Win a copy of Testing JavaScript Applications this week in the HTML Pages with CSS and JavaScript forum!
  • Post Reply Bookmark Topic Watch Topic
  • New Topic
programming forums Java Mobile Certification Databases Caching Books Engineering Micro Controllers OS Languages Paradigms IDEs Build Tools Frameworks Application Servers Open Source This Site Careers Other all forums
this forum made possible by our volunteer staff, including ...
  • Campbell Ritchie
  • Bear Bibeault
  • Ron McLeod
  • Jeanne Boyarsky
  • Paul Clapham
  • Tim Cooke
  • Liutauras Vilda
  • Junilu Lacar
Saloon Keepers:
  • Tim Moores
  • Stephan van Hulst
  • Tim Holloway
  • fred rosenberger
  • salvin francis
  • Piet Souris
  • Frits Walraven
  • Carey Brown

Implementing a security policy for JSPs

Posts: 1
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Hi All,
Iam working on the Resin servlet container on Windows to run my JSPs.
I've been trying to implement a custom security policy for my JSPs to give them restricted access to resources like Server app classes and network sockets. So far I've made grant entries in the policy file for all code on the server and restarted the server with this file as the security.policy and this works fine. The problem arises when I try to specify a codeBase URL to define specific permissions for the folder containing the JSPs. These entries seem to get ignored and only the permissions set for the entire server are granted. Is my syntax wrong or do I have to write my own SecurityManager?
Im including my policy file entries so you can tell me where I went wrong. I haven't really found a lot of documentation about this on the Net so any kind of help would be much appreciated.
grant codeBase "file:w:/temp/WEB-INF/work/_JSP/*"{
grant {
permission java.lang.RuntimePermission "package.access.{pkg}", "read";
permission java.lang.RuntimePermission "getClassLoader";
permission "/w:\\temp\\WEB-INF\\classes", "read";
Montana has cold dark nights. Perfect for the heat from incandescent light. Tiny ad:
Building a Better World in your Backyard by Paul Wheaton and Shawn Klassen-Koop
    Bookmark Topic Watch Topic
  • New Topic