Granting permission to the JDBC driver on the deployment manager

Use this task when using Java 2 security in an ND environment to grant the required permissions to the JDBC driver.

Why and when to perform this task

Depending on the JDBC provider, you might need to manually update the properties\server.policy file on the deployment manager. No update to the server.policy file is needed if you are using one of the following JDBC drivers:

Steps for this task

  1. On the deployment manager, edit the server.policy file, and add the template text for your JDBC driver. Make sure you always use forward slashes (/), and resolve any WebSphere variables in the template.

    Note: Any syntax errors in the server.policy file can cause the deployment manager to fail to start.

    JDBC driver Template
    DB2 Universal JDBC Driver on Windows, Linux, and Unix
      // DB2 Universal JDBC Driver Provider (XA)
      grant codeBase "file:/${DB2UNIVERSAL_JDBC_DRIVER_PATH}/db2jcc.jar" {
        permission java.security.AllPermission;
      };
      grant codeBase "file:/${DB2UNIVERSAL_JDBC_DRIVER_PATH}/db2jcc_license_cu.jar" {
        permission java.security.AllPermission;
      };
      grant codeBase "file:/${DB2UNIVERSAL_JDBC_DRIVER_PATH}/
                              db2jcc_license_cisuz.jar" {
        permission java.security.AllPermission;
      };
    
    DB2 CLI provider
      // DB2 Legacy CLI-based Type 2 JDBC Driver (XA)
      grant codeBase "file:/${DB2_JDBC_DRIVER_PATH}/db2java.zip" {
        permission java.security.AllPermission;
      };
    
    DB2 iSeries native driver
      // DB2 UDB for iSeries (Native XA - V5R2 and later)
      grant codeBase "file:/${OS400_NATIVE_JDBC_DRIVER_PATH}/db2_classes.jar" {
        permission java.security.AllPermission;
      };
    
    DB2 iSeries toolbox driver
      // DB2 UDB for iSeries (Native XA - V5R2 and later)
      grant codeBase "file:/${OS400_TOOLBOX_JDBC_DRIVER_PATH}/jt400.jar" {
        permission java.security.AllPermission;
      };
    
    Informix
      // Informix JDBC Driver (XA)
      grant codeBase "file:/${INFORMIX_JDBC_DRIVER_PATH}/ifxjdbc.jar" {
        permission java.security.AllPermission;
      };
      grant codeBase "file:/${INFORMIX_JDBC_DRIVER_PATH}/ifxjdbcx.jar" {
        permission java.security.AllPermission;
      };
    
    Oracle
      // Oracle JDBC Driver (XA)
      grant codeBase "file:/${ORACLE_JDBC_DRIVER_PATH}/ojdbc14.jar" {
        permission java.security.AllPermission;
      };
    
    Sybase
      // Sybase JDBC Driver (XA)
      grant codeBase "file:/${SYBASE_JDBC_DRIVER_PATH}/jconn2.jar" {
        permission java.security.AllPermission;
      };
    


  2. Restart the deployment manager.

    For example, if DB2 is installed on Windows systems in c:\Program Files\IBM\SQLLIB and the template looks like the following example:

    // DB2 Legacy CLI-based Type 2 JDBC Driver (XA)   
    grant codeBase "file:/${DB2_JDBC_DRIVER_PATH}/db2java.zip" {   
      permission java.security.AllPermission;   
    }; 

    You must add the following code to the server.policy file:

    // DB2 Legacy CLI-based Type 2 JDBC Driver (XA)   
    grant codeBase "file:/c:/Program Files/IBM/SQLLIB/java/db2java.zip" {   
      permission java.security.AllPermission;   
    };

    Note: Even on Windows platforms, you must only use forward slashes ('/') as a separator in the path.

Results

The JDBC driver will work in an ND environment with Java security turned on.



Searchable topic ID:   t2javaSecurityND
Last updated: Jun 21, 2007 8:07:48 PM CDT    WebSphere Business Integration Server Foundation, Version 5.0.2
http://publib.boulder.ibm.com/infocenter/wasinfo/index.jsp?topic=/com.ibm.wasee.doc/info/ee/workflow/tasks/t2javaSecurityND.html

Library | Support | Terms of Use | Feedback