Manualshelf

SQL/MX Guide to Stored Procedures in Java (G06.24+, H06.03+)

ManualsBrandsHP ManualsServerHP NonStop G-Series
61626364656667686970
Getting Started
HP NonStop SQL/MX Guide to Stored Procedures in Java523727-004
2-26
Establishing Java Security
Establishing Java Security
Java has built-in security features, such as the Java security manager, that protect
against unauthorized use of or access to the system. With Java security enabled, the
Java security manager protects the SPJ environment by restricting access to system
resources.
By using a policy file, you can configure the Java security manager so that specific
Java classes and methods can perform restricted operations, such as accessing a
directory or network address.
Using UDR_JAVA_OPTIONS to Enable Java Security
By default, Java security is disabled in the SPJ environment of an SQL/MX UDR server
process. To enable Java security in the SPJ environment, use this
UDR_JAVA_OPTIONS attribute value:
For example, set the UDR_JAVA_OPTIONS default attribute in a CONTROL QUERY
DEFAULT statement as:
CONTROL QUERY DEFAULT UDR_JAVA_OPTIONS
'-Djava.security.manager -Djava.security.policy=
/usr/tandem/sqlmx/udr/mxlangman.policy';
For other ways of setting the UDR_JAVA_OPTIONS default attribute, see Controlling
JVM Startup Options on page 2-11.
The UDR_JAVA_OPTIONS setting enables a Java security manager in the SPJ
environment. The Java security manager first loads the default, system-wide Java
policy file, java-installation-directory/jre/lib/security/java.policy,
and then loads the SPJ policy file specified by -Djava.security.policy. Java
security remains enabled for the duration of the SPJ environment until the SQL/MX
UDR server process, which hosts the SPJ environment, ends.
You should specify only one SPJ policy file in a UDR_JAVA_OPTIONS setting.
Otherwise, the last policy file listed takes effect. In this example, the
mypolicy.policy file takes precedence over the mxlangman.policy file:
CONTROL QUERY DEFAULT UDR_JAVA_OPTIONS
'-Djava.security.manager -Djava.security.policy=
/usr/tandem/sqlmx/udr/mxlangman.policy
-Djava.security.policy=/usr/myfiles/mypolicy.policy';
Note. In NonStop SQL/MX Release 1.8, the SQLMX_JAVA_SECURITY environment variable
enabled Java security in the SPJ environment. In NonStop SQL/MX Release 2.x, the
SQLMX_JAVA_SECURITY environment variable is obsolete.
'-Djava.security.manager -Djava.security.policy=
/usr/tandem/sqlmx/udr/mxlangman.policy'