Author: markt
Date: Wed Mar 9 11:38:38 2011
New Revision: 1079755
URL: http://svn.apache.org/viewvc?rev=1079755&view=rev
Log:
Fix https://issues.apache.org/bugzilla/show_bug.cgi?id=50854
Add additional permissions required by the Manager application when running
under a security Manager and support a shared Manager installation when
$CATALINA_HOME != CATALINA_BASE.
Modified:
tomcat/trunk/conf/catalina.policy
tomcat/trunk/webapps/docs/changelog.xml
Modified: tomcat/trunk/conf/catalina.policy
URL:
http://svn.apache.org/viewvc/tomcat/trunk/conf/catalina.policy?rev=1079755&r1=1079754&r2=1079755&view=diff
==============================================================================
--- tomcat/trunk/conf/catalina.policy (original)
+++ tomcat/trunk/conf/catalina.policy Wed Mar 9 11:38:38 2011
@@ -187,11 +187,24 @@ grant {
// The Manager application needs access to the following packages to support
the
-// session display functionality
+// session display functionality. These settings support the following
+// configurations:
+// - default CATALINA_HOME == CATALINA_BASE
+// - CATALINA_HOME != CATALINA_BASE, per instance Manager in CATALINA_BASE
+// - CATALINA_HOME != CATALINA_BASE, shared Manager in CATALINA_HOME
grant codeBase "file:${catalina.base}/webapps/manager/-" {
permission java.lang.RuntimePermission
"accessClassInPackage.org.apache.catalina";
+ permission java.lang.RuntimePermission
"accessClassInPackage.org.apache.catalina.ha.session";
permission java.lang.RuntimePermission
"accessClassInPackage.org.apache.catalina.manager";
permission java.lang.RuntimePermission
"accessClassInPackage.org.apache.catalina.manager.util";
+ permission java.lang.RuntimePermission
"accessClassInPackage.org.apache.catalina.util";
+};
+grant codeBase "file:${catalina.home}/webapps/manager/-" {
+ permission java.lang.RuntimePermission
"accessClassInPackage.org.apache.catalina";
+ permission java.lang.RuntimePermission
"accessClassInPackage.org.apache.catalina.ha.session";
+ permission java.lang.RuntimePermission
"accessClassInPackage.org.apache.catalina.manager";
+ permission java.lang.RuntimePermission
"accessClassInPackage.org.apache.catalina.manager.util";
+ permission java.lang.RuntimePermission
"accessClassInPackage.org.apache.catalina.util";
};
// You can assign additional permissions to particular web applications by
Modified: tomcat/trunk/webapps/docs/changelog.xml
URL:
http://svn.apache.org/viewvc/tomcat/trunk/webapps/docs/changelog.xml?rev=1079755&r1=1079754&r2=1079755&view=diff
==============================================================================
--- tomcat/trunk/webapps/docs/changelog.xml (original)
+++ tomcat/trunk/webapps/docs/changelog.xml Wed Mar 9 11:38:38 2011
@@ -30,7 +30,7 @@
<author email="kkoli...@apache.org">Konstantin Kolinko</author>
<author email="p...@apache.org">Peter Rossbach</author>
<author email="kfuj...@apache.org">Keiichi Fujino</author>
- <author email="t...@apache.org">Tim Whittington</author>
+ <author email="t...@apache.org">Tim Whittington</author>
<author email="mt...@apache.org">Mladen Turk</author>
<author email="schu...@apache.org">Christopher Schultz</author>
<author email="slaur...@apache.org">Sylvain Laurent</author>
@@ -69,6 +69,11 @@
to make request data swallowing configurable for requests
that are too large. (rjung)
</add>
+ <fix>
+ <bug>50854</bug>: Add additional permissions required by the Manager
+ application when running under a security Manager and support a shared
+ Manager installation when $CATALINA_HOME != CATALINA_BASE. (markt)
+ </fix>
</changelog>
</subsection>
<subsection name="Coyote">
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org
