It pretty obviously a bug. It looks like we need another PA :(. > -----Original Message----- > From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On > Behalf Of Yoav Shapira > Sent: Thursday, May 24, 2007 8:34 AM > To: Tomcat Developers List > Subject: Re: Security Policy Error > > George, > Did anyone get back to you about this? > > I myself don't have much of a clue, as I haven't run Tomcat 5.5.x > Tomcat under a security manager. > > Yoav > > On 5/21/07, George Sexton <[EMAIL PROTECTED]> wrote: > > I'm running Tomcat 5.5.23 under a security manager, and I'm > hitting this > > error on a call to HttpServletRequest.getAttributeNames() > > > > I'm only starting to understand security policies, so I > would appreciate > > some insights on what the best way to approach this issue is. > > > > If it's a genuine bug, let me know and I'll open a ticket > on bugzilla. > > > > Servlet.service() for servlet ErrorServlet threw exception > > java.security.AccessControlException: access denied > (java.lang.RuntimePermission > accessClassInPackage.org.apache.catalina.core) > > at > java.security.AccessControlContext.checkPermission(AccessContr > olContext.java:264) > > at > java.security.AccessController.checkPermission(AccessControlle > r.java:427) > > at > java.lang.SecurityManager.checkPermission(SecurityManager.java:532) > > at > java.lang.SecurityManager.checkPackageAccess(SecurityManager.j > ava:1512) > > at > sun.misc.Launcher$AppClassLoader.loadClass(Launcher.java:265) > > at java.lang.ClassLoader.loadClass(ClassLoader.java:299) > > at java.lang.ClassLoader.loadClass(ClassLoader.java:299) > > at java.lang.ClassLoader.loadClass(ClassLoader.java:251) > > at > java.lang.ClassLoader.loadClassInternal(ClassLoader.java:319) > > at > org.apache.catalina.core.ApplicationHttpRequest.getAttributeNa > mes(ApplicationHttpRequest.java:243) > > > > > > -- > > George Sexton > > MH Software, Inc. > > Voice: +1 303 438 9585 > > URL: http://www.mhsoftware.com/ > > > > > > > --------------------------------------------------------------------- > > To unsubscribe, e-mail: [EMAIL PROTECTED] > > For additional commands, e-mail: [EMAIL PROTECTED] > > > > > > --------------------------------------------------------------------- > To unsubscribe, e-mail: [EMAIL PROTECTED] > For additional commands, e-mail: [EMAIL PROTECTED] > > >
This message is intended only for the use of the person(s) listed above as the intended recipient(s), and may contain information that is PRIVILEGED and CONFIDENTIAL. If you are not an intended recipient, you may not read, copy, or distribute this message or any attachment. If you received this communication in error, please notify us immediately by e-mail and then delete all copies of this message and any attachments. In addition you should be aware that ordinary (unencrypted) e-mail sent through the Internet is not secure. Do not send confidential or sensitive information, such as social security numbers, account numbers, personal identification numbers and passwords, to us via ordinary (unencrypted) e-mail. --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
