Strictly speaking, the webapps are in ${catalina.base}, not .home,

as well as it is shown by examples below those lines in the policy file.

git-svn-id: https://svn.apache.org/repos/asf/tomcat/trunk@955655 13f79535-47bb-0310-9956-ffa450edef68

diff --git a/conf/catalina.policy b/conf/catalina.policy
index d65e13f..511e864 100644 (file)
--- a/conf/catalina.policy
+++ b/conf/catalina.policy
@@ -188,7 +188,7 @@ grant {
 
 // The Manager application needs access to the following packages to support the
 // session display functionality
-grant codeBase "file:${catalina.home}/webapps/manager/-" {
+grant codeBase "file:${catalina.base}/webapps/manager/-" {
     permission java.lang.RuntimePermission "accessClassInPackage.org.apache.catalina";
     permission java.lang.RuntimePermission "accessClassInPackage.org.apache.catalina.manager";
     permission java.lang.RuntimePermission "accessClassInPackage.org.apache.catalina.manager.util";

diff --git a/webapps/docs/security-manager-howto.xml b/webapps/docs/security-manager-howto.xml
index c8f7130..c600861 100644 (file)
--- a/webapps/docs/security-manager-howto.xml
+++ b/webapps/docs/security-manager-howto.xml
@@ -354,7 +354,7 @@ grant {
 
 // The Manager application needs access to the following packages to support the
 // session display functionality
-grant codeBase "file:${catalina.home}/webapps/manager/-" {
+grant codeBase "file:${catalina.base}/webapps/manager/-" {
     permission java.lang.RuntimePermission "accessClassInPackage.org.apache.catalina";
     permission java.lang.RuntimePermission "accessClassInPackage.org.apache.catalina.manager";
     permission java.lang.RuntimePermission "accessClassInPackage.org.apache.catalina.manager.util";