Manualshelf

SQL/MX Guide to Stored Procedures in Java (G06.24+, H06.03+)

ManualsBrandsHP ManualsServerHP NonStop G-Series
61626364656667686970
Getting Started
HP NonStop SQL/MX Guide to Stored Procedures in Java523727-004
2-28
SPJ Policy File and Required Permissions
For more information about JDBC/MX, see the JDBC Driver for SQL/MX Programmers
Reference.
Permissions for the NonStop SQLJ Product
If you are planning to call SQLJ-based SPJs, you must grant these permissions in the
SPJ policy file for the NonStop SQLJ product file, sqlj.jar, to operate properly:
grant codeBase "file:/usr/tandem/sqlmx/lib/sqlj.jar" {
permission java.security.AllPermission;
};
To call SQLJ-based SPJs, you must also grant permissions for JDBC/MX and for the
SPJ methods. See Permissions for the JDBC/MX Driver on page 2-27 and
Permissions for the SPJ Method on page 2-28.
Permissions for the Java System and Extension Classes
Java system classes, such as Java core API classes, and standard extension
packages are granted permissions by the default, system-wide Java policy file,
java.policy, not the SPJ policy file. The Java core API classes in the NonStop
Server for Java are always granted all permissions. Extension packages in java-
installation-directory/jre/lib/ext are typically granted all permissions.
For information about java.policy, see the Sun Microsystems Java documentation.
Permissions for the SPJ Method
To allow an SPJ method, or any application class on which the SPJ method depends,
to perform a restricted operation when Java security is enabled in the SPJ
environment, you must grant the appropriate permissions to the codebase of that Java
method. The codebase identifies the location of the class or JAR file that contains the
Java method. If you do not grant the appropriate permissions in the SPJ policy file, the
invoked SPJ does not behave as desired, or the CALL statement fails to execute.
For example, suppose that you want to invoke an SPJ that consists of an SPJ method
that reads OSS files. If you rely on the default permissions in the SPJ policy file,
mxlangman.policy, the CALL statement that invokes the SPJ fails and returns an
error because reading a file is a restricted operation when Java security is enabled. To
allow the SPJ method to read OSS files while Java security is enabled, add this grant
statement to the SPJ policy file:
grant codeBase "file:/usr/mydir/myJar.jar" {
permission java.io.FilePermission "/usr/ossfiles",
"read,write";
};
In the example, the SPJ method that reads the OSS files is packaged in a JAR file,
myJar.jar, within the /usr/mydir directory. To grant this permission to all the