• Post Reply Bookmark Topic Watch Topic
  • New Topic
programming forums Java Mobile Certification Databases Caching Books Engineering Micro Controllers OS Languages Paradigms IDEs Build Tools Frameworks Application Servers Open Source This Site Careers Other Pie Elite all forums
this forum made possible by our volunteer staff, including ...
Marshals:
  • Campbell Ritchie
  • Tim Cooke
  • Liutauras Vilda
  • Jeanne Boyarsky
  • paul wheaton
Sheriffs:
  • Ron McLeod
  • Devaka Cooray
  • Henry Wong
Saloon Keepers:
  • Tim Holloway
  • Stephan van Hulst
  • Carey Brown
  • Tim Moores
  • Mikalai Zaikin
Bartenders:
  • Frits Walraven

Running JForum with Security Policy

 
Ranch Hand
Posts: 17424
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
I am running JForum on Tomcat with the security manager. It took a while for me to get the security policy created. I basically ran with security debugging on and granted permissions when I saw access errors. I did this until it ran without errors. I have been running a couple of days without access errors so this is pretty close to everything you need. The security is relatively fine grained but in general I gave permissions to all classes and libraries within the application directory to work within the application directory at the access level they needed. I could have given the permissions to specific classes but this would have taken even longer and been more complicated to manage. I think this provides a reasonable security policy. Let me know if you have any suggestions for improvement. I am posting here as a starting point for others.


[originally posted on jforum.net by parisila]
 
I want my playground back. Here, I'll give you this tiny ad for it:
Gift giving made easy with the permaculture playing cards
https://coderanch.com/t/777758/Gift-giving-easy-permaculture-playing
reply
    Bookmark Topic Watch Topic
  • New Topic