Mathijs Kwik wrote:
> Ok, switched to jruby from glassfish's update tool.
>
> Same behaviour.
>
>
jruby is installed inside glassfishv3/glassfish directory using
updatetool or is installed somewhere else on the filesystem - its the
same thing. Your Rails application runs in exactly in the same way and
in the same JVM as glassfish.
> So probably the new "directory deployment" is not suitable for
> per-application policy.
>
>
Right. Please file an issue ticket.
> Will check warbler now to deploy inside glassfish itself.
> This is a bit of a step backwards, since I will lose stuff like
> migrations and local file storage which I will need to work around :(
>
>
For now use warbler to package your app as WAR file and per-app security
policy should work.
-vivek.
> will keep you informed
>
> 2010/1/7 Felipe Gaúcho <fgaucho_at_gmail.com>:
>
>> no, you don't.. but since your application is a ruby application not
>> deployied in GF, but running from outside.. this should be the
>> problem..
>>
>> can you try to pack and deploy the application in Glassfish ? using
>> the GF ruby instead of an external one ?
>>
>> - did you used the "update tool" for installing Ruby support in GF ?
>> (localhost:4848)
>>
>> On Thu, Jan 7, 2010 at 2:53 PM, Mathijs Kwik <bluescreen303_at_gmail.com> wrote:
>>
>>> http://docs.sun.com/app/docs/doc/820-7695/beabz?a=view tells me
>>> there's also domains/domain1/generated/policy/application/granted.policy
>>> So that is what I'm after.
>>> Just trying to figure out why it doesn't work. I guess I need to
>>> enable this functionality somehow.
>>>
>>> 2010/1/7 Felipe Gaúcho <fgaucho_at_gmail.com>:
>>>
>>>> there are two places you can configure that:
>>>>
>>>> the main server.policy
>>>> in the JVM security policy file..
>>>>
>>>> in either cases you need to restart the GF ..
>>>>
>>>> On Thu, Jan 7, 2010 at 2:47 PM, Mathijs Kwik <bluescreen303_at_gmail.com> wrote:
>>>>
>>>>> thanks, but I don't quite understand yet.
>>>>>
>>>>> where should I put this?
>>>>> I don't want to put this in the main server.policy file for 2 reasons:
>>>>> - I would need to restart the domain for it to take effect, causing
>>>>> other apps to be down for a few seconds.
>>>>> - I think the codebase "file:..." won't work for jruby apps, since
>>>>> (from glassfish's perspective) the running code is in "/opt/jruby"
>>>>> (interpreter itself) and not in '/srv/myapp' (where the ruby script
>>>>> files are)
>>>>>
>>>>> So I really want to use the per-application granted.policy solution somehow
>>>>>
>>>>> Thanks
>>>>> Mathijs
>>>>>
>>>>>
>>>>>
>>>>> 2010/1/7 Felipe Gaúcho <fgaucho_at_gmail.com>:
>>>>>
>>>>>> like
>>>>>>
>>>>>> grant codeBase "file:~/your/folder/app/-" {
>>>>>> ...
>>>>>> }
>>>>>>
>>>>>> 2010/1/7 Felipe Gaúcho <fgaucho_at_gmail.com>:
>>>>>>
>>>>>>> you can point the rule directly to the application folder, doesn't
>>>>>>> matter if it is in a domain folder or not.....
>>>>>>>
>>>>>>> On Thu, Jan 7, 2010 at 2:33 PM, Mathijs Kwik <bluescreen303_at_gmail.com> wrote:
>>>>>>>
>>>>>>>> Hi all,
>>>>>>>>
>>>>>>>> I would like to grant some applications more permissions than others.
>>>>>>>> As described here
>>>>>>>> http://docs.sun.com/app/docs/doc/820-7695/beabz?a=view , this is
>>>>>>>> possible without creating a domain per application.
>>>>>>>>
>>>>>>>> I checked domains/domain1/generated/policy but there's no directory
>>>>>>>> for my app there.
>>>>>>>> I created it and created a granted.policy file in there containing:
>>>>>>>> grant {
>>>>>>>> permission java.security.AllPermission;
>>>>>>>> };
>>>>>>>> just to check if my app will now be able to access stuff that I made
>>>>>>>> inaccessible in server.policy
>>>>>>>>
>>>>>>>> Nothing happens.
>>>>>>>> Not after restarting domain/redeploying either.
>>>>>>>>
>>>>>>>> Is there anything I need to enable to have per-app policy files?
>>>>>>>>
>>>>>>>> My app was deployed using directory deployment (jruby container),
>>>>>>>> maybe that influences stuff, since there's no directory for it in
>>>>>>>> domains/domain1/applications either.
>>>>>>>>
>>>>>>>> Thanks for any help.
>>>>>>>> Mathijs
>>>>>>>>
>>>>>>>> ---------------------------------------------------------------------
>>>>>>>> To unsubscribe, e-mail: users-unsubscribe_at_glassfish.dev.java.net
>>>>>>>> For additional commands, e-mail: users-help_at_glassfish.dev.java.net
>>>>>>>>
>>>>>>>>
>>>>>>>>
>>>>>>>
>>>>>>> --
>>>>>>> ------------------------------------------
>>>>>>> Felipe Gaúcho
>>>>>>> 10+ Java Programmer
>>>>>>> CEJUG Senior Advisor
>>>>>>>
>>>>>>>
>>>>>>
>>>>>> --
>>>>>> ------------------------------------------
>>>>>> Felipe Gaúcho
>>>>>> 10+ Java Programmer
>>>>>> CEJUG Senior Advisor
>>>>>>
>>>>>> ---------------------------------------------------------------------
>>>>>> To unsubscribe, e-mail: users-unsubscribe_at_glassfish.dev.java.net
>>>>>> For additional commands, e-mail: users-help_at_glassfish.dev.java.net
>>>>>>
>>>>>>
>>>>>>
>>>>> ---------------------------------------------------------------------
>>>>> To unsubscribe, e-mail: users-unsubscribe_at_glassfish.dev.java.net
>>>>> For additional commands, e-mail: users-help_at_glassfish.dev.java.net
>>>>>
>>>>>
>>>>>
>>>>
>>>> --
>>>> ------------------------------------------
>>>> Felipe Gaúcho
>>>> 10+ Java Programmer
>>>> CEJUG Senior Advisor
>>>>
>>>> ---------------------------------------------------------------------
>>>> To unsubscribe, e-mail: users-unsubscribe_at_glassfish.dev.java.net
>>>> For additional commands, e-mail: users-help_at_glassfish.dev.java.net
>>>>
>>>>
>>>>
>>> ---------------------------------------------------------------------
>>> To unsubscribe, e-mail: users-unsubscribe_at_glassfish.dev.java.net
>>> For additional commands, e-mail: users-help_at_glassfish.dev.java.net
>>>
>>>
>>>
>>
>> --
>> ------------------------------------------
>> Felipe Gaúcho
>> 10+ Java Programmer
>> CEJUG Senior Advisor
>>
>> ---------------------------------------------------------------------
>> To unsubscribe, e-mail: users-unsubscribe_at_glassfish.dev.java.net
>> For additional commands, e-mail: users-help_at_glassfish.dev.java.net
>>
>>
>>
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: users-unsubscribe_at_glassfish.dev.java.net
> For additional commands, e-mail: users-help_at_glassfish.dev.java.net
>
>