AccessControlException with relative path specified for code base in "was.policy" file
 Technote (troubleshooting)
 
Problem(Abstract)
If a relative path is specified in the Code Base of a "was.policy" file for an application, the application will still throw an AccessControlException.

Example: If an ear file has a directory named "lib/myapp" and under that directory is a jar file with application code named "myapp.jar", the following Code Base does not grant any permissions:

file: lib/myapp/myapp.jar

(note: the space between "file:" and "lib.." is included here for document format reasons. The actual path should not have the space)

Using the wild card character in the Code Base to indicate all files under a particular directory will not grant permission's either.

Example: This Code Base doesn't grant any permission's to files in the "lib/myapp" directory:

file: lib/myapp/-

The '-' indicates all files under the directory should be granted the permission's.

(note: the space between "file:" and "lib.." is included here for document format reasons. The actual path should not have the space)
 
Cause
A relative path cannot be used in the Code Base of an applications "was.policy" file.

The following special fields are recognized:

file:${application}
file:${jars}
file:${ejbComponent}
file:${webComponent}
file:${connectorComponent}

Each of the above special fields will grant the permission's to a grouping of files.

Example: file:${application} will grant permission's to any file belonging to that application, no matter where in the directory tree of the application the file exists.

 
Resolving the problem
Permission's can be granted to a file by specifying that file name without any directory information. The following Code Base would grant the permission's to the "myapp.jar" file, no matter where in the ear file directory structure the file exists:

file:myapp.jar

This still won't allow for specifying permission's by directory, but this syntax does allow for granular control so that only the specified files are granted permission's.

 
Related information
Java 2 Security Policy Files in the InfoCenter
 
 
Cross Reference information
Segment Product Component Platform Version Edition
Application Servers Runtimes for Java Technology Java SDK
 
Product Alias/Synonym
WAS
 
 
 


Document Information


Product categories: Software > Application Servers > Distributed Application & Web Servers > WebSphere Application Server > Security
Operating system(s): Windows
Software version: 5.0
Software edition:
Reference #: 1176564
IBM Group: Software Group
Modified date: Aug 16, 2004