Security permission is missing for CRL validation (6673538) (Sun Java System Access Manager 7.1 Release Notes)

Sun Java System Access Manager 7.1 Release Notes

Previous: Access Manager JAR files should include version number in MANIFEST.MF file (6693152)
Next: SecurID authentication is supported on Solaris x86 systems (6621802)

Security permission is missing for CRL validation (6673538)

Certificate-based authentication is not working if it is configured with Certificate Revocation list (CRL) checking.

Workaround. For an existing Access Manager instance, add the following security permission to the web container server policy file and then restart the web container:

permission java.security.SecurityPermission "getProperty.ocsp.*";

For Sun Java System Application Server and IBM WebSphere Application Server, the security policy file is server.policy. For BEA WebLogic Server, the file is weblogic.policy.

For new Access Manager instances, the respective web container amconfig script has been revised to add this security permission to the security policy file.