Technical data
Setting Up the Java Security Manager
Administration Guide 14-65
Note: In pre-6.0 releases of WebLogic Server, you enabled the Java Security
Manager by using the
-Dweblogic.security.manager property when
starting WebLogic Server. Please note the change in the property for
WebLogic Server version 6.0 and greater.
To use the Java Security Manager with WebLogic Server, specify the
-Djava.security.manager property when starting WebLogic Server.
The Java Security Manager uses a security policy file that defines permissions. The full
pathname of security policy is specified in the
-Djava.security.policy property
when you start WebLogic Server. If you enable the Java Security Manager but do not
specify a security policy file, the Java Security Manager uses the default security
policies defined in the
java.security and java.policy files in the
$JAVA_HOME/lib/security directory.
WebLogic Server includes an example security policy file named weblogic.policy.
This file contains a set of default permissions.
To use the Java Security Manager security policy file with your WebLogic Server
deployment:
1. Edit the following lines in the
weblogic.policy file, replacing the specified
location with the location of your WebLogic Server installation:
grant codebase "file://BEA/-"{
permission java.io.FilePermission "D:${/}BEA${/}=", ...
Note: This change assumes your installation directory structure is the same as the
one described in the BEA WebLogic Server Installation Guide.
2. If you want to run the Administration Console, add the following grant block and
permissions to the
weblogic.policy file:
grant {
permission java.io.FilePermission
"D:{/}BEA${/}wlserver6.1${/}weblogic${/}management${/}console${
/}-", "read";
permission java.io.FilePermission
"D:{/}BEA${/}wlserver6.1${/}config${/}${/}applications${/}.wl_t
emp_do_not_delete${/}weblogic${/}management${/}console${/}-",
"read";
permission java.util.PropertyPermission "user.*", "read";
};