Tag Archives: aspectj

Tomcat 6 Problems on Ubuntu 9.10

The default behavior of the tomcat6 server installed from the ubuntu repository is to forbid any read operation of System.getProperty(). I used tomcat6 as deployment target for the hudson builds on the same machine. AspectJ is used in a sample Spring 3 REST application. Tomcat6 logs (catalina-…log) shows the following exception

Caused by: java.security.AccessControlException: access denied (java.util.PropertyPermission org.aspectj.tracing.debug read)
        at java.security.AccessControlContext.checkPermission(AccessControlContext.java:323)
        at java.security.AccessController.checkPermission(AccessController.java:546)
        at java.lang.SecurityManager.checkPermission(SecurityManager.java:532)
        at java.lang.SecurityManager.checkPropertyAccess(SecurityManager.java:1285)
        at java.lang.System.getProperty(System.java:686)
        at org.aspectj.weaver.tools.TraceFactory.getBoolean(TraceFactory.java:34)
        at org.aspectj.weaver.tools.TraceFactory.(TraceFactory.java:21)
        ... 68 more

Updating aspectj in the maven pom to the latest version 1.6.8 doesn’t solve
the problem. The same war file works under windows with tomcat 6.0.24 without any problems. An Forum entry shows the right hint. Inside the init script
/etc/init.d/tomcat6 is default TOMCAT_SECURITY set to true, which forces the /etc/tomcat6/policy.d/* policies to be used in every web
application inside tomcat.

# Use the Java security manager? (yes/no)

So the solution can be quick (set the TOMCAT_SECURITY property inside the init script to no) or a bit more complicated (set a new policy for your web application as new file inside the policy.d folder). The problem with the more complicated one is that you need to know every security relevant operation to write the policy file).