This section examines running the Tomcat Servlet Container with a security manager.
Most likely you will have not any need to perform these adjustments.

Rationale

  • The JVM Security Manager that comes with Tomcat imposes a fine-grained security restrictions to all Java applications running the JVM.
  • It confines the Java applications in a sandbox, and restricts them from utilizing certain features of the Java language Tomcat normally is able to access.
  • If you are hosting untrusted servlets or JSP on your server, then implementing the Security Manager may be a good idea.

Resources

Security Manager HOW-TO