permissionCollection = policy.getPermissions(codeSource);
// Create a file read permission for web app context directory
if (!docBase.endsWith(File.separator)){
permissionCollection.add
(new FilePermission(docBase,"read"));
docBase = docBase + File.separator;
} else {
permissionCollection.add
(new FilePermission
(docBase.substring(0,docBase.length() - 1),"read"));
}
docBase = docBase + "-";
permissionCollection.add(new FilePermission(docBase,"read"));
// Create a file read permission for web app tempdir (work)
// directory
String workDir = options.getScratchDir().toString();
if (!workDir.endsWith(File.separator)){
permissionCollection.add
(new FilePermission(workDir,"read"));
workDir = workDir + File.separator;
}
workDir = workDir + "-";
permissionCollection.add(new FilePermission(workDir,"read"));
// Allow the JSP to access org.apache.jasper.runtime.HttpJspBase
permissionCollection.add( new RuntimePermission(
"accessClassInPackage.org.apache.jasper.runtime") );
if (parentClassLoader instanceof URLClassLoader) {
URL [] urls = parentClassLoader.getURLs();
String jarUrl = null;
String jndiUrl = null;
for (int i=0; i<urls.length; i++) {
if (jndiUrl == null
&& urls[i].toString().startsWith("jndi:") ) {
jndiUrl = urls[i].toString() + "-";
}
if (jarUrl == null
&& urls[i].toString().startsWith("jar:jndi:")
) {
jarUrl = urls[i].toString();
jarUrl = jarUrl.substring(0,jarUrl.length() - 2);
jarUrl = jarUrl.substring(0,
jarUrl.lastIndexOf('/')) + "/-";
}
}
if (jarUrl != null) {
permissionCollection.add(
new FilePermission(jarUrl,"read"));
permissionCollection.add(
new FilePermission(jarUrl.substring(4),"read"));
}
if (jndiUrl != null)
permissionCollection.add(
new FilePermission(jndiUrl,"read") );
}
} catch(Exception e) {
context.log("Security Init for context failed",e);
}
}