Manualshelf

NonStop Servlets for JavaServer Pages (5.0) System Administrator's Guide

ManualsBrandsHP ManualsServerHP NonStop G-Series
81828384858687888990
Configuring NSJSP
NonStop Servlets for JavaServer Pages (NSJSP) System Administrator’s Guide525644-002
3-21
Configuring the Security Manager
Path mappings are relative to the context’s URL path. By providing a wildcard (*), any
URL containing the path /myapp1 can always be passed to the startCartRequest
servlet.
Configuring the Security Manager
NSJSP can be started through a security manager. The SecurityManager function
enables a web application to run its own sandbox. The security manager allows you to
restrict trusted functionality to code that requires it.
NSJSP uses its own version of the standard catalina.policy file that is
documented in Tomcat 5.0.28. The security policies implemented by the Java security
manager are configured in the iTP_catalina.policy file located in the
$NSJSP_HOME/conf directory.
The iTP_catalina.policy file replaces any system java.policy file. The
iTP_catalina.policy file contains a default set of security policies to be enforced
(by the JVM) when NSJSP is run with the -Djava.security.manager option (see
servlet.config on page 3-2). You can assign additional permissions to particular web
applications by adding additional grant entries.
Entries in the iTP_catalina.policy file use the standard java.policy file
format, as shown in Example 3-14:
The signedBy and codeBase entries are optional when granting permissions.
Comment lines begin with // and end at the end of the current line. The codeBase is
in the form of a URL, and a file URL can use the ${java.home} and
${catalina.home} properties, which are expanded to the directory paths defined for
them by the JAVA_HOME and CATALINA_HOME environment variables.
Example 3-13. Mapping a URL to the Servlet
<servlet>
<servlet-name>start</servlet-name>
<servlet-class>startCartRequest</servlet-class>
<servlet>
<servlet-mapping>
<servlet-name>start</servlet-name>
<url-pattern>/myapp1/*</url-pattern>
</servlet-mapping>
Example 3-14. Java Policy File Entry
// Example policy file entry
grant [signedBy <signer>,] [codeBase <code source>] {
permission <class> [<name> [, <action list>]];
};