• Post Reply Bookmark Topic Watch Topic
  • New Topic
programming forums Java Mobile Certification Databases Caching Books Engineering Micro Controllers OS Languages Paradigms IDEs Build Tools Frameworks Application Servers Open Source This Site Careers Other all forums
this forum made possible by our volunteer staff, including ...
Marshals:
  • Campbell Ritchie
  • Liutauras Vilda
  • Junilu Lacar
  • Jeanne Boyarsky
  • Bear Bibeault
Sheriffs:
  • Knute Snortum
  • Devaka Cooray
  • Tim Cooke
Saloon Keepers:
  • Tim Moores
  • Stephan van Hulst
  • Tim Holloway
  • Ron McLeod
  • Carey Brown
Bartenders:
  • Paweł Baczyński
  • Piet Souris
  • Vijitha Kumara

Tomcat Java2 Security Issue: modifyThread and modifyThreadGroup

 
Greenhorn
Posts: 9
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Hi all,

I deployed axis2 on WebSphere7 with switched on java2 security and got the next expected errors:



and




When I'm deploying axis2 on Tomcat 5/6/7 with switched on java2 security I can't get the same "access denied" exception.

I have to track "modifyThread" security violations on Tomcat.
Do you know why Tomcat java2 security behaves differently?

-Orest
 
Rancher
Posts: 43011
76
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Tomcat does not run by default with a security manager enabled; if you turn that on (by using the "-security" switch of the catalina.sh script), it's possible that you'll see the same exceptions.

You should look into the security policy that's used by WebSphere, and see if it can possibly be relaxed.
 
Orest Ivasiv
Greenhorn
Posts: 9
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
I've enabled tomcat security: catalina start -security and modified catalina.policy file.
And this policy file has no permissions for "modifyThread" and "modifyThreadGroup":


 
Ulf Dittmer
Rancher
Posts: 43011
76
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
So your WebSphere server runs with a different security policy than the default one Tomcat ships with.
 
Orest Ivasiv
Greenhorn
Posts: 9
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
I permitted everything on WebSphere and Tomcat except "modifyThread" and "modifyThreadGroup".
But axis2 works on Tomcat without any "access denied". And axis2 + WepSphere blames "modifyThreadGroup : Access denied" with the similar policy file.

 
Saloon Keeper
Posts: 21212
136
Android Eclipse IDE Tomcat Server Redhat Java Linux
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Tomcat typically gets run under the Sun/Oracle JVM. WebSphere is often run under the IBM J9 JVM. While access rights like the ones mentioned would appear to me to be something both JVMs would support and do so in an identical manner, it's worth checking to make sure that that's not the issue.
 
Do not threaten THIS beaver! Not even with this tiny ad:
Java file APIs (DOC, XLS, PDF, and many more)
https://products.aspose.com/total/java
  • Post Reply Bookmark Topic Watch Topic
  • New Topic
Boost this thread!