To enable the Java Security Manager, pass the following arguments to the jvm:
-Djava.security.manager -Djava.security.policy=Location of the policy file
Use the = operator to append the default policy file. By default, java uses this policy file:
jre/lib/java.policy
To override the default policy file use the == operator, for example:
-Djava.security.policy==path
to
policy
file
Debug
To debug any java security issues and check for access denied errors, use:
-Djava.security.debug=access:failure
Working with your policy files
Java provides the utility policytool.exe
to edit policy entries and modify permissions in your policy files. At a command prompt, enter policytool
, and the policy tool opens.
After launching the tool, choose File -> Open
to select, open, and check your policy file for any errors before adding the file path to java arguments. Check your policy file for parsing errors before enabling the security manager.