Why and when to perform this task
Java 2 security uses several policy files to determine the granted permission for each Java program. See Java 2 security policy files for the list of available policy files supported by WebSphere Application Server. The library.policy file is the template for shared libraries (Java library classes). Multiple enterprise applications can define and use shared libraries. Refer to Managing shared libraries for information on how to define and manage the shared libraries.If the default permissions for a shared library (union of the permissions defined in the java.policy file, the app.policy file and the library.policy file) are enough, no action is required. The default library policy is picked up automatically. If a specific change is required to share a library in the cell, update the library.policy file.
Syntax errors in the policy files cause the application server to fail. Edit these policy files carefully.
Steps for this task
Result
An updated library.policy is applied to shared libraries after the servers restart.Example
java.policyapp.policylibrary.policylibrary.policy grant {
};
java.security.AccessControlException: access denied (java.io.FilePermission
C:\WebSphere\AppServer\java\jre\lib\ext\mail.jar read)
The previous lines are one continuous line.
When a Java program receives this exception and adding this permission is justified, add a permission to the library.policy file, for example: grant codeBase "file:<user client installed location>" { permission java.io.FilePermission "C:\WebSphere\AppServer\java\jre\lib\ext\mail.jar", "read"; };
to decide whether to add a permission, refer to Access control exception.
What to do next
Restart the related Java processes for the changes in the library.policy file to become effective.Related concepts
Access control exception
Java 2 security policy files
Related tasks
Configuring the was.policy file
Configuring spi.policy files
Configuring library.policy files
Adding the was.policy file to applications
Configuring server.policy files
Configuring java.policy files
Using PolicyTool to edit policy files