Hi Eduardo --
Only one policy file can be active at a time. If you aren't
using
OC4J with a security manager, then java2.policy probably
won't be
active (I don't use OC4J, but normally policies aren't
loaded unless
there's a security manager). Your log files suggests that
java2.policy isn't loaded. Thus, the
"os.name","read" line in that
file was not being applied -- that's why we need to put it
into
jspwiki.policy.
Did the suggestion help you? It wasn't clear from your least
message.
If it did,
--Andrew
On Oct 26, 2006, at 12:36 PM, Eduardo Ribeiro Rodrigues
wrote:
> Ok Andrew,
>
> I removed the signedBy "jspwiki":
>
> grant {
> permission java.util.PropertyPermission
"os.name", "read";
> };
>
> This block was added to my jspwiki.policy file. I also
checked my
> default
> java2.policy in OC4J's config directory and it also
contains that
> very same
> grant. Very strange.
>
> The fact is that the results were the same.
>
> As for that JSPWiki/JSPWiki path, it's ok. That's the
correct app's
> deployment path.
>
> Tks again.
>
> 2006/10/26, Andrew Jaquith <andrew.jaquith mac.com>:
>>
>> Eduardo--
>>
>> I think you mis-read my recommendation. Try omiting
the 'signedBy',
>> please... we need to grant this to ALL
applications, not just
>> JSPWiki.
>>
>> As for the file not found, I think there's
something strange about
>> the file path; there are two JSPWiki/JSPWiki
references in the path.
>> I don't know why that is.
>>
>> Andrew
>>
>> On Oct 26, 2006, at 12:00 PM, Eduardo Ribeiro
Rodrigues wrote:
>>
>> > Ok,
>> >
>> > I changed <wiki:Messages
div="information" topic="<%
>> > =SecurityVerifier.INFO+"
>> >
java.security.auth.login.config"%>"
prefix="Good news: "/> with
>> > <wiki:Messages div="information"
topic="<%=SecurityVerifier.INFO%>
>> > java.security.auth.login.config"
prefix="Good news: "/>
>> >
>> > I changed that in lines 91,92,93,190,191 and
192 of admin/
>> > SecurityConfig.jsp
>> > and now I get the following:
>> >
>> > 404 Not Found
>> >
>> > JSP Error:
>> > ------------------------------
>> >
>> > Request URI:/wiki/admin/Login.jsp
>> >
>> >
Exception:OracleJSP:java.io.FileNotFoundException:
>> >
D:JDevj2eehomeapplicationsJSPWikiJSPWikiadminLogin.j
sp (The
>> > system
>> > cannot find the file specified)
>> >
>> > That's probably because of my main error which
is I don't have any
>> > access
>> > rights at all, even for SecurityConfig.jsp
>> >
>> > I've also added the following to my
jspwiki.policy file:
>> >
>> > grant signedBy "jspwiki" {
>> > permission java.util.PropertyPermission
"os.name", "read";
>> > };
>> >
>> > But JSPWIKI.LOG file shows the same problem:
>> >
>> > 2006-10-26 12:50:46,185 [JSPWiki Session
Monitor] INFO
>> > com.ecyrd.jspwiki.util.WikiBackgroundThread -
Starting up
>> background
>> > thread: JSPWiki Session Monitor.
>> > 2006-10-26 12:50:46,225 [HTTPThreadGroup-4]
INFO
>> > com.ecyrd.jspwiki.WikiContext JSPWiki:
>> > h
ttp://localhost:8888/wiki/admin/SecurityConfig.jsp -
User
>> > 127.0.0.1 has no
>> > access - redirecting
(permission=(java.util.PropertyPermission
>> > os.nameread))
>> >
>> > Tks,
>> > Eduardo.
>> >
>> > 2006/10/26, Andrew Jaquith
<andrew.jaquithmac.com>:
>> >>
>> >> Hi Eduardo,
>> >>
>> >> Looks like there are two issues at work
here, and they are both
>> >> related to quirks in OC4J. And they are
both things we can fix
>> >> easily, I think.
>> >>
>> >> 1. Your JSP compiler for OC4J is having
difficulty parsing nested
>> >> quotes in this line:
>> >>
>> >> <wiki:Messages
div="information"
>> >> topic="<%=SecurityVerifier.INFO
>>
+"java.security.auth.login.config"%>"
>> >> prefix="Good news: "/>
>> >>
>> >> Try replacing the inner quotes with single
quotes ('), or
>> perhaps the
>> >> outer quotes.
>> >>
>> >> 2. Your container is installing the
security policy as it
>> should, but
>> >> is choking on this permission:
>> >>
>> >> java.util.PropertyPermission os.nameread
>> >>
>> >> Try adding a generic grant statement to
the policy that permits
>> this
>> >> permission for all codebases:
>> >>
>> >> grant signedBy {
>> >> permission java.util.PropertyPermission
"os.name",
>> "read";
>> >> }
>> >>
>> >> On Tomcat, this permission is granted to
the container and all
>> of its
>> >> components, including the JSP compiler.
But it looks like
>> that's not
>> >> the case with OC4J, so we need to tweak it
a little.
>> >>
>> >> Let me know if this works. Both of these
are probably bugs, so
>> once
>> >> you get it working, let us know exactly
what to change and
>> we'll add
>> >> it to the CVS builds.
>> >>
>> >> -- Andrew
>> >>
>> >> On Oct 26, 2006, at 8:52 AM, Eduardo
Ribeiro Rodrigues wrote:
>> >>
>> >> > jspwiki
>> >>
>> >>
_______________________________________________
>> >> Jspwiki-users mailing list
>> >> Jspwiki-usersecyrd.com
>> >> http://ecyrd.com/cgi-bin/mailman/listinfo/jspwiki-users
>> >>
>> >>
>> >
>> >
>> > --
>> > Eduardo Ribeiro Rodrigues
>> > e-mail: errpobox.com
>> > MSN: fale_com_o_eduhotmail.com
>> > Yahoo!: edu_rr
>> >
>> > "Quem crê sabe esperar"
>> >
_______________________________________________
>> > Jspwiki-users mailing list
>> > Jspwiki-usersecyrd.com
>> > http://ecyrd.com/cgi-bin/mailman/listinfo/jspwiki-users
>>
>> _______________________________________________
>> Jspwiki-users mailing list
>> Jspwiki-usersecyrd.com
>> http://ecyrd.com/cgi-bin/mailman/listinfo/jspwiki-users
>>
>>
>
>
> --
> Eduardo Ribeiro Rodrigues
> e-mail: errpobox.com
> MSN: fale_com_o_eduhotmail.com
> Yahoo!: edu_rr
>
> "Quem crê sabe esperar"
> _______________________________________________
> Jspwiki-users mailing list
> Jspwiki-usersecyrd.com
> http://ecyrd.com/cgi-bin/mailman/listinfo/jspwiki-users
_______________________________________________
Jspwiki-users mailing list
Jspwiki-usersecyrd.com
http://ecyrd.com/cgi-bin/mailman/listinfo/jspwiki-users
|