October 2007
Intermediate to advanced
496 pages
16h 50m
English
The configuration file for security decisions is catalina.policy, a
standard Java format security policy file that is read by the Java Virtual Machine. But,
this file is only used if you invoke Tomcat with the -security option. It contains a series of permissions, each granted to a
particular codeBase, or set of Java classes. The
general format is as follows:
// comment...
grant codeBase LIST {
permission PERM;
permission PERM;
...
}This file and Tomcat security is discussed in great detail in Chapter 6 and is included here largely for completeness. As an example, the first permission granted in the distributed version of catalina.policy is:
// These permissions apply to javac
grant codeBase "file:${java.home}/lib/-" {
permission java.security.AllPermission;
};