這段時間在使用apache.xmlrpc和pgsql-jdbc碰到tomcat安全問題
HTTP Status 500 -
type Exception report
message
description The server encountered an internal error () that prevented it from fulfilling this request.
exception
javax.servlet.ServletException: Could not initialize class org.apache.xmlrpc.webserver.XmlRpcServletServer org.apache.catalina.security.SecurityUtil.execute(SecurityUtil.java:324) org.apache.catalina.security.SecurityUtil.doAsPrivilege(SecurityUtil.java:162) org.apache.catalina.security.SecurityUtil.doAsPrivilege(SecurityUtil.java:115) org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:102) org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:298) org.apache.coyote.http11.Http11Processor.process(Http11Processor.java:859) org.apache.coyote.http11.Http11Protocol$Http11ConnectionHandler.process(Http11Protocol.java:588) org.apache.tomcat.util.net.JIoEndpoint$Worker.run(JIoEndpoint.java:489) java.lang.Thread.run(Thread.java:662)
note The full stack trace of the root cause is available in the Apache Tomcat/6.0.24 logs.
Apache Tomcat/6.0.24
#postgresql-jdbc-error:
SQLException: Your security policy has prevented the connection from being attempted. You probably need to grant the connect java.net.SocketPermission to the database server host and port that you wish to connect to.
SQLState: 99999
VendorError: 0
#原來etc/init.d/tomcat6在ubuntu8.0+服務器默認開啓保護,設置關閉就可以訪問xmlrpc.
sudo vim /etc/init.d/tomcat6
# Use the Java security manager? (yes/no)
TOMCAT6_SECURITY=yes
#更改策略文件
sudo vim /var/lib/tomcat6/conf/policy.d/50local.policy
#然後在最後一行添加, database是我的項目文件配置有所有權限
grant codeBase "file:${catalina.base}/webapps/database/-" {
permission java.security.AllPermission;
};
#ok搞定jdbc連接和xmlrpc訪問
參考:http://www.jaxmao.org/tomcat-docs/security-manager-howto.html