JAVA POLICY FILE
The Java™ 2 Platform, Enterprise Edition (J2EE) Version 1.3 and later specifications have a well-defined programming model of responsibilities between the container providers and the application code.
The java.policy file is a global default policy file that is shared by all of the Java programs that run in the Java virtual machine (JVM) on the node. A change to the java.policy file is local for the node.
The java.policy file is not a configuration file that is managed by the repository and the file replication service. Changes to this file are local and do not get replicated to the other machine.
By using this feature we can control the execution ,
To set the run-time permissions such that Java won’t grant the global permissions. Then you can specify only the permissions you want granted for your app. The key is to run your app with the options below.
java -Djava.security.manager -Djava.security.policy==policyFile.txt MyClass
Note the double equals -Djava.security.policy==policyFile.txt. The double equals == means to use only the permissions in the named file as opposed to the single equal sign -Djava.security.policy=policyFile.txt which means use these permissions in addition to the inherited global permissions.
Then create a policy file excluding the permissions you want to deny:
//policyFile.txt
grant codeBase “file:/C:/abc.jar” {
//list of permissions minus the ones you want to deny
//for example , the following give the application
//ONLY AudioPermission and AWTPermission. Other permission such as
//java.io.FilePermission would be denied.
permission javax.sound.sampled.AudioPermission;
permission java.awt.AWTPermission;
}
NOTE : {app_server_root}/java/jre/lib/security/java.policy. Default permissions are granted to all classes. The policy of this file applies to all the processes launched by `Application Server.
Pushpraj Kumar
Best Open Source Business Intelligence Software Helical Insight is Here