Refine permissions a bit more
Signed-off-by: Jean-Louis Monteiro <jlmonteiro@tomitribe.com>
diff --git a/src/test/tomee-plume/conf/catalina.policy b/src/test/tomee-plume/conf/catalina.policy
index 565dcf2..4413ba4 100644
--- a/src/test/tomee-plume/conf/catalina.policy
+++ b/src/test/tomee-plume/conf/catalina.policy
@@ -171,14 +171,16 @@
permission java.util.PropertyPermission "openejb.*", "read";
permission java.util.PropertyPermission "user.name", "read";
permission java.util.PropertyPermission "java.io.tmpdir", "read";
+ permission java.io.FilePermission "${catalina.base}/lib/-", "read"; // java ee api class, slf4j, owb, etc
permission java.lang.RuntimePermission "accessClassInPackage.org.apache.catalina.loader"; // tomee
permission java.lang.RuntimePermission "accessClassInPackage.org.apache.catalina.core"; // tomee
permission java.lang.RuntimePermission "accessClassInPackage.org.apache.catalina.realm"; // tomee
- permission java.io.FilePermission "${catalina.base}/lib/-", "read"; // java ee api class, slf4j, owb, etc
+ permission java.lang.RuntimePermission "setContextClassLoader"; // tomee
permission java.lang.RuntimePermission "accessDeclaredMembers"; // owb
permission java.lang.reflect.ReflectPermission "suppressAccessChecks"; // owb
permission java.net.SocketPermission "localhost", "connect,resolve"; // jndi
permission java.net.SocketPermission "127.0.0.1", "connect,resolve"; // jndi
+ permission javax.security.auth.AuthPermission "doAsPrivileged"; // tomee security
permission javax.security.auth.AuthPermission "modifyPrincipals"; // tomee security
permission javax.security.auth.AuthPermission "modifyPrivateCredentials"; // tomee security