Advertisement

07.10.2008 at 06:42AM PDT, ID: 23553650
[x]
Attachment Details
[x]
The Solution Rating System

With so many solutions, how can you tell which solutions are most likely to help you and which ones are not? To provide you with a tool to use, we rate our solutions based on various elements that most accurately determine if a solution is a quality solution. To explain what factors affect the solution rating, here are the elements we take into consideration when formulating our solution rating.

  • The Grade of the Solution
  • The Zone Rank of the Expert Providing the Solution
  • The Number of Author and Expert Comments
  • The Number of Experts Contributing
  • The Feedback of the Community

Your Input Matters
Because of the way the system is set up, the most important variable in this equation is you. As a member of Experts Exchange, you are able to cast your vote on the quality of the solutions in regard to how complete, accurate, helpful and easy to understand each solution is. When you provide your feedback, each rating is adjusted accordingly. So, if you see a solution that has a poor rating that you think is a good solution, let us know by rating it. As you do, the rating will be adjusted and will become more accurate for other members of our site.

If you have any suggestions that you would like to make for our rating system, please ask a question in the Suggestions Zone of Community Support.

Thank you!
9.2

Tomcat JasperException: access denied trying to test a JSP file (Apache/Ubuntu)

Asked by bored_shiva in Apache Tomcat Application Server, Apache Web Server, Java Server Pages (JSP)

Tags: , , , , ,

I run the following configuration:
Ubuntu 8.04 (Hardy)
Apache 2.2.8
Tomcat 5.5 (installed via ubuntu packege)
Sun Java 6
Sun NetBeans 6.01 as my IDE.

When I try to deploy any project that uses JSP from NetBeans to the Apache/Tomcat server, I get the response below. I got as far as figuring out that this has something to do with the catalina.policy file, but I don't know how to fix it. (The file I use is also below.) I'm also attaching as a file the catalina.out file (renamed cataline.out.txt  and truncated to comply with site req. (original file is over 15MB)), which is suppose to be the log of what is not working.

My question is what is this and, more importantly, how do you fix it?!?
ThanksStart Free Trial 
1:
2:
3:
4:
5:
6:
7:
8:
9:
10:
11:
12:
13:
14:
15:
16:
17:
18:
19:
20:
21:
22:
23:
24:
25:
26:
27:
28:
29:
30:
31:
32:
33:
34:
35:
36:
37:
38:
39:
40:
41:
42:
43:
44:
45:
46:
47:
48:
49:
50:
51:
52:
53:
54:
55:
56:
57:
58:
59:
60:
61:
62:
63:
64:
65:
66:
67:
68:
69:
70:
71:
72:
73:
74:
75:
76:
77:
78:
79:
80:
81:
82:
83:
84:
85:
86:
87:
88:
89:
90:
91:
92:
93:
94:
95:
96:
97:
98:
99:
100:
101:
102:
103:
104:
105:
106:
107:
108:
109:
110:
111:
112:
113:
114:
115:
116:
117:
118:
119:
120:
121:
122:
123:
124:
125:
126:
127:
128:
129:
130:
131:
132:
133:
134:
135:
136:
137:
138:
139:
140:
141:
142:
143:
144:
145:
146:
147:
148:
149:
150:
151:
152:
153:
154:
155:
156:
157:
158:
159:
160:
161:
162:
163:
164:
165:
166:
167:
168:
169:
170:
171:
172:
173:
174:
175:
176:
177:
178:
179:
180:
181:
182:
183:
184:
185:
186:
187:
188:
189:
190:
191:
192:
193:
194:
195:
196:
197:
198:
199:
200:
201:
202:
203:
204:
205:
206:
207:
208:
209:
210:
211:
212:
213:
214:
215:
216:
217:
218:
219:
220:
221:
222:
223:
224:
225:
226:
227:
228:
229:
230:
231:
232:
233:
234:
235:
236:
237:
238:
239:
240:
241:
242:
243:
244:
245:
246:
247:
248:
249:
250:
251:
252:
253:
254:
255:
256:
257:
258:
259:
260:
261:
262:
263:
264:
265:
266:

HTTP Status 500 -
 
type Exception report
 
message
 
description The server encountered an internal error () that prevented it from fulfilling this request.
 
exception
 
org.apache.jasper.JasperException: access denied (java.io.FilePermission /media/Code/netbeans/java/webtest2/build/web/WEB-INF/classes/logging.properties read)
	org.apache.jasper.servlet.JspServletWrapper.handleJspException(JspServletWrapper.java:460)
	org.apache.jasper.servlet.JspServletWrapper.service(JspServletWrapper.java:373)
	org.apache.jasper.servlet.JspServlet.serviceJspFile(JspServlet.java:329)
	org.apache.jasper.servlet.JspServlet.service(JspServlet.java:265)
	javax.servlet.http.HttpServlet.service(HttpServlet.java:802)
	sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
	sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
	sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
	java.lang.reflect.Method.invoke(Method.java:597)
	org.apache.catalina.security.SecurityUtil$1.run(SecurityUtil.java:244)
	java.security.AccessController.doPrivileged(Native Method)
	javax.security.auth.Subject.doAsPrivileged(Subject.java:517)
	org.apache.catalina.security.SecurityUtil.execute(SecurityUtil.java:276)
	org.apache.catalina.security.SecurityUtil.doAsPrivilege(SecurityUtil.java:162)
 
root cause
 
java.security.AccessControlException: access denied (java.io.FilePermission /media/Code/netbeans/java/webtest2/build/web/WEB-INF/classes/logging.properties read)
	java.security.AccessControlContext.checkPermission(AccessControlContext.java:323)
	java.security.AccessController.checkPermission(AccessController.java:546)
	java.lang.SecurityManager.checkPermission(SecurityManager.java:532)
	java.lang.SecurityManager.checkRead(SecurityManager.java:871)
	java.io.File.exists(File.java:731)
	org.apache.naming.resources.FileDirContext.file(FileDirContext.java:828)
	org.apache.naming.resources.FileDirContext.lookup(FileDirContext.java:211)
	org.apache.naming.resources.ProxyDirContext.lookup(ProxyDirContext.java:294)
	org.apache.catalina.loader.WebappClassLoader.findResourceInternal(WebappClassLoader.java:1924)
	org.apache.catalina.loader.WebappClassLoader.findResource(WebappClassLoader.java:936)
	org.apache.juli.ClassLoaderLogManager.readConfiguration(ClassLoaderLogManager.java:299)
	org.apache.juli.ClassLoaderLogManager$2.run(ClassLoaderLogManager.java:273)
	java.security.AccessController.doPrivileged(Native Method)
	org.apache.juli.ClassLoaderLogManager.getClassLoaderInfo(ClassLoaderLogManager.java:270)
	org.apache.juli.ClassLoaderLogManager.getLogger(ClassLoaderLogManager.java:175)
	java.util.logging.Logger.getLogger(Logger.java:275)
	jmaki.runtime.AjaxContext.getLogger(AjaxContext.java:411)
	jmaki.runtime.WidgetCommonRenderer.init(WidgetCommonRenderer.java:141)
	jmaki.runtime.jsp.WidgetTag.doEndTag(WidgetTag.java:128)
	org.apache.jsp.index_jsp._jspx_meth_a_005fwidget_005f0(index_jsp.java:126)
	org.apache.jsp.index_jsp._jspService(index_jsp.java:90)
	org.apache.jasper.runtime.HttpJspBase.service(HttpJspBase.java:98)
	javax.servlet.http.HttpServlet.service(HttpServlet.java:802)
	org.apache.jasper.servlet.JspServletWrapper.service(JspServletWrapper.java:331)
	org.apache.jasper.servlet.JspServlet.serviceJspFile(JspServlet.java:329)
	org.apache.jasper.servlet.JspServlet.service(JspServlet.java:265)
	javax.servlet.http.HttpServlet.service(HttpServlet.java:802)
	sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
	sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
	sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
	java.lang.reflect.Method.invoke(Method.java:597)
	org.apache.catalina.security.SecurityUtil$1.run(SecurityUtil.java:244)
	java.security.AccessController.doPrivileged(Native Method)
	javax.security.auth.Subject.doAsPrivileged(Subject.java:517)
	org.apache.catalina.security.SecurityUtil.execute(SecurityUtil.java:276)
	org.apache.catalina.security.SecurityUtil.doAsPrivilege(SecurityUtil.java:162)
 
note The full stack trace of the root cause is available in the Apache Tomcat/5.5 logs.
Apache Tomcat/5.5
 
 
===========================
Catalina.policy
===========================
// AUTO-GENERATED FILE -- DO NOT EDIT!
// Edit the files in /etc/tomcat5.5/policy.d/ instead
 
// ============================================================================
// catalina.corepolicy - Security Policy Permissions for Tomcat 5
//
// This file contains a default set of security policies to be enforced (by the
// JVM) when Catalina is executed with the "-security" option.  In addition
// to the permissions granted here, the following additional permissions are
// granted to the codebase specific to each web application:
//
// * Read access to the document root directory
//
// $Id: 01system.policy 2783 2006-11-22 10:50:31Z marcusb-guest $
// ============================================================================
 
 
// ========== SYSTEM CODE PERMISSIONS =========================================
 
 
// These permissions apply to javac
grant codeBase "file:${java.home}/lib/-" {
        permission java.security.AllPermission;
};
 
// These permissions apply to all shared system extensions
grant codeBase "file:${java.home}/jre/lib/ext/-" {
        permission java.security.AllPermission;
};
 
// These permissions apply to javac when ${java.home] points at $JAVA_HOME/jre
grant codeBase "file:${java.home}/../lib/-" {
        permission java.security.AllPermission;
};
 
// These permissions apply to all shared system extensions when
// ${java.home} points at $JAVA_HOME/jre
grant codeBase "file:${java.home}/lib/ext/-" {
        permission java.security.AllPermission;
};
// These permissions apply to all JARs from Debian packages
grant codeBase "file:/usr/share/java/-" {
  permission java.security.AllPermission;
};
grant codeBase "file:/usr/share/ant/lib/-" {
  permission java.security.AllPermission;
};
// ========== CATALINA CODE PERMISSIONS =======================================
 
// These permissions apply to the launcher code
grant codeBase "file:${catalina.home}/bin/commons-launcher.jar" {
        permission java.security.AllPermission;
};
 
// These permissions apply to the daemon code
grant codeBase "file:${catalina.home}/bin/commons-daemon.jar" {
        permission java.security.AllPermission;
};
 
// These permissions apply to the commons-logging API
grant codeBase "file:${catalina.home}/bin/commons-logging-api.jar" {
        permission java.security.AllPermission;
};
 
// These permissions apply to the server startup code
grant codeBase "file:${catalina.home}/bin/bootstrap.jar" {
        permission java.security.AllPermission;
};
 
// These permissions apply to the JMX server
grant codeBase "file:${catalina.home}/bin/jmx.jar" {
        permission java.security.AllPermission;
};
 
// These permissions apply to JULI
grant codeBase "file:${catalina.home}/bin/tomcat-juli.jar" {
	permission java.util.PropertyPermission "java.util.logging.config.class", "read";
	permission java.util.PropertyPermission "java.util.logging.config.file", "read";
	permission java.lang.RuntimePermission "shutdownHooks";
	permission java.io.FilePermission "${catalina.base}${file.separator}conf${file.separator}logging.properties", "read";
	permission java.util.PropertyPermission "catalina.base", "read";
	permission java.util.logging.LoggingPermission "control";
	permission java.io.FilePermission "${catalina.base}${file.separator}logs", "read, write";
	permission java.io.FilePermission "${catalina.base}${file.separator}logs${file.separator}*", "read, write";
	permission java.lang.RuntimePermission "getClassLoader";
	// To enable per context logging configuration, permit read access to the appropriate file.
	// Be sure that the logging configuration is secure before enabling such access
	// eg for the examples web application:
	// permission java.io.FilePermission "${catalina.base}${file.separator}webapps${file.separator}examples${file.separator}WEB-INF${file.separator}classes${file.separator}logging.properties", "read";
};
 
// These permissions apply to the servlet API classes
// and those that are shared across all class loaders
// located in the "common" directory
grant codeBase "file:${catalina.home}/common/-" {
        permission java.security.AllPermission;
};
 
// These permissions apply to the container's core code, plus any additional
// libraries installed in the "server" directory
grant codeBase "file:${catalina.home}/server/-" {
        permission java.security.AllPermission;
};
// ========== WEB APPLICATION PERMISSIONS =====================================
 
 
// These permissions are granted by default to all web applications
// In addition, a web application will be given a read FilePermission
// and JndiPermission for all files and directories in its document root.
grant { 
    // Required for JNDI lookup of named JDBC DataSource's and
    // javamail named MimePart DataSource used to send mail
    permission java.util.PropertyPermission "java.home", "read";
    permission java.util.PropertyPermission "java.naming.*", "read";
    permission java.util.PropertyPermission "javax.sql.*", "read";
 
    // OS Specific properties to allow read access
    permission java.util.PropertyPermission "os.name", "read";
    permission java.util.PropertyPermission "os.version", "read";
    permission java.util.PropertyPermission "os.arch", "read";
    permission java.util.PropertyPermission "file.separator", "read";
    permission java.util.PropertyPermission "path.separator", "read";
    permission java.util.PropertyPermission "line.separator", "read";
    permission java.util.PropertyPermission "catalina.base", "read";
    permission java.util.PropertyPermission "catalina.home", "read";
 
    // JVM properties to allow read access
    permission java.util.PropertyPermission "java.version", "read";
    permission java.util.PropertyPermission "java.vendor", "read";
    permission java.util.PropertyPermission "java.vendor.url", "read";
    permission java.util.PropertyPermission "java.class.version", "read";
	permission java.util.PropertyPermission "java.specification.version", "read";
	permission java.util.PropertyPermission "java.specification.vendor", "read";
	permission java.util.PropertyPermission "java.specification.name", "read";
 
	permission java.util.PropertyPermission "java.vm.specification.version", "read";
	permission java.util.PropertyPermission "java.vm.specification.vendor", "read";
	permission java.util.PropertyPermission "java.vm.specification.name", "read";
	permission java.util.PropertyPermission "java.vm.version", "read";
	permission java.util.PropertyPermission "java.vm.vendor", "read";
	permission java.util.PropertyPermission "java.vm.name", "read";
 
    // Required for OpenJMX
    permission java.lang.RuntimePermission "getAttribute";
 
	// Allow read of JAXP compliant XML parser debug
	permission java.util.PropertyPermission "jaxp.debug", "read";
 
    // Precompiled JSPs need access to this package.
    permission java.lang.RuntimePermission "accessClassInPackage.org.apache.jasper.runtime";
    permission java.lang.RuntimePermission "accessClassInPackage.org.apache.jasper.runtime.*";
    
};
 
// The permissions granted to the balancer WEB-INF/classes and WEB-INF/lib directory
grant codeBase "file:/usr/share/tomcat5.5-webapps/balancer/-" {
    permission java.lang.RuntimePermission "accessClassInPackage.org.apache.tomcat.util.digester";
    permission java.lang.RuntimePermission "defineClassInPackage.org.apache.tomcat.util.digester";
};
grant codeBase "file:/usr/share/struts1.2/struts.jar" {
  permission java.security.AllPermission;
};
// You can assign additional permissions to particular web applications by
// adding additional "grant" entries here, based on the code base for that
// application, /WEB-INF/classes/, or /WEB-INF/lib/ jar files.
//
// Different permissions can be granted to JSP pages, classes loaded from
// the /WEB-INF/classes/ directory, all jar files in the /WEB-INF/lib/
// directory, or even to individual jar files in the /WEB-INF/lib/ directory.
//
// For instance, assume that the standard "examples" application
// included a JDBC driver that needed to establish a network connection to the
// corresponding database and used the scrape taglib to get the weather from
// the NOAA web server.  You might create a "grant" entries like this:
//
// The permissions granted to the context root directory apply to JSP pages.
// grant codeBase "file:${catalina.base}/webapps/examples/-" {
//      permission java.net.SocketPermission "dbhost.mycompany.com:5432", "connect";
//      permission java.net.SocketPermission "*.noaa.gov:80", "connect";
// };
//
// The permissions granted to the context WEB-INF/classes directory
// grant codeBase "file:${catalina.base}/webapps/examples/WEB-INF/classes/-" {
// };
//
// The permission granted to your JDBC driver
// grant codeBase "jar:file:${catalina.base}/webapps/examples/WEB-INF/lib/driver.jar!/-" {
//      permission java.net.SocketPermission "dbhost.mycompany.com:5432", "connect";
// };
// The permission granted to the scrape taglib
// grant codeBase "jar:file:${catalina.base}/webapps/examples/WEB-INF/lib/scrape.jar!/-" {
//      permission java.net.SocketPermission "*.noaa.gov:80", "connect";
// };
Attachments:
 
catalina.out.txt (1.4 MB) (File Type Details) 
catalina.out file from my system
 
[+][-]07.10.2008 at 04:26PM PDT, ID: 21978288

View this solution now by starting your 14-day free trial. Setting up your free trial is quick, easy, and secure. We will return you to this solution, unlocked, when you're done.

 

About this solution

Zones: Apache Tomcat Application Server, Apache Web Server, Java Server Pages (JSP)
Tags: Tomcat, 5.5, Apache/2.2.8 (Ubuntu 8.04), Sun NetBeans 6.01 IDE, JSP, Firefox 3, JasperException: access denied
Sign Up Now!
Solution Provided By: objects
Participating Experts: 1
Solution Grade: A
 
 
[+][-]07.11.2008 at 12:48AM PDT, ID: 21980618

Often, when Experts are collaborating with members who have asked questions, they will request additional information about the problem. Askers respond with an author comment like this one.

Start your 14-day free trial to view this Author Comment or ask the Experts your question.

 
 
Loading Advertisement...
20081112-EE-VQP-43 / EE_QW_2_20070628