diff options
author | Endi Sukma Dewata <edewata@redhat.com> | 2012-10-02 11:40:35 -0500 |
---|---|---|
committer | Endi Sukma Dewata <edewata@redhat.com> | 2012-10-26 23:32:31 -0500 |
commit | 5eab7fedf1c78610b5e030b9e07e93f32633e9ad (patch) | |
tree | ce99a025f5f4f7b15a594bbd84dbc90a5aed4fc9 /base/deploy/scripts/operations | |
parent | 9c17ef40d7ee983e59ad009d960473611262ac40 (diff) | |
download | pki-5eab7fedf1c78610b5e030b9e07e93f32633e9ad.tar.gz pki-5eab7fedf1c78610b5e030b9e07e93f32633e9ad.tar.xz pki-5eab7fedf1c78610b5e030b9e07e93f32633e9ad.zip |
Enabled Tomcat security manager.
The tomcat.conf and the template deployment configuration have been
modified to enable the security manager. The operations script has
been modified to generate a new catalina.policy from the standard
Tomcat policy, the standard PKI policy and the custom policy every
time the instance is started.
The current catalina.policy has been changed to store a header for
the dynamically generated catalina.policy. A new pki.policy has been
added to store the default PKI security policy. An empty
custom.policy has been added to store policy customization.
Ticket #223
Diffstat (limited to 'base/deploy/scripts/operations')
-rw-r--r-- | base/deploy/scripts/operations | 7 |
1 files changed, 7 insertions, 0 deletions
diff --git a/base/deploy/scripts/operations b/base/deploy/scripts/operations index 4716e766f..be5053ba2 100644 --- a/base/deploy/scripts/operations +++ b/base/deploy/scripts/operations @@ -1216,6 +1216,13 @@ start_instance() case $PKI_WEB_SERVER_TYPE in tomcat) + # Generate catalina.policy dynamically. + cat /usr/share/pki/server/conf/catalina.policy \ + /usr/share/tomcat/conf/catalina.policy \ + /usr/share/pki/server/conf/pki.policy \ + /var/lib/pki/$PKI_INSTANCE_ID/conf/custom.policy > \ + /var/lib/pki/$PKI_INSTANCE_ID/conf/catalina.policy + # We must export the service name so that the systemd version # of the tomcat init script knows which instance specific # configuration file to source. |