another question:
where can I found the "application specific policy file" in the Glassfish ?
the type and the extension of this file is server dependent ?
the configuration files of cejug-classifieds are into the folder
WEB-INF/jaas - because I“m reading and setting the values manually.
I recognize now I was using the Tomcat in the unsafe way - but I want to use
the security manager. Then I will study a bit more about security and also
about security in Glassfish. Any guidance will be valuable.
best regards,
Felipe Gaścho
On 12/19/05, ronald monzillo <Ronald.Monzillo_at_sun.com> wrote:
>
> Felipe,
>
> your application needs some pretty serious permissions, which may
> confirm that you are running without a security manager on the other
> deployment platforms you have tried.
>
> If you would like to run the glassfish containers with a security
> manager, you will have to grant your app at least the following
> permissions.
>
> grant codeBase
> "file:${com.sun.aas.instanceRoot
> }/applications/j2ee-modules/cejug-classifieds/-"{
> permission java.util.PropertyPermission "java.security.manager",
> "write";
> permission java.util.PropertyPermission "java.security.policy", "write";
> permission java.util.PropertyPermission "java.security.auth.policy",
> "write";
> };
>
> you can add the above grants to the server.policy file, or the
> application specific policy file (althoughthe former is likely
> simpler and more resilitent, as the latter will be recreated
> each time redeploy your app).
>
> after updating the policy file, you should restart the server,
> or redeploy the app.
>
> Ron
>
> you can also consult the the appserver admin gude for instructions how
> to disable the security manager.
>
> http://docs.sun.com/source/819-0076/jvm.html#wp1031405
>
> Felipe Gaścho wrote On 12/19/05 12:14,:
> > ok, I copied a ZIP file containing all files required to deploy the
> > application:
>
> >
> > This is a snapshot of our a under-development project - without any
> > revision or tests... It is just for our early tests. I included the
> > source code to allow you to inspect the project design.
> >
> > into the zip you have:
> >
> > - the war file, ready for deployment
> > - the SQL folder containing the MySql scripts used to create the
> > database ...
> > - the MySql driver we commonly copy to the common;lib folder on the
> > Tomcat server
> >
> > I hope it serve for your evaluation. Any other issue, we are here to
> > help you.
> >
> > Thank you very much for your friendly attention,
> >
> > Felipe Gaścho
> > Cejug-Classifieds owner
> >
> >
> >
> >
> >
> > On 12/19/05, *ronald monzillo * <Ronald.Monzillo_at_sun.com
> > <mailto:Ronald.Monzillo_at_sun.com>> wrote:
> >
> > Dear Felipe,
> > I see you have c''ed dev_at_cejug-classifieds.dev.java.net
> > <mailto:dev_at_cejug-classifieds.dev.java.net> in your
> > response, so I will wait to see if someone can provide me with the
> > application (ready to deploy).
> >
> > Ron
> >
> >
> > Felipe Gaścho wrote On 12/19/05 11:11,:
> > > Dear Ronald,
> > >
> > > unfortunately, our maven file is obsolete... The easy way to
> > compile and
> > > run the project is through the Web Tools for Eclipse. After
> > download and
> > > unzip the WTP, you can refer to the video on:
> > >
> >
> https://cejug-classifieds.dev.java.net/files/documents/2638/25871/wtp_install.htm
> > <
> https://cejug-classifieds.dev.java.net/files/documents/2638/25871/wtp_install.htm
> >
> > >
> > > We are trying to fix old issues about our automated complie/deploy
> > > scripts, but for now it is more interesting to use WTP....
> > >
> > > please send a copy of all your mail to our developers list in
> > order to
> > > allow other developers to respond your questions:
> > > dev_at_cejug-classifieds.dev.java.net
> > <mailto:dev_at_cejug-classifieds.dev.java.net>
> > > <mailto: dev_at_cejug-classifieds.dev.java.net
> > <mailto:dev_at_cejug-classifieds.dev.java.net>>
> > >
> > > best regards,
> > >
> > > Felipe Gaścho
> > > Cejug-Classifieds owner
> > >
> > >
> > >
> > > On 12/19/05, *ronald monzillo* < Ronald.Monzillo_at_sun.com
> > <mailto:Ronald.Monzillo_at_sun.com>
> > > <mailto:Ronald.Monzillo_at_sun.com <mailto:Ronald.Monzillo_at_sun.com>>>
> > wrote:
> > >
> > > Felipe,
> > >
> > > I think that at least part of the difference may be that the
> > > SecurityManager is enabled in the failing environment, and
> > > disabled where the app succeeds.
> > >
> > > I tried to checkout and build the app by doing
> > >
> > > cvs co cejug-classifieds
> > > maven build
> > >
> > > but I caught the following flack from the build.
> > >
> > > If you can assist me in completely the build, I will
> > > give it another try. Alternatively, if you could send
> > > me the application (ready to deploy) I will try that.
> > >
> > > Ron
> > >
> > > ----------
> > >
> > > The build cannot continue because of the following unsatisfied
> > > dependencies:
> > >
> > > activation-.jar; path override doesn't exist:
> > >
> >
> /space/monzillo/sandbox/cejug-classifieds/web-app/WEB-INF/lib/activation.jar
> > > informa-.jar; path override doesn't exist:
> > >
> >
> /space/monzillo/sandbox/cejug-classifieds/web-app/WEB-INF/lib/informa.jar
> >
> > >
> > > mail-.jar; path override doesn't exist:
> > >
> >
> /space/monzillo/sandbox/cejug-classifieds/web-app/WEB-INF/lib/mail.jar
> > > c-.tld; path override doesn't exist:
> > >
> > /space/monzillo/sandbox/cejug-classifieds/web-app/WEB-INF/tld/c.tld
> > > c-rt-.tld; path override doesn't exist:
> > >
> > /space/monzillo/sandbox/cejug-classifieds/web-app/WEB-INF/tld/c-
> rt.tld
> > > fmt-.tld; path override doesn't exist:
> > >
> >
> /space/monzillo/sandbox/cejug-classifieds/web-app/WEB-INF/tld/fmt.tld
> > > fmt-rt-.tld; path override doesn't exist:
> > >
> > /space/monzillo/sandbox/cejug-classifieds/web-app/WEB-INF/tld/fmt-
> rt.tld
> > > job-.tld; path override doesn't exist:
> > >
> >
> /space/monzillo/sandbox/cejug-classifieds/web-app/WEB-INF/tld/job.tld
> > > rss-.tld; path override doesn't exist:
> > >
> >
> /space/monzillo/sandbox/cejug-classifieds/web-app/WEB-INF/tld/rss.tld
> > > sql-.tld; path override doesn't exist:
> > >
> >
> /space/monzillo/sandbox/cejug-classifieds/web-app/WEB-INF/tld/sql.tld
> > > sql-rt-.tld; path override doesn't exist:
> > >
> > /space/monzillo/sandbox/cejug-classifieds/web-app/WEB-INF/tld/sql-
> rt.tld
> > > x-.tld; path override doesn't exist:
> > >
> > /space/monzillo/sandbox/cejug-classifieds/web-app/WEB-INF/tld/x.tld
> > > x-rt-.tld; path override doesn't exist:
> > >
> > /space/monzillo/sandbox/cejug-classifieds/web-app/WEB-INF/tld/x-
> rt.tld
> > >
> > > Total time: 3 seconds
> > > Finished at: Mon Dec 19 10:49:37 EST 2005
> > >
> > > paddler 545 =>find . -name x-rt.tld
> > > ./web-app/WebContent/WEB-INF/tld/x-rt.tld
> > > paddler 546 =>ant usage
> > > Buildfile: build.xml
> > >
> > > BUILD FAILED
> > > /space/monzillo/sandbox/cejug-classifieds/build.xml:195: The
> > string "--"
> > > is not permitted within comments.
> > >
> > > Total time: 0 seconds
> > > paddler 547 =>
> > >
> > > result of the
> > > SecurityManager being enabled in the
> > >
> > > Jeanfrancois Arcand wrote On 12/17/05 18:42,:
> > > > Just read that on the forum. Can someone from the security
> team
> > > follow
> > > > up. We should try to support such simple apps in GlassFish.
> > > >
> > > > Thanks
> > > >
> > > > -- Jeanfrancois
> > > >
> > > >
> > > >> migrating a web-application Tomcat 5.5 --> Glassfish
> > > >>Posted: Dec 17, 2005 12:13 PM
> > > >> Click to reply to this topic Reply
> > > >>
> > > >>Dear friends,
> > > >>
> > > >>I have a web-application that runs well in the Tomcat 5.5
> > and also
> > > in the Websphere 6.1.
> > > >>
> > > >>I downloaded the latest promoted build of Glassfish, follow
> the
> > > QuickStartGuide and everything was ok until I try to deploy my
> war
> > > file.
> > > >>
> > > >>Using the admin page, I got a sucessfuly deploy but the
> > > web-application didn“t started up. The application page
> > opened, but
> > > any path I tried returned a blank page.
> > > >>
> > > >>How to proceed?
> > > >>
> > > >>vbkraemer
> > > >>
> > > >>Posts: 10
> > > >>
> > > >>Re: migrating a web-application Tomcat 5.5 --> Glassfish
> > > >>Posted: Dec 17, 2005 1:21 PM
> > > >> Click to reply to this topic Reply
> > > >>
> > > >>Have you looked in the server's error log file?
> > > >>
> > > >>The name of the file is server.log... it should be in
> > > <install-dir>/domains/domain1/logs/server.log.
> > > >>
> > > >>That may have some help information.
> > > >>
> > > >>To get much more help via this forum, you may need to
> describe
> > > your app, etc. in a bit more detail.
> > > >>
> > > >>vbk
> > > >>
> > > >>felipegaucho
> > > >>
> > > >>Posts: 10
> > > >>
> > > >>Re: migrating a web-application Tomcat 5.5 --> Glassfish
> > > >>Posted: Dec 17, 2005 2:38 PM
> > > >> Click to reply to this topic Reply
> > > >>
> > > >>The project is the Cejug-Classifieds:
> > > https://cejug-classifieds.dev.java.net/
> > <https://cejug-classifieds.dev.java.net/>
> > > >>
> > > >>all code available through CVS - Check out source code with
> > a CVS
> > > client. For example:
> > > >>
> > > >>cvs -d ;pserver: guest_at_cvs.dev.java.net
> > <mailto:guest_at_cvs.dev.java.net> :/cvs login
> > > >>
> > > >>followed by
> > > >>
> > > >>cvs -d ;pserver:guest_at_cvs.dev.java.net:/cvs checkout
> > cejug-classifieds
> > > >>
> > > >>
> > > >>The cejug-classifieds is a web-app that include JAAS
> > features, and
> > > the problem seems related to the security issues:
> > > >>
> > >
> > >>[#|2005-12-17T16:16:
> 32.671-0200|INFO|sun-appserver-pe9.0|javax.enterprise.system.core.security|_ThreadID=14
> > ;_ThreadName=Thread-31;|JACC
> > > Policy Provider: PolicyWrapper.implies, context(null)-
> > permission((
> > > java.util.PropertyPermission java.security.manager write))
> domain
> > > that failed(ProtectionDomain
> > >
> >
> (file:/E:/glassfish/domains/domain1/applications/j2ee-modules/cejug-classifieds/WEB-INF/classes/net/java/dev/cejug/classifieds/filter/JaasFilter.class
> > > <no signer certificates>;)
> > > >>WebappClassLoader
> > > >>delegate: true
> > > >>repositories:
> > > >>/WEB-INF/classes/
> > > >>----------> Parent Classloader:
> > > >>EJBClassLoader :
> > > >>urlSet = []
> > > >>doneCalled = false
> > > >>Parent -> java.net.URLClassLoader_at_1724a9d
> > > >>
> > > >>
> > > >><no principals>
> > > >>java.security.Permissions_at_1ba49d (
> > > >>(javax.security.auth.PrivateCredentialPermission
> > > javax.resource.spi.security.PasswordCredential * "*" read)
> > > >>(org.apache.naming.JndiPermission
> > > >
> > > >
> > >
> > > --
> > >
> > >
> > >
> >
> > --
> >
> >
> >
>
> --
>
>
>