The Application Server enforces a set of default security policies that, unless modified, would prevent the HTTP tunnel servlet from accepting connections from the Message Queue broker.
Each application server instance has a file that contains its security policies, or rules. For example, the location of this file for the server1 instance on Solaris is:
/var/opt/SUNWappserver8/domains/domain1/server1/config/ server.policy
To configure the tunnel servlet to accept connections from the Message Queue broker, an additional entry is required in this file.