Waveset must be given permissions to perform certain actions.
Add the following lines to the server.policy file for the domain in which Waveset is installed (located in ApplicationServerHome/domains/domainName/config). Note that the ${waveset.home} variable must be expanded in the server.policy file.
grant { permission java.lang.RuntimePermission "accessClassInPackage.sun.io"; permission java.lang.RuntimePermission "getClassLoader"; permission java.lang.RuntimePermission "createClassLoader"; permission java.lang.RuntimePermission "accessDeclaredMembers"; permission com.waveset.repository.test.testConcurrentLocking "read"; permission java.net.SocketPermission "*", "connect,resolve"; permission java.io.FilePermission "*", "read"; permission java.util.PropertyPermission "*", "read,write"; }; grant codeBase "file:${waveset.home}/-" { permission java.util.PropertyPermission "waveset.home", "read,write"; permission java.util.PropertyPermission "security.provider", "read,write"; permission java.io.FilePermission "${waveset.home}${/} *", "read,write,execute"; permission java.io.FilePermission "${waveset.home}/help/index/-", "read,write,execute,delete"; permission java.io.FilePermission "$(java.io.tmpdir)$(/)*", "read,write,delete"; permission java.util.PropertyPermission "*", "read,write"; permission java.lang.RuntimePermission "accessClassInPackage.sun.io"; permission java.net.SocketPermission "*", "connect,resolve"; permission javax.management.MBeanServerPermission "*"; permission javax.management.MBeanPermission "*", "*"; permission javax.management.MBeanTrustPermission "*"; }; |
If you want to deploy Waveset Service Provider, add the following permissions to the above server.policy file entries.
grant { permission java.lang.RuntimePermission "shutdownHooks"; permission java.io.FilePermission "${waveset.home}/WEB-INF/spe/config/spe.tld", "read"; }; |
If you fail to update the old server.policy file with the above, and try to use the search engine, lock files may be created in the index directory that cannot be removed by the container. This always causes queries to hang, even if the server.policy file is subsequently updated.
For example, the contents of the help/index/docs directory should contain these five files:
AL MF p1.dict p1.fields p1.post |
In addition to the above, there may be two lock files:
AL.lock MF.lock |
These must be deleted manually. Once these are removed (and the server.policy file updated correctly), search queries will work as expected.
If you want to run with trace set to write to a file, you will need to add the following additional permissions to the server.policy file.
grant { permission java.io.FilePermission "/var/opt/SUNWappserver/domains/domain1/applications/j2ee-modules/ idm/config/trace1.log", "read,write"; permission java.io.FilePermission "$(java.io.tmpdir)$(/)*", "read,write,delete"; permission java.util.PropertyPermission "trace.file", "read"; permission java.util.PropertyPermission "trace.destination", "read"; permission java.util.PropertyPermission "trace.enabled", "read"; }; |
where FilePermission is the actual path of the trace file. Adjust the path to the output file as needed.
Restart the application server.
To verify setup, log in to Waveset. You can do this within the Admin Console by clicking the Launch button on the “idm” line of the Web Applications folder.