NonStop Servlets for JavaServer Pages (NSJSP) 6.1 System Administrator's Guide
Security Considerations
NonStop Servlets for JavaServer Pages (NSJSP) 6.1 System Administrator’s Guide—596210-006
8-37
Starting NSJSP with the Java Security Manager
Starting NSJSP with the Java Security Manager
After you configure the iTP_catalina.policy file, NSJSP can start with the Java
Security Manager using the command-line arguments java.security.manager
and
java.security.policy==$env(<NSJSP_HOME>)/conf/iTP_catalina.policy
in the servlet.config file.
Example 8-10
shows the configuration to start NSJSP with the Java Security Manager.
// These permissions are granted to the NSJSP balancer web
// application.
grant codeBase "file:${catalina.home}/webapps/balancer/WEB-
INF/lib/catalina-balancer.jar" {
permission java.lang.reflect.ReflectPermission
"suppressAccessChecks";
};
// These permissions are granted by default to all web
// applications. In addition, a web application will be given a
// read FilePermission and JndiPermission for all files and
// directories in its document root.
grant {
...
// NSJSP Specific properties to allow read access
permission java.util.PropertyPermission
"com.tandem.servlet.*","read";
permission
java.util.PropertyPermission"org.apache.commons.logging.*",
"read";
...
};
Example 8-9. Policy File Entry for the NSJSP Container (page 2 of 2)