Troubleshooting Security

If you want to monitor security access, you can set the System property. To see a list of all debugging options, use the help setting:



The following table lists options and links to further information about each option:

Option Description Further Information
all Turn on all debugging None

Print all results from the AccessController.checkPermission method.

You can use the following options with the access option:

  1. stack: Include stack trace
  2. domain: Dump all domains in context
  3. failure: Before throwing exception, dump stack and domain that do not have permission

You can use the following options with the stack and domain options:

  1. permission=<classname>: Only dump output if specified permission is being checked
  2. codebase=<URL>: Only dump output if specified codebase is being checked
certpath Turns on debugging for the PKIX CertPathValidator and CertPathBuilder implementations. You can use the ocsp option with the certpath option for OCSP protocol tracing. A hexadecimal dump of the OCSP request and response bytes is displayed.
combiner SubjectDomainCombiner debugging
configfile JAAS (Java Authentication and Authorization Service) configuration file loading
configparser JAAS configuration file parsing
gssloginconfig Java GSS (Generic Security Services) login configuration file debugging
jar JAR file verification
jca JCA engine class debugging
keystore Keystore debugging
logincontext LoginContext results
pcsc Java Smart Card I/O and SunPCSC provider debugging
pkcs11 PKCS11 session manager debugging
pkcs11keystore PKCS11 KeyStore debugging
pkcs12 PKCS12 KeyStore debugging None
properties configuration file debugging None
policy Loading and granting permissions with policy file
provider Security provider debugging
scl Permissions SecureClassLoader assigns
sunpkcs11 SunPKCS11 provider debugging
ts Timestamping debugging None
x509 X.509 certificate debugging

Copyright © 1993, 2023, Oracle and/or its affiliates. All rights reserved.