Andrew,
I changed jspwiki.properties to put log4j in DEBUG mode. I'm
attaching the
resulting log file... I hope you'll see something there.
Tks.
2006/10/26, Eduardo Ribeiro Rodrigues <err pobox.com>:
>
> Hi Andrew,
>
> I've also put that "os.name" "read"
permission in jspwiki.policy file. So
> it should be applied.
>
> Tks,
> Eduardo.
>
>
> 2006/10/26, Andrew Jaquith <andrew.jaquithmac.com>:
> >
> > Hi Eduardo --
> >
> > Only one policy file can be active at a time. If
you aren't using
> > OC4J with a security manager, then java2.policy
probably won't be
> > active (I don't use OC4J, but normally policies
aren't loaded unless
> > there's a security manager). Your log files
suggests that
> > java2.policy isn't loaded. Thus, the "
os.name","read" line in that
> > file was not being applied -- that's why we need
to put it into
> > jspwiki.policy.
> >
> > Did the suggestion help you? It wasn't clear from
your least message.
> >
> > If it did,
> >
> > --Andrew
> >
> > On Oct 26, 2006, at 12:36 PM, Eduardo Ribeiro
Rodrigues wrote:
> >
> > > Ok Andrew,
> > >
> > > I removed the signedBy "jspwiki":
> > >
> > > grant {
> > > permission java.util.PropertyPermission
"os.name", "read";
> > > };
> > >
> > > This block was added to my jspwiki.policy
file. I also checked my
> > > default
> > > java2.policy in OC4J's config directory and
it also contains that
> > > very same
> > > grant. Very strange.
> > >
> > > The fact is that the results were the same.
> > >
> > > As for that JSPWiki/JSPWiki path, it's ok.
That's the correct app's
> > > deployment path.
> > >
> > > Tks again.
> > >
> > > 2006/10/26, Andrew Jaquith
<andrew.jaquithmac.com>:
> > >>
> > >> Eduardo--
> > >>
> > >> I think you mis-read my recommendation.
Try omiting the 'signedBy',
> > >> please... we need to grant this to ALL
applications, not just
> > >> JSPWiki.
> > >>
> > >> As for the file not found, I think
there's something strange about
> > >> the file path; there are two
JSPWiki/JSPWiki references in the path.
> > >> I don't know why that is.
> > >>
> > >> Andrew
> > >>
> > >> On Oct 26, 2006, at 12:00 PM, Eduardo
Ribeiro Rodrigues wrote:
> > >>
> > >> > Ok,
> > >> >
> > >> > I changed <wiki:Messages
div="information" topic="<%
> > >> > =SecurityVerifier.INFO+"
> > >> >
java.security.auth.login.config"%>"
prefix="Good news: "/> with
> > >> > <wiki:Messages
div="information" topic="<%=
SecurityVerifier.INFO%>
> > >> >
java.security.auth.login.config" prefix="Good
news: "/>
> > >> >
> > >> > I changed that in lines
91,92,93,190,191 and 192 of admin/
> > >> > SecurityConfig.jsp
> > >> > and now I get the following:
> > >> >
> > >> > 404 Not Found
> > >> >
> > >> > JSP Error:
> > >> > ------------------------------
> > >> >
> > >> > Request URI:/wiki/admin/Login.jsp
> > >> >
> > >> >
Exception:OracleJSP:java.io.FileNotFoundException:
> > >> >
D:JDevj2eehomeapplicationsJSPWikiJSPWikiadminLogin.j
sp (The
> >
> > >> > system
> > >> > cannot find the file specified)
> > >> >
> > >> > That's probably because of my main
error which is I don't have any
> > >> > access
> > >> > rights at all, even for
SecurityConfig.jsp
> > >> >
> > >> > I've also added the following to my
jspwiki.policy file:
> > >> >
> > >> > grant signedBy "jspwiki" {
> > >> > permission
java.util.PropertyPermission "os.name",
"read";
> > >> > };
> > >> >
> > >> > But JSPWIKI.LOG file shows the same
problem:
> > >> >
> > >> > 2006-10-26 12:50:46,185 [JSPWiki
Session Monitor] INFO
> > >> >
com.ecyrd.jspwiki.util.WikiBackgroundThread - Starting up
> > >> background
> > >> > thread: JSPWiki Session Monitor.
> > >> > 2006-10-26 12:50:46,225
[HTTPThreadGroup-4] INFO
> > >> > com.ecyrd.jspwiki.WikiContext
JSPWiki:
> > >> > h
ttp://localhost:8888/wiki/admin/SecurityConfig.jsp -
User
> > >> > 127.0.0.1 has no
> > >> > access - redirecting
(permission=(java.util.PropertyPermission
> > >> > os.nameread))
> > >> >
> > >> > Tks,
> > >> > Eduardo.
> > >> >
> > >> > 2006/10/26, Andrew Jaquith <
andrew.jaquithmac.com>:
> > >> >>
> > >> >> Hi Eduardo,
> > >> >>
> > >> >> Looks like there are two issues
at work here, and they are both
> > >> >> related to quirks in OC4J. And
they are both things we can fix
> > >> >> easily, I think.
> > >> >>
> > >> >> 1. Your JSP compiler for OC4J is
having difficulty parsing nested
> > >> >> quotes in this line:
> > >> >>
> > >> >> <wiki:Messages
div="information"
> > >> >>
topic="<%=SecurityVerifier.INFO
> > >> +"java.security.auth.login.config
"%>"
> > >> >> prefix="Good news:
"/>
> > >> >>
> > >> >> Try replacing the inner quotes
with single quotes ('), or
> > >> perhaps the
> > >> >> outer quotes.
> > >> >>
> > >> >> 2. Your container is installing
the security policy as it
> > >> should, but
> > >> >> is choking on this permission:
> > >> >>
> > >> >> java.util.PropertyPermission
os.nameread
> > >> >>
> > >> >> Try adding a generic grant
statement to the policy that permits
> > >> this
> > >> >> permission for all codebases:
> > >> >>
> > >> >> grant signedBy {
> > >> >> permission
java.util.PropertyPermission "os.name",
> > >> "read";
> > >> >> }
> > >> >>
> > >> >> On Tomcat, this permission is
granted to the container and all
> > >> of its
> > >> >> components, including the JSP
compiler. But it looks like
> > >> that's not
> > >> >> the case with OC4J, so we need
to tweak it a little.
> > >> >>
> > >> >> Let me know if this works. Both
of these are probably bugs, so
> > >> once
> > >> >> you get it working, let us know
exactly what to change and
> > >> we'll add
> > >> >> it to the CVS builds.
> > >> >>
> > >> >> -- Andrew
> > >> >>
> > >> >> On Oct 26, 2006, at 8:52 AM,
Eduardo Ribeiro Rodrigues wrote:
> > >> >>
> > >> >> > jspwiki
> > >> >>
> > >> >>
_______________________________________________
> > >> >> Jspwiki-users mailing list
> > >> >> Jspwiki-usersecyrd.com
> > >> >> http://ecyrd.com/cgi-bin/mailman/listinfo/jspwiki-users
> > >> >>
> > >> >>
> > >> >
> > >> >
> > >> > --
> > >> > Eduardo Ribeiro Rodrigues
> > >> > e-mail: errpobox.com
> > >> > MSN: fale_com_o_eduhotmail.com
> > >> > Yahoo!: edu_rr
> > >> >
> > >> > "Quem crê sabe esperar"
> > >> >
_______________________________________________
> > >> > Jspwiki-users mailing list
> > >> > Jspwiki-usersecyrd.com
> > >> > http://ecyrd.com/cgi-bin/mailman/listinfo/jspwiki-users
> > >>
> > >>
_______________________________________________
> > >> Jspwiki-users mailing list
> > >> Jspwiki-usersecyrd.com
> > >> http://ecyrd.com/cgi-bin/mailman/listinfo/jspwiki-users
> > >>
> > >>
> > >
> > >
> > > --
> > > Eduardo Ribeiro Rodrigues
> > > e-mail: errpobox.com
> > > MSN: fale_com_o_eduhotmail.com
> > > Yahoo!: edu_rr
> > >
> > > "Quem crê sabe esperar"
> > >
_______________________________________________
> > > Jspwiki-users mailing list
> > > Jspwiki-usersecyrd.com
> > > http://ecyrd.com/cgi-bin/mailman/listinfo/jspwiki-users
> >
> > _______________________________________________
> > Jspwiki-users mailing list
> > Jspwiki-usersecyrd.com
> > http://ecyrd.com/cgi-bin/mailman/listinfo/jspwiki-users
> >
> >
>
>
> --
> Eduardo Ribeiro Rodrigues
> e-mail: errpobox.com
> MSN: fale_com_o_eduhotmail.com
> Yahoo!: edu_rr
>
> "Quem crê sabe esperar"
>
--
Eduardo Ribeiro Rodrigues
e-mail: errpobox.com
MSN: fale_com_o_eduhotmail.com
Yahoo!: edu_rr
"Quem crê sabe esperar"
_______________________________________________
Jspwiki-users mailing list
Jspwiki-usersecyrd.com
http://ecyrd.com/cgi-bin/mailman/listinfo/jspwiki-users
|