NonStop Servlets for JSP System Administrator's Guide
Configuring NSJSP
NonStop Servlets for JavaServer Pages (NSJSP) System Administrator’s Guide—525644-001
3-17
Starting NSJSP With a Security Manager
The default iTP_catalina.policy file contains all the grant entries in the standard
catalina.policy file plus the following additional entry for the NSJSP container:
Starting NSJSP With a Security Manager
Once you have configured the iTP_catalina.policy file for use with a security
manager, NSJSP can be started with a security manager in place by using the
-Djava.security.manager and
-Djava.security.policy==$env(NSJSP_HOME)/conf/iTP_catalina.policy
options in the servlet.config file (see servlet.config on page 3-2).
Example 3-15 shows how to start NSJSP with a security manager:
By default, the NSJSP container is run without a security manager. You can also set
the following option if you choose not to use the security manager:
-Dnsjsp.security.manager=none
Troubleshooting the Security Manager
You can turn on Java Security Manager debug logging by including
-Djava.security.debug=all in the servlet.config file before starting NSJSP.
You will find the debug output in the log file
iTPWS_INSTALL_DIR/logs/servlet_error.log or
iTPWS_INSTALL_DIR/logs/servlet.log if you are using the single log file option.
Example 3-16 shows how to troubleshoot the NSJSP security manager:
Example 3-14. Policy File Entry for the NSJSP Container
grant codeBase "file:${catalina.home}/bin/nsjsp_bootstrap.jar" {
permission java.security.AllPermission;
};
Example 3-15. Starting NSJSP With a Security Manager
Arglist -Xnoclassgc -Xmx32m -Xss128k -Dbrowserdebug=false \
-Djdbc.drivers=com.tandem.sqlmp.SQLMPDriver \
-Djava.security.manager \
-Djava.security.policy==$env(NSJSP_HOME)/conf/iTP_catalina.policy \
-Djava.endorsed.dirs=$env(NSJSP_ENDORSED_DIRS) \
-Dcatalina.home=$env(NSJSP_HOME) \
-Djava.io.tmpdir=$env(NSJSP_HOME)/temp \
com.tandem.servlet.NSJSPBootstrap -config \
$env(NSJSP_HOME)/conf/iTP_server.xml start