JSP pages won't compile with java security manager enabled in tomcat6
This document (7015799) is provided subject to the disclaimer at the end of this document.
Environment
SUSE Linux Enterprise Server 11 Service Pack 3 (SLES 11 SP3)
Situation
Enabling security manager for tomcat causes JSP pages will not compile. Following error messages could be displayed:
org.apache.jasper.JasperException: Unable to compile class for JSP
or:
org.apache.jasper.JasperException: Unable to load class for JSP
Resolution
The following rule needs to be added to the /etc/tomcat6/catalina.policy file:
grant codeBase "file:/usr/share/java/ecj.jar" {permission java.security.AllPermission;
};
Cause
The default rules in the policy file shipped within tomcat6 contains a rule to grant the "AllPermissions" to the included libraries. On SUSE Linux Enterprise Server 11 these libraries
are not shipped within same rpm. Each library has it's own rpm package and are symlinked to
tomcat6 lib directory instead. The security manager grants the right to the symlink, but not the
original file as Java is unaware of OS specifics.
are not shipped within same rpm. Each library has it's own rpm package and are symlinked to
tomcat6 lib directory instead. The security manager grants the right to the symlink, but not the
original file as Java is unaware of OS specifics.
Disclaimer
This Support Knowledgebase provides a valuable tool for SUSE customers and parties interested in our products and solutions to acquire information, ideas and learn from one another. Materials are provided for informational, personal or non-commercial use within your organization and are presented "AS IS" WITHOUT WARRANTY OF ANY KIND.
- Document ID:7015799
- Creation Date: 20-Oct-2014
- Modified Date:28-Sep-2022
-
- SUSE Linux Enterprise Server
For questions or concerns with the SUSE Knowledgebase please contact: tidfeedback[at]suse.com
