server.policy
The server.policy file controls the access that applications have to the resources. This file is the standard Java SE policy file. In Web Server, the Java SE SecurityManager (the Java component that enforces the policy) is not active by default. The policies granted in this policy file do not have any effect unless the SecurityManager is turned on in server.xml.
To use the Java SE SecurityManager, turn it on by adding the following JVM options to server.xml, using the jvm-options subelement of the jvm element:
<jvm-options>-Djava.security.manager</jvm-options> <jvm-options>-Djava.security.policy=instance_dir/config/server.policy</jvm-options>
You can also add JVM options using the Admin Console or the wadm set-jvm-props command.
Location
instance_dir/config
Syntax
grant [codeBase "path"] {
permission permission_class "package", "permission_type";
...
};
See Also
Sun Java System Web Server 7.0 Update 7 Developer’s Guide to Java Web Applications
http://java.sun.com/docs/books/tutorial/security1.2/tour2/index.html
- © 2010, Oracle Corporation and/or its affiliates