Limitation on Java 2 security application policy on WebSphere Application Servers
The ${application} policy in the Java™ 2 policy security files (for example was.policy) applies only to the EAR project.
Important: Applicable to WebSphere®
Application Server traditional
If you are using publishing to a WebSphere Application Server with Run
server with resources within the workspace enabled, the
policy does not affect the modules that are contained in the EAR,
for example EJB, Web, or connector module. The security policy
of the modules is set by using the individual modules policies, for
example, by using ${ejbComponent}, ${webComponent}, and ${connectorComponent}.