Major Description
I set my Tomcat Security policy to:
grant {
permission java.security.AllPermission;
};
Start Tomcat 5.0.31 as:
catalina run -security
And it gets a stack overflow from recursive loop in policy setup:
at java.security.AccessController.checkPermission(AccessController.java:
401)
at java.lang.SecurityManager.checkPermission(SecurityManager.java:524)
at javax.security.auth.Subject.getSubject(Subject.java:251)
at org.apache.jetspeed.security.impl.RdbmsPolicy.getPermissions(RdbmsPol
icy.java:90)
at java.security.Policy.getPermissions(Policy.java:343)
at java.security.Policy.implies(Policy.java:397)
at java.security.ProtectionDomain.implies(ProtectionDomain.java:189)
at java.security.AccessControlContext.checkPermission(AccessControlConte
As an interim fix, if you don't need the Rdbms Policy,
In the jetspeed-spring.xml, comment out:
<!-- Security: RDBMS Policy implementation for JAAS -->
<!--
<bean id="org.apache.jetspeed.security.impl.RdbmsPolicy"
class="org.apache.jetspeed.security.impl.RdbmsPolicy"
>
<constructor-arg ><ref bean="org.apache.jetspeed.security.PermissionManager"/></constructor-arg>
</bean>
-->
<!-- Security: Authorization Provider -->
<!--
<bean id="org.apache.jetspeed.security.AuthorizationProvider"
class="org.apache.jetspeed.security.impl.AuthorizationProviderImpl"
>
<constructor-arg ><ref bean="org.apache.jetspeed.security.impl.RdbmsPolicy"/></constructor-arg>
</bean>
-->