[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: java.policy ?

To: dmn1@bellsouth.net
Subject: Re: java.policy ?
From: Cynthia Jeness <cj@goldencode.com>
Date: Wed, 06 Feb 2002 08:41:26 -0500
CC: ajug-members@ajug.org
Organization: Golden Code Development Corp
References: <NOEKLIKDNJJJLGEFBANMIEFPCJAA.dmn1@bellsouth.net>
Sender: cj@www.ajug.org

Michael,

I have to assume that the path for the file in the
<installdir>/jre/lib/security/java.security is just incorrect.  I would make
this name match with the actual path to your system wide security file.  The
same problem seems to exist on both the Linux and Solaris version of the JDK.

In terms of the home directory, when I printed this out on a Windows 98 System
with the Sun jdk 1.3.1_02 installed using the "user.home" System property, I
got "C:\WINDOWS".   Since I rarely use Windows, I don't know how you check
environment variables  or how you set them outside of AUTOEXEC.BAT.  Anyway,
you do not need to use the special variables, you can use a complete file name.

If I want to use a special security policy for my program, I normally put this
in my application jar file and set the property programmatically; e.g.,

    System.setProperty("java.security.policy",
getClass().getResource(SECURITY_FILE_NAME).toString());
    if (System.getSecurityManager() == null) {
        System.setSecurityManager(new java.rmi.RMISecurityManager());
    }

I always have to do this for RMI because the basic RMI security is too limited.

Cindy


"D. Michael Nelson" wrote:

> Hi Cindy,
>
> Thanks for the reply.  I added my reply under your comments.
>
> When you changed the name, did you use forward slashes (recommended) or at
> least double back slashes?  The back slash is an escape character.  So many
> times when you specify file names on windows using the back slash, you have
> problems.  I normally recommend the use of forward slashes.
>
> Yes, I use the forward slash.
>
> All this being said, the "java.home" property is a standard Java system
> property which holds the installation directory for the current JVM.
>
> I understand the "java.home" property simply referees to my environment
> JAVA_HOME variable.  What I am confused about is the ${user.home} property.
> What is the value of this property? I am  running W2K, and do not see an
> equivalent environment variable. Is the property even relevant for what I
> attempting to do?
>
> The reason that I am asking because of the
> C:\jdk1.3\jre\lib\security\java.security configuration file lists the
> locations that the java.policy as follow:
>
> # The default is to have a single system-wide policy file,
> # and a policy file in the user's home directory.
> policy.url.1=file:${java.home}/lib/security/java.policy
> policy.url.2=file:${user.home}/.java.policy
>
> I am under the impression that by default Java applications do not install a
> security manager.  So, in my application I install one via
> System.setSecurityManager(new SecurityManager());  Then I create my custom
> (P)Permission object and used the instance of SecurityManager to call
> checkPermission(P) which in turns calls my custom permission object
> implies() method . I was able to get the application to work using a the
> java -D{my policy file name} command line option.
>
> What I am  attempting do now is used the system standard java.policy (with
> the appropriate grant entries modifications for my application) and the
> SecurityManager to load it (java.policy) without having to use the java -D
> command line option.
>
> Please note. The java.security configuration and java.policy are both
> located C:\${java.home}\jre\lib\security\, which appears to contradict the
> java.policy location configuration  ${java.home}/lib/security/java.policy
> listed in the java.security configuration file.  Where should these files
> (java.security and java.policy) be located within the ${java.home}
> installation?
>
> I have tried to modify the java.security location configuration to reflect
> the physical location of the java.policy file, but it do not work.  Do I
> still have to use the java -Djava.security.policy=java.policy command line
> option to use the standard java.policy file? Any suggestions?
>
> Thanks In advance,
> Michael N.
>
> "D. Michael Nelson" wrote:
>
> > Hello,
> >
> > I have created a custom Permission class.  My application works fine with
> my
> > explicitly named policy file when using the java -D command line option,
> but
> > I am trying to get it to work with the standard system file
> > C:\jdk1.3\jre\lib\security\java.policy.
> >
> > Here is what I have done:
> >
> > I modified the java.policy to include the required Permissions for my app
> (I
> > tested the modification to ensure that it works using the java -D command
> > line option).
> >
> > The C:\jdk1.3\jre\lib\security\java.security configuration file lists the
> > location as follow:
> >
> > # The default is to have a single system-wide policy file,
> > # and a policy file in the user's home directory.
> > policy.url.1=file:${java.home}/lib/security/java.policy
> > policy.url.2=file:${user.home}/.java.policy
> >
> > However, the java.policy is located in the C:\jdk1.3\jre\lib\security\.
> So,
> > I modified the java.security configuration to reflect the location of
> > java.policy file.
> >
> > Is necessary to have the java.policy located in ${user.home}? If yes, what
> > is the value of this system variable in W2K environment?
> >
> > Then I ran my application using just "java AppName".  This of course did
> not
> > work.  Any suggestions.
> >
> > Thanks in advance,
> > Michael N.
>
>   ------------------------------------------------------------------------
>                   Name: winmail.dat
>    winmail.dat    Type: application/ms-tnef
>               Encoding: base64

Prev by Date: RE: Java recommendations for young students?
Next by Date: RE: Java recommendations for young students?
Prev by thread: Re: java.policy ?
Next by thread: Re: VisialCafe tutorial?
Index(es):
- Date
- Thread