|
Mantis - Resin
|
|||||
| Viewing Issue Advanced Details | |||||
|
|
|||||
| ID: | Category: | Severity: | Reproducibility: | Date Submitted: | Last Update: |
| 3657 | minor | always | 08-28-09 09:04 | 08-01-09 15:13 | |
|
|
|||||
| Reporter: | ferg | Platform: | |||
| Assigned To: | ferg | OS: | |||
| Priority: | normal | OS Version: | |||
| Status: | closed | Product Version: | |||
| Product Build: | Resolution: | fixed | |||
| Projection: | none | ||||
| ETA: | none | Fixed in Version: | 4.0.2 | ||
|
|
|||||
| Summary: | 0003657: JSP CodeSource for security manager | ||||
| Description: |
(rep by Kai Virkki) We are trying to use SecurityManager with Resin 3.1.9 and run into the following problem: CodeSource.getLocation() returns null for compiled JSPs. This means that we cannot use a specific codebase in grant clause in our policy file, for example: grant codeBase "file:/path_to_resin/runtime/work/-" { OR grant codeBase "file:/path_to_resin/webapp/JSP-source/-" { ...some jsp-specific permissions }; Instead, we have to use a universal grant clause: grant { ..some jsp-specific permissions. Unfortunately, these will be applied to all code!!! }; Is there a way to make JSPs have a proper CodeSource? |
||||
| Steps To Reproduce: | |||||
| Additional Information: | |||||
| Relationships | |||||
| Attached Files: | |||||
| Notes | |||||
|
|
|||||
|
|
||||