Struts-based Web application and Java2 Security
 Technote (troubleshooting)
 
Problem(Abstract)
How can we have a Struts-based application that works on IBM® WebSphere® Application Server V5.0 with Java2 Security enabled?
 
Resolving the problem
The WebSphere Application Server 5.0 Administration Console is a Struts-based application that works with Java2 Security enabled. Java 2 security uses several policy files to determine the granted permission for each Java™ program.

The was.policy file is an application-specific policy file for WebSphere Application Server Enterprise applications. It is embedded in the Enterprise archive (EAR) file (META-INF/was.policy). If you want to modify the was.policy file after the application is installed, the file is located in install_root/config/cells/cell_name/applications/ear_file_name/deployments/
application_name
/META-INF/was.policy.

The Java Development Kit provides policytool to edit the was.policy and other policy files. This tool is recommended for editing any policy file to verify the syntax of its contents. Syntax errors in the policy file cause an AccessControlException during application execution, including the server start. Identifying the cause of this exception is not easy because you might not be familiar with the resource that has an access violation. Be careful when you edit these policy files. Type %{was.install.root}/java/jre/bin/policytool from a command prompt to start the policy tool.

Here's an example of a was.policy file to grant all permissions to an application:

grant codeBase f"file:${application}" {
permission java.security.AllPermission;
};

For more information about the was.policy file and other policy files, refer to the WebSphere Application Server Information Center.
 
 
Cross Reference information
Segment Product Component Platform Version Edition
Application Servers Runtimes for Java Technology Java SDK
 
 


Document Information


Product categories: Software > Application Servers > Distributed Application & Web Servers > WebSphere Application Server > Security
Operating system(s): Windows
Software version: 5.0
Software edition:
Reference #: 1083940
IBM Group: Software Group
Modified date: Sep 15, 2004