Secure Connection Failed when using tomcat with security manager enabled

Question

I have deployed a web application (example.war) on tomcat 6 with SSL enabled.

When I start tomcat without security manager and try connect to the server with url: "https://localhost:8443/example" it successfully connects and and displays the contents of index.jsp file (welcome-file).

But when I start tomcat with security manager, it show following error on browser (firefox) for the same url.

Secure Connection Failed

An error occurred during a connection to localhost:8443.
Peer reports it experienced an internal error.
(Error code: ssl_error_internal_error_alert)

The page you are trying to view cannot be shown because the authenticity of the received data could not be verified.

Here are the permission provided in catalina.policy

grant {
    permission java.util.PropertyPermission "java.home", "read";
    permission java.util.PropertyPermission "java.naming.*", "read";
    permission java.util.PropertyPermission "javax.sql.*", "read";

    // OS Specific properties to allow read access
    permission java.util.PropertyPermission "os.name", "read";
    permission java.util.PropertyPermission "os.version", "read";
    permission java.util.PropertyPermission "os.arch", "read";
    permission java.util.PropertyPermission "file.separator", "read";
    permission java.util.PropertyPermission "path.separator", "read";
    permission java.util.PropertyPermission "line.separator", "read";

    // JVM properties to allow read access
    permission java.util.PropertyPermission "java.version", "read";
    permission java.util.PropertyPermission "java.vendor", "read";
    permission java.util.PropertyPermission "java.vendor.url", "read";
    permission java.util.PropertyPermission "java.class.version", "read";
    permission java.util.PropertyPermission "java.specification.version", "read";
    permission java.util.PropertyPermission "java.specification.vendor", "read";
    permission java.util.PropertyPermission "java.specification.name", "read";

    permission java.util.PropertyPermission "java.vm.specification.version", "read";
    permission java.util.PropertyPermission "java.vm.specification.vendor", "read";
    permission java.util.PropertyPermission "java.vm.specification.name", "read";
    permission java.util.PropertyPermission "java.vm.version", "read";
    permission java.util.PropertyPermission "java.vm.vendor", "read";
    permission java.util.PropertyPermission "java.vm.name", "read";

    // Required for OpenJMX
    permission java.lang.RuntimePermission "getAttribute";

    // Allow read of JAXP compliant XML parser debug
    permission java.util.PropertyPermission "jaxp.debug", "read";

    // Precompiled JSPs need access to these packages.
    permission java.lang.RuntimePermission "accessClassInPackage.org.apache.catalina";
    permission java.lang.RuntimePermission "accessClassInPackage.sun.security.util";
    permission java.lang.RuntimePermission "accessClassInPackage.org.apache.jasper.el";
    permission java.lang.RuntimePermission "accessClassInPackage.org.apache.jasper.runtime";
    permission java.lang.RuntimePermission "accessClassInPackage.org.apache.jasper.runtime.*";

    // Precompiled JSPs need access to these system properties.
    permission java.util.PropertyPermission
     "org.apache.jasper.runtime.BodyContentImpl.LIMIT_BUFFER", "read";
    permission java.util.PropertyPermission "org.apache.el.parser.COERCE_TO_ZERO", "read";
};

grant codeBase "file:${catalina.base}/webapps/example/-" {
    permission java.security.AllPermission;
};

And it works fine when I provide all permissions as below:

grant {
    permission java.security.AllPermission;
};

grant codeBase "file:${catalina.base}/webapps/example/-" {
    permission java.security.AllPermission;
};

I want to know what specific permissions I am supposed to add so as to make it work without providing AllPermission?

Secure Connection Failed when using tomcat with security manager enabled

Answers (1)

Related Questions