File access permission issue after enabling Java 2 Security
 Technote (troubleshooting)
 
Problem(Abstract)
The following error occurs when the "Test Connection" button is pressed in the administrative console, V5.0.1 and greater. This occurs after adding a new JDBC driver and datasource where WebSphere® Application Server security and Java™ 2 security has been enabled:

W SECJ0314W: Current Java 2 Security policy reported a potential violation of Java 2 Security Permission. Please refer to Problem Determination Guide for further information. Permission:
ibm.db2.instance.path : access denied (java.util.PropertyPermission ibm.db2.instance.path read)
Code: COM.ibm.db2.jdbc.app.DB2Driver in {file:/J:/Program Files/SQLLIB/java12/db2java.zip}
Stack Trace:
java.security.AccessControlException: access denied (java.util.PropertyPermission ibm.db2.instance.path read)
java.security.AccessControlContext.checkPermission(AccessControlContext.java(Compiled Code))
java.security.AccessController.checkPermission(AccessController.java(Compiled Code))
java.lang.SecurityManager.checkPermission(SecurityManager.java(Compiled Code))
com.ibm.ws.security.core.SecurityManager.checkPermission(SecurityManager.java(Compiled Code))
java.lang.SecurityManager.checkPropertyAccess(SecurityManager.java:1298)
java.lang.System.getProperty(System.java:601)
 
Cause
This happens because WebSphere Application Server does not have the necessary permissions to access a file.
 
Resolving the problem
The way to resolve this is by using the policytool that comes with websphere, it is not necessary to stop the appserver in order to edit the policy files.
  1. Start policytool:
    1. Open a command prompt
    2. Enter:
      %{was.install.root}/java/jre/bin/policytool
    3. After the PolicyTool window opens, PolicyTool checks for the .java.policy file in your home directory.
    4. If it does not exist, an Error message displays. Click OK.

  2. Select File > Open.

  3. Navigate to the directory tree in the open window to select the policy file that you need to update. After selecting the policy file, click Open.

  4. The following will be displayed:
    install_root/AppServer/config/cells/cell_name/nodes/node_name/app.policy    

    Select
    app.policy

  5. Once the code base entries are listed in the window, select Add Policy Entry

  6. In the CodeBase field enter the path to your db2java.zip in a URL format:

    example: file://SQLLIB/java12/db2java.zip

  7. Click Add Permission

  8. Select AllPermission from the drop down menu and click OK

  9. Click Done

  10. Click File > Save > OK

  11. Stop the node

  12. Stop the Application Server

  13. Start the Application Server
 
 
Cross Reference information
Segment Product Component Platform Version Edition
Application Servers Runtimes for Java Technology Java SDK
 
 


Document Information


Product categories: Software > Application Servers > Distributed Application & Web Servers > WebSphere Application Server > Security
Operating system(s): Windows
Software version: 6.0
Software edition:
Reference #: 1136323
IBM Group: Software Group
Modified date: Sep 16, 2004