This chapter summarizes the configuration files that are not discussed in other chapters. Configuration files that should never be modified are not listed in this chapter. The following configuration files are described in detail:
The certmap.conf file configures how a certificate is mapped to an LDAP entry designated by issuerDN.
The following table describes the certmap.conf file properties.
Table 10–1 certmap.conf Properties
instance_dir/config
certmap name issuerDNname:property1 [value1] name:property2 [value2] ...
The default certificate is named default, and the default issuerDN is also named default. Therefore, the first certmap.conf defined in the file must be as follows:
certmap default default
Use # at the beginning of a line to indicate a comment.
Sun Java System Web Server 7.0 Update 3 Administrator’s Guide
The sun-web.xml file configures the features specific to the Web Server for deployed web applications. For more information about sun-web.xml, see Sun Java System Web Server 7.0 Update 3 Developer’s Guide to Java Web Applications.
The META-INF or WEB-INF directory of a module or application
The login.conf file is the login module definition configuration used by the Java Authentication and Authorization Service (JAAS) for client authentication.
instance_dir/config
The server.policy file controls the access that applications have to the resources. This file is the standard Java SE policy file. In Web Server, the Java SE SecurityManager (the Java component that enforces the policy) is not active by default. The policies granted in this policy file do not have any effect unless the SecurityManager is turned on in server.xml.
To use the Java SE SecurityManager, turn it on by adding the following JVM options to server.xml, using the jvm-options subelement of the jvm element:
<jvm-options>-Djava.security.manager</jvm-options> <jvm-options>-Djava.security.policy=instance_dir/config/server.policy</jvm-options>
You can also add JVM options using the Admin Console or the wadm set-jvm-props command.
instance_dir/config
grant [codeBase "path"] {
         permission permission_class "package", "permission_type";
...
};
Sun Java System Web Server 7.0 Update 3 Developer’s Guide to Java Web Applications
http://java.sun.com/docs/books/tutorial/security1.2/tour2/index.html
The default-web.xml is a global web deployment descriptor file that is shared by deployed web applications. There is one default-web.xml per server instance that is shared by all web applications deployed on the server instance.
instance_dir/config
Sun Java System Web Server 7.0 Update 3 Developer’s Guide to Java Web Applications