[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [cobalt-developers] jsp/jdbc woes on raq4
- Subject: Re: [cobalt-developers] jsp/jdbc woes on raq4
- From: "Bill Kuhn" <bill@xxxxxxxxxx>
- Date: Tue Nov 27 20:08:50 2001
- List-id: Discussion Forum for developers on Sun Cobalt Networks products <cobalt-developers.list.cobalt.com>
I just wanted to let the list know that I solved my own problem.
I didn't understand the security policy file (tomcat.policy) and its
implications. Apparently, one must grant permissions to resources not only
for servlets/jsps. One must also grant permissions to resources for the
classes that are used by the servlets/jsps.
I was trying to use the postgresql driver in /usr/lib/pgsql to open a
connection to my database, but the files in /usr/lib/pgsql weren't given the
permission to use socket/network resources. The Driver class loaded
properly because I placed the jar file in tomcat's CLASSPATH, but without
granting socket permissions in tomcat.policy I was banging my head against
the wall.
For those reading this that might be experiencing a similar problem in their
servlet/jsp, please note that security policy changes shouldn't be made to
the tomcat.policy file directly because it gets regenerate when tomcat.init
runs at apache/tomcat startup. There is a tomcat.policy.master file in the
same directory as tomcat.policy that should be edited. The contents of this
file are copied into the top of the tomcat.policy file on apache/tomcat
(re)start.
Back to development...
Bill
----
Bill Kuhn
bill@xxxxxxxxxx
----- Original Message -----
From: "Bill Kuhn" <bill@xxxxxxxxxx>
To: <cobalt-developers@xxxxxxxxxxxxxxx>
Sent: Tuesday, November 27, 2001 12:26 PM
Subject: [cobalt-developers] jsp/jdbc woes on raq4
> I hope someone may be able to help.
>
> I recently installed the cobalt java development package and update on a
> raq4. I ran a simple test jsp and that worked fine.
>
> My goal is to develop an application that will store data in a relational
> database. I'm more familiar with postgresql than mysql so I created a
> database in postgresql, added the postgresql jdbc .jar file to the
CLASSPATH
> in /etc/profile.d/java.sh (and re-sourced that file in my open shell), and
> wrote and compiled a simple java program to test loading the driver and
> connecting to the database. That test was a success. The java program
> loaded the driver and connected to the database.
>
> I then wrote a simple database test jsp (named dbtest.jsp) as follows:
> <%@ page import="java.sql.*" %>
> <html>
> <body>
> <%
> Connection connection = null;
> Class.forName("org.postgresql.Driver");
> connection =
> DriverManager.getConnection("jdbc:postgresql:hometeam","admin",
> "");
> connection.close();
> %>
> </body>
> </html>
>
> I restarted apache/tomcat to re-source java.sh so that the postgresql jdbc
> .jar file would be in tomcat's CLASSPATH and, once the apache/tomcat was
> back up I tried to access dbtest.jsp in my browser and received the
> following error:
> Error: 500
> Location: /secure/dbtest.jsp
> Internal Servlet Error:
>
> javax.servlet.ServletException: Something unusual has occured to cause the
> driver to fail. Please report this exception:
> java.security.AccessControlException: access denied
> (java.net.SocketPermission localhost resolve)
> at
>
org.apache.jasper.runtime.PageContextImpl.handlePageException(PageContextImp
> l.java:459)
> at
>
secure._0002fsecure_0002fdbtest_0002ejspdbtest_jsp_24._jspService(_0002fsecu
> re_0002fdbtest_0002ejspdbtest_jsp_24.java:75)
> at org.apache.jasper.runtime.HttpJspBase.service(HttpJspBase.java:119)
> at javax.servlet.http.HttpServlet.service(HttpServlet.java:853)
> at
>
org.apache.jasper.servlet.JspServlet$JspCountedServlet.service(JspServlet.ja
> va:130)
> at javax.servlet.http.HttpServlet.service(HttpServlet.java:853)
> at
>
org.apache.jasper.servlet.JspServlet$JspServletWrapper.service(JspServlet.ja
> va:282)
> at
org.apache.jasper.servlet.JspServlet.serviceJspFile(JspServlet.java:429)
> at org.apache.jasper.servlet.JspServlet.service(JspServlet.java:500)
> at javax.servlet.http.HttpServlet.service(HttpServlet.java:853)
> at
org.apache.tomcat.core.ServletWrapper.doService(ServletWrapper.java:405)
> at org.apache.tomcat.core.Handler.service(Handler.java:287)
> at org.apache.tomcat.core.ServletWrapper.service(ServletWrapper.java:372)
> at
>
org.apache.tomcat.core.ContextManager.internalService(ContextManager.java:81
> 2)
> at org.apache.tomcat.core.ContextManager.service(ContextManager.java:758)
> at
>
org.apache.tomcat.service.connector.Ajp12ConnectionHandler.processConnection
> (Ajp12ConnectionHandler.java:166)
> at
> org.apache.tomcat.service.TcpWorkerThread.runIt(PoolTcpEndpoint.java:416)
> at
> org.apache.tomcat.util.ThreadPool$ControlRunnable.run(ThreadPool.java:501)
> at java.lang.Thread.run(Thread.java:484)
>
> Root cause:
> Something unusual has occured to cause the driver to fail. Please report
> this exception: java.security.AccessControlException: access denied
> (java.net.SocketPermission localhost resolve)
> at org.postgresql.Driver.connect(Driver.java:125)
> at java.sql.DriverManager.getConnection(DriverManager.java:517)
> at java.sql.DriverManager.getConnection(DriverManager.java:177)
> at
>
secure._0002fsecure_0002fdbtest_0002ejspdbtest_jsp_24._jspService(_0002fsecu
> re_0002fdbtest_0002ejspdbtest_jsp_24.java:65)
> at org.apache.jasper.runtime.HttpJspBase.service(HttpJspBase.java:119)
> at javax.servlet.http.HttpServlet.service(HttpServlet.java:853)
> at
>
org.apache.jasper.servlet.JspServlet$JspCountedServlet.service(JspServlet.ja
> va:130)
> at javax.servlet.http.HttpServlet.service(HttpServlet.java:853)
> at
>
org.apache.jasper.servlet.JspServlet$JspServletWrapper.service(JspServlet.ja
> va:282)
> at
org.apache.jasper.servlet.JspServlet.serviceJspFile(JspServlet.java:429)
> at org.apache.jasper.servlet.JspServlet.service(JspServlet.java:500)
> at javax.servlet.http.HttpServlet.service(HttpServlet.java:853)
> at
org.apache.tomcat.core.ServletWrapper.doService(ServletWrapper.java:405)
> at org.apache.tomcat.core.Handler.service(Handler.java:287)
> at org.apache.tomcat.core.ServletWrapper.service(ServletWrapper.java:372)
> at
>
org.apache.tomcat.core.ContextManager.internalService(ContextManager.java:81
> 2)
> at org.apache.tomcat.core.ContextManager.service(ContextManager.java:758)
> at
>
org.apache.tomcat.service.connector.Ajp12ConnectionHandler.processConnection
> (Ajp12ConnectionHandler.java:166)
> at
> org.apache.tomcat.service.TcpWorkerThread.runIt(PoolTcpEndpoint.java:416)
> at
> org.apache.tomcat.util.ThreadPool$ControlRunnable.run(ThreadPool.java:501)
> at java.lang.Thread.run(Thread.java:484)
>
>
> I'm not sure what could be going wrong. I see that the Driver loads
> properly so I'm not dealing with a class not found problem.
>
> The security policy in tomcat.policy is the default created by
> cobalt_config.pl and that looks reasonable:
> grant codeBase "file:/home/sites/site31/web/-" {
> permission java.net.SocketPermission "localhost:1024-",
> "listen,connect,resolve"
> ;
> permission java.util.PropertyPermission "*", "read,write";
> permission java.lang.RuntimePermission "accessClassInPackage.sun.io";
> permission java.io.FilePermission "/home/sites/site31/web/-",
> "read,write,delete
> ";
> };
>
> If I understand the above security policy correctly, my jsp should have no
> difficulty connecting to the postgresql server on 5432 on localhost.
>
> By the way, I also tried various other jdbc urls to no avail:
> jdbc:postgresql://localhost/hometeam
> jdbc:postgresql://localhost:5432/hometeam
> jdbc:postgresql://127.0.0.1/hometeam
> jdbc:postgresql://127.0.0.1:5432/hometeam
> jdbc:postgresql://<ip address>:5432/hometeam (where <ip address> is the ip
> address assigned to the nic)
>
> Any assistance would be greatly appreciated.
>
> Thanks,
> Bill Kuhn
>
> ----
> Bill Kuhn
> bill@xxxxxxxxxx
>
> _______________________________________________
> cobalt-developers mailing list
> cobalt-developers@xxxxxxxxxxxxxxx
> http://list.cobalt.com/mailman/listinfo/cobalt-developers
>