How do I run QueueMetrics with Java Security?
2008-06-16Java Security is a way to fine-tune the grants that a web-application has. This can be
quite complex if you do not exactly know what a webapp is doing internally. You can set this
by updating a policy file and running Tomcat in secure mode.
To make sure you are running under Java Security, you can check the value of the property java.security.policy under the Licence page - if it is set to something like =/usr/local/queuemetrics/tomcat/conf/catalina.policy, then security is enabled.
The following permissions apply to QM 1.4.5 - just add them to your catalina.policy file:
Of course you have edit them to:
To make sure you are running under Java Security, you can check the value of the property java.security.policy under the Licence page - if it is set to something like =/usr/local/queuemetrics/tomcat/conf/catalina.policy, then security is enabled.
The following permissions apply to QM 1.4.5 - just add them to your catalina.policy file:
grant codeBase "file:/usr/local/queuemetrics/tomcat/webapps/queuemetrics/-" {
permission java.net.SocketPermission "localhost:3306", "connect,resolve";
permission java.io.FilePermission "/var/log/asterisk/queue_log", "read";
permission java.util.PropertyPermission "*", "read,write";
permission java.lang.RuntimePermission "createClassLoader";
permission java.io.FilePermission "${java.io.tmpdir}/-", "read,write,delete";
// if you use LIVE connection to Asterisk instances:
permission java.net.SocketPermission "127.0.0.1:5038", "connect,resolve";
};
Of course you have edit them to:
- set the correct path for your QM webapp in the grant codeBase line
- set the correct path to your database
- set the cortrect path to the manager port of your Asterisk server
- if you use external XML-RPC services, you should add "connect, resolve" grants for those as well.