Using Programmatic Security

In addition to the container-managed authentication provided by the realms, Sun Java System Web Server 6.1 also supports managed authentication accessed through the programmatic login interface. This interface provides support to custom authentication models that do not fit into the realm infrastructure. Programmatic login can be used by J2SE applications to directly establish authentication contexts for themselves. This makes the application less portable and less maintainable and is not recommended.

The ProgrammaticLoginPermission permission is required to invoke the programmatic login mechanism for an application. This permission is not granted by default to deployed applications because this is not a standard J2SE mechanism.

Sun Java System web Server 6.1 supports the Security Manager. The Security manager is disabled by default when you first install the server. If you have enabled the Java Security Manager in your server instance, you need to grant this permission to any web applications that will use programmatic login.

To grant the required permission to the application, you need to edit the server.policy file.

You can enable policy support by specifying the standard Java policy entries in the server.xml file:

<JVMOPTIONS>-Djava.security.manager</JVMOPTIONS>
<JVMOPTIONS>-Djava.security.policy=install-root/https-
servername/config/server.policy</JVMOPTIONS>

For more information details about the server.policy file, see the Sun Java System Web Server 6.1 SP9 Programmer’s Guide to Web Applications.