Sun Java System Web Server 6.1 SP12/SP13 Release Notes

Enhanced Security

Web Server 6.1 SP13 enables you to restrict access using flat file authentication through the Java Security Manager. Enabling the Security Manager feature can improve security by restricting the rights granted to your J2EE web applications. By default, the Security Manager feature is disabled when you install the product. To enable Security Manager, uncomment the following entries in the server.xml file:

<JVMOPTIONS>-Djava.security.manager</JVMOPTIONS>

<JVMOPTIONS>-Djava.security.policy=instance-dir/config/server.policy</JVMOPTIONS>

where instance-dir is the path to the installation directory of this server instance.

For more information about server.xml, see Sun Java System Web Server 6.1 SP12 Administrator’s Configuration File Reference.