Manualshelf

SQL/MX 3.2 Guide to Stored Procedures in Java (H06.25+, J06.14+)

ManualsBrandsHP ManualsServerHP Integrity NonStop H-Series
61626364656667686970
Getting Started
HP NonStop SQL/MX Release 3.2 Guide to Stored Procedures in Java691166-001
2-24
SPJ Policy File and Required Permissions
Permissions for the Java System and Extension Classes
Java system classes, such as Java core API classes, and standard extension
packages are granted permissions by the default, system-wide Java policy file,
java.policy, not the SPJ policy file. The Java core API classes in the NonStop
Server for Java are always granted all permissions. Extension packages in java-
installation-directory/jre/lib/ext are typically granted all permissions.
For information about java.policy, see the Sun Microsystems Java documentation.
Permissions for the SPJ Method
To allow an SPJ method, or any application class on which the SPJ method depends,
to perform a restricted operation when Java security is enabled in the SPJ
environment, you must grant the appropriate permissions to the codebase of that Java
method. The codebase identifies the location of the class or JAR file that contains the
Java method. If you do not grant the appropriate permissions in the SPJ policy file, the
invoked SPJ does not behave as desired, or the CALL statement fails to execute.
For example, suppose that you want to invoke an SPJ that consists of an SPJ method
that reads OSS files. If you rely on the default permissions in the SPJ policy file,
mxlangman.policy, the CALL statement that invokes the SPJ fails and returns an
error because reading a file is a restricted operation when Java security is enabled. To
allow the SPJ method to read OSS files while Java security is enabled, add this grant
statement to the SPJ policy file:
grant codeBase "file:/usr/mydir/myJar.jar" {
permission java.io.FilePermission "/usr/ossfiles",
"read,write";
};
In the example, the SPJ method that reads the OSS files is packaged in a JAR file,
myJar.jar, within the /usr/mydir directory. To grant this permission to all the
classes in the /usr/mydir directory, including the JAR file, add this grant statement
to the SPJ policy file:
grant codeBase "file:/usr/mydir/*" {
permission java.io.FilePermission "/usr/ossfiles",
"read,write";
};
For information about policy file syntax and Java security, see the Sun Microsystems
Java documentation.