You should add permissions for the resources CIM needs to access to the policy file, or access and application execution errors may result. For example, when Nucleus is started it needs access to config directories, so read permissions to the config directories must be specified in the policy file.

To start the CIM with Java Security Manager enabled add the following Java argument to your cim.bat file:

-Djava.security.manager

Unique permissions have been added to the common Oracle Commerce Platform ATG-java.policy file for CIM for your reference. This file can be found in the following location:

$DYNAMO_HOME/home/policy/

This directory also contains application server specific policy files such as AdditionalPermissionsJBoss.policy. You may need to replace the application server specific directory paths in the file for your application server (for example, replace $jboss.home.dir with C:\jboss-eap-6.1). Other properties are dynamically resolved.

In situations where CIM prompts for the path to the application server installation directory or migration path directory or other prompts, you should add read permissions for these directories.