Technical data
Modifying the weblogic.policy File for Third Party or User-Written Classes
Administration Guide 14-67
Modifying the weblogic.policy File for Third
Party or User-Written Classes
The best location for your server-side user code is the
weblogic/myserver/serverclasses directory. If you have third party or
user-written classes that are not in that directory, perform the following steps to protect
them:
1. Copy the entire block of code in the
weblogic.policy file from “grant
codeBase...”
to the closing bracket and semicolon.
2. Paste the selection back into the
weblogic.policy file below the section you
just copied.
3. Edit the
grant codeBase and the permission.java.io.FilePermission
statements so that the directories point to the location of your third party or
user-written code.
This procedure creates a security policy for your code that contains exactly the same
permissions as those for WebLogic Server. You should examine these permissions
closely to make sure that this is the security policy you want for those directories.
Caution: JavaSoft JDK version 1.2.1 on UNIX systems applies security policies
improperly if your WebLogic Server software is not installed in the root
directory of the file system or disk drive. Policy is only applied correct if
the path in a
grant codeBase URL has just one component. For example,
if you install WebLogic Server in
c:\test\weblogic (or even
/home/weblogic on Solaris), you will see AccessControlException
even though you use the correct URL in your security policy file.
To workaround this limitation, you can either install WebLogic in the root
directory (recommended) or modify the URL so that it contains only the
first component of the path to your WebLogic installation. For example:
grant codeBase “file:/c:/test/” {
Problems occur when using the “/-” in the specified URL. This problem
has been acknowledged by Sun Microsystems as bug #4261298, but they
have determined that this is not a bug in the JDK. They state, “when a path