发表新帖
发表新帖

How do I set the timezone in Tomcat for a single web app?

前端 未结
关注
8 1923
春和景丽
春和景丽 2021-02-05 13:00

What is the best way to set the time zone in Tomcat for a single web app? I\'ve seen options for changing the command-line parameters or environment variables for Tomcat, but is

8条回答
  • 时光取名叫无心
    时光取名叫无心 (楼主)
    2021-02-05 13:46

    In JDK 6, Sun/Oracle has changed the implementation of Timezone. In JDK 5.0 setDefault sets the timezone in a thread local variable always and not across the JVM and that caused a few issues. Sun acknowledged this as a bug and fixed in JDK 1.6.

    In JDK 1.6 onwards ( I checked the source code for both JDK 1.6 and JDK 1.7) if the JVM is not started with a security manager ( or it's not set with System.SetsecurityManager()), setDefault method sets it globally across the JVM and not in a thread specific way. If you want to set it only for a given thread then you have to start JVM with a security manager.

    When you start Tomcat JVM with a security manager you need to provide individual permissions which was a no starter for us as we were late in the release cycle. Hence in the security policy file we provided all permissions and we overrode the default JAVA security manager to selectively deny the timezone write access. Due to lazy initialization issue with Timezone class I needed to call Timezone.getDefault() in the static block that makes the Timezone class initialized before the securityManager comes into play.

    Here is my test program.

    --Policy file test.policy

    grant {
        permission java.security.AllPermission;

};

    -- Custom Security Manager

    import java.security.Permission;
import java.util.TimeZone;


public class CustomSecurityManager extends SecurityManager {

static {
    TimeZone.getDefault().getDisplayName();
}



public CustomSecurityManager() {
    super();
}


public void checkPermission(Permission perm) throws SecurityException,NullPointerException
{

            String propertyName = perm.getName();
            String actionName = perm.getActions();
            if(propertyName != null && actionName != null)
            {
                if(propertyName.equalsIgnoreCase("user.timezone")
                        && actionName.equalsIgnoreCase("write"))
                {
                    throw new SecurityException("Timezone write is not permitted.");
                }

            }

}

    }

    -- JVM startup Parameters

    -Djava.security.manager=CustomSecurityManager -Djava.security.policy=C:/workspace/test/src/test.policy

    0 讨论(0)
 看不清?
提交回复
热议问题