org.apache.tomcat.util.digester";
-        permission java.lang.RuntimePermission 
"accessClassInPackage.org.apache.tomcat.util.digester.*";
-};
+
 // ========== WEB APPLICATION PERMISSIONS =====================================
 
 

Modified: tomcat/tc6.0.x/trunk/conf/server.xml
URL: 
http://svn.apache.org/viewvc/tomcat/tc6.0.x/trunk/conf/server.xml?view=diff&rev=465044&r1=465043&r2=465044
==============================================================================
--- tomcat/tc6.0.x/trunk/conf/server.xml (original)
+++ tomcat/tc6.0.x/trunk/conf/server.xml Tue Oct 17 13:50:56 2006
@@ -1,4 +1,3 @@
-<!-- Example Server Configuration File -->
 <!-- Note:  A "Server" is not itself a "Container", so you may not
      define subcomponents such as "Valves" at this level.
      Documentation at /docs/config/server.html
@@ -12,14 +11,11 @@
   <!-- JMX Support for the Tomcat server. Documentation at 
/docs/non-existent.html -->
   <Listener className="org.apache.catalina.mbeans.ServerLifecycleListener" />
   <Listener 
className="org.apache.catalina.mbeans.GlobalResourcesLifecycleListener" />
-  <!--<Listener 
className="org.apache.catalina.storeconfig.StoreConfigLifecycleListener"/>-->
 
   <!-- Global JNDI resources
        Documentation at /docs/jndi-resources-howto.html
   -->
   <GlobalNamingResources>
-    <!-- Test entry for demonstration purposes -->
-    <Environment name="simpleValue" type="java.lang.Integer" value="30"/>
     <!-- Editable user database that can also be used by
          UserDatabaseRealm to authenticate users
     -->
@@ -44,7 +40,8 @@
          APR (HTTP/AJP) Connector: /docs/apr.html
          Define a non-SSL HTTP/1.1 Connector on port 8080
     -->
-    <Connector port="8080" maxThreads="150" connectionTimeout="20000" 
+    <Connector port="8080" protocol="HTTP/1.1" 
+               maxThreads="150" connectionTimeout="20000" 
                redirectPort="8443" />
 
     <!-- Define a SSL HTTP/1.1 Connector on port 8443
@@ -52,7 +49,8 @@
          connector should be using the OpenSSL style configuration
          described in the APR documentation -->
     <!--
-    <Connector port="8443" maxThreads="150" scheme="https" secure="true"
+    <Connector port="8443" protocol="HTTP/1.1" 
+               maxThreads="150" scheme="https" secure="true"
                clientAuth="false" sslProtocol="TLS" />
     -->
 
@@ -108,7 +106,7 @@
         <!-- Access log processes all example.
              Documentation at: /docs/config/valve.html -->
         <!--
-        <Valve className="org.apache.catalina.valves.AccessLogValve" 
directory="logs"  
+        <Valve className="org.apache.catalina.valves.FastCommonAccessLogValve" 
directory="logs"  
                prefix="localhost_access_log." suffix=".txt" pattern="common" 
resolveHosts="false"/>
         -->
 

Modified: tomcat/tc6.0.x/trunk/webapps/docs/security-manager-howto.xml
URL: 
http://svn.apache.org/viewvc/tomcat/tc6.0.x/trunk/webapps/docs/security-manager-howto.xml?view=diff&rev=465044&r1=465043&r2=465044
==============================================================================
--- tomcat/tc6.0.x/trunk/webapps/docs/security-manager-howto.xml (original)
+++ tomcat/tc6.0.x/trunk/webapps/docs/security-manager-howto.xml Tue Oct 17 
13:50:56 2006
@@ -217,12 +217,6 @@
         permission java.security.AllPermission;
 };
 
-// The permissions granted to the balancer WEB-INF/classes and WEB-INF/lib 
directory
-grant codeBase "file:${catalina.home}/webapps/balancer/-" {
-        permission java.lang.RuntimePermission 
"accessClassInPackage.org.apache.tomcat.util.digester";
-        permission java.lang.RuntimePermission 
"accessClassInPackage.org.apache.tomcat.util.digester.*";
-};
-
 
 // ========== WEB APPLICATION PERMISSIONS =====================================
 



---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

svn commit: r465044 - in /tomcat/tc6.0.x/trunk: build.xml conf/catalina.policy conf/server-minimal.xml conf/server.xml webapps/docs/security-manager-howto.xml

Reply via email to