WebSphere Application Server Network Deployment, Version 6.0.x     Operating Systems: AIX, HP-UX, Linux, Solaris, Windows

Configuring static policy files

Before you begin

Java 2 security uses several policy files to determine the granted permission for each Java program. See the Java 2 security policy files article for the list of available policy files supported by WebSphere Application Server Version 6.
There are two types of policy files supported by WebSphere Application Server Version 6, dynamic policy files and static policy files. Static policy files provide the default permissions. Dynamic policy files provide application's permissions.
Policy file name Description
java.policy Contains default permissions for all of the Java programs on the node. This file seldom changes.
server.policy Contains default permissions for all of the WebSphere Application Server programs on the node. This files is rarely updated.
client.policy Contains default permissions for all of the applets and client containers on the node.
The static policy file is not a configuration file managed by the repository and the file replication service. Changes to this file are local and do not get replicated to the other machine.

Steps for this task

  1. Identify the policy file to update.
  2. Stop and restart the WebSphere Application Server.

Result

The required permission is granted for all of the Java programs running with the restarted JVM.

Example

java.security.AccessControlException: access denied (java.io.FilePermission
C:\WebSphere\AppServer\java\jre\lib\ext\mail.jar read)

When a Java program receives this exception and adding this permission is justified, add a permission to an adequate policy file, for example:

grant codeBase "file:<user client installed location>" {
permission java.io.FilePermission
"C:\WebSphere\AppServer\java\jre\lib\ext\mail.jar",
"read";
};

To decide whether to add a permission, refer to Access control exception.



Sub-topics
Configuring java.policy files
Configuring server.policy files
Configuring client.policy files

Related concepts
Java 2 security policy files
Access control exception

Related tasks
Configuring Java 2 security
Using PolicyTool to edit policy files

Related reference
Java 2 security

Task topic    

Terms of Use | Feedback

Last updated: Mar 17, 2005 4:28:29 AM CST
http://publib.boulder.ibm.com/infocenter/ws60help/index.jsp?topic=/com.ibm.websphere.nd.doc/info/ae/ae/tsec_staticpolicy.html

© Copyright IBM Corporation 2002, 2005. All Rights Reserved.
This information center is powered by Eclipse technology. (http://www.eclipse.org)